On Fri, 29 Jul 2011, Tore Anderson wrote:
There's two potential explanations for that that I'm aware of:
1) The «Require IPv4 for this connection to complete» NM setting is
unfortunately checked by default, see
https://bugzilla.redhat.com/show_bug.cgi?id=538499 and
On Mon, 22 Aug 2011, Stephen Gallagher wrote:
(Sent on behalf of jima, the former owner)
The dnsmasq package in Fedora has now been orphaned. This package is in
need of a new maintainer and should not be allowed to lapse, as it is a
critical component of the virtualization features.
It is
On Wed, 24 Aug 2011, Ian Pilcher wrote:
On 08/22/2011 06:35 PM, Paul Wouters wrote:
If it could also not grab port 0.0.0.0:53 in the future, that would be
great. I'd like to work with whichever libvirt developer takes this
package on.
Are you talking about dnsmasq or the way that libvirt
On Thu, 25 Aug 2011, Tomas Mraz wrote:
3) I mostly don't need/want any DNS/DHCP in my bridged setup, but it still
configures and starts dnsmasq (at least on F14 using virt-manager)
(eg I have a /28 bridges to eth1 with static IPs, I don't want it)
On a non-bridged setup it listens
On Thu, 25 Aug 2011, Thomas Moschny wrote:
2011/8/25 Paul Wouters p...@xelerance.com:
Again, this is based on f14, not f15/f16. I am not sure how much this has
been
addressed. But if we want DNSSEC validation on the endnode, at the very least
127.0.0.1:53 needs to be left free.
Are you
On Thu, 25 Aug 2011, Daniel P. Berrange wrote:
libvirt's dnsmasq will never be grabbing any 127.0.0.1 address. It is
In my experiments it did not, and the issue instead was that the other
DNS server [1] wanted to grab port 53 on *all* interfaces.
Yeah, that is the normal problem people see.
On Tue, 6 Sep 2011, Richard Shaw wrote:
Most of the packages I work with have very few patches so it's not all
that difficult, but there are a couple of packages I'm working with
that have a lot of patches and one of them has a very active upstream
(which is a good thing!) but that also means
Hi developers of NM and Fedora,
We are trying to get DNSSEC validation on the end nodes. One way of doing
that is to run a caching resolver on every host, but that strains the
DNS infrastructure because all DNS caches would be circumvented. Since
DNSSEC data is signed, you can obtain it via
On Sun, 18 Sep 2011, Nicolas Mailhot wrote:
We are trying to get DNSSEC validation on the end nodes. One way of doing
that is to run a caching resolver on every host, but that strains the
DNS infrastructure because all DNS caches would be circumvented.
However, there are many networks out
On Wed, 21 Sep 2011, Adam Tkac wrote:
this is a great idea and work. We talked (inside Red Hat) about similar
approach how to secure the clients but this proposal is better, ready
for use, and I like it.
Great. Please test and give us feedback :)
The only one question for discussion is if
On Wed, 21 Sep 2011, Tomas Mraz wrote:
solve a part of the problem how can you even consider removing the
ability for disabling dnssec when implementing and deploying and running
dnssec increases the complexity times hundred and people and isp's alike
cant even implement and properly run a
On Thu, 22 Sep 2011, Dan Williams wrote:
But I'm not really familiar with unbound. Is it a long-running service?
Yes, It's a fully dnssec validating caching resolver. You start it at boot
and leave it running.
What does its config file look like? Does it re-read config data on
SIGHUP?
You
On Thu, 22 Sep 2011, Dan Williams wrote:
You properly talk to it via unbound-control, which uses SSL certs between
it and the daemon. No need to re-write config files or send it weirdo
signals.
Ok, this part mystifies me. I assume it just has a TCP socket listening
that you talk to it on?
On Tue, 11 Oct 2011, Nathanael D. Noblet wrote:
As far as I know if you burn the key you will lose the ability to use
the yubikey's servers and I'm guessing coincidentally the lastpass as
well. I have seen that you are allowed to upload a new key to their
servers to restore its useability. So
On Wed, 12 Oct 2011, Kevin Fenzi wrote:
* DO verify ssh host keys via dnssec protected dns. ( .ssh/config:
VerifyHostKeyDNS yes)
https://bugzilla.redhat.com/show_bug.cgi?id=180277
https://bugzilla.redhat.com/show_bug.cgi?id=730558
You can't tell us to use this while at the same time refusing
On Wed, 12 Oct 2011, Adam Williamson wrote:
Reading between the lines of recent attacks, it seems likely that
private keys compromised in some of the attacks were used to perform
others. (No-one's come out and officially said this yet but it seems
pretty obvious from the subtext of some of
On Wed, 12 Oct 2011, Tomas Mraz wrote:
Except nobody says or said that DNS without DNSSEC leads to the
automatic connection with such setting.
I answered that multiple times, including today with a vast amount of screen
pasting
into https://bugzilla.redhat.com/show_bug.cgi?id=180277 to show
On Thu, 13 Oct 2011, Tomas Mraz wrote:
And if this malicious DNS administrator controls the caching
nameserver you're using for DNS queries, he can present you ANY data
even 'valid' fake DNSSEC data.
This is not generally true. Resolver libraries can (and should, IMHO)
verify DNSSEC
On Thu, 13 Oct 2011, Tomas Mraz wrote:
Nope, you do not understand what the dependency is. Of course you depend
on the DNS to not be compromised to get the IP address of the host but
you still can verify the fingerprint on the first connection if you got
it by other means.
That scales as
On Thu, Oct 13, 2011 at 10:55:59PM -0500, Callum Lerwick wrote:
Its the only right way to do it. As a general rule, a private ssh key
should NEVER be transferred off the machine it was generated on.
Yeah, who needs backups of private keys anyways!
you have the same private key on more than
On Thu, 13 Oct 2011, Callum Lerwick wrote:
Yeah, who needs backups of private keys anyways!
We're talking about SSH keys here. There's no web of trust to lose.
Lose your keys? Generate new ones.
And contact my customers and what not to change it? Go past all the
servers i have access to with
On Thu, 20 Oct 2011, Nathan O. wrote:
slot 1: fedora OTP configured with fedora-burn-yubikey -u
slot 2: yubico OTP. Using the command line tool shipped with fedora
gave me some problems, so I used the one from yubico
On Tue, 25 Oct 2011, Mario Ceresa wrote:
That's strange: the only two occasion I had a failed OTP were:
1) A configuration problem: (Yubikey not enabled, yubikey prefix not
correct, using unburned key)
2) In a two slot configuration, whenever I press the button too long
and it generates
On Wed, 9 Nov 2011, Alex Dalitz wrote:
(CC:ed Fedora-devel, we're trying to figure out the ruby bug with %3d ri-doc
names)
I tried using yours and i had to make some xoes for it to build.
It used ruby-gems instead of rubygems. The was a = - =3D
caused by one of our mail agents. then it tried
On Wed, 16 Nov 2011, David Woodhouse wrote:
On Mon, 2011-11-14 at 21:08 +0400, Lucas wrote:
I am talking about ipsec over TCP.
Everything can do ipsec over UDP, but none over TCP. But on my job for
the security reason UDP is blocked, cisco vpn can do ipsec over tcp.
That's entirely
I have a package that contains ruby scripts in /usr/lib/packagename/
These scripts are only called/included via other binaries.
If I do not make these executable, then rpmlint complains about
non-executable content in /usr/lib/packagename/ and suggests I
move it to /usr/share/packagename. If I
On Thu, 17 Nov 2011, Toshio Kuratomi wrote:
When you talk about scripts, do you mean that the code calling these scripts
does the equivalent of this (note, I generated my examples by reading up on
ruby on the web just prior to posting... please allow for this perhaps not
being real ruby code
On Thu, 17 Nov 2011, Toshio Kuratomi wrote:
nod And also note -- the use of /usr/lib (*not* %{_libdir}) vs /usr/share
is debatable (I said could above rather than should). The modules that go
into the default search path, for python, perl, and ruby, for instance, all
end up in /usr/lib if
Hi,
There is a package in review that allows one to simply run DNSSEC
on the endnode by dynamically reconfiguring the locally running
DNS server. This process is mostly invisible to the user.
https://bugzilla.redhat.com/show_bug.cgi?id=754583
What happens is basically the following:
- network
On Thu, 7 Oct 2010, Mike McGrath wrote:
We also decided to allow yubikeys as an authentication option for the
larger community to some hosts and services like fedorapeople.org or
https://admin.fedoraproject.org/community/. When asked for a password,
just use your yubikey to generate a otp
On Thu, 7 Oct 2010, Mike McLean wrote:
I guess in a way it is like using the same password, but people might not be
thinking of that when they have a device on them that they use.
Wow, that's a serious weakness. Are we sure about this?
On Fri, 8 Oct 2010, Dennis Gilmore wrote:
Even if you use your yubikey with yubicos servers. and auth against multiple
different providers your AES key is never exposed to to any of the places that
you auth to.
That is correct if different service providers auth the OTP against
yubicos
On Fri, 8 Oct 2010, Nathanael D. Noblet wrote:
On 10/07/2010 10:58 PM, Paul Wouters wrote:
One usage of yubikey I would like very much is as storage for the AES
encryption key for disk encryption. I'd prefer the disk crypto key to
not be on the disk at all, protected by just a passphrase
On Fri, 8 Oct 2010, Jesse Keating wrote:
Note that yubikeys are not (yet) usable for this. You cannot request the
AES key from it (AFAIK), only an OTP. And the OTP can also not be used to
unlock
an AES key on the harddisk because it is different for each activation.
Can't you use one of
Hi,
libotr is a commonly used instant message encryption protocol. It is
used by a lot of IM programs. To resolve various issues, upstream had
to break compatibility. While pidgin-otr has been updated to work with
the new library, most other applications (kopete, bitlbee, irssi,
xchat-otr)
On Mon, 22 Oct 2012, Paul Howarth wrote:
On 10/22/2012 10:45 AM, Fedora PackageDB wrote:
Package GeoIP in Fedora 17 has been retired by mfleming
To make changes to this package see:
https://admin.fedoraproject.org/pkgdb/acls/name/GeoIP
What's the story with this? Has something happened
On Sun, 21 Oct 2012, Erinn Looney-Triggs wrote:
I haven't been able to get a lot of traction with this, but I figured a
shot at this mailing list might help.
I have written a patch against the Fedora 18 version of vpnc-script to
allow it to detect that unbound is running and to set forwarders
Hi,
I've built libotr3 as a compat package in rawhide and f18/f17 to prepare
for the API change between libotr-3 and libotr-4.
Applications using libotr that have not been ported to the new libotr-4
should change their Requires: libotr to Requires: libotr3, so they won't
break when libotr, now
On Mon, 29 Oct 2012, Miro Hrončok wrote:
I am involved in a student group on FIT of Czech Technical University in
Prague - in that group, we focus on 3D printing (RepRap).
At this point, I would like to gather people interested in 3D printing
and eventually create a 3D printing SIG.
Would
On Thu, 29 Nov 2012, Troy C wrote:
I've requested co-maintainer ship to bring this package up to speed
again. Thanks for the patches in the bugzilla.
Paul
I would like to do whatever it takes to bring lsyncd, one of the packages
announced as abandoned in [1], up-to-date in EPEL.
The specs
On Thu, 20 Dec 2012, Adam Williamson wrote:
All this for the rather questionable benefit of having a specifically
defined place for helper-scripts-not-meant-to-be-executed-directly,
which gains us...what, exactly, over just putting them
in /usr/lib/(appname) or /usr/share/(appname) or whatever?
On Tue, 25 Dec 2012, Sergio Belkin wrote:
I've created and appended an repo option to a kickstart file, then I've
created an iso with livecd-creator and it works fine.
Packages of that repo are installed in the ISO file.
The problem is that the repo file is not created in the installed system
My yum update on f18 took about 20 minutes installing 3380 packages.
Cleanup: bash-4.2.39-1.fc18.x86_64 3377/3380
Cleanup: nss-softokn-freebl-3.14-5.fc18 3378/3380
Cleanup: glibc-2.16-24.fc18 3379/3380
Cleanup: tzdata-2012i-1.fc18.noarch 3380/3380
And then it just sat
On Sat, 29 Dec 2012, Paul Wouters wrote:
$ ps auxw|grep texlua
root 8268 37.5 32.7 5515148 5369112 pts/2 D+ 18:56 8:30 texlua
/usr/bin/mtxrun --generate
$ rpm -qf /usr/bin/mtxrun
texlive-context-bin-2012-0.svn26861.10.20121205_r28449.fc18.noarch
What is this? The man page hints
On Thu, 24 Jan 2013, Jaroslav Reznik wrote:
= Features/NFStest =
https://fedoraproject.org/wiki/Features/NFStest
Feature owner(s): Steve Dickson ste...@redhat.com
Provides a set of tools for testing either the NFS client or the NFS server,
most of the functionality is focused mainly on
On Sun, 27 Jan 2013, Jamie Nguyen wrote:
Please could testers give some karma:
https://admin.fedoraproject.org/updates/FEDORA-2012-14650/tor-0.2.2.39-1700.fc17?_csrf_token=3663fa7adec7f8e5c46ed89b7a0b59cfab9844d9
Tor package for Fedora 17 has been out-of-date with security issues for
4
On 01/29/2013 09:32 AM, Steve Dickson wrote:
Ok... that sounds good... but what does that have to do with testing
the NFS 4.0 and 4.1 protocol? Granted I know nothing about libreswan
other than I just read in the libreswan-3.0/README, but just don't
see how libreswan fits in...
Note, NFStest
On Wed, 30 Jan 2013, Bruno Wolff III wrote:
On 2013-01-29, 22:52 GMT, Michael Scherer wrote:
I am delighted to announce you that Red Hat has a policy of not
tolerating drugs on the work place. So you should be utterly relieved to
know that no people posting here with a @redhat.com email should
Hi,
I just heard I might be put through the unresponsive maintainer process
in Fedora? I'm a little confused as I've never received emails on this,
and I'm always on irc and read fedora-devel and still perform very regular
package updates.
Can someone tell me what's going on, and forward me
On Fri, 29 Jan 2010, Paul Wouters wrote:
Subject: I am an unresponsive maintainer?
I just heard I might be put through the unresponsive maintainer process
in Fedora? I'm a little confused as I've never received emails on this,
and I'm always on irc and read fedora-devel and still perform
On Thu, 11 Feb 2010, Paul W. Frields wrote:
Fedora 11: https://admin.fedoraproject.org/updates/F11/FEDORA-2010-1696
Fedora 12: https://admin.fedoraproject.org/updates/F12/FEDORA-2010-1748
For those interested in some more background information about the
chain of events on the dnssec-conf
you can set both cflags and libs
with that, no patch required.
Best regards,
Wouter
On 02/24/2010 05:37 PM, Paul Wouters wrote:
Hi,
Fedora 13 will no longer implicitely link in certain libraries. For
a full description see:
https://fedoraproject.org/wiki/UnderstandingDSOLinkChange
On Fri, 26 Feb 2010, Chris Adams wrote:
EPEL has run this way for a while, and it doesn't seem to be a problem.
EPEL does not have a 6 month release cycle :)
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Fri, 26 Feb 2010, Matthew Garrett wrote:
On Fri, Feb 26, 2010 at 08:15:43PM +0100, Till Maas wrote:
1) to fix a bug or add a feature the maintainer experienced/uses
If nobody is complaining about the bug, then fixing the bug can wait
until the next Fedora release.
Do you have the time
On Fri, 26 Feb 2010, Kevin Fenzi wrote:
A quicker way of seeing if a bug report was alread made, and more
quickly being able to report bugs then spending 15-30 with bugzilla
would help me in reporting more bugs. I like the automated crash
reporting, though I'm not sure where they go, as I
On Mon, 1 Mar 2010, Iain Arnell wrote:
Whilst cleaning up some recently adopted orphans, I discovered that
perl-Nmap-Parser has been tagged with the wrong license since August
2008. Upstream changed the license from GPLv2+ to MIT sometime back in
2007 and I've just corrected it in rawhide
On Tue, 2 Mar 2010, Bill Nottingham wrote:
Adam Williamson (awill...@redhat.com) said:
We should make a stand and drop it from Fedora until it's not made up of
bonghits and failure. (haha, yeah. thanks, here all week, etc)
I'm not quite sure why it needs separate lsb/upstart init scripts
On Tue, 2 Mar 2010, Bill Nottingham wrote:
Enrico Scholz (enrico.sch...@informatik.tu-chemnitz.de) said:
All the initscripts have huge and broken dependency chains.
E.g. assuming I would use the vanilla fedora 'initscripts' package, then
tor would still require[1] syslog, cpio, e2fsprogs,
On Tue, 2 Mar 2010, Enrico Scholz wrote:
It does not log anything because Enrico broke logging in tor package.
Not that this was the reason, but it is the upstream setup to have
logging disabled. Your comment is unrelated to this discussion because
logging can be done into a file and does
On Wed, 3 Mar 2010, Enrico Scholz wrote:
The tor upstream has filed that as bug report as well.
... and understand my reasons not to activate logging
That is not true. It just decided not to pick a fight over that while
more pressing bugs required you to fix them.
ok; sorry that I thought
On Wed, 3 Mar 2010, Enrico Scholz wrote:
Upstream reports a logging bug.
??? You and Noa Resare were the only one who reported the non-logging as
a bug and some posts ago you said that you are not upstream. So, why do
you think that upstream reported a logging bug?
I pointed you to
On Thu, 4 Mar 2010, Enrico Scholz wrote:
[ two year tor insanity ]
It's been two years. I'm done with this discussion. I'm not spending more
time on the tor-enrico pacakge.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Thu, 11 Mar 2010, Jesse Keating wrote:
https://fedoraproject.org/wiki/Stable_Release_Updates_Proposal
Here is the link. I'm going to start a new thread here.
# Stable releases should not be used for tracking upstream
version closely when this is likely to change the
On Thu, 11 Mar 2010, Seth Vidal wrote:
And it will be impossible for users running the non-sha256 bind to
communicate with the sha256 supporting arpa?
I guess I don't understand what do the users of the existing bind LOSE?
Is ARPA expecting everyone to upgrade to a sha256 supporting bind
On Fri, 30 Aug 2013, Daniel P. Berrange wrote:
Or you could just map a directory on the host into /var/lib/mock/result
in the guest, using the virtio-9p filesystem feature of KVM. Basically
this gives you shared filesystem, but without any TCP/networking involved.
NB, works with KVM in Fedora
On Mon, 9 Sep 2013, Reindl Harald wrote:
I don't get it, either
google dhe versus ecdhe performance
http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html
Let’s focus on the server part. Enabling DHE-RSA-AES128-SHA cipher suite
hinders the performance of TLS handshakes by a
On Mon, 9 Sep 2013, Gregory Maxwell wrote:
I am certainly not ignoring legal concerns. While there are some
patented EC cryptographic techniques, the basic infrastructure
including ECDH over prime fields was first published back in 1984 and
is not patentable.
The IETF has published an
On Tue, 17 Sep 2013, Till Maas wrote:
I just blocked the following packages in koji for F20+, because they
were retired some time ago, but not yet blocked:
autotrust
They might also lack a dead.package, but I will write a separate mail
about this.
Indeed. fixed. (autotools was merged
On Tue, 8 Oct 2013, Sérgio Basto wrote:
3.5.8.2 was released time ago with
several bugs fixed: http://bugzilla.redhat.com/959946
Current version in Fedora Rawhide: 3.5.8.1
Welcome to phpMyAdmin 3.5.8.2, a security release.
I updated all branches in fedora and epel to 3.5.8.2. These are now
On Tue, 15 Oct 2013, Dhiru Kholia wrote:
In short, we could not distinguish the performance gains of prelink over
the background noise in many (or even most) cases.
So, I was wondering if you are aware of any use-cases where prelink
provides measurable benefits. In would be awesome if you
On Tue, 15 Oct 2013, Reindl Harald wrote:
since OpenSSL in Fedora from now on supports ECDHE
depending software needs to be rebuilt to make use
of it as well as libraries like NSS/GNUTLS should
do the same and depending packages like Firefox
needs a rebuild against refreshed NSS to support
it
On Tue, 15 Oct 2013, Jan Kratochvil wrote:
I just do not understand why to give up on that negligible optimization when
it brings no disadvantages.
Because you did not my previous email?
- complexity
- complicated prelink blacklists
- complicated cron job exclusion with sysconfig
- FIPS
On Tue, 15 Oct 2013, Jan Kratochvil wrote:
- FIPS foot-bullets
I really do not care and do not run FIPS.
Your personal views are irrelevant. You are a package maintainer. When
other people care about FIPS, you as a package maintainer should care
about playing nicely with FIPS.
On Thu, 17 Oct 2013, Jan Kratochvil wrote:
Workaround of that bug is one line of code, it just has not been accepted yet.
And this is the core of the problem. No one has been spending 5 minutes
on fixing prelink, yet people have described hours and days of effort wasted
because of prelink. If
On Thu, 17 Oct 2013, Daniel P. Berrange wrote:
There's no reason to kill the package entirely. Some people still
want to use it despite the current issues. So just don't install it
by default. Reducing everything down to absolutes isn't helpful.
Agreed, there's no reason to kill it
On Thu, 17 Oct 2013, Hans de Goede wrote:
We could change the default /etc/sysconfig/prelink to default to no
prelinking, then for people with an unmodified /etc/sysconfig/prelink,
this will become the new /etc/sysconfig/prelink and the first time the
cronjob runs after the update it will
On Sat, 19 Oct 2013, Robert Scheck wrote:
On Wed, 09 Oct 2013, Paul Wouters wrote:
I'm not a really user of phpMyAdmin so if someone who actually uses
this package wishes to take maintainership, please do!
you noticed, that you pushed yet another version of phpMyAdmin with a *.swf
file
On Mon, 28 Oct 2013, Michael Schwendt wrote:
/home/sandro/.local/bin in the PATH is not the default.
Or is it new for Rawhide?
$ grep PATH /etc/skel/.bash_profile
PATH=$PATH:$HOME/.local/bin:$HOME/bin
export PATH
Exists for a longer time already, added in of the .fc16 builds:
* Tue Jun 07
On Wed, 13 Nov 2013, Tomas Mraz wrote:
I've orphaned workrave and ipsec-tools in all active branches of Fedora
as I do not use them any more.
I will take ipsec-tools, as we use it for our interop tests with
libreswan.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
On Thu, 14 Nov 2013, Adam Jackson wrote:
Yes. People hit this _constantly_ in a lot of ways. Like why am I not
getting debuginfo packages. The theory is that you might want to build
with some other set of macros, which is why rpmbuild doesn't just
require r-r-c.
I think this is foolish, and
On Fri, 12 Nov 2010, Kevin Fenzi wrote:
* grub2 (no one is driving for this that I know of, but has some
advantages over our grub1 if someone is willing to run with it, although
it may be a lot of work to get it to where we need it).
I understood grub2 is much worse for serial console
On Tue, 23 Nov 2010, Nicholas Miell wrote:
The spec page says it'll be better, but is very vague as to why.
Basically, I'm looking for a Doing this will keep $X kilobytes
permanently pinned in RAM (in the form of dentry and inode structs) and
$Y bytes in RAM or swap (in the form of file data
On Thu, 11 Nov 2010, Lennart Poettering wrote:
That way most distros would only have to install one getty implementation,
and can use it for both serial consoles and VCs.
Yes please.
Bonus points for anaconda configuring a working agetty login if the install
console was serial. That is, run
On Wed, 24 Nov 2010, Petr Lautrbach wrote:
- Many .spec files currently own subdirs of /var/run. These need to be
updated to %ghost those dirs only, so that the automatic removal of
these files/dirs on boot doesnt cause rpm to complain. The list of
packages
which own such
On Wed, 24 Nov 2010, Paul Howarth wrote:
This remark makes no sense? If they already needed ghosting, then the
mass-file should
be needed?
Files are directories are currently treated differently. The initscripts
clean out files from /var/lock and /var/run but leave directories alone.
So
On Wed, 24 Nov 2010, Lennart Poettering wrote:
BTW, regarding at and cron: what I was thinking of but never check
ehwther it is feasible is to make cron/at autostart a soon as some job
is scheduled. I.e. use .path trigger to check whether /etc/crontab and
user jobs exist, and start cron only
On Wed, 24 Nov 2010, Paul Howarth wrote:
Is that needed if the package init script deals with this already?
(eg xl2tpd will create /var/run/xl2tpd if it does not exist)
If the initscript already does it then that should be fine.
But Lennart prefers the tmpfiles.d approach as it's less
On Wed, 24 Nov 2010, Toshio Kuratomi wrote:
And when are the files and dirs created? Only when the system is
booted?
Yes.
But then after installing an package that requires files to be created
by tmpfiles.d the system needs to be rebooted before it can be used. Or
will rpm call something
On Mon, 29 Nov 2010, Toshio Kuratomi wrote:
* after a reboot, the application is able to startup and write to a directory
in /var/run and/or /var/lock.
All daemons should already be able to do that (meaning init scripts dealing
with non-existing directories)
* The sysadmin would like to be
On Tue, 30 Nov 2010, Tomasz Torcz wrote:
I would really like to avoid having THREE places to create directories
in /var/run and /var/lock, those being spec file, init scripts AND tmpfiles.d
Scratch the initscript. This would mean initscript would need to
contain multiple
On Tue, 14 Dec 2010, Tomasz Torcz wrote:
We saw it includes /dev, /dev/shm etc. Is there any *reasonable* need
to mount sysfs somewhere else than /sys. Or /dev with mode other than 755?
Those all directories are mounted _identically_ on every Linux distribution
down here. Why pollute fstab
On Tue, 14 Dec 2010, Tomasz Torcz wrote:
Of course administrator can temporary override:
mount /dev/shm -o remount, nosuid
Or even have it stick after reboot, by droping in /etc/systemd/system/
following unit definition¹:
No.
You either follow what is in /etc/fstab, or you disallow it
On Tue, 14 Dec 2010, Bill Nottingham wrote:
It probably should be relnoted, sure.
A relnote is not a substitute for proper documentation, logging and man pages.
Paul
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
This nonsense is still present in th el5 package. Can a provenpackager please
get
rid of it. Bug 522053 is even closed now
Paul
Preparing...### [100%]
1:tor-core ### [ 33%]
On Mon, 21 Mar 2011, Yin Qiu wrote:
Have fun with your GSoC project!
I'll briefly talk about my understanding about the idea. In the spirit of
dividing the project into separate pieces, I suggest the final deliverables
include:
1) a script to help repositories that reside on nfs or http
On Wed, 27 Apr 2011, Chuck Anderson wrote:
On Thu, Apr 28, 2011 at 02:59:09AM +0200, Reindl Harald wrote:
because the same hostname can have A and AAA records
and the people commonly use ping (sysadmins) must be
able to decide what they will test?
Use -4 -or -6 parameters if you care to
On Thu, 12 May 2011, Xose Vazquez Perez wrote:
On 03/19/2011 04:46 PM, Xose Vazquez Perez wrote:
Upstream maintainers believe 5.x is ready for distributions,
see thread:
http://gmplib.org/list-archives/gmp-discuss/2011-February/004526.html
5.0.1 was released ONE year ago, and no
On Fri, 17 Jun 2011, Evandro Giovanini wrote:
I'm not really sure I get what you're asking for here. GNOME 3 does have
the classic (Win95-like) design installed by default and all you have
to do is enable fallback mode in order to use it.
1) I was not aware of classic mode, it was clearly not
On Fri, 17 Jun 2011, Rahul Sundaram wrote:
GNOME 3 menu has categories in the right as well but in any case, the
common apps are in the dash and using a keyboard with a search as you
type interface isn't the same as using bash. Let us not be dramatic.
With Everything missing, most of it
On Tue, 5 Jul 2011, Misha Shnurapet wrote:
The backdoor payload is interesting. In response to a :) smiley face in the
FTP username, a TCP callback shell is attempted.
There is no obfuscation.
I have a question: how does that relate to our package building process, and
are GPG signatures
1 - 100 of 474 matches
Mail list logo