Re: A little problem with dnf

2015-01-12 Thread Igor Gnatenko
On Mon, Jan 12, 2015 at 11:27 AM, Jan Zelený jzel...@redhat.com wrote: On 11. 1. 2015 at 20:40:56, Adrian Soliard wrote: Hi everyone! I'm struggling a bit with dnf. It may have advantages, but as an end-user, I'm fighting with the list of packages when I press TAB. It's complicated, if I

Re: Fedora tcp_wrappers (missing) support for custom acl scripts, aclexec

2015-01-12 Thread Pasi Kärkkäinen
On Mon, Jan 12, 2015 at 09:15:39AM +0100, Petr Lautrbach wrote: On 01/11/2015 09:22 PM, Pasi Kärkkäinen wrote: Hello, People who have their names in the Fedora tcp_wrappers changelog added to CC list.. Any comments about the below? Obviously aclexec feature would be useful for

[Bug 807793] Please build pcsc-perl for EPEL6

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=807793 Tomas Mraz tm...@redhat.com changed: What|Removed |Added Keywords||FutureFeature

[Bug 1181027] New: perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1181027 Bug ID: 1181027 Summary: perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail Product: Fedora Version: rawhide Component: perl-Date-Calc-XS Assignee: sven.nierl...@consol.de

[Bug 1181027] perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1181027 Petr Pisar ppi...@redhat.com changed: What|Removed |Added See Also|

[Bug 914969] Bogus dependency

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=914969 Petr Šabata psab...@redhat.com changed: What|Removed |Added Status|ON_QA |CLOSED Fixed In

[Bug 1180918] yum install perl-IO-Socket-SSL.noarch demands openssl-libs 1.0.1j-1, but we are at already at 1.0.1k-1

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1180918 --- Comment #1 from Paul Howarth p...@city-fan.org --- Your system appears to have openssl-libs 1.0.1k installed from the updates-testing repository. This is not a problem in itself, but as you do not currently have the updates-testing

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread P J P
Hello, On Sunday, 11 January 2015 2:27 PM, Peter Robinson wrote: Earlier in the discussions I was told that this is not really an issue: in production, about every server with remote access also has a KVM. Often not the case in small business or third party hosted environments. Without

[perl-MetaCPAN-Client] Update to 1.009000

2015-01-12 Thread Paul Howarth
commit e5d7e0d5a17a57e873fbd7fbb7b6ac512b7ee1c1 Author: Paul Howarth p...@city-fan.org Date: Mon Jan 12 09:25:50 2015 + Update to 1.009000 - New upstream release 1.009000 - Added support for 'fields' filtering (GH#25, CPAN RT#99499) - This release by MICKEY → update

[Bug 628655] perl segfaults when joining a thread and using perl-Tk

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=628655 Jan Pazdziora jpazdzi...@redhat.com changed: What|Removed |Added Flags|

Re: Fedora tcp_wrappers (missing) support for custom acl scripts, aclexec

2015-01-12 Thread Petr Lautrbach
On 01/11/2015 09:22 PM, Pasi Kärkkäinen wrote: Hello, People who have their names in the Fedora tcp_wrappers changelog added to CC list.. Any comments about the below? Obviously aclexec feature would be useful for all services using tcpwrappers/libwrap (ftp,telnet,tftp,ident,nfs, and

[Bug 1179566] perl-Date-Calc-6.3-17.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1179566 Petr Pisar ppi...@redhat.com changed: What|Removed |Added See Also|

Re: Plasma 5

2015-01-12 Thread Jaroslav Reznik
- Original Message - Will F22 introduce plasma5 when it rolls out? Yes, it will. KDE SIG guys are working on the Change page for Fedora 22 [1]. It will be announced soon. Jaroslav [1] http://fedoraproject.org/wiki/Changes/Plasma_5 -- Mike Chambers Madisonville, KY Best little

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Milan Keršláger
No, this is not good idea as I wrote few minutes ago because it does not improve security, it just provide feeling of better security, see: https://en.wikipedia.org/wiki/Security_through_obscurity I wonder why no-one responded like me, because this was discussed many times ago. Well maybe many

[perl-MetaCPAN-Client] Created tag perl-MetaCPAN-Client-1.009000-1.fc22

2015-01-12 Thread Paul Howarth
The lightweight tag 'perl-MetaCPAN-Client-1.009000-1.fc22' was created pointing to: e5d7e0d... Update to 1.009000 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

File MetaCPAN-Client-1.009000.tar.gz uploaded to lookaside cache by pghmcfc

2015-01-12 Thread Paul Howarth
A file has been added to the lookaside cache for perl-MetaCPAN-Client: eeccc169259c0adbe6096a9c9528ff31 MetaCPAN-Client-1.009000.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Re: A little problem with dnf

2015-01-12 Thread Jan Zelený
On 11. 1. 2015 at 20:40:56, Adrian Soliard wrote: Hi everyone! I'm struggling a bit with dnf. It may have advantages, but as an end-user, I'm fighting with the list of packages when I press TAB. It's complicated, if I forget to install a specific package, dnf wouldn't show it to me, yum do

Re: Abotu setting 'PermitRootLogin=no' in sshd_config

2015-01-12 Thread Milan Keršláger
Hello, Sshd(8) daemon by default allows remote users to login as root. 1. Is that really necessary? 2. Lot of users use their systems as root, without even creating a non-root user. Such practices need to be discouraged, not allowing remote root login could be useful in

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Hans de Goede
Hi, On 08-01-15 13:59, Hans de Goede wrote: Hi, On 08-01-15 13:31, Jaroslav Reznik wrote: - Original Message - = Proposed System Wide Change: Change xorg input stack to use libinput = https://fedoraproject.org/wiki/Changes/LibinputForXorg Change owner(s): Hans de Goede

rawhide report: 20150112 changes

2015-01-12 Thread Fedora Rawhide Report
Compose started at Mon Jan 12 05:15:08 UTC 2015 Broken deps for i386 -- [Sprog] Sprog-0.14-27.fc20.noarch requires perl(:MODULE_COMPAT_5.18.0) [aeskulap] aeskulap-0.2.2-0.19beta1.fc22.i686 requires libofstd.so.3.6

[perl-File-RsyncP/el6] 0.72 bump; fix stalled transfers (#1177212)

2015-01-12 Thread Petr Šabata
commit 6c7ec585ee36dcc97e07b4116b54a0e0694929b4 Author: Petr Šabata con...@redhat.com Date: Mon Jan 12 14:23:44 2015 +0100 0.72 bump; fix stalled transfers (#1177212) - Sanitize the SPEC somewhat .gitignore|1 + perl-File-RsyncP.spec | 47

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Reindl Harald
Am 12.01.2015 um 14:26 schrieb Richard Hughes: On 12 January 2015 at 12:48, Josh Boyer jwbo...@fedoraproject.org wrote: There's Workstation, which is actually looking at including KDE as well. It is? Why? why not? not everybody likes GNOME for several reasons and it would be *so much*

[perl-IO-Socket-SSL] Update to 2.009

2015-01-12 Thread Paul Howarth
commit cd80fc16ecc792f2e37b157a80e76f4e843bef2c Author: Paul Howarth p...@city-fan.org Date: Mon Jan 12 13:28:46 2015 + Update to 2.009 - New upstream release 2.009 - Remove util/analyze.pl; this tool is now together with other SSL tools at

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Mikolaj Izdebski
On 01/12/2015 02:08 PM, Vít Ondruch wrote: Dear Fedora developers, I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. I strongly support this idea. In the past it probaby made sense to have GCC

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Przemek Klosowski
On 01/12/2015 08:05 AM, P J P wrote: Again, issue being addressed is not of brute force attacks. But that of such attacks resulting in gaining 'root' access to remote machines. They are two distinct issues. There still needs to be an administrative access to the system, and the most common

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Paul Wouters
On Mon, 12 Jan 2015, Przemek Klosowski wrote: There still needs to be an administrative access to the system, and the most common implementation by enabling 'sudo' on the non-privileged account. So, in a sense you are both right: this feature is just a small step rather than a security

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread P J P
On Monday, 12 January 2015 5:59 PM, Milan Keršláger wrote: You are (instead of completly mitigating), only raising complexity a little bit (ie not completly avoiding), which is what is Security through obscurity about (ie. by hiding source code, the attacker only solve more complex problem -

[perl-File-RsyncP/f20] (5 commits) ...0.72 bump; fix stalled transfers (#1177212)

2015-01-12 Thread Petr Šabata
Summary of changes: 2d8cf7b... - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass (*) 30ce430... Update config.guess/sub for aarch64/ppc64le (*) 8315828... - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_M (*) afa5470... Perl 5.20 rebuild (*) 945a7ff... 0.72 bump; fix

[Bug 1181027] perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1181027 Petr Šabata psab...@redhat.com changed: What|Removed |Added Status|NEW |ASSIGNED

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Richard Hughes
On 12 January 2015 at 12:48, Josh Boyer jwbo...@fedoraproject.org wrote: There's Workstation, which is actually looking at including KDE as well. It is? Why? RIchard -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of

File IO-Socket-SSL-2.009.tar.gz uploaded to lookaside cache by pghmcfc

2015-01-12 Thread Paul Howarth
A file has been added to the lookaside cache for perl-IO-Socket-SSL: 15be23e33f8183cb424254ea6a7b3bc0 IO-Socket-SSL-2.009.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Mikolaj Izdebski
On 01/12/2015 02:30 PM, Marcin Juszkiewicz wrote: W dniu 12.01.2015 o 14:08, Vít Ondruch pisze: I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. Are you aware that this means changing

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Hans de Goede
Hi, On 12-01-15 13:48, Josh Boyer wrote: On Mon, Jan 12, 2015 at 5:32 AM, Hans de Goede hdego...@redhat.com wrote: Hi, On 08-01-15 13:59, Hans de Goede wrote: Hi, On 08-01-15 13:31, Jaroslav Reznik wrote: - Original Message - = Proposed System Wide Change: Change xorg input

[perl-File-RsyncP/el5] 0.72 bump; fix stalled transfers (#1177212)

2015-01-12 Thread Petr Šabata
commit 55c7a5f55fb6ba0aa1bada16315adad046f467b2 Author: Petr Šabata con...@redhat.com Date: Mon Jan 12 14:23:44 2015 +0100 0.72 bump; fix stalled transfers (#1177212) .gitignore|3 ++- perl-File-RsyncP.spec | 45 +++-- sources

[Bug 1181027] perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1181027 --- Comment #2 from Sven Nierlein sven.nierl...@consol.de --- thank you both. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Bohuslav Kabrda
- Original Message - Dear Fedora developers, I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. The topic originally spring out in this [1] discussion on packaging list. Interesting

[Bug 708377] [PATCH] normalize perl version in build requires

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=708377 Petr Šabata psab...@redhat.com changed: What|Removed |Added Status|MODIFIED|CLOSED Fixed In

[Bug 874942] Net-DNS: system configuration is used instead of user's

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=874942 Petr Šabata psab...@redhat.com changed: What|Removed |Added Version|19 |rawhide -- You are

[perl-Params-Validate] Remove unused test-time dependency on Readonly:::XS

2015-01-12 Thread Petr Pisar
commit a2e36454146c47e2f9892a1df36ada1c8e60234e Author: Petr Písař ppi...@redhat.com Date: Mon Jan 12 16:14:44 2015 +0100 Remove unused test-time dependency on Readonly:::XS perl-Params-Validate.spec |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) --- diff --git

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Mike Pinkerton
On 12 Jan 2015, at 03:56, P J P wrote: Hello, On Sunday, 11 January 2015 2:27 PM, Peter Robinson wrote: Earlier in the discussions I was told that this is not really an issue: in production, about every server with remote access also has a KVM. Often not the case in small business or

[Bug 1181027] perl-Date-Calc-XS-6.3-7.fc22 FTBFS: tests fail

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1181027 Petr Šabata psab...@redhat.com changed: What|Removed |Added Status|ASSIGNED|CLOSED Fixed In

[perl-Date-Calc-XS] Adapt the test suite for the 2015-2115 era

2015-01-12 Thread Petr Šabata
commit b5ec8120480f3f257d283ea857e9ea1fb59de8f9 Author: Petr Šabata con...@redhat.com Date: Mon Jan 12 14:35:21 2015 +0100 Adapt the test suite for the 2015-2115 era Date-Calc-XS-6.3-century.patch | 433 perl-Date-Calc-XS.spec |8 +- 2

[Bug 461350] cpanspec nearly always misses the BuildRequires: perl(Test::More)

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=461350 Petr Šabata psab...@redhat.com changed: What|Removed |Added Version|19 |rawhide -- You are

[Bug 1180918] yum install perl-IO-Socket-SSL.noarch demands openssl-libs 1.0.1j-1, but we are at already at 1.0.1k-1

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1180918 --- Comment #3 from Paul Howarth p...@city-fan.org --- Can't say for sure but 1.0.1k contains a bunch of CVE fixes over 1.0.1j (see https://www.openssl.org/news/changelog.html) so maybe that's the reason. -- You are receiving this mail

Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Vít Ondruch
Dear Fedora developers, I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. The topic originally spring out in this [1] discussion on packaging list. Interesting FPC discussion on this topic can be

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Marcin Juszkiewicz
W dniu 12.01.2015 o 14:08, Vít Ondruch pisze: I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. Are you aware that this means changing build dependencies of most of packages? Altering them just

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Josh Boyer
On Mon, Jan 12, 2015 at 8:26 AM, Richard Hughes hughsi...@gmail.com wrote: On 12 January 2015 at 12:48, Josh Boyer jwbo...@fedoraproject.org wrote: There's Workstation, which is actually looking at including KDE as well. It is? Why? Because it was a work item from F21 that didn't make it and

[perl-IO-Socket-SSL] Created tag perl-IO-Socket-SSL-2.009-1.fc22

2015-01-12 Thread Paul Howarth
The lightweight tag 'perl-IO-Socket-SSL-2.009-1.fc22' was created pointing to: cd80fc1... Update to 2.009 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Dan Horák
On Mon, 12 Jan 2015 14:30:49 +0100 Marcin Juszkiewicz mjuszkiew...@redhat.com wrote: W dniu 12.01.2015 o 14:08, Vít Ondruch pisze: I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. Are

[Bug 1180918] yum install perl-IO-Socket-SSL.noarch demands openssl-libs 1.0.1j-1, but we are at already at 1.0.1k-1

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1180918 --- Comment #2 from David Tonhofer bugh...@gluino.name --- Thanks Paul, I will try that. Why would it have openssl-libs 1.0.1k though? This is the official Amazon EC2 cloud image. I will have to verify on the first install AMI what's on

[Bug 544738] cpanspec doesn't escape / in --filter-requires leading to bad sed statements

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=544738 Petr Šabata psab...@redhat.com changed: What|Removed |Added Status|MODIFIED|CLOSED Fixed In

[Bug 552105] cpanspec treats recommended dependencies to required

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=552105 Petr Šabata psab...@redhat.com changed: What|Removed |Added Version|19 |rawhide -- You are

[POC-change] Fedora packages point of contact updates

2015-01-12 Thread nobody
Change in package status over the last 168 hours 9 packages were orphaned dircproxy [master, f21, f20, el6, el5] was orphaned by kevin IRC proxy server https://admin.fedoraproject.org/pkgdb/package/dircproxy

[Bug 628655] perl segfaults when joining a thread and using perl-Tk

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=628655 Petr Pisar ppi...@redhat.com changed: What|Removed |Added Flags|needinfo?(ppi...@redhat.com | |)

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Josh Boyer
On Mon, Jan 12, 2015 at 5:32 AM, Hans de Goede hdego...@redhat.com wrote: Hi, On 08-01-15 13:59, Hans de Goede wrote: Hi, On 08-01-15 13:31, Jaroslav Reznik wrote: - Original Message - = Proposed System Wide Change: Change xorg input stack to use libinput =

Re: Hundreds of bugzilla mails on one day

2015-01-12 Thread Jaroslav Reznik
- Original Message - It has happened again. :-/ | This message is a notice that Fedora 19 is now at end of life. Fedora | has stopped maintaining and issuing updates for Fedora 19. It is | Fedora's policy to close all bug reports from releases that are no | longer maintained. | |

[perl-File-RsyncP] 0.72 bump; fix stalled transfers (#1177212)

2015-01-12 Thread Petr Šabata
commit 945a7ffc3367f0929f8751cf761fc2fa7367934d Author: Petr Šabata con...@redhat.com Date: Mon Jan 12 13:33:14 2015 +0100 0.72 bump; fix stalled transfers (#1177212) .gitignore|1 + perl-File-RsyncP.spec | 35 +-- sources |

File File-RsyncP-0.72.tar.gz uploaded to lookaside cache by psabata

2015-01-12 Thread Petr Šabata
A file has been added to the lookaside cache for perl-File-RsyncP: ab2729ab4657705052d80eca107d6444 File-RsyncP-0.72.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Review swaps

2015-01-12 Thread Mattias Ellert
Hi! I have a couple of packages submitted for review and I offer to make swaps for them: Globus Toolkit packages (C code - mostly loadable modules) https://bugzilla.redhat.com/show_bug.cgi?id=1144800 globus-gridmap-eppn-callout https://bugzilla.redhat.com/show_bug.cgi?id=1144801

Re: Abotu setting 'PermitRootLogin=no' in sshd_config

2015-01-12 Thread Ian Malone
On 12 January 2015 at 09:20, Milan Keršláger milan.kersla...@pslib.cz wrote: Hello, 4) Blocking root access means forcing admins to log as normal user and then do su/sudo and providing root password, which is far less secure than disable root password authentication and allow login to

USB/IP userspace review request

2015-01-12 Thread Jonathan Dieter
If anyone is interested in having USB/IP working in Fedora, I'm looking for someone to review the userspace tools at https://bugzilla.redhat.com/show_bug.cgi?id=1175270. While the USB/IP modules were in staging, this was in RPM Fusion, but the modules have been moved out of staging and into

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Francisco Alonso
Hi, That's not security through obscurity. It's a way to limit the exposure to a brute force attack with an a privileged account. Also this allows the user uses a different account so remote attacks that user is unknown and can not be used to brute force delimiting more exposure. Most instances

Re: Abotu setting 'PermitRootLogin=no' in sshd_config

2015-01-12 Thread P J P
Hello, On Monday, 12 January 2015 4:09 PM, Ian Malone ibmal...@gmail.com wrote: On 12 January 2015 at 09:20, Milan Keršláger milan.kersla...@pslib.cz 4) Blocking root access means forcing admins to log as normal user and then do su/sudo and providing root password, which is far less

Re: A little problem with dnf

2015-01-12 Thread Adrian Soliard
2015-01-12 5:35 GMT-03:00 Igor Gnatenko i.gnatenko.br...@gmail.com: On Mon, Jan 12, 2015 at 11:27 AM, Jan Zelený jzel...@redhat.com wrote: On 11. 1. 2015 at 20:40:56, Adrian Soliard wrote: Hi everyone! I'm struggling a bit with dnf. It may have advantages, but as an end-user, I'm fighting

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Milan Keršláger
You pointed to SELinux and two factor authentication to be like your solution (ie disabling root login), but these tools (SELinux/twofactor auth.) are build to completly mitigate the attack (the attacker is unable to perform the needed action in any way). You are (instead of completly

[perl-File-RsyncP/f21] (2 commits) ...0.72 bump; fix stalled transfers (#1177212)

2015-01-12 Thread Petr Šabata
Summary of changes: afa5470... Perl 5.20 rebuild (*) 945a7ff... 0.72 bump; fix stalled transfers (#1177212) (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list

[Bug 628655] perl segfaults when joining a thread and using perl-Tk

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=628655 --- Comment #9 from Petr Pisar ppi...@redhat.com --- (In reply to Jan Pazdziora from comment #8) Should this be NEXTRELEASE, then? I can see the segfault in Fedora 21 with It should. -- You are receiving this mail because: You are on the

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread P J P
Hello Milan, On Monday, 12 January 2015 3:11 PM, Milan Keršláger wrote: No, this is not good idea as I wrote few minutes ago because it does not improve security, it just provide feeling of better security, see: https://en.wikipedia.org/wiki/Security_through_obscurity I disagree. First

F22 System Wide Change: Default Local DNS Resolver

2015-01-12 Thread Jaroslav Reznik
= Proposed System Wide Change: Default Local DNS Resolver = https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver This Change was already proposed as Fedora 21 Change but moved to Fedora 22 (and discussed as Fedora 22 Change), re-announcing it as more details were provided as

File Tangerine-0.12.tar.gz uploaded to lookaside cache by psabata

2015-01-12 Thread Petr Šabata
A file has been added to the lookaside cache for perl-Tangerine: 221ceabd8e9bed61e8c81fb0cb413fde Tangerine-0.12.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Re: Fedora tcp_wrappers (missing) support for custom acl scripts, aclexec

2015-01-12 Thread Lennart Poettering
On Sun, 11.01.15 21:29, Tomasz Torcz (to...@pipebreaker.pl) wrote: On Sat, Jan 10, 2015 at 12:16:38AM +0200, Pasi Kärkkäinen wrote: Hello, I recently noticed Debian/Ubuntu has had support for aclexec in tcp_wrappers via a custom patch since 2006, so you can do this in

[perl-Tangerine] 0.12 bump

2015-01-12 Thread Petr Šabata
commit bc8d4eb4579fecbb4b813f6419d071f0ac545910 Author: Petr Šabata con...@redhat.com Date: Mon Jan 12 17:18:16 2015 +0100 0.12 bump .gitignore |1 + perl-Tangerine.spec | 18 -- sources |2 +- 3 files changed, 14 insertions(+), 7

Re: Remove gcc, gcc-c++ and make from minimal build root

2015-01-12 Thread Vít Ondruch
Dne 12.1.2015 v 14:30 Marcin Juszkiewicz napsal(a): W dniu 12.01.2015 o 14:08, Vít Ondruch pisze: I'd like to collect some feedback about the $SUBJECT, i.e. making minimal build root really minimal, explicitly specifying build dependencies, etc. Are you aware that this means changing build

[perl-Tangerine/el6] 0.12 bump

2015-01-12 Thread Petr Šabata
Summary of changes: bc8d4eb... 0.12 bump (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Milan Keršláger
Dne 12.1.2015 v 15:46 Przemek Klosowski napsal(a): There still needs to be an administrative access to the system, and the most common implementation by enabling 'sudo' on the non-privileged account. So, in a sense you are both right: this feature is just a small step rather than a security

[perl-Tangerine/epel7] 0.12 bump

2015-01-12 Thread Petr Šabata
Summary of changes: bc8d4eb... 0.12 bump (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org

Agenda for Env-and-Stacks WG meeting (2015-01-14)

2015-01-12 Thread Honza Horak
WG meeting will be at 12:00 UTC (07:00 EST, 13:00 Brno, 7:00 Boston, 21:00 Tokyo, 22:00 Brisbane) in #fedora-meeting on Freenode. = Topics = * Fedora Rings * revisit the plan around rings * interpret rings with users' use cases and requirements * sync on where SCLs, copr, languages

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Kevin Fenzi
On Mon, 12 Jan 2015 20:39:35 +0100 Milan Keršláger milan.kersla...@pslib.cz wrote: ...snip... Hey Milan. I understand you have a strong opinion on this topic as does pjp. This is however no reason to bring personal attacks into things. Please focus on the technical discussion. kevin

firefox/vimeo

2015-01-12 Thread Nikos Roussos
I noticed that I'm unable to watch Vimeo videos with Firefox without Flash plugin. Same is not true if I use the Firefox build from upstream. Do we disable something on our build that may be responsible for such behavior? Anyone else has the same problem? I even enabled h264 codec (although I

[389-devel] please review: Ticket 47617 - Changelog trimming interval value validation

2015-01-12 Thread Mark Reynolds
https://fedorahosted.org/389/ticket/47617 https://fedorahosted.org/389/attachment/ticket/47617/0001-Ticket-47617-replication-changelog-trimming-setting-.patch -- 389-devel mailing list 389-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Stephen John Smoogen
On 12 January 2015 at 11:58, P J P pj.pan...@yahoo.co.in wrote: On Tuesday, 13 January 2015 12:05 AM, Stephen John Smoogen wrote: I don't see how this is the case. All we have done is move the first line of the root-kit script to calling sudo via the password that was used to open the account

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Milan Keršláger
Dne 12.1.2015 v 20:46 Kevin Fenzi napsal(a): On Mon, 12 Jan 2015 20:39:35 +0100 Milan Keršláger milan.kersla...@pslib.cz wrote: ...snip... Hey Milan. I understand you have a strong opinion on this topic as does pjp. This is however no reason to bring personal attacks into things. Oh

[perl-GD] do not include bdftogd in perl-GD, that lives in gd-progs now

2015-01-12 Thread Tom Callaway
commit f2311aa5f11be1e37ca7420d3e4b28a6dec95b4a Author: Tom Callaway s...@fedoraproject.org Date: Mon Jan 12 15:16:53 2015 -0500 do not include bdftogd in perl-GD, that lives in gd-progs now perl-GD.spec | 10 -- 1 files changed, 8 insertions(+), 2 deletions(-) --- diff --git

Re: F22 System Wide Change: Harden all packages with position-independent code

2015-01-12 Thread Moez Roy
On Sat, Jan 10, 2015 at 6:12 PM, Richard W.M. Jones rjo...@redhat.com wrote: Does this proposal apply to native non-C/C++ programs? Rich. I would like to see this proposal apply to native non-C/C++ programs, but I am not sure on how that would be done? Do the other compilers understand what

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread P J P
On Tuesday, 13 January 2015 12:05 AM, Stephen John Smoogen wrote: I don't see how this is the case. All we have done is move the first line of the root-kit script to calling sudo via the password that was used to open the account up. Since many of Linux systems are single user boxes.. it is most

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Milan Keršláger
Dear PJP, in the ship, there is a hole. You are waving the flag unsinkable instead to stop the flow and screaming: The flow could be stopped later!. You dismiss my arguments without argument, just dismiss them. Unbelievable. Is this about security or about your ego? Could do you agree that we

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Stephen John Smoogen
On 12 January 2015 at 12:52, Milan Keršláger milan.kersla...@pslib.cz wrote: Dne 12.1.2015 v 20:46 Kevin Fenzi napsal(a): On Mon, 12 Jan 2015 20:39:35 +0100 Milan Keršláger milan.kersla...@pslib.cz wrote: ...snip... Hey Milan. I understand you have a strong opinion on this topic as

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread Miloslav Trmač
Scrap that, Kevin Kofler pointed me to this post: https://lists.fedoraproject.org/pipermail/devel/2014-December/205490.html Which I unfortunately missed, so the info I got from KDE upstream is not correct because the KDE spin adds an extra component which does directly talk to the low

Re: F22 System Wide Change: Change xorg input stack to use libinput

2015-01-12 Thread drago01
On Mon, Jan 12, 2015 at 9:31 PM, Miloslav Trmač m...@redhat.com wrote: Scrap that, Kevin Kofler pointed me to this post: https://lists.fedoraproject.org/pipermail/devel/2014-December/205490.html Which I unfortunately missed, so the info I got from KDE upstream is not correct because the KDE

Re: F22 System Wide Change: Harden all packages with position-independent code

2015-01-12 Thread Miloslav Trmač
- Original Message - Does this proposal apply to native non-C/C++ programs? As written, it seems to intend so. In practice, it would probably apply or not depending on whether the non-C/C++ programs’ builds are affected by _hardened_build. Ideally, I think this should apply to all

[Bug 1180875] file /usr/bin/bdftogd conflicts with file from package gd-progs

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1180875 Tom spot Callaway tcall...@redhat.com changed: What|Removed |Added Status|NEW |CLOSED

Re: F22 System Wide Change: Harden all packages with position-independent code

2015-01-12 Thread Miloslav Trmač
That said, even on x86_64 it isn't anything close to no overhead. Tried last night to rebuild GCC's cc1plus as -fpie -pie, and then rebuild stage3 of GCC with make -j1 separately with the original stage3 cc1plus (ET_EXEC binary) and PIE cc1plus (ET_DYN). The build (which included still time

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Miloslav Trmač
- The 'method' used to restrict remote root access is negotiable. Ie. disable it completely by setting PermitRootLogin=no OR disable remote root login via password by setting PermitRootLogin=without-password. (The general theme of this mail: Being flexible is fine, and establishing this

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Miloslav Trmač
- improves accountability for administrative actions (we know which admin messed up :) Nonsense. for non-malicious logins, sudo leaves as much as a trail as sshd which tells you which credentials were used to login. For malicious logins, once root access is obtained via password-less

Re: F22 System Wide Change: Harden all packages with position-independent code

2015-01-12 Thread Till Maas
On Mon, Jan 12, 2015 at 03:37:42PM -0500, Miloslav Trmač wrote: - Original Message - Does this proposal apply to native non-C/C++ programs? As written, it seems to intend so. In practice, it would probably apply or not depending on whether the non-C/C++ programs’ builds are

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Przemek Klosowski
First of all, I agree with you that PermitRootLogin without-password is preferable. The discussion I am interested in is whether direct password root login should remain enabled. On 01/12/2015 10:02 AM, Paul Wouters wrote: On Mon, 12 Jan 2015, Przemek Klosowski wrote: - improves

Re: F22 System Wide Change: Set sshd(8) PermitRootLogin=no

2015-01-12 Thread Volker Sobek
Am Montag, den 12.01.2015, 17:20 + schrieb P J P: If you really want to improve security and mitigate BF attacks against root, do this: A) do not run SSHD by default That's a non-option. This is actually implemented in Workstation, i.e. the sshd.service is not enabled by default

[Bug 1176932] perl-DB_File-1.835 is available

2015-01-12 Thread bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1176932 Fedora Update System upda...@fedoraproject.org changed: What|Removed |Added Fixed In Version|perl-DB_File-1.835-1.fc21

Re: F22 System Wide Change: Harden all packages with position-independent code

2015-01-12 Thread Richard W.M. Jones
On Mon, Jan 12, 2015 at 10:57:50AM -0800, Moez Roy wrote: On Sat, Jan 10, 2015 at 6:12 PM, Richard W.M. Jones rjo...@redhat.com wrote: Does this proposal apply to native non-C/C++ programs? Rich. I would like to see this proposal apply to native non-C/C++ programs, but I am not sure

Un-retiring ice and mumble?

2015-01-12 Thread Carlos O'Donell
Devel, I would like to un-retire mumble, but that requires ice. I've just fixed ice to compile on f21 without much effort. So I think I'll un-retire ice and mumble and maintain them unless anyone objects. Is there any reason ice was orphaned and retired other than lack of interest? Cheers,

  1   2   >