Bug#1065696: Fwd: E: unsupported command: poweroff.no-molly-guard
On 2024-03-08 at 22:26:25, Helmut Grohne (hel...@subdivi.de) wrote: > Yes, I think this is a duplicate of #1059691. Could you give feedback on > the contained patch? Indeed, it does look like the same thing. I'm sorry I missed the original bug and never saw your patch. It looks good to me. I agree it feels like adding another layer of duct tape, but hopefully we can clean that up later once we no longer have to support usr-not-merged. I'm going to go ahead and upload to unstable. Many thanks for the patch. Francois -- https://fmarier.org/
Bug#1065696: Fwd: E: unsupported command: poweroff.no-molly-guard
Hi Helmut, This looks like an unexpected edge case from the recent usr-merge changes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065696 It sounds like a system using sysvinit, instead of systemd, which was recently upgraded using usrmerge. Francois -- https://fmarier.org/
Bug#1033306: The tor package in stable will soon become unusable
I received the email below from the Tor team. The package that's currently in stable should be updated ASAP since it's going to stop working very soon. I will be switching temporarily to the package in backports, but IMO an update should be pushed to bookworm either via the security repo, or failing that as a stable update. Francois -- Hi, You are running a bunch of Tor relays, which is great. However, that relays' Tor version is obsolete, and because of old bugs, we will soon cut relays and bridges running that version out of the network. Please consider upgrading ASAP! You can find Tor packages and instructions for your distro / OS here: https://community.torproject.org/relay/setup/guard/ If you need help upgrading your relay, please use the Tor Forum: https://forum.torproject.org/c/support/relay-operator/17 ::Stay Connected with the Tor Community:: - Join our Monthly Tor relay operators meetups: https://forum.torproject.org/t/tor-relays-next-tor-relay-operator-meetup-march-2nd-2024-19-00-utc/11568 - Subscribe to the Tor relays mailing list: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Thanks, Gus -- The Tor Project Community Team Lead
Bug#966218: Warning about the work-around listed here
A warning to anybody considering to use the suggested work-around. Based on the information suggested in this bug, I put the following in `/etc/modprobe.d/local.conf` on my laptop: options iwlwifi enable_ini=0 in order to suppress the "failed to load iwl-debug-yoyo.bin (-2)" log message. Versions 66 and above of the iwlwifi-ty-a0-gf-a0 firmware would refuse to load with these error messages: [ 18.222536] iwlwifi :aa:00.0: api flags index 2 larger than supported by driver [ 18.222549] iwlwifi :aa:00.0: TLV_FW_FSEQ_VERSION: FSEQ Version: 0.0.2.36 [ 18.222921] iwlwifi :aa:00.0: loaded firmware version 72.a764baac.0 ty-a0-gf-a0-72.ucode op_mode iwlmvm [ 18.375105] iwlwifi :aa:00.0: Detected Intel(R) Wi-Fi 6 AX210 160MHz, REV=0x420 ... [ 19.395451] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 19.395569] iwlwifi :aa:00.0: Loaded firmware version: 72.a764baac.0 ty-a0-gf-a0-72.ucode [ 19.395570] iwlwifi :aa:00.0: 0x | ADVANCED_SYSASSERT [ 19.395572] iwlwifi :aa:00.0: 0x | trm_hw_status0 [ 19.395573] iwlwifi :aa:00.0: 0x | trm_hw_status1 [ 19.395573] iwlwifi :aa:00.0: 0x | branchlink2 [ 19.395574] iwlwifi :aa:00.0: 0x | interruptlink1 [ 19.395575] iwlwifi :aa:00.0: 0x | interruptlink2 ... [ 19.395846] iwlwifi :aa:00.0: Failed to start RT ucode: -110 [ 19.395848] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 20.873263] iwlwifi :aa:00.0: Failed to run INIT ucode: -110 [ 20.886268] iwlwifi :aa:00.0: retry init count 0 [ 20.907324] iwlwifi :aa:00.0: Detected Intel(R) Wi-Fi 6 AX210 160MHz, REV=0x420 ... [ 21.951601] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 21.951753] iwlwifi :aa:00.0: Loaded firmware version: 72.a764baac.0 ty-a0-gf-a0-72.ucode [ 21.951754] iwlwifi :aa:00.0: 0x | ADVANCED_SYSASSERT [ 21.951756] iwlwifi :aa:00.0: 0x | trm_hw_status0 [ 21.951757] iwlwifi :aa:00.0: 0x | trm_hw_status1 [ 21.951758] iwlwifi :aa:00.0: 0x | branchlink2 [ 21.951759] iwlwifi :aa:00.0: 0x | interruptlink1 [ 21.951760] iwlwifi :aa:00.0: 0x | interruptlink2 ... [ 21.952064] iwlwifi :aa:00.0: Failed to start RT ucode: -110 [ 21.952066] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 23.529800] iwlwifi :aa:00.0: Failed to run INIT ucode: -110 [ 23.542843] iwlwifi :aa:00.0: retry init count 1 [ 23.555687] iwlwifi :aa:00.0: Detected Intel(R) Wi-Fi 6 AX210 160MHz, REV=0x420 ... [ 24.575479] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 24.575586] iwlwifi :aa:00.0: Loaded firmware version: 72.a764baac.0 ty-a0-gf-a0-72.ucode [ 24.575588] iwlwifi :aa:00.0: 0x | ADVANCED_SYSASSERT [ 24.575589] iwlwifi :aa:00.0: 0x | trm_hw_status0 [ 24.575590] iwlwifi :aa:00.0: 0x | trm_hw_status1 [ 24.575590] iwlwifi :aa:00.0: 0x | branchlink2 [ 24.575591] iwlwifi :aa:00.0: 0x | interruptlink1 [ 24.575592] iwlwifi :aa:00.0: 0x | interruptlink2 ... [ 24.575879] iwlwifi :aa:00.0: Failed to start RT ucode: -110 [ 24.575880] iwlwifi :aa:00.0: WRT: Collecting data: ini trigger 13 fired (delay=0ms). [ 26.049956] iwlwifi :aa:00.0: Failed to run INIT ucode: -110 [ 26.063392] iwlwifi :aa:00.0: retry init count 2 Versions 63 and below of the firmware would load just fine with "enable_ini=0" which suggests to me that this version of the firmware would simply ignore it. Much worse, versions 74 or newer of the firmware would lock up and require a full power off (unplugged from power) to successfully load a firmware again (even 63 or below). Hopefully this comment will save someone some troubleshooting time. My solution is simple: ignore the "failed to load iwl-debug-yoyo.bin (-2)" for now. Francois -- https://fmarier.org/
Bug#1062046: [hel...@subdivi.de: Bug#1062046: libfko3t64 has an undeclared file conflict]
Looks like there's a missing conflict in the package that was just uploaded to experimentatl. - Message transféré de Helmut Grohne - Package: libfko3t64 Version: 2.6.10-20.1~exp1 Severity: serious User: debian...@lists.debian.org Usertags: fileconflict Control: affects -1 + libfko3 X-Debbugs-Cc: Lukas Märdian , vor...@debian.org libfko3t64 has an undeclared file conflict. This may result in an unpack error from dpkg. The files * /usr/lib/x86_64-linux-gnu/libfko.so.3 * /usr/lib/x86_64-linux-gnu/libfko.so.3.0.0 are contained in the packages * libfko3 * 2.6.10-12 as present in bullseye * 2.6.10-16 as present in bookworm * 2.6.10-20+b2 as present in trixie|unstable * libfko3t64/2.6.10-20.1~exp1 as present in experimental These packages can be unpacked concurrently, because there is no relevant Replaces or Conflicts relation. Attempting to unpack these packages concurrently results in an unpack error from dpkg, because none of the packages installs a diversion for the affected files. Kind regards The Debian Usr Merge Analysis Tool This bug report has been automatically filed with no human intervention. The source code is available at https://salsa.debian.org/helmutg/dumat. If the filing is unclear or in error, don't hesitate to contact hel...@subdivi.de for assistance. - Fin du message transféré -
Bug#1061958: fwknop: NMU diff for 64-bit time_t transition
On 2024-01-30 at 05:48:11, Lukas Märdian (sl...@debian.org) wrote: > If you have any concerns about this patch, please reach out ASAP. Although > this package will be uploaded to experimental immediately, there will be a > period of several days before we begin uploads to unstable; so if information > becomes available that your package should not be included in the transition, > there is time for us to amend the planned uploads. No objections from me. If you'd like to create a merge request on https://salsa.debian.org/debian/fwknop, then I can merge and then you can upload to unstable at your convenience. Francois signature.asc Description: PGP signature
Bug#1061592: cryptsetup: Password prompt during boot echoes characters to the screen in plaintext
Package: cryptsetup Version: 2:2.6.1-6+b1 Severity: normal On my machine, if I ESC out of the plymouth password prompt (which does hide the characters I type), I get the a text-mode prompt ("Please unlock disk nvme0n1p4_crypt") which echoes to the screen the characters I type. Then it repeats the prompt with asterisks. So it looks like this: Please unlock disk nvme0n1p4_crypt: SooperSekretPassword1!@ Please unlock disk nvme0n1p4_crypt: *** which isn't great because anybody looking over my shoulder can see it, or anybody who Ctrl+F1 into the console later on and then scrolls back up. Francois -- Package-specific info: -- /proc/cmdline BOOT_IMAGE=/vmlinuz-6.6.13-amd64 root=UUID=4d44aae6-2235-47f2-9de5-595ed5cd4a4c ro rootflags=subvol=@rootfs mem_sleep_default=deep module_blacklist=hid_sensor_hub memtest=1 quiet splash -- /etc/crypttab nvme0n1p3_crypt /dev/nvme0n1p3 /dev/urandom cipher=aes-xts-plain64,size=256,swap,discard nvme0n1p4_crypt UUID=29be86f7-f2fe-412f-afd8-5740f70f5a2e none luks,discard -- /etc/fstab # /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # systemd generates mount units based on this file, see systemd.mount(5). # Please run 'systemctl daemon-reload' after making changes here. # # /dev/mapper/nvme0n1p4_crypt / btrfs noatime,nodiratime,subvol=@rootfs 0 0 # /boot was on /dev/nvme0n1p2 during installation UUID=7543aee2-af70-44da-bae2-4f059801f08d /boot ext4 ro,noatime,nodiratime,nodev,nosuid,noexec 0 2 # /boot/efi was on /dev/nvme0n1p1 during installation UUID=0B84-3C60 /boot/efi vfatro,nodev,nosuid,noexec,umask=0077 0 1 /dev/mapper/nvme0n1p3_crypt noneswapsw 0 0 # Harden pid directories from normal users proc/proc prochidepid=2 0 0 # Safe tmp directory tmpfs /tmptmpfs size=8G,noexec,nosuid,nodev 0 0 # Removable storage /dev/sr0/media/cdromudf,iso9660 user,noauto,nodev,nosuid 0 0 /dev/sdb1 /media/usbdisk autouser,noauto,nodev,nosuid,noexec 0 0 -- lsmod Module Size Used by snd_seq_dummy 12288 0 snd_hrtimer12288 1 snd_seq 114688 7 snd_seq_dummy snd_seq_device 16384 1 snd_seq nfnetlink_queue32768 1 xt_comment 12288 0 xt_NFQUEUE 12288 1 xt_MASQUERADE 16384 2 xt_mark12288 0 nft_chain_nat 12288 2 nf_nat 65536 2 nft_chain_nat,xt_MASQUERADE tun69632 2 ip6t_frag 16384 1 ip6t_REJECT12288 2 nf_reject_ipv6 20480 1 ip6t_REJECT xt_LOG 16384 2 nf_log_syslog 24576 2 ipt_REJECT 12288 1 nf_reject_ipv4 16384 1 ipt_REJECT xt_tcpudp 16384 0 xt_conntrack 12288 4 nf_conntrack 212992 3 xt_conntrack,nf_nat,xt_MASQUERADE nf_defrag_ipv6 24576 1 nf_conntrack nf_defrag_ipv4 12288 1 nf_conntrack nft_compat 20480 13 nf_tables 372736 479 nft_compat,nft_chain_nat qrtr 57344 4 chaoskey 20480 0 sg 45056 0 uvcvideo 147456 0 videobuf2_vmalloc 20480 1 uvcvideo uvc12288 1 uvcvideo videobuf2_memops 16384 1 videobuf2_vmalloc videobuf2_v4l2 36864 1 uvcvideo videodev 368640 2 videobuf2_v4l2,uvcvideo videobuf2_common 77824 4 videobuf2_vmalloc,videobuf2_v4l2,uvcvideo,videobuf2_memops mc 94208 4 videodev,videobuf2_v4l2,uvcvideo,videobuf2_common binfmt_misc28672 1 nls_ascii 12288 1 nls_cp437 16384 1 vfat 20480 1 fat 102400 1 vfat snd_sof_pci_intel_tgl12288 0 iwlmvm589824 0 snd_sof_intel_hda_common 217088 1 snd_sof_pci_intel_tgl soundwire_intel73728 1 snd_sof_intel_hda_common soundwire_generic_allocation12288 1 soundwire_intel snd_sof_intel_hda_mlink40960 2 soundwire_intel,snd_sof_intel_hda_common soundwire_cadence 45056 1 soundwire_intel mac80211 1392640 1 iwlmvm snd_sof_intel_hda 24576 1 snd_sof_intel_hda_common snd_sof_pci24576 2 snd_sof_intel_hda_common,snd_sof_pci_intel_tgl snd_sof_xtensa_dsp 16384 1 snd_sof_intel_hda_common snd_sof 360448 3 snd_sof_pci,snd_sof_intel_hda_common,snd_sof_intel_hda ext4 1134592 1 snd_sof_utils 16384 1 snd_sof snd_soc_hdac_hda 28672 1 snd_sof_intel_hda_common
Bug#1059781: xwayland: Xwayland.desktop is broken: it contains Type=Application, but no Exec key/value pair.
Package: xwayland Version: 2:23.2.3-1 Severity: normal Whenever I start dmenu, I get the following message in my logs: File /usr/share/applications/org.freedesktop.Xwayland.desktop is broken: it contains Type=Application, but no Exec key/value pair. at /usr/bin/i3-dmenu-desktop line 256. Francois -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.6.8-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages xwayland depends on: ii libc6 2.37-13 ii libdecor-0-00.2.1-1 ii libdrm2 2.4.117-1 ii libepoxy0 1.5.10-1 ii libgbm1 23.3.1-4 ii libgcrypt20 1.10.3-2 ii libgl1 1.7.0-1 ii libpixman-1-0 0.42.2-1 ii libtirpc3 1.3.4+ds-1 ii libwayland-client0 1.22.0-2.1 ii libxau6 1:1.0.9-1 ii libxcvt00.1.2-1 ii libxdmcp6 1:1.1.2-3 ii libxfont2 1:2.0.6-1 ii libxshmfence1 1.3-1 ii xserver-common 2:21.1.10-1 xwayland recommends no packages. xwayland suggests no packages. -- no debconf information
Bug#1056279: Bug#1057220: Looks like the systemctl links are gone but not the pm-utils ones
Thank you Helmut and Chris for the helpful discussion. I have finally found some time to review your comments and the proposed molly-guard patches. While I'm still not 100% confident I understand the problem (and the fix), the solution you have settled on makes sense to me. With respect to the presence of the real commands in the path, I'm not too worried about it personally. I do agree it's unfortunate and it would be great if we could do this reliably without putting the diverted binary within easy reach, but at the end of the day, molly-guard will never catch all possible mistakes. As Helmut pointed out, it's already missing some cases (and it's always been possible to "init 6" as well), but I think it still provides a useful service if it catches the most common cases of accidental reboots. I had a similar dilemma for another package I maintain (safe-rm) and I've decided there to focus on the most common cases again to reduce complexity, and improve reliability. I will leave this for a few days in case others like Simó want to also chime in, but otherwise I am planning to upload to experimental this week and then unstable a few days later. Again many thanks for all of the work that has gone into solving this thorny problem. Francois
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 20:28:44, Jörg Frings-Fürst (debian@jff.email) wrote: > I did not search for Vulnerabilities. However, I am of the opinion that using > rkhunter in its current form is equivalent to using a 6 year old virus scanner > and therefore involves an increased security risk. Ideally I agree that it would be great if more signatures could be added so that new threats could be detected. I don't see any indication that of vulnerabilities in this software however. Lack of new upstream development is not necessarily an indication that the software is unsafe. Francois -- https://fmarier.org/
Bug#1057470: Outdated rkhunter since 2018-02
On 2023-12-05 at 07:07:23, Jörg Frings-Fürst (debian@jff.email) wrote: > I noticed that the program and the data available on the internet are from > 2018-02. > So almost 6 years old data suggests a non-existent security. Hi Jörg, are you aware of security vulnerabilities in rkhunter or you are simply guessing that it might contain security vulnerabilities? As far as I am aware, rkhunter is not under active development anymore, but it also doesn't have any known vulnerabilities. Francois -- https://fmarier.org/
Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones
On 2023-11-27 at 03:54:16, Helmut Grohne (hel...@subdivi.de) wrote: > I don't have time to update the patch right now. Let me promise an update > this week, ok? Hi Helmut, My apologies for not responding earlier, but this is a rather thorny problem to solve and I have not had the mental "bandwidth" to dig into this yet. I wanted however to express my sincere appreciation for all of the work you have put into both understanding this problem and coming up with a solution. Francois
Bug#1056279: Looks like the systemctl links are gone but not the pm-utils ones
CCing Helmut who wrote the initial patch for systemd 255+ support (see Bug#1055510). I also see the same thing: $ ls -lh /usr/lib/molly-guard/ Permissions Size User Group Date Modified Name .rwxr-xr-x 3,4k root root 11 nov 14:02 molly-guard* lrwxrwxrwx31 root root 14 nov 2019 pm-hibernate -> /usr/lib/pm-utils/bin/pm-action* lrwxrwxrwx31 root root 14 nov 2019 pm-suspend -> /usr/lib/pm-utils/bin/pm-action* lrwxrwxrwx31 root root 14 nov 2019 pm-suspend-hybrid -> /usr/lib/pm-utils/bin/pm-action* $ sudo reboot --help E: not a regular file: /usr/lib/molly-guard/reboot I'm also a little confused by the diverts. Perhaps something changed in systemd (which owns the ultimate underlying symlinks)? Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
On 2023-11-10 at 02:45:14, Helmut Grohne (hel...@subdivi.de) wrote: > Thank you. The package built and dumat has imported it. I locally forked > its analysis database pretending that systemd would not declare a > conflict for molly-guard and reran it on that database. It does not > report any issues for molly-guard 0.8. I also checked the underlying > database and see that it recognizes the duplicated diversions there. Thanks for all of the help Helmut! I have uploaded 0.8.1 to unstable. Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
On 2023-11-08 at 21:15:58, Helmut Grohne (hel...@subdivi.de) wrote: > Thank you. I suggest going via experimental first. I've just uploaded to experimental. If there are any tests you can easily run there, please do so. I've upgraded in unstable from the current version to 0.8 without problems, so that should in theory work when I eventually upload to unstable. Francois -- https://fmarier.org/
Bug#1055670: fwknop-server: must Depends: apparmor-profiles-extra
> The latest update breaks apparmor for the whole system. > > /etc/apparmor.d/usr.sbin.fwknopd: > include > > This must declare Depends: apparmor-profiles-extra. > > Otherwise the apparmor service can't parse the file and will refuse to start. Ah, that's annoying. I don't think I'll want to make fwknop-server require apparmor. I guess this means I need to reintroduce the fwknop-apparmor package. Thanks for flagging this. Francois -- https://fmarier.org/
Bug#1055510: Best way to coordinate this fix
If anybody would like to double-check (or test) the package I've prepared, it's in salsa right now. Francois
Bug#1055510: Best way to coordinate this fix
Hi Luca, What's the best way to coordinate a fix for this? I assume that we shouldn't upload a new molly-guard packages until the files have actually moved in the systemd package? Should we wait until systemd is in unstable to push a new molly-guard out? Francois -- https://fmarier.org/
Bug#1052115: Workrave 1.10.52 ready for GNOME 45
I've just uploaded workrave 1.10.52 which is ready for GNOME 45, but I've not yet enabled that support since support for GNOME 44 and 45 are mutually exclusive. Francois -- https://fmarier.org/
Bug#1051896: rkhunter: CVE-2023-4413
On 2023-09-13 at 14:15:53, Moritz Mühlenhoff (j...@inutil.org) wrote: > https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7 My summary of this is: it's possible to figure out what files/ports/etc. rkhunter is looking for by looking at the log file. That log file is: -rw-r- 1 root adm 502K 13 sep 07:41 rkhunter.log and on my machine that means only root and logcheck can see it: $ grep adm /etc/group adm:x:4:logcheck Of course, it's also possible to find out what files/ports/etc. rkhunter is looking for by looking in /usr/share/rkhunter/scripts/ or looking at the source code (https://sourceforge.net/p/rkhunter/rkh_code/ci/develop/tree/files/). So am I missing something here or is this simply not relevant given the rkhunter threat model of being an Open Source tool with a public database? Francois
Bug#1041374: fwknop-client: Cannot resolve own IP address
Sorry for the long delay Patrick. On 2023-07-18 at 00:26:18, pa...@mailbox.org (pa...@mailbox.org) wrote: > currently it is not possible to create a SPA packet without configuring a > RESOLVE_URL in .fwknoprc file. The error message is: > > [-] Could not resolve IP via: '/usr/bin/wget -U Fwknop/2.6.10 > --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip' I also noticed this on one of my machines. > I expect this to be an upstream problem – but I'm not 100% sure :-) Yes, I would say so. It would be good if the fallback could cases like these, though maybe it's not easy to do, I'm not sure. Would you like to suggest this upstream (https://github.com/mrash/fwknop/issues), or would you prefer I do it? The only somewhat related issue I could find is https://github.com/mrash/fwknop/issues/168 (from 8 years ago). Francois -- https://fmarier.org/
Bug#1050303: extension no longer works with Gnome 44
On 2023-08-22 at 14:31:31, Sébastien Villemot (sebast...@debian.org) wrote: > Actually I reported this problem in the Debian BTS because I was not > 100% > sure that this is an upstream issue (the error message is actually > compatible > with a missing file in the .deb). You're right. It turns out the reason why that 2.0 typelib file was missing is that it requires that GTK4 support be enabled: https://github.com/rcaelers/workrave/commit/5fe6e9c0060cae3a4bf1210c92c26b01022ddb1e#diff-67b94d110f4fed7b4a0ea8d4f780209ebbf5b69010701e5e3c646f641c730425 and there was a missing build dependency preventing the GTK4 support from being built. Francois
Bug#1050303: extension no longer works with Gnome 44
Bonjours Sébastien, It does look like a different error message indeed. Are you happy to also report this new problem upstream, or would you prefer I forward your email to upstream's GitHub issue tracker myself? Francois On 2023-08-22 at 12:35:24, Sébastien Villemot (sebast...@debian.org) wrote: > Package: workrave-gnome > Version: 1.10.51.1-2 > Severity: normal > > Dear Maintainer, > > After upgrading to gnome-shell 44, the extension no longer works. > > In the Extensions application, I am unable to activate the extension, and the > following message is displayed: > > Requiring Workrave, version 2.0: Typelib file for namespace 'Workrave', > version '2.0' not found > > Note that this seems to be a different issue than the following upstream one: > https://github.com/rcaelers/workrave/issues/487 > > Thanks for your work, > > -- > ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot > ⣾⠁⢠⠒⠀⣿⡁ Debian Developer > ⢿⡄⠘⠷⠚⠋⠀ https://sebastien.villemot.name > ⠈⠳⣄ https://www.debian.org
Bug#1043003: RFP: node-socket-cli -- CLI tool for Socket.dev
Package: wnpp Severity: wishlist * Package name: node-socket-cli Version : 0.7.1 Upstream Contact: Socket (https://github.com/SocketDev/) * URL : https://github.com/SocketDev/socket-cli-js * License : MIT Programming Lang: JavaScript Description : CLI tool for Socket.dev This tool can be used to pull useful security information out of the socket.dev (proprietary) service, but more interestingly, it can also be used as a safety wrapper around the npm: https://socket.dev/blog/introducing-safe-npm
Bug#1038207: 6.4 is now the default kernel
I just hit this bug upgrading the kernel package in unstable. The patch worked for me as well. It would be good to get that uploaded as soon as possible since it's going to affect lots of people now that 6.4 is the default. Francois
Bug#1038431: FAILED: was not updated because protocol is not supported.
Package: ddclient Version: 3.10.0-2 Severity: normal Since upgrading to bookworm (from bullseye), I see these failures in my logs: ddclient[1081]: FAILED:was not updated because protocol is not supported. This is what my /etc/ddclient.conf contains: ssl=yes protocol=noip use=web, web=https://ip-address-reflector.example/ server=dynupdate.no-ip.com login=username password='...' hostname.dyn.domain.example I thought the systemd unit file was having problems reading the config file in /etc/: -rw--- 1 root root 268 Feb 14 2022 ddclient.conf and so I added this in /lib/systemd/system/ddclient.service: [Service] User=root but it didn't seem to do anything. Francois -- https://fmarier.org/
Bug#1037163: workrave-gnome: Incompatible with GNOME Shell 44
On 2023-06-06 at 11:33:17, Jeremy Bícha (jeremy.bi...@canonical.com) wrote: > If this bug is still not fixed, workrave will need to be removed from > Debian Testing when the Debian GNOME team performs the GNOME Shell 44 > transition which could happen as early as next month. A workaround is > to temporarily stop building the workrave-gnome binary package from > the workrave source. Looks like upstream has a fix: https://github.com/rcaelers/workrave/commit/5fe6e9c0060cae3a4bf1210c92c26b01022ddb1e I'll wait a bit to see if a new upstream release comes. Francois -- https://fmarier.org/
Bug#1034596: RFP: pdfsizeopt -- PDF file size optimizer
Package: wnpp Severity: wishlist * Package name: pdfsizeopt Version : v9 Upstream Contact: Péter Szabó (https://keybase.io/pts) * URL : https://github.com/pts/pdfsizeopt * License : GPL-2.0 Programming Lang: Python Description : PDF file size optimizer pdfsizeopt is a program for converting large PDF files to small ones, without decreasing visual quality or removing interactive features (such as hyperlinks). More specifically, pdfsizeopt is a command-line application and a collection of best practices to optimize the size of PDF files, with focus on PDFs created from TeX and LaTeX documents.
Bug#1034276: unblock: fwknop/2.6.10-16
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: fwk...@packages.debian.org Control: affects -1 + src:fwknop Please unblock package fwknop [ Reason ] The AppArmor profile was incorrectly installed in the systemd system service path: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034055 [ Impact ] I'm not sure whether it would cause any actual problems, but it is likely a policy violation and the bug reporter did file it as an RC bug. [ Tests ] I upgraded to the version I uploaded to unstable yesterday and confirmed that the file is in the new location: $ dpkg -L fwknop-apparmor-profile | grep usr.sbin.fwknopd /usr/share/apparmor/extra-profiles/usr.sbin.fwknopd [ Risks ] Trivial fix. I made it so that the AppArmor profile is not automatically enabled either to avoid changing (i.e. fixing) the behavior compared to what it was in -15. So this should be a no-op in terms of functionality. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock fwknop/2.6.10-16 diff -Nru fwknop-2.6.10/debian/changelog fwknop-2.6.10/debian/changelog --- fwknop-2.6.10/debian/changelog 2023-01-10 21:23:46.0 -0800 +++ fwknop-2.6.10/debian/changelog 2023-04-10 20:52:01.0 -0700 @@ -1,3 +1,12 @@ +fwknop (2.6.10-16) unstable; urgency=high + + * Install apparmor profile in /usr/share/apparmor/extra-profiles/ +instead of the systemd service directory. Note that the profile +will not be used unless manually copied into /etc/apparmor.d/ +(Closes: #1034055). + + -- Francois Marier Mon, 10 Apr 2023 20:52:01 -0700 + fwknop (2.6.10-15) unstable; urgency=medium [ Helmut Grohne ] diff -Nru fwknop-2.6.10/debian/fwknop-apparmor-profile.install fwknop-2.6.10/debian/fwknop-apparmor-profile.install --- fwknop-2.6.10/debian/fwknop-apparmor-profile.install 2023-01-10 21:23:46.0 -0800 +++ fwknop-2.6.10/debian/fwknop-apparmor-profile.install 2023-04-10 20:52:01.0 -0700 @@ -1 +1 @@ -extras/apparmor/usr.sbin.fwknopd /usr/lib/systemd/system/ +extras/apparmor/usr.sbin.fwknopd /usr/share/apparmor/extra-profiles/
Bug#1034055: fwknop-apparmor-profile: AppArmor profile installed in systemd system service path
On 2023-04-07 at 07:23:07, Laurent Bigonville (bi...@debian.org) wrote: > It seems that you install the apparmor profile in the path for systemd system > service > > The following change should be reverted: > https://salsa.debian.org/debian/fwknop/-/commit/d3a5aaef39fedc1bb94e26921afbf63f79b31af7 Hm, that does look like a mistake. I don't remember what might have caused me to make that change. I guess the apparmor profile hasn't been in use for a while then. It seems like it's too late in the release process to re-add it in bookworm. Here's what I'm thinking of doing: - move it to /usr/share/apparmor/extra-profiles/ (so it's not turned on by default) for bookworm - move it back to /etc/apparmor.d/ after bookworm Alternatively, I could also not change anything for bookworm since it's not enabled as an AppArmor profile and it will be ignored as a systemd unit file. What do you think? Francois
Bug#1033306: tor: Tor relays running 0.4.5.16 will soon be cut off from the network
Package: tor Version: 0.4.5.16-1 Severity: grave Justification: renders package unusable I received the following email from the Tor Project: Hi, You are running a bunch of Tor relays, which is great: However, those relays' Tor version is obsolete, and because of old bugs, we will soon cut relays and bridges running that version out of the network. Please consider upgrading! You can find Tor packages and instructions for your distro / OS here: https://community.torproject.org/relay/setup/guard/ If you need help upgrading your relays, please use the Tor Forum: https://forum.torproject.net/c/support/relay-operator/17 Let us know if we can do anything to make the process easier. Thanks! Georg They are currently aiming for a cut-off date 4-6 weeks from now. This means that the version of tor that's in bullseye will essentially stop working for most uses. There is already a version in backports that will work fine, but perhaps it's worth also uploading it to stable for the next point release? Francois -- https://fmarier.org/
Bug#1028394: fwknop FTCBFS: builds the perl extension for the build architecture
On 2023-01-10 at 02:44:41, Helmut Grohne (hel...@subdivi.de) wrote: > fwknop fails to cross build from source, because it attempts to build > its perl extension for the build architecture. In order to get the > development files for the host architecture, a dependency on perl-xs-dev > is needed and since there is no dh_auto_foo involved in the perl > extension, the PERL5LIB needs to be set up manually. I'm attaching a > patch for your convenience. Thanks for the patch Helmut. It's much appreciated given how little I know about the Perl ecosystem these days. Francois signature.asc Description: PGP signature
Bug#1021693: Initial packaging
Initial packaging work: https://salsa.debian.org/debian/buskill Discussion with upstream: https://github.com/BusKill/buskill-app/issues/31 Francois -- https://fmarier.org/
Bug#1022940: tiger: diff for NMU version 1:3.2.4~rc1-3.2
Control: tags 1022940 + patch Control: tags 1022940 + pending Dear maintainer, I've prepared an NMU for tiger (versioned as 1:3.2.4~rc1-3.2) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Regards. Francois -- https://fmarier.org/ diff -u tiger-3.2.4~rc1/debian/changelog tiger-3.2.4~rc1/debian/changelog --- tiger-3.2.4~rc1/debian/changelog +++ tiger-3.2.4~rc1/debian/changelog @@ -1,3 +1,10 @@ +tiger (1:3.2.4~rc1-3.2) unstable; urgency=medium + + * Non-maintainer upload. + * debian/rules: add symlink for Linux 6 (Closes: #1022940) + + -- Francois Marier Thu, 27 Oct 2022 21:35:23 -0700 + tiger (1:3.2.4~rc1-3.1) unstable; urgency=medium * Non-maintainer upload. diff -u tiger-3.2.4~rc1/debian/rules tiger-3.2.4~rc1/debian/rules --- tiger-3.2.4~rc1/debian/rules +++ tiger-3.2.4~rc1/debian/rules @@ -60,13 +60,15 @@ # Adjust the permissions of directories that might contain confidential information chmod 0700 debian/tiger/var/lib/tiger/work chmod 0700 debian/tiger/var/log/tiger - # Create symbolic links for Linux versions 3, 4, 5, and default + # Create symbolic links for Linux versions 3, 4, 5, 6 and default [ -e debian/tiger/usr/lib/tiger/systems/Linux/3 ] || \ ln -fs 2 debian/tiger/usr/lib/tiger/systems/Linux/3 [ -e debian/tiger/usr/lib/tiger/systems/Linux/4 ] || \ ln -fs 2 debian/tiger/usr/lib/tiger/systems/Linux/4 [ -e debian/tiger/usr/lib/tiger/systems/Linux/5 ] || \ ln -fs 2 debian/tiger/usr/lib/tiger/systems/Linux/5 + [ -e debian/tiger/usr/lib/tiger/systems/Linux/6 ] || \ + ln -fs 2 debian/tiger/usr/lib/tiger/systems/Linux/6 [ -e debian/tiger/usr/lib/tiger/systems/Linux/default ] || \ ln -fs 2 debian/tiger/usr/lib/tiger/systems/Linux/default # Remove unneeded Makefile files.
Bug#1022940: tiger doesn't support version 6 of the Linux kernel properly
Package: tiger Version: 1:3.2.4~rc1-3.1 Severity: important While there is a `default` symlink in /usr/lib/tiger/systems/Linux/, it doesn't seem to work because I received a very large number of bogus warnings after upgrading to Linux 6: NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket 24455 (raw6 on 24455 interface) is run by root. NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket 28195 (IPv6 on 28195 interface) is run by 1596. NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket 28195 (IPv6 on 28195 interface) is run by 1599. NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket UDP (0t0 on UDP interface) is run by root. NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket raw6 (root on raw6 interface) is run by 1596. NEW: --WARN-- [lin003w] The process `NetworkMa' is listening on socket raw6 (root on raw6 interface) is run by 1599. NEW: --WARN-- [lin003w] The process `apache2' is listening on socket TCP (0t0 on TCP interface) is run by root. NEW: --WARN-- [lin003w] The process `apache2' is listening on socket TCP (0t0 on TCP interface) is run by www-data. NEW: --WARN-- [lin003w] The process `avahi-dae' is listening on socket UDP (0t0 on UDP interface) is run by avahi. NEW: --WARN-- [lin003w] The process `cupsd' is listening on socket TCP (0t0 on TCP interface) is run by root. NEW: --WARN-- [lin003w] The process `dnsmasq' is listening on socket TCP (0t0 on TCP interface) is run by dnsmasq. NEW: --WARN-- [lin003w] The process `dnsmasq' is listening on socket UDP (0t0 on UDP interface) is run by dnsmasq. ... The fix is to create a symlink for version 6 of the kernel explicitly: cd /usr/lib/tiger/systems/Linux/ sudo ln -s 5 6 Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-1-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tiger depends on: ii binutils 2.39-8 ii bsdutils 1:2.38.1-1.1+b1 ii debconf [debconf-2.0] 1.5.79 ii debianutils5.7-0.3 ii libc6 2.35-3 ii lsb-release12.0-1 ii net-tools 1.60+git20181103.0eebece-1 ii ucf3.0043 Versions of packages tiger recommends: ii chkrootkit 0.55-4+b2 pn john ii postfix [mail-transport-agent] 3.7.3-2 pn tripwire | aide Versions of packages tiger suggests: ii lsof 4.95.0-1 ii lynis 3.0.8-1.1 -- Configuration Files: /etc/cron.d/tiger [Errno 13] Permission non accordée: '/etc/cron.d/tiger' -- debconf information: * tiger/mail_rcpt: root * tiger/policy_adapt: -- https://fmarier.org/
Bug#1021693: RFP: buskill -- app for arming/disarming/configuring the BusKill laptop kill cord
Package: wnpp Severity: wishlist * Package name: buskill Version : 0.5.0 Upstream Author : Michael Altfield * URL : https://github.com/BusKill/buskill-app * License : GPL-3.0 Programming Lang: Python Description : app for arming/disarming/configuring the BusKill laptop kill cord BusKill is a laptop kill cord that can trigger your computer to lock or shutdown when it's physically separated from you.
Bug#976626: Similar package
On 2022-10-01 at 09:57:35, Antoine Beaupré (anar...@debian.org) wrote: > Yeah, so tldr is similar, but cheat has a number of improvements, from > my perspective. Thanks for those details. I had not looked into cheat all that much, but now I'm curious to check it out! Francois -- https://fmarier.org/
Bug#1020590: tiger: diff for NMU version 1:3.2.4~rc1-3.1
Package: tiger Version: 1:3.2.4~rc1-3 Severity: normal Tags: patch Dear maintainer, I've prepared an NMU for tiger (versioned as 1:3.2.4~rc1-3.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. It consists of a single fix for bug #987512. Attached is the debdiff. Regards. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.0-1-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tiger depends on: ii binutils 2.38.90.20220713-2 ii bsdutils 1:2.38.1-1 ii debconf [debconf-2.0] 1.5.79 ii debianutils5.7-0.3 ii libc6 2.35-1 ii lsb-release11.4 ii net-tools 1.60+git20181103.0eebece-1 ii ucf3.0043 Versions of packages tiger recommends: ii chkrootkit 0.55-4+b2 pn john ii postfix [mail-transport-agent] 3.6.4-1+b3 pn tripwire | aide Versions of packages tiger suggests: ii lsof 4.95.0-1 ii lynis 3.0.8-1 -- debconf information: * tiger/mail_rcpt: root * tiger/policy_adapt: -- https://fmarier.org/ diff -u tiger-3.2.4~rc1/debian/changelog tiger-3.2.4~rc1/debian/changelog --- tiger-3.2.4~rc1/debian/changelog +++ tiger-3.2.4~rc1/debian/changelog @@ -1,3 +1,10 @@ +tiger (1:3.2.4~rc1-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Teach tiger about fuse.portal (Closes: #987512) + + -- Francois Marier Fri, 23 Sep 2022 12:03:08 -0700 + tiger (1:3.2.4~rc1-3) unstable; urgency=medium * Acknowledge NMU (Closes: #969303) diff -u tiger-3.2.4~rc1/systems/Linux/2/gen_mounts tiger-3.2.4~rc1/systems/Linux/2/gen_mounts --- tiger-3.2.4~rc1/systems/Linux/2/gen_mounts +++ tiger-3.2.4~rc1/systems/Linux/2/gen_mounts @@ -184,6 +184,7 @@ [ "$1" = "fuse.gvfsd-fuse" ] && LOCAL=1 # Used in Ubuntu 13.10 (Saucy Salamander) replaces fuse.gvfs-fuse-daemon [ "$1" = "fuse.ltspfs" ] && LOCAL=0 # Used by LTSP 5.x [ "$1" = "fuse.lxcfs" ] && LOCAL=0 + [ "$1" = "fuse.portal" ] && LOCAL=0 [ "$1" = "fuse.clamfs" ] && LOCAL=0 # ClamFS anti-virus protected file system [ "$1" = "fuse.javafs" ] && LOCAL=0 # Java FS, used by Wuala secure online storage, see: # https://github.com/puniverse/javafs only in patch2: unchanged: --- tiger-3.2.4~rc1.orig/configure +++ tiger-3.2.4~rc1/configure @@ -1,9 +1,10 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69. +# Generated by GNU Autoconf 2.71. # # -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, +# Inc. # # # This configure script is free software; the Free Software Foundation @@ -14,14 +15,16 @@ # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : +as_nop=: +if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 +then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST -else +else $as_nop case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( @@ -31,46 +34,46 @@ fi + +# Reset variables that may have inherited troublesome values from +# the environment. + +# IFS needs to be set, to space, tab, and newline, in precisely that order. +# (If _AS_PATH_WALK were called with IFS unset, it would have the +# side effect of setting IFS to empty, thus disabling word splitting.) +# Quoting is to prevent editors from complaining about space-tab. as_nl=' ' export as_nl -# Printing a long string crashes Solaris 7 /usr/bin/printf. -as_echo='\\\' -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo -as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo -# Prefer a ksh shell builtin over an external printf program on Solaris, -# but without wasting forks for bash or zsh. -if test -z "$BASH_VERSION$ZSH_VERSION" \ -&& (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/
Bug#1017648: How to apply the patch in bug 987512
To apply the patch in the other bug, simply open /usr/lib/tiger/systems/Linux/2/gen_mounts in a text editor (as root) and then insert this line: [ "$1" = "fuse.portal" ] && LOCAL=0 in between: [ "$1" = "fuse.lxcfs" ] && LOCAL=0 and: [ "$1" = "fuse.clamfs" ] && LOCAL=0 # ClamFS anti-virus protected file system The patch itself can be found here: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=987512;filename=tiger-fuse_portal.patch;msg=5 Francois -- https://fmarier.org/
Bug#1019701: RFP: rpi-imager -- Raspberry Pi Imaging Utility
Package: wnpp Severity: wishlist * Package name: rpi-imager Version : 1.7.3 Upstream Author : Raspberry Pi * URL : https://github.com/raspberrypi/rpi-imager * License : Apache-2.0 Programming Lang: C++ Description : Raspberry Pi Imaging Utility Raspberry Pi Imager is the quick and easy way to install Raspberry Pi OS and other operating systems (but not Debian) to a microSD card, ready to use with your Raspberry Pi.
Bug#1019325: Patch
Here's the patch I applied locally to my /etc to fix these warnings. Francois -- https://fmarier.org/ diff --git a/logcheck/ignore.d.server/anon-proxy b/logcheck/ignore.d.server/anon-proxy index 6b111708..31a442fd 100644 --- a/logcheck/ignore.d.server/anon-proxy +++ b/logcheck/ignore.d.server/anon-proxy @@ -1,2 +1,2 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +Try connecting to next Mix\.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected\!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected!$ diff --git a/logcheck/ignore.d.server/cyrus b/logcheck/ignore.d.server/cyrus index c483b8e9..566b3fb7 100644 --- a/logcheck/ignore.d.server/cyrus +++ b/logcheck/ignore.d.server/cyrus @@ -2,5 +2,5 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT failed( to open index file)?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT returned [0-9]+ messages$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/lmtpd\[[0-9]+\]: DBERROR db3: [12] lockers$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, \"[ [:alnum:][:punct:]]+\"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, "[ [:alnum:][:punct:]]+"$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/squatter\[[0-9]+\]: (skipping|indexing) mailbox [[:alpha:]^\.]+\.\.\.$ diff --git a/logcheck/ignore.d.server/dhcp b/logcheck/ignore.d.server/dhcp index 3b34ef10..2f19495e 100644 --- a/logcheck/ignore.d.server/dhcp +++ b/logcheck/ignore.d.server/dhcp @@ -39,9 +39,9 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: TLS session successfully started to [:_.[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Successfully logged into LDAP server [._[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Found dhcpServer LDAP entry|LDAP: Parsing dhcpServer options|LDAP: Parsing dhcpService DN|Found LDAP entry|Parsing external DNs for) '[%=.,_[:alnum:]-]+'( \.\.\.)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(\&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Found dhcpHWAddress LDAP entry [-_=,.[:alnum:]]+$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename \"[.[:alnum:]]+\"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename "[.[:alnum:]]+"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '(allow booting|allow bootp|ddns-update-style (ad-hoc|interim|none)|(default|max|min)-lease-time [[:digit:]]+|authoritative|option domain-name "[._[:alnum:]-]+"|option domain-name-servers [._,[:alnum:][:space:]-]+|option subnet-mask [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '((subnet|netmask|option routers|option subnet-mask) [.[:digit:]]{7,15}|(default|max|min)-lease-time [[:digit:]]+|[[:space:]]|\{#012|\}#012|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line 'pool (range [.[:digit:]]{7,15} [.[:digit:]]+|(default|min|max)-lease-time [[:digit:]]+|failover peer "[-._[:alnum:]]+"|deny dynamic bootp clients|[[:space:]]|\{#012|\}#012|;#012)+'$ diff --git a/logcheck/ignore.d.server/dovecot b/logcheck/ignore.d.server/dovecot index 8f4dcb60..b59ad6da 100644 --- a/logcheck/ignore.d.server/dovecot +++ b/logcheck/ignore.d.server/dovecot @@ -5,7 +5,7 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: \(pam_unix\) check pass; user unknown$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=([-_.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?( user=[-_.@[:alnum:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): check pass; user unknown$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_ldap: error trying to bind as user \".*\" \(Invalid credentials\)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_ldap: error trying to bind as user ".*" \(Invalid credentials\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|pop3)-login: Login: [.[:alnum:]@-]+
Bug#1019587: qflipper: Missing dependency on qml-module-qt-labs-platform
Package: qflipper Version: 1.1.1-2 Severity: important I installed qflipper and was unable to run it: $ qFlipper 34 [default] QQmlApplicationEngine failed to load component 35 [default] qrc:/main.qml:29:5: Type MainWindow unavailable 35 [default] qrc:/components/MainWindow.qml:7:1: module "Qt.labs.platform" is not installed 35 [APP] qFlipper version 1.1.1-2 commit unknown 2022-08-10T10:13:42 35 [APP] OS info: Debian GNU/Linux bookworm/sid unknown 5.18.0-4-amd64 After installing the qml-module-qt-labs-platform package, everything starts up fine. Please add the missing dependency (or at the very least a Recommends). Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.18.0-4-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages qflipper depends on: ii libc6 2.34-8 ii libgcc-s1 12.2.0-2 ii libqt5core5a5.15.4+dfsg-5 ii libqt5gui5 5.15.4+dfsg-5 ii libqt5network5 5.15.4+dfsg-5 ii libqt5qml5 5.15.4+dfsg-4 ii libqt5quick55.15.4+dfsg-4 ii libqt5quickcontrols2-5 5.15.4+dfsg-2 ii libqt5serialport5 5.15.4-2 ii libqt5widgets5 5.15.4+dfsg-5 ii libstdc++6 12.2.0-2 ii libusb-1.0-02:1.0.26-1 ii zlib1g 1:1.2.11.dfsg-4.1 qflipper recommends no packages. qflipper suggests no packages. -- no debconf information
Bug#848578: Also running into this problem
On 2022-09-07 at 12:42:31, Nicolas Schier (nico...@fjasle.eu) wrote: > Francois, might you be able to patch your ts with the attached patch > and re-check? As August has gone, I used > > echo test | faketime "2022-08-01" ./ts > > for testing with your specified locale settings. I've patched my /usr/bin/ts as you indicated and the above works well now: $ echo test | faketime "2022-01-04" ts jan 04 00:00:00 test $ echo test | faketime "2022-02-04" ts fév 04 00:00:00 test $ echo test | faketime "2022-07-04" ts jui 04 00:00:00 test $ echo test | faketime "2022-08-04" ts aoû 04 00:00:00 test Also, faketime is really handy! Thanks. Francois
Bug#1018794: RFP: fx -- terminal JSON viewer
Package: wnpp Severity: wishlist * Package name: fx Version : 24.0.0 Upstream Author : Anton Medvedev * URL : https://github.com/antonmedv/fx * License : MIT Programming Lang: Go Description : terminal JSON viewer Function eXecution (fx) is a terminal JSON viewer which includes these features: - Mouse support - Streaming support - Preserves key order - Preserves big numbers
Bug#1018733: RFP: htmlq -- uses CSS selectors to extract bits of content from HTML file
Package: wnpp Severity: wishlist * Package name: htmlq Version : 0.4.0 Upstream Author : Michael Maclean * URL : https://github.com/mgdm/htmlq * License : MIT Programming Lang: Rust Description : uses CSS selectors to extract bits of content from HTML file Like jq, but for HTML. Uses CSS selectors to extract bits of content from HTML files.
Bug#1018258: RFP: procs -- modern replacement for ps
Package: wnpp Severity: wishlist * Package name: procs Version : 0.13.0 Upstream Author : Dalance * URL : https://github.com/dalance/procs * License : MIT Programming Lang: Rust Description : modern replacement for ps procs is a replacement for ps written in Rust. Features: - Colored and human-readable output - Automatic theme detection based on terminal background - Multi-column keyword search - Some additional information which are not supported by ps - TCP/UDP port - Read/Write throughput - Docker container name - More memory information - Pager support - Watch mode (like top) - Tree view
Bug#1017956: RFP: croc -- easily and securely send things from one computer to another
Package: wnpp Severity: wishlist * Package name: croc Version : 9.6.0 Upstream Author : Zack Schollz * URL : https://schollz.com/software/croc6 * License : MIT Programming Lang: Go Description : easily and securely send things from one computer to another croc is a tool that allows any two computers to simply and securely transfer files and folders and does all of the following: - allows any two computers to transfer data (using a relay) - provides end-to-end encryption (using PAKE) - enables easy cross-platform transfers (Windows, Linux, Mac) - allows multiple file transfers - allows resuming transfers that are interrupted - local server or port-forwarding not needed - ipv6-first with ipv4 fallback - can use proxy, like tor
Bug#1017687: RFP: xsv -- fast CSV command line toolkit
Package: wnpp Severity: wishlist * Package name: xsv Version : 0.13.0 Upstream Author : Andrew Gallant * URL : https://github.com/BurntSushi/xsv * License : MIT Programming Lang: Rust Description : fast CSV command line toolkit xsv is a command line program for indexing, slicing, analyzing, splitting and joining CSV files. Commands should be simple, fast and composable: 1. Simple tasks should be easy. 2. Performance trade offs should be exposed in the CLI interface. 3. Composition should not come at the expense of performance.
Bug#1017575: RFP: jless -- command-line JSON viewer
Package: wnpp Severity: wishlist * Package name: jless Version : 0.8.0 Upstream Author : Paul Julius Martinez * URL : https://jless.io/ * License : MIT Programming Lang: Rust Description : command-line JSON viewer jless is a command-line JSON viewer. Use it as a replacement for whatever combination of less, jq, cat and your editor you currently use for viewing JSON files. Features: - Clean syntax highlighted display of JSON data, omitting quotes around object keys, closing object and array delimiters, and trailing commas. - Expand and collapse objects and arrays so you can see both the high- and low-level structure of the data. - A wealth of vim-inspired movement commands for efficiently moving around and viewing data. - Full regex-based search for finding exactly the data you're looking for.
Bug#1016995: RFP: sublist3r -- subdomains enumeration tool for penetration testers
Package: wnpp Severity: wishlist * Package name: sublist3r Version : 1.1 Upstream Author : Ahmed Aboul-Ela * URL : https://github.com/aboul3la/Sublist3r * License : GPL-2.0 Programming Lang: Python Description : subdomains enumeration tool for penetration testers Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS. subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist.
Bug#1016929: RFP: sd -- intuitive find & replace command-line tool (sed alternative)
Package: wnpp Severity: wishlist * Package name: sd Version : 0.7.6 Upstream Author : Gregory * URL : https://github.com/chmln/sd * License : MIT Programming Lang: Rust Description : intuitive find & replace command-line tool (sed alternative) sd is an intuitive find & replace CLI. sd uses regex syntax that you already know from JavaScript and Python. Find & replace expressions are split up, which makes them easy to read and write. Defaults follow common sense and are tailored for typical daily use.
Bug#976626: Similar package
This seems very similar to the tldr package: https://packages.debian.org/stable/tldr See https://tldr.sh/ for examples. Francois
Bug#848578: Also running into this problem
I can also reproduce this problem with `ts` while `date` works fine: $ date | ts ao� 06 10:33:36 sam 06 aoû 2022 10:33:36 PDT $ date sam 06 aoû 2022 10:35:39 PDT $ echo test | ts ao� 06 10:36:04 test This is what my locale is set to: $ locale LANG=fr_CA.utf8 LANGUAGE= LC_CTYPE="fr_CA.utf8" LC_NUMERIC="fr_CA.utf8" LC_TIME="fr_CA.utf8" LC_COLLATE="fr_CA.utf8" LC_MONETARY="fr_CA.utf8" LC_MESSAGES="fr_CA.utf8" LC_PAPER="fr_CA.utf8" LC_NAME="fr_CA.utf8" LC_ADDRESS="fr_CA.utf8" LC_TELEPHONE="fr_CA.utf8" LC_MEASUREMENT="fr_CA.utf8" LC_IDENTIFICATION="fr_CA.utf8" LC_ALL= $ cat /etc/locale.gen | grep -v '^#' en_CA.UTF-8 UTF-8 en_NZ.UTF-8 UTF-8 fr_CA.UTF-8 UTF-8 Let me know if there's anything else I can provide to help reproduce the problem. Francois -- https://fmarier.org/
Bug#1016605: RFP: dust -- tool to get an instant overview of which directories are using disk space without requiring sort or head
Package: wnpp Severity: wishlist * Package name: dust Version : 0.8.1 Upstream Author : Andy Boot * URL : https://github.com/bootandy/dust * License : Apache-2.0 Programming Lang: Rust Description : tool to get an instant overview of which directories are using disk space without requiring sort or head Dust is meant to give you an instant overview of which directories are using disk space without requiring sort or head. Dust will print a maximum of one 'Did not have permissions message'. Dust will list a slightly-less-than-the-terminal-height number of the biggest subdirectories or files and will smartly recurse down the tree to find the larger ones. There is no need for a '-d' flag or a '-h' flag. The largest subdirectories will be colored. The different colors on the bars: These represent the combined tree hierarchy & disk usage. The shades of grey are used to indicate which parent folder a subfolder belongs to.
Bug#1016389: RFP: choose -- human-friendly and fast alternative to cut and (sometimes) awk
Package: wnpp Severity: wishlist * Package name: choose Version : 1.3.4 Upstream Author : Ryan Geary * URL : https://github.com/theryangeary/choose * License : GPL-3.0 Programming Lang: Rust Description : human-friendly and fast alternative to cut and (sometimes) awk This is choose, a human-friendly and fast alternative to cut and (sometimes) awk. . Features: - terse field selection syntax similar to Python's list slices - negative indexing from end of line - optional start/end index - zero-indexed - reverse ranges - slightly faster than cut for sufficiently long inputs, much faster than awk - regular expression field separators using Rust's regex syntax
Bug#1016361: RFP: dog -- command-line DNS client with colorful output and support for DoH and DoT
Package: wnpp Severity: wishlist * Package name: dog Version : 0.1.0 Upstream Author : Benjamin Sago * URL : https://dns.lookup.dog/ * License : EUPL-1.2 Programming Lang: Rust Description : command-line DNS client with colorful output and support for DoH and DoT dog is a command-line DNS client, like dig. It has colourful output, understands normal command-line argument syntax, supports the DNS-over-TLS and DNS-over-HTTPS protocols, and can emit JSON.
Bug#1014425: rkhunter: rkunter is unable to find config file for 'syslog' daemon
Hi Tim, > I'm getting these emails Daily: > Warning: The 'syslog' daemon is running, but no configuration file can be > found. I'm not sure why you're getting that message, I've never seen it myself. Are you using rsyslog or syslog-ng? Francois -- https://fmarier.org/
Bug#1011290: tor: Unhandled OpenSSL errors found at ../src/lib/tls/tortls.c:190
Package: tor Version: 0.4.7.7-1 Severity: normal Every day when I restart the tor daemon, I see the following in my logs: May 19 05:05:01 Tor[2928143]: Unhandled OpenSSL errors found at ../src/lib/tls/tortls.c:190: May 19 05:05:01 Tor[2928143]: TLS error: could not load the shared library (in DSO support routines:dlfcn_load:---) May 19 05:05:01 Tor[2928143]: TLS error: could not load the shared library (in DSO support routines:DSO_load:---) May 19 05:05:01 Tor[2928143]: TLS error: error loading dso (in configuration file routines:module_load_dso:---) May 19 05:05:01 Tor[2928143]: TLS error: unknown module name (in configuration file routines:module_run:---) I haven't noticed it causing any problems so far, but I've not really looked into it. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.17.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tor depends on: ii adduser 3.121 ii libc6 2.33-7 ii libcap2 1:2.44-1 ii libevent-2.1-7 2.1.12-stable-5+b1 ii liblzma55.2.5-2.1 ii libseccomp2 2.5.4-1 ii libssl1.1 1.1.1o-1 ii libsystemd0 250.4-1 ii libzstd11.5.2+dfsg-1 ii lsb-base11.1.0 ii runit-helper2.13.0 ii zlib1g 1:1.2.11.dfsg-4 Versions of packages tor recommends: ii logrotate3.19.0-2 ii tor-geoipdb 0.4.7.7-1 ii torsocks 2.3.0-3 Versions of packages tor suggests: ii apparmor-utils 3.0.4-2 pn mixmaster pn nyx pn obfs4proxy pn socat pn torbrowser-launcher -- Configuration Files: /etc/apparmor.d/system_tor changed: profile system_tor flags=(attach_disconnected) { #include #include #include } -- no debconf information
Bug#1010777: RFP: qflipper -- application for updating Flipper Zero firmware
Package: wnpp Severity: wishlist * Package name: qflipper Version : 1.0.2 Upstream Author : Georgii Surkov * URL : https://github.com/flipperdevices/qFlipper * License : GPL-3.0 Programming Lang: C++ Description : application for updating Flipper Zero firmware qFlipper is a graphical desktop application for updating Flipper Zero firmware. . Features: . - Update Flipper's firmware and supplemental data with a press of one button - Repair a broken fimware installation - Stream Flipper's display and control it remotely - Install firmware from a .dfu file - Backup and restore settings, progress and pairing data - Automatic self-update feature - Command line interface
Bug#1007135: uscan: add support for checking version numbers based on HTTP redirects
Package: devscripts Version: 2.22.1 Severity: wishlist The libhdhomerun package has this debian/watch file: version=4 https://www.silicondust.com/support/linux/ https://download.silicondust.com/hdhomerun/libhdhomerun_(\d.*).tgz but due to a recent change upstream, they no longer have the version number in the HTML of the page and instead have a single .tgz link which redirects to the latest version: $ curl -i https://download.silicondust.com/hdhomerun/libhdhomerun.tgz HTTP/1.1 302 Found Date: Fri, 11 Mar 2022 19:23:40 GMT Content-Type: text/html; charset=iso-8859-1 Transfer-Encoding: chunked Connection: keep-alive Location: https://download.silicondust.com/hdhomerun/libhdhomerun_20220303.tgz [...] 302 Found Found The document has moved https://download.silicondust.com/hdhomerun/libhdhomerun_20220303.tgz;>here. Apache/2.4.41 (Ubuntu) Server at download.silicondust.com Port 80 I therefore changed the watch file to this so that it could parse the HTML of the 302 page: version=4 https://download.silicondust.com/hdhomerun/libhdhomerun.tgz https://download.silicondust.com/hdhomerun/libhdhomerun_(\d.*).tgz but it doesn't work because there's no way to tell uscan not to follow the redirect all the way to the tarball. If there was a way to specify something like opts="noredirects" then I could make the watch work again. Alternatively, there could be another mode entirely which looks at the Location header instead. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-4-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages devscripts depends on: ii dpkg-dev 1.21.1 ii fakeroot 1.28-1 ii file 1:5.41-2 ii gnupg 2.2.27-3 ii gpgv 2.2.27-3 ii libc6 2.33-7 ii libfile-dirlist-perl 0.05-2 ii libfile-homedir-perl 1.006-1 ii libfile-touch-perl0.12-1 ii libfile-which-perl1.23-1 ii libipc-run-perl 20200505.0-1 ii libmoo-perl 2.005004-3 ii libwww-perl 6.61-1 ii patchutils0.4.2-1 ii perl 5.34.0-3 ii python3 3.9.8-1 ii sensible-utils0.0.17 ii wdiff 1.2.2-2+b1 Versions of packages devscripts recommends: ii apt 2.4.1 ii curl7.82.0-1 ii dctrl-tools 2.24-3+b1 ii debian-keyring 2021.12.24 ii dput-ng [dput] 1.34 ii dupload 2.9.7 ii equivs 2.3.1 ii libdistro-info-perl 1.1 ii libdpkg-perl1.21.1 ii libencode-locale-perl 1.05-1.1 ii libgit-wrapper-perl 0.048-1 ii libgitlab-api-v4-perl 0.26-1 ii liblist-compare-perl0.55-1 ii liblwp-protocol-https-perl 6.10-1 pn libsoap-lite-perl ii libstring-shellquote-perl 1.04-1 ii libtry-tiny-perl0.31-1 ii liburi-perl 5.10-1 ii licensecheck3.2.14-2 ii lintian 2.114.0 ii man-db 2.10.1-1 ii patch 2.7.6-7 ii pristine-tar1.49 ii python3-apt 2.3.0+b1 ii python3-debian 0.1.43 ii python3-magic 2:0.4.24-2 ii python3-requests2.25.1+dfsg-2 ii python3-unidiff 0.7.3-1 ii python3-xdg 0.27-2 ii strace 5.10-1 ii unzip 6.0-26 ii wget1.21.2-2+b1 ii xz-utils5.2.5-2 Versions of packages devscripts suggests: pn adequate ii at 3.2.5-1 ii autopkgtest 5.20 pn bls-standalone ii bsd-mailx [mailx]8.1.2-0.20180807cvs-2 ii build-essential 12.9 pn check-all-the-things pn cvs-buildpackage ii debhelper13.6 pn diffoscope pn disorderfs ii dose-extra 7.0.0-1+b1 ii duck 0.13.3 ii elpa-devscripts 40.5 pn faketime pn gnuplot pn how-can-i-help ii libauthen-sasl-perl 2.1600-1.1 pn libdbd-pg-perl ii libfile-desktopentry-perl0.22-2 pn libnet-smtps-perl pn libterm-size-perl ii libtimedate-perl 2.3300-2 pn libyaml-syck-perl ii mailutils [mailx]1:3.14-1
Bug#1006534: pagekite: Fails to accept client connections
Package: pagekite Version: 1.5.2.200603-2 Severity: grave Tags: patch Justification: renders package unusable As described in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004295, incoming pagekite connections don't work on Debian 11. If you run your own frontend on that version of Debian (or on Ubuntu focal for that matter), nothing works. I've attached the reverse of the patch from that bug which is all that's needed to fix pagekite in unstable. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages pagekite depends on: ii ca-certificates20211016 ii daemon 0.8-1 ii init-system-helpers1.62 ii python33.9.8-1 ii python3-openssl21.0.0-1 ii python3-six1.16.0-3 ii python3-socksipychain 2.1.2-1 pagekite recommends no packages. pagekite suggests no packages. -- Configuration Files: /etc/pagekite.d/10_account.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/10_account.rc' /etc/pagekite.d/90_debian_certs.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/90_debian_certs.rc' -- no debconf information commit 695ae5c46610393b8b4e950466c643d9c58cbce1 Author: Francois Marier Date: Sat Feb 26 18:41:37 2022 -0800 Fix incoming connections (patch from #1004295). diff --git a/debian/changelog b/debian/changelog index e8f50ba..4cef3ef 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ pagekite (1.5.2.200603-2.1) unstable; urgency=medium * Non-maintainer upload. * Log messages in /var/log/pagekite/pagekite.log (closes: #910028). + * Fix incoming connections (patch from #1004295). -- Francois Marier Sat, 26 Feb 2022 18:38:24 -0800 diff --git a/pagekite/proto/conns.py b/pagekite/proto/conns.py index 3da9272..2c9fc04 100755 --- a/pagekite/proto/conns.py +++ b/pagekite/proto/conns.py @@ -1975,8 +1975,8 @@ class FastPingHelper(threading.Thread): data = None try: if data: - if '\nHost: ping.pagekite' in data: -client.send(self.rejection) + if b'\nHost: ping.pagekite' in data: +client.send(self.rejection.encode("utf-8")) client.close() self.fast_pinged.append(obfuIp(addr[0])) else: diff --git a/pagekite/proto/selectables.py b/pagekite/proto/selectables.py index 56705f5..ed1967c 100755 --- a/pagekite/proto/selectables.py +++ b/pagekite/proto/selectables.py @@ -344,7 +344,7 @@ class Selectable(object): def EatPeeked(self, eat_bytes=None, keep_peeking=False): if not self.peeking: return if eat_bytes is None: eat_bytes = self.peeked -discard = '' +discard = b'' while len(discard) < eat_bytes: try: bytecount = eat_bytes - len(discard)
Bug#1004528: RFP: dnspeep -- tool to spy on the DNS queries your computer is making
Package: wnpp Severity: wishlist * Package name: dnspeep Version : 0.1.3 Upstream Author : Julia Evans * URL : https://github.com/jvns/dnspeep/ * License : MIT Programming Lang: Rust Description : tool to spy on the DNS queries your computer is making dnspeep lets you spy on the DNS queries your computer is making. . It uses libpcap to capture packets on port 53, and then matches up DNS request and response packets so that it can show the request and response together on the same line. . It also tracks DNS queries which didn't get a response within 1 second and prints them out with the response .
Bug#1001147: syncthing.service appears to be enabled for all users
On 2021-12-19 at 14:22:03, Alexandre Viau (alexan...@alexandreviau.net) wrote: > Ah, it was dh-systemd enabling the user unit by default. > > Since the user unit is not the only way to use syncthing, I would say > that disabling it by default is a better choice. The other thing is that I'd say it only makes sense to run the Syncthing user service for real users, not for system user accounts (e.g. the ones used for cron and the likes). Francois -- https://fmarier.org/
Bug#1001147: syncthing.service appears to be enabled for all users
On 2021-12-19 at 13:12:58, Alexandre Viau (av...@debian.org) wrote: > Can you please show us the output of: > - $ ls -l /etc/systemd/user/default.target.wants/ I do have Syncthing in there: lrwxrwxrwx 1 root root 35 Jul 22 2019 dunst.service -> /usr/lib/systemd/user/dunst.service lrwxrwxrwx 1 root root 38 Sep 27 2020 pipewire.service -> /usr/lib/systemd/user/pipewire.service lrwxrwxrwx 1 root root 40 Aug 23 2019 pulseaudio.service -> /usr/lib/systemd/user/pulseaudio.service lrwxrwxrwx 1 root root 39 Dec 3 00:32 syncthing.service -> /usr/lib/systemd/user/syncthing.service lrwxrwxrwx 1 root root 47 Sep 3 11:44 tracker-extract-3.service -> /usr/lib/systemd/user/tracker-extract-3.service I don't remember manually enabling this myself though. It's possible I did and forgot, but I suspect it happened when I upgraded the package a few weeks ago. Francois -- https://fmarier.org/
Bug#1001147: syncthing.service appears to be enabled for all users
Package: syncthing Version: 1.18.0~ds1-1 Severity: normal I've noticed a couple of odd things in my logs since a recent SyncThing upgrade. The first one is that a new SyncThing device I can't identify is now being advertised from my laptop. The ID I see being advertised is not the one I use on that device. Secondly, I see the following in my logs: Dec 4 07:40:13 akranes syncthing[1962943]: WARNING: Failure on home directory: mkdir /bin/.config: permission denied which suggests that SyncThing is trying to run with one of the system user accounts that have /bin/ as their homedir: $ grep :/bin: /etc/passwd bin:x:2:2:bin:/bin:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync proxy:x:13:13:proxy:/bin:/usr/sbin/nologin Finally, I found Sync directories in odd places: /var/lib/gdm3/Sync /var/spool/email-reminder/Sync I'm not an expert in systemd service files, but this suggests to me that SyncThing is being run from many user accounts which really shouldn't run it. They should especially not creating new directories and start sharing them on the network. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages syncthing depends on: ii init-system-helpers 1.60 ii libc62.32-4 syncthing recommends no packages. syncthing suggests no packages. -- no debconf information
Bug#999511: safe-rm FTCBFS: missing Build-Depends: libstd-rust-dev
On 2021-11-11 at 11:15:40, Helmut Grohne (hel...@subdivi.de) wrote: > safe-rm fails to cross build from source, because it does not find the > rust package std. Ximin Luo identified the cause as a missing dependency > on libstd-rust-dev. Please consider applying the attached patch. Thanks for the patch Helmut. I will upload a fixed version right away. Francois -- https://fmarier.org/
Bug#999512: crowdsec: Missing geoip-database dependency
Package: crowdsec Version: 1.0.9-2+b4 Severity: normal I see the following in my logs when I run `systemctl start crowdsec.service` on Debian bullseye: time="12-11-2021 06:28:58" level=warning msg="Starting processing data" time="12-11-2021 06:28:59" level=info msg="pull top: added 65 entries" time="12-11-2021 06:28:59" level=error msg="crowdsec - goroutine crowdsec/runParse crashed : interface conversion: interface {} is nil, not parser.GeoIpEnricherCtx" time="12-11-2021 06:28:59" level=error msg="please report this error to https://github.com/crowdsecurity/crowdsec/; time="12-11-2021 06:28:59" level=error msg="stacktrace/report is written to /tmp/crowdsec-crash.548920771.txt : please join it to your issue" time="12-11-2021 06:28:59" level=fatal msg="crowdsec stopped" Then I installed the geoip-database package and was able to restart crowdsec successfully using systemctl restart crowdsec.service. I reported the crash upstream: https://github.com/crowdsecurity/crowdsec/issues/1049 and so this bug report is about what appears to be a missing dependency. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.14.0-4-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages crowdsec depends on: ii ca-certificates 20211016 ii libc62.32-4 ii libsqlite3-0 3.36.0-2 crowdsec recommends no packages. crowdsec suggests no packages.
Bug#997953: RFP: gixy -- Nginx configuration static analyzer
Package: wnpp Severity: wishlist * Package name: gixy Version : 0.1.20 Upstream Author : Yandex * URL : https://github.com/yandex/gixy * License : MPL-2.0 Programming Lang: Python Description : Nginx configuration static analyzer Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection.
Bug#995128: dbus-user-session: Non-functional dbus-user-session installation
Package: dbus-user-session Version: 1.12.20-2 Severity: normal X-Debbugs-Cc: s...@debian.org I installed dbus-user-session but it doesn't look functional: $ ls -lh $XDG_RUNTIME_DIR/bus ls: cannot access '/run/user/1000/bus': No such file or directory $ systemctl --user status dbus.service Failed to get properties: Process org.freedesktop.systemd1 exited with status 1 $ systemctl --user status dbus.socket Failed to get properties: Process org.freedesktop.systemd1 exited with status 1 I'm not too sure if I should be manually starting it from my desktop environment (i3 + gnome-settings-daemon), but Simon McVittie suggested I file a bug about this (see Bug #994961). Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.14.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dbus-user-session depends on: ii dbus1.12.20-2 ii libpam-systemd 247.9-2+b1 ii systemd 247.9-2+b1 Versions of packages dbus-user-session recommends: ii systemd-sysv 247.9-2+b1 dbus-user-session suggests no packages. -- no debconf information -- https://fmarier.org/
Bug#994961: glib2.0: gnome-keyring unable to unlock login keyring on some systems since GLib 2.70.0-1
On 2021-09-24 at 02:28:05, Simon McVittie (s...@debian.org) wrote: > > I do have the dbus-user-session package installed. > > I'm surprised by this. It's clearly still picking up XDG_RUNTIME_DIR > from the environment, so I would have expected it to be able to connect > to $XDG_RUNTIME_DIR/bus (arguably that's a bug, in that it should not be > trusting the environment at all when run with capabilities, but it's > necessary as long as gnome-keyring-daemon is setcap). > > Do you have a socket at $XDG_RUNTIME_DIR/bus owned by your uid? It doesn't look like it: $ ls -lh $XDG_RUNTIME_DIR/bus ls: cannot access '/run/user/1000/bus': No such file or directory > What is the status of the session bus? (`systemctl --user status dbus.service` > and `systemctl --user status dbus.socket`) $ systemctl --user status dbus.service Failed to get properties: Process org.freedesktop.systemd1 exited with status 1 $ systemctl --user status dbus.socket Failed to get properties: Process org.freedesktop.systemd1 exited with status 1 I'll give gnome-keyring 40.0-3 a go once it makes it to unstable. Francois -- https://fmarier.org/
Bug#994961: glib2.0: gnome-keyring unable to unlock login keyring on some systems since GLib 2.70.0-1
Source: glib2.0 Version: 2.70.0-1 Severity: important It looks like Bug #981420 was reintroduced in 2.70.0-1, as foreshadowed by the 2.66.4-4 changelog entries: glib2.0 (2.66.4-4) unstable; urgency=medium . * d/patches: Update patch series to upstream commit 2.66.4-27-g0051c0635 - Partially revert security hardening from 2.66.4-2: allow DBUS_SESSION_BUS_ADDRESS to be taken from the environment by setcap executables (to avoid regressing gnome-keyring) and by setgid executables (to avoid regressing msmtp). (Closes: #981420, #981555) Note that this is likely to be reverted in GLib 2.70.x to provide better hardening. The D-Bus session bus is not designed to be used by processes that have elevated privileges. I am no longer able to start gnome-keyring-daemon: $ gnome-keyring-daemon -r ** Message: 14:57:35.890: couldn't connect to dbus session bus: Cannot spawn a message bus when setuid ** Message: 14:57:35.890: Replacing daemon, using directory: /run/user/1000/keyring GNOME_KEYRING_CONTROL=/run/user/1000/keyring SSH_AUTH_SOCK=/run/user/1000/keyring/ssh gnome-keyring-daemon itself isn't SETUID: $ ls -l /usr/bin/gnome-keyring-daemon -rwxr-xr-x 1 root root 1.1M Aug 21 04:43 /usr/bin/gnome-keyring-daemon* $ sudo getcap /usr/bin/gnome-keyring-daemon /usr/bin/gnome-keyring-daemon cap_ipc_lock=ep I do have the dbus-user-session package installed. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#992155: alternative approach to automatically updating extrepo repo keys
On 2021-09-16 at 22:38:27, Tomas Pospisek (t...@sourcepole.ch) wrote: > An alternative approach could be that an `apt update` would trigger an > `extrepo update`. That's an interesting idea. I also don't know how feasible that is. > What do you do with systems (laptops f.ex.) that sleep when a cron job > would be triggered That kind of system would ideally have the anacron package installed. Francois -- https://fmarier.org/
Bug#992829: spamassassin: "spamassassin -r" fails with permission problem
As far as I can tell, I was able to fix this successfully by doing: chmod a+rx /var/lib/spamassassin Not sure why this changed recently (after the bullseye release), but perhaps that's something that the package needs to set. Francois
Bug#992829: spamassassin: "spamassassin -r" fails with permission problem
On 2021-08-23 at 17:14:05, Noah Meyerhans (no...@debian.org) wrote: > What happens if you pipe message content to spamassassin from your > shell, outside mutt? I've attached the result of piping your message to spamassassin in this way: cat msg | spamassassin -r -D > spamassassin.out 2>&1 >From what I can see, $HOME is set correctly, but perhaps the permissions on /var/lib/spamassassin are the source of the problem given that I'm running the spamassassin binary as the "francois" user? $ ls -ld /var/lib/spamassassin drwxr-x--- 8 debian-spamd debian-spamd 4,0K 4 jun 10:36 /var/lib/spamassassin/ In the last week, I've certainly noticed that SpamAssassin is letting tons of spam through. Maybe because everything ends up triggering BAYES_00? Francois -- https://fmarier.org/ Sep 1 21:55:07.796 [320717] dbg: logger: adding facilities: all Sep 1 21:55:07.796 [320717] dbg: logger: logging level is DBG Sep 1 21:55:07.796 [320717] dbg: generic: SpamAssassin version 3.4.6 Sep 1 21:55:07.796 [320717] dbg: generic: Perl 5.032001, PREFIX=/usr, DEF_RULES_DIR=/usr/share/spamassassin, LOCAL_RULES_DIR=/etc/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin Sep 1 21:55:07.797 [320717] dbg: config: timing enabled Sep 1 21:55:07.797 [320717] dbg: config: score set 0 chosen. Sep 1 21:55:07.798 [320717] dbg: util: running in taint mode? yes Sep 1 21:55:07.798 [320717] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/home/francois/bin', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/home/francois/devel/remote/user-scripts', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/usr/lib/ccache', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/home/francois/bin', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/usr/share/safe-rm/bin', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/usr/local/bin', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/usr/bin', keeping Sep 1 21:55:07.798 [320717] dbg: util: PATH included '/bin', keeping Sep 1 21:55:07.799 [320717] dbg: util: PATH included '/usr/local/games', which is unusable, dropping: No such file or directory Sep 1 21:55:07.799 [320717] dbg: util: PATH included '/usr/games', keeping Sep 1 21:55:07.799 [320717] dbg: util: final PATH set to: /home/francois/bin:/home/francois/devel/remote/user-scripts:/usr/lib/ccache:/home/francois/bin:/usr/share/safe-rm/bin:/usr/local/bin:/usr/bin:/bin:/usr/games Sep 1 21:55:07.802 [320717] dbg: util: secure_tmpfile created a temporary file /tmp/user/1000/.spamassassin320717yllOW5tmp Sep 1 21:55:07.802 [320717] dbg: archive-iterator: _set_default_message_selection_opts After: Scanprob[1], want_date[0], cache[0], from_regex[^From \S+ ?(\S\S\S \S\S\S .?\d .?\d:\d\d:\d\d \d{4}|.?\d-\d\d-\d{4}_\d\d:\d\d:\d\d_)] Sep 1 21:55:07.802 [320717] warn: config: path "/var/lib/spamassassin/3.004006" is inaccessible: Permission denied Sep 1 21:55:07.802 [320717] dbg: config: using "/etc/spamassassin" for site rules pre files Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/init.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/sa-compile.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v310.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v312.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v320.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v330.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v340.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v341.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v342.pre Sep 1 21:55:07.803 [320717] dbg: config: read file /etc/spamassassin/v343.pre Sep 1 21:55:07.803 [320717] dbg: config: using "/usr/share/spamassassin" for sys rules pre files Sep 1 21:55:07.804 [320717] dbg: config: using "/usr/share/spamassassin" for default rules dir Sep 1 21:55:07.804 [320717] dbg: config: read file /usr/share/spamassassin/10_default_prefs.cf Sep 1 21:55:07.804 [320717] dbg: config: read file /usr/share/spamassassin/10_hasbase.cf Sep 1 21:55:07.804 [320717] dbg: config: read file /usr/share/spamassassin/20_advance_fee.cf Sep 1 21:55:07.804 [320717] dbg: config: read file /usr/share/spamassassin/20_aux_tlds.cf Sep 1 21:55:07.805 [320717] dbg: config: read file /usr/share/spamassassin/20_body_tests.cf Sep 1 21:55:07.805 [320717] dbg: config: read file /usr/share/spamassassin/20_compensate.cf Sep 1 21:55:07.805 [320717] dbg: config: read file /usr/share/spamassassin/20_dnsbl_tests.cf Sep 1 21:55:07.805 [320717] dbg: config: read file /usr/share/spamassassin/20_drugs.cf Sep 1 21:55:07.805 [320717] dbg: config: read file /usr/share/spamassassin/20_dynrdns.cf Sep 1 21:55:07.805 [320717]
Bug#992829: spamassassin: "spamassassin -r" fails with permission problem
Package: spamassassin Version: 3.4.6-1 Severity: normal When I run "spamassassin -r" from mutt, I get the following error: Can't locate Mail/SpamAssassin/Bayes.pm: /var/lib/spamassassin/compiled/5.032/3.004006/Mail/SpamAssassin/Bayes.pm: Permission non accordée at /usr/share/perl5/Mail/SpamAssassin.pm line 1771. at /usr/bin/spamassassin line 413. Here's the relevant entry in my ~/.muttrc: macro index \ed "unset wait_key\nspamassassin -r\nset wait_key\n=spam\n" "report the message as spam" Francois -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages spamassassin depends on: ii adduser 3.118 ii curl7.74.0-1.3+b1 ii init-system-helpers 1.60 ii libhtml-parser-perl 3.76-1 ii libhttp-date-perl 6.05-1 ii libmail-dkim-perl 1.20200907-1 ii libnet-dns-perl 1.29-1 ii libnetaddr-ip-perl 4.079+dfsg-1+b5 ii libsocket6-perl 0.29-1+b3 ii libsys-hostname-long-perl 1.5-2 ii libwww-perl 6.53-1 ii lsb-base11.1.0 ii perl [libarchive-tar-perl] 5.32.1-5 ii w3m 0.5.3+git20210102-6 Versions of packages spamassassin recommends: ii gnupg 2.2.27-2 ii libio-socket-inet6-perl2.72-2.1 ii libmail-spf-perl 2.9.0-5 ii perl [libsys-syslog-perl] 5.32.1-5 ii sa-compile 3.4.6-1 ii spamc 3.4.6-1 Versions of packages spamassassin suggests: pn libbsd-resource-perl ii libdbi-perl 1.643-3+b1 ii libencode-detect-perl 1.01-5+b3 pn libgeoip2-perl ii libio-socket-ssl-perl 2.069-1 pn libnet-patricia-perl ii perl [libcompress-zlib-perl] 5.32.1-5 ii pyzor 1:1.0.0-6 ii razor 1:2.85-4.2+b7 -- Configuration Files: /etc/cron.daily/spamassassin [Errno 13] Permission non accordée: '/etc/cron.daily/spamassassin' /etc/spamassassin/init.pre changed: loadplugin Mail::SpamAssassin::Plugin::RelayCountry loadplugin Mail::SpamAssassin::Plugin::URIDNSBL loadplugin Mail::SpamAssassin::Plugin::SPF /etc/spamassassin/local.cf changed: lock_method flock ifplugin Mail::SpamAssassin::Plugin::Shortcircuit endif # Mail::SpamAssassin::Plugin::Shortcircuit /etc/spamassassin/v310.pre changed: loadplugin Mail::SpamAssassin::Plugin::SpamCop loadplugin Mail::SpamAssassin::Plugin::AntiVirus loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold loadplugin Mail::SpamAssassin::Plugin::TextCat loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject loadplugin Mail::SpamAssassin::Plugin::MIMEHeader loadplugin Mail::SpamAssassin::Plugin::ReplaceTags /etc/spamassassin/v320.pre changed: loadplugin Mail::SpamAssassin::Plugin::Check loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch loadplugin Mail::SpamAssassin::Plugin::URIDetail loadplugin Mail::SpamAssassin::Plugin::Bayes loadplugin Mail::SpamAssassin::Plugin::BodyEval loadplugin Mail::SpamAssassin::Plugin::DNSEval loadplugin Mail::SpamAssassin::Plugin::HTMLEval loadplugin Mail::SpamAssassin::Plugin::HeaderEval loadplugin Mail::SpamAssassin::Plugin::MIMEEval loadplugin Mail::SpamAssassin::Plugin::RelayEval loadplugin Mail::SpamAssassin::Plugin::URIEval loadplugin Mail::SpamAssassin::Plugin::WLBLEval loadplugin Mail::SpamAssassin::Plugin::VBounce loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody loadplugin Mail::SpamAssassin::Plugin::ASN loadplugin Mail::SpamAssassin::Plugin::ImageInfo /etc/spamassassin/v341.pre changed: loadplugin Mail::SpamAssassin::Plugin::TxRep loadplugin Mail::SpamAssassin::Plugin::PDFInfo /etc/spamassassin/v342.pre changed: loadplugin Mail::SpamAssassin::Plugin::HashBL loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof loadplugin Mail::SpamAssassin::Plugin::Phishing /etc/spamassassin/v343.pre changed: loadplugin Mail::SpamAssassin::Plugin::OLEVBMacro -- no debconf information -- https://fmarier.org/
Bug#992655: Updated patch
Here's an updated patch which also covers the 2am checks. Francois -- https://fmarier.org/ diff --git a/scripts/aide_run b/scripts/aide_run index 363ef10..14b197e 100755 --- a/scripts/aide_run +++ b/scripts/aide_run @@ -114,7 +114,7 @@ if [ -z "$AIDE" ] then if [ -z "${Tiger_AIDE_LOC_OVERRIDE}" ] then - AIDE=`which aide` + AIDE=`command -v aide` else AIDE=${Tiger_AIDE_LOC_OVERRIDE} fi diff --git a/scripts/check_passwd b/scripts/check_passwd index 1f885e8..fc28227 100755 --- a/scripts/check_passwd +++ b/scripts/check_passwd @@ -328,7 +328,7 @@ done < $WORKDIR/pass.list.$$ } # Verify the sudo file format. -if [ -n "`which visudo`" ] && [ -r /etc/sudoers ] ; then +if [ -n "`command -v visudo`" ] && [ -r /etc/sudoers ] ; then if ! `visudo -cq` ; then message FAIL pass021f "" "Integrity of sudoers files questionable (run 'visudo -c')." fi diff --git a/scripts/check_rootkit b/scripts/check_rootkit old mode 100644 new mode 100755 index bfb2f68..9dbf1e2 --- a/scripts/check_rootkit +++ b/scripts/check_rootkit @@ -143,7 +143,7 @@ fi # Chkrookit binary location|override + default check if [ -z "${Tiger_CHKROOTKIT_LOC_OVERRIDE}" ] then -CHKROOTKIT=`which chkrootkit 2>/dev/null` +CHKROOTKIT=`command -v chkrootkit` else CHKROOTKIT=${Tiger_CHKROOTKIT_LOC_OVERRIDE} fi diff --git a/scripts/crack_run b/scripts/crack_run index e47e4a2..82f26ff 100755 --- a/scripts/crack_run +++ b/scripts/crack_run @@ -91,7 +91,7 @@ if [ -z "$CRACK" ] then if [ -z "${Tiger_CRACK_LOC_OVERRIDE}" ] then -CRACK=`which crack` +CRACK=`command -v crack` else CRACK=${Tiger_CRACK_LOC_OVERRIDE} fi @@ -101,7 +101,7 @@ if [ -z "$REPORTER" ] then if [ -z "${Tiger_CRACKREPORTER_LOC_OVERRIDE}" ] then - REPORTER=`which crack-reporter` + REPORTER=`command -v crack-reporter` else REPORTER=${Tiger_CRACKREPORTER_LOC_OVERRIDE} fi diff --git a/scripts/integrit_run b/scripts/integrit_run index 55a33a1..d830aa5 100755 --- a/scripts/integrit_run +++ b/scripts/integrit_run @@ -83,7 +83,7 @@ if [ -z "$INTEGRIT" ] then if [ -z "${Tiger_INTEGRIT_LOC_OVERRIDE}" ] then - INTEGRIT=`which integrit` + INTEGRIT=`command -v integrit` else INTEGRIT=${Tiger_INTEGRIT_LOC_OVERRIDE} fi diff --git a/scripts/tripwire_run b/scripts/tripwire_run index 3c97d5a..5a95596 100755 --- a/scripts/tripwire_run +++ b/scripts/tripwire_run @@ -90,7 +90,7 @@ if [ -z "$TRIPWIRE" ] then if [ -z "${Tiger_TRIPW_LOC_OVERRIDE}" ] then -TRIPWIRE=`which tripwire` +TRIPWIRE=`command -v tripwire` else TRIPWIRE=${Tiger_TRIPW_LOC_OVERRIDE} fi diff --git a/systems/Linux/2/gen_bootparam_sets b/systems/Linux/2/gen_bootparam_sets index bd91690..c8c1b95 100755 --- a/systems/Linux/2/gen_bootparam_sets +++ b/systems/Linux/2/gen_bootparam_sets @@ -25,10 +25,10 @@ # # If run directly do this, just in case: -[ -z "$AWK" ] && AWK=`which awk` -[ -z "$SED" ] && AWK=`which sed` -[ -z "$RM" ] && RM=`which rm` -[ -z "$YPCAT" ] && YPCAT=`which ypcat 2>/dev/null` +[ -z "$AWK" ] && AWK=`command -v awk` +[ -z "$SED" ] && AWK=`command -v sed` +[ -z "$RM" ] && RM=`command -v rm` +[ -z "$YPCAT" ] && YPCAT=`command -v ypcat` [ -z "$WORKDIR" ] && WORKDIR=/tmp [ -r /etc/bootparams ] && { diff --git a/systems/Linux/2/gen_cron b/systems/Linux/2/gen_cron index caaf498..1fbc9fe 100755 --- a/systems/Linux/2/gen_cron +++ b/systems/Linux/2/gen_cron @@ -35,9 +35,9 @@ #- # # Defin commands we need, just in case -[ -z "$FIND" ] && FIND=`which find` -[ -z "$LS" ] && LS=`which ls` -[ -z "$SED" ] && SED=`which sed` +[ -z "$FIND" ] && FIND=`command -v find` +[ -z "$LS" ] && LS=`command -v ls` +[ -z "$SED" ] && SED=`command -v sed` [ -z "$CRONSPOOL" ] && CRONSPOOL="/var/spool/cron/crontabs" [ ! -n "$GETUSERHOME" ] && GETUSERHOME=echo diff --git a/systems/Linux/2/gen_export_sets b/systems/Linux/2/gen_export_sets index 23838f9..76b7ba3 100755 --- a/systems/Linux/2/gen_export_sets +++ b/systems/Linux/2/gen_export_sets @@ -23,9 +23,9 @@ #- # # For debugging purposes -[ -z "$GREP" ] && GREP=`which grep` -[ -z "$SED" ] && SED=`which sed` -[ -z "$AWK" ] && AWK=`which awk` +[ -z "$GREP" ] && GREP=`command -v grep` +[ -z "$SED" ] && SED=`command -v sed` +[ -z "$AWK" ] && AWK=`command -v awk` [ -z "$WORKDIR" ] && WORKDIR=/tmp EXPFILE=/etc/exports diff --git a/systems/Linux/2/gen_group_sets b/systems/Linux/2/gen_group_sets index 93ef408..9e4cbbb 100755 --- a/systems/Linux/2/gen_group_sets +++ b/systems/Linux/2/gen_group_sets @@ -24,13 +24,13 @@ # # If run directly do this, just in case: -[ -z "$GREP" ] && GREP=`which grep` -[ -z "$AWK" ] && AWK=`which awk` -[ -z "$SED" ] && SED=`which sed` -[ -z "$SORT" ] && SORT=`which sort` -[ -z "$COMM" ] && COMM=`which comm` -[ -z "$RM" ] && RM=`which rm` -[ -z "$YPCAT" ] && YPCAT=`which ypcat
Bug#992657: kio: Invalid escape sequence in /usr/share/kservices5/searchproviders/rae.desktop
Package: kio Version: 5.83.0-2 Severity: normal I saw the following message in my logs after starting kmymoney: Aug 21 14:00:14 hostname /usr/libexec/gdm-x-session[1872937]: kf.config.core: "KConfigIni: In file /usr/share/kservices5/searchproviders/rae.desktop, line 94: " "Invalid escape sequence \"\\{\"." Francois -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages kio depends on: ii kded5 5.83.0-2 ii libacl1 2.2.53-10 ii libc6 2.31-16 ii libgcc-s1 11.2.0-2 ii libgssapi-krb5-2 1.18.3-6 ii libkf5archive55.83.0-2 ii libkf5authcore5 5.83.0-2 ii libkf5codecs5 5.83.0-2 ii libkf5configcore5 5.83.0-2 ii libkf5configwidgets5 5.83.0-3 ii libkf5coreaddons5 5.83.0-2 ii libkf5dbusaddons5 5.83.0-2 ii libkf5doctools5 5.83.0-2 ii libkf5i18n5 5.83.0-3 ii libkf5itemviews5 5.83.0-2 ii libkf5kiocore55.83.0-2 ii libkf5kiogui5 5.83.0-2 ii libkf5kiontlm55.83.0-2 ii libkf5kiowidgets5 5.83.0-2 ii libkf5notifications5 5.83.0-3 ii libkf5service-bin 5.83.0-2 ii libkf5service55.83.0-2 ii libkf5solid5 5.83.0-2 ii libkf5textwidgets55.83.0-2 ii libkf5wallet-bin 5.83.0-2 ii libkf5wallet5 5.83.0-2 ii libkf5widgetsaddons5 5.83.0-2 ii libkf5windowsystem5 5.83.0-2 ii libqt5core5a 5.15.2+dfsg-10 ii libqt5dbus5 5.15.2+dfsg-10 ii libqt5gui55.15.2+dfsg-10 ii libqt5network55.15.2+dfsg-10 ii libqt5qml55.15.2+dfsg-8 ii libqt5widgets55.15.2+dfsg-10 ii libqt5x11extras5 5.15.2-2 ii libqt5xml55.15.2+dfsg-10 ii libstdc++611.2.0-2 ii libxml2 2.9.10+dfsg-6.7 ii libxslt1.11.1.34-4 kio recommends no packages. kio suggests no packages. -- no debconf information -- https://fmarier.org/
Bug#992655: /bin/which: this version of 'which' is deprecated and should not be used.
Package: tiger Version: 1:3.2.4~rc1-3 Severity: important Tags: patch Every time the cronjob runs, I get emails containing this: /bin/which: this version of 'which' is deprecated and should not be used. This is due to a recent change in debianutils: * The 'which' utility will be removed in the future. Shell scripts often use it to check whether a command is available. A more standard way to do this is with 'command -v'; for example: if command -v update-icon-caches >/dev/null; then update-icon-caches /usr/share/icons/... fi '2>/dev/null' is unnecessary when using 'command': POSIX says "no output shall be written" if the command isn't found. It's also unnecessary for the debianutils version of 'which', and hides the deprecation warning. https://salsa.debian.org/debian/debianutils/-/blob/5aeca1e3b14c08b5ab92995e91efcc2b3806a639/debian/NEWS#L7-16 Attached is a patch which replaces the `which` command with `command -v`. Francois -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tiger depends on: ii binutils 2.37-4 ii bsdutils 1:2.37.2-1 ii debconf [debconf-2.0] 1.5.77 ii debianutils5.3-1 ii libc6 2.31-16 ii lsb-release11.1.0 ii net-tools 1.60+git20181103.0eebece-1 ii ucf3.0043 Versions of packages tiger recommends: ii chkrootkit 0.54-1+b2 pn john ii postfix [mail-transport-agent] 3.5.6-1+b1 pn tripwire | aide Versions of packages tiger suggests: ii lsof 4.93.2+dfsg-1.1 pn lynis -- debconf information: * tiger/policy_adapt: * tiger/mail_rcpt: root diff --git a/systems/Linux/2/gen_bootparam_sets b/systems/Linux/2/gen_bootparam_sets index bd91690..c8c1b95 100755 --- a/systems/Linux/2/gen_bootparam_sets +++ b/systems/Linux/2/gen_bootparam_sets @@ -25,10 +25,10 @@ # # If run directly do this, just in case: -[ -z "$AWK" ] && AWK=`which awk` -[ -z "$SED" ] && AWK=`which sed` -[ -z "$RM" ] && RM=`which rm` -[ -z "$YPCAT" ] && YPCAT=`which ypcat 2>/dev/null` +[ -z "$AWK" ] && AWK=`command -v awk` +[ -z "$SED" ] && AWK=`command -v sed` +[ -z "$RM" ] && RM=`command -v rm` +[ -z "$YPCAT" ] && YPCAT=`command -v ypcat` [ -z "$WORKDIR" ] && WORKDIR=/tmp [ -r /etc/bootparams ] && { diff --git a/systems/Linux/2/gen_cron b/systems/Linux/2/gen_cron index caaf498..2cc361c 100755 --- a/systems/Linux/2/gen_cron +++ b/systems/Linux/2/gen_cron @@ -35,9 +35,9 @@ #- # # Defin commands we need, just in case -[ -z "$FIND" ] && FIND=`which find` -[ -z "$LS" ] && LS=`which ls` -[ -z "$SED" ] && SED=`which sed` +[ -z "$FIND" ] && FIND=`command -v find` +[ -z "$LS" ] && LS=`command -v ls` +[ -z "$SED" ] && SED=`command -v sed` [ -z "$CRONSPOOL" ] && CRONSPOOL="/var/spool/cron/crontabs" [ ! -n "$GETUSERHOME" ] && GETUSERHOME=echo diff --git a/systems/Linux/2/gen_export_sets b/systems/Linux/2/gen_export_sets index 23838f9..76b7ba3 100755 --- a/systems/Linux/2/gen_export_sets +++ b/systems/Linux/2/gen_export_sets @@ -23,9 +23,9 @@ #- # # For debugging purposes -[ -z "$GREP" ] && GREP=`which grep` -[ -z "$SED" ] && SED=`which sed` -[ -z "$AWK" ] && AWK=`which awk` +[ -z "$GREP" ] && GREP=`command -v grep` +[ -z "$SED" ] && SED=`command -v sed` +[ -z "$AWK" ] && AWK=`command -v awk` [ -z "$WORKDIR" ] && WORKDIR=/tmp EXPFILE=/etc/exports diff --git a/systems/Linux/2/gen_group_sets b/systems/Linux/2/gen_group_sets index 93ef408..9e4cbbb 100755 --- a/systems/Linux/2/gen_group_sets +++ b/systems/Linux/2/gen_group_sets @@ -24,13 +24,13 @@ # # If run directly do this, just in case: -[ -z "$GREP" ] && GREP=`which grep` -[ -z "$AWK" ] && AWK=`which awk` -[ -z "$SED" ] && SED=`which sed` -[ -z "$SORT" ] && SORT=`which sort` -[ -z "$COMM" ] && COMM=`which comm` -[ -z "$RM" ] && RM=`which rm` -[ -z "$YPCAT" ] && YPCAT=`which ypcat 2>/dev/null` +[ -z "$GREP" ] && GREP=`command -v grep` +[ -z "$AWK" ] && AWK=`command -v awk` +[ -z "$SED" ] && SED=`command -v sed` +[ -z "$SORT" ] && SORT=`command -v sort` +[ -z "$COMM" ] && COMM=`command -v comm` +[ -z "$RM" ] && RM=`command -v rm` +[ -z "$YPCAT" ] && YPCAT=`command -v ypcat` [ -z "$WORKDIR" ] && WORKDIR=/tmp diff --git a/systems/Linux/2/gen_mounts b/systems/Linux/2/gen_mounts index 0f3fb67..5bc3477 100755 --- a/systems/Linux/2/gen_mounts +++
Bug#992155: extrepo: A cronjob / systemd timer should automatically refresh signing keys
Package: extrepo Version: 0.8 Severity: normal If I install a package using a supported external repo: extrepo enable brave_release apt update apt install brave-browser the current Brave signing key will automatically be fetched and placed in /var/lib/extrepo/keys/. However, when Brave updates their signing key, then what I get is a message along the lines of: $ sudo apt update ... Err:3 https://brave-browser-apt-release.s3.brave.com stable InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A8580BDC82D3DC6C ... W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://brave-browser-apt-release.s3.brave.com stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A8580BDC82D3DC6C W: Failed to fetch https://brave-browser-apt-release.s3.brave.com/dists/stable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A8580BDC82D3DC6C W: Some index files failed to download. They have been ignored, or old ones used instead. until, assuming the new signing key was merged in the extrepo-data repository, I manually refresh the local key using: extrepo update brave_release Given that upstream key rotations such as these should generally be encouraged (as opposed to never-expiring or 10year-long expiries), many users are going to get stuck with broken updates and won't know from the apt error message that they need to do an extrepo update. I suggest a simple fix, a daily cronjob or systemd timer which goes through all enabled repos and updates the local copy of the keys. These keys are already signed by extrepo, so the trust chain is maintained at all times. Francois -- https://fmarier.org/
Bug#990173: RFP: activitywatch -- automated and extensible privacy-focused time tracker
Package: wnpp Severity: wishlist * Package name: activitywatch Version : 0.11.0 Upstream Author : Erik Bjäreholt and Johan Bjäreholt * URL : https://github.com/ActivityWatch/activitywatch * License : MPL-2.0 Programming Lang: Python Description : automated and extensible privacy-focused time tracker ActivityWatch is an app that automatically tracks how you spend time on your devices. It is open source, privacy-first, cross-platform, and a great alternative to services like RescueTime, ManicTime, and WakaTime. It can be used to keep track of your productivity, time spent on different projects, bad screen habits, or just to understand how you spend your time. Features - Tracking: Tracks active application and window title out of the box, more with watchers. - Categories: Get a better overview of your usage by breaking it down into categories. - Browser extensions: Track the active tab using the extensions for Chrome and Firefox. - Editor plugins: Track how you spend time writing code with editor watchers. - Privacy: Data is stored locally and doesn't leave your device, we put local and privacy first. - Cross-platform: Runs on Windows, macOS, Linux, and Android.
Bug#989813: RFP: peepdf -- tool to analyze PDF documents
Package: wnpp Severity: wishlist * Package name: peepdf Version : 0.3 Upstream Author : Jose Miguel Esparza * URL : https://eternal-todo.com/tools/peepdf-pdf-analysis-tool * License : GPL-3.0 Programming Lang: Python Description : tool to analyze PDF documents peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it's possible to see all the objects in the document showing the suspicious elements, supports the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of PyV8 and Pylibemu it provides Javascript and shellcode analysis wrappers too. Apart of this it is able to create new PDF files, modify existent ones and obfuscate them.
Bug#987512: tiger: Filesystem 'fuse.portal' used by 'portal' is not recognised as a valid filesystem
Package: tiger Version: 1:3.2.4~rc1-3 Severity: normal Tags: patch The cronjob generates the following output everytime it runs gen_mounts: --CONFIG-- [con010c] Filesystem 'fuse.portal' used by 'portal' is not recognised as a valid filesystem Attached is a simple patch which fixes that. Francois -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tiger depends on: ii binutils 2.35.2-2 ii bsdutils 1:2.36.1-7 ii debconf [debconf-2.0] 1.5.76 ii debianutils4.11.2 ii libc6 2.31-11 ii lsb-release11.1.0 ii net-tools 1.60+git20181103.0eebece-1 ii ucf3.0043 Versions of packages tiger recommends: ii chkrootkit 0.54-1 pn john ii postfix [mail-transport-agent] 3.5.6-1 pn tripwire | aide Versions of packages tiger suggests: ii lsof 4.93.2+dfsg-1.1 pn lynis -- debconf information: * tiger/policy_adapt: * tiger/mail_rcpt: root -- https://fmarier.org/ --- a/systems/Linux/2/gen_mounts 2021-04-24 16:08:00.560004580 -0700 +++ b/systems/Linux/2/gen_mounts 2021-04-24 16:09:31.426299093 -0700 @@ -184,6 +184,7 @@ [ "$1" = "fuse.gvfsd-fuse" ] && LOCAL=1 # Used in Ubuntu 13.10 (Saucy Salamander) replaces fuse.gvfs-fuse-daemon [ "$1" = "fuse.ltspfs" ] && LOCAL=0 # Used by LTSP 5.x [ "$1" = "fuse.lxcfs" ] && LOCAL=0 + [ "$1" = "fuse.portal" ] && LOCAL=0 [ "$1" = "fuse.clamfs" ] && LOCAL=0 # ClamFS anti-virus protected file system [ "$1" = "fuse.javafs" ] && LOCAL=0 # Java FS, used by Wuala secure online storage, see: # https://github.com/puniverse/javafs
Bug#986968: GNOME extension crashes on startup and disables all other extensions
On 2021-04-14 at 10:47:46, Sébastien Villemot (sebast...@debian.org) wrote: > I really think that this issue should be fixed for bullseye, because it makes > workrave mostly unusable on our default desktop environment. Please let me > know > if you plan to fix it yourself, or if you prefer me to NMU. Given the freeze and the time-sensitive nature of this fix, I will gladly accept your help. Please go ahead with the NMU and unblock request. Francois -- https://fmarier.org/ signature.asc Description: PGP signature
Bug#986780: unblock: email-reminder/0.8.1-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package email-reminder [ Reason ] The .desktop file is not installed (bug #986744). [ Impact ] A non-technical user likely won't be able to start the application at all. [ Tests ] Manual test: open gnome-shell and ensure it's displayed in the list of applications. [ Risks ] Minimal: one-line change which only affects the .desktop file. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock email-reminder/0.8.1-3 diff -Nru email-reminder-0.8.1/debian/changelog email-reminder-0.8.1/debian/changelog --- email-reminder-0.8.1/debian/changelog 2021-01-18 22:01:41.0 -0800 +++ email-reminder-0.8.1/debian/changelog 2021-04-10 19:26:37.0 -0700 @@ -1,3 +1,9 @@ +email-reminder (0.8.1-3) unstable; urgency=medium + + * Add missing .desktop file (closes: #986744). + + -- Francois Marier Sat, 10 Apr 2021 19:26:37 -0700 + email-reminder (0.8.1-2) unstable; urgency=medium * Bump Standards-Version up to 4.5.1. diff -Nru email-reminder-0.8.1/debian/install email-reminder-0.8.1/debian/install --- email-reminder-0.8.1/debian/install 1969-12-31 16:00:00.0 -0800 +++ email-reminder-0.8.1/debian/install 2021-04-10 19:26:37.0 -0700 @@ -0,0 +1 @@ +email-reminder.desktop usr/share/applications
Bug#986744: email-reminder: Missing .desktop file
Package: email-reminder Version: 0.8.0-1 Severity: important The .desktop file for email-reminder editor is missing and so it cannot be easily be launched from a graphical desktop environment such as GNOME. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-5-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages email-reminder depends on: ii adduser3.118 ii cron 3.0pl1-137 ii debconf [debconf-2.0] 1.5.76 ii libdate-manip-perl 6.85-1 ii libemail-valid-perl1.202-1 ii libxml-dom-perl1.46-1 ii perl 5.32.1-3 ii python33.9.2-3 ii python3-defusedxml 0.6.0-2 ii python3-pyside2.qtcore 5.15.2-1 ii python3-pyside2.qtgui 5.15.2-1 ii python3-pyside2.qtwidgets 5.15.2-1 Versions of packages email-reminder recommends: ii anacron 2.3-30 ii libauthen-sasl-perl 2.1600-1.1 ii libemail-mime-encodings-perl1.315-2 ii libnet-smtp-ssl-perl1.04-1 ii postfix [mail-transport-agent] 3.5.6-1 email-reminder suggests no packages. -- Configuration Files: /etc/logcheck/ignore.d.server/email-reminder [Errno 13] Permission non accordée: '/etc/logcheck/ignore.d.server/email-reminder' -- debconf information excluded
Bug#984764: RFP: up -- a tool for writing pipes interactively, with live preview of results
Package: wnpp Severity: wishlist * Package name: up Version : 0.4 Upstream Author : Mateusz Czapliński * URL : https://github.com/akavel/up * License : Apache-2.0 Programming Lang: Go Description : a tool for writing pipes interactively, with live preview of results up is the Ultimate Plumber, a tool for writing Linux pipes in a terminal-based UI interactively, with instant live preview of command results. . The main goal of the Ultimate Plumber is to help interactively and incrementally explore textual data in Linux, by making it easier to quickly build complex pipelines, thanks to a fast feedback loop. This is achieved by boosting any typical Linux text-processing utils such as grep, sort, cut, paste, awk, wc, perl, etc., etc., by providing a quick, interactive, scrollable preview of their results.
Bug#980783: RFP: literate-git -- Render hierarchical git repositories into HTML
Package: wnpp Severity: wishlist * Package name: literate-git Version : 0.3.1 Upstream Author : Ben North * URL : https://github.com/bennorth/literate-git/ * License : GPL-3.0-or-later Programming Lang: Python Description : Tool to render a hierarchical git history into HTML
Bug#978877: Unable to reproduce
I just did the following: sudo apt-get -t=experimental install autoconf and then rebuilt the pdfresurrect as-is on my amd64 machine successfully. See attached build log. Also, looking at the build log you sent (http://qa-logs.debian.net/2020/09/26.ac270/pdfresurrect_0.21-1_unstable_ac270.log), as far as I can see, it's using autoconf 2.69c, not 2.70. Are you sure it's related to autoconf2.70? Francois -- https://fmarier.org/ dpkg-buildpackage -us -uc -ui -i -I dpkg-buildpackage: info: paquet source pdfresurrect dpkg-buildpackage: info: version source 0.21-2 dpkg-buildpackage: info: distribution source UNRELEASED dpkg-buildpackage: info: source changé par Francois Marier dpkg-source -i -I --before-build . dpkg-buildpackage: info: architecture hôte amd64 debian/rules clean dh clean dh_clean dpkg-source -i -I -b . dpkg-source: info: utilisation du format source « 3.0 (quilt) » dpkg-source: info: construction de pdfresurrect en utilisant le ./pdfresurrect_0.21.orig.tar.gz existant dpkg-source: info: construction de pdfresurrect dans pdfresurrect_0.21-2.debian.tar.xz dpkg-source: info: construction de pdfresurrect dans pdfresurrect_0.21-2.dsc debian/rules binary dh binary dh_update_autotools_config dh_autoreconf configure.ac:21: warning: The macro `AC_HEADER_STDC' is obsolete. configure.ac:21: You should run autoupdate. ./lib/autoconf/headers.m4:704: AC_HEADER_STDC is expanded from... configure.ac:21: the top level configure.ac:44: warning: The macro `AC_HELP_STRING' is obsolete. configure.ac:44: You should run autoupdate. ./lib/autoconf/general.m4:203: AC_HELP_STRING is expanded from... ./lib/autoconf/general.m4:1533: AC_ARG_ENABLE is expanded from... configure.ac:44: the top level dh_auto_configure ./configure --build=x86_64-linux-gnu --prefix=/usr --includedir=\${prefix}/include --mandir=\${prefix}/share/man --infodir=\${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --disable-option-checking --disable-silent-rules --libdir=\${prefix}/lib/x86_64-linux-gnu --runstatedir=/run --disable-maintainer-mode --disable-dependency-tracking checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether the compiler supports GNU C... yes checking whether gcc accepts -g... yes checking for gcc option to enable C11 features... none needed checking for dirent.h that defines DIR... yes checking for library containing opendir... none required checking for stdio.h... yes checking for stdlib.h... yes checking for string.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for strings.h... yes checking for sys/stat.h... yes checking for sys/types.h... yes checking for unistd.h... yes checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for stdlib.h... (cached) yes checking for string.h... (cached) yes checking for an ANSI C-conforming const... yes checking for size_t... yes checking for strdup... yes checking for strtol... yes checking whether closedir returns void... no checking build system type... x86_64-pc-linux-gnu checking host system type... x86_64-pc-linux-gnu checking for GNU libc compatible malloc... yes checking for working memcmp... yes checking for GNU libc compatible realloc... yes checking for memset... yes checking for mkdir... yes checking for strchr... yes checking for strrchr... yes checking for strstr... yes configure: creating ./config.status config.status: creating Makefile dh_auto_build make -j4 make[1] : on entre dans le répertoire « /home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21 » gcc -o main.o -c main.c -g -O2 -ffile-prefix-map=/home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21=. -fstack-protector-strong -Wformat -Werror=format-security gcc -o pdf.o -c pdf.c -g -O2 -ffile-prefix-map=/home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21=. -fstack-protector-strong -Wformat -Werror=format-security gcc -o pdfresurrect main.o pdf.o -g -O2 -ffile-prefix-map=/home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21=. -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -Wl,-z,now make[1] : on quitte le répertoire « /home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21 » dh_auto_test create-stamp debian/debhelper-build-stamp dh_prep dh_installdirs dh_auto_install make -j4 install DESTDIR=/home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21/debian/pdfresurrect AM_UPDATE_INFO_DIR=no make[1] : on entre dans le répertoire « /home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21 » mkdir -p /home/francois/devel/deb/pdfresurrect/build-area/pdfresurrect-0.21/debian/pdfresurrect/usr/bin cp pdfresurrect /home/francois
Bug#979544: error: failed to parse manifest
Package: cargo-outdated Version: 0.9.9-1+b1 Severity: important This is what I get when I use cargo-outdated 0.9.9 on the safe-rm repo: $ git clone https://git.launchpad.net/safe-rm $ cd safe-rm $ cargo outdated error: failed to parse manifest at `/tmp/user/1000/cargo-outdatedeMctiN/Cargo.toml` Caused by: no targets specified in the manifest either src/lib.rs, src/main.rs, a [lib] section, or [[bin]] section must be present whereas it works fine if I use the latest version (0.9.13) from crates.io. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cargo-outdated depends on: ii libc62.31-9 ii libcurl3-gnutls 7.74.0-1 ii libgcc-s110.2.1-3 ii libgit2-1.0 1.0.1+dfsg.1-3 ii libssh2-11.9.0-2 ii libssl1.11.1.1i-1 ii zlib1g 1:1.2.11.dfsg-2 cargo-outdated recommends no packages. cargo-outdated suggests no packages. -- no debconf information -- https://fmarier.org/
Bug#979538: limesuite-udev: /usr/lib/udev/rules.d/64-limesuite.rules:5 Invalid value for OPTIONS key, ignoring: 'last_rule'
Package: limesuite-udev Version: 20.10.0+dfsg-2 Severity: normal I'm seeing the following in my logs: Jan 7 06:01:54 hostname systemd-udevd[1116442]: /usr/lib/udev/rules.d/64-limesuite.rules:5 Invalid value for OPTIONS key, ignoring: 'last_rule' It's related to the following line in /lib/udev/rules.d/64-limesuite.rules: SUBSYSTEM=="xillybus", MODE="666", OPTIONS="last_rule" though I'm not sure what that option is supposed to be or whether it's really needed. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- no debconf information -- https://fmarier.org/
Bug#973505: akregator: Feeds no longer update
Le 2020-12-11 at 16:24:02, Sandro Knauß a écrit : > I cannot reproduce the issue you described. And from my side it seems, like > you mixed packages, that are build against different qt versions. Can you > verify that it is still an issue? It looks like the problem resolved itself. I haven't seen that in a little while. It's been working fine for me. Francois
Bug#976005: SyntaxWarning: "is" with a literal. Did you mean "=="?
Package: nohang Version: 0.1-1.1 Severity: normal I am seeing this in my logs: Nov 27 17:43:08 nohang[4109551]: /usr/sbin/nohang:1180: SyntaxWarning: "is" with a literal. Did you mean "=="? Nov 27 17:43:08 nohang[4109551]: if result is 0: Nov 27 17:43:08 nohang[4109551]: /usr/sbin/nohang:1341: SyntaxWarning: "is" with a literal. Did you mean "=="? Nov 27 17:43:08 nohang[4109551]: if n is 2: Nov 27 17:43:08 nohang[4109551]: The path to the config: /etc/nohang/nohang.conf Nov 27 17:43:08 nohang[4109551]: Monitoring started! Not sure what changed, but I did just upgrade all of my packages. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-3-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages nohang depends on: ii init-system-helpers 1.59 ii python3 3.9.0-3 nohang recommends no packages. Versions of packages nohang suggests: ii libnotify-bin 0.7.9-1 ii sudo 1.9.3p1-1 -- no debconf information
Bug#975287: RFP: rust-clippy -- lints to catch common mistakes and improve Rust code
Package: wnpp Severity: wishlist * Package name: rust-clippy Version : 1.47.0 Upstream Author : The Rust Project Developers * URL : https://github.com/rust-lang/rust-clippy * License : Apache-2.0 OR MIT Programming Lang: Rust Description : lints to catch common mistakes and improve Rust code A collection of lints to catch common mistakes and improve your Rust code. There are over 400 lints included in this crate! Lints are divided into categories, each with a default lint level. You can choose how much Clippy is supposed to annoy help you by changing the lint level by category. The lint list also contains "restriction lints", which are for things which are usually not considered "bad", but may be useful to turn on in specific cases. These should be used very selectively, if at all.
Bug#973505: akregator: Feeds no longer update
Package: akregator Version: 4:20.08.2-3 Severity: grave Justification: renders package unusable Since the last upgrade, feed updates no longer work. I see the following error when I start akregator from a terminal: kf.kio.core: couldn't create slave: "klauncher said: Erreur lors du chargement de « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so »." which roughly translates to: Error while loading /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so. I have also seen these errors in my logs, though I'm not 100% sure they are related to akregator: kf.i18n: KCatalog being used without a Q*Application instance. Some translations won't work Il est impossible d'ouvrir la bibliothèque « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so ». Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/file.so: (/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required by /lib/x86_64-linux-gnu/libQt5Network.so.5)) Il est impossible d'ouvrir la bibliothèque « /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so ». Cannot load library /usr/lib/x86_64-linux-gnu/qt5/plugins/kf5/kio/http.so: (/lib/x86_64-linux-gnu/libQt5Core.so.5: version `Qt_5.15' not found (required by /lib/x86_64-linux-gnu/libQt5Network.so.5)) Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages akregator depends on: ii kinit 5.74.0-2 ii kio5.74.0-2 ii libc6 2.31-4 ii libgcc-s1 10.2.0-16 ii libkf5codecs5 5.74.0-2 ii libkf5completion5 5.74.0-2 ii libkf5configcore5 5.74.0-2 ii libkf5configgui5 5.74.0-2 ii libkf5configwidgets5 5.74.0-2 ii libkf5coreaddons5 5.74.0-2 ii libkf5crash5 5.74.0-2 ii libkf5grantleetheme-plugins20.08.2-2 ii libkf5grantleetheme5 [libkf5grantleetheme5-20.08] 20.08.2-2 ii libkf5i18n55.74.0-3 ii libkf5jobwidgets5 5.74.0-2 ii libkf5kcmutils55.74.0-2 ii libkf5kiocore5 5.74.0-2 ii libkf5kiogui5 5.74.0-2 ii libkf5kiowidgets5 5.74.0-2 ii libkf5kontactinterface5 [libkf5kontactinterface5-20.08]20.08.2-2 ii libkf5libkdepim5 [libkf5libkdepim5-20.08] 4:20.08.2-2 ii libkf5messageviewer5abi1 [libkf5messageviewer5-20.08] 4:20.08.2-2 ii libkf5mimetreeparser5abi1 [libkf5mimetreeparser5-20.08]4:20.08.2-2 ii libkf5notifications5 5.74.0-2 ii libkf5notifyconfig55.74.0-2 ii libkf5parts5 5.74.0-2 ii libkf5pimcommon5abi2 [libkf5pimcommon5-20.08] 4:20.08.2-2 ii libkf5pimtextedit5abi2 [libkf5pimtextedit5-20.08] 20.08.2-2 ii libkf5service-bin 5.74.0-2 ii libkf5service5 5.74.0-2 ii libkf5syndication5abi1 1:5.74.0-2 ii libkf5textwidgets5 5.74.0-2 ii libkf5webengineviewer5abi1 [libkf5webengineviewer5-20.08] 4:20.08.2-2 ii libkf5widgetsaddons5 5.74.0-3 ii libkf5xmlgui5 5.74.0-2+b1 ii libkuserfeedbackcore1 1.0.0-3 ii libkuserfeedbackwidgets1 1.0.0-3 ii libqt5core5a 5.15.1+dfsg-2 ii libqt5dbus55.15.1+dfsg-2 ii libqt5gui5 5.15.1+dfsg-2 ii libqt5network5 5.15.1+dfsg-2 ii libqt5printsupport55.15.1+dfsg-2 ii libqt5webenginecore5 5.15.1+dfsg-5 ii libqt5webenginewidgets5
Bug#972801: akregator: Missing dependency on libkf5grantleetheme-plugins
Package: akregator Version: 4:20.08.2-2 Severity: normal After the latest update to akregator, clicking on any post would only show me an error about a missing "kde_grantlee_plugin" plugin. This is what fixed it: apt install libkf5grantleetheme-plugins So I guess this should be a dependency. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages akregator depends on: ii kinit 5.74.0-2 ii kio5.74.0-2 ii libc6 2.31-4 ii libgcc-s1 10.2.0-15 ii libkf5codecs5 5.74.0-2 ii libkf5completion5 5.74.0-2 ii libkf5configcore5 5.74.0-2 ii libkf5configgui5 5.74.0-2 ii libkf5configwidgets5 5.74.0-2 ii libkf5coreaddons5 5.74.0-2 ii libkf5crash5 5.74.0-2 ii libkf5grantleetheme5 [libkf5grantleetheme5-20.08] 20.08.2-2 ii libkf5i18n55.74.0-2 ii libkf5jobwidgets5 5.74.0-2 ii libkf5kcmutils55.74.0-2 ii libkf5kiocore5 5.74.0-2 ii libkf5kiogui5 5.74.0-2 ii libkf5kiowidgets5 5.74.0-2 ii libkf5kontactinterface5 [libkf5kontactinterface5-20.08]20.08.2-2 ii libkf5libkdepim5 [libkf5libkdepim5-20.08] 4:20.08.2-2 ii libkf5messageviewer5abi1 [libkf5messageviewer5-20.08] 4:20.08.2-2 ii libkf5mimetreeparser5abi1 [libkf5mimetreeparser5-20.08]4:20.08.2-2 ii libkf5notifications5 5.74.0-2 ii libkf5notifyconfig55.74.0-2 ii libkf5parts5 5.74.0-2 ii libkf5pimcommon5abi2 [libkf5pimcommon5-20.08] 4:20.08.2-2 ii libkf5pimtextedit5abi2 [libkf5pimtextedit5-20.08] 20.08.2-2 ii libkf5service-bin 5.74.0-2 ii libkf5service5 5.74.0-2 ii libkf5syndication5abi1 1:5.74.0-2 ii libkf5textwidgets5 5.74.0-2 ii libkf5webengineviewer5abi1 [libkf5webengineviewer5-20.08] 4:20.08.2-2 ii libkf5widgetsaddons5 5.74.0-3 ii libkf5xmlgui5 5.74.0-2 ii libqt5core5a 5.14.2+dfsg-6 ii libqt5dbus55.14.2+dfsg-6 ii libqt5gui5 5.14.2+dfsg-6 ii libqt5network5 5.14.2+dfsg-6 ii libqt5printsupport55.14.2+dfsg-6 ii libqt5webenginecore5 5.14.2+dfsg1-5 ii libqt5webenginewidgets55.14.2+dfsg1-5 ii libqt5widgets5 5.14.2+dfsg-6 ii libqt5xml5 5.14.2+dfsg-6 ii libstdc++6 10.2.0-15 akregator recommends no packages. akregator suggests no packages. -- no debconf information -- https://fmarier.org/
Bug#972067: RFP: onionscan -- tool for investigating the Dark Web
Package: wnpp Severity: wishlist * Package name: onionscan Version : 0.2 Upstream Author : Sarah Jamie Lewis * URL : https://onionscan.org/ * License : MIT Programming Lang: Go Description : tool for investigating the Dark Web OnionScan is a free and open source tool for investigating the Dark Web. It has two primary goals: . - We want to help operators of hidden services find and fix operational security issues with their services. We want to help them detect misconfigurations and we want to inspire a new generation of anonymity engineering projects to help make the world a more private place. . - Secondly we want to help researchers and investigators monitor and track Dark Web sites. In fact we want to make this as easy as possible. Not because we agree with the goals and motives of every investigation force out there - most often we don't. But by making these kinds of investigations easy, we hope to create a powerful incentive for new anonymity technology (see goal #1) -- https://fmarier.org/
Bug#972048: Work-around
reassign 972048 gnome-keyring thanks I've just realized two things: 1. The way to start ssh-agent isn't just "ssh-agent", it's actually eval "$(ssh-agent)" (https://unix.stackexchange.com/questions/48863/ssh-add-complains-could-not-open-a-connection-to-your-authentication-agent/48868#48868) 2. gnome-keyring-daemon is actually working, it's just no longer setting the SSH_AUTH_SOCK environment variable for some reason. I was able to work around this issue by adding this to my ~/.bashrc: export SSH_AUTH_SOCK=/run/user/$(id -u)/keyring/ssh (https://warlord0blog.wordpress.com/2020/01/29/gnome-keyring-and-ssh-agent/) So I guess this might be from a recent GNOME change. Francois -- https://fmarier.org/
Bug#972048: ssh-add: Could not open a connection to your authentication agent.
Package: openssh-client Version: 1:8.3p1-1 Severity: normal I'm not sure ssh-add is at fault here, but I don't know how to debug this any further. For the past 2-3 days, I've been unable to use ssh-add to add pubkeys to my ssh agent. It fails with gnome-keyring-daemon: $ gnome-keyring-daemon SSH_AUTH_SOCK=/run/user/1000/keyring/ssh $ ls -l /run/user/1000/keyring/ total 0 srwxr-xr-x 1 francois francois 0 11 oct 13:47 control= srwxr-xr-x 1 francois francois 0 11 oct 13:47 pkcs11= srwxr-xr-x 1 francois francois 0 11 oct 13:47 ssh= $ ssh-add Could not open a connection to your authentication agent. and also with ssh-agent: $ ssh-agent SSH_AUTH_SOCK=/tmp/ssh-vlTg2Dg8kttR/agent.9854; export SSH_AUTH_SOCK; SSH_AGENT_PID=9855; export SSH_AGENT_PID; echo Agent pid 9855; $ ls -l /tmp/ssh-vlTg2Dg8kttR/ total 0 srw--- 1 francois francois 0 11 oct 13:49 agent.9854= $ ssh-add Could not open a connection to your authentication agent. Francois -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.8.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-client depends on: ii adduser 3.118 ii dpkg 1.20.5 ii libc6 2.31-4 ii libedit2 3.1-20191231-1 ii libfido2-11.5.0-2 ii libgssapi-krb5-2 1.17-10 ii libselinux1 3.1-2 ii libssl1.1 1.1.1h-1 ii passwd1:4.8.1-1 ii zlib1g1:1.2.11.dfsg-2 Versions of packages openssh-client recommends: ii xauth 1:1.0.10-1 Versions of packages openssh-client suggests: pn keychain pn libpam-ssh pn monkeysphere ii ssh-askpass 1:1.2.4.1-10+b1 ii ssh-askpass-gnome [ssh-askpass] 1:8.3p1-1 -- no debconf information -- https://fmarier.org/
Bug#958179: create user-friendly startup configuration
Hi Florian, I agree it's tricky to get the docs right. On 2020-09-24 at 19:25:35, Florian Schlichting wrote: > Historically, the package has shipped a lot of infrastructure for > running as a system service, and I think having mpd run on a headless > box somewhere on the home network and being able to control one's music > remotely is one of its big appeals. That's closer to my use case, though not quite what I do. It's running on my desktop computer which I also use as a "home server". My goal is to have: - mpd working regardless of whether or not I am logged in - sound working for my user account (e.g. in vlc) without having to stop the mpd service That's probably not a reasonable default use case though. > However I feel most users would probably be served better by deleting all > of that infrastructure and configuring mpd to run from their user > session, just like their pulseaudio, which in my understanding is the > proper way to solve the permissions problem that Eduard mentions. That might be the way to go for the default. > Can we do sensible things for all of these use cases, or should we try > to do less but have that work out of the box? And what's the default use > case to be? I'm sure how to tackle all of this, but perhaps we should identify a few use cases and document them separately in the README. I can think of three: 1. systemd+pulseaudio in a user session 2. headless server 3. (whatever we call my use case) Francois -- https://fmarier.org/
Bug#969995: ITP: pip-check-reqs -- Find packages that should or should not be in requirements for a project
Package: wnpp Severity: wishlist Owner: Francois Marier X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: pip-check-reqs Version : 2.1.1 Upstream Author : Richard Jones * URL : https://github.com/r1chardj0n3s/pip-check-reqs * License : MIT Programming Lang: Python Description : checker for missing and extra packages in Python requirements It happens: you start using a module in your project and it works and you don't realise that it's only being included in your virtualenv because it's a dependency of a package you're using. pip-missing-reqs finds those modules so you can include them in the requirements.txt for the project. . Alternatively, you have a long-running project that has some packages in requirements.txt that are no longer actively used in the codebase. The pip-extra-reqs tool will find those modules so you can remove them.