Bug#680225: libjack-jackd2-0 conflicts with libjack0
On Wed, Jul 4, 2012 at 3:36 PM, Thorsten Glaser t...@mirbsd.de wrote: Package: libjack-jackd2-0 Severity: important Justification: release goal Multi-Arch Hi, libjack-jackd2-0 conflicts with libjack0, which is a bit unfortunate, as some things depend on either; waldi suggested to either take over the binary package if it’s the same lib, or use a different library name / ABI name and not conflict. ia32-libs wants libjack0 gstreamer0.10-plugins-good wants libjack-jackd2-0 and is wanted by opera at least (on a coworker’s PC) Unless they require special features from either jackd1 or jackd2 (which I cannot imagine), both packages should be changed to reproduce the dependencies as instructed by libjackd0's shlibs file: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/jack-audio-connection-kit.git;a=blob_plain;f=debian/libjack0.shlibs;h=58c97ec41bce64e6e399b1e8585b2a9ecf5e3f2e;hb=HEAD I.e.: libjack 0 libjack-jackd2-0 (= 1.9.5~dfsg-14) | libjack-0.116 -- regards, Reinhard ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#680101: mpg123: writing wav to stdout still works ugly
Am Wed, 4 Jul 2012 14:25:56 +0400 schrieb dimas dimas...@ya.ru: well, in my case: 14:19:03 186 ~/downloads/music/Sword/1986 Metalized$ /usr/bin/mpg123 -q -w /dev/stdout 01.mp3 | file - Ah, everyday I learn something new. I did not know that there is a difference for a program between $ prog output and $prog | otherprog output In the former case, stdout is seekable (as it's a file), in the latter, it is not (as it's a pipe). Now, thinking about it, it's obvious. The shell opens the output file and maps the file descriptor to stdout of the child. Et voilá, you got seekable stdout. Now, back to the issue. I am getting angry about this. What triggers here is the attempt of mpg123 to deal with a full disk; code which tries to deal with http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=67259 . It is actually non-trivial to handle out-of-disk well when using buffered I/O (C stdio). There is a test if at least one byte can be written at the beginning, combined with a seek to overwrite it again. I have to think hard why I did this. This is not necessary. Writing the header is test enough. Ah! No, for raw CD audio (cdr) writing, there is no header. Well, frick this ... I will remove the test with the single byte. This will fix this bug here by reverting to old behaviour. Only concession to bug 67259 is catching out-of-disk while writing WAV/AU header and informing at the end if out-of-disk condition prevented full output. I hope that makes everyone reasonably happy. Except me: I should just have ignored bug 67259. Two regressions with one attempt at fixing a not-really-fixable bug. That sucks. And: Looking for possible aliases for stdout won't happen. It will be treated just like any other file (in the case of a pipe, a non-seekable one). I will also clear up the situation about changing input format and WAV writing for the next release (at least document it). This stuff will part of mpg123 1.15.0, not a new 1.14.x release, as I am explicitly changing functionality (even if it is only a single byte write). Test with http://mpg123.org/snapshot --- does that work with dir2ogg? Alrighty then, Thomas -- Thomas Orgis - Source Mage GNU/Linux Developer (http://www.sourcemage.org) OrgisNetzOrganisation ---)=- http://orgis.org GPG public key D446D524: http://thomas.orgis.org/public_key Fingerprint: 7236 3885 A742 B736 E0C8 9721 9B4C 52BC D446 D524 signature.asc Description: PGP signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: bits from the DPL: June 2012
Hi Stefano, Am 04.07.2012 17:06, schrieb Stefano Zacchiroli: On the other hand, what I wonder is whether we really need to get to that level of detail in the release note. Communication wise, it doesn't seem particularly appealing to me. How about mentioning the use cases (e.g. encoding/decoding music for common portable music players, encoding video for $kind_of_hardware, etc. --- I don't know what the use cases actually are, but you surely know better on that front)? I think that could be more appealing for release notes readers. I see your point, the paragraph is indeed very technical and detailed. But it was my intention to use all these buzz words. All the use cases were already addressed before. You could rip your CDs in Debian (to e.g. Vorbis or FLAC) and convert the audio files into a format suitable for your media player (really? maybe only MP2 then). But now we have lame and we have MP3, that makes a big difference. Similarly, you could get video data from your DVDs and store the movies in e.g. Theora or Dirac format. But now we have x264 and xvidcore, which again makes a difference. We did have vlc and mencoder before. But now they are fully feature-enabled. Do a search for debian mencoder in google. Everybody and his dog seem to believe that we either do not have this package in Debian or that it's crippled and recommends installing it from d-m.o. That's why I ecplicitely mentioned these packages and codecs in the paragraph. Bye, - Fabian ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Please review my package
Hello, I have created package for qemplayer http://mentors.debian.net/package/qemplayer ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-07-05 10:47, wbrana wrote: Hello, I have created package for qemplayer maybe i missed that bit, but i think it would be polite if you introduced yourself and expressed your willingness to work with p-m-m as a team, before throwing a dry review-request on us, without even caring to explain what that package is for. fgmasdr IOhanns -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/1XRkACgkQkX2Xpv6ydvTCGACePKsFJgl5ODDqX3sCMkSCS5dV tmIAniLRrVfWbmalCyiBh7tYFwMyRCpd =kkbn -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
On Thu, Jul 05, 2012 at 11:23:44AM +0200, IOhannes m zmoelnig wrote: maybe i missed that bit, but i think it would be polite if you introduced yourself and expressed your willingness to work with p-m-m as a team, before throwing a dry review-request on us, without even caring to explain what that package is for. Same thought here ;-) Cheers! -- Matteo F. Vescovi Debian Maintainer GnuPG KeyID: 83B2CF7A ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
On Thu, Jul 5, 2012 at 11:23 AM, IOhannes m zmoelnig zmoel...@iem.at wrote: maybe i missed that bit, but i think it would be polite if you introduced yourself and expressed your willingness to work with p-m-m as a team, before throwing a dry review-request on us, without even caring to explain what that package is for. Sorry. I'm William Brana and I will work with p-m-m as a team. qemplayer is file-manager-like GUI front-end to MPlayer ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-07-05 10:47, wbrana wrote: Hello, I have created package for qemplayer great that you want to contribute. http://mentors.debian.net/package/qemplayer no real review (and i'm no DD, so i cannot upload anyhow) but a few remarks (without even attempting to build the package): - - you have Debian Multimedia Maintainers set as the maintainer. p-m-m has a few rules, on how packaging is done. e.g., all the pacakging in a git repository hosted at git.debian.org (you need to become team member, if you want to use that infrastructure) before submitting packages to d-m-m you should definitely read the team's packaging guidelines [1]. - - the version is 12.5-1.1, indicating a non-maintainer upload (which you also state in the changelog). even though you are not an official Debian Maintainer, you (or d-m-m as a team) is the maintainer of the package. you, personally, will never do a non-maintainer upload (or rather: you will no _exactly_ what non-maintainer upload means long before you will do one) - - the long description of the binary-package is weirdly formatted and rather short. - - please use a machine-parseable debian/copyright, using DEP-5 [2] format - - why are you setting setuid permissions in the postinst script? this is a security hazard (and if you do it to gain realtime priviliges, then it is no-longer needed and deprecated for a while, in favour of pam_limits) - - try to make your package lintian clean, by providing manpages, building with fortification flags and removing .sh suffix in /usr/bin. - - any specific reason why you build your own debian/rules file in stead of using shortform dh or cdbs? fgmasdr IOhannes [1] http://wiki.debian.org/DebianMultimedia/DevelopPackaging [2] http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/1Y9QACgkQkX2Xpv6ydvTBygCfVBOuEXxyS/3jQXztWKU/5hgW DZUAoNVBQNBCHcnYdWuzK7rgNfv92ij+ =9I0y -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-07-05 11:52, IOhannes m zmoelnig wrote: On 2012-07-05 10:47, wbrana wrote: - you have Debian Multimedia Maintainers set as the maintainer. p-m-m has a few rules, on how packaging is done. e.g., all the pacakging in a git repository hosted at git.debian.org (you need to become team member, if you want to use that infrastructure) obviously i rephrased this paragraph and (the little that is left of my english) syntax went missing... anyhow:the d-m-m team uses git to do the packaging. you should consider doing the same. - please use a machine-parseable debian/copyright, using DEP-5 [2] format and of course the debian/copyright as it is lacks all the necessary information. what is the license of the upstream package? (the fact that there is a COPYING files in the upstream code is _not_ enough; you must make the licenseS (there might be more) explicit in debian/copyright) who are the upstream copyright holders? you claim copyright for yourself, but nobody knows which files are covered by your copyright. the first file i inspected a bit closer (./gch.py) is Copyright 2006 Tim Blechmann, who afaik is not you. ./ebuild is Copyright 1999-2012 Gentoo Foundation which is not you either. if you have contact with upstream, you might convince them to add proper copyright information in all the source files. fgamsr IOhannes -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/1Zw4ACgkQkX2Xpv6ydvQNngCgxsoHwmoNEBXyO9BW2AqDp2Zm xawAniMjMG2qcgxPBjnCSRqh9IQxb8an =3r0i -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#594474: marked as done (mplayer: -vo fbdev: image displayed with an offset of 16 pixels in y direction)
Your message dated Thu, 05 Jul 2012 13:35:57 +0300 with message-id 84sjd6xzoy@sauna.l.org and subject line #594474 mplayer: -vo fbdev: image displayed with an offset of 16 pixels in y direction has caused the Debian Bug report #594474, regarding mplayer: -vo fbdev: image displayed with an offset of 16 pixels in y direction to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 594474: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594474 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: mplayer Version: 2:1.0~rc4~try1.dsfg1-1 Severity: normal Steps to reproduce: 1) run the tests on openmoko freerunner with no X server running 2) wget http://lindi.iki.fi/lindi/theora/1050_Lightning_talk_Redirecting_require_rot90.ogv 3) sudo sh -c 'echo qvga-normal /sys/devices/platform/s3c2440-i2c/i2c-adapter/i2c-0/0-0073/pcf50633-regltr.9/glamo3362.0/glamo-spi-gpio.0/spi2.0/state' 4) make sure /etc/fb.modes has mode 240x320 geometry 240 420 240 320 16 timings 10 8 88 2 2 8 2 accel false endmode 5) sudo fbset 240x320 6) mplayer -nosound -framedrop -vo fbdev -nocorrect-pts 1050_Lightning_talk_Redirecting_require_rot90.ogv Expected results: 6) upper left pixel of the video is shown at (0,0) Actual results: 6) upper left pixel of the video is shown at (0,16) http://lindi.iki.fi/lindi/theora/1050_Lightning_talk_Redirecting_require_rot90.png More info: 1) This bug does not occur with 2:1.0~rc3++final.dfsg1-1. 2) I tried to compensate this with -geometry 0:-16 but that causes MPlayer interrupted by signal 11 in module: filter_video. 3) This also occurs with -vo fbdev2 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: armel (armv4tl) Kernel: Linux 2.6.29-GTA02_lindi2-andy-tracking-mokodev Locale: LANG=C, LC_CTYPE=fi_FI (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Versions of packages mplayer depends on: ii libaa1 1.4p5-38 ascii art library ii libasound2 1.0.23-1 shared library for ALSA applicatio ii libaudio2 1.9.2-3 Network Audio System - shared libr ii libavcodec52 4:0.6-2 ffmpeg codec library ii libavformat52 4:0.6-2 ffmpeg file format library ii libavutil504:0.6-2 ffmpeg utility library ii libbz2-1.0 1.0.5-4 high-quality block-sorting file co ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libcaca0 0.99.beta17-1 colour ASCII art library ii libcdparanoia0 3.10.2+debian-9 audio extraction tool for sampling ii libdca00.0.5-3 decoding library for DTS Coherent ii libdirectfb-1.2-9 1.2.10.0-4direct frame buffer graphics - sha ii libdvdnav4 4.1.3-7 DVD navigation library ii libdvdread44.1.3-10 library for reading DVDs ii libenca0 1.13-3Extremely Naive Charset Analyser - ii libesd00.2.41-7 Enlightened Sound Daemon - Shared ii libfontconfig1 2.8.0-2.1 generic font configuration library ii libfreetype6 2.4.2-1 FreeType 2 font engine, shared lib ii libfribidi00.19.2-1 Free Implementation of the Unicode ii libgcc11:4.4.4-9 GCC support library ii libgif44.1.6-9 library for GIF images (library) ii libgl1-mesa-glx [libgl 7.7.1-4 A free implementation of the OpenG ii libgsm11.0.13-3 Shared libraries for GSM speech co ii libjack0 [libjack-0.11 1:0.118+svn3796-7 JACK Audio Connection Kit (librari ii libjpeg62 6b1-1 The Independent JPEG Group's JPEG ii liblircclient0 0.8.3-5+b1infra-red remote control support - ii liblzo2-2 2.03-2data compression library ii libncurses55.7+20100313-2shared libraries for terminal hand ii libogg01.2.0~dfsg-1 Ogg bitstream library ii libopenal1 1:1.12.854-2 Software implementation of the Ope ii libopenjpeg2 1.3+dfsg-4JPEG 2000 image compression/decomp ii libpng12-0 1.2.44-1 PNG library - runtime ii libpostproc51 4:0.6-2 ffmpeg video postprocessing librar ii libpulse0 0.9.21-3 PulseAudio client libraries ii librtmp0 2.3-2
hello
My name is bintu,i am woman. i am interest on you in relationship so that is why i delighted to contact you,i am honest and caring woman,please contact me if u are interested. From bintu___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Please review my package
I fixed most things and updated mentor's repository. Please check. - - the version is 12.5-1.1, indicating a non-maintainer upload (which you also state in the changelog). even though you are not an official Debian Maintainer, you (or d-m-m as a team) is the maintainer of the package. you, personally, will never do a non-maintainer upload (or rather: you will no _exactly_ what non-maintainer upload means long before you will do one) should be fixed - - the long description of the binary-package is weirdly formatted and rather short. should be fixed - - please use a machine-parseable debian/copyright, using DEP-5 [2] format should be fixed - - why are you setting setuid permissions in the postinst script? this is a security hazard (and if you do it to gain realtime priviliges, then it is no-longer needed and deprecated for a while, in favour of pam_limits) mplayer_nice changes nice to -20 and id to id of user. There shouldn't be security hazard as it refuses to run MPlayer as root I will check if it is possible to use nice -20 with pam_limits. - - try to make your package lintian clean, by providing manpages, building with fortification flags and removing .sh suffix in /usr/bin. I tried, but following warning remained W hardening-no-fortify-functions usr/bin/qemplayer I added following compiler flags, but it didn't help. Do you know how to fix it? cxxflags+='-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security' ldflags+='-Wl,-z,relro' cppflags+='-D_FORTIFY_SOURCE=2' - - any specific reason why you build your own debian/rules file in stead of using shortform dh or cdbs? It didn't work. Empty package was created. obviously i rephrased this paragraph and (the little that is left of my english) syntax went missing... anyhow:the d-m-m team uses git to do the packaging. you should consider doing the same. I will use git when I will have access to repository and of course the debian/copyright as it is lacks all the necessary information. what is the license of the upstream package? (the fact that there is a COPYING files in the upstream code is _not_ enough; you must make the licenseS (there might be more) explicit in debian/copyright) who are the upstream copyright holders? you claim copyright for yourself, but nobody knows which files are covered by your copyright. the first file i inspected a bit closer (./gch.py) is Copyright 2006 Tim Blechmann, who afaik is not you. ./ebuild is Copyright 1999-2012 Gentoo Foundation which is not you either. should be fixed if you have contact with upstream, you might convince them to add proper copyright information in all the source files. Isn't debian/copyright enough? Some source would be probably broken if I add copyright information e.g. XML files. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#664523: Bugfix patch
Hello Alessio Thank you for your response. With version 1.6.2~ds1-1, this problem still exists. The following was done: - start lives - Choose Jack als Audio-Player verwenden (in english: choose Jack as audio-player) - lives gives the following message: Unable to connect to pulse audio server. and exit I don't have installed Pulse Audio on my system. Only Jack. Best regards and have a nice weekend Bernhard Am 04.07.2012 10:16, schrieb Alessio Treglia: tags 664523 moreinfo thanks Hi Bernhard, could you please check if this is still reproducible with the latest upstream release available in unstable? Thanks in advance, cheers. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
On 12-07-05 at 03:49pm, wbrana wrote: I added following compiler flags, but it didn't help. Do you know how to fix it? cxxflags+='-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security' ldflags+='-Wl,-z,relro' cppflags+='-D_FORTIFY_SOURCE=2' It looks like you are mixing make and shell syntax above. Depending on the context, strings shouldn't be quoted, or = should be used instead of +=. Also, more juggling may be necessary to get the build framework to use the compile flags you pass it. Inspect the build log to see what build flags are actually passed on to gcc, g++ and cpp. If build flags are hidden in build logs, then you need to juggle with other flags to tell the build framework to not be so silent: Generally Debian builds should be noisy! Hope that helps, - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: Digital signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
unicap 0.9.12-2 MIGRATED to testing
FYI: The status of the unicap source package in Debian's testing distribution has changed. Previous version: 0.9.5-1.1 Current version: 0.9.12-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
specimen 0.5.2rc3-5 MIGRATED to testing
FYI: The status of the specimen source package in Debian's testing distribution has changed. Previous version: 0.5.2rc3-4 Current version: 0.5.2rc3-5 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Please review my package
- - why are you setting setuid permissions in the postinst script? this is a security hazard (and if you do it to gain realtime priviliges, then it is no-longer needed and deprecated for a while, in favour of pam_limits) According to http://linux.die.net/man/5/limits.conf it is possible to enable low niceness for all processes started by all/some user(s), but it isn't possible to limit it to mplayer_nice if started by any user ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#664523: Bugfix patch
Yes, as I stated earlier in the comments, you will need the patch which I indicated. Salsaman. main developer, LiVES http://lives.sourceforge.net ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Please review my package
On 12-07-05 at 08:36pm, wbrana wrote: - - why are you setting setuid permissions in the postinst script? this is a security hazard (and if you do it to gain realtime priviliges, then it is no-longer needed and deprecated for a while, in favour of pam_limits) According to http://linux.die.net/man/5/limits.conf it is possible to enable low niceness for all processes started by all/some user(s), but it isn't possible to limit it to mplayer_nice if started by any user That doesn't change that it is a security hazard! Don't run user apps as root! Don't implement super-user features in user apps - implement it separately, and make it optional to use it. Here are some ways to handle realtime priviledges: ulatencyd linux-image-rt-* + rtirq-init rtkit libpam-cgroup libpam-cap jackd2 + /etc/security/limits.d/audio.conf - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: Digital signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Please review my package
That doesn't change that it is a security hazard!
Don't run user apps as root!
Don't implement super-user features in user apps - implement it
separately, and make it optional to use it.
I don't run user apps as root. MPlayer is never started as root.
Here is mplayer_nice source code with comments:
int main(int piarg, char* Pvarg[]){
uid_t liuid = getuid(); // check if app is started by root, if
it true return error
if (!liuid) {
printf(cant run as root\n);
return 1;
}
if (-1 == nice(-20)) { // increase process priority
printf(cant increase prority\nwrapper mplayer_nice
has to be owned by root with mode 4755\n);
};
#ifdef __NR_ioprio_set
if (syscall(__NR_ioprio_set, 1, 0, 0x2000)) { // increase
process I/O priority
printf(cant set I/O priority\n);
}
#endif
if (setuid(liuid)) { // change UID to to non-root user, if it
fails return error
printf(cant set uid to user\n);
return 1;
};
execv(MPLAYER_PATH, Pvarg); // start MPlayer
printf(can start MPLAYER_PATH\n);
return 1;
};
Google Chrome is also using setuid binary
File: ‘chrome-sandbox’
Size: 19064 Blocks: 40 IO Block: 4096 regular file
Device: 902h/2306d Inode: 1975105 Links: 1
Access: (4711/-rws--x--x) Uid: (0/root) Gid: (0/root)
Access: 2012-06-28 20:49:55.0 +0200
Modify: 2012-06-28 20:49:55.0 +0200
Change: 2012-06-30 10:10:46.594362879 +0200
Birth: -
XOrg server is also setuid binary
File: ‘Xorg’
Size: 2597144 Blocks: 5080 IO Block: 4096 regular file
Device: 902h/2306d Inode: 540202 Links: 1
Access: (4711/-rws--x--x) Uid: (0/root) Gid: (0/root)
Access: 2012-06-12 15:43:22.0 +0200
Modify: 2012-06-12 15:43:22.0 +0200
Change: 2012-06-12 15:43:27.257467482 +0200
Birth: -
___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Processing of libsbsms_2.0.1-1_amd64.changes
libsbsms_2.0.1-1_amd64.changes uploaded successfully to localhost along with the files: libsbsms_2.0.1-1.dsc libsbsms_2.0.1.orig.tar.gz libsbsms_2.0.1-1.debian.tar.gz libsbsms10_2.0.1-1_amd64.deb libsbsms-dev_2.0.1-1_amd64.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
libsbsms_2.0.1-1_amd64.changes ACCEPTED into unstable
Accepted: libsbsms-dev_2.0.1-1_amd64.deb to main/libs/libsbsms/libsbsms-dev_2.0.1-1_amd64.deb libsbsms10_2.0.1-1_amd64.deb to main/libs/libsbsms/libsbsms10_2.0.1-1_amd64.deb libsbsms_2.0.1-1.debian.tar.gz to main/libs/libsbsms/libsbsms_2.0.1-1.debian.tar.gz libsbsms_2.0.1-1.dsc to main/libs/libsbsms/libsbsms_2.0.1-1.dsc libsbsms_2.0.1.orig.tar.gz to main/libs/libsbsms/libsbsms_2.0.1.orig.tar.gz Changes: libsbsms (2.0.1-1) unstable; urgency=low . * New upstream release. * Require debhelper 9. * Bump Standard-Version to 3.9.3 (no changes required). * Update machine-readable copyright format to 1.0. Override entries for your package: libsbsms-dev_2.0.1-1_amd64.deb - optional libdevel libsbsms10_2.0.1-1_amd64.deb - optional libs libsbsms_2.0.1-1.dsc - source libs Announcing to debian-devel-chan...@lists.debian.org Thank you for your contribution to Debian. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
