[gentoo-dev] remove USE flag ldap from profile desktop

2014-03-22 Thread Toralf Förster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 IMO it is the choice of users to opt in for LDAP, not to opt out for it. I'm convinced that the majority of Gentoo users does not need it per default. - -- MfG/Sincerely Toralf Förster pgp finger print:1A37 6F99 4A9D 026F 13E2 4DCF C4EA CDDE 0076

[gentoo-dev] Why is IUSE=hpn mandatory in openssh ?

2014-03-29 Thread Toralf Förster
corrections which are not included upstream. At least I'm wondering if the USE flag hpn should be enabled by the user explicitely - currently it is in IUSE already. - -- MfG/Sincerely Toralf Förster pgp finger print:1A37 6F99 4A9D 026F 13E2 4DCF C4EA CDDE 0076 E94E -BEGIN PGP SIGNATURE

Re: [gentoo-dev] Why is IUSE=hpn mandatory in openssh ?

2014-03-29 Thread Toralf Förster
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 03/29/2014 08:12 PM, Tom Wijsman wrote: On Sat, 29 Mar 2014 07:15:14 -0400 Alex Xu alex_y...@yahoo.ca wrote: On 29/03/14 06:07 AM, Toralf Förster wrote: WRT to but 504616 I'd like to address my questions made in https://bugs.gentoo.org

Re: [gentoo-dev] Why is IUSE=hpn mandatory in openssh ?

2014-03-31 Thread Toralf Förster
are good arguments to have HPN as a feature in openssh. And most of them now many years old and still open. That's an argument to rethink if HPN should be activated quietly. - -- MfG/Sincerely Toralf Förster pgp finger print:1A37 6F99 4A9D 026F 13E2 4DCF C4EA CDDE 0076 E94E -BEGIN PGP

Re: [gentoo-dev] Akamai secure memory allocator for OpenSSL?

2014-04-21 Thread Toralf Förster
On 04/14/2014 10:48 AM, Tiziano Müller wrote: Am 13.04.2014 22:42, schrieb Joshua Kinard: So one of the side-discussions happening after Heartbleed was the fact that OpenSSL has its own memory allocator code that effectively mitigates any C library-provided exploit mitigations (as discussed on

[gentoo-dev] /sys/fs/cgroup/openrc/???/tasks sometimes missing

2014-06-03 Thread Toralf Förster
If I boot a 32 bit stable Gentoo Linux as a user mode linux guest with current kernels (host is a 32 bit stable Gentoo too), then I do observe sometimes during the boot process error messages from the init system of Gentoo (OpenRC) like the following (for subsystem rngd in this example) : *

[gentoo-dev] why does net-misc/tor enables Log notice syslog ?

2014-09-06 Thread Toralf Förster
After a recent discussion at #tor an #gentoo-dev /me wonders if the syslog level of net-misc/tor should at least be changed from notice to warn -or better - be fully unset like upstream does it ? -- Toralf pgp key: 0076 E94E

Re: [gentoo-dev] why does net-misc/tor enables Log notice syslog ?

2014-09-06 Thread Toralf Förster
On 09/06/2014 01:57 PM, Anthony G. Basile wrote: On 09/06/14 06:44, Toralf Förster wrote: After a recent discussion at #tor an #gentoo-dev /me wonders if the syslog level of net-misc/tor should at least be changed from notice to warn -or better - be fully unset like upstream does it ? I can

[gentoo-dev] how to use spare server resources

2014-10-29 Thread Toralf Förster
I own a dedicated server (i-3770, 4 real + 4 HT cores w/ 3.4 GHz) with 16 GB RAM and 2 x 3 TB hard disk, 1 GBit/s network. Currently 7.6 cpus do run idle at 1.6 GHz (cpu governor ondemand), 10 GB RAM are unused and 4.5 TB disk are not even allocated. It might be that I oversized it for the

Re: [gentoo-dev] how to use spare server resources

2014-10-30 Thread Toralf Förster
On 10/30/2014 11:19 AM, Luca Barbato wrote: On 29/10/14 19:03, Toralf Förster wrote: I own a dedicated server (i-3770, 4 real + 4 HT cores w/ 3.4 GHz) with 16 GB RAM and 2 x 3 TB hard disk, 1 GBit/s network. Currently 7.6 cpus do run idle at 1.6 GHz (cpu governor ondemand), 10 GB RAM

[gentoo-dev] [PATCH] pym/portage/news.py: let slackers copy+paste the news read command

2015-02-02 Thread Toralf Förster
Signed-off-by: Toralf Förster toralf.foers...@gmx.de --- pym/portage/news.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pym/portage/news.py b/pym/portage/news.py index 2c45f85..ec10feb 100644 --- a/pym/portage/news.py +++ b/pym/portage/news.py @@ -421,5 +421,5 @@ def

[gentoo-dev] [PATCH] pym/portage/news.py: let slackers copy+paste the news read command

2015-01-29 Thread Toralf Förster
Signed-off-by: Toralf Förster toralf.foers...@gmx.de --- pym/portage/news.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pym/portage/news.py b/pym/portage/news.py index 2c45f85..c5aa2b5 100644 --- a/pym/portage/news.py +++ b/pym/portage/news.py @@ -421,5 +421,5 @@ def

Re: [gentoo-dev] [PATCH] pym/portage/news.py: let slackers copy+paste the news read command

2015-01-31 Thread Toralf Förster
On 01/30/2015 12:55 PM, Bob Wya wrote: A timely idea when a Gentoo user has already been caught out by the CPU flags move. Nice one! indeed ... -- Toralf pgp key: 7B1A 07F4 EC82 0F90 D4C2 8936 872A E508 0076 E94E

Re: [gentoo-dev] Automatic Bug Assignment

2016-02-06 Thread Toralf Förster
On 02/06/2016 10:35 AM, Andrew Savchenko wrote: > Automation can go further: if there are multiple maintainers, > assign bug to the first one and CC others. Which is exactly what I'm doing in my tinderbox: # get assignee and cc, GLEP 67 simplifies it # m=$(equery --no-color meta -m $curr

Re: [gentoo-dev] libressl: proposing a new project and calling for help

2016-02-16 Thread Toralf Förster
Anthony G. Basile: > Before I put up a project page, can I ask who is interested in this? > If I can help with my tinderbox [1] - I'd appreciate it. [1] http://www.zwiebeltoralf.de/tinderbox/index.html -- Toralf PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7

Re: [gentoo-dev] Revisions for USE flag changes

2017-08-12 Thread Toralf Förster
On 08/12/2017 11:57 AM, Michael Orlitzky wrote: > There is no single example. Things only get simpler if *all* USE changes > come with a new revision. IMO every significant(*) change should yield into a revision bump. (*) == comments and echo arguments changes are not significantly, all others

[gentoo-dev] default entries for ALSA_CARDS, INPUT_DEVICES and VIDEO_CARDS

2017-08-13 Thread Toralf Förster
I do currently hard coded this for make.conf for every chroot imageat the tinderbox [1]: ALSA_CARDS="hda-intel" INPUT_DEVICES="evdev libinput" VIDEO_CARDS="intel" I think it is time to enhance that entries to vary it a little bit more and/or to leave it blank.Any suggestions ? [1]

Re: [gentoo-dev] libressl blocker

2017-08-02 Thread Toralf Förster
On 08/02/2017 05:55 PM, James Cloos wrote: > Bug 626298 should block 561854 (the LibreSSL tracker). > > Could someone with the required perms mark it so? > > Thanks, > > -JimC Done, next time just ask the bug reporter (hint:: it's me ;) ) -- Toralf PGP 23217DA7 9B888F45 signature.asc

Re: [gentoo-dev] default entries for ALSA_CARDS, INPUT_DEVICES and VIDEO_CARDS

2017-08-18 Thread Toralf Förster
On 08/18/2017 09:47 AM, Andrew Savchenko wrote: > If yes, such testing will be quite useful, if no, it will give > false failures. woops, good point,so I removed them entirely for now form the make.conf. -- Toralf PGP 23217DA7 9B888F45 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] RFC: news item for the 17.0 profiles

2017-10-09 Thread Toralf Förster
On 10/09/2017 11:40 PM, Pacho Ramos wrote: > Could anyone with enough knowledge finally give a look to the patched vapier s/patched/patches/ or ? :-) -- Toralf PGP 23217DA7 9B888F45 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] RFC: news item for the 17.0 profiles

2017-11-29 Thread Toralf Förster
On 10/10/2017 11:27 PM, Nils Freydank wrote: > It looks to me as there isn’t any emtytree world rebuild necessary, as long > as > someone comes from hardened with PIE enabled. Furthermore I do wonder if even rebuilding GCC is necessary - except for changed USE flags - for a hardened user

Re: [gentoo-dev] Gentoo-dev whitelisting

2018-05-13 Thread Toralf Förster
On 05/13/2018 08:57 PM, Alec Warner wrote: > Dear Gentoo Community, > > Gentoo-dev whitelisting[1][2] is nearly ready for deployment. The new > posting guidelines to post on gentoo-dev@lists.gentoo.org >  the following: > >  - You must be a member of the list to

Re: [gentoo-dev] Dropping stable USE flags for 4.14

2017-12-29 Thread Toralf Förster
On 12/29/2017 02:58 PM, Alice Ferrazzi wrote: > While not all issues are present in gentoo-sources-4.14.8-r1 we are > concerned about the current stability/quality of the 4.14.x branch in 4.14.9 prevents both my desktop and my server from being boot, hangs very early in the process before dmesg

Re: [gentoo-dev] Masking 4.12

2017-12-30 Thread Toralf Förster
On 12/30/2017 07:52 AM, Alice Ferrazzi wrote: > Hello, > > We recently dropped the stable keywords for 4.14, > but 4.12 (the next stable in gentoo-sources) is no more > maintained from upstream. > > The last update that 4.12 got from upstream was 2017-09-20, > and upstream is no more backporting

Re: [gentoo-dev] SAT-based dependency solver: request for test cases

2018-02-08 Thread Toralf Förster
On 02/06/2018 11:52 AM, Michael Lienhardt wrote: > > To help, you can send us the tar generated by this bash script: > https://raw.githubusercontent.com/HyVar/gentoo_to_mspl/master/benchmarks/get_installation.sh > > This bash script extracts your world file, the USE flags and keywords >

[gentoo-dev] I broke my IRC config in KDE konversation

2018-07-27 Thread Toralf Förster
and I'm too stupid to fix it quickly. For any important things pls just email me. Thx. -- Toralf PGP 23217DA7 9B888F45 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [PATCH] systemd.eclass: set BDEPEND for EAPI 7

2018-08-06 Thread Toralf Förster
On 08/06/2018 10:09 PM, Alec Warner wrote: > > They do not even do so by convention; there are numerous EAPIs in the > wild that are non-numeric. Then this line if [[ ${EAPI} == [0123456] ]]; then is a short-term solution, right? -- Toralf PGP 23217DA7 9B888F45 signature.asc

Re: [gentoo-dev] News Item: Portage rsync hardlink support

2018-07-08 Thread Toralf Förster
On 07/08/2018 08:08 AM, Zac Medico wrote: > Please review. > > Title: Portage rsync hardlink support > Author: Zac Medico > Posted: 2018-07-11 > Revision: 1 > News-Item-Format: 2.0 > Display-If-Installed: sys-apps/portage > IMO there's another heads-up for users having an unsual configuration:

Re: [gentoo-dev] Regarding the State of PaX in the tree

2018-04-16 Thread Toralf Förster
On 04/16/2018 11:14 AM, Hanno Böck wrote: > There's also another question related to this: What's the future for > Gentoo hardened? > From what I can tell hardened consists of: > * the things that try to make it compatible with grsec/pax > (more or less obsolete). > * things that are now in

Re: [gentoo-dev] things becoming better and better

2018-03-20 Thread Toralf Förster
On 03/19/2018 08:07 PM, M. J. Everitt wrote: > Hopefully, moving forward there will be less > human effort required to extend and maintain the tree of packages on > which we depend, and together with QA, huge strides forward are being > made to achieve this end. Indeed, automation of QA and

[gentoo-dev] things becoming better and better

2018-03-19 Thread Toralf Förster
honestly. When I started with my tinderbox 2 or 3 years ago I had often a fair amount of manual work to made to get an image up and running - moslty tweaking USE flags to get blockers being solved. This yielded into a growing list of fixed USE flags settings for certain packages. But over the

Re: [gentoo-dev] [RFC] adding more entries to profiles/info_pkgs

2018-12-16 Thread Toralf Förster
On 12/15/18 3:00 AM, Georgy Yakovlev wrote: > that should be enough to provide a bit more to initial information without > going crazy and clobbering output too much. > > Thoughts? At least for the tinderbox image issues I was asked by devs in the past to include bits for the following software

Re: [gentoo-dev] rfc: cron.* and modern cron implementations

2019-03-03 Thread Toralf Förster
On 3/3/19 1:05 AM, William Hubbs wrote: > /etc/cron.{hourly,daily,weekly,monthly} structure to run repeating cron jobs? I'm not 100% but IMO for a desktop this seems works whereas @daily or @weekly in crontab works only for systems running 24h per day, isn't it? -- Toralf PGP 23217DA7 9B888F45

Re: [gentoo-dev] [News item review] amd64 17.1 profiles are now stable

2019-05-19 Thread Toralf Förster
On 5/19/19 8:59 AM, Michał Górny wrote: > This item will be published along with > the profiles being marked stable, and the old one will be removed. Does the stage3 files use the new profile asap after stabilising the profile? /me just wonders about the impact at my setup script of tinderbox

Re: [gentoo-dev] Output of ANSI escape sequences in ebuilds

2019-12-14 Thread Toralf Förster
On 12/14/19 8:16 AM, Ulrich Mueller wrote: > These prevent NOCOLOR in make.conf or emerge --color=n from working > correctly, and I guess they are also problematic from an accessibility > point of view. +1 Good idea Ulrich ! The SGR control sequences are annoying in script based grepping of

Re: [gentoo-dev] Vanilla sources

2020-01-03 Thread Toralf Förster
On 1/3/20 3:37 PM, Michael Orlitzky wrote: > The gentoo-sources aren't 100% safe either, but the exploitable scenario > is less common thanks to fs.protected_{hardlinks,symlinks}=1. But this can be easily achieved w/o installing gentoo-sources, or? -- Toralf PGP 23217DA7 9B888F45

Re: [gentoo-dev] Vanilla sources

2020-01-03 Thread Toralf Förster
On 1/3/20 3:46 PM, Rich Freeman wrote: > If OpenRC contains a vulnerability wouldn't it make more sense to set > this as part of OpenRC, Indeed. Furthermore there's a nifty page https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings which yields for me to this

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-04-26 Thread Toralf Förster
On 4/26/20 10:08 AM, Michał Górny wrote: > . This > involves accepting a privacy policy and setting up a cronjob. The tool > would suggest a (random?) time for submission to take place periodically > (say, every week). Well, something like "@weekly" should be preferred over eg "42 23 * * *" b/c

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-04-26 Thread Toralf Förster
On 4/26/20 11:09 AM, Ulrich Mueller wrote: > Instead of using the IP address, you could generate a UUID when > installing the tool. like the pfl tool did ? -- Toralf PGP 23217DA7 9B888F45 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-04-26 Thread Toralf Förster
On 4/26/20 12:25 PM, Michał Górny wrote: > On Sun, 2020-04-26 at 12:15 +0200, Toralf Förster wrote: >> On 4/26/20 10:52 AM, Michał Górny wrote: >>> Do you have any other idea for spam protection then? >> >> IMO there're 2 types of spam: >> >> 1. made by

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-04-26 Thread Toralf Förster
On 4/26/20 10:52 AM, Michał Górny wrote: > Do you have any other idea for spam protection then? IMO there're 2 types of spam: 1. made by accident (eg. "* * * * *" instead "@weekly" in crontab) 2. made intentionlly The 1st can be handled by UUID - just drop any old related dataset from inbox

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-05-05 Thread Toralf Förster
On 5/5/20 10:26 PM, Daniel Pielmeier wrote: > Actually the maintainer decided to continue the project. > The code is now hosted at Github [1]. > The site moved to a new server and the upload is working again. > > [1] https://github.com/portagefilelist > > -- > Best regards > Daniel Indeed -

Re: [gentoo-dev] [RFC] Ideas for gentoostats implementation

2020-05-05 Thread Toralf Förster
On 4/26/20 10:08 AM, Michał Górny wrote: > I don't think we really want to try to investigate > which files are actually used but focus on what's installed. Hi, I do wonder if the http://www.portagefilelist.de/site/start (package app-portage/pfl) would be part of that or not? The maintainer of

[gentoo-dev] reduce load of tinderox' bug reprots to bugs.gentoo.org

2020-03-22 Thread Toralf Förster
I was asked about possible changes of the way how tinderbox detected bugs shall be filed, eg. to reduce the amount of attached files. There were ideas to store eg. logs et al at AWS s3 and use b.g.o. only for the bug report itself. I started with the tinderbox being a 1-liner serving my

Re: [gentoo-dev] [RFC] Anti-spam for goose

2020-05-21 Thread Toralf Förster
On 5/21/20 10:47 AM, Michał Górny wrote: > TL;DR: I'm looking for opinions on how to protect goose from spam, > i.e. mass fake submissions. > I'd combine IP-limits with proof-of-work. CAPTCHA should be the very last option IMO. -- Toralf PGP 23217DA7 9B888F45 signature.asc Description:

Re: [gentoo-dev] [RFC] Anti-spam for goose

2020-05-21 Thread Toralf Förster
On 5/21/20 11:43 AM, Michał Górny wrote: > On Thu, 2020-05-21 at 11:17 +0200, Toralf Förster wrote: >> On 5/21/20 10:47 AM, Michał Górny wrote: >>> TL;DR: I'm looking for opinions on how to protect goose from spam, >>> i.e. mass fake submissions. >>> >> &

Re: [gentoo-dev] How to stabilize packages with frequent release cycles?

2020-09-15 Thread Toralf Förster
On 9/15/20 8:42 AM, Michał Górny wrote: > Do you have any suggestions how we could improve this? A (naive) approach would be to have something like auto_stable_after_x_days=n somewhere and a bot which checks whether a bug was opened related to the last version. However this doesn't cover bugs

Re: [gentoo-dev] newsitem: k8s split packages returning

2020-10-04 Thread Toralf Förster
On 10/4/20 12:11 AM, William Hubbs wrote: And either the enw Thunderbirds GPG sucks or your key does not match the sender name :-( -- Toralf PGP 23217DA7 9B888F45

Re: [gentoo-dev] Value of Continuous integration vs Code Review / Pull Requests

2020-05-27 Thread Toralf Förster
On 5/27/20 2:16 PM, Thomas Deutschmann wrote: > The problem when doing review on Github > for me is, that we usually create new revisions. Therefore we don't see > what's changed in new revision versus previous revision. That's my main concern with the current behaviour: a "git diff" often

Re: [gentoo-dev] xorg-x11 RDEPEND changes without revisions

2020-08-07 Thread Toralf Förster
On 8/7/20 8:25 PM, Michael Orlitzky wrote: > > I have too many other things to do to waste time reverse-engineering > these fuck-ups. Get it together. I'm just curious if you refer to commit d8c442ba8 - b/c that was made by someone at Wed Oct 16 19:41:02 2019 + and I do wonder why nobody

[gentoo-dev] Re: Add commit to pull request

2020-06-21 Thread Toralf Förster
On 6/21/20 6:48 PM, Samuel Bernardo wrote: > Is it possible to add the commit to that pull request or I need to open > a new pull request? yes > I already try to get help in gentoo-dev channel but I haven't voice there... ask in #git :-) -- Toralf PGP 23217DA7 9B888F45 signature.asc

[gentoo-dev] Re: Add commit to pull request

2020-06-21 Thread Toralf Förster
On 6/21/20 6:49 PM, Toralf Förster wrote: > On 6/21/20 6:48 PM, Samuel Bernardo wrote: >> Is it possible to add the commit to that pull request or I need to open >> a new pull request? > yes > , you can add additional material to the same commit. It will be automatica

Re: [gentoo-dev] Bug #733802, USE 'scp' now defaults to off in net-misc/openssh

2020-07-26 Thread Toralf Förster
On 7/26/20 2:05 AM, Rich Freeman wrote: > The two appropriate ways to communicate something like this are > einfo/ewarn/etc or news. Never hurts to use news. Ideally I'd point > to a substitute, and I'd suggest one myself if I were aware of one... ewarn please, einfo is too weak -- Toralf PGP

Re: [gentoo-dev] [RFC] Discontinuing LibreSSL support?

2020-12-29 Thread Toralf Förster
On 12/29/20 1:23 PM, Michał Górny wrote: 2. Stuff that builds just fine but fails at runtime in unpredictable ways (e.g. Tor mentioned today). FWIW that's exactly what I do suffer from at my Tor relays. Beside that a naive question: Wouldn't it be siufficient to just have/keep the libressl

Re: [gentoo-dev] [RFC] Discontinuing LibreSSL support?

2020-12-29 Thread Toralf Förster
On 12/29/20 2:57 PM, m1027 wrote: - removing libressl, installing openssl, maybe wget then, followed by the rest? remove is sufficient b/c emerge then immediately advices a @preserved-rebuild - at least that's the way it works here at the tinderbox (in the opposite direction FWIW) --

Re: [gentoo-dev] [RFC] Discontinuing LibreSSL support?

2020-12-29 Thread Toralf Förster
On 12/29/20 7:15 PM, Michał Górny wrote: I'm not sure if you meant it but it reads as if you were talking about removing the package. This is incorrect. You need to disable the USE flag and then --changed-use (or --newuse) rebuild everything with the flag. If the depgraph is clean, emerge

Re: [gentoo-dev] [RFC] Discontinuing LibreSSL support?

2020-12-29 Thread Toralf Förster
On 12/29/20 7:10 PM, m1027 wrote: toralf: On 12/29/20 2:57 PM, m1027 wrote: - removing libressl, installing openssl, maybe wget then, followed by the rest? remove is sufficient b/c emerge then immediately advices a @preserved-rebuild - at least that's the way it works here at the

Re: [gentoo-dev] Incoming >=sys-libs/timezone-data-2020d[zic-slim] breakage

2020-10-29 Thread Toralf Förster
On 10/29/20 10:14 AM, Sergei Trofimovich wrote: You can enable new default explicitly with USE=zic-slim switch. will do it here at the tinderbox -- Toralf PGP 23217DA7 9B888F45 OpenPGP_0x23217DA79B888F45.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP

Re: [gentoo-dev] [RFC] Discontinuing LibreSSL support?

2020-12-28 Thread Toralf Förster
On 12/28/20 8:55 PM, Michał Górny wrote: I might be wrong but I think the update should proceed cleanly with --changed-use/--newuse. Maybe it is worth to tell people within the news item to run sth like emerge --fetchonly dev-libs/openssl net-misc/openssh net-misc/wget before (to have at

Re: [gentoo-dev] [News review v2] LibreSSL support discontinued

2021-01-04 Thread Toralf Förster
On 1/4/21 2:39 PM, Oliver Smeeton wrote: You may want to update the Project:LibreSSL page to reflect the decision to drop support for libressl, IMO this is up to the project members only, or ? -- Toralf PGP 23217DA7 9B888F45 OpenPGP_signature

Re: [gentoo-dev] [News item review] Python preference to follow PYTHON_TARGETS

2021-01-24 Thread Toralf Förster
On 1/24/21 1:21 PM, Michał Górny wrote: Please review the news item inlined below. What about a tl;dr line explaining whether dev-lang/python-exec is optionally or mandatory -or better said - if/which user action is expected? -- Toralf PGP 23217DA7 9B888F45 OpenPGP_signature Description: