Bug#1059463: ejabberd logging as process "sh", appearing to be shell connections?
Hi there, you didn't specify where you found these log messages, so I can only assume it's via systemd, in which case the most likely explanation is that ejabberd is integrated with systemd via a shell script. Please explain in more detail what fix you expect. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_0xE5CA8C4925E4205F.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature
Bug#1031878: --fail-on warnings fails overrides even though --fail-on overrides is not specified
Hi, today I ran into the same issue on Bookworm. What was strange though: some packages hit this bug, others did not. Turns out it is related to "automatic" overrides being present or not. A python package of mine had automatic overrides for "package-contains-documentation-outside-usr-share-doc [usr/lib/python3/dist-packages/PackageName-Version.egg-info*]" The --show-overrides option (hitting #1019690 here) said: "N: masked by screen python/egg/metadata" After adding explicit overrides in the package the --fail-on function worked correctly again and I got exit code 0 instead of 2. Hope this helps! Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_0xE5CA8C4925E4205F.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Bug#1019690: lintian: Exit code = 2 when using --show-overrides with overriden lintian error
FWIW, I can reproduce and thus confirm this. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_0xE5CA8C4925E4205F.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Bug#1037119: Acknowledgement (Fix rootlesskit with nss when subuids are defined for both the user name and the user id)
tags 1037119 + patch thanks The upstream pull request that fixes this issue is https://github.com/rootless-containers/rootlesskit/pull/369, the actual commit is https://github.com/rootless-containers/rootlesskit/commit/15e24157f875dcf56e9532da755fef0ae279 Best wishes Philipp
Bug#1037119: Fix rootlesskit with nss when subuids are defined for both the user name and the user id
Package: rootlesskit Version: 1.1.0-1 Severity: important Tags: upstream In LDAP-based environments both "getsubids myusername" and "getsubids 1234" (where "id myusername" equals to "1234") can return exactly the same subuid ranges. This happens when one of /etc/subuid or nss returns mappings for both the user id and the user name. Both "newgidmap" and "newuidmap" fail when the parameters contain duplicate ranges. This in turn makes rootlesskit fail. Release 1.1.1 of rootlesskit fixes this issue by eliminating duplicate subuid ranges before calling "newgidmap" and "newuidmap". Please fix this bug for Bookworm. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `-
Bug#924664: ejabberd: node migration broken
Hello Anton, any news on this? On Wed, 15 Sep 2021 16:21:27 +0100 Anton Ivanov wrote: OK. I will retest when I upgrade to current stable which should happen in the next few days. A. OpenPGP_0xE5CA8C4925E4205F.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Bug#1022070: Booting semi-hangs with 'drm_atomic_helper_wait_for_flip_done' errors and alike
Hi, we've got the same problem with at least Lenovo L15 Gen2 and E495. I can provide more details if necessary. Booting into the previous kernel linux-image-5.10.0-18-amd64 works just fine. Best wishes Philipp
Bug#1013644: erlang-p1-tls: FTBFS: test failed
Hi Lucas, unfortunately I am unable to reproduce this error. How do you suggest to continue here? Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#1012049: photofilmstrip: unable to add pictures
Hi, I can confirm this bug on current Debian Sid, Python 3.10 and python3-wxgtk4.0 4.0.7. Am 04.06.22 um 10:24 schrieb PhotoFilmStrip: > As a quick fix you might edit the file > "/home/gravis/pfs/photofilmstrip/gui/ImageSectionEditor.py" on line 675. > Change the line: > img = self._wxImg.Scale(width, height) > to > img = self._wxImg.Scale(int(round(width)), int(round(height))) I tried that fix, it solves that issue but then another one pops up: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/photofilmstrip/gui/PnlPfsProject.py", line 501, in OnLvPicsSelectionChanged self._OnPicsSelectionChanged(selItems, selPics) File "/usr/lib/python3/dist-packages/photofilmstrip/gui/PnlSlideshow.py", line 127, in _OnPicsSelectionChanged self.bitmapLeft.SetSection(wx.Rect(*selPics[0].GetStartRect())) TypeError: Rect(): arguments did not match any overloaded call: overload 1: too many arguments overload 2: argument 2 has unexpected type 'float' overload 3: argument 1 has unexpected type 'int' overload 4: argument 1 has unexpected type 'int' overload 5: argument 1 has unexpected type 'int' overload 6: argument 1 has unexpected type 'int' Traceback (most recent call last): File "/usr/lib/python3/dist-packages/photofilmstrip/gui/ImageSectionEditor.py", line 221, in OnPaint self.__DrawSection(dc) File "/usr/lib/python3/dist-packages/photofilmstrip/gui/ImageSectionEditor.py", line 150, in __DrawSection sectRect = self.__SectRectToClientRect() File "/usr/lib/python3/dist-packages/photofilmstrip/gui/ImageSectionEditor.py", line 140, in __SectRectToClientRect sectRect = wx.Rect(left + (self._sectRect.GetLeft() * self._zoom), TypeError: Rect(): arguments did not match any overloaded call: overload 1: too many arguments overload 2: argument 1 has unexpected type 'float' overload 3: argument 1 has unexpected type 'float' overload 4: argument 1 has unexpected type 'float' overload 5: argument 1 has unexpected type 'float' overload 6: argument 1 has unexpected type 'float' > I have a look at the issue myself and try to publish a fix. Please ping me when that's done. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#1009653: dh-rebar: please export REBAR_DEPS_PREFER_LIBS="TRUE"
Package: dh-rebar Version: 0.0.4+nmu1 Severity: important Dear Maintainer, thanks to https://github.com/erlang/rebar3/issues/1855 I have become aware of the environment variable REBAR_DEPS_PREFER_LIBS, which if set to "TRUE" makes it unnecessary to patch out deps from rebar.config(.script). Instead of adding this to every single Erlang package's rules file, I request this to be set from dh-rebar. Best wishes Philipp -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-6-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dh-rebar depends on: ii debhelper 13.6 ii rebar 2.6.4-3 dh-rebar recommends no packages. dh-rebar suggests no packages. -- no debconf information
Bug#1004467: libostree-1-1: flatpak crashes when creating a bundle
Am 28.01.22 um 11:44 schrieb Simon McVittie: > On Fri, 28 Jan 2022 at 08:27:19 +0100, Philipp Huebner wrote: >> On Debian Bullseye, flatpak crashes when trying to create a bundle. > > Is this specific to being in an ecryptfs directory, or some other special > filesystem configuration? Yes, it hangs/crashes when $HOME is ecrypfs encrypted. On a simple clean Debian 11 without ecryptfs the bundling finishes successfully. OpenPGP_signature Description: OpenPGP digital signature
Bug#1004467: libostree-1-1: flatpak crashes when creating a bundle
Am 28.01.22 um 11:44 schrieb Simon McVittie:> On Fri, 28 Jan 2022 at 08:27:19 +0100, Philipp Huebner wrote: >> On Debian Bullseye, flatpak crashes when trying to create a >> bundle. > > Is this specific to being in an ecryptfs directory, or some other > special filesystem configuration? Not sure, I'll check. > To confirm: you were able to resolve this by applying the patch to > *ostree*, and not touching *flatpak*? Confirmed, that's exactly what I did. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#1004467: libostree-1-1: flatpak crashes when creating a bundle
Package: libostree-1-1 Version: 2020.8-2 Severity: important Tags: upstream patch On Debian Bullseye, flatpak crashes when trying to create a bundle. That issue has also already been reported here: https://github.com/flatpak/flatpak/issues/4673 I could solve the issue by applying the absolutely minimal patch from https://gitlab.gnome.org/GNOME/libglnx/-/merge_requests/30 Please apply this patch to the package in Bullseye, thanks! Best wishes Philipp
Bug#990168: ejabberd: legacy conffiles leftover
Hi, what you have reported here is a leftover of #895371 which only happens on installations << 18.04-1, which is << oldstable a.k.a. Stretch and older. I'm reluctant to address this since it does no harm and does not affect any fresh installation on Debian >= 10. What I'd need to fix this is a way to unregister /etc/default/ejabberd as a conffile but leave the file in place. Using dpkg-maintscript-helper or deb-conffiles would remove the actual file, which is unacceptable. Backup+Restore of that file around either of those tools seems to me like not worth the hassle. You could simply remove the line from /var/lib/dpkg/info/ejabberd.conffiles, but I'm pretty sure I am not allowed to do that from a maintainer script. I'm CCing Jonas, who reported #895371, for maybe he has a good idea how to clean this up. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#993001: ejabberd: send_message API command is broken in 21.01 (fixed in 21.04+)
Hi Daniel, I have prepared a fixed source package for Debian 11. You can download a fixed binary package for amd64 here: https://apt.debalance.de/pool/main/e/ejabberd/ejabberd_21.01-2+deb11u1_amd64.deb Please verify the fix, I will then request Debian 11 to be updated. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#1002346: python-transitions: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13
forwarded 1002346 https://github.com/pytransitions/transitions/issues/559 tags 1001479 + confirmed upstream pending fixed-upstream tags 1002346 + confirmed upstream pending fixed-upstream thanks This is a duplicate of #1001479, which I have forwarded upstream and which was fixed there already, I'm just waiting for a new release. Best wishes Philipp
Bug#1001425: python-odoorpc: (autopkgtest) needs update for python3.10: module 'collections' has no attribute 'MutableMapping'
Hi, there is a patch available at https://github.com/OCA/odoorpc/pull/67/commits/7335e594b02ce7645beefa67d541d5b34df0daaf, I will give that a try. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#984690: phased updates support
On Sun, 7 Mar 2021 06:43:24 + Patrick Schleizer wrote: > Dear maintainer, > > could you please add phased updates support? +1 This would be awesome! Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#998108: firefox freezes shortly after start
Hi, I am affected by the same problem. After downgrading to firefox=93.0-1 from snapshot.debian.org the problem is gone. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#943343: fwupd: fwupd-refresh.service failed to start Refresh fwupd metadata and update motd.
Hi there, looking into the same issues on multiple Bullseye systems, I can confirm the cause to be an incorrect /etc/nsswitch.conf. After fixing that I had to reboot for the fix to work, I guess restarting some systemd or dbus service would have done the trick as well. Now for a proper fix: IMHO fwupd should either depend on libnss-systemd or disable the refresh service and timer in postinst if this recommended package is not present. Best wishes Philipp Huebner
Bug#991999: ejabberd: Enable Elixir support
Hi there! > Dear Maintainer, > > are there any plans to enable Elixir support? So far there aren't any. > I think Elixir support would make ejabberd more hackable. > Writing custom modules is probably too hard for people (like me) > unfamiliar with Erlang. Elixir language seems easier to learn. > > I already managed to build a Debian package ejabberd-21.07 with Elixir > support from salsa. (thank you for your great packaging job!) > But my package is not ready for production. There is still a lot of > work to do and my skills in Debian packaging and erlang/elixir/mix > toolchain are too limited to work on this alone. > > If you consider implementing this feature, I'd be happy to help. > I know next to nothing about Elixir, but if you can help out I'd be happy to add Elixir support to ejabberd in Debian. It might be sensible to loop in the maintainers of Elixir in Debian. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#988873: unblock: tomboy-ng/0.32-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package tomboy-ng
[ Reason ]
a)
My sponsee, the upstream developer and maintainer of tomboy ng,
recently informed me that tomboy-ng in Debian is unintentially built as a
GTK2 app instead of a Qt5 app, a fact that I also missed during my reviews.
Considering the current stage of Bullseye's release I advised him to
simply fix the (Build-)Depends and package description, because changing
to Qt5 now would result in a completely different binary package.
b)
The recent removal of libappindicator3 from Bullseye makes tomboy-ng difficult
to use for Gnome desktop users, this is addressed by a patch updating a help
document.
[ Impact ]
The package pulls in unnecessary Qt5 deps and lacks important documentation for
Gnome desktop users.
[ Tests ]
There are no changes to executable code what so ever. All changes are
to package config (descriptive) and to a single help document.
[ Risks ]
Minimal. This application is not depended on by any other packages, has
a limited user base. Executable and its installed config have not
changed.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
If you prefer a switch to the Qt5 version of tomboy-ng instead of sticking with
the GTK2 version for Bullseye, just let us know.
That change is currently planned for after the Bullseye release.
unblock tomboy-ng/0.32-2
diff -Nru tomboy-ng-0.32/debian/changelog tomboy-ng-0.32/debian/changelog
--- tomboy-ng-0.32/debian/changelog 2021-02-03 04:22:58.0 +0100
+++ tomboy-ng-0.32/debian/changelog 2021-05-19 09:09:18.0 +0200
@@ -1,3 +1,10 @@
+tomboy-ng (0.32-2) unstable; urgency=medium
+
+ * debian/control: Correct (Build-)Depends and long package description
+ * debian/patches: Update documentation regarding missing libappindicator3
+
+ -- David Bannon Wed, 19 May 2021 17:09:18 +1000
+
tomboy-ng (0.32-1) unstable; urgency=medium
* New Version Release
diff -Nru tomboy-ng-0.32/debian/control tomboy-ng-0.32/debian/control
--- tomboy-ng-0.32/debian/control 2021-02-03 04:22:58.0 +0100
+++ tomboy-ng-0.32/debian/control 2021-05-19 09:09:18.0 +0200
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: David Bannon
Rules-Requires-Root: no
-Build-Depends: debhelper-compat (=13), binutils, libx11-dev, libqt5pas-dev,
libnotify-dev, fpc (>=3.0.4), lazarus (>=2.0.6), lcl-qt5
+Build-Depends: debhelper-compat (=13), binutils, libgtk2.0-dev, libx11-dev,
libnotify-dev, fpc (>=3.0.4), lazarus (>=2.0.6)
Standards-Version: 4.5.1
Vcs-Browser: https://github.com/tomboy-notes/tomboy-ng
Vcs-Git: https://github.com/tomboy-notes/tomboy-ng.git
@@ -13,9 +13,9 @@
Provides: tomboy-ng
Architecture: any
Multi-Arch: foreign
-Depends: libqt5pas1, ${shlibs:Depends}, wmctrl, ${misc:Depends}
+Depends: ${shlibs:Depends}, libcanberra-gtk-module, wmctrl, ${misc:Depends}
Description: Tomboy Notes rewritten to ease installation and cross platform
tomboy-ng notes allows easy management of a large or small set of
notes. Notes can contain a range of font sizes, bold, italic and highlight.
Available for Linux, Windows amd Mac and easy sync between them.
- This is the Qt5 based version.
+ This is the GTK2 based version.
diff -Nru tomboy-ng-0.32/debian/patches/note-missing-libappindicator3.patch
tomboy-ng-0.32/debian/patches/note-missing-libappindicator3.patch
--- tomboy-ng-0.32/debian/patches/note-missing-libappindicator3.patch
1970-01-01 01:00:00.0 +0100
+++ tomboy-ng-0.32/debian/patches/note-missing-libappindicator3.patch
2021-05-19 09:09:18.0 +0200
@@ -0,0 +1,78 @@
+Description:
+ Since tomboy-ng 0.32-1 was released, Debian has dropped
+ libappindicator3-1. This means that an end user using the
+ Gnome Desktop will not see the necessary SysTray Icon.
+ So, change an existing help note to point them in the right direction.
+ IMPORTANT - This patch does not alter any source or executable code.
+ .
+ tomboy-ng (0.32-2) unstable; urgency=medium
+ .
+ * doc libappindicator issues
+ Author: David Bannon
+
+ Bug-Debian: https://bugs.debian.org/895037
+
+ Last-Update: 2021-05-19
+
+--- tomboy-ng-0.32.orig/doc/HELP/EN/systray.note
tomboy-ng-0.32/doc/HELP/EN/systray.note
+@@ -3,38 +3,36 @@
+ System Tray on Linux
+ System
Tray on Linux
+
+-Note : the message about not showing the SysTray is usually a false alarm
on Ubuntu. Sorry.
+
+-The normal way that a user interacts with tomboy-ng is via a small yellow
icon that appears on the System Tray, sometimes called the notification area.
However, not all Linux Desktop Environments are able to display System Tray
Icons, and some that can do not do so by default.
++The normal way that a user interacts with tomboy-ng is via a small yellow
icon that appears on the System Tray,
Bug#988115: erlang-p1-xmpp: Crashs with Ejabberd 21.01
Hey I uploaded the requested patch as part of erlang-p1-xmpp 1.5.2-3 into unstable and filed an unblock request for Bullseye in #988458. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#988458: unblock: erlang-p1-xmpp/1.5.2-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package erlang-p1-xmpp.
The package's patch series was extended with the change from
https://github.com/processone/xmpp/commit/0de31e95078e744b1faeafb314a469bbd0f444ef
as-is by downloading
https://github.com/processone/xmpp/commit/0de31e95078e744b1faeafb314a469bbd0f444ef.patch
[ Reason ]
Targeted bugfix that greatly improves stability + reliability of
ejabberd in testing, closing important bug #988115.
[ Impact ]
Admins see crashes in ejabberd's logs and some users experience weird
behaviour (like receiving the same room invitation again and again,
even after accepting or refusing the invitation).
[ Tests ]
Automated unit tests at build time, manual tests by me and the submitter of
#988115. The change has been committed upstream and will be part of future
releases.
[ Risks ]
Close to zero - a trivial 1-line change in the upstream source fixes the
return value when skipping queued tcp packets to already closed sockets.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
None.
unblock erlang-p1-xmpp/1.5.2-3
diff -Nru erlang-p1-xmpp-1.5.2/debian/changelog
erlang-p1-xmpp-1.5.2/debian/changelog
--- erlang-p1-xmpp-1.5.2/debian/changelog 2021-01-31 19:43:57.0
+0100
+++ erlang-p1-xmpp-1.5.2/debian/changelog 2021-05-13 12:35:16.0
+0200
@@ -1,3 +1,10 @@
+erlang-p1-xmpp (1.5.2-3) unstable; urgency=medium
+
+ * Added upstream patch to fix random crashes and weird behaviour with
+ejabberd 21.01 (Closes: #988115)
+
+ -- Philipp Huebner Thu, 13 May 2021 12:35:16 +0200
+
erlang-p1-xmpp (1.5.2-2) unstable; urgency=medium
* Corrected Multi-Arch setting to "allowed"
diff -Nru
erlang-p1-xmpp-1.5.2/debian/patches/0de31e95078e744b1faeafb314a469bbd0f444ef.patch
erlang-p1-xmpp-1.5.2/debian/patches/0de31e95078e744b1faeafb314a469bbd0f444ef.patch
---
erlang-p1-xmpp-1.5.2/debian/patches/0de31e95078e744b1faeafb314a469bbd0f444ef.patch
1970-01-01 01:00:00.0 +0100
+++
erlang-p1-xmpp-1.5.2/debian/patches/0de31e95078e744b1faeafb314a469bbd0f444ef.patch
2021-05-13 10:58:50.0 +0200
@@ -0,0 +1,24 @@
+From 0de31e95078e744b1faeafb314a469bbd0f444ef Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?=
+Date: Wed, 10 Feb 2021 10:04:56 +0100
+Subject: [PATCH] Fix return value when skipping queued tcp packet to already
+ closed socket
+
+This should fix ejabberd#3524
+---
+ src/xmpp_stream_in.erl | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/xmpp_stream_in.erl b/src/xmpp_stream_in.erl
+index f1a3330..1a4bb5a 100644
+--- a/src/xmpp_stream_in.erl
b/src/xmpp_stream_in.erl
+@@ -447,7 +447,7 @@ handle_info({tcp, _, Data}, #{socket := Socket} = State) ->
+ end);
+ % Skip new tcp messages after socket get removed from state
+ handle_info({tcp, _, _}, State) ->
+- State;
++noreply(State);
+ handle_info({tcp_closed, _}, State) ->
+ handle_info({'$gen_event', closed}, State);
+ handle_info({tcp_error, _, Reason}, State) ->
diff -Nru erlang-p1-xmpp-1.5.2/debian/patches/series
erlang-p1-xmpp-1.5.2/debian/patches/series
--- erlang-p1-xmpp-1.5.2/debian/patches/series 2021-01-31 19:43:57.0
+0100
+++ erlang-p1-xmpp-1.5.2/debian/patches/series 2021-05-13 10:59:11.0
+0200
@@ -1,3 +1,3 @@
remove-deps.diff
fix-includes.diff
-#disable_cover.diff
+0de31e95078e744b1faeafb314a469bbd0f444ef.patch
Bug#988115: erlang-p1-xmpp: Crashs with Ejabberd 21.01
Hi there Am 06.05.21 um 00:49 schrieb pitchum: > This problem has been reported upstream in [3524] but the fix will be > available > in ejabberd 21.04. As a workaround I have backported the [patch] from > erlang-xmpp 1.5.3 and it has been working fine for a few weeks now. > > Could you also include this patch? > I hope it's not too late to have this bugfix included in Debian Bullseye. > > > [3524]:https://github.com/processone/ejabberd/issues/3524 > [patch]:https://github.com/processone/xmpp/commit/0de31e95 thank you for your efforts and this bug report! IMHO this absolutely minimal change qualifies as "fixes for severity: important bugs, only when this can be done via unstable" for unblocking, i.e. migration to testing before the Bullseye release should be allowed for this bugfix. I can't say when I'll get around to do this, I'll try to do it next week. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- OpenPGP_signature Description: OpenPGP digital signature
Bug#986271: redshift-gtk launched automatically with GDM's GTK greeter consumes 100% CPU
Package: redshift-gtk Version: 1.12-4 Severity: important X-Debbugs-Cc: pkg-gnome-maintain...@lists.alioth.debian.org Hi, this week I installed multiple laptops with Debian Bullseye and was wondering why the battery lifetime was so bad. The cause was obvious upon first glance into htop: redshift-gtk was running for GDM's GTK greeter, but instead of working correctly it was constantly consuming 100% power of one CPU core. After killing redshift-gtk, the battery lifetime quadrupled. redshift-gtk should either not be launched for the "Debian-gdm" user or work correctly in the GDM GTK greeter session. Note: this only affects Bullseye (and probably Sid), on Buster this issue is non-existent as redshift-gtk does not start with the GDM GTK greeter session. Regards Philipp
Bug#982110: RM: plotdrop -- ROM; not ported to Python3 and no upstream activity in almost 5 years
Package: ftp.debian.org Severity: normal It seems that shortly after my sponsoring of the latest plotdrop upload in June 2016 all upstream activity has stopped. The package has multiple RC bugs and has not been ported to Python 3, hence I request the removal from the archive. Should upstream become active again in the future and port plotdrop to Python 3, I would be happy to sponsor a new upload. Regards Philipp
Bug#978634: ITP: python-fsquota -- Python filesystem quota module
Package: wnpp Severity: wishlist Owner: Philipp Huebner X-Debbugs-Cc: debian-de...@lists.debian.org * Package name: python-fsquota Version : 0.1.0 Upstream Author : T. Zoerner * URL : https://pypi.org/project/FsQuota/ * License : GPL-2.0+ Programming Lang: Python Description : Python filesystem quota module This module for Python 3 allows accessing file system quotas on UNIX platforms from Python scripts. This works both for locally mounted file systems and network file systems (via RPC, i.e. Remote Procedure Call). The interface is designed to be independent of UNIX flavours as well as file system types. I intend to maintain this module inside the Debian Python team.
Bug#972500: hamster-time-tracker does not launch on Buster using the backported package
Hi, Am 19.10.20 um 17:39 schrieb Raphael Hertzog: > Philipp, you uploaded the backport. Can you have a look at this report? sure, I will do that tomorrow. Since hamster was not part of buster I did not test an old hamster profile with the new hamster-time-tracker. @Ulrike: could you please give it a try with your existing config+data temporarily renamed? Best wishes Philipp
Bug#882870: ITA: python-odoorpc -- pilot Odoo servers through RPC
retitle 882870 ITA: python-odoorpc -- pilot Odoo servers through RPC owner 882870 debala...@debian.org thanks I'll take care of this inside the Debian Python Modules Team. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#966917: Regression: cannot replace files on cifs mounts anymore when running linux-image-4.19.0-10-amd64
Hi again Am 04.08.20 um 12:57 schrieb Salvatore Bonaccorso: > Could you please check if applying > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e6705182d4e1b77248a93470d6d7b3013d59b30 > on top fixes the issue for you? > > The fix was backported to 4.19.135 and the introducing commit was > backported in 4.19.132. I have successfully rebuilt linux-image-4.19.0-10-amd64(-unsigned) in Version 4.19.132 with the reverting patch from the commit above on top, and can now confirm this solves the issue! Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#966917: Regression: cannot replace files on cifs mounts anymore when running linux-image-4.19.0-10-amd64
Hi, Am 04.08.20 um 12:57 schrieb Salvatore Bonaccorso: > Could you please check if applying > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e6705182d4e1b77248a93470d6d7b3013d59b30 > on top fixes the issue for you? yes, I can (and will) do that, but I am not very exercised in building patched kernels, so it would probably be quicker if an experienced person provided me with packages to test. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#966917: Regression: cannot replace files on cifs mounts anymore when running linux-image-4.19.0-10-amd64
Package: src:linux Version: 4.19.132-1 Severity: important Dear Maintainer(s), we are using several cifs mounts, among them our users' homes, and this regression causes graphical logins to fail, because ~/.local/share/xorg/Xorg.0.log could no longer be moved to ~/.local/share/xorg/Xorg.0.log.old: > Aug 3 04:19:41 /usr/lib/gdm3/gdm-x-session[8166]: (EE) Cannot move old log file "/home/phuebner/.local/share/xorg/Xorg.0.log" to "/home/phuebner/.local/share/xorg/Xorg.0.log.old" Manually deleting either Xorg.0.log or Xorg.0.log.old fixes logging in for the next attempt, deleting both fixes the next two login attempts. While looking for the root cause, it turned out to be a generic problem with linux-image-4.19.0-10-amd64: ~$ rm -f foo bar ~$ echo test > foo ~$ echo test > bar ~$ mv foo bar mv: cannot move 'foo' to 'bar': File exists This is a problem on all our cifs mounts, no file can be replaced without actively deleting it first. The mounts look like this (taken from /proc/mounts): //homes-server/phuebner /home/phuebner cifs rw,nosuid,nodev,relatime,vers=1.0,cache=strict,username=phuebner,uid=5079,noforceuid,gid=65534,noforcegid,addr=10.144.0.14,soft,unix,posixpaths,serverino,mapposix,nobrl,acl,rsize=1048576,wsize=65536,echo_interval=60,actimeo=1 0 0 The server is running samba 2:4.9.5 on Debian 10, for some tricky reasons we cannot use higher smb versions than 1.0 at the moment. Manually booting the client into the previous kernel (linux-image-4.19.0-9-amd64) restores the normal behaviour. Quick action on this would be much appreciated! Best wishes Philipp Huebner -- Package-specific info: ** Version: Linux version 4.19.0-10-amd64 (debian-ker...@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP Debian 4.19.132-1 (2020-07-24) ** Command line: BOOT_IMAGE=/vmlinuz-4.19.0-10-amd64 root=/dev/mapper/kaiserstaedter--vg-root ro net.ifnames=0 biosdevname=0 panic=10 quiet splash ** Tainted: OE (12288) * Out-of-tree module has been loaded. * Unsigned module has been loaded. ** Kernel log: [ 13.446455] input: HDA Intel PCH HDMI/DP,pcm=3 as /devices/pci:00/:00:1f.3/sound/card0/input15 [ 13.446492] input: HDA Intel PCH HDMI/DP,pcm=7 as /devices/pci:00/:00:1f.3/sound/card0/input16 [ 13.446525] input: HDA Intel PCH HDMI/DP,pcm=8 as /devices/pci:00/:00:1f.3/sound/card0/input17 [ 13.446559] input: HDA Intel PCH HDMI/DP,pcm=9 as /devices/pci:00/:00:1f.3/sound/card0/input18 [ 13.446592] input: HDA Intel PCH HDMI/DP,pcm=10 as /devices/pci:00/:00:1f.3/sound/card0/input19 [ 13.455092] uvcvideo: Failed to query (GET_INFO) UVC control 9 on unit 2: -32 (exp. 1). [ 13.483952] uvcvideo: Failed to query (GET_INFO) UVC control 4 on unit 2: -32 (exp. 1). [ 13.490660] Adding 33443836k swap on /dev/mapper/kaiserstaedter--vg-swap_1. Priority:-2 extents:1 across:33443836k SSFS [ 13.501821] uvcvideo: Failed to query (GET_INFO) UVC control 11 on unit 2: -32 (exp. 1). [ 13.526665] EXT4-fs (sda2): mounting ext2 file system using the ext4 subsystem [ 13.528021] EXT4-fs (sda2): mounted filesystem without journal. Opts: (null) [ 13.528354] uvcvideo 1-8.3:1.0: Entity type for entity Processing 2 was not initialized! [ 13.528355] uvcvideo 1-8.3:1.0: Entity type for entity Camera 1 was not initialized! [ 13.528395] input: HD USB Camera: HD USB Camera as /devices/pci:00/:00:14.0/usb1/1-8/1-8.3/1-8.3:1.0/input/input20 [ 13.528457] usbcore: registered new interface driver uvcvideo [ 13.528457] USB Video Class driver (1.1.1) [ 13.530352] usb 1-8.3: Warning! Unlikely big volume range (=3072), cval->res is probably wrong. [ 13.530354] usb 1-8.3: [6] FU [Mic Capture Volume] ch = 1, val = -1536/1536/1 [ 13.530427] usbcore: registered new interface driver snd-usb-audio [ 13.536767] intel_rapl: Found RAPL domain package [ 13.536768] intel_rapl: Found RAPL domain core [ 13.536769] intel_rapl: Found RAPL domain uncore [ 13.536770] intel_rapl: Found RAPL domain dram [ 13.608303] audit: type=1400 audit(1596441455.976:2): apparmor="STATUS" operation="profile_load" profile="unconfined" name="libreoffice-senddoc" pid=800 comm="apparmor_parser" [ 13.608462] audit: type=1400 audit(1596441455.980:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name="libreoffice-xpdfimport" pid=801 comm="apparmor_parser" [ 13.610256] audit: type=1400 audit(1596441455.980:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe" pid=805 comm="apparmor_parser" [ 13.610257] audit: type=1400 audit(1596441455.980:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="nvidia_modprobe//kmod" pid=805 comm="apparmor_parser" [ 13.610450] audit: type=1400
Bug#897688: RFP: tomboy-ng -- simple note-taking application
Hi David, coworkers of mine are interested in getting tomboy-ng into Debian since tomboy has been removed. I am therefore interested in sponsoring uploads and helping out with mentoring/advice. The first thing to do would be to turn this RFP into an ITP if you intend to maintain tomboy-ng in Debian. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#958307: ejabberd: Fails to make a backup
Hi Am 20.04.20 um 14:06 schrieb Santiago Castillo Oli: > The documentation (/usr/share/doc/ejabberd/README.Debian.gz says that > backups are stored in /var/backups when ejabberd is upgraded or > restored. I didn't check if this is working or is it also affected by > this problem. > > > There is not (or at least I didn't find) a proper place to store backups. > > I think it should be documented where to store backups, or have and > specific directory for backups that works. executing /var/lib/dpkg/info/ejabberd.prerm upgrade works like a charm. The trick is to create a writable directory for ejabberd inside /var/backups. Indeed, the documentation could be improved. Regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#951489: ITP: arpeggio -- parser interpreter based on PEG grammars
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: arpeggio Version : 1.9.2 Upstream Author : Igor R. Dejanović * URL : http://textx.github.io/Arpeggio/stable/ * License : MIT Programming Lang: Python Description : parser interpreter based on PEG grammars Arpeggio is a recursive descent parser with memoization based on PEG grammars (aka Packrat parser). I intend to maintain this package in the Python Applications Packaging Team (PAPT).
Bug#773869: freehep-graphicsio update
Hi, I have lost all interest in maintaining the freehep packages (I never did much anyway). Kind regards Philipp signature.asc Description: OpenPGP digital signature
Bug#945061: uninstallable due to Thunderbird security update to version 68
Package: xul-ext-sogo-connector Severity: grave Hi, due to the security update introducing Thunderbird 68, xul-ext-sogo-connector has become uninstallable and thus unusable in all suites from oldstable to unstable. Could you please package sogo-connector 68? (old-)stable updates would also be greatly appreciated. I'd be happy to help test updated packages. Best wishes Philipp
Bug#944543: ITP: erlang-unicode-util-compat -- unicode_util compatibility library for Erlang <= 20
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-unicode-util-compat Version : 0.5.0 Upstream Author : Benoit Chesneau * URL : https://github.com/benoitc/unicode_util_compat * License : Apache-2.0 Programming Lang: Erlang Description : unicode_util compatibility library for Erlang <= 20 This library allows the usage of unicode_util and string from Erlang R21 in older Erlang >= R18. It is primarily needed to provide backports of ejabberd for Buster.
Bug#944540: ITP: erlang-idna -- pure Erlang IDNA implementation that follows RFC 5891
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-idna Version : 6.0.0 Upstream Author : Benoit Chesneau * URL : https://github.com/benoitc/erlang-idna * License : MIT Programming Lang: Erlang Description : pure Erlang IDNA implementation that follows RFC 5891 This library adds support for IDNA 2008 and IDNA 2003 to Erlang. IDNA is short for "Internationalized Domain Names in Applications" and is standardized in RFC 5891.
Bug#944532: ITP: erlang-p1-acme -- ACME client library for Erlang
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-p1-acme Version : 1.0.2 Upstream Author : ProcessOne * URL : https://github.com/processone/p1_acme * License : Apache-2.0 Programming Lang: Erlang Description : ACME client library for Erlang This Erlang library provides an ACME client implementing RFC 8555. It was written for ejabberd which still uses it. It was split off into its own project to follow Erlang/OTP guidelines.
Bug#944307: RM: diffuse -- ROM; release critical bugs, upstream unresponsive
Package: ftp.debian.org Severity: normal Please remove diffuse from unstable, it is affected by rc bugs #885273 (pygtk unmaintained) and #942971 (python2 removal). Upstream is unresponsive and I don't have the capacity to take over. Kind regards Philipp Huebner
Bug#938034: python-plumbum: diff for NMU version 1.6.7-1.1
Hi, Am 06.10.19 um 03:26 schrieb Sandro Tosi: > Dear maintainer, > > I've prepared an NMU for python-plumbum (versioned as 1.6.7-1.1) and > uploaded it to DELAYED/7. Please feel free to tell me if I > should delay it longer. thx, looks fine, so if possible feel free to reduce/remove the delay. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#935811: ejabberd: 2019.08 breaks BOSH and WebSocket
Hi > The 2019.08 introduced a regression in BOSH and WebSocket support where the > HTTP Host(name) is not identical to the XMPP domain (very common setup). > > This has already been fixed upstream. I kindly request to include the fix in > a new upload of 2019.08 and not wait until a new ejabberd version is released > as that can take months. > > https://github.com/processone/ejabberd/issues/2989 thanks for reporting this bug along with a fix! Including that patch in a new upload of 19.08 is easily done. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933769: buster-pu: package erlang-p1-pkix/1.0.0-3+deb10u1
Control: tags -1 - moreinfo > Thanks for looking at fixing this is stable. The unstable upload is a > pre-requisite to that, so tagging accordingly - please remove the > "moreinfo" tag once the fix is in unstable. It is now. Release 1.0.3 contains the fix as can be seen on https://github.com/processone/pkix/commits/master Kind regards -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933040: ejabberd: certificates created with GnuTLS no longer compatible with ejabberd
Am 01.08.19 um 19:36 schrieb Gerald Turner: > On Thu, Aug 01 2019, Philipp Huebner wrote: >> your issue was fixed upstream, could you please try >> https://apt.debalance.de/pool/main/e/erlang-p1-pkix/erlang-p1-pkix_1.0.0-3+deb10u1_amd64.deb >> >> and report back if this solves your problem? > > Awesome! Problem solved. My temporary OpenSSL-signed certificate has > now been thrown out, yay! Thank you for your help, I have now opened https://bugs.debian.org/933769 to get this fixed for Buster. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933769: buster-pu: package erlang-p1-pkix/1.0.0-3+deb10u1
The corresponding bug report is #933040. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933769: buster-pu: package erlang-p1-pkix/1.0.0-3+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I would like to update erlang-p1-pkix in Buster to fix a regression in
ejabberd, prohibiting the use of GnuTLS certificates.
The patch is directly from upstream [1] and will also be part of the next
upload to unstable. To keep changes minimal I stripped the tests and
example certificates added with that commit.
The resulting package has been successfully tested in real life.
The full diff is attached.
[1]
https://github.com/processone/pkix/commit/2d7a3b80bf6fc0794720aca852e487a5064d8b86
diff --git a/debian/changelog b/debian/changelog
index 772931a..f7f2286 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+erlang-p1-pkix (1.0.0-3+deb10u1) buster; urgency=medium
+
+ * Added upstream patch to fix handling of GnuTLS certificates
+
+ -- Philipp Huebner Thu, 01 Aug 2019 11:34:25 +0200
+
erlang-p1-pkix (1.0.0-3) unstable; urgency=medium
* Updated debian/copyright
diff --git a/debian/patches/2d7a3b80bf6fc0794720aca852e487a5064d8b86.patch
b/debian/patches/2d7a3b80bf6fc0794720aca852e487a5064d8b86.patch
new file mode 100644
index 000..fe1ef43
--- /dev/null
+++ b/debian/patches/2d7a3b80bf6fc0794720aca852e487a5064d8b86.patch
@@ -0,0 +1,109 @@
+From 2d7a3b80bf6fc0794720aca852e487a5064d8b86 Mon Sep 17 00:00:00 2001
+From: Evgeny Khramtsov
+Date: Thu, 1 Aug 2019 12:23:48 +0300
+Subject: [PATCH] Use original DER during certification path validation
+
+Index: erlang-p1-pkix/src/pkix.erl
+===
+--- erlang-p1-pkix.orig/src/pkix.erl
erlang-p1-pkix/src/pkix.erl
+@@ -35,7 +35,8 @@
+ -define(CERTFILE_TAB, pkix_certfiles).
+
+ -record(pem, {file :: filename(),
+-line :: pos_integer()}).
++line :: pos_integer(),
++der :: binary()}).
+
+ -record(state, {files = #{} :: map(),
+ certs = #{} :: map(),
+@@ -437,9 +438,9 @@ pem_decode(Fd, Line, Begin, Buf) ->
+ -spec pem_decode_entries([{pos_integer(), binary()}], filename(),
+map(), map()) -> {ok, map(), map()} | {error,
bad_cert_error()}.
+ pem_decode_entries([{Begin, Data}|PEMs], File, Certs, PrivKeys) ->
+-P = #pem{file = File, line = Begin},
+ try public_key:pem_decode(Data) of
+- [PemEntry] ->
++ [{_, DER, _} = PemEntry] ->
++ P = #pem{file = File, der = DER, line = Begin},
+ try der_decode(PemEntry) of
+ undefined ->
+ pem_decode_entries(PEMs, File, Certs, PrivKeys);
+@@ -510,7 +511,7 @@ der_decode({_, _, _}) ->
+{error, filename() | dirname(), io_error()}.
+ commit(State, Dir, CAFile, ValidateHow) ->
+ {Chains, BadCertsWithReason, UnusedKeysWithReason} = build_chains(State),
+-{CAError, InvalidCertsWithReason} = validate(Chains, CAFile, ValidateHow),
++{CAError, InvalidCertsWithReason} = validate(State, Chains, CAFile,
ValidateHow),
+ InvalidCerts = [C || {C, _} <- InvalidCertsWithReason],
+ SortedChains = case ValidateHow of
+ hard when CAError == undefined ->
+@@ -730,8 +731,7 @@ store_chain(Chain, Dir, State) ->
+ pem_encode({Certs, Key}, State) ->
+ PEM1 = lists:map(
+fun(Cert) ->
+- Type = element(1, Cert),
+- DER = public_key:pkix_encode(Type, Cert, otp),
++ DER = get_der(Cert, State#state.certs),
+PemEntry = {'Certificate', DER, not_encrypted},
+Source = lists:map(
+ fun(#pem{file = File, line = Line}) ->
+@@ -742,11 +742,14 @@ pem_encode({Certs, Key}, State) ->
+ PEM2 = [[io_lib:format("From ~s:~B~n", [File, Line])
+|| #pem{file = File, line = Line} <- maps:get(Key,
State#state.keys)],
+ public_key:pem_encode(
+-[{element(1, Key),
+- public_key:der_encode(element(1, Key), Key),
+- not_encrypted}])],
++[{element(1, Key), get_der(Key, State#state.keys),
not_encrypted}])],
+ iolist_to_binary([PEM1, PEM2]).
+
++-spec get_der(cert() | priv_key(), map()) -> binary().
++get_der(Key, Map) ->
++[#pem{der = DER}|_] = maps:get(Key, Map),
++DER.
++
+ %%%===
+ %%% Domains extraction
+ %%%===
+@@ -850,12 +853,12 @@ get_cert_path(G, [Root|_] = Acc) ->
+ %%%===
+ %%% Certificates chain validation
+ %%%===
+--spec validate([cert_chain()], filename(), false | soft | hard) ->
++-spec validate(state(), [cert_chain()], filename(), false | soft | hard) ->
+ {undefined | {filename(), bad_
Bug#933040: ejabberd: certificates created with GnuTLS no longer compatible with ejabberd
Hi Gerald, your issue was fixed upstream, could you please try https://apt.debalance.de/pool/main/e/erlang-p1-pkix/erlang-p1-pkix_1.0.0-3+deb10u1_amd64.deb and report back if this solves your problem? Thanks! Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933040: ejabberd: certificates created with GnuTLS no longer compatible with ejabberd
> I built erlang-p1-tls 1.1.1 but > didn't have any luck with the issue at hand, so I reverted to the buster > released versions. Perhaps it's worth another try with the newer > erlang-p1-tls package and looking at this certificate issue? The certificate handling is done by the erlang-p1-pkix package. You can try updating both if you like. signature.asc Description: OpenPGP digital signature
Bug#933040: ejabberd: certificates created with GnuTLS no longer compatible with ejabberd
Hi again! Am 26.07.19 um 20:17 schrieb Gerald Turner: > On Fri, Jul 26 2019, Philipp Huebner wrote: > >> I have contacted upstream, and they requested sample certificates >> (PEMs) for ejabberd (cert+key) and CA (without key). > > Great! Did they really want the host key PEM file? Yes they did, probably to be able to debug a running ejabberd. > On a random machine running Debian buster that hadn't been running > ejabberd before, I've been able to reproduce this bug with the following > steps: [...] Thx again, that's very helpful! > Thanks. I do not have a GH account and would appreciate this very much. Done: https://github.com/processone/pkix/issues/2 Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#933040: ejabberd: certificates created with GnuTLS no longer compatible with ejabberd
Hi, thank you very much for this detailed bugreport! I have contacted upstream, and they requested sample certificates (PEMs) for ejabberd (cert+key) and CA (without key). I tried running your script on Buster, but it fails: $ ./gen Password: test Generating private-int-key.pem... Assuming PKCS #8 format... ** Note: You may use '--sec-param High' instead of '--bits 4096' Generating a 4096 bit RSA private key... Generating private-int-req.pem... Generating a PKCS #10 certificate request... Generating private-int-cert.pem Generating a signed certificate... error importing CA certificate: public/private-ca-cert.pem: Base64 unexpected header error. With sample PEMs I'll forward this to an issue at https://github.com/processone/pkix, you're welcome to do it yourself if you like. FWIW, upstream also suspects this to be a bug in Erlang itself rather than ejabberd, hence I'm CCing the Erlang maintainer(s). Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#932800: ITP: erlang-p1-mqtree -- index tree for MQTT topic filters
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-p1-mqtree Version : 1.0.3 Upstream Author : ProcessOne * URL : https://github.com/processone/mqtree * License : Apache-2.0 Programming Lang: Erlang, C Description : index tree for MQTT topic filters mqtree is an Erlang NIF implementation of N-ary tree to keep MQTT topic filters for efficient matching. This library was written for ejabberd which still uses it. It was split off into it's own project to follow Erlang/OTP guidelines.
Bug#932801: ITP: erlang-p1-yconf -- YAML configuration processor
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-p1-yconf Version : 0.2019.07.18 Upstream Author : ProcessOne * URL : https://github.com/processone/yconf * License : Apache-2.0 Programming Lang: Erlang Description : YAML configuration processor This library was written for ejabberd which still uses it. It was split off into it's own project to follow Erlang/OTP guidelines and is meant to be used in combination with erlang-p1-yaml.
Bug#928931: The inability to use apt-setup/local0/repository makes it impossible to upgrade to Debian 10
Hi, > I'm also having this issue which is making it impossible to upgrade to > Debian 10 from Debian 9. > > I'm depending on the possibility to add a repo during PXE-boot. Using > late-commands is not an option as there doesn't seem to be any > $selected_packages variable I can use to actually install the packages > selected during installtion, while ignoring the fact that it's > going to try to install them without the repo available, making the > installation fail anyway. what about the other suggested workaround of simply adding the line "d-i base-installer/includes string gnupg" to your preseed file? Or if that's in use already you could use the early command like this: d-i preseed/early_command string mkdir -p /usr/lib/apt-setup/generators/; echo -e '#!/bin/sh\nchroot $ROOT apt-get --yes --no-install-recommends install gnupg' > /usr/lib/apt-setup/generators/59local; chmod a+x /usr/lib/apt-setup/generators/59local That said, I would also love to see this issue solved properly. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#931211: s2s connections are broken after upgrading to buster
I just upgraded my own ejabberd server from Stretch to Buster and everything's fine. I'll put your config on my test machine and see if it causes any problems there, in the meantime you could provide the crash.log from your server. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#931211: s2s connections are broken after upgrading to buster
Other than your user block being indented one more space than necessary I don't see anything wrong. Am 29.06.19 um 18:59 schrieb Marco d'Itri: > acl: > admin: > user: >- "xxx": "jabber.linux.it" >- "xxx": "jabber.linux.it" Could you try my no-change rebuild of ejabberd under buster? https://apt.debalance.de/pool/main/e/ejabberd/ejabberd_18.12.1-2.1_i386.deb Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#931211: s2s connections are broken after upgrading to buster
Hi again, I tried to reproduce your problem by setting up two fresh Debian Buster installations, one i386 one amd64. s2s between them works like a charm, and the list of installed packages is identical to yours. For that reason I assume your problem is either in your ejabberd configuration or you got some erlang/ejabberd stuff outside of the package management mixed up in it. If you're willing to share your ejabberd configuration files I am happy to take a look, otherwise I don't know how to help you. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#931211: s2s connections are broken after upgrading to buster
Hi, this is rather strange, could you please let me know what erlang packages and versions you have installed? Looks like there is a mismatch somewhere. I just noticed that after my latest ejabberd upload there have been several updates of Erlang for buster, maybe we need binNMUs for ejabberd and erlang-p1-*. Best wishes -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#928931: debian-installer: apt-setup/local0/key fails on buster because gnupg is not installed
Hi, I just ran into this very same issue. > I seem to remember having seen some discussion regarding how to detect > binary or armoured keys; maybe a cheap(er) fix would be to make sure we > install the needed gnupg bits into /target when such a setting > (apt-setup/local*/key) is detected? > > See generators/60local in apt-setup. Sounds good to me, I would like to see this fixed soon and can offer to test fixed d-i images. Best wishes, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#924664: ejabberd: node migration broken
> On original host (smaug): > > ejabberdctl backup ejabberd.backup > > On new host (jabber is a cname to jain): > > ejabberdctl mnesia-change-nodename ejabberd@smaug > ejabb...@jabber.kot-begemot.co.uk ejabberd.backup ejabberd.restore > > root@jain:/var/lib/ejabberd# ejabberdctl restore restore.erl ^^^ > Can't restore backup from "/var/lib/ejabberd/restore.erl" at node > 'ejabb...@jabber.kot-begemot.co.uk': Table config does not exist. Shouldn't 'restore.erl' be 'ejabberd.restore' or did you rename the file somewhere in between? signature.asc Description: OpenPGP digital signature
Bug#924664: ejabberd: node migration broken
Hi there, > Can't restore backup from "/var/lib/ejabberd/restore.erl" at node > 'ejabb...@jabber.kot-begemot.co.uk': Table config does not exist. > > The backup is taken off an up-to-date stretch and is being restored on an > up-to-date stretch. this could be caused by a number of different issues, please state the full commands you have been using as well as the user you have been issuing them as. Kind regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#924663: ejabberd: default apparmour profile broken
Hi there, AFAIK apparmor is not enabled by default on Debian Stretch, but even if it is, it's both apparmor's and systemd's job to make sure that ejabberd can not just read/write arbitrary files. So please state the exact commands and paths you were trying to use as well as the error messages you got in response. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883619: Any reason not to simply upload ceres-solver with adjusted version of libeigen3-dev
Hi, Am 26.02.19 um 08:54 schrieb Andreas Tille: >>> to Git. Is there any reason not to upload this and simply fix #883619. >>> Looks like a pretty low hanging fruit to fix an RC bug and save the >>> package for Buster that I can not imagine nobody else would have >>> harvested it. >> >> It's only downstream dependency is colmap. If colmap is happy with the new >> version then it sounds like a good idea to upload it, especially if it fixes >> an RC bug. > > I mean: There is no *effective* change since the Build-Depends we set is > fullfilled anyway by the existing packages. Its just that it is > explicitly declared in the package metadata. IMO that's a valid fix for buster, but does not fix the underlying issue for sid / buster+1. The next time a newer version of eigen3 is uploaded, you'll have the same "problem" all over again: adjust the build dep and upload to get a corresponding rebuild. Updating eigen3 renders ceres and similar packages unusable until rebuilt, please read through the discussion in #868355 to understand what I mean. The eigen3 maintainer and I are happy to simply rebuild affected packages after every eigen3 update, but Emilio considers it an upstream bug. Unfortunately I could not find anybody able to shed more light on the eigen3 topic. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#919786: RM: ceres-solver [arm64 ppc64el] -- ROM; newer release FTBFS on arm64 and ppc64el
Package: ftp.debian.org Severity: normal ceres 1.14.0 FTBFS on arm64/ppc64el (#902150) and upstream has shown little interes in fixing that, so I request for ceres-solver 1.13.0 to be removed on these architectures so 1.14.0 can migrate to testing. Note: this was a request for a partial removal from testing, converted in one for unstable
Bug#919782: RFA: ceres-solver -- nonlinear least squares minimizer
Package: wnpp Severity: normal I am no longer interested in maintaining ceres-solver which I re-introduced into Debian in March 2013, so I request an adopter for it. I leave it up to the adopter to either join the Debian science team (if not a member already) or take it outside the team to maintain it individually. The package is in okay'ish shape. Upstream is not really interested in fixing failing tests on the low-power not-so-mainstream architectures, and there's an issue regarding dependencies on Eigen (#883619, #868355). The package description is: Ceres Solver is an open source C++ library for modeling and solving large, complicated optimization problems. It is a feature rich, mature and performant library which has been used in production at Google since 2010. . Ceres Solver can solve two kinds of problems. - Non-linear Least Squares problems with bounds constraints. - General unconstrained optimization problems. Kind regards, Philipp Huebner
Bug#911927: [Pkg-erlang-devel] Bug#911927: Please remove the bad directive
Am 29.12.18 um 06:54 schrieb Thomas Goirand: > > On Dec 29, 2018 08:15, Philipp Huebner wrote: >> >> Hello Thomas, >> >> ejabberd maintainer here! >> >> Am 26.10.18 um 13:04 schrieb Thomas Goirand: >>> After further investigation, removing: >>> >>> BindToDevice=lo >>> >>> and rebooting fixes the problem. Could you please remove it from >>> the empd.socket file, so that users don't have to override it in >>> /etc/systemd please? >> [...] We could agree on priorities as done in other .d directories, >> so ejabberd would make it lo only, and if rabbitmq-server is >> installed as well it would change it back to undefined (all >> interfaces). > > This looks like a very good idea. There is though one case I wonder > how to handle. What if one installs both rabbitmq and ejabberd on the > same server? Hopefully documentation will be enough, so please make > sure it is well documented on the ejabber package. > > IMO the default behavior must be the one from Stretch so that > upgrading a rabbitmq cluster to Buster doesn't break the world. That's why I suggested above to give rabbitmq's config snippet a higher priority. According to `man systemd.unit`, "Multiple drop-in files with different names are applied in lexicographic order". For ejabberd BindToDevice=lo is a sane choice, but the old default doesn't really hurt either. E.g. ejabberd could ship "BindToDevice=lo" in /etc/systemd/system/epmd.socket.d/10ejabberd.conf and rabbitmq-server could ship "BindToDevice=" in /etc/systemd/system/epmd.socket.d/50rabbitmq.conf @Sergei, what do you think? Best wishes, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#917589: erlang-p1-pkix: FTBFS (failing tests)
Am 29.12.18 um 11:20 schrieb Philipp Huebner: >> I tried to build this package in buster but it failed: > I uploaded a new upstream version which builds fine in my pbuilder > chroot as well as on the buildds, yet it fails again on > reproducible-builds. I wonder what's different. Okay, I think I found the culprit: ca-certificates is missing from Build-Depends. Preparing a fixed package now. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#917589: erlang-p1-pkix: FTBFS (failing tests)
Hi, > Dear maintainer: > > I tried to build this package in buster but it failed: I uploaded a new upstream version which builds fine in my pbuilder chroot as well as on the buildds, yet it fails again on reproducible-builds. I wonder what's different. I'm tempted to lower the severity as it obviously does not FTBFS on the buildds. Best wishes, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#917271: yamllint: requires module pkg_resources but does not depend on it
Hi, Am 25.12.18 um 11:15 schrieb Jack Henschel: > I just installed the `yamllint` package on a pretty fresh Debian Stretch > system. When running it for the first time the following error occured: [...] > Please add the package `python3-pkg-resources` to the Depends-field of > `yamllint`. thanks a lot for your report, you're spot on - but not the first. This has been reported several times already (#860075, #908114) and is fixed in newer versions of the package - to be part of the next stable release. Best wishes, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#915288: ITP: erlang-p1-pkix -- PKIX certificates management library for Erlang
Package: wnpp Severity: wishlist Owner: Philipp Huebner * Package name: erlang-p1-pkix Version : 0.2018.11.12 Upstream Author : ProcessOne * URL : https://github.com/processone/pkix * License : Apache-2.0 Programming Lang: Erlang Description : PKIX certificates management library for Erlang The idea of the library is to simplify certificates configuration in Erlang programs. Typically an Erlang program which needs certificates (for HTTPS/ MQTT/XMPP/etc) provides a bunch of options such as certfile, chainfile, privkey, etc. The situation becomes even more complicated when a server supports so called virtual domains because a program is typically required to match a virtual domain with its certificate. If a user has plenty of virtual domains it's quickly becoming a nightmare for them to configure all this. The complexity also leads to errors: a single configuration mistake and a program generates obscure log messages, unreadable Erlang tracebacks or, even worse, just silently ignores the errors. Fortunately, the large part of certificates configuration can be automated, reducing a user configuration to something as simple as: . certfiles: - /etc/letsencrypt/live/*/*.pem . The purpose of this library is to do this dirty job under the hood. This package is needed for future ejabberd releases. VCS at https://salsa.debian.org/ejabberd-packaging-team/erlang-p1-pkix
Bug#909914: ejabberd: Starting ejabberd via systemd, epmd does not honor /etc/default/ejabberd
Hi, thanks for bringing this up! Am 29.09.18 um 23:38 schrieb Matt Marjanovic: > In particular, this means that the ERL_EPMD_ADDRESS parameter is ignored. > This is typically used to reduce the attack surface of epmd by telling it > to only listen on localhost. As installed, epmd will listen on all > interfaces. > > This is to some degree an issue for the erlang-base package, which provides > epmd > and its systemd units and *should* provide a config option to restrict epmd to > listening on localhost only. However, it is the ejabberd package that > provides > the /etc/default/ejabberd file. I will patch out the ERL_EPMD_ADDRESS part of /etc/default/ejabberd, the rest should be fine as it does not concern epmd but the Erlang VM that ejabberd is running in. I will also contact the Erlang maintainer. Best wishes, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#908562: RM: rbtools -- ROM; no demand for package
Package: ftp.debian.org Severity: normal Hi, I have had an RFA open for this package 1.5 years with no luck, popcon count is currently 58, hence I now request removal of rbtools. Thx, Philipp
Bug#904691: photofilmstrip: gui does not start
Hi, > i install photofimstrip on a pretty fresh installation of buster, but nothing > happens if i want to start the programm, if i try to start it with shell > command i got this: [...] > ModuleNotFoundError: No module named 'PIL' that's because the package wrongly still depends on the Python 2 version of pil. Please install the package python3-pil and report back if that fixes the issue. Thanks! -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#903636: RM: ejabberd-contrib/0.2018.04.28~dfsg0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Due to #903028, ejabberd-contrib is currently not compatible with ejabberd anymore and it is unclear if/when that will be fixed. As this is currently blocking ejabberd's transition to testing I would like to have ejabberd-contrib removed from their now and not wait until autoremoval kicks in. Regards, Philipp
Bug#903630: erlang-p1-xmpp 1.2.2 breaks ejabberd 18.04
Am 12.07.2018 um 10:25 schrieb pitchum: > Maybe this issue will be solved when ejabberd 18.06 reaches testing. Certainly! ejabberd 18.06 should have entered testing at the same time as all the erlang-p1-* packages, I'll try to find out what is preventing that. Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#903028: ejabberd-contrib: FTBFS with ejabberd >= 18.06
Source: ejabberd-contrib Severity: grave Tags: upstream ejabberd 18.06 is the first release to ship without jlib.hrl and ejabberd.hrl, causing ejabberd-contrib to FTBFS because several modules have not been updated yet. Upstream report: https://github.com/processone/ejabberd-contrib/issues/251
Bug#902996: RM: erlang-fs-listener -- ROM; no longer needed
Package: ftp.debian.org Severity: normal Hi, please completely remove erlang-fs-listener from the archive, it is no longer needed by ejabberd, which was the sole reason for introducing it in the first place. Best wishes, Philipp
Bug#901648: anyremote FTCBFS: configure.ac uses the build architecture pkg-config
Hi, > anyremote fails to cross build from source. The cause is best described > in lintian tag autotools-pkg-config-macro-not-cross-compilation-safe. > The attached patch fixes that. Please consider applying it. will do, thx for the patch! Regards, -- .''`. Philipp Huebner : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `-
Bug#883944: ejabberd: Upstream AppArmor profile
Hi, what's the status here? Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#895371: ejabberd: conffile edited using ucf
Am 16.04.2018 um 10:17 schrieb Jonas Smedegaard:
> Excerpts from Philipp Huebner's message of april 16, 2018 9:38 am:
>> On Tue, 10 Apr 2018 19:39:14 +0200 Jonas Smedegaard <d...@jones.dk> wrote:
>>> The file /etc/default/ejabberd is registered as a conffile, but is
>>> also manipulated using ucf in postinst script. That is illegal,
>>> according to Policy § 10.7.3
>>
>> thanks for pointing this out!
>>
>> However, this is rather unfortunate, the current setup has been well
>> tested and in use for ages.
>>
>> Do you have an idea on how to achieve this in a policy-conform way?
>>
>> Not touching ejabberd.yml would mean to remove the debconf templates
>> for configuring ejabberd, not declaring ejabberd.yml a conffile would
>> mean putting in some extra effort for handling changes. Are
>> non-conffiles even allowed in /etc ?
>
> Debian Policy distinguishes between "configuration file" and "conffile"
> and describes, particular at §10.7.3, how to handle either. I believe
> the first step is to *not* ship the configuration file below /etc if it
> should not be a conffile ("man dh_installdeb" documents how any file
> below /etc shipped with a package is registered as a conffile).
>
> "man ucf" contains some documentation on transitioning from conffile to
> non-conffile. I believe that involves collecting md5sums of most
> possible previous pristine states (i.e. configfile as shipped unedited
> with the package) as possible.
>
>
> Hope that helps,
It does, and only now I realized you're talking about
/etc/default/ejabberd and not ejabberd.yml, so the problem is only a
fraction as tough as I thought, because we're already handling
ejabberd.yml the correct way and can simply duplicate that.
Should be fixed soon(ish)!
Thx again,
--
.''`. Philipp Huebner <debala...@debian.org>
: :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F
`. `'`
`-
signature.asc
Description: OpenPGP digital signature
Bug#895692: ejabberd: Does not use IPv6 for PostgreSQL and LDAP
Hi, On Sat, 14 Apr 2018 20:00:16 +0200 Dominik George > ejabberd 18.01 fails hard when one of the SQL or LDAP hosts does not > have an A record and is IPv6 only. Providing an IPv6 address directly in > the configuration also fails. It looks like ejabberd does simply not > support AF_INET6 for its client sockets. could you please supply corresponding logs? If you have the rather recent ERL_OPTIONS="-env ERL_CRASH_DUMP_BYTES 0" in /etc/default/ejabberd, please reset that to ERL_OPTIONS="" to create crash dumps from the next occurrence on. Then please post your error.log, ejabberd.log, crash.log and at least one of the crash dumps. In case you have configured "hide_sensitive_log_data: false" you might want to filter/anonymize certain aspects from the logs beforehand. Also, have you tried configuring IPv6 addresses directly instead of records to rule out wonky DNS? Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#895371: ejabberd: conffile edited using ucf
Hi Jonas, On Tue, 10 Apr 2018 19:39:14 +0200 Jonas Smedegaard <d...@jones.dk> wrote: > The file /etc/default/ejabberd is registered as a conffile, but is also > manipulated using ucf in postinst script. That is illegal, according to > Policy § 10.7.3 thanks for pointing this out! However, this is rather unfortunate, the current setup has been well tested and in use for ages. Do you have an idea on how to achieve this in a policy-conform way? Not touching ejabberd.yml would mean to remove the debconf templates for configuring ejabberd, not declaring ejabberd.yml a conffile would mean putting in some extra effort for handling changes. Are non-conffiles even allowed in /etc ? Best wishes, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#893006: stretch-pu: package boost1.62/1.62.0+dfsg-4+deb9u1
Hi, Am 02.04.2018 um 12:57 schrieb Julien Cristau: > On Thu, Mar 15, 2018 at 14:51:10 +0100, Philipp Huebner wrote: >> I would like to fix #883987 in boost1.62 for Stretch. >> The changes are basically the same as what is currently in testing and I got >> the >> maintainer's go-ahead in >> http://lists.alioth.debian.org/pipermail/pkg-boost-devel/2018-March/004184.html >> > What made these partial specializations not be necessary anymore? That > seems like critical missing information if we are to make a decision > here, to know if/what we might be breaking instead. my guess is that only upstream can really answer that. My work colleague confirmed that we're basically using the same code as in the example at the upstream bug tracker and it fails when using gcc-6 on Stretch: https://svn.boost.org/trac10/ticket/12534 Best wishes, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#893006: stretch-pu: package boost1.62/1.62.0+dfsg-4+deb9u1
Hi, Am 31.03.2018 um 23:34 schrieb Adam D. Barratt: > It's unclear to me that this actually affects stretch in any meaningful > way. > > While the version tracking information does include the stretch version > in the "found" list, the bug is tagged "buster sid". From reading the > bug log, it looks like this is because the issue only occurs when using > GCC 7, which is not present in stretch. that is definitely incorrect. Work colleagues of mine ran into this bug on plain Stretch systems, and it disappeared when using the patched boost packages I provided. I cannot share the code because that's privileged information, but you can take my word for it. I am already providing the patched packages to dozens of machines via a local repository. Obviously I would like them very much to go back to Debian so all users can benefit from it. Kind regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#893006: stretch-pu: package boost1.62/1.62.0+dfsg-4+deb9u1
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I would like to fix #883987 in boost1.62 for Stretch.
The changes are basically the same as what is currently in testing and I got the
maintainer's go-ahead in
http://lists.alioth.debian.org/pipermail/pkg-boost-devel/2018-March/004184.html
The source debdiff is attached.
The patched binary packages have been tested and the bug confirmed to be
solved.
Best wishes,
Philipp
debdiff --diffstat boost1.62_1.62.0+dfsg-4.dsc
boost1.62_1.62.0+dfsg-4+deb9u1.dsc
diffstat for boost1.62-1.62.0+dfsg boost1.62-1.62.0+dfsg
changelog |9 +++
patches/flat-map-remove-partial-specializations.patch | 52 ++
patches/series|1
3 files changed, 62 insertions(+)
diff -Nru boost1.62-1.62.0+dfsg/debian/changelog
boost1.62-1.62.0+dfsg/debian/changelog
--- boost1.62-1.62.0+dfsg/debian/changelog 2016-11-12 19:46:50.0
+0100
+++ boost1.62-1.62.0+dfsg/debian/changelog 2018-03-14 09:54:41.0
+0100
@@ -1,3 +1,12 @@
+boost1.62 (1.62.0+dfsg-4+deb9u1) stretch; urgency=medium
+
+ [ Steve M. Robbins ]
+ * patches/flat-map-remove-partial-specializations.patch: New. Upstream
+patch to remove now-unnecessary partial specializations. Closes:
+#883987.
+
+ -- Philipp Huebner <debala...@debian.org> Wed, 14 Mar 2018 09:54:41 +0100
+
boost1.62 (1.62.0+dfsg-4) unstable; urgency=medium
* New patch upstream-add-degree-reverse_graph.patch.
diff -Nru
boost1.62-1.62.0+dfsg/debian/patches/flat-map-remove-partial-specializations.patch
boost1.62-1.62.0+dfsg/debian/patches/flat-map-remove-partial-specializations.patch
---
boost1.62-1.62.0+dfsg/debian/patches/flat-map-remove-partial-specializations.patch
1970-01-01 01:00:00.0 +0100
+++
boost1.62-1.62.0+dfsg/debian/patches/flat-map-remove-partial-specializations.patch
2018-01-06 21:44:32.0 +0100
@@ -0,0 +1,52 @@
+From 5e4a107e82ab3281688311d22d2bfc2fddcf84a3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ion=20Gazta=C3=B1aga?= <igaztan...@gmail.com>
+Date: Fri, 25 Nov 2016 23:56:33 +0100
+Subject: [PATCH] Fixes Ticket #12534: flat_map fails to compile if included
+ after type_traits is instantiated under gcc
+
+---
+ doc/container.qbk | 1 +
+ include/boost/container/detail/pair.hpp | 30 --
+ 2 files changed, 1 insertion(+), 30 deletions(-)
+
+diff --git a/include/boost/container/detail/pair.hpp
b/include/boost/container/detail/pair.hpp
+index 63d1dead..4abff4b4 100644
+--- a/boost/container/detail/pair.hpp
b/boost/container/detail/pair.hpp
+@@ -428,36 +428,6 @@ inline void swap(pair<T1, T2>& x, pair<T1, T2>& y)
+ } //namespace container_detail {
+ } //namespace container {
+
+-
+-//Without this specialization recursive flat_(multi)map instantiation fails
+-//because is_enum needs to instantiate the recursive pair, leading to a
compilation error).
+-//This breaks the cycle clearly stating that pair is not an enum avoiding any
instantiation.
+-template
+-struct is_enum;
+-
+-template
+-struct is_enum< ::boost::container::container_detail::pair<T, U> >
+-{
+- static const bool value = false;
+-};
+-
+-template
+-struct is_enum< ::std::pair<T, U> >
+-{
+- static const bool value = false;
+-};
+-
+-template
+-struct is_class;
+-
+-//This specialization is needed to avoid instantiation of pair in
+-//is_class, and allow recursive maps.
+-template
+-struct is_class< ::boost::container::container_detail::pair<T1, T2> >
+-{
+- static const bool value = true;
+-};
+-
+ #ifdef BOOST_NO_CXX11_RVALUE_REFERENCES
+
+ template
diff -Nru boost1.62-1.62.0+dfsg/debian/patches/series
boost1.62-1.62.0+dfsg/debian/patches/series
--- boost1.62-1.62.0+dfsg/debian/patches/series 2016-11-12 19:46:50.0
+0100
+++ boost1.62-1.62.0+dfsg/debian/patches/series 2018-03-14 09:54:08.0
+0100
@@ -8,3 +8,4 @@
# fixed alternatively? boost-context-use-sysv-not-aapcs.patch
no-gcc-march-options.patch
upstream-add-degree-reverse_graph.patch
+flat-map-remove-partial-specializations.patch
Bug#890377: [ejabberd] server2server works only if no deny section given
Hi, which documentation were you consulting? http://docs.ejabberd.im/ refers to the latest release (currently 18.01), so would not exactly match 16.09 from Debian Stretch. You can find a working example here: https://github.com/debalance/ansible-playbook-jabber.rwth-aachen.de/blob/master/files/ejabberd/ejabberd.yml BTW: in case you would like to run 18.01, it's available via stretch-backports. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#888245: Port to Python 3 and python3-gst-1.0
Hi, Am 24.01.2018 um 09:33 schrieb Sebastian Dröge: > Package: photofilmstrip > Severity: normal > User: sl...@debian.org > Usertags: python-gst-1.0-removal > > Hi, > > your package currently depends on python-gst-1.0. Upstream is planning > to drop Python 2.x support in the near future (next 2-3 months!), > leaving only Python 3 support. > > Please update your package to Python 3 to make this as painless as > possible. Thanks! upstream already has a Python 3 version, but it needs python-wx 4.0 which is not in Debian (yet?), so until that has happened photofilmstrip cannot be switched to Python 3. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#885273: Fwd: Bug#885273: diffuse: Depends on unmaintained pygtk
> Thanks for giving me a heads up. I plan on tackling a bunch of issues > by re-writing most of Diffuse to use Python 3, the GObject bindings, and > handle word wrap. That's great news! > Unfortunately this is a rather big task so it will > take some time to complete. Hopefully, I will have something that is an > improvement over the Python 2 implementation of Diffuse by the end of > 2018. Given Debian's release cadence so far, I expect the next Debian > release to be around the end of 2019. Is that close to when you expect > Debian's next release to happen? Yes, maybe a few months earlier. BTW, I believe the Thai translations in https://bugs.debian.org/793352 are complete and waiting to be included, but I didn't realize that until a few days ago. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883017: nmu: rebar_2.6.4-2
It seems the problems have gone away, maybe due to one of the Erlang bugfix releases that have been uploaded since reporting this bug. However, a binNMU is still a good idea IMO. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#868355: nmu: ceres-solver_1.12.0+dfsg0-1+b3
Hi, Am 27.12.2017 um 10:25 schrieb Emilio Pozuelo Monfort: > BTW I was going to schedule this binNMU for the time being in order to have a > working ceres-solver, but it seems there was an upload since this request was > opened. Do you need a binNMU now? If so I'll schedule it. while it's true that there was an upload of ceres, there was also another upload of eigen since, causing #883619, so please do schedule a binNMU for ceres as well. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#884344: ejabberd: After updating to latest erlang packages, ejabberd refuses to start
Hi, please set the log level to debug (5) as described at https://docs.ejabberd.im/admin/guide/troubleshooting/#log-files and try again. It is very unusual that you seem not to get any error messages. Also check out error.log and crash.log. Do you do any kind of firewalling on the system in question? The module that should be started next after the log excerpt you sent is "inets" and then the tcp listeners. I assume all your erlang packages including erlang-inets have status "ii" in "dpkg -l | grep erlang" and the system is fully updated? I see that you have ejabberd-contrib installed, are you using any extra modules? Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#884344: ejabberd: After updating to latest erlang packages, ejabberd refuses to start
Hi, since the security patch in Erlang should not have any impact for ejabberd and because I don't have this problem on my Stretch ejabberd servers I doubt it is a generic issue and thus I will lower the severity. Please make sure that epmd and all other erlang processes are stopped before trying to start ejabberd again. If necessary, kill them manually. Please also check whether AppArmor is enabled (dmesg | grep -i apparmor). Have you tried rebooting the server yet? Without access to your ejabberd logs + dmesg I cannot really help you. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883944: ejabberd: Upstream AppArmor profile
Hi, Am 11.12.2017 um 17:50 schrieb Vincas Dargis: > Though I would like to propose improvements for current profile too, > because it seems that erlang > executable can run `su` too (because inherited execution `ix`), same as > a wrapper script. > > I believe only wrapper script should actually invoke `su`, am I right? > It would be nice to deny > running setuid applications if possible. > > Also, I am guessing that this rule would need extra file/unix rules too, > to access > `/var/run/.psql.5432` unix domain socket to connect to PostgreSQL for > example. I could test all > networking and other features in Ubuntu VM, as all these AppArmor > features are being upstreamed, and > so coming into Debian too. yes, the current profile is far from perfect, so any improvements are very welcome. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883944: ejabberd: Upstream AppArmor profile
Hi > Since Debian has ongoing experiment to have AppArmor enabled by default in > Buster, I believe > it would be usefull to have AppArmor profile made good enought to be enabled > by default for > this internet-facing daemon too. Maybe this suggestion could make this > possible? I like your proposal as long as it doesn't add too much delay when changes are necessary. The current "ejabberd" profile in apparmor-profiles is completely useless and I have basically rewritten the current "ejabberdctl" profile from scratch. You're welcome to replace the one in apparmor-profiles with mine and make things happen the way you described them. Thanks! Best wishes, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883997: libkscreenlocker5: screen lock with photo slideshow eats up all memory and triggers oom killer
Package: libkscreenlocker5 Version: 5.10.5.1-1 Severity: important Hi, I'm using the screenlocker's slideshow feature to display another photo every 5 seconds out of a choice of ~4000. After a couple of hours sddm freezes completely, no reaction to any mouse or keyboard input, except the magic key combination ctrl+alt+b to force an immediate reboot. Looking at syslog after the reboot, I see that oom killer was triggered several times, as there was no free RAM and no free SWAP left any more. It also shows that libkscreenlocker5 is using by far the most memory, and every time oom killer is invoked, libkscreenlocker5 is using even more memory than before, e.g. total_vm 7549136 -> 7589587. For reference: this box has 16 GB of memory + 16 GB of swap and only runs standard office applications. Regards, Philipp -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libkscreenlocker5 depends on: ii kpackagetool5 5.37.0-2 ii libc6 2.25-3 ii libkf5configcore5 5.37.0-2 ii libkf5configgui5 5.37.0-2 ii libkf5coreaddons5 5.37.0-2 ii libkf5crash5 5.37.0-2 ii libkf5declarative55.37.0-2+b1 ii libkf5globalaccel55.37.0-2 ii libkf5i18n5 5.37.0-2 ii libkf5idletime5 5.37.0-2 ii libkf5notifications5 5.37.0-2 ii libkf5package55.37.0-2 ii libkf5quickaddons55.37.0-2+b1 ii libkf5waylandclient5 4:5.37.0-2 ii libkf5waylandserver5 4:5.37.0-2 ii libkf5windowsystem5 5.37.0-2 ii libpam0g 1.1.8-3.6 ii libqt5core5a 5.9.2+dfsg-6 ii libqt5dbus5 5.9.2+dfsg-6 ii libqt5gui55.9.2+dfsg-6 ii libqt5network55.9.2+dfsg-6 ii libqt5qml55.9.2-3 ii libqt5quick5 5.9.2-3 ii libqt5widgets55.9.2+dfsg-6 ii libqt5x11extras5 5.9.2-1 ii libstdc++67.2.0-17 ii libwayland-client01.14.0-1+b1 ii libwayland-server01.14.0-1+b1 ii libx11-6 2:1.6.4-3 ii libxcb-keysyms1 0.4.0-1+b2 ii libxcb1 1.12-1 ii libxi62:1.7.9-1 Versions of packages libkscreenlocker5 recommends: ii kde-config-screenlocker 5.10.5.1-1 libkscreenlocker5 suggests no packages. -- no debconf information
Bug#883930: ejabberd: Update AppArmor profile for usrmerge and more
> I have discovered number of DENIED messages produced by AppArmor, due to the > fact that I have `usrmerge` package installed, and some additional rules > missing: [...]> Patch isattached to fix these issues. Cool, thx! Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883562: ejabberd suddenly take all cpu
Hi Am 06.12.2017 um 15:15 schrieb Joerg Dorchain: > Does this somehow hint in any direction? nothing related to your issue. You could to the following to narrow down the cause: apt-get install erlang-observer su ejabberd /usr/lib/erlang/lib/observer-*/priv/bin/etop -node ejabberd@localhost Then you should be able to see which component is causing the issue. You might have to specify a different nodename in case you're not using the recent default. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883562: ejabberd suddenly take all cpu
Hi Am 05.12.2017 um 10:46 schrieb Joerg Dorchain: > with a sudden change ejabberd takes all cpu time on all core, > leading to very high system loads. > > I am not aware of any specific change except erlang_p1* file > entered testing recently. > > I do not see an apparant reason, and find nothing in the ejabberd > log. > > How can I debug this any furhter? I assume you have already tried rebooting ejabberd / the whole server? Have you set the log level to debug (5)? https://docs.ejabberd.im/admin/guide/troubleshooting/#log-files Other than that, please check dmesg and make sure it is not due to the recently automatically enabled AppArmor. If one (or all) of the updated erlang-p1-* packages has caused this, the solution is to update the ejabberd package, which I cannot do yet due to #883017. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
Bug#883619: libceres-dev: dependency on libeigen3-dev isn't strong enough
Hi Am 05.12.2017 um 20:11 schrieb Dima Kogan: > Hi. Currently in libceres-dev we have > > Depends: libeigen3-dev (>= 3.2.1) > > However in /usr/lib/cmake/Ceres/CeresConfig.cmake it does > > set(CERES_EIGEN_VERSION 3.3.4) > > And then proceeds to barf if this wasn't found. The Depends should be > tightened accordingly, or the requirement in the .cmake file should be > loosened, if it CAN work with < 3.3.4. This dependency is set automatically during the version of eigen present during the build process, that's why #868355 is still open. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `- signature.asc Description: OpenPGP digital signature
