Bug#976905: src:cyrus-imapd: Please consider enabling JMAP support

2020-12-09 Thread Clement Hermann 
Package: src:cyrus-imapd
Severity: wishlist

Hi,

JMAP is a (relatively) new open standard for mailboxes access, more
mobile friendly and faster than IMAP. Think open source gmail api or
MAPI.  It has been developed by people at Fastmail and is now an IETF
standard.  Cyrus imapd has jmap support, please consider enabling it!

See https://www.cyrusimap.org/imap/developer/jmap.html.

Note that it depends on Xapian (but that seems to be in Debian already).

Thanks!

-- 
nodens

Bug#972817: ITP: golang-github-canonical-go-dqlite -- Go bindings for libdqlite

2020-10-24 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-canonical-go-dqlite
  Version : 1.8.0-1
  Upstream Author : Canonical
* URL : https://github.com/canonical/go-dqlite
* License : Apache-2.0
  Programming Lang: Go
  Description : Go bindings for libdqlite

 Go-dqlite provides bindings for the dqlite
 (https://dqlite.io) C library.

This package is a dependency of LXD (#768073) and will be maintained
under the Go pkg team umbrella.  Note: I don't intend to provide the
example program (demo API and client program) as a binary package
initially.  However, feel free to chime in here or file a bug in the
package once it's in Debian if you think it'd be useful!

Bug#962953: ITP: wahay -- Easy-to-use, secure and decentralized conference call

2020-06-16 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: wahay
  Version : 0.0~git20200606.4f8e43a-1
  Upstream Author : Centro de Autonomía Digital (https://autonomia.digital)
* URL : https://wahay.org
* License : GPLv3
  Programming Lang: Go
  Description : Easy-to-use, secure and decentralized conference call
 Wahay is voice call application that allows you to easily host and participate
 in conference calls, without the need for any centralized servers or services.
 It is meant to be as easy-to-use as possible, while still providing extremely
 high security and privacy out of the box.
 .
 In order to do this, it uses Tor (https://torproject.org) Onion Services
 in order to communicate between the end-points, and the Mumble
 (https://www.mumble.info) protocol for the actual voice communication.

Bug#934963: ITP: libio-interactive-tiny-perl -- minimalist utility module for interactive I/O

2019-08-17 Thread Clement Hermann 
Package: wnpp
Owner: Clément Hermann 
Severity: wishlist
X-Debbugs-CC: debian-de...@lists.debian.org, debian-p...@lists.debian.org

* Package name: libio-interactive-tiny-perl
  Version : 0.2
  Upstream Author : Daniel Muey 
* URL : https://metacpan.org/release/IO-Interactive-Tiny
* License : Artistic or GPL-1+
  Programming Lang: Perl
  Description : minimalist utility module for interactive I/O

IO::Interactive::Tiny provides the useful subset of IO::Interactive’s
functionality in the form of only having is_interactive().

It also gains ::Tiny-ness by reducing large deps: it doesn not use version,
Carp, or Scalar::Util

The package will be maintained under the umbrella of the Debian Perl Group.

Note: this module's main purpose in Debian is to avoid using embedding copies of
this module at build time.
--
Generated with the help of dpt-gen-itp(1) from pkg-perl-tools.

Bug#905077: ITP: golang-github-juju-gomaasapi -- Go bindings for talking to MAAS

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-juju-gomaasapi
  Version : 0.0~git20180521.abe1190-1
  Upstream Author : Juju
* URL : https://github.com/juju/gomaasapi
* License : LGPLv3
  Programming Lang: Go
  Description : Go bindings for talking to MAAS.io (Metal as a Service)

 golang-github-juju-gomaasapi serves as a minimal client for communicating with
 the MAAS web API in Go programs.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905075: ITP: golang-github-juju-collections -- Deque and set implementations

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-juju-collections
  Version : 0.0~git20180516.9015200-1
  Upstream Author : Juju
* URL : https://github.com/juju/collections
* License : LGPLv3
  Programming Lang: Go
  Description : Deque and set implementations for Go language

 golang-github-juju-collections implements deques and sets for Go.

This is a dependency of github.com/juju/gomaasapi, needed for lxd 3.0.

It will be maintained under the Go team umbrella.

Bug#905076: ITP: golang-github-nbio-st -- st - Simple Test micro-framework for Go

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-nbio-st
  Version : 0.0~git20140626.e9e8d98-1
  Upstream Author : nb.io
* URL : https://github.com/nbio/st
* License : Apache-2.0
  Programming Lang: Go
  Description : st - Simple Test micro-framework for Go

 st is a tiny test framework for making short, useful assertions in your
 Go tests:
 - Assert(t, have, want) and Refute(t, have, want) abort a test immediately
   with t.Fatal.
 - Expect(t, have, want) and Reject(t, have, want) allow a test to continue,
 reporting failure at the end with t.Error.
 .
 They print nice error messages, preserving the order of have (actual
 result) before want (expected result) to minimize confusion.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905074: ITP: golang-github-canonicalltd-raft-test -- Raft testing helpers

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-raft-test
  Version : 0.0~git20180628.c3345b5-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/raft-test
* License : Apache-2.0
  Programming Lang: Go
  Description : Raft testing helpers

 golang-github-canonicalltd-raft-test provides the rafttest package, which
 contains helpers to test code based on the raft Go package
 (https://github.com/hashicorp/raft) from Hashicorp.


This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905073: ITP: golang-github-frankban-quicktest -- Quick helpers for testing Go applications

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-frankban-quicktest
  Version : 0.9.1-1
  Upstream Author : Francesco Banconi
* URL : https://github.com/frankban/quicktest
* License : Expat
  Programming Lang: Go
  Description : Quick helpers for testing Go applications

  Quicktest helpers are easily integrated inside regular Go tests and provides
  some base checkers like Equals, DeepEquals, Matches, ErrorMatches, IsNil and
  others. More can be added by implementing the Checker interface.

This is an (indirect) dependency of LXD 3 (ITP: #768973) and will be maintained 
under the
Go team umbrella.

Bug#905070: ITP: golang-github-ryanfaerman-fsm -- A simple finite state machine for Golang

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-ryanfaerman-fsm
  Version : 2+git20160110.3dc1bc0-1
  Upstream Author : Ryan Faerman
* URL : https://github.com/ryanfaerman/fsm
* License : Expat
  Programming Lang: Go
  Description : A simple finite state machine for Golang

 FSM provides a lightweight finite state machine for Golang. It runs
 allows any number of transition checks you'd like the it runs them in
 parallel. It's tested and benchmarked too.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905072: ITP: golang-github-juju-persistent-cookiejar -- cookiejar is a fork of net/http/cookiejar that allows serialisation of the stored cookies

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-juju-persistent-cookiejar
  Version : 0.0~git20171026.d5e5a84-1
  Upstream Author : Juju
* URL : https://github.com/juju/persistent-cookiejar
* License : BSD-3-clause
  Programming Lang: Go
  Description : fork of net/http/cookiejar that allows serialisation of the 
stored cookies

 cookiejar implements an in-memory RFC 6265-compliant http.CookieJar.
 .
 This implementation is a fork of net/http/cookiejar which also implements
 methods for dumping the cookies to persistent storage and retrieving them.

Bug#905067: ITP: golang-github-canonicalltd-raft-http -- A raft transport that uses HTTP to initiate connections between nodes

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-raft-http
  Version : 0.0~git20180414.4c2dd67-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/raft-http
* License : Apache-2.0
  Programming Lang: Go
  Description : A raft transport that uses HTTP to initiate connections 
between nodes

 golang-github-canonicalltd-raft-http provides the rafthttp package, which can 
be used to establish a network
 connection between to raft nodes using HTTP. Once the HTTP connection is
 established, the Upgrade header will be used to switch it to raw TCP mode, and
 the regular TCP-based network transport of the raft package
 (https://github.com/hashicorp/raft) can take it from there.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905069: ITP: golang-github-canonicalltd-go-sqlite3 -- fork of mattn's SQLite Go bindings with replication support

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-go-sqlite3
  Version : 1.6.0+git20180507.4b194c2-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/go-sqlite3
* License : Expat
  Programming Lang: Go
  Description : SQLite Go bindings with replication support

 go-sqlite3 provide a sqlite3 driver conforming to the built-in database/sql
 interface. It's a fork of github.com/mattn/go-sqlite3 providing replication 
sup port.
 .
 Note that this is a cgo package. If you want to build your app using
 go-sqlite3, you need gcc.  However, after you have built and
 installed go-sqlite3, you can build your app without relying on
 gcc in future.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905071: ITP: golang-gopkg-juju-names.v2 -- A package to deal with juju names (services, units, machines, etc)

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-gopkg-juju-names.v2
  Version : 0.0~git20180621.fd59336-1
  Upstream Author : Juju
* URL : https://github.com/juju/names
* License : LGPLv3
  Programming Lang: Go
  Description : helpers for handling Juju entity names

  juju/names helps you deal with juju entity names: services, units, machines,
  IP addresses, etc.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905066: ITP: golang-github-canonicalltd-go-grpc-sql --

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-go-grpc-sql
  Version : 0.0~git20180524.72fa851-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/go-grpc-sql
* License : Apache-2.0
  Programming Lang: Go
  Description : Go SQL driver over gRPC

  go-grpc-sql allows you to expose a Go SQL driver.Driver instance over gRPC.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905068: ITP: golang-github-canonicalltd-dqlite -- Distributed SQLite for Go applications

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-dqlite
  Version : 0.0~git20180507.e5bc052-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/dqlite
* License : Apache-2.0
  Programming Lang: Go
  Description : Distributed SQLite for Go applications

 dqlite can be used to replicate a SQLite database across a cluster,
 using the Raft algorithm.
 - No external processes needed: dqlite is just a Go library, you link
   it to your application exactly like you would with SQLite.
 - Full support for transactions
 - No need for statements to be deterministic (e.g. you can use time())

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#905065: ITP: golang-github-canonicalltd-raft-membership -- Extension of the Hashicorp raft package to easily join and leave a cluster

2018-07-30 Thread Clement Hermann 
Package: wnpp
Severity: wishlist
Owner: Clement Hermann 

* Package name: golang-github-canonicalltd-raft-membership
  Version : 0.0~git20180413.3846634-1
  Upstream Author : Canonical Ltd
* URL : https://github.com/CanonicalLtd/raft-membership
* License : Apache-2.0
  Programming Lang: Go
  Description : Extension of the Hashicorp raft package to easily join and 
leave a cluster

 github-canonicalltd-raft-membership provides the raftmembership package, which 
contains an
 extension of the raft Go package (https://github.com/hashicorp/raft) from
 Hashicorp to easily make a node join or leave a cluster.

This is a dependency of LXD 3 (ITP: #768973) and will be maintained under the
Go team umbrella.

Bug#828843: [php-maint] Bug#828843: sessionclean: please add "-xtype f" to find arguments

2016-06-28 Thread Clement Hermann 
Le 28/06/2016 à 17:23, Ondřej Surý a écrit :
> Control: tags -1 +wontfix
>
> Hi Clément,
>
> I don't think this is a good idea, as it will cause find to access each
> physical file

> This would cause some serious performance degradation.
Good catch. Definitely not wanted.

> However the new sessionclean script has 2>/dev/null redirection, so it
> might also solve this kind of messages.

I'd like to test that, where can I find it ? adding 2>dev/null to the
relevant find commands should indeed be enough and I don't forsee any
problem with that,

Maybe we should rename this bug to "sessionclean:  harmless error on
some platforms about missing files in /proc//fd" and remove the
wontfix tag ? And close this bug in the version this sessionclean will
be in ?

Cheers !

-- 
Clément (nodens)

Bug#828843: sessionclean: please add "-xtype f" to find arguments

2016-06-28 Thread Clement Hermann 
tags 828843 + patch

Here is a (trivial) patch against the current git.

My tests show no problem with this config so far (it just prevents find
to take into account links to point to anything that isn't a regular file).

Cheers,

-- 
nodens

Le 28/06/2016 à 14:36, Clément Hermann a écrit :
> Package: php5-common
> Version: 5.6.22+dfsg-1
> Severity: normal
>
> Hi,
>
> in some cases (here: joyent smartos LX zone), there could be broken
> links in /proc//fd. On LX zones, for instance, deleted files still
> show a fd link but no destination (on a proper linux kernel, it would
> say "deleted: ").
>
> This causes (harmless) errors in the session clean script cron job. It's
> easy to fix by adding "-xtype f" to the find command arguments, to
> prevent find to take broken link into account.
>
> Thanks !
>


-- 
Clément (nodens)

diff --git a/debian/sessionclean b/debian/sessionclean
index 059391f..6dadc36 100644
--- a/debian/sessionclean
+++ b/debian/sessionclean
@@ -44,7 +44,7 @@ for sapi in ${SAPIS}; do
 done
 # first find all open session files and touch them (hope it's not massive amount of files)
 for pid in $(pidof $proc_names); do
-find "/proc/$pid/fd" -ignore_readdir_race -lname "$save_path/sess_\*" -exec touch -c {} \;
+find "/proc/$pid/fd" -ignore_readdir_race -xtype f -lname "$save_path/sess_\*" -exec touch -c {} \;
 done
 ) | sort -rn -t: -k2,2 | sort -u -t: -k 1,1 | while IFS=: read -r save_path gc_maxlifetime; do
 # find all files older then maxlifetime and delete them

Bug#804258: Fwd: RE: [E1000-devel] igb / ixgbe : differences between mainline and out-of-tree drivers

2015-11-18 Thread Clement Hermann 
[Cross posting to both RFS and ITP bugs, since it's relevant to both]

Hi,

there weren't any new message on the thread I started on upstream
mailing list for a week, so I guess it's time to relay.

The complete response I received is included below, at the end of the
message.

To summarize:
- RSS, EEE, InterruptThrottleRate and QueuePair can be achieve via ethtool
- LLI parameters won't, but this is considered a rarely used feature,
not supported by recent hardware
- InterruptMode is mainly used for debug, since the driver should select
the best interrupt mode available
- VDMQ, MDD and DMAC aren't supported via ethtool and probably never will.

I personally can manage what I need with ethtool, but I'm willing to
maintain this package anyway since I already use kernel parameters
(easier to use than ethtool, although less dynamic). Also people could
find the parameters not supported by ethtool useful.

Of course I'll understand if it's not acceptable for Debian. Advice and
input welcome. I updated the version on mentor to reflect this in the
description.

Cheers,

nodens

 Message transféré 
Sujet : RE: [E1000-devel] igb / ixgbe : differences between mainline
and out-of-tree drivers
Date :  Tue, 10 Nov 2015 18:26:42 +
De :Tantilov, Emil S <emil.s.tanti...@intel.com>
Pour :  Clement Hermann <nod...@nodens.org>,
e1000-de...@lists.sourceforge.net <e1000-de...@lists.sourceforge.net>



>-Original Message-
>From: Clement Hermann [mailto:nod...@nodens.org]
>Sent: Tuesday, November 10, 2015 3:51 AM
>To: e1000-de...@lists.sourceforge.net
>Subject: [E1000-devel] igb / ixgbe : differences between mainline and out-
>of-tree drivers
>
>Hi,
>
>I'm trying to understand the differences between the out-of-tree and the
>mainline version for igb and ixgbe drivers.
>
>The issue is, I packaged the out-of-tree version for debian, but there
>are concerns from the kernel team for allowing to maintain an
>out-of-tree driver since most features should be in the mainline driver.
>
>(see discussion on
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804258 and
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804283)
>
>AFAICS, the main difference is that the mainline driver doesn't support
>configuration via modules parameter.

Except for rare cases the community is against using module parameters and 
in favor of using generic tools to control the behavior of the Ethernet drivers.

>Some parameters can be controled with ethtool on mainline version:
>
> - EE: ethtool --set-eee
> - RSS: ethtool -X
>
>For some I'm unsure:
>
> - InterruptThrottleRate: ethtool -C ? Not sure if the same is achieved.
>Input welcome.
> - QueuePairs: Seems like it could be done with ethtool -L ?

That's right. 

>Other don't seen to be:
> - IntMode:Change Interrupt Mode

The driver will pick the best available interrupt mode. This parameter is
more useful for debugging than anything else. There are also ways to limit the 
support from the kernel command line, but that is usually not a good idea.

> - Node:set the starting node to allocate memory on

The driver is designed to allocate memory from the nearest NUMA node.
If I remember correctly this parameter was rejected by the community when we 
proposed it. I think this is a leftover in igb, ixgbe does not have this 
parameter.

> - LLIPort:Low Latency Interrupt TCP Port
> - LLIPush:Low Latency Interrupt on TCP Push flag
> - LLISize:Low Latency Interrupt on Packet Size

The LLI parameters are not generic and are no longer supported in newer HW.
There is no ethtool alternative, but we haven't seen much use of them either.

> - VMDQ:Number of Virtual Machine Device Queues
> - MDD:Malicious Driver Detection
> - DMAC: Disable or set latency for DMA Coalescing
>
>Will these functions be available via ethtool in the mainline driver
>someday ?

We always try to determine if a certain parameter can be exposed via method 
other
than a module parameter, but not all of the functionality has an equivalent 
option
in ethtool. Also some parameters are introduced as a way to test new 
functionality.

Thanks,
Emil







signature.asc
Description: OpenPGP digital signature

Bug#804283: RFS: igb/5.3.3.2-1 [ITP] -- out of tree Intel Gigabit Ethernet driver.

2015-11-10 Thread Clement Hermann 
Le 08/11/2015 03:56, Paul Wise a écrit :
> On Sat, 2015-11-07 at 08:12 +0100, Vincent Bernat wrote:
>
>> Intel also maintains the drivers for their wired cards in
>> mainline. However, for some reason (unknown for me), they have always
>> restricted the features of those drivers.
> Has anyone suggested to Intel that they should upstream those features?
>
I didn't find anything definitive in the dev list archive, so I just
asked for clarification.

Let's see how it goes.

-- 
Clément (nodens)



signature.asc
Description: OpenPGP digital signature

Bug#804258: ITP: igb -- dkms source for the igb network driver

2015-11-07 Thread Clement Hermann 
Le 07/11/2015 10:26, Ben Hutchings a écrit :
> On Sat, 2015-11-07 at 09:52 +0100, Clement Hermann wrote:
>> Le 07/11/2015 02:20, Ben Hutchings a écrit :
>>> On Fri, 2015-11-06 at 18:35 +0100, Clément Hermann wrote:
>>>>  igb is the Linux device driver released for Intel 82575/6, 82580, I350, 
>>>> and
>>>>  I210/211-based network interfaces. 
>>>>  .
>>>>  This driver uses the same base as the igb module included in the Linux 
>>>> kernel,
>>>>  with added features such as advanced multiqueue control (RSS), interrupts
>>>>  throttle management, Large Receive Offload (LRO) and Low Latency 
>>>> Interrupts
>>>>  (LLI).
>>>>  .
>>>>  Only use this driver if you need these specific features.
>>> [...]
>>>
>>> This description is inaccurate; two of the four features mentioned
>>> actually are included in the in-tree driver.  And I don't think there'a
>>> anything stopping Intel's maintainers from adding the remaining
>>> features to the in-tree driver.
>>>
>>> The justification for adding an alternate version of the driver seems
>>> quite weak.
>>>
>> You're right, this is poorly worded.
>>
>> Most features are actually in mainline, you're right, but there is often
>> no way to control them: only default values are usable.
>>
>> For instance, RSS: in mainline, you don't have the option to choose
>> (reduce) the number of queues in order avoid using both thread of a
>> HT-enabled CPU core, or keeping some cpu free of network interrupts. You
>> can free a CPU using affinity, but you'll end up with several queues on
>> another. As stated in my description, this is not intended to replace
>> the mainline kernel which should work fine for most uses.
> You can use ethtool -X to do this.
I didn't know that. Thanks.

> [...]
>>  - InterruptThrottleRate:Maximum interrupts per second, per vector
> ethtool -C ?
>

I didn't compare results by using both alternatively. I think the same
result could be achieved with this, but the way the driver does it with
parameters worked better for me : there are many parameters for ethtool
-C and it's difficult to find the correct one as the documentation is a
bit sparse. There are less parameters in the driver, just dynamic
(adaptive in ethtool ?) and max value per queue (100-10).
>>  - IntMode:Change Interrupt Mode
>>  - Node:set the starting node to allocate memory on
>>  - LLIPort:Low Latency Interrupt TCP Port
>>  - LLIPush:Low Latency Interrupt on TCP Push flag
>>  - LLISize:Low Latency Interrupt on Packet Size
>>  - RSS:Number of Receive-Side Scaling Descriptor Queues
>>  - VMDQ:Number of Virtual Machine Device Queues
>>  - MDD:Malicious Driver Detection
>>  - QueuePairs:Enable Tx/Rx queue pairs for interrupt handling
>>  - EEE:Enable/disable on parts that support the feature
> ethtool --set-eee


>
>>  - DMAC:Disable or set latency for DMA Coalescing
> I've told them this should be done through ethtool but they never sent
> patches for this.
>
>>  - LRO:Large Receive Offload
> Usually oesn't offer much advantage over GRO, and it doesn't work with
>  bridging.

Right, also no support for IPv6 and UDP. I didn't actually enabled it
(it's a compile time option), so I guess it's out of the description.

Still, VMDQ and LLI are useful and not provided the mainline driver or
with ethtool at all AFAICS.

How about listing in the description the features that cannot be changed
by ethtool ? or specifiying the ethtool equivalent for each parameter
when it exists ?


-- 
Clément (nodens)




signature.asc
Description: OpenPGP digital signature

Bug#804258: ITP: igb -- dkms source for the igb network driver

2015-11-07 Thread Clement Hermann 
Le 07/11/2015 02:20, Ben Hutchings a écrit :
> On Fri, 2015-11-06 at 18:35 +0100, Clément Hermann wrote:
>>
>>  igb is the Linux device driver released for Intel 82575/6, 82580, I350, and
>>  I210/211-based network interfaces. 
>>  .
>>  This driver uses the same base as the igb module included in the Linux 
>> kernel,
>>  with added features such as advanced multiqueue control (RSS), interrupts
>>  throttle management, Large Receive Offload (LRO) and Low Latency Interrupts
>>  (LLI).
>>  .
>>  Only use this driver if you need these specific features.
> [...]
>
> This description is inaccurate; two of the four features mentioned
> actually are included in the in-tree driver.  And I don't think there'a
> anything stopping Intel's maintainers from adding the remaining
> features to the in-tree driver.
>
> The justification for adding an alternate version of the driver seems
> quite weak.
>
You're right, this is poorly worded.

Most features are actually in mainline, you're right, but there is often
no way to control them: only default values are usable.

For instance, RSS: in mainline, you don't have the option to choose
(reduce) the number of queues in order avoid using both thread of a
HT-enabled CPU core, or keeping some cpu free of network interrupts. You
can free a CPU using affinity, but you'll end up with several queues on
another. As stated in my description, this is not intended to replace
the mainline kernel which should work fine for most uses.

I use this for performance tuning on heavily solicited network devices
such as gateways or load balancers, I hear it is useful on
virtualization servers as well (VDMQ).

Here is the parameter list for the out of tree driver:
parm:   InterruptThrottleRate:Maximum interrupts per second, per
vector, (max 10), default 3=adaptive (array of int)
parm:   IntMode:Change Interrupt Mode (0=Legacy, 1=MSI,
2=MSI-X), default 2 (array of int)
parm:   Node:set the starting node to allocate memory on,
default -1 (array of int)
parm:   LLIPort:Low Latency Interrupt TCP Port (0-65535),
default 0=off (array of int)
parm:   LLIPush:Low Latency Interrupt on TCP Push flag (0,1),
default 0=off (array of int)
parm:   LLISize:Low Latency Interrupt on Packet Size (0-1500),
default 0=off (array of int)
parm:   RSS:Number of Receive-Side Scaling Descriptor Queues
(0-8), default 1, 0=number of cpus (array of int)
parm:   VMDQ:Number of Virtual Machine Device Queues: 0-1 =
disable, 2-8 enable, default 0 (array of int)
parm:   max_vfs:Number of Virtual Functions: 0 = disable, 1-7
enable, default 0 (array of int)
parm:   MDD:Malicious Driver Detection (0/1), default 1 =
enabled. Only available when max_vfs is greater than 0 (array of int)
parm:   QueuePairs:Enable Tx/Rx queue pairs for interrupt
handling (0,1), default 1=on (array of int)
parm:   EEE:Enable/disable on parts that support the feature
(array of int)
parm:   DMAC:Disable or set latency for DMA Coalescing ((0=off,
1000-1(msec), 250, 500 (usec)) (array of int)
parm:   LRO:Large Receive Offload (0,1), default 0=off (array of
int)
parm:   debug:Debug level (0=none, ..., 16=all) (int)

and for the mainline :
parm:   max_vfs:Maximum number of virtual functions to allocate
per physical function (uint)
parm:   debug:Debug level (0=none,...,16=all) (int)


It's been this way for years and Intel doesn't seem to want to change
that. From what I could gather speaking to intel people, the idea seems
to be "sane defaults in kernel, full control out of tree". I didn't find
any official stance about this, though.

So here is an updated description:

 igb is the Linux device driver released for Intel 82575/6, 82580, I350, and
 I210/211-based network interfaces. 
 .
 This driver uses the same code base as the igb module included in the Linux 
kernel,
 and allows control over advanced features via modules parameters :
 - InterruptThrottleRate:Maximum interrupts per second, per vector
 - IntMode:Change Interrupt Mode
 - Node:set the starting node to allocate memory on
 - LLIPort:Low Latency Interrupt TCP Port
 - LLIPush:Low Latency Interrupt on TCP Push flag
 - LLISize:Low Latency Interrupt on Packet Size
 - RSS:Number of Receive-Side Scaling Descriptor Queues
 - VMDQ:Number of Virtual Machine Device Queues
 - MDD:Malicious Driver Detection
 - QueuePairs:Enable Tx/Rx queue pairs for interrupt handling
 - EEE:Enable/disable on parts that support the feature
 - DMAC:Disable or set latency for DMA Coalescing
 - LRO:Large Receive Offload
 .
 Only use this driver if you need fine control over these specific features, 
otherwise, 
 you should stick to the driver included in mainline kernel.

Including the full list of parameter was actually my first move, but I thought 
it would maybe be too long.
Seeing your reaction, though, I understand it needs clarification.

Cheers,

-- 
Clément (nodens)

Bug#804283: RFS: igb/5.3.3.2-1 [ITP] -- out of tree Intel Gigabit Ethernet driver.

2015-11-06 Thread Clement Hermann 
Package: sponsorship-requests
Severity: wishlist

Hi mentors,

I am looking for a sponsor for my package igb.


* Package name: igb
  Version : 5.3.3.2-1
  Upstream Author : Intel Corporation
* URL : http://sourceforge.net/projects/e1000/
* License : GPL-2
  Programming Lang: C
  Description : dkms source for the igb network driver
  It builds this binary package: 

  igb-dkms   - dkms source for the igb network driver

The package is on m.d.n : http://mentors.debian.net/package/igb

Alternatively, one can download the package with dget using this command:

  dget -x http://mentors.debian.net/debian/pool/main/i/igb/igb_5.3.3.2-1.dsc

More information about igb can be obtained from 
http://sourceforge.net/projects/e1000/ or 
https://downloadcenter.intel.com/download/13663/Network-Adapter-Driver-for-82575-6-82580-I350-and-I210-211-Based-Gigabit-Network-Connections-for-Linux-

You can also check the ITP: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804258


The package is needed because the in-tree driver doesn't have advanced features 
such as interrupt throttle,
multiqueue or Large Receive Offload.

As far as I can see, there is no firmware  blob loading that should prevent 
including it in main, but if 
I'm proven wrong I'd settle for a non-free upload.

Note that I already have a sponsor for my other packaging work (as a member of 
the perl pkg team), 
but this particular package obviously doesn't belong to this team, hence this 
RFS.

Also, I use git-buildpackage for the packaging work. For now, the Debian 
packaging is hosted on github 
(see Vcs-* URL in the package). I'd like to move it to anonvcs.debian.org, but 
I'd need my sponsor to create 
the repository in collab-maint. Even if you don't want to sponsor the package, 
I'd be glad if you could create
this repo.


Cheers,

-- 
Clément (nodens)




signature.asc
Description: OpenPGP digital signature

Bug#751955: initramfs-tools: Warning: error while trying to store keymap file - ignoring request to install /etc/boottime.kmap.gz

2015-09-18 Thread Clement Hermann 
Hi,

Just had this on a recent Jessie install.

The culprit seems to be the absence of XKBMODEL in /etc/default/keyboard.

running  dpkg-reconfigure keyboard-configuration (or adding the correct
value in /etc/default/keyboard) fixed it.

Not sure why this wasn't setup by default even though the other
variables where, though.

Cheers,

-- 
Clément (nodens)

Bug#756404: #756404 - ITP: openpgp-applet -- GNOME applet for OpenPGP text encryption

2015-08-16 Thread Clement Hermann 
Hi,

it's been a while, but things are finally moving !

Here is an updated description :
* Package name: openpgp-applet
  Version : 0.9
  Upstream Author : Tails developers ta...@boum.org
* URL : https://openpgp-applet.alioth.debian.org/
* License : (GPL/Artistic, CC0-1.0)
  Programming Lang: (Perl)
  Description : GNOME applet for OpenPGP text encryption
 OpenPGP Applet allows encryption and decryption of the clipboard's content
 with a symmetric cipher using a passphrase. This is a graphical
frontend on top of GnuPG.
 .
 Asymmetric decryption and clipboard verification are also supported.
 .
 Note: OpenPGP Applet does not handle passphrase input. Since it also
does not offer terminal interaction unless explicitly run from there, it
relies in practice on GnuPG agent to be running and configured to use a
passphrase entry dialog, such as pinentry-gnome3.

This package will be maintained under the umbrella of the Debian Perl
Group, which I just joined.

The package is basically ready for upload, and is available on the DPG
git : https://anonscm.debian.org/cgit/pkg-perl/packages/openpgp-applet.git/

Cheers !

-- 
Clément (nodens)

Bug#755236: /usr/sbin/NetworkManager: Huawei 3G initial state is locked in modemmaNager 1.2.0.,networkmanager 0.9.10 fails to enable it

2014-12-17 Thread Clement Hermann 
Hi,

I encounter the same issue. What work as well is to set up a new
connexion. Then somehow the modem is unlocked, and it will work. However
the new connexion won't be usable on next usb modem insertion because of
the pin/lock issue. So now I have a log of unusable connexions each time
I insert the card.

The pin is asked from the user, the device is unlocked (usable with
gsmctl), but network-manager won't connect.

It is possible to work around this by disabling the PIN code on the sim
card, for instance with gsmctl, or a serial console with AT commands.

Cheers,

-- 
Clément (nodens)

Bug#766322: circular dependencies causes dpkg --configure -a to go into a tight loop

2014-10-22 Thread Clement Hermann 
severity 766322 serious
merge 766322 766242
thanks

Hi,

This seems to be the same than #766242. Adjusting severity and merging.

Cheers,

-- 
Clément (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#760281: [Pkg-xfce-devel] Bug#760281: xfce4: cannot mount usb drive: Not authorized to perform operation

2014-09-06 Thread Clement Hermann 
Hi,

On Fri, 5 Sep 2014 16:30:49 -0700 Steve Langasek vor...@debian.org wrote:

 I'm not sure, but note that I've just uploaded systemd-shim 7-3 with a
 cherry-picked patch from upstream to fix a race condition, that would
allow
 systemd-shim to respond to a request before processes had actually
been put
 in the cgroup. This problem was diagnosed with lightdm on Ubuntu
Phone, but
 it's quite possible that the same problem is affected xfce.

 Could someone please test whether systemd-shim fixes this problem for
them?
 If it does, great! If not, I'll schedule some time to dig into this bug
 further.

I doesn't seem to fix the issue, at least for me :

- gdm3 doesn't list the users, as gnome-session fails to get the
session-id somehow. greeter.log :
gnome-session[12023]: WARNING: Could not get session id for session.
Check that logind is properly installed and pam_systemd is getting used
at login.

auth.log (debug=yes for pam_systemd.so) :
Sep  6 15:37:44 shadowfax gdm-launch-environment][11829]:
pam_unix(gdm-launch-environment:session): session opened for user
Debian-gdm by (uid=0)
Sep  6 15:37:44 shadowfax gdm-launch-environment][11829]:
pam_systemd(gdm-launch-environment:session): Asking logind to create
session: uid=1000 pid=11829 service=gdm-launch-environment type=x11
class=greeter seat=seat0 vtnr=7 tty= display=:0 remote=no remote_user=
remote_host=
Sep  6 15:37:44 shadowfax gdm-launch-environment][11829]:
pam_systemd(gdm-launch-environment:session): Failed to parse message:
Argument 4 is specified to be of type string, but is actually of type
uint32
Sep  6 15:37:44 shadowfax gdm-launch-environment][11829]:
pam_ck_connector(gdm-launch-environment:session): nox11 mode, ignoring
PAM_TTY :0
Sep  6 15:37:45 shadowfax dbus[2250]: [system] Rejected send message, 2
matched rules; type=method_call, sender=:1.159 (uid=117 pid=11871
comm=gnome-shell --mode=gdm )
interface=org.freedesktop.DBus.Properties member=GetAll error
name=(unset) requested_reply=0 destination=:1.53 (uid=0 pid=3339
comm=/usr/sbin/console-kit-daemon --no-daemon )
Sep  6 15:37:45 shadowfax dbus[2250]: [system] Rejected send message, 2
matched rules; type=method_call, sender=:1.159 (uid=117 pid=11871
comm=gnome-shell --mode=gdm )
interface=org.freedesktop.DBus.ObjectManager
member=GetManagedObjects error name=(unset) requested_reply=0
destination=:1.1 (uid=0 pid=2451 comm=/usr/sbin/bluetoothd )


- I can login with lightdm, but there is no suspend button, and
network-manager applet doesn't work (connections are shown, but there is
no way to act on them)

In both case, loginctl list-session and show-session seem normal.

Hope that helps.

-- 
Clément Hermann (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#757348: systemd: with SysV init, can no longer suspend and shutdown from lightdm

2014-08-07 Thread Clement Hermann 
I suspect the same issue causes the following problems in gnome-shell :

- can't see the network connections (network-manager restart does make
them apear, but I cant act on them from GNOME)
- Can't suspend / restore / lock session


Also GDM fails to find the session ID and doesn't work at all :

gnome-session[6374]: WARNING: Could not get session id for session.
Check that l
ogind is properly installed and pam_systemd is getting used at login.

lightdm works but with the above gnome-shell issues.

Cheers,

-- 
Clément (nodens)

Bug#756404: ITP: openpgp-applet -- GNOME applet for OpenPGP text encryption

2014-07-30 Thread Clement Hermann 
Hi,

Package available on mentors :
http://mentors.debian.net/package/openpgp-applet

you can use dget
http://mentors.debian.net/debian/pool/main/o/openpgp-applet/openpgp-applet_0.8-2.dsc

to check the source.


Cheers,

-- 
Clément Hermann (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#756404: ITP: openpgp-applet -- GNOME applet for OpenPGP text encryption

2014-07-29 Thread Clement Hermann 
Package: wnpp
Owner: Clément Hermann (nodens) nod...@nodens.org
Severity: wishlist

Package: wnpp
Severity: wishlist
Owner: Clément Hermann (nodens) nod...@nodens.org

* Package name: openpgp-applet
  Version : 0.8
  Upstream Author : Tails developers ta...@boum.org
* URL :
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/
* License : (GPL/Artistic)
  Programming Lang: (Perl)
  Description : GNOME applet for OpenPGP text encryption

 OpenPGP_Applet allows encrypting and decrypting the content of the
 clipboard with a symmetric cipher using a passphrase. This is
 a graphical frontend on top of GnuPG.
 .
 Asymmetric decryption and clipboard verification are also supported.
 .
 Note : OpenPGP_Applet does not handle passphrase input. Since it also
does not
 offer terminal interaction unless explicitly run from there, it relies
 in practice on some kind of GnuPG agent such as pinentry, Seahorse 2.x
 or GNOME keyring 3.x to manage passphrase input.


OpenPGP_Applet is formerly part of Tails, the amnesic incognito live system,
and is now available as a standalone project for everyone to use :
 I'm packaging it upstream, and I'll be looking for a sponsor to
include it in debian (https://labs.riseup.net/code/issues/6507).

Cheers !

-- 
Clément Hermann (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#734983: seahorse-nautilus: Please package seahorse-nautilus 3.10.1+

2014-07-25 Thread Clement Hermann 
[Resent with compressed debdiff as the first mail didn't seem to make
it  to the BTS]

Hi,

I just packaged the last upstream version.

There is nothing special to it as far as I can see, please find a
debdiff attached.

Note : I also removed the quilt working directory (.pc) that was left in
the source package.

Cheers,

-- 
Clément Hermann (nodens)



seahorse-nautilus_newupstream.debdiff.gz
Description: application/gzip

Bug#734984: libcryptui0: Please package libcryptui 3.10.0+

2014-07-24 Thread Clement Hermann 
fixed 734984 3.12.2-1
thanks

Hi,

3.12 is now in testing (but this bug wasn't closed in the changelog). So
tagging it as fixed.

Cheers,

-- 
Clément (nodens)

Bug#734984: libcryptui0: Please package libcryptui 3.10.0+

2014-07-24 Thread Clement Hermann 
(forgot to use the -done address)
Hi,

3.12 is now in testing (but this bug wasn't closed in the changelog). So
tagging it as fixed.

Cheers,

-- 
Clément (nodens)

Bug#743491: Ask backports packaging

2014-06-16 Thread Clement Hermann 
Hi,

Keepalived is in wheezy-backports now.

Also, please use debian-backpo...@lists.debian.org [1] to request for
backports (or if you find a bug in the backport), not the Debian BTS.

Cheers,

[1] https://lists.debian.org/debian-backports/
 
-- 
Clément Hermann (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#688164: The patch to support libnl 3 is incomplete

2014-05-01 Thread Clement Hermann 
Hi all,

Le 01/05/2014 00:30, Michael Biebl a écrit :

 Shipping keepalived in such a broken state (for jessie) is probably not
 a good idea.  I took the liberty to bump the severity so this issue is
 not forgotten.

 Andreas, if you could have another look and upload the updated patch
 provided by Pim this would be great.


FYI, the upstream versions 1.2.10 and 1.2.12 seem to address the libnl-3
issues :


Release 1.2.11

* ipvs: make nlerr2syserr libnl dependent. nlerr2syserr()
  is only used when libnl is present... simply reflect this in
  libipvs.
* Fix libnl/libnl-3 logic in configure script.
  This patch causes the configure script to prefer libnl-3 over
  libnl(1). The configure script will first check for libnl-3 and
  libnl-genl-3. If both are found, use them. If not, check for
  libnl(1). This is useful when building on systems that have both
  libnl-3 and libnl(1) installed. It also fixes some redundant
  libraries in LIBS.
* libipvs: libnl-3 include fix.

Release 1.2.10
* Pim van den Berg extended libipvs adding nlerr2syserr function
  to translate libnl 3 errors to sys errors. In libnl 3 the return
  codes have changed. nlerr2syserr translates the libnl 3 errors to
  sys errors.
* ipvs: if libnl-3 is installed then check for libnl-gen-3. It is
  mandatory to use generic netlink facilities in new libipvs. This
  test is just here to ensure every needed libs are installed !


see http://keepalived.org/changelog.html

Cheers,

-- 
Clément Hermann (nodens)


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2014-04-04 Thread Clement Hermann (nodens) 
On 08/10/2013 19:13, Kurt Roeckx wrote:

 Yes, disabling TLS 1.2 seems to fix your issue, but I really have
 no idea why.  I also don't think this is a good idea.

 You say that the other side is using OpenSSL 1.0.1, but it looks
 like a really weird version to me.  It doesn't seem to support
 TLS 1.2 but does 1.1 while there never was a version released
 that only didn't do 1.2 but did 1.1.

 It seems to be a snapshot from cvs/git since it says 1.0.1-stable
 05 Jun 2011 and doesn't actually have any real version in it.
 Looking at the release history and git repository, it seems to be
 in the middle of a development cycle.  Please note that 1.0.1 was
 released on 19 Apr 2012.

 So I suggest you upgrade it to a released version like 1.0.1e or
 the current 1.0.1-stable version.
The server admin fixed the issue by importing this commit in the 1.0.1c
NetBSD version :
http://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff;f=ssl/s3_pkt.c;h=dca345865a10a5fae10741e009676731181fc60d;hp=2d569cc1cedc5aa2bb0d0e7f876a22468e77950e;hb=c3b130338760a7e52656fd217d1d4c846e85cdff;hpb=5762f7778da56b9502534fd236007b9a1b0244d9

I think the issue is in the client as well, but fixing it on the server
side is enough for it to work.

Cheers,


-- 
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#725854: ITA: mongodb -- object/document-oriented database (metapackage)

2013-10-14 Thread Clement Hermann 
On 14/10/2013 09:04, László Böszörményi (GCS) wrote:
 On Thu, Oct 10, 2013 at 9:56 PM, Clement Hermann nod...@nodens.org wrote:
 As I need this for my job, I'm willing to help, if needed that is.
  Sure, I'm open for suggestions and other help as well.

 Also, I willing to maintain a wheezy backport, see
 http://mentors.debian.net/package/mongodb if you like, as it'd probably
 be best if the maintainer of the regular package sponsored it.
  I think it would be good to do it together. At least I don't know how
 experienced are you with Debian packaging. For QA reasons, I'd like to
 know why changes are made, if any.
Perfect ! I'm not that experienced in debian packaging (used to maintain
tsclient, but that was some time ago, and it was abandoned upstream) and
I find it better when the official packager keeps a look on backported
packages.

 For the time being, I've an updated package[1]. May you look into it
 if it builds on Wheezy? Any feedback is appreciated.


I just gave it a try on my build system.

For it to build, I had to :
- remove 0007-Use-TIME_UTC_-macro.patch wich prevents build with
libboost =1.50.
- remove the --use-system-v8 parameter : wheezy's libv8 is too old, the
included one (3.12) must be used instead.

It builds and install fine with these two changes.

cheers,

-- 
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




signature.asc
Description: OpenPGP digital signature

Bug#725854: ITA: mongodb -- object/document-oriented database (metapackage)

2013-10-14 Thread Clement Hermann 
On 14/10/2013 10:00, Jérémy Lal wrote:


 I have moved the old mongo-debian github repository to
 a collab-maint one with a standard gbp layout:

 http://anonscm.debian.org/gitweb/?p=collab-maint/mongodb.git

 László, could you do a git-import-orig there and replay your
 changes on master branch ?
 Clement, do you have write access to collab-maint repositories ?
Nope. Whom should I ask  ?


-- 
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




signature.asc
Description: OpenPGP digital signature

Bug#725854: ITA: mongodb -- object/document-oriented database (metapackage)

2013-10-10 Thread Clement Hermann 
Hi,

As I need this for my job, I'm willing to help, if needed that is.

Also, I willing to maintain a wheezy backport, see
http://mentors.debian.net/package/mongodb if you like, as it'd probably
be best if the maintainer of the regular package sponsored it.

Cheers,

-- 
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




signature.asc
Description: OpenPGP digital signature

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2013-10-08 Thread Clement Hermann (nodens) 
Hello Kurt,

Is there any news on this issue ? I have reports of the same problem
from other debian users, and only debian users.

After upgrade of the remote (netbsd) box, the problem still occurs.
The issue is also still present in current sid version.

We need to apply the ubuntu patch to connect (attached), wich seem to
disable TLS_1.2 client altogether. I think this is enough, the second
part of the patch may not be needed.

Is there any way I can help fix this ?

Cheers,

-- 
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Description: Work around TLS 1.2 failures for some broken servers that
 hang if a client hello record length exceeds 255 bytes.
 .
1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate
   the number of ciphers sent in the client hello.
2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support
   entirely.
 
 Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid
 improper truncation of client hello cipher lists. This change has been
 forwarded upstream in rt #2881.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/965371
Bug-Debian: http://bugs.debian.org/665452
Bug: http://rt.openssl.org/Ticket/Display.html?id=2771
Bug: http://rt.openssl.org/Ticket/Display.html?id=2881
Forwarded: not-needed
Last-Update: 2012-10-04

Index: openssl-1.0.1c/Configure
===
--- openssl-1.0.1c.orig/Configure	2012-10-03 23:59:05.235548667 -0700
+++ openssl-1.0.1c/Configure	2012-10-04 10:34:23.076454592 -0700
@@ -106,7 +106,7 @@
 my $gcc_devteam_warn = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED;
 
 # There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
-my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . -Wa,--noexecstack -Wall;
+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50;
 $debian_cflags =~ s/\n/ /g;
 
 my $strict_warnings = 0;
Index: openssl-1.0.1c/ssl/s23_clnt.c
===
--- openssl-1.0.1c.orig/ssl/s23_clnt.c	2012-10-03 23:46:22.967530550 -0700
+++ openssl-1.0.1c/ssl/s23_clnt.c	2012-10-04 10:33:13.820452946 -0700
@@ -491,7 +491,7 @@
 			 * as hack workaround chop number of supported ciphers
 			 * to keep it well below this if we use TLS v1.2
 			 */
-			if (TLS1_get_version(s) = TLS1_2_VERSION
+			if (TLS1_get_client_version(s) = TLS1_2_VERSION
  i  OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH  ~1;
 #endif

Bug#725825: mongodb-server: No safe upgrade path from Wheezy to Jessie when using sharded cluster

2013-10-08 Thread Clement Hermann (nodens) 
Package: mongodb-server
Version: 1:2.4.5-1
Severity: normal

Hi,

Just FYI (but maybe you are already aware of that), there is no safe
upgrade path from 2.0 to 2.4 on a sharded cluster. When the Mongos are
upgraded, they will fail to upgrade config servers metadata, as they
assume the metadata is 2.2 format.  According to upstream, the upgrade
path from 2.0 to 2.4 when using a sharded cluster is to upgrade to 2.2
first : http://docs.mongodb.org/manual/release-notes/2.4-upgrade/

The problem is, not only is it not supported, but the metadata will get
corrupt.

I'm not sure what the best way to deal with it would be. At the very
least, the users should be warned. If a sharded cluster is detected,
upgrade should be interrupted to prevent data loss. Unattended upgrade
in a cluster is out of the question, but maybe we can provide a safe way
to do it (I'm not yet sure of what mongos --upgrade does), via script or
otherwise.

Cheers,


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages mongodb-server depends on:
ii  adduser 3.113+nmu3
ii  libboost-filesystem1.49.0   1.49.0-4+b1
ii  libboost-program-options1.49.0  1.49.0-4+b1
ii  libboost-system1.49.0   1.49.0-4+b1
ii  libboost-thread1.49.0   1.49.0-4+b1
ii  libc6   2.17-92+b1
ii  libgcc1 1:4.8.1-10
ii  libgoogle-perftools42.1-1
ii  libpcre31:8.31-2
ii  libpcrecpp0 1:8.31-2
ii  libsnappy1  1.1.0-1
ii  libstdc++6  4.8.1-10
ii  mongodb-clients 1:2.4.5-1

mongodb-server recommends no packages.

mongodb-server suggests no packages.

-- no debconf information
-- 
Clément Hermann (nodens)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: irssi: Can't connect to SSL-enabled server after upgrading libssl

2013-01-11 Thread Clement Hermann (nodens) 

Hi,

With some more test and some help from a friend, we made some progress.

It *does* work when adding -no_tls1_1 option to openssl s_client.

It works if the server allows renegociation : I can connect to freenode.

It seems to be #665452 again, or a variant.

Anyway, that explains why it works in ubuntu. The patch 
tls12_workarounds.patch (attached) works around it (but I'm not 
qualified to tell whether this is an acceptable solution or not).


The patch headers give some more information, I'll copy it here for 
readability of the report :


-patch header-
Description: Work around TLS 1.2 failures for some broken servers that
 hang if a client hello record length exceeds 255 bytes.
 .
1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate
   the number of ciphers sent in the client hello.
2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support
   entirely.
 
 Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid

 improper truncation of client hello cipher lists. This change has been
 forwarded upstream in rt #2881.
Bug-Ubuntu:https://bugs.launchpad.net/bugs/965371
Bug-Debian:http://bugs.debian.org/665452
Bug:http://rt.openssl.org/Ticket/Display.html?id=2771
Bug:http://rt.openssl.org/Ticket/Display.html?id=2881
Forwarded: not-needed
Last-Update: 2012-10-04

-End of patch header-


Cheers.

- -- 
Clement Hermann (nodens)

- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
Description: Work around TLS 1.2 failures for some broken servers that
 hang if a client hello record length exceeds 255 bytes.
 .
1. Set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50. This will truncate
   the number of ciphers sent in the client hello.
2. Set OPENSSL_NO_TLS1_2_CLIENT to disable TLS 1.2 client support
   entirely.
 
 Also, check TLS_get_client_version() rather than TLS1_get_versions() to avoid
 improper truncation of client hello cipher lists. This change has been
 forwarded upstream in rt #2881.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/965371
Bug-Debian: http://bugs.debian.org/665452
Bug: http://rt.openssl.org/Ticket/Display.html?id=2771
Bug: http://rt.openssl.org/Ticket/Display.html?id=2881
Forwarded: not-needed
Last-Update: 2012-10-04

Index: openssl-1.0.1c/Configure
===
--- openssl-1.0.1c.orig/Configure	2012-10-03 23:59:05.235548667 -0700
+++ openssl-1.0.1c/Configure	2012-10-04 10:34:23.076454592 -0700
@@ -106,7 +106,7 @@
 my $gcc_devteam_warn = -Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED;
 
 # There are no separate CFLAGS/CPPFLAGS/LDFLAGS, set everything in CFLAGS
-my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . -Wa,--noexecstack -Wall;
+my $debian_cflags = `dpkg-buildflags --get CFLAGS` . `dpkg-buildflags --get CPPFLAGS` . `dpkg-buildflags --get LDFLAGS` . -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50;
 $debian_cflags =~ s/\n/ /g;
 
 my $strict_warnings = 0;
Index: openssl-1.0.1c/ssl/s23_clnt.c
===
--- openssl-1.0.1c.orig/ssl/s23_clnt.c	2012-10-03 23:46:22.967530550 -0700
+++ openssl-1.0.1c/ssl/s23_clnt.c	2012-10-04 10:33:13.820452946 -0700
@@ -491,7 +491,7 @@
 			 * as hack workaround chop number of supported ciphers
 			 * to keep it well below this if we use TLS v1.2
 			 */
-			if (TLS1_get_version(s) = TLS1_2_VERSION
+			if (TLS1_get_client_version(s) = TLS1_2_VERSION
  i  OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
 i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH  ~1;
 #endif

Bug#475784: RFP: php-gnupg -- PHP extension to interact with gnupg

2013-01-08 Thread Clement Hermann (nodens) 

Hi,

is there anyone working on this currently ? I need this package, and 
though I did create one with dh-make-pecl, a maintained package would be 
nice. Was there any caveat (except the lack of upstream update)  ?


I cannot find the package mentioned on mentors (it is old anyway). I'd 
be willing to work on it, but I would need a sponsor.


Cheers

--
Clément Hermann (nodens)


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697150: mtpfs should not depends on fuse-utils but on fuse

2013-01-01 Thread Clement Hermann (nodens) 
Package: mtpfs
Severity: important

Hi,

mtpfs depends on fuse-utils, which was a transition package and isn't
available in sid now for most architecture. 

So a new install of mtpfs on a current sid system with no fuse-utils
leftover is not possible. Please depend on fuse.

Cheers,

Clément Hermann (nodens)

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2012-07-04 Thread Clement Hermann (nodens) 

Le 04/07/2012 04:47, Kurt Roeckx a écrit :

On Wed, Jul 04, 2012 at 12:34:54AM +0200, Clement Hermann (nodens) wrote:

Le 04/07/2012 00:21, Kurt Roeckx a écrit :

The server is running on netbsd 6. I asked the admin, and openssl
version returns :
OpenSSL 1.0.1-stable 05 Jun 2011

a ldd on ircd returns -lssl.9 =   /usr/lib/libssl.so.9 though.

Can you try:
strings /usr/lib/libssl.so.9 |grep OpenSSL


Here :

OpenSSLDie
DTLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011
OpenSSL 1.0.1-stable 05 Jun 2011
TLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011
SSLv3 part of OpenSSL 1.0.1-stable 05 Jun 2011
SSLv2 part of OpenSSL 1.0.1-stable 05 Jun 2011

So it fails to talk to itself?  That makes little sense to me.


Kurt

I don't have the issue with 1.0.1 from ubuntu, only from Debian sid with 
SSLv3 (works with TLS1.1, tested on different boxes), so it looks like a 
Debian-specific issue.


--
Clément




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2012-07-03 Thread Clement Hermann (nodens) 
Package: libssl1.0.0
Version: 1.0.1c-3
Severity: normal

Hi,

I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3
IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my
tests with openssl s_client to be sure.

The connexion works with libssl1.0.0h, but every later version fails with the
error wrong cipher. What's funny is that if I force the cipher that would
have been chosen with 1.0.0h when using 1.0.1, I can connect.

Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1).

Here are some logs. They are anonymized, as this is a private IRC server.

**
*** working :  1.0.0h (from snapshot.debian.org)  **
**



openssl s_client -connect irc.example.net:994
CONNECTED(0003)
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/C=DE/ST=Example State/L=Example 
City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=r...@example.net
   i:/C=DE/ST=Example State/L=Example 
City/O=Example/OU=Administration/CN=Example Root 
CA/emailAddress=r...@example.net
---
Server certificate
-BEGIN CERTIFICATE-
snip
-END CERTIFICATE-
subject=/C=DE/ST=Example State/L=Example 
City/O=Example/OU=Administration/CN=irc.example.net/emailAddress=r...@example.net
issuer=/C=DE/ST=Example State/L=Example 
City/O=Example/OU=Administration/CN=Example Root 
CA/emailAddress=r...@example.net
---
No client certificate CA names sent
---
SSL handshake has read 1205 bytes and written 351 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol  : SSLv3
Cipher: AES256-SHA
Session-ID: EA1227FD3AF94737B103C92D43B0B2C6E290374FECEAC0A8B268C9CD7EBFC22E
Session-ID-ctx: 
Master-Key: 
BB7067003E1899F894A3979EBE0704F9F82F240E560339BE136CFF3DCDC204FCFA716D34B4B2996C4E9A63AE623BEB67
Key-Arg   : None
PSK identity: None
PSK identity hint: None
Start Time: 1341348684
Timeout   : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
:irc.example.net NOTICE AUTH :*** Looking up your hostname...
:irc.example.net NOTICE AUTH :*** Checking Ident
:irc.example.net NOTICE AUTH :*** Found your hostname
:irc.example.net NOTICE AUTH :*** No Ident response



**
*** NOT working : starting with 1.0.1 (debian) ***
**

~$ openssl s_client -connect irc.example.net:994
CONNECTED(0003)
140721299515048:error:14092105:SSL routines:SSL3_GET_SERVER_HELLO:wrong cipher 
returned:s3_clnt.c:952:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 58 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol  : TLSv1.1
Cipher: 
Session-ID: 
Session-ID-ctx: 
Master-Key: 
Key-Arg   : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1341349387
Timeout   : 300 (sec)
Verify return code: 0 (ok)
---

**
*** working :  1.0.1c-3 whith cipher forced **
**

~$ openssl s_client -cipher AES256-SHA -connect 
irc.example.net:994CONNECTED(0003)
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = DE, ST = Example State, L = Example City, O = Example, OU = 
Administration, CN = irc.example.net, emailAddress = r...@example.net
verify error:num=21:unable to verify the first certificate
verify

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2012-07-03 Thread Clement Hermann (nodens) 

Le 03/07/2012 23:54, Kurt Roeckx a écrit :

On Tue, Jul 03, 2012 at 11:29:26PM +0200, Clement Hermann (nodens) wrote:

Package: libssl1.0.0
Version: 1.0.1c-3
Severity: normal

Hi,

I've been having trouble connecting to a SSL-enabled ircd (ircd-hybrid-7.2.3nb3
IRC server with many options, on netbsd 6.0_beta2). I use irssi, but did all my
tests with openssl s_client to be sure.

The connexion works with libssl1.0.0h, but every later version fails with the
error wrong cipher. What's funny is that if I force the cipher that would
have been chosen with 1.0.0h when using 1.0.1, I can connect.

Also, FWIW, it is working on ubuntu 12.4 (openssl 1.0.1).

Do you know what ssl implementation and version is running on the
other side?  Is there some firewall or ssl accelerator in between
or something?

I'm not sure what hybrid supports for ssl libraries, and the
Debian package doesn't seem to be build with ssl enabled.

The server is running on netbsd 6. I asked the admin, and openssl 
version returns :

OpenSSL 1.0.1-stable 05 Jun 2011

a ldd on ircd returns -lssl.9 = /usr/lib/libssl.so.9 though.


--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2012-07-03 Thread Clement Hermann (nodens) 

Le 04/07/2012 00:14, Clement Hermann (nodens) a écrit :


The server is running on netbsd 6. I asked the admin, and openssl 
version returns :

OpenSSL 1.0.1-stable 05 Jun 2011

a ldd on ircd returns -lssl.9 = /usr/lib/libssl.so.9 though.




I made a few more tests, and it seems to sometimes work with openssl 
s_client -tls1_1. But when it works, I need to stop trying for 10s or 
so, or it will never work again. The same thing happens with -cipher 
AES256 (but it could be some kind of entropy issue on the server).


However, it never works without specifying either the protocol or the 
cipher. I let irssi try for 2 days before trying to downgrade libssl 
(several minutes between tries).


Hope that helps,

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#680137: [Pkg-openssl-devel] Bug#680137: libssl1.0.0: handshake failure (wrong cipher) since 1.0.1 (1.0.0h works)

2012-07-03 Thread Clement Hermann (nodens) 

Le 04/07/2012 00:21, Kurt Roeckx a écrit :

The server is running on netbsd 6. I asked the admin, and openssl
version returns :
OpenSSL 1.0.1-stable 05 Jun 2011

a ldd on ircd returns -lssl.9 =  /usr/lib/libssl.so.9 though.

Can you try:
strings /usr/lib/libssl.so.9 |grep OpenSSL



Here :

OpenSSLDie
DTLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011
OpenSSL 1.0.1-stable 05 Jun 2011
TLSv1 part of OpenSSL 1.0.1-stable 05 Jun 2011
SSLv3 part of OpenSSL 1.0.1-stable 05 Jun 2011
SSLv2 part of OpenSSL 1.0.1-stable 05 Jun 2011

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#676531: openvpn: --x509-username-field doesn't work (please add configure option)

2012-06-07 Thread Clement Hermann (nodens) 
Package: openvpn
Version: 2.2.1-8
Severity: normal

Hi,

The manpage indicate that you can use any X509 field as username with
the option --x509-username-field. However, this option is invalid unless
you add --enable-x509-alt-username to the configure script options.

Could you please include this option ? I did add it on a local
installation without encountering any problem, so I have a patch available on
request (althought a very trivial one).

Cheers,

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openvpn depends on:
ii  debconf [debconf-2.0]  1.5.42
ii  initscripts2.88dsf-22.1
ii  libc6  2.13-30
ii  liblzo2-2  2.06-1
ii  libpam0g   1.1.3-7
ii  libpkcs11-helper1  1.09-1
ii  libssl1.0.01.0.1a-3
ii  net-tools  1.60-24.1

openvpn recommends no packages.

Versions of packages openvpn suggests:
pn  openssl 1.0.1a-3
pn  resolvconf  none

-- debconf information excluded
-- 
Clément Hermann (nodens)



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#620853: gnome-terminal: Transparency only works when maximized

2011-10-19 Thread Clement Hermann (nodens) 

reassign 620853 mutter
tags 620853 +fixed-upstream

Hi,

It seems to be a bug in Mutter and not gnome-terminal. Also, it is fixed 
upstream : https://bugzilla.gnome.org/show_bug.cgi?id=635268



Cheers,


--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#620853: gnome-terminal transparency doesn't work in mutter

2011-10-19 Thread Clement Hermann (nodens) 

merge 620853 630339

Thanks

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#570167: libccid: New Neowave Weneo card version with new productId

2010-02-17 Thread Clement Hermann (nodens) 

On 17/02/2010 10:00, Ludovic Rousseau wrote:

Hello,

2010/2/17 Clement Hermann (nodens)clement.herm...@free.fr:
   

I am a tester of the new USB card for public transportation in Grenoble,
France (Semitag). They use Neowave Weneo card, but the card use a
different productId than the Neowave_weneo and Neowave_weneo2 drivers.
 

Can you also send me:
- a picture of the reader
- the URL of a page describing the reader

Thanks

   


I do not have a camera ready for taking a picture, but it looks very 
much like what you can see http://www.neowave.fr/en/weneo_transport.html 
(apart from the branding, it's red and has the Tag Logo).


I don't know if there is a sim inside it : It seem sealed.

I could take a picture if you really need it.

Cheers,

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#570167: libccid: New Neowave Weneo card version with new productId

2010-02-16 Thread Clement Hermann (nodens) 
Package: libccid
Version: 1.3.11-1
Severity: normal

Hi,

I am a tester of the new USB card for public transportation in Grenoble,
France (Semitag). They use Neowave Weneo card, but the card use a
different productId than the Neowave_weneo and Neowave_weneo2 drivers.

Please find new driver description attached, as well as a very simple patch
to /etc/libccid_Info.plist for the impatients (just added the new
productId... Works so far).

Cheers,

Clément Hermann (nodens)

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'sid'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libccid depends on:
ii  libc62.10.2-6Embedded GNU C Library: Shared lib
ii  libpcsclite1 1.5.5-3 Middleware to access a smart card 
ii  libusb-0.1-4 2:0.1.12-14 userspace USB programming library

Versions of packages libccid recommends:
ii  pcscd 1.5.5-3Middleware to access a smart card 

Versions of packages libccid suggests:
pn  pcmciautils   none (no description available)

-- no debconf information
 idVendor: 0x1E0D
  iManufacturer: Neowave
 idProduct: 0x0033
  iProduct: Weneo
 bcdDevice: 1.71 (firmware release?)
 bLength: 9
 bDescriptorType: 4
 bInterfaceNumber: 1
 bAlternateSetting: 0
 bNumEndpoints: 3
  bulk-IN, bulk-OUT and Interrupt-IN
 bInterfaceClass: 0x0B [Chip Card Interface Device Class (CCID)]
 bInterfaceSubClass: 0
 bInterfaceProtocol: 0
  bulk transfer, optional interrupt-IN (CCID)
 iInterface: Weneo Reader
 CCID Class Descriptor
  bLength: 0x36
  bDescriptorType: 0x21
  bcdCCID: 1.10
  bMaxSlotIndex: 0x00
  bVoltageSupport: 0x02
   3.0V
  dwProtocols: 0x 0x0003
   T=0
   T=1
  dwDefaultClock: 3.570 MHz
  dwMaximumClock: 3.570 MHz
  bNumClockSupported: 1 
   Support 3570 kHz
  dwDataRate: 9600 bps
  dwMaxDataRate: 115200 bps
  bNumDataRatesSupported: 5 
   Support 9600 bps
   Support 19200 bps
   Support 38400 bps
   Support 57600 bps
   Support 115200 bps
  dwMaxIFSD: 254
  dwSynchProtocols: 0x
  dwMechanical: 0x
   No special characteristics
  dwFeatures: 0x00010230
   10 Automatic ICC clock frequency change according to parameters
   20 Automatic baud rate change according to frequency and Fi, Di params
   ..02.. NAD value other than 00 accepted (T=1)
   01 TPDU level exchange
  dwMaxCCIDMessageLength: 271 bytes
  bClassGetResponse: 0xFF
   echoes the APDU class
  bClassEnveloppe: 0xFF
   echoes the APDU class
  wLcdLayout: 0x
  bPINSupport: 0x00
  bMaxCCIDBusySlots: 1
--- etc/libccid_Info.plist  2010-02-17 00:20:01.366447525 +0100
+++ /etc/libccid_Info.plist 2010-02-17 00:22:17.0 +0100
@@ -229,6 +229,7 @@
string0x04E8/string
string0x1E0D/string
string0x1E0D/string
+   string0x1E0D/string
string0x1206/string
string0x04DA/string
string0x09C3/string
@@ -362,6 +363,7 @@
string0x0007/string
string0x0013/string
string0x8033/string
+   string0x0033/string
string0x2105/string
string0x117A/string
string0x0008/string
@@ -495,6 +497,7 @@
stringSoftforum XecureHSM/string
stringNeowave Weneo/string
stringNeowave Weneo/string
+   stringNeowave Weneo/string
stringSynnix STD200/string
stringPanasonic USB Smart Card Reader 7A-Smart/string
stringActivCard USB Reader 2.0/string

Bug#560161: php5-ldap: LDAPS and LDAP+TLS return error on valid wildcard certificate check

2009-12-09 Thread Clement Hermann (nodens) 
Package: php5-ldap
Severity: normal

Hi,

php5-ldap return error on bind when server is using a wildcard
SSL certificate, even when the certificate is valid. ldapsearch works
OK on the same certificate.

Workaround : add TLS_REQCERT never in ldap.conf (but then you cannot
verify that you are connecting to the right server), or use a simple
(non-wildcard) certificate.

This is probably an upstream bug (see
http://bugs.php.net/bug.php?id=17738), but the relevant bug is
currently in no feedback state so maybe it could be re-opened as a new bug.
(I don't have any php version supported upstream readily available that
can connect to a ldaps server with a wildcard cert, so I did not report
it upstream).

Cheers,

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'sid'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#543391: cyrus-imapd-2.2: Sieve does not decode MIME headers

2009-08-24 Thread Clement Hermann (nodens) 
Package: cyrus-imapd-2.2
Severity: normal

Hi,

Sieve does not decode RFC2231 headers before comparison, so if the
message's header checked is RFC2231 encoded, it will never match.

It means that if you receive a mail with UTF-8 encoded subject, filters
based on the subject content won't be filtered.

This report is mainly for your information : it has already be reported
upstream some time ago as #1721 :
https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=1721

(fix pending, but unlikely to be backported to 2.2.x)

Cheers

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'sid'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#527449: swftools: multiple vulnerabilities in embedded copy of xpdf

2009-08-19 Thread Clement Hermann (nodens) 
Le 18/08/2009 16:26, Simo Kauppi a écrit :
 On Tue, Aug 18, 2009 at 12:19:12PM +0200, Clement Hermann (nodens) wrote:
 Hi,
 
 Hi,
 
 Is there any news on this bug ? would you accept a patch to use
 libpoppler instead of embedded xpdf ?
 
 Nothing new; the 0.9.0 release of swftools still uses the xpdf 3.02
 embedded in it and the last time I asked, the upstream had no plans to
 start using libpoppler instead.

I saw a patch by Patrice Dumas on the swftools mailing list last year
[1]. It was accepted and applied at the time, I couldn't find why it was
removed, but maybe it could be tweaked to apply against current swftools.

http://www.mail-archive.com/swftools-com...@nongnu.org/msg02205.html

-- 
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#527449: swftools: multiple vulnerabilities in embedded copy of xpdf

2009-08-18 Thread Clement Hermann (nodens) 
Hi,

Is there any news on this bug ? would you accept a patch to use
libpoppler instead of embedded xpdf ?

Cheers,

-- 
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#526240: Version 0.9.0 of swftools is out. Please upgrade this package.

2009-08-18 Thread Clement Hermann (nodens) 
Hi,

Is there any caveat on upgrading to the latest upstream version (besides
the libpoppler use discussed in #527449) ? Or is this only a time problem ?

I am willing to provide help (patch / testing / whatever) if I can and
if you need any.

Cheers,

-- 
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#484629: gcstar: version 1.4.0 is out

2009-02-28 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

as I badly needed the 1.4 version for my comics collection, I actually
uupdate'd the package, cleaned (removed or adapted) some patches, and
it seems to work so far.

There is still some work to do (a few lintian warnings), but I didn't
want to alter the original package too much, as you said you were
working on it.

Anyway, here is the complete patch, and I attached the individual
patches as well, in case it helps.

The 01-set_usr_lib.dpatch and 07_fix_manpath.dpatch has been slightly
modified to fit the new source, and the 11_fix_allocine_plugin.dpatch
has been added from upstream CVS to fix a bug induced by new allocine.fr
layout. The 10-fix-storable-crash.dpatch has been fixed upstream.

Regards,


- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmp3tAACgkQ0yQ2guvROZ1iHQCfUobNkA/LWcIk7FRHOB5MMF/I
DSwAn1NSNO2fhyehiKjm9LjqS9EuimX9
=UDXi
-END PGP SIGNATURE-


gcstar-new_upstream-1.4.3.patch.gz
Description: application/gzip
#! /bin/sh /usr/share/dpatch/dpatch-run
## 01-set_usr_lib.dpatch by Alexander Wirt formo...@debian.org
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad gcstar-1.4.3~/bin/gcstar gcstar-1.4.3/bin/gcstar
--- gcstar-1.4.3~/bin/gcstar2008-10-11 13:08:15.0 +0200
+++ gcstar-1.4.3/bin/gcstar 2009-02-28 18:55:56.710196397 +0100
@@ -44,9 +44,9 @@
 use POSIX qw(locale_h);
 
 $ENV{GCS_BIN_DIR} = $RealBin;
-($ENV{GCS_LIB_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/lib\/gcstar/;
+($ENV{GCS_LIB_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/share\/gcstar\/lib/;
 ($ENV{GCS_SHARE_DIR} = $ENV{GCS_BIN_DIR}) =~ s/bin\/?$/share\/gcstar/;
-use lib File::Spec-canonpath($RealBin/../lib/gcstar);
+use lib File::Spec-canonpath($RealBin/../share/gcstar/lib);
 if (exists $ENV{PAR_TEMP})
 {
 unshift @INC, $RealBin/../lib/gcstar;
diff -urNad gcstar-1.4.3~/install gcstar-1.4.3/install
--- gcstar-1.4.3~/install   2008-07-17 19:31:01.0 +0200
+++ gcstar-1.4.3/install2009-02-28 18:55:56.710196397 +0100
@@ -196,8 +196,8 @@
 chmod 0755, $baseDir.'/bin/'.$binName;
 
 #Copying lib
-verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/lib/gcstar';
-recursiveCopy('lib/gcstar', $baseDir.'/lib/gcstar');
+verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/gcstar/lib';
+recursiveCopy('lib/gcstar', $baseDir.'/share/gcstar/lib');
 
 #Copying share
 verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/gcstar';
#! /bin/sh /usr/share/dpatch/dpatch-run
## 07_fix_manpath.dpatch by Alexander Wirt formo...@debian.org
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad gcstar-1.4.3~/install gcstar-1.4.3/install
--- gcstar-1.4.3~/install   2009-02-28 18:56:29.674198841 +0100
+++ gcstar-1.4.3/install2009-02-28 18:58:05.402193838 +0100
@@ -107,7 +107,7 @@
 }
 
 unlink $baseDir.'/bin/'.$binName;
-unlink $baseDir.'/man/man1/'.$binName.'.1.gz';
+unlink $baseDir.'share/man/man1/'.$binName.'.1.gz';
 
 # remove menu and mime items
 
@@ -187,9 +187,9 @@
 mkpath $baseDir.'/bin';
 copy 'bin/gcstar', $baseDir.'/bin/'.$binName;
 
-verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/man/man1';
-mkpath $baseDir.'/man/man1';
-my $manPage = $baseDir/man/man1/$binName.1;
+verbosePrint $lang{InstallCopyDirectory}, $baseDir.'/share/man/man1';
+mkpath $baseDir.'/share/man/man1';
+my $manPage = $baseDir/share/man/man1/$binName.1;
 copy 'man/gcstar.1', $manPage;
 `gzip -f -9 $manPage 21 /dev/null`;
 
#! /bin/sh /usr/share/dpatch/dpatch-run
## 11_fix_allocine_plugin.dpatch by Clément Hermann (nodens) 
clement.herm...@free.fr
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad gcstar-1.4.3~/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm 
gcstar-1.4.3/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm
--- gcstar-1.4.3~/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm2008-08-15 
13:55:14.0 +0200
+++ gcstar-1.4.3/lib/gcstar/GCPlugins/GCfilms/GCAllocine.pm 2009-03-01 
01:35:05.622195296 +0100
@@ -2,7 +2,7 @@
 
 ###
 #
-#  Copyright 2005-2007 Tian
+#  Copyright 2005-2009 Tian
 #
 #  This file is part of GCstar.
 #
@@ -54,11 +54,16 @@
 }
 else
 {
-if ($tagname eq h4)
+if ($tagname eq h3)
 {
 $self-{insideActors} = 0;
 $self-{insideDirector} = 0

Bug#404926: closed by Daniel Baumann dan...@debian.org (reply to dan...@debian.org) (Re: vsftpd: defs.h limits the username length to 32 chars)

2009-02-01 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Debian Bug Tracking System a écrit :
 This is an automatic notification regarding your Bug report
 which was filed against the vsftpd package:
 
[...]

 Re: vsftpd: defs.h limits the username length to 32 chars
 Expéditeur:
 Daniel Baumann dan...@debian.org
 Date:
 Sat, 31 Jan 2009 04:00:35 +0100
 Destinataire:
 404926-d...@bugs.debian.org, 404926-submit...@bugs.debian.org
 
 Destinataire:
 404926-d...@bugs.debian.org, 404926-submit...@bugs.debian.org
 
 
 Hi,
 
 on linux, you cannot have longer login names than 32 chars anyway due to
 libc6. Therefore, it doesn't make any sense to me to have longer names
 in vsftpd.
 
Sorry, but this is wrong. Usernames longer than 32 chars do work.
They are truncated in utmp.h but one can login. Our naming policy
involve sometimes longer than 32 chars ftp usernames. Once I changed
defs.h it did work.

Also, vsftp still says login failed, it should at least return a
meaningful error such as invalid username. It would save users facing
this issue some hassle.

Please, reopen this bug.

Reagrds,

- --
Clément Hermann (nodens)

- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmF5N0ACgkQ0yQ2guvROZ3B7QCdHbnFfqcHzriuun2E3O6+6KLE
VDkAnRT5h3HGo3+UzLfZWocXKPviL5bR
=+LmV
-END PGP SIGNATURE-



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#491545: New upstream version (1.4.1) is available

2008-10-14 Thread Clement Hermann (nodens) 

Hi,

Any news ? the upstream version is 1.4.3 now.

Do you need any help on tracking the strange bug you mentionned on your 
previous answer ?


Cheers,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#425663: xnest: no xkb extension support

2008-04-22 Thread Clement Hermann (nodens) 

tags 164379 +fixed-upstream

Thanks

Hi,

This bug is now fixed upstream : 
https://bugs.freedesktop.org/show_bug.cgi?id=10015


Cheers,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#164379: Bug#425663: xnest: no xkb extension support

2008-04-22 Thread Clement Hermann (nodens) 

tags 164379 +fixed-upstream
tags 425663 +fixed-upstream

Thanks

Hi,

This bug is now fixed upstream :
https://bugs.freedesktop.org/show_bug.cgi?id=10015

Cheers,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.






--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#476120: linux-2.6: please set CONFIG_X86_BIGSMP

2008-04-14 Thread Clement Hermann (nodens) 
Package: linux-2.6
Severity: normal

Hi,

on a recent intel quad-core (core2) CPU, CONFIG_X86_BIGSMP=y is needed
to boot with more than 8 cpu.

Without it, booting stops after CPU detection. Booting works when
setting maxcpus=8 as boot parameter (but, obviously, you are then
limited to 8 cores).

Quadri Quad-core systems becomes more and more widespread these days
(think virtualization), making x86 machines with more than 8 CPUs more
common. Debian (be it Etch or Lenny) won't work on them.

Please, enable this option, so that debian can be used for a high-end
virtualization system without recompiling !

Backporting this to Etch as well seems mostly harmless to me, but I'll
let a kernel guru check ;)

Cheers,

Clément Hermann (nodens)

-- (Irrelevant) System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.24-1-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Bug#393976: xvnc4viewer: always return 1 on exit (was: Re: Bug#393976: tsclient: Bug still present)

2007-11-28 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

reassign 393976 xvnc4viewer 4.1.1+X4.3.0-21
thanks

Javier Kohen a écrit :

 Both those actions yield the reconnect dialog here. Like I said in my
 original report, the details window shows VNCviewer's output to stdout,
 as if it were an error message. All it says is the VNC version (4.1.1),
 the server's parameters and the chosen encoding. See below:
 
 VNC Viewer Free Edition 4.1.1 for X - built Feb 26 2007 20:38:07
 Copyright (C) 2002-2005 RealVNC Ltd.
 See http://www.realvnc.com for information on VNC.
 
 Mon Nov 26 17:14:13 2007
  CConn:   connected to host XX port 5900
  CConnection: Server supports RFB protocol version 3.8
  CConnection: Using RFB protocol version 3.8
 
 Mon Nov 26 17:14:14 2007
  TXImage: Using default colormap and visual, TrueColor, depth 24.
  CConn:   Using pixel format depth 6 (8bpp) rgb222
  CConn:   Using ZRLE encoding
 
 

Ok, it seems you are using xvnc4viewer, where I was trying with
tightvncviewer.

I did reproduce the bug. However, the bug does not lie in tsclient but
in xvnc4viewer itself. It returns 1 on exit, regardless of whether you
asked for exit or closed the windows (or send a TERM or SIGKILL signal,
by the way). Tsclient has no way to tell that you exited cleanly, so it
asks you if you want to reconnect.

I'm reassigning the bug to xvnc4viewer. You might want to try to install
xtightvncviewer and do a update-alternative --config vncviewer if that
really bother you, or wait for the bug in xvncv4viewer to be fixed :)

Cheers,

- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHTe0D0yQ2guvROZ0RAoZlAJ9bVnGjbHd6/c3PTQybeeKZp2ifzwCfWzHC
PqlPPrRPorQaIYqUJ3iOs0g=
=MUTd
-END PGP SIGNATURE-

Bug#449144: tsclient: Please add RDPv5 disk mapping support (patch available)

2007-11-04 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Josselin Mouette a écrit :
 Hi,

Hi Josselin,

 Thanks for the patch.

Actually I did not wrote it. A friend of mine did and posted it on
sourceforge. I'm merely a relay here, I quickly reviewed and tested it
and it seemed ok to me.

 
 Currently, tsclient is missing a primary maintainer and is therefore far
 from up-to-date despite how useful it is.
 
 If you want to contribute to the packaging to keep tsclient in good
 shape in Debian, you are most welcome.

I don't have much free time, but I'd be glad to help. I don't have much
experience in debian packaging (I did create some packages or backports
for private or corporate usage, nothing more), but if someone is willing
to mentor me I could probably help on tsclient.

Besides, I need it, I want it upgraded, so I guess someone has to do the
job ;)

I'll look into the source package and see if I can submit a patch.

Cheers,

- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHLllG0yQ2guvROZ0RAmeAAKCVYmprrCEiLc1Xi1NNeVoks7IjHACfYQXh
KjTRn9Y53/MVEtZVuPiNmlY=
=cYeD
-END PGP SIGNATURE-

Bug#449144: tsclient: Please add RDPv5 disk mapping support (patch available)

2007-11-03 Thread Clement Hermann (nodens) 
Package: tsclient
Version: 0.148-3
Severity: wishlist
Tags: patch

Hi,

A long-time missing feature in tsclient is the ability to map a local
directory to a remote computer in RDPv5.

A patch available on sourceforge address this (see URL below, also
attached here for your convenience). However, you probably need to
upgrade to the latest version (0.150) to make apply it cleanly.

URL to the patch on sourceforge :
http://sourceforge.net/tracker/index.php?func=detailaid=1822832group_id=192483atid=941576

Cheers,

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.20-1-xen-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages tsclient depends on:
ii  libatk1.0-0   1.18.0-2   The ATK accessibility toolkit
ii  libbonoboui2-02.18.0-5   The Bonobo UI library
ii  libc6 2.6.1-1GNU C Library: Shared libraries
ii  libglib2.0-0  2.14.0-2   The GLib library of C routines
ii  libgnome2-0   2.18.0-4   The GNOME 2 library - runtime file
ii  libgnomeui-0  2.18.1-2   The GNOME 2 libraries (User Interf
ii  libgtk2.0-0   2.10.13-1  The GTK+ graphical user interface 
ii  libpanel-applet2-02.18.3-1   library for GNOME Panel applets
ii  rdesktop  1.5.0-2RDP client for Windows NT/2000 Ter

tsclient recommends no packages.

-- no debconf information
diff -ur tsclient-0.150/src/connect.c tsclient-0.151/src/connect.c
--- tsclient-0.150/src/connect.c	2007-04-11 20:15:35.0 +0200
+++ tsclient-0.151/src/connect.c	2007-10-30 15:03:42.0 +0100
@@ -175,6 +175,16 @@
   GtkWidget *cboKeyboardLang;
   GtkWidget *txtKeyboardLang;
 
+  // Drive mapping
+  GtkWidget *chkDiskMapping;
+  
+  // Drive mapping Widgets
+  GtkWidget *frameDrive;
+  GtkWidget *lblDriveFrame;
+  GtkWidget *tblDrive;
+  GtkWidget *imgDrive;
+  GtkWidget *vbxDrive;
+
   // Program Tab Widgets
   GtkWidget *lblProgramsTab1;
 
@@ -191,6 +201,7 @@
 
   // Performance Tab Widgets
   GtkWidget *lblPerformanceTab1;
+  GtkWidget *vbxPerformanceTab1;
 
   // Performance Frame Widgets
   GtkWidget *framePerform;
@@ -689,7 +700,6 @@
 
   gtk_option_menu_set_menu (GTK_OPTION_MENU (optKeyboard), mnuKeyboard);
 
-
   lblKeyboardLang = gtk_label_new (_(Use the following keyboard language\n(2 char keycode)));
   gtk_table_attach (GTK_TABLE (tblKeyboard), lblKeyboardLang, 1, 2, 2, 3,
 (GtkAttachOptions) (GTK_FILL),
@@ -777,9 +787,15 @@
 (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
 (GtkAttachOptions) (GTK_FILL), 0, 0);
 
+  // Last tab (Performance)
+  vbxPerformanceTab1 = gtk_vbox_new (FALSE, 0);
+  gtk_container_add (GTK_CONTAINER (nbkComplete), vbxPerformanceTab1);
+  gtk_notebook_set_tab_label_packing (GTK_NOTEBOOK (nbkComplete), vbxPerformanceTab1,
+  TRUE, TRUE, GTK_PACK_START);
+
 
   framePerform = gtk_frame_new (NULL);
-  gtk_container_add (GTK_CONTAINER (nbkComplete), framePerform);
+  gtk_container_add (GTK_CONTAINER (vbxPerformanceTab1), framePerform);
   gtk_notebook_set_tab_label_packing (GTK_NOTEBOOK (nbkComplete), framePerform,
   TRUE, TRUE, GTK_PACK_START);
   gtk_container_set_border_width (GTK_CONTAINER (framePerform), 3);
@@ -840,6 +856,37 @@
   gtk_label_set_line_wrap (GTK_LABEL (lblPerformanceOptions), TRUE);
   gtk_misc_set_alignment (GTK_MISC (lblPerformanceOptions), 0, 0.5);
 
+
+  frameDrive = gtk_frame_new (NULL);
+  //  Add the new frame to the Local ressource tab
+  gtk_box_pack_start (GTK_BOX (vbxLocalTab1), frameDrive, TRUE, TRUE, 0);
+  gtk_container_set_border_width (GTK_CONTAINER (frameDrive), 3);
+  gtk_frame_set_shadow_type (GTK_FRAME (frameDrive), GTK_SHADOW_NONE);
+
+  lblDriveFrame = gtk_label_new_with_mnemonic (_(Remotely map your disk drive));
+  gtk_label_set_markup (GTK_LABEL (lblDriveFrame), g_strconcat (span weight=\bold\, _(Remotely map your disk drive), /span, NULL));
+  gtk_frame_set_label_widget (GTK_FRAME (frameDrive), lblDriveFrame);
+  gtk_label_set_justify (GTK_LABEL (lblDriveFrame), GTK_JUSTIFY_LEFT);
+
+  tblDrive = gtk_table_new (1, 2, FALSE);
+  gtk_container_add (GTK_CONTAINER (frameDrive), tblDrive);
+  gtk_table_set_col_spacings (GTK_TABLE (tblDrive), 6);
+
+  imgDrive = create_pixmap (frmConnect, harddrive.png);
+  gtk_misc_set_padding (GTK_MISC (imgDrive), 3, 3);
+  gtk_table_attach (GTK_TABLE (tblDrive), imgDrive, 0, 1, 0, 1,
+(GtkAttachOptions) (GTK_FILL),
+(GtkAttachOptions) 0, 0, 0);
+
+  vbxDrive = gtk_vbox_new (FALSE, 0);
+  gtk_table_attach (GTK_TABLE (tblDrive), vbxDrive, 1, 2, 0, 2,
+(GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+

Bug#317258: [stable] kernel upload to p-u

2007-10-29 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I finally had the opportunity to reset this server, and did it on the
kernel without the patch to see the error messages.

The kernel loads, the megaraid_mbox driver detects the device, and we
have


...
Megaraid mbox : Wait for 0 commands to complete :300
Megaraid mbox : reset sequence completed successfully


appearing for a few minutes.

It seems it tries for each id in the scsci chain. Eventually, it gives
up with :

scsi : Device offlined - not ready after error recovery.


Voilà, hope it helps.

Regards,

- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHJc3F0yQ2guvROZ0RAo6BAJ44cotyAMbGchn5LGS5Er+8dNcVyQCdGajO
FUIQtxB2llhcYAPCNzwupVM=
=Mb85
-END PGP SIGNATURE-

Bug#421129: mldonkey-server: mldonkey_server wrapper absent from package

2007-04-26 Thread Clement Hermann (nodens) 
Package: mldonkey-server
Version: 2.8.5-1
Severity: important

Hi,

The mldonkey_server wrapper ain't in the mldonkey-server package, and
the init script relies on it to launch mlnet.

mlnet can still be launched manually, however, but any server setup
(as proposed by debconf) won't work.

Regards,

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.20-1-xen-amd64 (SMP w/1 CPU core)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages mldonkey-server depends on:
ii  adduser   3.102  Add and remove users and groups
ii  debconf [debconf-2.0] 1.5.13 Debian configuration management sy
ii  dpkg  1.13.25package maintenance system for Deb
ii  libbz2-1.01.0.3-6high-quality block-sorting file co
ii  libc6 2.5-4  GNU C Library: Shared libraries
ii  libfreetype6  2.2.1-5FreeType 2 font engine, shared lib
ii  libgcc1   1:4.1.2-4  GCC support library
ii  libgd2-xpm2.0.34~rc1-2   GD Graphics Library version 2
ii  libjpeg62 6b-13  The Independent JPEG Group's JPEG 
ii  libpng12-01.2.15~beta5-1 PNG library - runtime
ii  libstdc++64.1.2-4The GNU Standard C++ Library v3
ii  mime-support  3.39-1 MIME files 'mime.types'  'mailcap
ii  ucf   2.0021 Update Configuration File: preserv
ii  zlib1g1:1.2.3-13 compression library - runtime

mldonkey-server recommends no packages.

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#317258: Bug #317258: megaraid driver not working on netraid 1M/2M and 2.6.18 (used to be patched)

2007-01-08 Thread Clement Hermann (nodens) 

Hi,

Is there anything new on this bug ? Is there a chance the patch is 
re-applied before Etch release ?


Upgrade to Etch (and subsequent maintenance) will be painful for Netraid 
1M/2M users if the patch is not applied on the current kernel shipped in 
Etch... Also, the patch seems mostly harmless to me (but you may know 
better, please explain if this is the case :) )


Best regards, and Happy New Year to you all

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#385024: xen-tools: Please use --numeric-owner tar option

2006-09-10 Thread Clement Hermann (nodens) 

Steve Kemp wrote:


  I think your suggestion of using --numeric-owner makes a lot of
 sense, and to be honest I can't think of this package being used upon
 a non-GNU system, so adding it unconditionally makes a lot of sense.


maybe the best would be to specify an archive command in the 
configuration file (with arguments and at least one special character to 
tell where the filename should be). This would permit the use of other 
tools such as star (ACL support), or even enabling the possibility to 
read directly the files from the standard input (and so beeing able to 
use tar over ssh or other neat tricks)


However, --numeric-owner would be sufficient for now ;)

Regards,


--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#385024: Acknowledgement (xen-tools: Please use --numeric-owner tar option)

2006-08-28 Thread Clement Hermann (nodens) 
FYI, I gave a quick look to the code and found a workaround : --tar 
file --numeric-owner.


Cheers,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#383628: enlightenment: package upgrade

2006-08-21 Thread Clement Hermann (nodens) 

Jan Christoph Nordholz wrote:

Hi Clement,


Hi Jan,


a new package is being worked on. Actually, the most recent
upstream version is 0.16.8.3 (released Aug 17th). ;-)

Oops... missed this one ;-)


But note that not only the binary's name has changed - the
user configuration has moved from .enlightenment to .e16
and changed much of its internal structure and syntax
(the keybindings file is a prominent example), so there is
no comfortable way to migrate from 0.16.7 to 0.16.8.


Right. When I changed from 0.16.7 to 0.16.8cvs, My old conf mostly 
worked, even if the file structure had changed. There where few 
problems, but I had to reconfigure some features, so I guess it might 
indeed cause a few issues if the user is not properly warned.


Anyway, glad to know that E's not forgotten in debian ! :)
Please, don't hesitate to ask if you think I can help in any way.

Cheers,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#383628: enlightenment: How about upgrading to DR16 0.16.8.2 ?

2006-08-18 Thread Clement Hermann (nodens) 
Package: enlightenment
Version: 1:0.16.7.2-1
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

The title says it all :)

The 0.16.8.2 version does not seem very different to me, but it adds
some interesting features (such as a composite manager) and fixes some
annoying little bugs. The only big change I can see is the renaming of
binaries (enlightenment - e16) to allow people to use DR16 and DR17 on
the same system. 

Actually, I used your debian/* to package it for myself a while ago and
it's mostly OK.

A package renaming may be appropriate to follow upstream
(enlightenement primarily refers to DR17): the package would then be
named e16. It may also avoid Conflicts: or patches when packaging DR17.

Best regards,

Clement Hermann (nodens)

- -- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-xen-686
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)

Versions of packages enlightenment depends on:
pn  enlightenment-datanone (no description available)
ii  libaudiofile0 0.2.6-6Open-source version of SGI's audio
ii  libc6 2.3.6-7GNU C Library: Shared libraries
ii  libesd0   0.2.36-3   Enlightened Sound Daemon - Shared 
ii  libice6   1:1.0.0-3  X11 Inter-Client Exchange library
ii  libimlib2 1.2.1-2powerful image loading and renderi
ii  libsm61:1.0.0-4  X11 Session Management library
ii  libx11-6  2:1.0.0-6  X11 client-side library
ii  libxext6  1:1.0.0-4  X11 miscellaneous extension librar
ii  xlibs 6.9.0.dfsg.1-6 X Window System client libraries m

Versions of packages enlightenment recommends:
ii  esound0.2.36-3   Enlightened Sound Daemon - Support
ii  menu  2.1.27 generates programs menu for all me

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFE5baJ0yQ2guvROZ0RAuEiAKCgp6wWgVl1zJPkw9RVFjqLBlBlPQCfRZAT
4nKopR+/mZYsH6ikh0xsB/s=
=6f2v
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#377984: xen-tools: a simple way to duplicate virtual machines

2006-07-13 Thread Clement Hermann (nodens) 

Steve Kemp wrote:

On Wed, Jul 12, 2006 at 02:15:28PM +0200, Clement Hermann (nodens) wrote:

  I think that this could be done already without too many steps.


Of course. Actually, I did it several times. However, I'd like to make 
it even easier (that what's wishlist is about after all) :)
And if the source vm has to be stopped, copying the image file is faster 
 and the stopped domU can be restarted sooner. I agree that a lvm 
snapshot can be done to make things faster, though.



  (You might also be interested in the --tar argument which will
 untar a previous tarfile of a disk image instead of using a network
 copy.)


Yep. I use that to copy real machine in domU : I tar everything (except 
proc, sys and big log files) over ssh on my xen machine and create a new 
domU with --tar. Many thanks for this particular option, it really helps :)


Regards,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#377984: xen-tools: a simple way to duplicate virtual machines

2006-07-12 Thread Clement Hermann (nodens) 
Package: xen-tools
Version: 2.1-3
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I see that the xen-duplicate-image support is discontinued upstream.
However, it would be nice to be able to duplicate images easily (one can
copy the images or LVM and change the configuration, or archive an
existing image with tar and use the tar file option of
xen-create-image), but it means doing several steps for this operation.

xen-create-image with the appropriate option could verify that a machine
is stopped to prevent corruption, and use an existing image or lv as
source to create a new image with the correct networking configuration.

What do you think ?

Regards,

- -- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-xen-686
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)

Versions of packages xen-tools depends on:
ii  debootstrap   0.3.3  Bootstrap a basic Debian system
ii  libtext-template-perl 1.44-1.1   Text::Template perl module
ii  perl-modules  5.8.8-4Core Perl modules

Versions of packages xen-tools recommends:
pn  reiserfsprogs none (no description available)
pn  rpmstrap  none (no description available)
ii  xen-hypervisor-3.0-i386 [ 3.0.2+hg9697-1 The Xen Hypervisor for i386
ii  xfsprogs  2.7.16-1   Utilities for managing the XFS fil

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEtOff0yQ2guvROZ0RAqahAKCd9OcJhc9hDMmJoXoeLjACFenjrgCgiXYi
IoXMr2FkfrusmXNijg+wlYA=
=OFAP
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#377684: xen-tools: --force option won't work with XFS

2006-07-10 Thread Clement Hermann (nodens) 
Package: xen-tools
Version: 2.1-3
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,
The problem is, if --force option is given, the -f option is given after
- --name=, so it won't work (--name should be followed by the loopback
image filename if I understand the code correctly).

The  -f option added between the binary and other args by appending  -f  to 
the binary (that is after the binary / args separation), or maybe
it would be better to split the command in several variables (like
$binary $force $args) and run it that way (runCommand( $binary $force
$args )). TIMTOWTDI ;)

Regards,

- -- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-xen-686
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)

Versions of packages xen-tools depends on:
ii  debootstrap   0.3.3  Bootstrap a basic Debian system
ii  libtext-template-perl 1.44-1.1   Text::Template perl module
ii  perl-modules  5.8.8-4Core Perl modules

Versions of packages xen-tools recommends:
pn  reiserfsprogs none (no description available)
pn  rpmstrap  none (no description available)
ii  xen-hypervisor-3.0-i386 [ 3.0.2+hg9697-1 The Xen Hypervisor for i386
ii  xfsprogs  2.7.16-1   Utilities for managing the XFS fil

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEsn7E0yQ2guvROZ0RAoUSAJ9f6iREkwB7l5OD/okPHKRxBmBELQCfevwS
BQCzw4yAZ/JODMTTwbnJ1Sw=
=jfkL
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#291368: Webalizer should be able to generate stats in different languages

2006-06-27 Thread Clement Hermann (nodens) 

Jose Carlos Medeiros wrote:

Hi,

Debian Webalizer was patched to use gettext then I think if you use
something like:

LANG=pt_BR; webalizer ;

This will create htm and png files to Brazilian Portuguese instead
default language ex. English.



yep. This is an old bug which should probably be closed now :)

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files

2006-05-22 Thread Clement Hermann (nodens) 
Package: linux-image-2.6.16-1-xen-686
Version: 2.6.16-12
Severity: grave
Justification: renders package unusable

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I'm glad there is work in progress to integrate xen in the Debian kernels. 
However, the current -xen kernels are mostly unusable :
- no System.map
- no config.version (that means no initrd)
- no (post|pre)(inst|rm) (this is not a real problem, at least, an 
informative message
should warn the user about the lack of boot loader / initramfs automatic 
configuration, and point him
to some doc)
- no doc (the doc should give a clue on how to configure grub, that is, 
load the hypervisor as a 
kernel and then kernel and initrd as modules, or at least a link to 
xen-source.com)

I understand this is WIP, but at least System.map and config.version should 
be provided to 
make this usable to someone who knows how xen work.

Thanks,

- -- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686-smp
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)

Versions of packages linux-image-2.6.16-1-xen-686 depends on:
ii  linux-modules-2.6.16-1-xen-68 2.6.16-12  Linux kernel modules 2.6.16 image 
ii  module-init-tools 3.2.2-2tools for managing Linux kernel mo
ii  yaird [linux-initramfs-tool]  0.0.12-9   Yet Another mkInitRD

Versions of packages linux-image-2.6.16-1-xen-686 recommends:
pn  libc6-i686none (no description available)

- -- no debconf information

- -- 
Clément Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf
Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEcXZ90yQ2guvROZ0RAl3NAJ9pZpFpCRuU7d9k/zh9CC8IRqBIfgCgnTik
WRv0hEzhaI8n6w7Z85r+rJo=
=65eR
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files

2006-05-22 Thread Clement Hermann (nodens) 

maximilian attems wrote:

On Mon, May 22, 2006 at 10:29:49AM +0200, Clement Hermann (nodens) wrote:

Package: linux-image-2.6.16-1-xen-686
Version: 2.6.16-12
Severity: grave
Justification: renders package unusable


severity seems exagerated,
as packages are work under progress.
xen is far from stable itself ;)


Well, I suppose the gravity could be downgraded as you can generate a 
initramfs image with initramfs-tools (didn't know this one, I mainly use 
yaird). However, lacks of config and System.map are IMO a grave problem.


The other problems I report are mainly here for the records, I don't 
exactly need doc etc (I used to compile a xen kernel myself before this 
package was uploaded) but I think they are needed before this package 
hits testing. I don't think the kernel team (or Bastian ?) needs help on 
this, however I should be able to provide a patch if necessary.



you may want to read the nice summary posted on planet.debian.org:
http://blog.andrew.net.au/2006/05/07#xen1


Very nice summary indeed. I didn't noticed it (hard to find in google, 
as most planet debian blog posts), but I'll point newcomers to it the 
next time I'm asked how to do xen in debian :)


Regards,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#368436: linux-image-2.6.16-1-xen-686: Package is missing fundamental files

2006-05-22 Thread Clement Hermann (nodens) 

Bastian Blank wrote:

severity 368436 normal
thanks

On Mon, May 22, 2006 at 10:29:49AM +0200, Clement Hermann (nodens) wrote:

Package: linux-image-2.6.16-1-xen-686
Version: 2.6.16-12
Severity: grave
Justification: renders package unusable


Pardon, the package works.


Only if you can build an initramfs of some sort to boot your kernel.
Yaird needs a config.version file to build one.

Assuming there is a way to build an initramfs image with initramfs-tools 
(thanks goes to Maximilian for pointing this), I agree (and thus don't 
have any objection to the severity downgrade). However, The lack of 
config.version and System.map is a major problem, please don't overlook it.


I'm glad there is work in progress to integrate xen in the Debian kernels. 
However, the current -xen kernels are mostly unusable :

- no System.map
- no config.version (that means no initrd)
- no (post|pre)(inst|rm) (this is not a real problem, at least, an 
informative message
should warn the user about the lack of boot loader / initramfs automatic 
configuration, and point him
to some doc)
- no doc (the doc should give a clue on how to configure grub, that is, load the hypervisor as a 
kernel and then kernel and initrd as modules, or at least a link to xen-source.com)


This don't make the included files broken.


You're right. But the package is still broken :)

Anyway, the important thing is that these informations are now where 
people can find them, that is, in the BTS.


Regards,

--
Clément Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#366252: xen-tools: hdan vs sdan

2006-05-20 Thread Clement Hermann (nodens) 

Steve Kemp wrote:


  OK.  I'll upload after waiting for verification from Clement.



Please go ahead, Steve. The problem is fixed :)

Thanks !

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#366252: xen-tools: hdan vs sdan

2006-05-19 Thread Clement Hermann (nodens) 

Radu Spineanu wrote:

It should be fixed in CVS now.

Does it account for the submitter's bug report, and has the reported
behaviour now stopped?



I hope the submitter has a little time to test the CVS version so he can
confirm it, but i am confident the bug is fixed.

Steve, can you please hold the upload until Clement confirms that
everything is ok ?



I should be able to test it this week-end.

--
Clément 'nodens' Hermann
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#323668: Still some problems when building a xen kernel on amd64

2006-04-22 Thread Clement Hermann (nodens) 

Hi,

I noticed that kernel_image target works as expected (detect xen usage, 
and the amd64.mk does it job just fine), but the binary_arch target 
seems broken.


When using the default parameters, ARCH=xen is used. When using 
--arch=x86_64, the target used to build the kernel is bzImage instead of 
vmlinux, which fail.


However, I didn't found out why.

Cheers,

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#362229: xserver-xorg-core: xorg search for XKB files in the wrong place

2006-04-12 Thread Clement Hermann (nodens) 

Clément wrote:

However, it might not be the only problem, as a symlink from
/usr/X11R6/lib/X11/xkb to /usr/share/X11/xkb does not resolve the
problem (although the error is no longer due to file anavailability) :

haven:~$ setxkbmap -rules xorg -layout us -model pc105
Error loading new keyboard description


Well this does not work, but restarting X fixes the problem in X, so it 
might not be related after all :)


--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.

Bug#346344: kdelibs-data tries to overwrite `/usr/share/mimelnk/image/x-djvu.desktop'

2006-01-25 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 What version of libdjvulibre15 is this? The libdjvulibre15_3.5.16-2
 in the Debian archive does not contain this file.

this happens with libdjvulibre15 3.5.15-1 on my system.

installing the latest libdjvulibre15 solves the problem.

Regards,

- --
Clément 'nodens' Hermann
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFD16ix0yQ2guvROZ0RAkDfAJ9jSkXDRwATzYGd7EbNihmZisNNaQCfRX81
feajwmqIZ/DQhce3ehpP5hI=
=buos
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#324189: Vlan scripts are buggy

2005-11-29 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I also have this problem (a vlan is never brought down if the interface
is named vlann), on sarge machines. It looks like $IF_VLAN_RAW_DEVICE
is empty.

The problem does not occur on version 1.8-2.

I suggest this bug be tagged sarge.

Attached is the quick (and most probably unclean) workaround I use on
sarge machines.

Regards,
- --
Clément 'nodens' Hermann
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDjDrB0yQ2guvROZ0RAvHoAJ900cbA/eMwbwrJdIBu0xbQAduvzgCfam3E
txV0oDyUPLoRC2fRQQ01Hnw=
=t+N5
-END PGP SIGNATURE-
--- /root/tmp/etc/network/if-post-down.d/vlan   2004-08-19 11:12:22.0 
+0200
+++ if-post-down.d/vlan 2005-11-29 11:59:11.0 +0100
@@ -11,6 +11,10 @@
eth*.*)
IF_VLAN_RAW_DEVICE=`echo $IFACE|sed 
s/\(eth[0-9][0-9]*\)\..*/\1/`
;;
+vlan*)
+   IF_VLAN_RAW_DEVICE=`echo $IFACE|sed s/vlan0*//`
+   ;;
+
*)  exit 0
;;
 esac

Bug#340328: /usr/bin/ld: qemu-i386: Not enough room for program headers (allocated 8, need 9)

2005-11-26 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

This fails under debian as well, since 2.16.1cvs20051109-1.

going back to 2.16.1cvs20050902-1 fixes the problem.

Regards,

- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDiOTP0yQ2guvROZ0RAuhVAJ9R0VYrdjspTahd4LoT/GsRhlPa8ACgl22K
Cpum1LwHm8OOqBe7knCw0IY=
=8Jqp
-END PGP SIGNATURE-

Bug#330222: /etc/sysctl.conf is never read at boot time because procps.sh is never called

2005-09-26 Thread Clement Hermann 
Package: procps
Version: 1:3.2.5-1
Severity: normal

The problem is, update-rc.d does not like '.' in scripts names. So the
update-rc.d called in postinst has no effect. This may
be a bug in update-rc.d, but I suggest you rename procps.sh to procps to
work around this. It would be more consistent with other init
scripts anyway.

Best regards,

--
Clement Hermann (nodens)
- L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages procps depends on:
ii  libc6 2.3.5-3GNU C Library: Shared libraries an
ii  libncurses5   5.4-9  Shared libraries for terminal hand

Versions of packages procps recommends:
ii  psmisc21.6-1 Utilities that use the proc filesy

-- debconf-show failed

Bug#316502: ITP: libsmbios -- Provide access to as much (SM)BIOS information as possible

2005-09-14 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

This looks very interesting. Do you have any package available yet ?

Regards,

- --
Clément 'nodens' Hermann
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDJ+fm0yQ2guvROZ0RAicCAJ0f8qvqL6YexoHLAHc/sWUWrrRf2wCfR8fm
3y5C7UfLC0GRSsla54btgzU=
=A4Xr
-END PGP SIGNATURE-



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#320920: snort: 2.4 upgrade, prelude support

2005-08-25 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Javier Fernández-Sanguino Peña a écrit :
 On Tue, Aug 02, 2005 at 09:08:04AM +0200, Clement 'nodens' Hermann wrote:
 
Package: snort
Severity: wishlist

Hi,

Snort 2.4 is now out. Could you please, when you upgrade to this
version, enable prelude output support (i.e a snort-prelude
package ?)
 
 
 Well, these are two requests and asks for two answers:
 
 1.- I have to sort out how are we going to provide rules since, in
 the next version, rules are no longer in the package and the new license
 prohibits re-distribution. I contacted the Snort upstream maintainers
 a while back with no answer.

I suppose you are aware of that, but I just noticed that there is a set
of GPL rules that could be included in a debian package. Theses rules
are only updated on each major release, but the regular rules could be
fetched using oinkmaster...

The GPL'ed rules can be found here :
http://www.snort.org/pub-bin/downloads.cgi#COMM

Best regards,

- --
Clément 'nodens' Hermann
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDDXMR0yQ2guvROZ0RAoDUAJ9crYGdOpnTiKr952o4EERAodFmSQCeNFCk
Z604hGACC++iOkAPMVqU9Aw=
=m577
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#320920: snort: 2.4 upgrade, prelude support

2005-08-05 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Javier Fernández-Sanguino Peña a écrit :
 Well, these are two requests and asks for two answers:
 
 1.- I have to sort out how are we going to provide rules since, in
 the next version, rules are no longer in the package and the new license
 prohibits re-distribution. I contacted the Snort upstream maintainers
 a while back with no answer.

I wasn't aware of this issue. I hope you can sort this out soon.
Wouldn't a postinst script which download the rules be OK ? Or would it
be against the DFSG ? I think it would not be actually part of the
package that way, but I'm not really expert in this field.


 2.- Snort-prelude would require patching the Snort package since, as
 far as I am aware, it is not in Snort proper but an external patch.
 I'm not sure I want to do that, if you can provide code that implements
 it I might consider it (not the patch, but the changes in how the
 package is built in Debian).
 

Actually, the prelude support was included upstream a few month ago, as
you can see in
http://www.snort.org/docs/release_notes/release_notes_240.txt
and
http://www.prelude-ids.org/rubrique.php3?id_rubrique=13

Regards,

- --
Clément 'nodens' Hermann
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC863C0yQ2guvROZ0RAk66AKCdMOxRscnROfyMmo0jVWwBFU4CYwCgqpvD
rVJWyVeIRu/wrLZKu+9Nbug=
=4Lh3
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#312569: [electricsheep #312569] Fixed?

2005-06-25 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Alexis Sukrieh a écrit :
 tags 312569 + moreinfo
 thanks
 
 Please could you reproduce that bug with the new package we uploaded? 
 Unstable now provides 2.6.2.
 
 I'm looking forward to your comments, in order to close that bug if it's
 not reproducible with the new upstream release.
 

I could not reproduce this bug with the last version. Thanks for
upgrading :)

best regards,

- --
Clement Hermann (nodens)
- - L'air pur ? c'est pas en RL, ça ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCvdHV0yQ2guvROZ0RAgq0AJoDuJvNwjXgSKnmwZPMMvgM5CSFswCfcf2x
EZRgOFWuet/uetAFE9bIiTU=
=+UVO
-END PGP SIGNATURE-

Bug#314579: Acknowledgement (last libgoffice-1 version breaks excel files support in gnumeric)

2005-06-17 Thread Clement Hermann (nodens) 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

severity 314579 normal
thanks

Ok, I'm downgrading this bug, because I was mistaken.

The last version of gnumeric does not have this problem.

However, could you please change the soname when the ABI change ?
It would prevent such problems.

Best regards,

- --
Clment 'nodens' Hermann
- - L'air pur ? c'est pas en RL, a ? c'est pas hors charte ?
Jean in L'Histoire des Pingouins, http://tnemeth.free.fr/fmbl/linuxsf/

Vous trouverez ma clef publique sur le serveur public pgp.mit.edu.
Please find my public key on the public keyserver pgp.mit.edu.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCso6l0yQ2guvROZ0RAoR9AKCjD2WnPEL53duiLEKfTpcWt98xfQCcDKSQ
fQRewGJOYxJJB/AjvsNK2eA=
=hBZl
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#312569: electricsheep prevent any X client to connect when launched from xscreensaver

2005-06-08 Thread Clement Hermann 
Package: electricsheep
Version: 2.5-2
Severity: grave
Justification: renders package unusable

Hi,

When launching electricsheep from xscreensaver, Xlib will refuse any connection 
to the X server until xscreensaver is killed.

Removing electricsheep resolve the problem.

I'm not sure wether this bug is a electricsheep or xscreensaver one, but 
anyway, electricsheep is currently unusable (bug #309852).

Could you please consider upgrading this package ?

Best regards,

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages electricsheep depends on:
ii  curl 7.13.2-2Get a file from an HTTP, HTTPS, FT
ii  debconf  1.4.49  Debian configuration management sy
ii  libc62.3.5-1 GNU C Library: Shared libraries an
ii  libexpat11.95.8-3XML parsing C library - runtime li
ii  libice6  4.3.0.dfsg.1-13 Inter-Client Exchange library
ii  libjpeg-progs6b-10   Programs for manipulating JPEG fil
ii  libjpeg626b-10   The Independent JPEG Group's JPEG 
ii  libpng12-0   1.2.8rel-1  PNG library - runtime
ii  libsm6   4.3.0.dfsg.1-13 X Window System Session Management
ii  libx11-6 4.3.0.dfsg.1-13 X Window System protocol client li
ii  libxext6 4.3.0.dfsg.1-13 X Window System miscellaneous exte
ii  libxv1   4.3.0.dfsg.1-13 X Window System video extension li
ii  xlibs4.3.0.dfsg.1-13 X Keyboard Extension (XKB) configu
ii  xloadimage   4.1-14.2Graphics file viewer under X11
ii  zlib1g   1:1.2.2-4   compression library - runtime

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#310781: makejail does not preserve attributes

2005-05-25 Thread Clement Hermann 
Package: makejail
Version: 0.0.5-5
Severity: normal

Hi,

I just used makejail to setup a chrooted apache2 (actually, apache2 is chrooted
using mod_chroot, but makejail was used to provide some files into the
chroot).  It works well, but makejail won't respect attributes used on the
chrooted file. For instance, I need to copy the suexec2 into the chroot, and it
needs to be setuid root. This is bad in a chroot, but suexec is fairly secure,
and I need to run php scripts with a different uid/gid for each vhost.
However, makejail won't keep the suid bit.

After a quick look to the code, it seems like ACL or extended attributes
wouldn't be reproduced either (I'm not a python coder myself, so I may be
wrong).

Maybe it would make sense to use cp -a to copy the file, relying then on
coreutil to preserve every file attribute ?

Best regards,


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages makejail depends on:
pn  binstats Not found.
ii  coreutils 5.2.1-2The GNU core utilities
ii  psmisc21.6-1 Utilities that use the proc filesy
ii  python2.3.5-2An interactive high-level object-o
ii  strace4.5.11-1   A system call tracer

-- 
Clément nodens Hermann

Bug#302125: php4: move xmlrpc extension to seperate package

2005-04-08 Thread clement . hermann 
Hi,

As I need this, too, here is a (simple) patch.

I'm not 100% sure everything is right - especially dependancies; but it seems OK
here.

Best regards,

--
Clement nodens Hermann

  1   2   >