Bug#1016009: reportbug: Paranoid mode shows base64 instead of human readible text
Package: reportbug Version: 7.10.3+deb11u1 Followup-For: Bug #1016009 X-Debbugs-Cc: debbug.report...@sideload.33mail.com Control: tags 1016009 + a11y You have misunderstood the purpose of the --paranoid option. The purpose of this option is to enable users to mitigate data leaks by checking the information being sent for publication. Hiding the payload works contrary to this purpose and undermines the user’s request. By hiding the msg payload in an encoded container you /block/ users from verifying what information is being transmitted for /publication/. The status quo is dangerous as it ensures that only highly motivated users will actually go though the decoding hoops. The current behavior is also ableist as it hinders anyone using a screen reader & it also needlessly imposes a higher level of competency on users to recognize the base64 text and convert it. > If they are not interested in this then they don't need to use the > option. The option is deliberately named "--paranoid" and disabled by > default. The current behavior only serves users who are interested in the metadata, and disservices users who are interested in reviewing /all/ information being transmitted. Base 64-encoded text is not reviewable. A user who wants to fully review the payload currently must copy-paste encoded text into another file, one screenfull at a time, taking care not to miss any lines or duplicate any lines, filter out the whitespace, and separately filter the text through an external tool. It’s impossible for non-GUI users to do this and absurdly tedious and impractical for GUI users. > If you want to check the human-readable message text before > submission, there are already menu entries to print the message to > stdout or view it in a pager. You don't need the --paranoid option > for this. Those options are only available prior to final processing by reportbug. Reportbug does further manipulation to the bug report /after/ the user submits (e.g. like adding a msg ID header). While it’s likely that the final stage of processing only affects headers & not the encoded portion, it’s unreasonable to expect users to trust that. And trust is an understatement because unless the user actually reads the source code, they can only speculate that the payload body would not be altered in the final processing step. Please reopen this ticket. -- System Information: Debian Release: 11.5 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-19-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages reportbug depends on: ii apt2.2.4 ii python33.9.2-3 ii python3-reportbug 7.10.3+deb11u1 ii sensible-utils 0.0.14 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate ii emacs-bin-common1:27.1+1-3.1 ii file1:5.39-3 ii gnupg 2.2.27-2+deb11u2 ii postfix [mail-transport-agent] 3.5.13-0+deb11u1 ii python3-urwid 2.1.2-1 pn reportbug-gtk ii xdg-utils 1.1.3-4.1 Versions of packages python3-reportbug depends on: ii apt2.2.4 ii file 1:5.39-3 ii python33.9.2-3 ii python3-apt2.2.1 ii python3-debian 0.1.39 ii python3-debianbts 3.1.0 ii python3-requests 2.25.1+dfsg-2 ii sensible-utils 0.0.14 python3-reportbug suggests no packages. -- no debconf information
Bug#1017024: reportbug: Reportbug cannot properly handle archived bugs (somewhat contrary to documentation)
Package: reportbug Version: 7.10.3+deb11u1 Severity: normal X-Debbugs-Cc: debbug.report...@sideload.33mail.com When a bug is archived, reportbug still accepts user input for that bug, then falls over when the SMTP server blocks the message. There are a few bugs in this scenario. (bug 1) The documentation fails to inform the user. From the man page: -N BUGNUMBER, --bugnumber BUGNUMBER Run reportbug against the specified bug report, useful when following-up a bug and its number is already known. That paragraph should instruct users that only non-archived bug numbers will work correctly. (bug 2) When the user supplies “-N $archived_bug_number”, reportbug should not continue the normal process as if the bug is live. It should interrupt the normal flow and warn the user of consequences. The status quo wastes the user’s time by letting them compose an undeliverable message. (bug 3) Simply being unable to do anything with an archived bug is a needless limitation of the reportbug app. There is a /control/ command to unarchive a bug. So the app should ask the user if they would like to unarchive the bug. If the user answers “yes”, then it should send a control msg requesting the unarchival of the bug. (bug 4?) This is not really in the app but rather the SMTP server that accepts bug reports. If a bug report is submitted for an archived bug and it contains this line: Control: unarchive $archived_bug_number the SMTP server should accept the message because the bug comment contains an embedded request to unarchive the bug. -- Package-specific info: ** Environment settings: EDITOR="emacs" INTERFACE="text" -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages reportbug depends on: ii apt2.2.4 ii python33.9.2-3 ii python3-reportbug 7.10.3+deb11u1 ii sensible-utils 0.0.14 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate ii emacs-bin-common1:27.1+1-3.1 ii file1:5.39-3 ii gnupg 2.2.27-2+deb11u2 ii postfix [mail-transport-agent] 3.5.13-0+deb11u1 ii python3-urwid 2.1.2-1 pn reportbug-gtk ii xdg-utils 1.1.3-4.1 Versions of packages python3-reportbug depends on: ii apt2.2.4 ii file 1:5.39-3 ii python33.9.2-3 ii python3-apt2.2.1 ii python3-debian 0.1.39 ii python3-debianbts 3.1.0 ii python3-requests 2.25.1+dfsg-2 ii sensible-utils 0.0.14 python3-reportbug suggests no packages. -- no debconf information
Bug#1016834: gnucash: Debug package gnucash-gdb missing; GNC_DEBUG variable & --debug have no effect
Package: gnucash
Version: 1:4.4-1
Severity: normal
X-Debbugs-Cc: debbug.gnuc...@sideload.33mail.com
Upstream devs have requested a stack trace from me, which is
documented here:
https://wiki.gnucash.org/wiki/Stack_Trace
Running “aptitude search gnucash” indicates that there are no packages
named gnucash-dbg, contrary to what the wiki suggests. Ubuntu
apparently has a gnucash-dbg package.
The man page has no DEBUGGING section, but ENVIRONMENT mentions a
GNC_DEBUG variable without saying how to use it. Since it’s a
boolean, I tried running GC this way:
$ GNC_DEBUG=1 gnucash --debug $my_data_file
I made it crash, but there is no stack dump so it’s unclear if I
correctly guessed how to use that variable. This is the full complete
and total output from that command:
===8<--
Found Finance::Quote version 1.50.
Gdk-Message: 09:28:51.919: Lost connection to Wayland compositor.
===8<--
It may actually be enough information to troubleshoot the particular
bug I’m working on, but this output is too minimal. In fact, it’s the
same output as running with no debugging options. A /tmp/gnucash.trace
file was created but it’s empty.
The man page also mentions:
--log Log level overrides, of the form
"log.ger.path={debug,info,warn,crit,error}" This option can be specified
multiple times.
This syntax is bizarre and confusing. Is “log.ger.path” supposed to be
typed literally, or is that supposed to be replaced with something
else? Is that whole equality string then passed as a space-separated
argument following --log?
The lack of gnucash-dbg package implies that users need to recompile
gnucash to get debugging symbols, IIUC. The
/etc/share/docs/gnucash/README file refers us here for building:
https://wiki.gnucash.org/wiki/Building
But that wiki page above has no Debian-specific instructions. Debian
has a unique way of downloading source and building (unlike tarballs)
which uses Debian’s package management system. It seems we either need
a gnucash-dbg package, or Debian building instructions-- ideally both.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnucash depends on:
ii gnucash-common 1:4.4-1
ii guile-3.0 3.0.5-4
ii guile-3.0-libs 3.0.5-4
ii libaqbanking44 6.2.10-1
ii libboost-filesystem1.74.0 1.74.0-9
ii libboost-locale1.74.0 1.74.0-9
ii libboost-program-options1.74.0 1.74.0-9
ii libboost-regex1.74.0 [libboost-regex1.74.0-icu67] 1.74.0-9
ii libc6 2.31-13+deb11u3
ii libcairo2 1.16.0-5
ii libcrypt-ssleay-perl 0.73.06-1+b3
ii libdate-manip-perl 6.83-1
ii libdbi10.9.0-6
ii libfinance-quote-perl 1.50~rc2-2
ii libgcc-s1 10.2.1-6
ii libgdk-pixbuf-2.0-02.42.2+dfsg-1
ii libglib2.0-0 2.66.8-1
ii libgtk-3-0 3.24.24-4+deb11u2
ii libgwengui-gtk3-79 5.6.0-2
ii libgwenhywfar795.6.0-2
ii libhtml-tableextract-perl 2.15-1.1
ii libhtml-tree-perl 5.07-2
ii libicu67 67.1-7
ii libofx71:0.9.15-3
ii libpango-1.0-0 1.46.2-3
ii libpangocairo-1.0-01.46.2-3
ii libpython3.9 3.9.2-1
ii libsecret-1-0 0.20.4-2
ii libstdc++6 10.2.1-6
ii libwebkit2gtk-4.0-37 2.36.4-1~deb11u1
ii libwww-perl6.52-1
ii libxml22.9.10+dfsg-6.7+deb11u2
ii perl 5.32.1-4+deb11u2
ii zlib1g 1:1.2.11.dfsg-2+deb11u1
Versions of packages gnucash recommends:
ii gnucash-docs 4.4-1
ii
Bug#1016424: “Error: /invalidfileaccess in --file--” when converting PBM file to PDF
Package: ghostscript Version: 9.53.3~dfsg-7+deb11u2 Followup-For: Bug #1016424 X-Debbugs-Cc: debbug.1016...@sideload.33mail.com > Therefore please report the issue upstream. I just happened to have an account on the upstream bug tracker that still works, so I reported here: https://bugs.ghostscript.com/show_bug.cgi?id=705699 But I should say this it’s not normal procedure for Debian maintainers to ask bug reporters to mirror their report upstream according to the section “Don't file bugs upstream” on this page: https://www.debian.org/Bugs/Reporting If upstream had been a place like Github (or even worse: gitlab.com), I would not have created an account on those forges to report a bug. In principle, it should be automated so a Debian maintainer can mirror bugs upstream with a simple keystroke or click, ideally.
Bug#1016424: “Error: /invalidfileaccess in --file--” when converting PBM file to PDF
Package: ghostscript Version: 9.53.3~dfsg-7+deb11u2 Severity: normal X-Debbugs-Cc: debbug.ghostscr...@sideload.33mail.com Ghostscript fails to convert PBM files to PDF. Attempts were made with 3 different PBM files: 1) scanner-made PDF → (pdfimages -all) → (unpaper) → PBM → (ghostscript/pdfwrite) → error 2) tex → (LaTeX) → PDF → (ghostscript/pbm) → PBM → (ghostscript/pdfwrite) → error 3) (imagemagick) → PBM → (ghostscript/pdfwrite) → error This seems to show that PBMs of any kind produce an error when using the PDFwrite driver. Case 2 is interesting because it shows Ghostscript’s own output is fed back into it and it can’t handle it. Case 3 is demonstrated below because it requires no source file to start with (ImageMagick gives a way to generate an arbitrary image on-the-fly). So it’s easy to reproduce as long as ImageMagick is installed. ===8<-- $ convert logo: -colors 2 -colorspace gray -normalize pbm:im_logo.pbm $ gs -sDEVICE=pdfwrite -q -r300 -dSCALE=1 -o im_logo.pdf -- /usr/share/ghostscript/9.53.3/lib/viewpbm.ps im_logo.pbm Error: /invalidfileaccess in --file-- Operand stack: (im_logo.pbm) (r) Execution stack: %interp_exit .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- false 1 %stopped_push 1990 1 3 %oparray_pop 1989 1 3 %oparray_pop 1977 1 3 %oparray_pop 1833 1 3 %oparray_pop --nostringval-- %errorexec_pop .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- %array_continue --nostringval-- Dictionary stack: --dict:734/1123(ro)(G)-- --dict:0/20(G)-- --dict:87/200(L)-- --dict:0/20(L)-- Current allocation mode is local Last OS error: Permission denied Current file position is 10282 GPL Ghostscript 9.53.3: Unrecoverable error, exit code 1 ===8<-- It’s worth noting that case 2 has no problem if the middle step uses the ppmraw driver instead of the pbm driver. So I thought perhaps a workaround would be to convert the PBM file produced by unpaper (case 1) to PPM, then feed the PPM file into GS -- but no, the same “invalidfileaccess” occurs. I also retried case 3 but using a PPM instead, which also failed: ===8<-- $ convert logo: -colors 2 -colorspace gray -normalize pbm:im_logo.ppm $ gs -sDEVICE=pdfwrite -q -r300 -dSCALE=1 -o im_logo_ppm.pdf -- /usr/share/ghostscript/9.53.3/lib/viewpbm.ps im_logo.ppm Error: /invalidfileaccess in --file-- Operand stack: (im_logo.ppm) (r) Execution stack: %interp_exit .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- false 1 %stopped_push 1990 1 3 %oparray_pop 1989 1 3 %oparray_pop 1977 1 3 %oparray_pop 1833 1 3 %oparray_pop --nostringval-- %errorexec_pop .runexec2 --nostringval-- --nostringval-- --nostringval-- 2 %stopped_push --nostringval-- --nostringval-- --nostringval-- %array_continue --nostringval-- Dictionary stack: --dict:734/1123(ro)(G)-- --dict:0/20(G)-- --dict:87/200(L)-- --dict:0/20(L)-- Current allocation mode is local Last OS error: Permission denied Current file position is 10282 GPL Ghostscript 9.53.3: Unrecoverable error, exit code 1 ===8<-- -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ghostscript depends on: ii libc6 2.31-13+deb11u3 ii libgs9 9.53.3~dfsg-7+deb11u2 ghostscript recommends no packages. Versions of packages ghostscript suggests: ii ghostscript-x 9.53.3~dfsg-7+deb11u2 -- no debconf information
Bug#1016102: rsync: The --remove-source-files destroys data when source & destination are the same (data loss!)
Package: rsync Version: 3.2.3-4+deb11u1 Severity: critical Justification: causes serious data loss X-Debbugs-Cc: debbug.rs...@sideload.33mail.com I accidentally ran: $ rsync -va --progress --remove-source-files "$dir_with_many_files" "$dir_with_many_files" Due to a typo when using bash history substitution, the source and destination were both directories and they both named the same directory. The expectation is that rsync should detect movement from A to A and do nothing apart from warning the user that there is nothing to do. Instead, because of the “--remove-source-files” option, rsync DESTROYS all the files in "$dir_with_many_files" irrevokably. There needs to be a safeguard that prevents --remove-source-files from having effect if: * Files are not copied to the destination (for any reason) * The source and destination are the same I suffered data loss because of this. At the very least, if it’s really intended for “rsync --remove-source-files $A $A” to effectively behave like “rm -rf $A/*”, there AT LEAST needs to be a very loud warning prompting the user for confirmation. But I conjecture that there never is a legit scenario where “rsync --remove-source-files” simply destroys files without safely ensuring they exist somewhere in the end. -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages rsync depends on: ii init-system-helpers 1.60 ii libacl1 2.2.53-10 ii libc62.31-13+deb11u3 ii liblz4-1 1.9.3-2 ii libpopt0 1.18-2 ii libssl1.11.1.1n-0+deb11u3 ii libxxhash0 0.8.0-2 ii libzstd1 1.4.8+dfsg-2.1 ii lsb-base 11.1.0 ii zlib1g 1:1.2.11.dfsg-2+deb11u1 rsync recommends no packages. Versions of packages rsync suggests: ii openssh-client 1:8.4p1-5+deb11u1 ii openssh-server 1:8.4p1-5+deb11u1 ii python3 3.9.2-3 -- no debconf information
Bug#1014374: tootle: Tootle only remembers 4 accounts (5th acct can be added but is lost)
Package: tootle Followup-For: Bug #1014374 X-Debbugs-Cc: debbug.1014...@sideload.33mail.com I should also mention that it’s important that tootle uses the XDG_CONFIG_HOME variable when referencing the config file. If not, and the config file path is hardcoded to include a directory that the user has converted into a symbolic link (e.g. ~/.config/), that’s one scenario that will break access to that file within a firejail environment. So in short, it’s still feasible that there is a tootle bug here. Certainly the man page should specify whether the XDG_CONFIG_HOME variable is used and otherwise how the user can control the path to the config file.
Bug#1014374: tootle: actually there is no account limit
Package: tootle Followup-For: Bug #1014374 X-Debbugs-Cc: debbug.1014...@sideload.33mail.com Control: block 1014374 by 1016015 Control: severity 1014374 minor Control: retitle 1014374 Accounts cannot be added when running in Firejail Control: summary 1014374 This is possibly not a bug in tootle. It may be strictly a Firejail bug. Tootle was likely running within a Firejail sandbox when this bug was noticed. Considering another app (toot) has a very similar problem when running in Firejail, it’s more likely that firejail is preventing config files from being updated. As an extra test, I ran tootle outside of firejail and was able to add more accounts.
Bug#1016015: firejail: The --read-write option fails to enable file mods to persist after the sandbox is gone
Package: firejail
Version: 0.9.64.4-2
Severity: important
X-Debbugs-Cc: debbug.firej...@sideload.33mail.com
Control: affects 1014374 + tootle
The command tootle was first executed outside firejail to establish a
working config file. This was motivated to work around bug
1015816. After tootle proved to function outside of firejail, it was
relaunched within firejail as follows:
$ firejail --net=vnet0 --dns="$(ip address show dev vnet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')"\
--env=XDG_CONFIG_HOME="$HOME"/my_config_files\
--whitelist="$(readlink
$HOME/.config)"com.github.bleakgrey.tootle/accounts.json\
--noblacklist="$(readlink
$HOME/.config)"com.github.bleakgrey.tootle/accounts.json\
--read-write="$(readlink
$HOME/.config)"com.github.bleakgrey.tootle/accounts.json\
tootle
$HOME/.config is a symblic link to "$HOME"/my_config_files, and the
above configuration is crafted to ensure that firejail receives no
references to a symbolic file or directory.
Tootle was able to read the config file and make use of it within
firejail. Tootle was also able to update the config file during that
session, proven by its ability to add new accounts and interact with
them. But when the session ended, the config file updates were not
persistent and new accounts were lost.
Note that “tootle” and “toot” (mentioned in bug 1015816) are two
completely different applications, though they both serve the same
purpose. Also note that bug 1015816 is very similar. The difference
is that in bug 1015816 the config file cannot be created, while the
bug herein reports that modifications to an existing config file do
not persist across sessions. The bug herein may boil down to the same
bug affecting the same code as 1015816 (investigation needed).
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed [not included]
-- no debconf information
Bug#1015816: firejail: Unable to create a whitelisted config file
Package: firejail Version: 0.9.64.4-2 Followup-For: Bug #1015816 X-Debbugs-Cc: debbug.1015...@sideload.33mail.com To cover all bases, I also tried enabling the read-write perms, effectively running: $ firejail --env=XDG_CONFIG_HOME="$HOME"/my_config_files\ --whitelist="$(readlink $HOME/.config)"toot/config.json\ --noblacklist="$(readlink $HOME/.config)"toot/config.json\ --profile=<(printf '%s\n' 'mkdir ~/tools/conf/toot')\ --read-write="$HOME"/my_config_files/toot\ --read-write="$HOME"/my_config_files/toot/config.json\ toot login It made no difference. It still just leaves the empty directory "$HOME"/my_config_files/toot. As a possible secondary bug in the docs, the man page contains: ===8<-- --read-write=dirname_or_filename Set directory or file read-write. Only files or directories belonging to the current user are allowed for this operation. File globbing is supported, see FILE GLOBBING section for more details. Example: $ mkdir ~/test $ touch ~/test/a $ firejail --read-only=~/test --read-write=~/test/a ===8<-- The man page does not state what the default perms are. The whitelist option in the man page says: “Modifications to whitelisted files are persistent”. This seems to imply that the read-write option is the default setting on whitelisted dirs, but makes no mention of what happens if read-write is used on a non-whitelisted dir. The example given somewhat implies that read-write is useful when giving different perms to a subdir than the parent dir. But it does not outright state this so users are left guessing. I should also say it’s unclear whether the noblacklist option is useful or redundant. Does --whitelist imply --noblacklist automatically? The man page should make that clear.
Bug#1015816: firejail: Unable to create a whitelisted config file
Package: firejail
Version: 0.9.64.4-2
Followup-For: Bug #1015816
X-Debbugs-Cc: debbug.1015...@sideload.33mail.com
It was an interesting suggestion but in the end it made no
difference. And in fact the test inspires a feature request.
I created /tmp/toot.profile as follows:
===8<--
mkdir ~/my_config_files/toot/
===8<--
Then I ran the same command as previously, but added
“--profile=/tmp/toot.profile”. It ran just the same as it did
previously, except the only difference is that ~/my_config_files/toot/
persists. So it runs successfully, exits, and leaves the empty
directory ~/my_config_files/toot/. The fact that it’s empty is the
problem. The config file created therein must persist as well.
The output is the same as before apart from also printing the
following line upon launch:
===8<--
…
Reading profile /tmp/toot.profile
…
===8<--
It was useful to see an indicator that the profile was read. It’s a
little annoying that firejail does not inform the user that it’s
creating a directory. After reading the profile, it eventually
executes “mkdir ~/my_config_files/toot/” without telling the user. So
as a feature request I suggest printing that action in the output.
Even if the /mkdir/ parameter were to have fixed the problem, it would
have simply been a workaround. That is, it’s not always trivial (or
even possible) to predict which directories an app will
create. Firejail should permit an app to arbitrarily create any
directories on-the-fly as needed-- to the extent that it has write
permission in the applicable directory.
In a 2nd test I took your suggestion a step further, and expanded
/tmp/toot.profile to also create the file:
===8<--
mkdir ~/my_config_files/toot/
mkfile ~/my_config_files/toot/config.json
===8<--
Firejail successfully created an empty config file, but this time it
fell over. When I say “it” fell over, I don’t know if Firejail fell
over or if the app did. I’m speculating that the app’s JSON parser did
not like finding any empty file. This was the output:
===8<--
Traceback (most recent call last):
File "/usr/bin/toot", line 11, in
load_entry_point('toot==0.27.0', 'console_scripts', 'toot')()
File "/usr/lib/python3/dist-packages/toot/console.py", line 547, in main
user, app = config.get_active_user_app()
File "/usr/lib/python3/dist-packages/toot/config.py", line 94, in
get_active_user_app
config = load_config()
File "/usr/lib/python3/dist-packages/toot/config.py", line 70, in load_config
return json.load(f)
File "/usr/lib/python3.9/json/__init__.py", line 293, in load
return loads(fp.read(),
File "/usr/lib/python3.9/json/__init__.py", line 346, in loads
return _default_decoder.decode(s)
File "/usr/lib/python3.9/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/lib/python3.9/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 2 column 1 (char 1)
===8<--
I think I might have previously reported the difficulty in
distinguising an app error from a firejail error because FJ does not
tag its own output. In any case, to summarize, I’ll enumerate the 3
outstanding issues:
1) The config file for the /toot/ app is apparently created within the
sandbox but it fails to persist when the app terminates (regardless of
whether or not the mkdir parameter is used).
2) The mkdir and mkfile profile parameters take effect (as expected),
but Firejail neglects to inform the user of this.
3) Firejail errors are often indistinguishible from child process
errors because FJ makes no effort to tag its own output.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed [not included]
-- no debconf information
Bug#1016009: reportbug: Paranoid mode shows base64 instead of human readible text
Package: reportbug Version: 7.10.3+deb11u1 Severity: wishlist Tags: a11y X-Debbugs-Cc: debbug.report...@sideload.33mail.com Using the --paranoid option shows the text of the bug report before transmission. In my case, the body is usually base64 encoded, which means only the headers are readible to a human. There may be some debugging or academic merit to showing the base64, but this is not generally what the user is interested in. This can be improved in a couple ways: 1) After the headers, instead of showing multiple screens full of base64, just print 1 line like: «115 lines of base64-encoded text» and follow that with: [decoded body] … … «OR» 2) show just the decoded msg, but give an extra option in the prompt to show the verbatim raw msg for those who are interested. -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages reportbug depends on: ii apt2.2.4 ii python33.9.2-3 ii python3-reportbug 7.10.3+deb11u1 ii sensible-utils 0.0.14 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate ii emacs-bin-common1:27.1+1-3.1 ii file1:5.39-3 ii gnupg 2.2.27-2+deb11u2 ii postfix [mail-transport-agent] 3.5.13-0+deb11u1 ii python3-urwid 2.1.2-1 pn reportbug-gtk ii xdg-utils 1.1.3-4.1 Versions of packages python3-reportbug depends on: ii apt2.2.4 ii file 1:5.39-3 ii python33.9.2-3 ii python3-apt2.2.1 ii python3-debian 0.1.39 ii python3-debianbts 3.1.0 ii python3-requests 2.25.1+dfsg-2 ii sensible-utils 0.0.14 python3-reportbug suggests no packages. -- no debconf information
Bug#1016007: reportbug: The prompt “Does this bug still exist in version X…” requires a binary answer when there are 3 possibilities
Package: reportbug Version: 7.10.3+deb11u1 Severity: normal X-Debbugs-Cc: debbug.report...@sideload.33mail.com In responding to this bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880877 reportbug prompted with: Does this bug still exist in version 7.10.3+deb11u1 of this package [y|N|q|?]? Luckily I happened to know the answer, but this is not always the case. Forcing users to answer this question with “y” or “n” facilitates misinfo, because a user who does not know if their particular version at the moment has the bug may opt to give an arbitrary answer instead of testing. Maybe they can’t test. Maybe testing the bug requires a complex/elaborate setup. There needs to be an option to skip this question. -- Package-specific info: ** Environment settings: EDITOR="emacs" INTERFACE="text" ** /home/blee/.reportbugrc: reportbug_version "7.10.3" mode advanced ui text realname "anonymous coward" email "tripr@a5dkbvgakon2lxmauleiizkv6i3s36wp6w3i32a3buc4xmtdnbttmryd.onion" no-cc list-cc-me smtphost reportbug.debian.org -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages reportbug depends on: ii apt2.2.4 ii python33.9.2-3 ii python3-reportbug 7.10.3+deb11u1 ii sensible-utils 0.0.14 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate ii emacs-bin-common1:27.1+1-3.1 ii file1:5.39-3 ii gnupg 2.2.27-2+deb11u2 ii postfix [mail-transport-agent] 3.5.13-0+deb11u1 ii python3-urwid 2.1.2-1 pn reportbug-gtk ii xdg-utils 1.1.3-4.1 Versions of packages python3-reportbug depends on: ii apt2.2.4 ii file 1:5.39-3 ii python33.9.2-3 ii python3-apt2.2.1 ii python3-debian 0.1.39 ii python3-debianbts 3.1.0 ii python3-requests 2.25.1+dfsg-2 ii sensible-utils 0.0.14 python3-reportbug suggests no packages. -- no debconf information
Bug#880877: reportbug: leak user private information in the SMTP log
Package: reportbug
Version: 7.10.3+deb11u1
Followup-For: Bug #880877
X-Debbugs-Cc: debbug.880...@sideload.33mail.com
>> When reportbug is used as a direct SMTP client , reporting user
>> hostname , ip and username are leaked to the BTS.
>
> well, that's how mail transport systems work
Different MTAs work differently.
Regarding the hostname, that is a configurable parameter in
postfix. It can be whatever the user sets it to.
Regarding IP, all MTAs inherently know the IP but some
privacy-respecting MTAs strip out the IP to protect the sender’s
privacy from the recipient. This is crtically important when email is
not merely going to the inbox of an individual but rather being
published to the world. It’s reckless to expose that sensitive
information.
The MTA is one place where this leak can be addressed, but it’s not
the only place. IIUC, bugs are processed by procmail, which means a
procmail recipe also has the opportunity to strip out the sender’s IP
address.
>> Such information leak is not expected (and undesirable). That
>> information is passes under Message-ID (hash-reportbug@users-fqdn)
>> and in the Received: from section.
>
> this is generated by a standard python function
>
> reportbug/submit.py:message['Message-ID'] =
> email.utils.make_msgid('reportbug')
While it’s interesting to know that a standard lib fails to give the
user control over what elements are used for the composition of the
msg id, this does not excuse the leaking of sensitive info. Use of
that library call is optional. IIRC, the RFC does not dictate what
info appears in a msg id, only that the msg id is sufficiently random
so as to facilitate uniqueness and avoid duplicating another msg id.
> this is all expected.
Certainly not. It’s expected that a mainstream project like Debian be
on the ball about safeguarding sensitive info. IP address & other
unique IDs can go in the logs if Debian needs the info for abuse
control, but it’s embarrassing that a reputable distro would publish
that info for the world.
> what i think your report is missing is a concrete solution to address
> whatever you think it wrong. if you cant provide anything, i'm afraid i'm
> going to close this report, as i dont think any action is warranted.
This is a bug report, not a PR request. Bug reports do not need a PR
request to justify their existence.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages reportbug depends on:
ii apt2.2.4
ii python33.9.2-3
ii python3-reportbug 7.10.3+deb11u1
ii sensible-utils 0.0.14
reportbug recommends no packages.
Versions of packages reportbug suggests:
pn claws-mail
pn debconf-utils
pn debsums
pn dlocate
ii emacs-bin-common1:27.1+1-3.1
ii file1:5.39-3
ii gnupg 2.2.27-2+deb11u2
ii postfix [mail-transport-agent] 3.5.13-0+deb11u1
ii python3-urwid 2.1.2-1
pn reportbug-gtk
ii xdg-utils 1.1.3-4.1
Versions of packages python3-reportbug depends on:
ii apt2.2.4
ii file 1:5.39-3
ii python33.9.2-3
ii python3-apt2.2.1
ii python3-debian 0.1.39
ii python3-debianbts 3.1.0
ii python3-requests 2.25.1+dfsg-2
ii sensible-utils 0.0.14
python3-reportbug suggests no packages.
-- no debconf information
Bug#1014871: reportbug: is being confusing with the -r option
Package: reportbug Version: 7.10.3+deb11u1 Followup-For: Bug #1014871 X-Debbugs-Cc: debbug.1014...@sideload.33mail.com Indeed I concur. If this bug report were on Launchpad I would be upvoting it (which I think is not possible in debian bug reports). Calling reportbug -r “confusing” is putting it overly lightly. The -r option is actually completely broken & useless. There are several bugs which should probably be reported separately. This is what my session looked like: ===8<-- $ torsocks reportbug -r "$saved_report" 1658731266 WARNING torsocks[21461]: [syscall] Unsupported syscall number 315. Denying the call (in tsocks_syscall() at syscall.c:604) *** Welcome to reportbug. Use ? for help at prompts. *** Note: bug reports are publicly archived (including the email address of the submitter). Detected character set: UTF-8 Please change your locale if this is incorrect. Using 'anonymous coward ' as your from address. Will send report to Debian (per lsb_release). Spawning emacs... 1658731267 WARNING torsocks[21486]: [syscall] Unsupported syscall number 315. Denying the call (in tsocks_syscall() at syscall.c:604) No changes were made in the editor. Report will be sent to Debian Bug Tracking System Submit this report on reportbug (e to edit) [y|n|a|c|E|i|l|m|p|q|d|tSubmit this report on reportbug (e to edit) [y|n|a|c|E|i|l|m|p|q|d|t|?]?Submit this report on reportbug (e to edit) [y|n|a|c|E|i|l|m|p|q|d|t|?]? y Report is unchanged. Edit this report or quit [E|q|s|?]? s Sending empty report anyway... 1658731287 ERROR torsocks[21461]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677) Saving a backup of the report at /tmp/reportbug-reportbug-backup-20220725084127-j_q_q9m2 Connecting to reportbug.debian.org via SMTP... 1658731289 ERROR torsocks[21461]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677) 1658731289 ERROR torsocks[21461]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677) SMTP send failure: (550, b'No valid sender found in the From:, Sender: and Reply-to: headers'). You can retry, or save the report and exit. Do you want to retry [Y|n|q|?]? Connecting to reportbug.debian.org via SMTP... 1658731317 ERROR torsocks[21461]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677) 1658731318 ERROR torsocks[21461]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:677) SMTP send failure: (550, b'No valid sender found in the From:, Sender: and Reply-to: headers'). You can retry, or save the report and exit. Do you want to retry [Y|n|q|?]? q ===8<-- Bug 1) It ignored the email address that was supplied in the saved draft and instead used the email address in the config file. When an email address is given for a specific bug report, that address should override the default address from the configs. Bug 2) Emacs was spawned to show me the bug report without me asking. Yet the prompt with option to edit (“E”) follows that anyway, and it defaults to E! The default “E” is reasonable if, and only if, the editor is not triggered before the prompt. So I had to override the default action and choose “y”. Bug 3) It says “Report is unchanged. Edit this report or quit [E|q|s|?]?” It’s accurate that the report is unchanged, but not interesting. The user should not be told that it was unchanged in a normal mode of execution. That should only appear if debugging reportbug with some extra verbosity. It’s particularly absurd that this prompt also defaults to “E”, as if to suggest that the input report /needs/ to be changed. It does not, and that’s not the normal course. This whole prompt should go away. Bug 4) It says “Sending empty report anyway...” and it does that without a prompt. So after the user receives excessive prompting, reportbug neglects to prompt to ask the user if it’s okay to send an empty report. The default action is also stupid. Why should reportbug even support the possibility of sending an empty report? That should never happen. Bug 5) The fact that reportbug *detects* the report as being empty is clearly a bug. It just showed me in the editor that my bug report was clearly not empty. It showed me a complete report, it knew I did not change that complete report, then it treats the report as empty. WTF. Bug 6) A backup report is saved which is an exact copy of the input report. Is there cause to think that the input file would be lost in this operation? In the case above, the backup file was saved in /tmp/ so the pollution will eventually be removed. But in other executions I’ve seen the backup report saved in my drafts directory -- the same directory that holds the input report. So there are multiple verbatim copies of the same report in that directory, thus pollution that persists. (note: some of the noise in the output sample is
Bug#1015151: firejail: (Regression) Segfault when using --net=$namespace
Package: firejail
Followup-For: Bug #1015151
X-Debbugs-Cc: debbug.1015...@sideload.33mail.com
I did another test, this time ensuring that the profile was read:
$ firejail --net=vnet0 --dns="$(ip address show dev vnet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')"\
--profile=<(printf '%s\n' 'ignore noroot')\
lynx -dump
'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015151'
Same output:
===8<--
Reading profile /dev/fd/63
…
firejail: util.c:910: create_empty_dir_as_root: Assertion `(s.st_mode & 0)
== (mode)' failed.
Error: proc 15924 cannot sync with peer: unexpected EOF
Peer 15928 unexpectedly killed (Segmentation fault)
===8<--
So the “ignore noroot” option makes no difference.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed [not included]
-- no debconf information
Bug#1015816: firejail: Unable to create a whitelisted config file
Package: firejail Version: 0.9.64.4-2 Severity: normal X-Debbugs-Cc: debbug.firej...@sideload.33mail.com The app “toot” generally needs to create and access this config file: ~/.config/toot/config.json For organizational and backup reasons, I’ve taken these steps (in effect): $ mv ~/.config ~/my_config_files $ ln -s ~/my_config_files ~/.config So ~/.config is a symlink pointing to ~/my_config_files. To avoid supplying a symlink to Firejail, it’s launched as follows: $ firejail --env=XDG_CONFIG_HOME="$HOME"/my_config_files\ --whitelist="$(readlink $HOME/.config)"toot/config.json\ --noblacklist="$(readlink $HOME/.config)"toot/config.json\ toot login The readlink command substitution converts the symlink to a full absolute pathname (not symbolic). Passing the XDG_CONFIG_HOME variable ensures that the app itself makes no reference to the symbolic link, which is confirmed by the app’s output showing: ===8<-- Creating config file at /home/user/my_config_files/toot/config.json ===8<-- The app runs without issue, but when the app terminates there is no existing file /home/user/my_config_files/toot/config.json. -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages firejail depends on: ii libapparmor1 2.13.6-10 ii libc6 2.31-13+deb11u3 ii libselinux1 3.1-3 Versions of packages firejail recommends: ii firejail-profiles 0.9.64.4-2+deb11u1 ii iproute2 5.10.0-4 ii iptables 1.8.7-1 ii xauth 1:1.1-1 ii xdg-dbus-proxy 0.1.2-2 ii xpra 3.0.13+dfsg1-1 ii xvfb 2:1.20.11-1+deb11u1 firejail suggests no packages. -- Configuration Files: /etc/firejail/firejail.config changed [not included] -- no debconf information
Bug#1015813: toot: User guide missing and man page should mention files & variables used by the app
Package: toot Version: 0.27.0-1 Severity: minor X-Debbugs-Cc: debbug.t...@sideload.33mail.com The default config file is apparently ~/.config/toot/config.json, but this is not mentioned in the man page. The man page should also mention how to change which config file is used, if possible. It should also include environment variables the app uses. E.g. presumably the app looks at XDG_CONFIG_HOME, which might be a way to at least change where the config file is rooted (if there is no specific option). Apart from the man page, there is: /usr/share/doc/toot/changelog.Debian.gz There should ideally be a complete user guide there. The upstream repo directs users to this Cloudflare site: https://toot.readthedocs.io/ Cloudflare is an access restricted walled garden that excludes some users, and it violates the privacy of users who unwittingly go there. It also violates the FSF Free Documentation criteria, IIRC. Therefore the user guide should be imported into /usr/share/doc/toot/. Apart from Cloudflare abuses, it’s worth noting that it’s generally useful to have local offline docs anyway. -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages toot depends on: ii python3 3.9.2-3 ii python3-bs4 4.9.3-1 ii python3-requests 2.25.1+dfsg-2 ii python3-urwid 2.1.2-1 ii python3-wcwidth 0.1.9+dfsg1-2 toot recommends no packages. toot suggests no packages. -- no debconf information
Bug#1015151: firejail: (Regression) Segfault when using --net=$namespace
Package: firejail
Followup-For: Bug #1015151
X-Debbugs-Cc: debbug.1015...@sideload.33mail.com
I tried the suggestion and it made no difference, but I suspect I have
a separate problem with local profiles. I first looked through the
man page for a commandline equivalent to “ignore noroot” and found
nothing. So then I created:
/home/user/my_symlinked_configs/firejail/my_app.local
with “ignore noroot” along with a whitelisted path and “net
vnet0”. Then I ran:
$ firejail --profile=/home/user/my_symlinked_configs/firejail/my_app.local\
--dns="$(ip address show dev vnet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')\
my_app
(note that the --dns option *must* be on the CLI because unfortunately
profiles are incapable of command substitution)
It got the segfault as before. Then I downgraded to version
0.9.64.4-2 again and ran the same command. The app ran but it acted
as if the whitelisted folder did not exist. So I have a problem
making profiles work (likely because firejail cannot handle symlinks
properly [or even real dirs that happen to have a symlink]). So
apparently I cannot test the “ignore noroot” profile-only option.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed [not included]
-- no debconf information
Bug#1015151: firejail: (Regression) Segfault when using --net=$namespace
Package: firejail
Followup-For: Bug #1015151
X-Debbugs-Cc: debbug.1015...@sideload.33mail.com
When doing this upgrade:
0.9.64.4-2 → 0.9.64.4-2+deb11u1
~50+ or so other packages were upgraded at the same time which could
have theoretically changed the Tor middlebox. So more testing was
needed to confirm that the regression was actually in the firejail
pkg. The deb file for the old version was still present, so this was
run:
$ apt install /var/cache/apt/archives/firejail_0.9.64.4-2_amd64.deb
Then this was run as a test:
$ firejail --net=vnet0 --dns="$(ip address show dev vnet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')" lynx -dump
'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015151'
Indeed firejail worked after the downgrade. I believe this proves the
bug was introduced in firejail version 0.9.64.4-2+deb11u1. The
following file was created to prevent the buggy version from being
reinstalled before bug 1015151 is fixed:
[/etc/apt/preferences.d/firejail]
===8<--
Package: firejail
Pin: version 0.9.64.4-2
Pin-Priority: 999
===8<--
Reproducing the bug may require the tester to create a Tor
middlebox. The Tor middlebox used in my tests followed this approach:
https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https://github.com/Bylon/TOR_Middlebox
A newer approach to building a Tor middlebox is documented here:
https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https://gitlab.com/BylonAkila/TOR_Middlebox.git
This article may have been inspired the above repos:
https://web.archive.org/web/20200805082619/https://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed:
cgroup no
-- no debconf information
Bug#1015151: firejail: (Regression) Segfault when using --net=$namespace
Package: firejail
Version: 0.9.64.4-2+deb11u1
Severity: important
X-Debbugs-Cc: debbug.firej...@sideload.33mail.com, t...@security.debian.org
This upgrade introduced a segmentation fault:
firejail:amd64 0.9.64.4-2 → 0.9.64.4-2+deb11u1
This is a sample command where it fails:
$ firejail --net=vnet0 --dns="$(ip address show dev vnet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')"\
lynx -dump "$arbitrary_URL"
The network namespace “vnet0” is a Tor middlebox. This command
previously had no problem, but now it crashes with the following
output:
===8<--
firejail: util.c:910: create_empty_dir_as_root: Assertion `(s.st_mode &
0) == (mode)' failed.
Error: proc 23396 cannot sync with peer: unexpected EOF
Peer 23406 unexpectedly killed (Segmentation fault)
===8<--
I have set the severity to /important/ because this defect makes it
impossible to restrict apps to the Tor network. There is no
workaround. Perhaps torsocks will work in cases where the app is
expected to access the network via common system calls, but in cases
where apps bypass systems calls we have a breach. E.g. java apps tend
to not function with torsocks.
-- System Information:
Debian Release: 11.4
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-16-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.6-10
ii libc6 2.31-13+deb11u3
ii libselinux1 3.1-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.64.4-2+deb11u1
ii iproute2 5.10.0-4
ii iptables 1.8.7-1
ii xauth 1:1.1-1
ii xdg-dbus-proxy 0.1.2-2
ii xpra 3.0.13+dfsg1-1
ii xvfb 2:1.20.11-1+deb11u1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/firejail.config changed [not included]
-- no debconf information
Bug#1014794: tootle: (security) Doxxing issue: user agent (“application”) appears in status
Package: tootle Version: 1.0-alpha2-1 Severity: normal X-Debbugs-Cc: debbug.too...@sideload.33mail.com When a status/toot is composed, the user is given no control over what populates the “application” field. This adds to users’ fingerprints. I’ve been doxxed and it was revealed that the user agent was a crucial factor. -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tootle depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii elementary-xfce-icon-theme 0.15.2-1 ii libc62.31-13 ii libcairo21.16.0-5 ii libgdk-pixbuf2.0-0 2.40.2-2 ii libgee-0.8-2 0.20.4-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libhandy-1-0 1.0.3-2 ii libjson-glib-1.0-0 1.6.2-1 ii libsoup2.4-1 2.72.0-2 tootle recommends no packages. tootle suggests no packages. -- no debconf information
Bug#1014377: tootle: When adding a new account, Tootle fails to launch a browser but remains silent
Package: tootle Version: 1.0-alpha2-1 Severity: normal X-Debbugs-Cc: debbug.too...@sideload.33mail.com Everytime I added a new account, tootle failed to launch a browser for the Oauth URL. Most normal users would be totally stumped at this point because the GUI gives no indication that there was a problem. The terminal output shows this: ===8<-- ** Message: 09:57:11.695: NewAccount.vala:116: Checking instance URL ** Message: 09:57:11.696: NewAccount.vala:131: Registering client ** Message: 09:57:11.710: NewAccount.vala:58: Successfully associated MIME type for automatic authorization ** (tootle:14): CRITICAL **: 09:13:11.710: string_to_string: assertion 'self != NULL' failed ** Message: 09:57:13.760: NewAccount.vala:144: OK: Instance registered client ** Message: 09:57:13.761: NewAccount.vala:151: Opening permission request page ** Message: 09:57:13.761: Desktop.vala:7: Opening URI: https:///oauth/authorize?scope=read%20write%20follow_type=code_uri=tootle://auth_code_id= [36:36:0705/091314.208881:FATAL:zygote_host_impl_linux.cc(204)] Check failed: ReceiveFixedMessage(fds[0], kZygoteHelloMessage, sizeof(kZygoteHelloMessage), _pid). #0 0x563710d06f09 (/usr/lib/chromium/chromium+0x487cf08) Received signal 6 #0 0x563710d06f09 (/usr/lib/chromium/chromium+0x487cf08) r8: r9: 7ffcf944e3a0 r10: 0008 r11: 0246 r12: 0f45f989c700 r13: 0f45f989c710 r14: 7ffcf944ee70 r15: 00a8 di: 0002 si: 7ffcf944e3a0 bp: 7ffcf944e5f0 bx: 7f626dce2480 dx: ax: cx: 7f6275021ce1 sp: 7ffcf944e3a0 ip: 7f6275021ce1 efl: 0246 cgf: 002b0033 erf: trp: msk: cr2: [end of stack trace] Calling _exit(1). Core file will not be generated. ===8<-- The registration/linking can be completed by manually copy-pasting the URI in a browser and then giving permission for the browser to run xdg-open to feed the key back to tootle. And that’s the workaround. Note that the only reason I knew to look for that oauth URL is because I’m familiar with the bitlbee plugin, which is a text based client with a more manual process. The user is instructed to open URL X, get a token/password, and then paste that in a msg to the client app. Tootle could follow that example when dealing with browser failures. It could catch the exception when the browser fails to launch and walk the user through the process. Possible cause: The snag in Tootle could be Tor-related. If someone launches “torsocks tootle” (because tootle lacks HTTP proxy & SOCKS proxy options) or they run tootle inside a Tor middlebox, and the user’s default browser is a script that runs something like “torsocks firefox” or “ chromium”, that would likely fail because torsocks would be run within a session that has already been torsocksified or forced over Tor. I postulate that there are multiple bugs here: 1. When the browser fails to launch for any reason, tootle neglects to give GUI dialog that at least minimally informs the user. And ideally Tootle would go as far as to walk the user through a manual oauth linking process. 2. There is no HTTP proxy option. 3. There is no SOCKS proxy option. -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tootle depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii elementary-xfce-icon-theme 0.15.2-1 ii libc62.31-13 ii libcairo21.16.0-5 ii libgdk-pixbuf2.0-0 2.40.2-2 ii libgee-0.8-2 0.20.4-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libhandy-1-0 1.0.3-2 ii libjson-glib-1.0-0 1.6.2-1 ii libsoup2.4-1 2.72.0-2 tootle recommends no packages. tootle suggests no packages. -- no debconf information
Bug#1014374: tootle: Tootle only remembers 4 accounts (5th acct can be added but is lost)
Package: tootle Version: 1.0-alpha2-1 Severity: normal X-Debbugs-Cc: debbug.too...@sideload.33mail.com I have been able to add 4 accounts, shutdown the app, relaunch, and the 4 accounts are remembered just fine. But when a 5th account is added, it is accepted and it functions just for the session it was added in. After exiting and relaunching, the 5th account is gone-- as if it never existed. I reattempted and same result. Then I attempted to add a 5th account for the third time but this time it was for a different account from a different Mastodon node. Same problem. -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tootle depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii elementary-xfce-icon-theme 0.15.2-1 ii libc62.31-13 ii libcairo21.16.0-5 ii libgdk-pixbuf2.0-0 2.40.2-2 ii libgee-0.8-2 0.20.4-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libhandy-1-0 1.0.3-2 ii libjson-glib-1.0-0 1.6.2-1 ii libsoup2.4-1 2.72.0-2 tootle recommends no packages. tootle suggests no packages. -- no debconf information
Bug#1014373: tootle: Crash when clicking a deleted toot
Package: tootle Version: 1.0-alpha2-1 Severity: normal X-Debbugs-Cc: debbug.too...@sideload.33mail.com Steps to reproduce: 1. Click the search icon and manually enter your own pseudonym by hand (since there is no other way to view one’s own timeline) 2. Click the /more/ icon (stacked dots) & choose “delete” 3. Notice that the post that was just deleted remains in the window with no indication that the delete was successful 4. Click anywhere in the box showing the deleted message (but avoid clicking on something that’s obviously sensitive). This action would normally expand the status, but in this case tootle crashes & the window simply disappears. Note also that it’s human nature to click to expand the deleted toot in order to look for some indication that the deletion completed. -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tootle depends on: ii dconf-gsettings-backend [gsettings-backend] 0.38.0-2 ii elementary-xfce-icon-theme 0.15.2-1 ii libc62.31-13 ii libcairo21.16.0-5 ii libgdk-pixbuf2.0-0 2.40.2-2 ii libgee-0.8-2 0.20.4-1 ii libglib2.0-0 2.66.8-1 ii libgtk-3-0 3.24.24-4 ii libhandy-1-0 1.0.3-2 ii libjson-glib-1.0-0 1.6.2-1 ii libsoup2.4-1 2.72.0-2 tootle recommends no packages. tootle suggests no packages. -- no debconf information
Bug#1013442: firejail: cannot spawn emacs from reportbug (sometimes)
Package: firejail Version: 0.9.64.4-2 Severity: normal X-Debbugs-Cc: debbug.firej...@sideload.33mail.com Using Firejail to run reportbug sometimes works and sometimes doesn’t. When it doesn’t work, it reports that it cannot find emacs. Sample command: $ firejail --env=EDITOR=/usr/bin/emacs\ --whitelist="$HOME"/.reportbugrc\ --whitelist=/etc/passwd\ --whitelist=/var/lib/apt/lists\ --whitelist=/var/lib/dpkg/status\ --whitelist=/etc/apt/sources.list\ --whitelist=/etc/apt/sources.d\ --whitelist=/etc/debian_version\ --whitelist="$draft_folder"\ /usr/bin/reportbug -b --no-check-available --email="$my_email" --paranoid --draftpath="$draft_folder" --no-cc Output: ===8<-- Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc ** Note: you can use --noprofile to disable default.profile ** Parent pid 8934, child pid 8935 Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Child process initialized in 103.73 ms Please enter the name of the package in which you have found a problem, or type 'other' to report a more general problem. If you don't know what package the bug is in, please contact debian-u...@lists.debian.org for assistance. > firejail *** Welcome to reportbug. Use ? for help at prompts. *** Note: bug reports are publicly archived (including the email address of the submitter). Detected character set: UTF-8 Please change your locale if this is incorrect. Using 'anonymous coward ' as your from address. Getting status for firejail... Will send report to Debian (per lsb_release). Maintainer for firejail is 'Reiner Herrmann '. Looking up dependencies of firejail... Getting changed configuration files... Rewriting subject to 'firejail: profile needed for reportbug' How would you rate the severity of this problem or report? 1 criticalmakes unrelated software on the system (or the whole system) break, or causes serious data loss, or introduces a security hole on systems where you install the package. 2 grave makes the package in question unusable by most or all users, or causes data loss, or introduces a security hole allowing access to the accounts of users who use the package. 3 serious is a severe violation of Debian policy (that is, the problem is a violation of a 'must' or 'required' directive); may or may not affect the usability of the package. Note that non-severe policy violations may be 'normal,' 'minor,' or 'wishlist' bugs. (Package maintainers may also designate other bugs as 'serious' and thus release-critical; however, end users should not do so.). For the canonical list of issues deserving a serious severity you can refer to this webpage: http://release.debian.org/testing/rc_policy.txt . 4 important a bug which has a major effect on the usability of a package, without rendering it completely unusable to everyone. 5 does-not-build a bug that stops the package from being built from source. (This is a 'virtual severity'.) 6 normal a bug that does not undermine the usability of the whole package; for example, a problem with a particular option or menu item. 7 minor things like spelling mistakes and other minor cosmetic errors that do not affect the core functionality of the package. 8 wishlistsuggestions and requests for new features. Please select a severity level: [normal] 8 invalid report type None, defaulting to debbugs Spawning emacs... sh: 1: /usr/bin/emacs: not found Warning: possible error exit from emacs: 32512 No changes were made in the editor. Report will be sent to Debian Bug Tracking System Submit this report on firejail (e to edit) [y|n|a|c|E|i|l|m|p|q|d|t|?]? q Saving a backup of the report at /tmp/reportbug-firejail-backup-20220623182047-x0toa9s3 Bug report written to $draft_folder/reportbug-firejail-20220623182039-7kfg55kv Hint: You can resume an unsent report using reportbug -r TEMPFILE Thank you for using reportbug Parent is shutting down, bye... ===8<-- I saw this command correctly spawn emacs several times all on the same day. Another day (after a reboot), reportbug running inside of firejail consistently fails to spawn emacs. Rebooting should not have made a difference. I don’t see how the state of the system can influence this. I’m write this bug report herein using reportbug without firejail, and reportbug spawns emacs fine every time when firejail is not involved. Note that there is another problem: before failing to find e
Bug#810933: reportbug: possible workaround
Package: reportbug
Version: 7.10.3
Followup-For: Bug #810933
X-Debbugs-Cc: bug810...@sideload.33mail.com
I concur that SMTP proxying would be useful.
I also have a workaround using firejail. Firejail makes it possible to
restrict an app to a network namespace. So if you can configure your
proxy to be a network namespace that appears in
/proc/sys/net/ipv4/conf/, then firejail can do the rest. Restricting
apps to use Firejail is generally a good security practice anyway.
I managed to create a network (proxynet0). So running reportbug in
firejail to force use of proxynet0 looks like this:
===8<--
$ firejail --net=proxynet0\
--dns="$(ip address show dev proxynet0 | awk
'/inet\>/{gsub(/[/].*/,""); print $2 }')"\
--whitelist="$HOME"/.reportbugrc\
--whitelist="$draft_folder"\
--whitelist="$app_specific_configs"\
--whitelist=/etc/passwd\
--whitelist=/var/lib/apt/lists/\
--whitelist=/var/lib/dpkg/status\
--whitelist=/etc/apt/sources.list\
--whitelist=/etc/apt/sources.d\
reportbug --draftpath="$draft_folder" --no-cc
Reading profile /etc/firejail/default.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
** Note: you can use --noprofile to disable default.profile **
Parent pid 25268, child pid 25271
InterfaceMACIP Mask Status
lo 127.0.0.1255.0.0.0UP
eth0…
Default gateway…
DNS server…
Child process initialized in 1877.72 ms
(reportbug:11): dbind-WARNING **: 10:06:51.011: Couldn't connect to
accessibility bus: Failed to connect to socket /tmp/dbus-jLt9P0UVaA: Connection
refused
Please enter the name of the package in which you have found a problem, or
type 'other' to report a more general problem. If you don't know
what package the bug is in, please contact debian-u...@lists.debian.org for
assistance.
>
===8<--
Be sure to also add a --whitelist path for the config file of the app
the bug is reported on because reportbug will try to access that as
well. The placeholder “$app_specific_configs” was used above.
The reportbug app uses dbus for accessbility features, which firejail
blocks by default. The warning can be ignored if you don’t need
accessibility features. Otherwise Firejail offers the following
options to make dbus accessible:
--dbus-log=file
--dbus-system=filter|none
--dbus-system.broadcast=name=[member][@path]
--dbus-system.call=name=[member][@path]
--dbus-system.log
--dbus-system.own=name
--dbus-system.see=name
--dbus-system.talk=name
--dbus-user=filter|none
--dbus-user.broadcast=name=[member][@path]
--dbus-user.call=name=[member][@path]
--dbus-user.log
--dbus-user.own=name
--dbus-user.talk=name
--dbus-user.see=name
I’m not sure which dbus restriction needs to be lifted (hence why this
is a half-baked workaround). I tried adding this:
--dbus-system=filter
--dbus-system.call=org.freedesktop.DBus=org.freedesktop.DBus.*@/org/gnome/desktop/a11y/
but got:
Error: Invalid dbus-system.call rule:
org.freedesktop.DBus=org.freedesktop.DBus.*@/org/gnome/desktop/a11y/
Anyway, that’s typically not needed. Hopefully this workaround helps
someone looking to proxy their reportbug SMTP traffic.
Note as well that the info in this post can be useful if someone wants
to introduce a reportbug profile into the firejail project.
-- Package-specific info:
** Environment settings:
EDITOR="emacs"
INTERFACE="text"
-- System Information:
Debian Release: 11.0
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages reportbug depends on:
ii apt2.2.4
ii python33.9.2-3
ii python3-reportbug 7.10.3
ii sensible-utils 0.0.14
reportbug recommends no packages.
Versions of packages reportbug suggests:
pn claws-mail
pn debconf-utils
pn debsums
pn dlocate
ii emacs-bin-common1:27.1+1-3.1
ii file1:5.39-3
ii gnupg 2.2.27-2
ii postfix [mail-transport-agent] 3.5.6-1+b1
pn python3-urwid
pn reportbug-gtk
ii xdg-utils 1.1.3-4.1
Versions of packages python3-reportbug depends
Bug#1013254: reportbug: the --subject= CLI parameter ignored when -N is used
Package: reportbug Version: 7.10.3 Severity: normal X-Debbugs-Cc: debbug.report...@sideload.33mail.com This command was run: $ reportbug -b --no-check-available -N 881955 --email="$email_address" --paranoid --draftpath="$my_draft_path" --subject='feedback' --no-cc after having read this in the man page: -s SUBJECT, --subject=SUBJECT Set the subject of the bug report (i.e. a brief explanation of the problem, less than 60 characters). If you do not specify this switch, you will be prompted for a subject. The --subject parameter is ignored and reportbug prompts the user for a subject as follows: ===8<-- … Looking up dependencies of reportbug... Getting status for related package python3-reportbug... Looking up 'depends' of related package python3-reportbug... Looking up 'suggests' of related package python3-reportbug... Getting changed configuration files... Please provide a subject for your response. [Re: reportbug: Subject header encoding not RFC2047-compliant (too long)]> Does this bug still exist in version 7.10.3 of this package [y|N|q|?]? q … ===8<-- In this situation where a valid (<60 chars) subject is supplied, either: 1. the supplied subject field should be used without prompting «OR» 2. the prompt’s default should be the supplied subject with an option to override with the OP’s subject line. In any case, it’s certainly wrong to ignore the --subject parameter when a valid subject is supplied. BTW, I was half-tempted to mark this as an accessibility issue because someone who is handicapped might use the CLI options heavily to mitigate the question/answer process. But I’m not sure if the impact is significant. -- Package-specific info: ** Environment settings: EDITOR="emacs" INTERFACE="text" ** /home/blee/.reportbugrc: reportbug_version "7.10.3" mode advanced ui text realname "anonymous coward" no-cc list-cc-me smtphost reportbug.debian.org -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages reportbug depends on: ii apt2.2.4 ii python33.9.2-3 ii python3-reportbug 7.10.3 ii sensible-utils 0.0.14 reportbug recommends no packages. Versions of packages reportbug suggests: pn claws-mail pn debconf-utils pn debsums pn dlocate ii emacs-bin-common1:27.1+1-3.1 ii file1:5.39-3 ii gnupg 2.2.27-2 ii postfix [mail-transport-agent] 3.5.6-1+b1 pn python3-urwid pn reportbug-gtk ii xdg-utils 1.1.3-4.1 Versions of packages python3-reportbug depends on: ii apt2.2.4 ii file 1:5.39-3 ii python33.9.2-3 ii python3-apt2.2.1 ii python3-debian 0.1.39 ii python3-debianbts 3.1.0 ii python3-requests 2.25.1+dfsg-2 ii sensible-utils 0.0.14 python3-reportbug suggests no packages. -- no debconf information
Bug#1013229: wvdial: Verbose PPP debugging output cannot be enabled
Package: wvdial Version: 1.61-5 Severity: normal X-Debbugs-Cc: debbug.wvd...@sideload.33mail.com Connecting using a GSM mobile broadband USB modem succeeds but there are errors during the PPP handshake. When the “debug” option is uncommented in /etc/ppp/options as well as the “-detach” option, the ppp logging is no more verbose than without those options. They seem to take no effect. Is wvdial launching pppd in a way that interferes with parameters in /etc/ppp/options? This is the output both with and without debug info enabled: /var/log/messages: ===8<-- $timestamp $host pppd[84797]: pppd 2.4.9 started by $user, uid 0 $timestamp $host pppd[84797]: Using interface ppp0 $timestamp $host pppd[84797]: Connect: ppp0 <--> /dev/ttyUSB0 $timestamp $host pppd[84797]: LCP: timeout sending Config-Requests $timestamp $host pppd[84797]: Connection terminated. $timestamp $host pppd[84797]: Modem hangup $timestamp $host pppd[84797]: Exit. -->8=== /etc/wvdial.conf: ===8<-- [Dialer Defaults] StupidMode = 1 Modem Type = Analog Modem Baud = 460800 New PPPD = yes Modem = /dev/ttyUSB0 ISDN = 0 Init1 = ATZ Init2 = ATQ0 V1 E1 S0=0 +FCLASS=0 [Dialer Orange] Init3 = AT+CGDCONT=1,"IP","mworld.be",,0,0 Phone = *99# Mcc = 206 Mnc = 10 Username = '' Password = '' Carrier Check = off -->8=== /etc/ppp/options: ===8<-- asyncmap 0 auth crtscts lock hide-password modem debug -detach nodetach lcp-echo-interval 30 lcp-echo-failure 4 noipx -->8=== -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages wvdial depends on: ii debconf [debconf-2.0] 1.5.77 ii libc6 2.31-13 ii libgcc-s1 [libgcc1] 10.2.1-6 ii libstdc++6 10.2.1-6 ii libuniconf4.6 4.6.1-15 ii libwvstreams4.6-base4.6.1-15 ii libwvstreams4.6-extras 4.6.1-15 ii ppp 2.4.9-1+1 wvdial recommends no packages. wvdial suggests no packages. -- debconf information excluded
Bug#444714: wvdial: comments start with hash (“#”)
Package: wvdial Version: 1.61-5 Followup-For: Bug #444714 X-Debbugs-Cc: bug639...@sideload.33mail.com Indeed the README still shows semicolons to designate comments. So the README still needs to be updated. I find that the hash symbol works for comments so that’s the workaround. -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages wvdial depends on: ii debconf [debconf-2.0] 1.5.77 ii libc6 2.31-13 ii libgcc-s1 [libgcc1] 10.2.1-6 ii libstdc++6 10.2.1-6 ii libuniconf4.6 4.6.1-15 ii libwvstreams4.6-base4.6.1-15 ii libwvstreams4.6-extras 4.6.1-15 ii ppp 2.4.9-1+1 wvdial recommends no packages. wvdial suggests no packages. -- debconf information excluded
Bug#639368: ppp: confirmed verbosity problem in v. 2.4.9-1+1
Package: ppp Version: 2.4.9-1+1 Followup-For: Bug #639368 X-Debbugs-Cc: bug639...@sideload.33mail.com When the following options are supplied in /etc/ppp/options prior to running wvdial: * debug * -detach * nodetach output is normal (non-verbose). It’s unclear if this is the same bug as the 11 year old bug (639368) because the OP reports no output after the “pppd 2.4.5 started by root” line. Whereas I’m seeing a little more output but certainly not verbose. So this report was filed upstream: https://github.com/ppp-project/ppp/issues/352 -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'testing'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ppp depends on: ii libc6 2.31-13 ii libcrypt1 1:4.4.18-4 ii libpam-modules 1.4.0-9 ii libpam-runtime 1.4.0-9 ii libpam0g1.4.0-9 ii libpcap0.8 1.10.0-2 ii libssl1.1 1.1.1k-1 ii libsystemd0 247.3-6 ii procps 2:3.3.17-5 ppp recommends no packages. ppp suggests no packages. -- Configuration Files: /etc/ppp/options changed [not included] -- no debconf information
Bug#673529: slrn: signal SIGQUIT causes jnewsrc changes to be lost
Package: slrn
Version: 1.0.0~pre18-1.1
Severity: normal
Launching after previously sending a SIGQUIT reports the following:
Connected to host. Posting ok.
Checking news ...
* The autosave file of /home/user/.jnewsrc is newer than the file itself.
Do you want to restore your newsrc from the autosave version? [Y]es, No
This means slrn is not properly saving the .jnewsrc in response to:
pkill -SIGQUIT slrn
Furthermore, there is no workaround. Perhaps this reflects a second
bug. The following should theoretically automate an interactive
quit when slrn is running within a GNU screen terminal:
screen -S my_session -p $(w -hus user | grep slrn | awk '{print $3}' | cut
-d. -f2) -X stuff qy
This fails because slrn prompts for confirmation (in response to the
q), but then ignores the y that was sent immediately after the q.
-- System Information:
Debian Release: 6.0.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages slrn depends on:
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii libcanlock2 2b-6 library for creating and verifying
ii libgnutls26 2.8.6-1+squeeze2 the GNU TLS library - runtime libr
ii libslang2 2.2.2-4 The S-Lang programming library - r
ii libuu0 0.5.20-3.2 Library for decoding/encoding seve
slrn recommends no packages.
Versions of packages slrn suggests:
pn metamail none (no description available)
pn slrnpull none (no description available)
-- debconf information excluded
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#673534: reportbug: supplying an e-mail address should be optional, not required
Package: reportbug Version: 4.12.6 Severity: wishlist It's foolish to require a bug submitter to supply an email address. One who submits a bug report may or may not be interested in tracking the bug via email. And submitters may (quite rightly) be concerned about disclosure of their email address. An attempt at circumventing the problem is to use a bogus address like n...@reply.net. However, the malconfigured mail server responds inappropriately: May 19 05:32:49 local postfix/smtp[22384]: certificate verification failed for bugs-master.debian.org[140.211.15.34]:25: untrusted issuer /C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=Debian SMTP CA/emailAddress=hostmas...@puppet.debian.org and after further attempts the reply becomes: May 19 11:32:42 local postfix/smtp[2278]: C11812005FD: to=sub...@bugs.debian.org, relay=bugs-master.debian.org[140.211.15.34]:25, delay=7328, delays=7307/0.33/21/0, dsn=4.0.0, status=deferred (host bugs-master.debian.org[140.211.15.34] refused to talk to me: 421 busoni.debian.org: Too much load; please try again later) An ugly circumvention that works is to supply a genuine email address that leads back to a server that blackholes the replies. This is a poor option to be left with though, because someone else following the bug might attempt to compose a private message to the submitter. Such a message would be blackholed, and both the sender and recipient are unaware. The reportbug package may not have control over the malconfigured mail server, but it need not force entry of an email address. An email address could be internally designated for the purpose of getting reports through the mail server. In any case, users should not be required to give an email address to the reportbug client. -- Package-specific info: ** Environment settings: EDITOR=emacs INTERFACE=text ** $HOME/.reportbugrc: reportbug_version 4.12.6 mode novice ui text realname anonymous coward email marc.carter-ceqo...@cool.fr.nf -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages reportbug depends on: ii apt0.8.10.3+squeeze1 Advanced front-end for dpkg ii python 2.6.6-3+squeeze7 interactive high-level object-orie ii python-reportbug 4.12.6Python modules for interacting wit reportbug recommends no packages. Versions of packages reportbug suggests: pn debconf-utilsnone (no description available) pn debsums none (no description available) pn dlocate none (no description available) ii emacs23-bin-common 23.2+1-7The GNU Emacs editor's shared, arc ii file 5.04-5+squeeze2 Determines file type using magic ii gnupg1.4.10-4GNU privacy guard - a free PGP rep ii postfix [mail-transp 2.7.1-1+squeeze1High-performance mail transport ag ii python-gtk2 2.17.0-4Python bindings for the GTK+ widge pn python-gtkspell none (no description available) pn python-urwid none (no description available) ii python-vte 1:0.24.3-3 Python bindings for the VTE widget ii xdg-utils1.0.2+cvs20100307-2 desktop integration utilities from -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#673374: mutt: new mail falsely reported, chronically
Package: mutt Version: 1.5.20-9+squeeze2 Severity: normal This version of mutt now reports new mail on mbox files where mail was already read. The N marker is cleared upon opening a file and returning to the pager, but the marker does not stick. Entering another file marked with NEW messages immediately causes the previously read file to flip back to having an N marker. Like a game of whack-a-mole, visiting the file that was just marked as having new mail causes the previous file to falsely be marked with an N, and the cycle repeats. This is a new defect, noticed after having migrated from etch to squeeze. -- Package-specific info: Mutt 1.5.20 (2009-06-14) Copyright (C) 1996-2009 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 2.6.32-5-amd64 (x86_64) ncurses: ncurses 5.7.20100313 (compiled with 5.7) libidn: 1.15 (compiled with 1.15) hcache backend: tokyocabinet 1.4.37 Compile options: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE -ISPELL SENDMAIL=/usr/sbin/sendmail MAILPATH=/var/mail PKGDATADIR=/usr/share/mutt SYSCONFDIR=/etc EXECSHELL=/bin/sh MIXMASTER=mixmaster To contact the developers, please mail to mutt-...@mutt.org. To report a bug, please visit http://bugs.mutt.org/. misc/am-maintainer-mode misc/hg.pmdef.debugtime debian-specific/build_doc_adjustments.diff features/ifdef features/xtitles features/trash-folder features/purge-message features/sensible_browser_position features-old/patch-1.5.4.vk.pgp_verbose_mime features/compressed-folders features/compressed-folders.debian debian-specific/Muttrc debian-specific/Md.etc_mailname_gethostbyname.diff debian-specific/use_usr_bin_editor.diff debian-specific/correct_docdir_in_man_page.diff debian-specific/dont_document_not_present_features.diff debian-specific/document_debian_defaults debian-specific/assumed_charset-compat debian-specific/467432-write_bcc.patch misc/define-pgp_getkeys_command.diff misc/gpg.rc-paths misc/smime.rc upstream/533209-mutt_perror.patch upstream/533459-unmailboxes.patch upstream/533439-mbox-time.patch upstream/531430-imapuser.patch upstream/534543-imap-port.patch upstream/538128-mh-folder-access.patch upstream/537818-emptycharset.patch upstream/535096-pop-port.patch upstream/542910-search-segfault.patch upstream/533370-pgp-inline.patch upstream/533520-signature-highlight.patch upstream/393926-internal-viewer.patch upstream/543467-thread-segfault.patch upstream/544180-italian-yesorno.patch upstream/542817-smimekeys-tmpdir.patch upstream/544794-smtp-batch.patch upstream/537694-segv-imap-headers.patch upstream/548577-gpgme-1.2.patch upstream/548494-swedish-intl.patch upstream/553321-ansi-escape-segfault.patch upstream/553238-german-intl.patch upstream/557395-muttrc-crypto.patch upstream/545316-header-color.patch upstream/568295-references.patch upstream/547980-smime_keys-chaining.patch upstream/528233-readonly-open.patch upstream/228671-pipe-mime.patch upstream/383769-score-match.patch upstream/547739-manual-typos.patch upstream/311296-rand-mktemp.patch upstream/573823-imap_internal_date upstream/542344-dont_fold_From_ upstream/537061-dont-recode-saved-attachments.patch upstream/619216-gnutls-CN-validation.patch upstream/path_max misc/hyphen-as-minus.patch misc/smime_keys-manpage.patch mutt.org -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mutt depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcomerr2 1.41.12-4stable1 common error description library ii libgnutls26 2.8.6-1+squeeze2 the GNU TLS library - runtime libr ii libgpg-error0 1.6-1library for common error values an ii libgpgme11 1.2.0-1.2GPGME - GnuPG Made Easy ii libgssapi-krb5-21.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - k ii libidn111.15-2 GNU Libidn library, implementation ii libk5crypto31.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - C ii libkrb5-3
Bug#673232: mutt: state information lost and exit without commit on administrative shutdowns
Package: mutt Version: 1.5.20-9+squeeze2 Severity: wishlist When the shutdown scripts run as part of a shutdown by the administrator, users lose their changes. There is currently nothing that can be added to the shutdown scripts in /etc/init.d/ to initiate a graceful shutdown of users mutt instances. The workaround is a complex and ugly hack: Users must run mutt inside of a GNU screen session (with multi-user support compiled in), and then give permission to root to see their screen (privacy issue!). The admin then must search for which window number mutt is running in, and do a stuff ^q. That's very complex just to get a proper shutdown, and still fails to work when a user is editing a message. Mutt should not require third-party tools, complex scripting, and privacy compromises for something as basic as shutting down. Mutt should diligently shutdown properly when a SIGQUIT is received. -- Package-specific info: Mutt 1.5.20 (2009-06-14) Copyright (C) 1996-2009 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 2.6.32-5-amd64 (x86_64) ncurses: ncurses 5.7.20100313 (compiled with 5.7) libidn: 1.15 (compiled with 1.15) hcache backend: tokyocabinet 1.4.37 Compile options: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE -ISPELL SENDMAIL=/usr/sbin/sendmail MAILPATH=/var/mail PKGDATADIR=/usr/share/mutt SYSCONFDIR=/etc EXECSHELL=/bin/sh MIXMASTER=mixmaster To contact the developers, please mail to mutt-...@mutt.org. To report a bug, please visit http://bugs.mutt.org/. misc/am-maintainer-mode misc/hg.pmdef.debugtime debian-specific/build_doc_adjustments.diff features/ifdef features/xtitles features/trash-folder features/purge-message features/sensible_browser_position features-old/patch-1.5.4.vk.pgp_verbose_mime features/compressed-folders features/compressed-folders.debian debian-specific/Muttrc debian-specific/Md.etc_mailname_gethostbyname.diff debian-specific/use_usr_bin_editor.diff debian-specific/correct_docdir_in_man_page.diff debian-specific/dont_document_not_present_features.diff debian-specific/document_debian_defaults debian-specific/assumed_charset-compat debian-specific/467432-write_bcc.patch misc/define-pgp_getkeys_command.diff misc/gpg.rc-paths misc/smime.rc upstream/533209-mutt_perror.patch upstream/533459-unmailboxes.patch upstream/533439-mbox-time.patch upstream/531430-imapuser.patch upstream/534543-imap-port.patch upstream/538128-mh-folder-access.patch upstream/537818-emptycharset.patch upstream/535096-pop-port.patch upstream/542910-search-segfault.patch upstream/533370-pgp-inline.patch upstream/533520-signature-highlight.patch upstream/393926-internal-viewer.patch upstream/543467-thread-segfault.patch upstream/544180-italian-yesorno.patch upstream/542817-smimekeys-tmpdir.patch upstream/544794-smtp-batch.patch upstream/537694-segv-imap-headers.patch upstream/548577-gpgme-1.2.patch upstream/548494-swedish-intl.patch upstream/553321-ansi-escape-segfault.patch upstream/553238-german-intl.patch upstream/557395-muttrc-crypto.patch upstream/545316-header-color.patch upstream/568295-references.patch upstream/547980-smime_keys-chaining.patch upstream/528233-readonly-open.patch upstream/228671-pipe-mime.patch upstream/383769-score-match.patch upstream/547739-manual-typos.patch upstream/311296-rand-mktemp.patch upstream/573823-imap_internal_date upstream/542344-dont_fold_From_ upstream/537061-dont-recode-saved-attachments.patch upstream/619216-gnutls-CN-validation.patch upstream/path_max misc/hyphen-as-minus.patch misc/smime_keys-manpage.patch mutt.org -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mutt depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcomerr2 1.41.12-4stable1 common error description library ii libgnutls26 2.8.6-1+squeeze2 the GNU TLS library - runtime libr ii libgpg-error0 1.6-1library for common error values an ii libgpgme11
Bug#672794: bash: quoting breaks when single quotes are used inside of double quotes, and placed next to an asterisk
Package: bash
Version: 4.1-3
Severity: normal
This command works:
duplicity full -vinfo --dry-run --no-encryption --include /etc/resolv.conf
--exclude '**' /etc/ file:///tmp/
but when quoting is used to store the exclude option inside a
variable, the variable does not render properly. There are several
syntactically correct ways to do this, but bash fails to handle all of
them:
options=--exclude '**'
options=--exclude '\*\*\'
options=--exclude\ \'\*\*\'
options=--exclude **
options=--exclude \'**\'
duplicity full -vinfo --dry-run --no-encryption --include /etc/resolv.conf
${options} /etc/ file:///tmp/
-- System Information:
Debian Release: 6.0.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages bash depends on:
ii base-files6.0squeeze5Debian base system miscellaneous f
ii dash 0.5.5.1-7.4POSIX-compliant shell
ii debianutils 3.4Miscellaneous utilities specific t
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii libncurses5 5.7+20100313-5 shared libraries for terminal hand
Versions of packages bash recommends:
ii bash-completion 1:1.2-3programmable completion for the ba
Versions of packages bash suggests:
pn bash-doc none (no description available)
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672609: slrn: The server option fails if protocol and port are omitted, causing the wrong .jnewsrc file to load
Package: slrn Version: 1.0.0~pre18-1.1 Severity: minor If the configuration file has this option: server nntp.aioe.org .jnewsrc-aioe it should use the .jnewsrc-aioe file whenever that server is accessed. However, if the server is set as: export NNTPSERVER=snews://nntp.aioe.org:563; slrn fails to parse the hostname of the server, and thus fails to use .jnewsrc-aioe. Instead, slrn tries to use .jnewsrc. Workaround: The workaround is ugly. All combinations of URLs must be fully specified, e.g. server nntp.aioe.org .jnewsrc-aioe server news://nntp.aioe.org; .jnewsrc-aioe server snews://nntp.aioe.org:119; .jnewsrc-aioe server news://nntp.aioe.org:119; .jnewsrc-aioe server snews://nntp.aioe.org:563; .jnewsrc-aioe server snews://nntp.aioe.org:443; .jnewsrc-aioe server snews://nntp.aioe.org:22; .jnewsrc-aioe server snews://nntp.aioe.org:80; .jnewsrc-aioe server news://nntp.aioe.org:80; .jnewsrc-aioe server news.aioe.org .jnewsrc-aioe server news://news.aioe.org; .jnewsrc-aioe server news://news.aioe.org:119; .jnewsrc-aioe server snews://news.aioe.org:119; .jnewsrc-aioe server snews://news.aioe.org:563; .jnewsrc-aioe ... -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages slrn depends on: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcanlock2 2b-6 library for creating and verifying ii libgnutls26 2.8.6-1+squeeze2 the GNU TLS library - runtime libr ii libslang2 2.2.2-4 The S-Lang programming library - r ii libuu0 0.5.20-3.2 Library for decoding/encoding seve slrn recommends no packages. Versions of packages slrn suggests: pn metamail none (no description available) pn slrnpull none (no description available) -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#671606: texlive-full: invoice package missing
Package: texlive-full Version: 2009-11 Severity: normal The invoice package is supposed to be included in texlive according to this documentation: http://www.math.washington.edu/tex-archive/help/Catalogue/entries/invoice.html It has been included in the past, but suddenly it is missing. This file is expected to exist: /usr/share/texmf-texlive/tex/latex/invoice/invoice.sty Someone else has the same problem, and wrote about it here: http://tex.stackexchange.com/questions/47012/ctan-package-invoice-on-texlive-debian-ubuntu -- Package-specific info: If you report an error when running one of the TeX-related binaries (latex, pdftex, metafont,...), or if the bug is related to bad or wrong output, please include a MINIMAL example input file that produces the error in your report. Please run your example with (pdf)latex -recorder ... (or any other program that supports -recorder) and send us the generated file with the extension .fls, it lists all the files loaded during the run and can easily explain problems induced by outdated files in your home directory. Don't forget to also include minimal examples of other files that are needed, e.g. bibtex databases. Often it also helps to include the logfile. Please, never send included pictures! If your example file isn't short or produces more than one page of output (except when multiple pages are needed to show the problem), you can probably minimize it further. Instructions on how to do that can be found at http://www.latex-einfuehrung.de/mini-en.html (english) or http://www.latex-einfuehrung.de/mini.html (german) ## minimal input file ## other files ## List of ls-R files -rw-r--r-- 1 root root 1661 Apr 9 17:19 /var/lib/texmf/ls-R -rw-rw-r-- 1 root staff 80 Apr 9 17:18 /usr/local/share/texmf/ls-R lrwxrwxrwx 1 root root 29 Apr 9 17:09 /usr/share/texmf/ls-R - /var/lib/texmf/ls-R-TEXMFMAIN lrwxrwxrwx 1 root root 27 Apr 9 17:09 /usr/share/texmf-texlive/ls-R - /var/lib/texmf/ls-R-TEXLIVE lrwxrwxrwx 1 root root 27 Apr 9 17:09 /usr/share/texmf-texlive/ls-R - /var/lib/texmf/ls-R-TEXLIVE ## Config files lrwxrwxrwx 1 root root 20 Apr 9 17:09 /usr/share/texmf/web2c/texmf.cnf - /etc/texmf/texmf.cnf -rw-r--r-- 1 root root 9836 Apr 9 17:19 /var/lib/texmf/web2c/fmtutil.cnf -rw-r--r-- 1 root root 23933 Apr 9 17:19 /var/lib/texmf/web2c/updmap.cfg -rw-r--r-- 1 root root 15119 Apr 9 17:19 /var/lib/texmf/tex/generic/config/language.dat ## Files in /etc/texmf/web2c/ total 4 -rw-r--r-- 1 root root 283 Feb 18 2011 mktex.cnf ## md5sums of texmf.d 3875bf0f4a53a29b7f247399dc9833e2 /etc/texmf/texmf.d/05TeXMF.cnf 6e82a3d4c00ae7e4f86aa8dcf9438cf3 /etc/texmf/texmf.d/15Plain.cnf c60a084820a0b73e3bfbf2e90bda437c /etc/texmf/texmf.d/45TeXinputs.cnf ea33127256c6a9f37145ae5b16fdb80c /etc/texmf/texmf.d/55Fonts.cnf afccf1d3f87057411166a77c58e00bd1 /etc/texmf/texmf.d/65BibTeX.cnf 9da7c1c7b1eaf06f941af91f48a23068 /etc/texmf/texmf.d/75DviPS.cnf 7ae52efac46feb97010986e57877d12e /etc/texmf/texmf.d/80DVIPDFMx.cnf 055e06548bac99958d8ab2dd1248f2b4 /etc/texmf/texmf.d/80tex4ht.cnf 37329819f1109e8a457e64b8b58fecdb /etc/texmf/texmf.d/85Misc.cnf a8952d594677235951d447665ec46e9c /etc/texmf/texmf.d/90TeXDoc.cnf 402d5adb3864c09ed3cd80c0f2131361 /etc/texmf/texmf.d/95NonPath.cnf -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages texlive-full depends on: ii cm-super 0.3.4-3TeX font package (full version) wi ii context 2009.11.26-2 powerful TeX format ii feynmf1.08-6 set of LaTeX macros for creating F ii fragmaster1.3-1 use of psfrag constructs with pdfl ii info 4.13a.dfsg.1-6 Standalone GNU Info documentation ii latex-beamer 3.07-2 LaTeX class to produce presentatio ii latex-xcolor 2.11-1 Easy driver-independent TeX class ii latexmk 1:4.13a-1 Perl script for running LaTeX the ii pgf 2.00-1 TeX Portable Graphic Format ii psutils 1.17-27A collection of PostScript documen ii t1utils 1.36-1 Collection of simple Type 1 font m ii texinfo 4.13a.dfsg.1-6 Documentation system for on-line i ii texlive-base 2009-11TeX Live: Essential programs and f ii texlive-bibtex-extra 2009-10TeX Live: Extra BibTeX styles ii texlive-binaries 2009-8 Binaries
Bug#671624: texlive-full: graphicx package no longer works with invoice package
Package: texlive-full
Version: 2009-11
Severity: normal
When graphicx.sty and invoice.sty are both used by the same document, this
error results:
...
(/usr/share/texmf-texlive/tex/latex/invoice/invoice.def))
(/usr/share/texmf-texlive/tex/latex/graphics/graphicx.sty
! LaTeX Error: Missing \begin{document}.
See the LaTeX manual or LaTeX Companion for explanation.
Type H return for immediate help.
...
l.17 \NeedsTeXFormat{LaTeX2e}[
1995/12/01]
This used to work on etch, but broke on squeeze. Here is my sample
document to reproduce the problem:
\documentclass{minimal}
\usepackage{invoice}
\RequirePackage{graphicx}
\begin{document}
text
\end{document}
The graphicx.sty is part of the texlive-full installation. The
invoice.sty package *should* be part of the texlive-full installation,
but it is missing from texlive-full (this is reported as a separate
bug). The version of invoice.sty used to reproduce the
above-mentioned bug is found here:
http://www.math.washington.edu/tex-archive/help/Catalogue/entries/invoice.html
-- Package-specific info:
If you report an error when running one of the TeX-related binaries
(latex, pdftex, metafont,...), or if the bug is related to bad or wrong
output, please include a MINIMAL example input file that produces the
error in your report.
Please run your example with
(pdf)latex -recorder ...
(or any other program that supports -recorder) and send us the generated
file with the extension .fls, it lists all the files loaded during
the run and can easily explain problems induced by outdated files in
your home directory.
Don't forget to also include minimal examples of other files that are
needed, e.g. bibtex databases. Often it also helps
to include the logfile. Please, never send included pictures!
If your example file isn't short or produces more than one page of
output (except when multiple pages are needed to show the problem),
you can probably minimize it further. Instructions on how to do that
can be found at
http://www.latex-einfuehrung.de/mini-en.html (english)
or
http://www.latex-einfuehrung.de/mini.html (german)
##
minimal input file
##
other files
##
List of ls-R files
-rw-r--r-- 1 root root 1661 May 5 12:45 /var/lib/texmf/ls-R
-rw-rw-r-- 1 root staff 80 May 5 12:45 /usr/local/share/texmf/ls-R
lrwxrwxrwx 1 root root 29 Apr 9 17:09 /usr/share/texmf/ls-R -
/var/lib/texmf/ls-R-TEXMFMAIN
lrwxrwxrwx 1 root root 27 Apr 9 17:09 /usr/share/texmf-texlive/ls-R -
/var/lib/texmf/ls-R-TEXLIVE
lrwxrwxrwx 1 root root 27 Apr 9 17:09 /usr/share/texmf-texlive/ls-R -
/var/lib/texmf/ls-R-TEXLIVE
##
Config files
lrwxrwxrwx 1 root root 20 Apr 9 17:09 /usr/share/texmf/web2c/texmf.cnf -
/etc/texmf/texmf.cnf
-rw-r--r-- 1 root root 9836 Apr 9 17:19 /var/lib/texmf/web2c/fmtutil.cnf
-rw-r--r-- 1 root root 23933 Apr 9 17:19 /var/lib/texmf/web2c/updmap.cfg
-rw-r--r-- 1 root root 15119 Apr 9 17:19
/var/lib/texmf/tex/generic/config/language.dat
##
Files in /etc/texmf/web2c/
total 4
-rw-r--r-- 1 root root 283 Feb 18 2011 mktex.cnf
##
md5sums of texmf.d
3875bf0f4a53a29b7f247399dc9833e2 /etc/texmf/texmf.d/05TeXMF.cnf
6e82a3d4c00ae7e4f86aa8dcf9438cf3 /etc/texmf/texmf.d/15Plain.cnf
c60a084820a0b73e3bfbf2e90bda437c /etc/texmf/texmf.d/45TeXinputs.cnf
ea33127256c6a9f37145ae5b16fdb80c /etc/texmf/texmf.d/55Fonts.cnf
afccf1d3f87057411166a77c58e00bd1 /etc/texmf/texmf.d/65BibTeX.cnf
9da7c1c7b1eaf06f941af91f48a23068 /etc/texmf/texmf.d/75DviPS.cnf
7ae52efac46feb97010986e57877d12e /etc/texmf/texmf.d/80DVIPDFMx.cnf
055e06548bac99958d8ab2dd1248f2b4 /etc/texmf/texmf.d/80tex4ht.cnf
37329819f1109e8a457e64b8b58fecdb /etc/texmf/texmf.d/85Misc.cnf
a8952d594677235951d447665ec46e9c /etc/texmf/texmf.d/90TeXDoc.cnf
402d5adb3864c09ed3cd80c0f2131361 /etc/texmf/texmf.d/95NonPath.cnf
-- System Information:
Debian Release: 6.0.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages texlive-full depends on:
ii cm-super 0.3.4-3TeX font package (full version) wi
ii context 2009.11.26-2 powerful TeX format
ii feynmf1.08-6 set of LaTeX macros for creating F
ii fragmaster1.3-1 use of psfrag constructs with pdfl
ii info 4.13a.dfsg.1-6 Standalone GNU Info documentation
ii latex-beamer 3.07-2 LaTeX class to produce presentatio
ii latex-xcolor 2.11-1 Easy driver-independent TeX class
ii latexmk 1:4.13a-1
Bug#669208: boinc-client: Upstart issues
Package: boinc-client Version: 7.0.24+dfsg-1 Followup-For: Bug #669208 Hello, I'm not familiar with Debian's policies and goals but I think the main problem is not the point at which boinc-client starts automatically but that this point is not configurable by the user. How about simply picking a sensible default automatically (like start BOINC after the graphics card is initialized if a GUI is installed and at a lower runlevel if not) and letting users configure their system otherwise if they want to? It's great if you're able to make the init script more clever but please keep it configurable! And please don't introduce regressions for people who have no graphics cards, no GUI or more generally who have systems which are different from yours. If you're saying that Upstart in its current form is designed to make it impossible for users to choose runlevels for their services... well that would a bug with Upstart in my opinion. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#671068: iceweasel: Contradicting SSL status reports (favicon lies)
Package: iceweasel
Version: 3.5.16-14
Severity: normal
When visiting https://www.linuxquestions.org, the padlock icon is (rightly)
closed, with a bang and a warning about some content being unauthenticated (as
it should). However, when clicking the favicon, the statement Your connection
to this web site is not encrypted. This is entire contradictory. It should
say that the connection is *partially* encrypted.
This bug may already be fixed in newer versions of firefox.
-- Package-specific info:
-- Extensions information
Name: Default
Location: /usr/lib/iceweasel/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}
Package: iceweasel
Status: enabled
Name: HTTPS-Everywhere
Location: ${PROFILE_EXTENSIONS}/https-everywh...@eff.org
Status: enabled
-- Plugins information
Name: DivX® Web Player
Location: /usr/lib/mozilla/plugins/libtotem-mully-plugin.so
Package: totem-mozilla
Status: enabled
Name: QuickTime Plug-in 7.6.6
Location: /usr/lib/mozilla/plugins/libtotem-narrowspace-plugin.so
Package: totem-mozilla
Status: enabled
Name: Shockwave Flash
Location: /usr/lib/gnash/libgnashplugin.so
Package: browser-plugin-gnash
Status: enabled
Name: VLC Multimedia Plugin (compatible Totem 2.30.2)
Location: /usr/lib/mozilla/plugins/libtotem-cone-plugin.so
Package: totem-mozilla
Status: enabled
Name: Windows Media Player Plug-in 10 (compatible; Totem)
Location: /usr/lib/mozilla/plugins/libtotem-gmp-plugin.so
Package: totem-mozilla
Status: enabled
Name: iTunes Application Detector
Location: /usr/lib/mozilla/plugins/librhythmbox-itms-detection-plugin.so
Package: rhythmbox-plugins
Status: enabled
-- Addons package information
ii browser-plugin 0.8.8-5+squeez GNU Shockwave Flash (SWF) player - Plugin fo
ii iceweasel 3.5.16-14 Web browser based on Firefox
ii rhythmbox-plug 0.12.8-3 plugins for rhythmbox music player
ii totem-mozilla 2.30.2-6 Totem Mozilla plugin
-- System Information:
Debian Release: 6.0.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages iceweasel depends on:
ii debianutils 3.4 Miscellaneous utilities specific t
ii fontconfig 2.8.0-2.1 generic font configuration library
ii libc62.11.3-3Embedded GNU C Library: Shared lib
ii libglib2.0-0 2.24.2-1The GLib library of C routines
ii libgtk2.0-0 2.20.1-2The GTK+ graphical user interface
ii libnspr4-0d 4.8.6-1 NetScape Portable Runtime Library
ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3
ii procps 1:3.2.8-9 /proc file system utilities
ii xulrunner-1.9.1 1.9.1.16-14 XUL + XPCOM application runner
iceweasel recommends no packages.
Versions of packages iceweasel suggests:
ii libgssapi-krb5-21.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - k
pn mozplugger none (no description available)
ii ttf-lyx 1.6.7-1 TrueType versions of some TeX font
pn ttf-mathematica4.1 none (no description available)
ii xfonts-mathml 4Type1 Symbol font for MathML
pn xprint none (no description available)
Versions of packages xulrunner-1.9.1 depends on:
ii libasound21.0.23-2.1 shared library for ALSA applicatio
ii libatk1.0-0 1.30.0-1 The ATK accessibility toolkit
ii libbz2-1.01.0.5-6+squeeze1 high-quality block-sorting file co
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii libcairo2 1.8.10-6 The Cairo 2D vector graphics libra
ii libdbus-1-3 1.2.24-4+squeeze1 simple interprocess messaging syst
ii libfontconfig12.8.0-2.1 generic font configuration library
ii libfreetype6 2.4.2-2.1+squeeze4 FreeType 2 font engine, shared lib
ii libgcc1 1:4.4.5-8 GCC support library
ii libglib2.0-0 2.24.2-1 The GLib library of C routines
ii libgtk2.0-0 2.20.1-2 The GTK+ graphical user interface
ii libhunspell-1.2-0 1.2.11-1 spell checker and morphological an
ii libjpeg62 6b1-1 The Independent JPEG Group's JPEG
ii libmozjs2d1.9.1.16-14The Mozilla SpiderMonkey JavaScrip
ii libnspr4-0d 4.8.6-1NetScape Portable Runtime Library
ii libnss3-1d3.12.8-1+squeeze4 Network Security Service libraries
ii libpango1.0-0 1.28.3-1+squeeze2 Layout and rendering of internatio
ii libpng12-01.2.44-1+squeeze4 PNG library - runtime
ii libreadline6 6.1-3 GNU readline and
Bug#670712: rtorrent: Ratio loss
Package: rtorrent Version: 0.8.6-1 Severity: minor Sometimes rtorrent loses the ratio across restarts. Seems random. After a shutdown and restart, the ratio will be 0.0 on some torrents that had a higher ratio. This ratio reset does not impact all torrents at once -- the ratio is preserved for some torrents. -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages rtorrent depends on: ii libc62.11.3-3Embedded GNU C Library: Shared lib ii libcurl3 7.21.0-2.1+squeeze2 Multi-protocol file transfer libra ii libgcc1 1:4.4.5-8 GCC support library ii libncursesw5 5.7+20100313-5 shared libraries for terminal hand ii libsigc++-2.0-0c2a 2.2.4.2-1 type-safe Signal Framework for C++ ii libssl0.9.8 0.9.8o-4squeeze7SSL shared libraries ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3 ii libtorrent11 0.12.6-2a C++ BitTorrent library by Raksha ii libxmlrpc-c3 1.06.27-1.1 A lightweight RPC library based on rtorrent recommends no packages. Versions of packages rtorrent suggests: ii screen4.0.3-14 terminal multiplexor with VT100/AN -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#669208: boinc-client: update-rc.d fails to change boinc-client's runlevels
Package: boinc-client Version: 7.0.24+dfsg-1 Severity: normal Dear Maintainer, update-rc.d refuses to make boinc-client start automatically at boot and I can see no way to bypass those warnings: ~# update-rc.d boinc-client defaults update-rc.d: using dependency based boot sequencing update-rc.d: warning: boinc-client start runlevel arguments (2 3 4 5) do not match LSB Default-Start values (4 5) update-rc.d: warning: boinc-client stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (0 1 2 3 6) The issue is documented here but no fix is proposed to users: http://piuparts.debian.org/sid/initdscript_lsb_header_issue.html So I've resorting to doing this manually without any guidance from any documentation: ~# mv /etc/rc3.d/K01boinc-client /etc/rc3.d/S20boinc-client ~# mv /etc/rc2.d/K01boinc-client /etc/rc2.d/S20boinc-client In my opinion, that's not an acceptable state of affairs. In my opinion, that's a bug with update-rc.d since I think users should be allowed to change their services' runlevels regardless of LSB issues. But the opinion on IRC seems to be that it's a boinc-client issue... -- Package-specific info: -- Contents of /etc/default/boinc-client: # This file is /etc/default/boinc-client, it is a configuration file for the # /etc/init.d/boinc-client init script. # Set this to 1 to enable and to 0 to disable the init script. ENABLED=1 # Set this to 1 to enable advanced scheduling of the BOINC core client and # all its sub-processes (reduces the impact of BOINC on the system's # performance). SCHEDULE=1 # The BOINC core client will be started with the permissions of this user. BOINC_USER=boinc # This is the data directory of the BOINC core client. BOINC_DIR=/var/lib/boinc-client # This is the location of the BOINC core client, that the init script uses. # If you do not want to use the client program provided by the boinc-client # package, you can specify here an alternative client program. #BOINC_CLIENT=/usr/local/bin/boinc BOINC_CLIENT=/usr/bin/boinc # Here you can specify additional options to pass to the BOINC core client. # Type 'boinc --help' or 'man boinc' for a full summary of allowed options. #BOINC_OPTS=--allow_remote_gui_rpc BOINC_OPTS= -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages boinc-client depends on: ii adduser3.113+nmu1 ii ca-certificates20120212 ii debconf [debconf-2.0] 1.5.42 ii libc6 2.13-27 ii libcurl3 7.25.0-1 ii libgcc11:4.7.0-1 ii libssl1.0.01.0.1-4 ii libstdc++6 4.7.0-1 ii libx11-6 2:1.4.4-4 ii libxss11:1.2.1-2 ii python 2.7.2-10 ii zlib1g 1:1.2.6.dfsg-2 Versions of packages boinc-client recommends: ii ia32-libs 20120102 Versions of packages boinc-client suggests: pn boinc-app-seti none pn boinc-manager none pn libcuda1 none pn libcuda1-ia32 none pn x11-xserver-utils none -- Configuration Files: /etc/boinc-client/gui_rpc_auth.cfg [Errno 13] Permission denied: u'/etc/boinc-client/gui_rpc_auth.cfg' -- debconf information: boinc-client/remove_boinc_dir: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#668879: gnome-desktop-environment: annoying popup nags appear when mouse battery has 14% energy remaining
Package: gnome-desktop-environment Version: 1:2.30+7 Severity: wishlist There is already an icon in the tray showing power level. Even when the power level is evident in that icon, there is still a disurbing popup nag to give redundant information. The preferences give no way to disable this annoying alert. I'm going to go out on a limb and say Linux users don't like popups. Please disable this. In the odd case where a user actually wants these kinds of popups, they should need to proactively turn them on in the settings. -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gnome-desktop-environment depends on: ii alacarte 0.13.2-1 easy GNOME menu editing tool ii baobab 2.30.0-2 GNOME disk usage analyzer ii brasero2.30.3-2 CD/DVD burning application for GNO ii cheese 2.30.1-2 A tool to take pictures and videos ii deskbar-applet 2.32.0-1 universal search and navigation ba ii ekiga 3.2.7-2 H.323 and SIP compatible VoIP clie ii empathy2.30.3-1 GNOME multi-protocol chat and call ii gcalctool 5.30.2-2 GNOME desktop calculator ii gconf-editor 2.30.0-2 An editor for the GConf configurat ii gdm3 [fast-user-switch 2.30.5-6squeeze4 Next generation GNOME Display Mana ii gksu 2.0.2-5 graphical frontend to su ii gnome-backgrounds 2.32.0-1 a set of backgrounds packaged with ii gnome-bluetooth2.30.0-2 GNOME Bluetooth tools ii gnome-core 1:2.30+7 The GNOME Desktop Environment -- e ii gnome-dictionary 2.30.0-2 GNOME dictionary application ii gnome-media2.30.0-1 GNOME media utilities ii gnome-netstatus-applet 2.28.1-1 Network status applet for GNOME ii gnome-nettool 2.30.0-3 network information tool for GNOME ii gnome-screenshot 2.30.0-2 screenshot application for GNOME ii gnome-search-tool 2.30.0-2 GNOME tool to search files ii gnome-system-log 2.30.0-2 system log viewer for GNOME ii gnome-system-monitor 2.28.1-1 Process viewer and system resource ii gnome-system-tools 2.30.2-2 Cross-platform configuration utili ii gnome-user-share 2.30.1-1 User level public file sharing via ii gstreamer0.10-tools0.10.30-1 Tools for use with GStreamer ii gucharmap 1:2.30.3-1Unicode character picker and font ii gvfs-bin 1.6.4-3 userspace virtual filesystem - bin ii hamster-applet 2.30.2-3 time tracking applet for GNOME ii libgnome2-perl 1.042-2 Perl interface to the GNOME librar ii nautilus-sendto2.28.4-2+b1 integrates Evolution and Pidgin in ii remmina0.8.3-1 remote desktop client for GNOME de ii seahorse 2.30.1-2 GNOME front end for GnuPG ii seahorse-plugins 2.30.1-3 seahorse plugins and utilities for ii sound-juicer 2.28.2-3 GNOME CD Ripper ii totem-plugins 2.30.2-6 Plugins for the Totem media player ii vino 2.28.2-2+squeeze1 VNC server for GNOME ii xdg-user-dirs-gtk 0.8-1 tool to manage well known user dir ii zenity 2.30.0-1 Display graphical dialog boxes fro Versions of packages gnome-desktop-environment recommends: ii gnome-accessibility 1:2.30+7 The GNOME desktop environment -- a ii gnome-games 1:2.30.2-2 games for the GNOME desktop Versions of packages gnome-desktop-environment suggests: pn gnome-dbg none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#668807: No recipients specified. erroneously reported when mutt is used from the commandline
Package: mutt Version: 1.5.20-9+squeeze2 Severity: normal Sending messages from the commandline has been recently broken (this worked in previous versions). Example: mutt -a $HOME/.bashrc -s trying to send a file mym...@email.com simply sending a file No recipients specified. In that example, the $HOME/.bashrc is specified to attach, but any file will cause the erroneous error message claiming No recipients specified. -- Package-specific info: Mutt 1.5.20 (2009-06-14) Copyright (C) 1996-2009 Michael R. Elkins and others. Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. Mutt is free software, and you are welcome to redistribute it under certain conditions; type `mutt -vv' for details. System: Linux 2.6.32-5-amd64 (x86_64) ncurses: ncurses 5.7.20100313 (compiled with 5.7) libidn: 1.15 (compiled with 1.15) hcache backend: tokyocabinet 1.4.37 Compile options: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE -ISPELL SENDMAIL=/usr/sbin/sendmail MAILPATH=/var/mail PKGDATADIR=/usr/share/mutt SYSCONFDIR=/etc EXECSHELL=/bin/sh MIXMASTER=mixmaster To contact the developers, please mail to mutt-...@mutt.org. To report a bug, please visit http://bugs.mutt.org/. misc/am-maintainer-mode misc/hg.pmdef.debugtime debian-specific/build_doc_adjustments.diff features/ifdef features/xtitles features/trash-folder features/purge-message features/sensible_browser_position features-old/patch-1.5.4.vk.pgp_verbose_mime features/compressed-folders features/compressed-folders.debian debian-specific/Muttrc debian-specific/Md.etc_mailname_gethostbyname.diff debian-specific/use_usr_bin_editor.diff debian-specific/correct_docdir_in_man_page.diff debian-specific/dont_document_not_present_features.diff debian-specific/document_debian_defaults debian-specific/assumed_charset-compat debian-specific/467432-write_bcc.patch misc/define-pgp_getkeys_command.diff misc/gpg.rc-paths misc/smime.rc upstream/533209-mutt_perror.patch upstream/533459-unmailboxes.patch upstream/533439-mbox-time.patch upstream/531430-imapuser.patch upstream/534543-imap-port.patch upstream/538128-mh-folder-access.patch upstream/537818-emptycharset.patch upstream/535096-pop-port.patch upstream/542910-search-segfault.patch upstream/533370-pgp-inline.patch upstream/533520-signature-highlight.patch upstream/393926-internal-viewer.patch upstream/543467-thread-segfault.patch upstream/544180-italian-yesorno.patch upstream/542817-smimekeys-tmpdir.patch upstream/544794-smtp-batch.patch upstream/537694-segv-imap-headers.patch upstream/548577-gpgme-1.2.patch upstream/548494-swedish-intl.patch upstream/553321-ansi-escape-segfault.patch upstream/553238-german-intl.patch upstream/557395-muttrc-crypto.patch upstream/545316-header-color.patch upstream/568295-references.patch upstream/547980-smime_keys-chaining.patch upstream/528233-readonly-open.patch upstream/228671-pipe-mime.patch upstream/383769-score-match.patch upstream/547739-manual-typos.patch upstream/311296-rand-mktemp.patch upstream/573823-imap_internal_date upstream/542344-dont_fold_From_ upstream/537061-dont-recode-saved-attachments.patch upstream/619216-gnutls-CN-validation.patch upstream/path_max misc/hyphen-as-minus.patch misc/smime_keys-manpage.patch mutt.org -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mutt depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcomerr2 1.41.12-4stable1 common error description library ii libgnutls26 2.8.6-1+squeeze2 the GNU TLS library - runtime libr ii libgpg-error0 1.6-1library for common error values an ii libgpgme11 1.2.0-1.2GPGME - GnuPG Made Easy ii libgssapi-krb5-21.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - k ii libidn111.15-2 GNU Libidn library, implementation ii libk5crypto31.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - C ii libkrb5-3 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries ii libncursesw55.7+20100313-5 shared libraries for terminal hand ii libsasl2-2 2.1.23.dfsg1-7
Bug#668152: multitail: Rubber width feature does not work (it's documented, but use is denied)
Package: multitail Version: 5.2.2-2 Severity: normal The documentation states that width of one column can be omitted, as one would expect, to assign whatever width is available to that column. Documented examples suggest that syntax like the following would work: $ multitail -sw 100, -R 15 -l ls -R 45 -l ls but this results in: --*- multitail 5.2.2 (C) 2003-2007 by folk...@vanheusden.com -*-- A problem occured at line 279 in function argv_set_window_widths (from file cmdline.c): You have to give the width for each window or set it to 0 (=auto width). Binary build at Dec 10 2009 22:50:55 The error states that a zero is needed. Fair enough, but that fails as well: $ multitail -sw 100,0 -R 15 -l ls -R 45 -l ls --*- multitail 5.2.2 (C) 2003-2007 by folk...@vanheusden.com -*-- A problem occured at line 907 in function get_value_arg (from file utils.c): Value for -sw must be 0. Binary build at Dec 10 2009 22:50:55 So to continue the experiment, I try complying with the constraint above: $ multitail -sw 100,1 -R 15 -l ls -R 45 -l ls --*- multitail 5.2.2 (C) 2003-2007 by folk...@vanheusden.com -*-- A problem occured at line 272 in function argv_set_window_widths (from file cmdline.c): The width of a column must be 4 or greater (or '0' for automatic size). Binary build at Dec 10 2009 22:50:55 The constraint is moving, like a carrot to a donkey. When I try 4: $ multitail -sw 100,4 -R 15 -l ls -R 45 -l ls it renders, but with the wrong geometry. The right column is much wider than 4, consuming over 1/4th of the width available on the screen. This occurs in both gnome-terminal and xterm, with and without gnu screen. -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages multitail depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libncurses5 5.7+20100313-5 shared libraries for terminal hand multitail recommends no packages. multitail suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#668094: multitail: segmentation fault when showing a file in one window and a program output in the other window
Package: multitail Version: 5.2.2-2 Severity: normal The following multitail command worked previously on debian etch, but occured after installing debian squeeze along with the corresponding multitail version. multitail -sw 120,80 -i file.txt -R 45 -l 'ls -1tr $(ls -d1tr $HOME|tail -n 1)/*|tail -n 50|while read f;do sed -ne s/^[[:blank:]]*Folder:.//p $f|tail -n 1;done|cut -f1 -d | uniq' Note that it does not matter what's in the file.txt file, and it does not matter what folder is listed (I used $HOME in the example above). The segfault is very reproduceable -- happens every time. -- System Information: Debian Release: 6.0.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages multitail depends on: ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libncurses5 5.7+20100313-5 shared libraries for terminal hand multitail recommends no packages. multitail suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
