On Sun, Nov 13, 2022 at 05:46:00PM +0100, Marco d'Itri wrote:
> On Nov 13, Robie Basak wrote:
>
> > This seems inconsistent to me. Where is the expectation that TMPDIR must
> > be unset if dropping privileges coming from? Obviously for users of
> Where is the expectatio
On Sun, Nov 13, 2022 at 04:16:29PM +0100, Marco d'Itri wrote:
> And I think that it would be wrong to have dpkg generally unset $TMPDIR,
> because if root sets it then it would be reasonable to expect that also
> dpkg and the maintainer scripts use it (as long as they are not dropping
> privilege
On Sun, Nov 13, 2022 at 02:58:47PM +, Simon McVittie wrote:
> If the maintainer script is *dropping* privileges from root down to a
> system user, then I think the maintainer script is/should be responsible
> for doing that privilege drop in a way that works...
Agreed, but amongst various othe
On Sun, Nov 13, 2022 at 02:21:58AM +0100, Marco d'Itri wrote:
> On Nov 12, Otto Kekäläinen wrote:
>
> > Instead of manually trying to manage TMPDIR env variable in various
> > places, we should have a standardized way to run maintainer scripts in
> > clean shell sessions that have all env variabl
On Thu, Nov 10, 2022 at 10:46:55PM +, brian m. carlson wrote:
> > I think it's more wide than that: If you change UID, you need to
> > sanitise the environment. Your HOME is likely to be wrong. PATH might
> > very well be pointing at directories which are not appropriate for the
> > user you'
On Thu, Nov 10, 2022 at 05:37:53PM +0100, Tollef Fog Heen wrote:
> I think it's more wide than that: If you change UID, you need to
> sanitise the environment. Your HOME is likely to be wrong. PATH might
> very well be pointing at directories which are not appropriate for the
> user you're changi
On Thu, Nov 10, 2022 at 12:08:55PM +0100, Marco d'Itri wrote:
> > But are you in essence saying that libpam-tmpdir requires that *every
> > maintainer script* that runs things as non-root, or starts processes
> > that do that, unset TMPDIR first?
> This would not be right, because it is totally val
Thank you for the report. Adding debian-devel@ and the libpam-tmpdir
maintainer for wider discussion.
On Thu, Nov 10, 2022 at 12:54:34AM +, brian m. carlson wrote:
> On my systems, I use libpam-tmpdir, which provides each user with a
> private temporary directory owned and accessible only by t
On Thu, Dec 26, 2019 at 02:42:58PM +0900, Norbert Preining wrote:
> - check for updates of itself
> - check for updates of plugins
> - send UID, OS, program version, and the icon theme selected in the
> program to the statistic site [1]
I file serious bugs when I discover this kind of behaviour
Package: wnpp
Severity: wishlist
Owner: Robie Basak
* Package name: python-outcome
Version : 1.0.0-1
Upstream Author : Nathaniel J. Smith
* URL : https://github.com/python-trio/outcome
* License : Apache-2.0 or Expat
Programming Lang: Python
Description
Package: wnpp
Severity: wishlist
Owner: Robie Basak
* Package name: python-sniffio
Version : 1.0.0-1
Upstream Author : Nathaniel J. Smith
* URL : https://github.com/python-trio/sniffio
* License : Apache-2.0 or Expat
Programming Lang: Python
Description
Package: wnpp
Severity: wishlist
Owner: Robie Basak
* Package name: python-trustme
Version : 0.4.0
Upstream Author : Nathaniel J. Smith
* URL : https://github.com/python-trio/trustme
* License : Apache-2.0 or Expat
Programming Lang: Python
Description
On Mon, Nov 28, 2016 at 10:12:14PM +0100, Stefan Fritsch wrote:
> thank you both for the information, this sounds quite good. I will switch to
> libmariadbclient for stretch. For stretch+1, we'll see how things develop
> upstream.
Can you not use default-libmysqlclient-dev and maintain build-tim
Hi Stefan,
On Sat, Nov 26, 2016 at 11:40:34PM +0100, Stefan Fritsch wrote:
> Are the mariadb client libraries compatible with current mysql servers?
I believe this is true at the moment, though as one might reasonably
expect I believe this is "unsupported" by MySQL upstream. For us, that
probably
FTR, I answered most questions about "why not dgit?" in the thread I
just moved to vcs-pkg-discuss only[1].
For some specific questions here:
On Thu, Nov 10, 2016 at 12:31:31AM +, Ian Jackson wrote:
> dgit can work on Ubuntu too, in a readonly mode. (It would be nice to
> make `dgit push' wo
On Tue, Sep 06, 2016 at 09:00:37AM +0200, Ondřej Surý wrote:
> So again I urge you to revert the decision to introduce yet another
> change in the Build-Depends for >= 300 packages and just use the
> libmysqlclient-dev package to be the "default".
Sorry, I disagree. The situation with MariaDB need
Hi Ondřej,
On Mon, Sep 05, 2016 at 08:57:57AM +0200, Ondřej Surý wrote:
> could you elaborate a bit more why you are forcing all Build-RDeps to
> change B-D to default-libmysqlclient-dev instead of just changing the
> semantics of libmysqlclient-dev?
MySQL ships the soname libmysqlclient.so.20 (i
On Mon, Dec 21, 2015 at 03:08:51PM +0100, Julian Andres Klode wrote:
> I'll repeat this one last time for you: If A suggests B, and you
> install B in some way, you may have come to rely on the fact that A is
> extended by B on your system. Automatically removing B could thus
> cause an unexpected
Package: wnpp
Severity: wishlist
Owner: Robie Basak
* Package name: mod-authnz-persona
Version : 0.8.1
Upstream Author : Dirkjan Ochtman
* URL : https://github.com/mozilla/mod_authnz_persona
* License : Apache-2.0
Programming Lang: C
Description
Package: wnpp
Severity: wishlist
Owner: Robie Basak
* Package name: pifacedigitalio
Version : 1.1
Upstream Author : Thomas Preston
* URL : https://github.com/piface/pifacedigitalio
* License : GPL-3+
Programming Lang: Python
Description : Python
20 matches
Mail list logo
