Bug#775277: should we split krb5-kpropd into a separate package?
Hi Sam, On Fri, Oct 16, 2015 at 01:24:05PM +, Sam Hartman wrote: > I'm sorry. > I thought I had responded long ago on this, but apparently not. > I think the package split makes sense. I finally got a chance to give this kpropd package split a whirl. Attached is my first take on a patch. What's your take on the upgrade path: Do we need to make sure that someone who's using kpropd now doesn't get it uninstalled upon upgrade of krb5-kdc? Should we have a preinst script that detects a running kpropd and print a warning that he'll need to install krb5-kpropd? Thanks, -- Michael Weiserscience + computing ag Senior Solutions ArchitectGeschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Arno Steitz, Yvonne Veyhelmann Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Aufsichtsrat/Supervisory Board: Katrin James, Winfried Holz Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 >From 1a8ddc544abe303e2929edb6a9e4645e062b4caa Mon Sep 17 00:00:00 2001 From: Mark Proehl <m.pro...@science-computing.de> Date: Tue, 13 Jan 2015 14:34:50 +0100 Subject: [PATCH] Move kpropd into separate package This allows for more fine-granular deployment of services and allows easy integration of init script and systemd unit for kpropd (in addition to existing inetd example). Fixes #775277. --- debian/control | 21 +++- debian/krb5-kdc.install | 2 - debian/krb5-kdc.postinst| 12 - debian/krb5-kdc.prerm | 6 --- debian/krb5-kpropd.init | 127 debian/krb5-kpropd.install | 2 + debian/krb5-kpropd.postinst | 19 +++ debian/krb5-kpropd.prerm| 13 + debian/krb5-kpropd.service | 14 + debian/rules| 1 + 10 files changed, 196 insertions(+), 21 deletions(-) create mode 100755 debian/krb5-kpropd.init create mode 100644 debian/krb5-kpropd.install create mode 100644 debian/krb5-kpropd.postinst create mode 100644 debian/krb5-kpropd.prerm create mode 100644 debian/krb5-kpropd.service diff --git a/debian/control b/debian/control index e81e946..71c24d9 100644 --- a/debian/control +++ b/debian/control @@ -39,7 +39,7 @@ Depends: ${misc:Depends}, ${shlibs:Depends}, libkrb5-3 (= ${binary:Version}), libkadm5srv-mit9, krb5-config, krb5-user, lsb-base (>= 3.0-6), libverto-libev1 | libverto-libevent1, libkdb5-8 (>= 1.13.1+dfsg-1) -Suggests: openbsd-inetd | inet-superserver, krb5-admin-server, +Suggests: krb5-kpropd, krb5-admin-server, krb5-kdc-ldap (= ${binary:Version}) Description: MIT Kerberos key server (KDC) Kerberos is a system for authenticating users and services on a network. @@ -92,6 +92,25 @@ Description: MIT Kerberos master server (kadmind) slave KDCs. This package is generally only used on the master KDC for a Kerberos realm. +Package: krb5-kpropd +Architecture: any +Priority: optional +Depends: ${misc:Depends}, ${shlibs:Depends}, + krb5-kdc (= ${binary:Version}) +Suggests: openbsd-inetd | inet-superserver +Description: MIT Kerberos key server (KDC) + Kerberos is a system for authenticating users and services on a network. + Kerberos is a trusted third-party service. That means that there is a + third party (the Kerberos server) that is trusted by all the entities on + the network (users and services, usually called "principals"). + . + This is the MIT reference implementation of Kerberos V5. + . + This package contains the Kerberos slave KDC update server (kpropd). The + kpropd command runs on the slave KDC server. It listens for update requests + made by the kprop program, and periodically requests incremental updates from + the master KDC. This package should be installed on slave KDCs. + Package: krb5-multidev Section: libdevel Architecture: any diff --git a/debian/krb5-kdc.install b/debian/krb5-kdc.install index 93aecc4..15b0e83 100644 --- a/debian/krb5-kdc.install +++ b/debian/krb5-kdc.install @@ -2,8 +2,6 @@ usr/sbin/kproplog usr/share/man/man8/kproplog.8 usr/sbin/kdb5_util usr/share/man/man8/kdb5_util.8 -usr/sbin/kpropd -usr/share/man/man8/kpropd.8 usr/sbin/krb5kdc usr/share/man/man8/krb5kdc.8 usr/share/man/man5/kdc.conf.5 diff --git a/debian/krb5-kdc.postinst b/debian/krb5-kdc.postinst index e90e301..6e5a8be 100644 --- a/debian/krb5-kdc.postinst +++ b/debian/krb5-kdc.postinst @@ -46,18 +46,6 @@ EOF db_stop fi -# Only try to add the inetd line on an initial installation. Add it -# commented out in a way that will not be automatically enabled, since the -# Kerberos administrator should do that manually when ready. -# -# If update-inetd isn't available, don't bother, since it's just an example. -if [ "co
Bug#771818: puppet-module-saz-timezone: changing from ITP to RFP
Hi Lucas, On Sun, Dec 27, 2015 at 01:16:58PM +0100, Lucas Nussbaum wrote: > A long time ago, you expressed interest in packaging > puppet-module-saz-timezone. Unfortunately, > it seems that it did not happen. In Debian, we try not to keep ITP bugs open > for a too long time, as it might cause other prospective maintainers to > refrain from packaging the software. Well, this module as well as the others I opened ITPs for actually *are* packaged and I do alrady use them in a project. However, they are not uploaded since I'm no uploader and nobody else seems interested in them. So basically the only thing needed is someone actually uploading them to the distribution. Is there something like an RFU or can you (or I) turn these ITPs into RFSes? Thanks, Michael > If you are still interested in packaging puppet-module-saz-timezone, please > send a mail to >with: > retitle 771818 ITP: puppet-module-saz-timezone -- Manage timezone settings > via Puppet > owner 771818 ! > thanks > It is also a good idea to document your progress on this ITP from time to > time, by mailing <771...@bugs.debian.org>. If you need guidance on how to > package this software, please reply to this email, and/or contact the > debian-ment...@lists.debian.org mailing list. > Thank you for your interest in Debian, -- man liest sich, Micha > A: Yes. >> Q: Are you sure? >>> A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon?
Bug#775277: should we split krb5-kpropd into a separate package?
Hi Ben, > Looking at the patch, it feels awkward to manually install the unit file > and sysv script to the staging directory. If we created a new > krb5-kpropd package to be installed only on slave KDCs, then we could > benefit from the debian/packagename.init magic and also have the script > be active by default, since it would only be installed on machines which > should use it. Uh, somehow this slipped past me. I like the idea. What's the status here: Do all agree, a separate package is the way to go? Is someone even working on it? I'd be happy to give it a go, separating kpropd with it's init scripts out into a separate package. Thanks, -- Michael Weiserscience + computing ag Senior Solutions ArchitectGeschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196
Bug#801616: ITP: puppet-module-edgester-kerberos -- A puppet module for managing MIT Kerberos clients and servers
Package: wnpp Severity: wishlist Owner: Michael Weiser <michael.wei...@gmx.de> * Package name: puppet-module-edgester-kerberos Version : 0.2.0 Upstream Author : Jason Edgecombe <ja...@rampaginggeek.com> * URL : https://forge.puppetlabs.com/edgester/kerberos * License : BSD Programming Lang: Puppet Description : A puppet module for managing MIT Kerberos clients and servers The module supports installation of MIT Kerberos clients and servers. The server part supports creating the KDC database, starting the necessary daemons and configuring and triggering replication via kprop. Additional functionality includes provisioning of principals either locally on the server or remotely via the admin server as well as creation of keytab files. With properly SSL certificates this module can also configure and make use of PKINIT internally for creating a host ticket cache and accessing kadmind for administrative tasks. Finally, creation of trusts between realms can be set up. This module provides comprehensive support for managing Kerberos infrastructures using Puppet. I plan to package and maintain it via the Puppet Packaging Team on Alioth.
Bug#800366: ITP: puppet-module-pdxcat-nrpe -- This module installs and configures nrpe
Package: wnpp Severity: wishlist Owner: Michael Weiser <michael.wei...@gmx.de> * Package name: puppet-module-pdxcat-nrpe Version : 2.0.0 Upstream Author : The Computer Action Team <supp...@cat.pdx.edu> * URL : https://forge.puppetlabs.com/pdxcat/nrpe * License : Apache-2 Programming Lang: Puppet Description : This module installs and configures nrpe Class nrpe installs the packages and configures the daemon. Defined type nrpe::command can be used to add nrpe commands to the include directory for nrpe. Defined type nrpe::plugin can be used to install nrpe plugins. Configuring NRPE for Nagios-Monitoring is a standard systems administration task and this module implements it nicely. I plan to package and maintain this module via the Puppet Packaging Team on alioth.
Bug#799159: ITP: puppet-module-puppetlabs-dhcp -- Install and manage a DHCP server
Package: wnpp Severity: wishlist Owner: Michael Weiser <michael.wei...@gmx.de> * Package name: puppet-module-puppetlabs-dhcp Version : 0.4.0 Upstream Author : Puppet Labs * URL : https://forge.puppetlabs.com/puppetlabs/dhcp * License : Apache-2 Programming Lang: Puppet Description : Install and manage a DHCP server Installs and manages a DHCP server. It has the following features: Multiple subnet support, host reservations, secure dynamic DNS updates when combined with Bind, can create a dummy (ignored) subnet so that the server can be used only as a helper-address target. Configuring a DHCP server is a necessary step in setting up network installation servers which is quite a common task in large environments. I intend to package and maintain this module inside the puppet packaging team on alioth.
Bug#799160: ITP: puppet-module-puppetlabs-tftp -- Install and manage a TFTP service and configuration
Package: wnpp Severity: wishlist Owner: Michael Weiser <michael.wei...@gmx.de> * Package name: puppet-module-puppetlabs-tftp Version : 0.2.3 Upstream Author : Puppet Labs * URL : https://forge.puppetlabs.com/puppetlabs/tftp * License : Apache-2 Programming Lang: Puppet Description : Install and manage a TFTP service and configuration Install tftp-hpa package and configuration files. This module will install TFTP as a xinetd service by default. It can be overridden to run as a standalone daemon by setting the inetd parameter to false. Configuring a TFTP server is a necessary step in setting up network installation servers which is quite a common task in large environments. I intend to package and maintain this module inside the puppet packaging team on alioth.
Bug#790424: ITP: puppet-module-saz-ssh -- Manage SSH client and server via Puppet
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-saz-ssh Version : 2.8.1 Upstream Author : Steffen Zieger * URL : https://forge.puppetlabs.com/saz/ssh * License : Apache-2.0 Programming Lang: Puppet Description : Manage SSH client and server via Puppet This Puppet module allows to configure and manage SSH clients and servers using Puppet. System and per-user configurations as well as host keys can be managed. Using exported resources, known host files can be generated automatically. This is a very useful Puppet module and as far as I can tell the standard and most powerful module for this kind of functionality in the Puppet eco-system. I intend to package and maintain it inside the Puppet packaging team on Alioth. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#790427: ITP: puppet-module-saz-locales -- Manage locales on Linux
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-saz-locales Version : 2.2.2 Upstream Author : Steffen Zieger * URL : https://forge.puppetlabs.com/saz/locales * License : Apache-2.0 Programming Lang: Puppet Description : Manage locales on Linux This module allows to configure the system locale of Linux systems as well as generate additional locales that are to be available on the system. Configuring system locale is a standard administrative task and this module handles it seamlessly. I intend to package and maintain this module inside the puppet packaging team on alioth. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#790430: ITP: puppet-module-rgevaert-saslauthd -- Manage saslauthd on Debian like systems
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-rgevaert-saslauthd Version : 1.0.0 Upstream Author : Rudy Gevaert * URL : https://forge.puppetlabs.com/rgevaert/saslauthd * License : GPL-3 Programming Lang: Puppet Description : Manage saslauthd on Debian like systems The module configures and manages saslauth including installation and LDAP backend configuration. This seems to be the only module capable of managing saslauthd which is a quite common requirement when running LDAP servers in advanced security and authentication configurations. I intend to package and maintain this module inside the puppet packaging team on Alioth. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775277: krb5-kdc: kpropd init scripts missing from package
Hi Sam, On Wed, Apr 15, 2015 at 09:30:37AM -0400, Sam Hartman wrote: Michael Since we have provided a full, self-contained patch that Michael seems to solve the issue for good, can you please review Michael and comment on it so we can make some progress on getting Michael it included into the Debian package? Unfortunately, Debian 8.0 is in the final release freeze. After the release of Debian 8.0 later this month, we'll take a look for inclusion in the next Debian release. That's going to be a couple of years out though. Thanks for the quick update. How likely is it going to be to get this into jessie-backports once 8.0 is out? Obviously we're willing to help with that in terms of patching and testing. Can we get the review and integration process started even though 8.0 isn't out yet? This way we could provide updates and fixes as needed ahead of time and start the backporting to 8.0 as quickly as possible. At the worst (if refused) we'd at least know not to waste any more energy and waiting time on it and go looking for a more permanent workaround than building patched local packages. Thank you, -- Michael Weiserscience + computing ag Senior Systems Engineer Geschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#775277: krb5-kdc: kpropd init scripts missing from package
Hi, Mark and I have built and used our own local packages with this patch applied for some revisions now (at least -17, -18 and -19) and all seems fine. But it it is quite a hassle to rebuild those local packages on every Debian update. Since we have provided a full, self-contained patch that seems to solve the issue for good, can you please review and comment on it so we can make some progress on getting it included into the Debian package? In the meantime I have found https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734161 which unfortunately we seem to have duplicated. From what I gather, the same issue has been discussed but not fixed there as well. Feel free to close either as duplicate of the other and we will resubmit our patch as needed. Thank you, -- Michael Weiserscience + computing ag Senior Systems Engineer Geschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#734161: kpropd service
Hi, Mark Proehl has provided a patch adding an init script and systemd unit to the package in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775277. Can someone please review it so we can get it included? Thanks! -- Michael Weiserscience + computing ag Senior Systems Engineer Geschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780209: ITP: puppet-module-jlyheden-pam -- Puppet module for managing PAM
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-jlyheden-pam Version : 0.0.1 Upstream Author : Johan Lyheden jo...@lyheden.com * URL : https://github.com/jlyheden/puppet-pam * License : Apache-2.0 Programming Lang: Puppet Description : Puppet module for managing PAM The module allows to install and configure PAM modules. At the moment those are pam_ldap, pam_access and pam_mkhomedir. In particular, the module automatically registers templates with pam-auth-update so those modules are inserted into the PAM stack configuration using the system mechanisms. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#778605: ITP: puppet-module-asciiduck-sssd -- Manage the SSSD service
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-asciiduck-sssd Version : 0.1.4 Upstream Author : Kristopher Kirkland * URL : https://github.com/ASCIIDuck/asciiduck-sssd * License : Apache Programming Lang: Puppet Description : Manage the SSSD service This module will install, configure and manage the SSSD service, but it will not touch your nsswitch or your pam configs, that's the job for another module. This package will allow to configure sssd very elegantly using puppet. I use it. I plan to package it via the Puppet packaging team. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#778536: ITP: puppet-module-datacentered-ldap -- Module for managing OpenLDAP
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-datacentered-ldap Version : 0.3.0 Upstream Author : DataCentred Ltd * URL : https://forge.puppetlabs.com/datacentred/ldap * License : Apache Programming Lang: Puppet Description : Module for managing OpenLDAP The LDAP module manages both the installation and configuration of the LDAP client and SLAPD service, as well as extends Puppet to allow management of LDAP resources, such as database structure. It is a lightweight and easy-to-use module with useful features. I have been working with the authors to include new ones and they're very responsive and open for improvement. I plan to create the package and maintain it. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#777761: RFP: ruby-trocla -- Create and store (random) passwords on a central server which can be retrieved by other applications.
Package: wnpp Severity: wishlist * Package name: ruby-trocla Version : 0.0.12 Upstream Author : Marcel Haerry mh+tro...@immerda.ch * URL : https://github.com/duritong/trocla * License : GPL Programming Lang: Ruby Description : Create and store (random) passwords on a central server which can be retrieved by other applications. Trocla provides you a simple way to create and store (random) passwords on a central server, which can be retrieved by other applications. An example for such an application is puppet and trocla can help you to not store any plaintext or hashed passwords in your manifests by keeping these passwords only on your puppetmaster. Furthermore it provides you a simple cli that helps you to modify the password storage from the cli. In concert with its puppet module it provides a very elegant way to generate random but from then on fixed passwords for use on possibly multiple puppet clients on the fly and store them in a reasonably secure way on the server. I hope that since trocla is available as a gem, packaging effort will be minimal by using gem2deb. I can help in packaging and maintaining via the Debian Ruby team if desired. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#777906: ITP: puppet-module-duritong-trocla -- Use trocla password generator and storage from puppet.
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-duritong-trocla Version : 0.0.4 Upstream Author : Marcel Haerry mh+tro...@immerda.ch * URL : https://forge.puppetlabs.com/duritong/trocla * License : GPL Programming Lang: Puppet Description : Use trocla password generator and storage from puppet. This is the puppet module to manage a trocla installation on the puppet master. It also, provides the necessary function to query trocla from puppet. Trocla provides you a simple way to create and store (random) passwords on a central server, which can be retrieved by other applications. An example for such an application is puppet and trocla can help you to not store any plaintext or hashed passwords in your manifests by keeping these passwords only on your puppetmaster. For more information see https://github.com/duritong/trocla. trocla provides an elegant way to generate and store random but afterwards fixed passwords for use on possibly multiple clients. Passwords are stored on the Puppet master and only available to clients they're assigned to via the manifests. I'd like to create a Debian package via the Puppet packaging team and can help in maintenance. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771816: ITP: puppet-module-domcleal-augeasproviders -- Alternative Augeas-based providers for Puppet
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-domcleal-augeasproviders Version : 1.2.0 Upstream Author : Dominic Cleal * URL : https://forge.puppetlabs.com/domcleal/augeasproviders * License : Apache-2.0 Programming Lang: Ruby Description : Alternative Augeas-based providers for Puppet This module provides alternative providers for core Puppet types such as host and mailalias using the Augeas configuration library. It also adds some of its own types for new functionality. The advantage of using Augeas over the default Puppet parsedfile implementations is that Augeas will go to great lengths to preserve file formatting and comments, while also failing safely when needed. It is a dependency of the puppet-module-jakeb-system package. Packaging is already underway at https://anonscm.debian.org/git/pkg-puppet/puppet-module-domcleal-augeasproviders.git/. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771817: ITP: puppet-module-erwbgy-limits -- Puppet module for managing /etc/security/limits.conf
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-erwbgy-limits Version : 0.3.1 Upstream Author : 2012 Keith Burdis ke...@burdis.org * URL : https://forge.puppetlabs.com/erwbgy/limits * License : Apache-2.0 Programming Lang: Ruby Description : Puppet module for managing /etc/security/limits.conf The module is a dependency of the puppet-module-jakeb-system package. Packaging is already underway at https://anonscm.debian.org/git/pkg-puppet/puppet-module-erwbgy-limits.git. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771818: ITP: puppet-module-saz-timezone -- Manage timezone settings via Puppet
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-saz-timezone Version : 3.1.1 Upstream Author : Steffen Zieger * URL : https://forge.puppetlabs.com/saz/timezone * License : Apache-2.0 Programming Lang: Ruby Description : Manage timezone settings via Puppet This is a puppet module to manage timezone settings. Packaging is already underway at https://anonscm.debian.org/cgit/pkg-puppet/puppet-module-saz-timezone.git. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771819: ITP: puppet-module-jakeb-system -- Manage Linux system resources and services from hiera configuration
Package: wnpp Severity: wishlist Owner: Michael Weiser michael.wei...@gmx.de * Package name: puppet-module-jakeb-system Version : 1.0.0 Upstream Author : 2013 Jacob Berger jberger.pub...@live.com * URL : https://forge.puppetlabs.com/jakeb/system * License : Apache-2.0 Programming Lang: Ruby Description : Manage Linux system resources and services from hiera configuration The module allows looking up puppet resources from a hiera configuration database allowing for concise, redundancy-free expression of what to configure where whilst separating it from the actual logic how to do it. This greatly enhances puppet usability and maintainability. Packaging is already underway at https://anonscm.debian.org/git/pkg-puppet/puppet-module-jakeb-system.git. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#769107: debian-installer: grub-installer fails if more than 26 SCSI devices are present
Package: debian-installer Version: 20141002 Severity: important Tags: d-i Dear Maintainer, installing Debian jessie with weekly snapshot netinst ISO image http://cdimage.debian.org/cdimage/daily-builds/daily/arch-latest/amd64/iso-cd/debian-testing-amd64-netinst.iso on an x86_64 Server with lots of SCSI devices as of 2014-10-29 makes grub-installer croak. Debugging reveals that it stumbles across SCSI devices /dev/sda[a-z] being present. Patching it as follows (manually from a separate console in the install system) makes the installtion proceed without problem: From 4d91c83577a4dbe8c52271bbd157b450b8c7edf3 Mon Sep 17 00:00:00 2001 From: Michael Weiser m.wei...@science-computing.de Date: Fri, 31 Oct 2014 11:36:10 +0100 Subject: [PATCH] Allow for devices such as /dev/sdaa --- grub-installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-installer b/grub-installer index 2b61fb6..5bceec6 100755 --- a/grub-installer +++ b/grub-installer @@ -252,7 +252,7 @@ case $prefix in /dev/mapper) disc_offered_devfs=$bootfs ;; - /dev/[hsv]d[a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) + /dev/[hsv]d[a-z0-9][a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) disc_offered_devfs=$prefix ;; *) -- 2.1.1 -- System Information: Debian Release: jessie/sid APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- no debconf information -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Michael Heinrichs, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#769107: debian-installer: grub-installer fails if more than 26 SCSI devices are present
Hi Ben, On Tue, Nov 11, 2014 at 03:09:42PM +, Ben Hutchings wrote: From 4d91c83577a4dbe8c52271bbd157b450b8c7edf3 Mon Sep 17 00:00:00 2001 From: Michael Weiser m.wei...@science-computing.de Date: Fri, 31 Oct 2014 11:36:10 +0100 Subject: [PATCH] Allow for devices such as /dev/sdaa Based on a quick survey of block drivers: 'sd', 'rssd' and 'vd' may be followed by multiple letters 'dasd' may be followed by up to 4 letters 'scm' or 'xvd' may be followed by up to 2 letters Please don't just fix the 'sd' 2-letter case! Okay. New patch attached that should catch /dev/sdxy*, /dev/vdxy* and /dev/xvdx*. Can't find any place where grub-installer treats rssd, dasd or scm. - /dev/[hsv]d[a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) + /dev/[hsv]d[a-z0-9][a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) disc_offered_devfs=$prefix This was wrong: Didn't catch /dev/sda anymore. Understood now that it only worked because I was actually installing grub on /dev/sdaa. Regards. -- Michael Weiserscience + computing ag Senior Systems Engineer Geschaeftsstelle Duesseldorf Faehrstrasse 1 phone: +49 211 302 708 32 D-40221 Duesseldorf fax: +49 211 302 708 50 www.science-computing.de -- Vorstandsvorsitzender/Chairman of the board of management: Gerd-Lothar Leonhart Vorstand/Board of Management: Dr. Bernd Finkbeiner, Michael Heinrichs, Dr. Arno Steitz Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Philippe Miltin Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 From 333151e5eed04e7ef292bb15109131e731092674 Mon Sep 17 00:00:00 2001 From: Michael Weiser m.wei...@science-computing.de Date: Tue, 11 Nov 2014 16:59:05 +0100 Subject: [PATCH] Allow for devices with multiple enumeration characters Allow for installation of grub on devices such as /dev/sdaa or /dev/xvdab. --- grub-installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grub-installer b/grub-installer index 2b61fb6..cce326f 100755 --- a/grub-installer +++ b/grub-installer @@ -252,7 +252,7 @@ case $prefix in /dev/mapper) disc_offered_devfs=$bootfs ;; - /dev/[hsv]d[a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) + /dev/[hsv]d[a-z0-9]|/dev/[sv]d[a-z][a-z]*|/dev/xvd[a-z]*|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/ad[0-9]*|/dev/da[0-9]*) disc_offered_devfs=$prefix ;; *) -- 2.1.1
Bug#619889: heimdal-kdc: KDC does not find samba accounts in LDAP backend due to wrong search filter
Package: heimdal-kdc Version: 1.4.0~git20100726.dfsg.1-1+b1 Severity: normal Tags: patch Hello, current heimkdal-kdc in Debian 6 (1.4.0~git20100726.dfsg.1-1+b1) is a pre-release snapshot (1.3.99) of heimdal 1.4. When using an LDAP backend that contains samba accounts, they are not recognized as principals due to a wrong search filter. This has been fixed in 1.4 release with commit https://github.com/heimdal/heimdal/commit/901d655ba7d9dd4f912508b89c6e6803ee95b843#lib/hdb /hdb-ldap.c. As to be expected, heimdal-kdc 1.4.0-4 in testing does not have this problem and recognises samba accounts. An update of the package in Debian 6 or backport of this fix would be greatly appreaciated. Thanks, Micha -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages heimdal-kdc depends on: ii debconf [d 1.5.36.1 Debian configuration management sy ii heimdal-cl 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - clients ii krb5-confi 2.2 Configuration files for Kerberos V ii libasn1-8- 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - ASN.1 library ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libdb4.8 4.8.30-2 Berkeley v4.8 Database Libraries [ ii libedit2 2.11-20080614-2 BSD editline and history libraries ii libgssapi2 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - GSSAPI support ii libhdb9-he 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - kadmin server l ii libkadm5sr 1.4.0~git20100726.dfsg.1-1+b1 Libraries for Heimdal Kerberos ii libkdc2-he 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - KDC support lib ii libkrb5-26 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - libraries ii libroken18 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - roken support l ii libsl0-hei 1.4.0~git20100726.dfsg.1-1+b1 Heimdal Kerberos - SL support libr ii libssl0.9. 0.9.8o-4 SSL shared libraries ii openbsd-in 0.20080125-6 The OpenBSD Internet Superserver Versions of packages heimdal-kdc recommends: ii logrotate 3.7.8-6Log rotation utility Versions of packages heimdal-kdc suggests: pn heimdal-docs none (no description available) -- Vorstand/Board of Management: Dr. Bernd Finkbeiner, Dr. Roland Niemeier, Dr. Arno Steitz, Dr. Ingrid Zech Vorsitzender des Aufsichtsrats/ Chairman of the Supervisory Board: Michel Lepert Sitz/Registered Office: Tuebingen Registergericht/Registration Court: Stuttgart Registernummer/Commercial Register No.: HRB 382196 --- heimdal-1.3.3/lib/hdb/hdb-ldap.c2010-05-26 23:53:13.0 +0200 +++ heimdal-1.4/lib/hdb/hdb-ldap.c 2010-09-13 09:23:34.0 +0200 @@ -886,7 +886,7 @@ ldap_msgfree(*msg); *msg = NULL; - ret = escape_value(context, princname, quote); + ret = escape_value(context, userid, quote); if (ret) goto out;
Bug#564069: doesn't sync time with host OS
Hello, On Sun, Oct 04, 2009 at 11:50:34PM +0300, Vasilis Pappas wrote in bug #545222: I had the same problem and I think I found a workaround.. The problem seems to be that vmtoolsd is trying to load .so plugins but the plugin-path that is given to it contains other directories. So, it simply skips them and does not load any plugins (one of he plugins does the time synchronization) So, try the following : cd /etc/vmware/plugins cp vmusr/* vmsvc/* . /etc/init.d/open-vm-tools restart I believe this fix to the cause of bug #564069: Putting all plugins together into one plugin directory causes vmtoolsd to load plugins that require a running X server. Because this is most likely not the case at boot time, it will bail immediately. In consequence time synchronisation and all other services provided by vmtoolsd will not work and VMware will complain about VMtools not running on the guest. The only indicator is a warning message when called with the --log option *without* a running X server: # vmtoolsd --plugin-path=/etc/vmware-tools/plugins --log [Jan 20 22:55:55.819: ] [ warning] [Gtk] cannot open display: I believe the proper solution to both bugs is as follows: - leave the plugins in their subdirectories vmsvc and vmusr as installed by the Makefile - remove option --plugin-path /etc/vmware-tools/plugins from /etc/init.d/open-vm-tools This will cause vmtoolsd to find its plugins in /usr/local/open-vm-tools/vmsvc automagically. The symlink /etc/vmware-tools/plugins can be removed. With these changes applied, vmtoolsd starts and runs normally on my system now. -- Thanks in advance, Micha -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org