Bug#680613: Change fixed up
Hi, (please don't use 680613, as your won't show up on the pkg-multimedia archives and I cannot easily reply) I've dropped the multi-arch headers now in this commit: http://anonscm.debian.org/gitweb/?p=pkg-multimedia/libav.git;a=commitdiff;h=a55d079b01da2c81de68af0ebdb86d07aec5f5c7 -- regards, Reinhard ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: Supercollider fails to build
OK, so we have more build failures, but this time different on different architectures: 1. Arm*: qreal is not double but float. Patch is in the repository. 2. PowerPc64: Undefined variable order. It seems that there is a bogus call in line 255 of external_libraries/boost_lockfree/boost/atomic/detail/gcc-ppc.hpp, but I'm not sure. 3. ia64: missing ifdef case in external_libraries/nova-simd/benchmarks/perf_counter.hpp (starting at line 466). I don't know how to fix this. 4. all big-endian archs: Typo in external_libraries/boost_endian/boost/integer/endian.hpp:285. It seems like an extra ) crept in in the least-tested #ifdef path. Patch in the repository too Dan, could you forward these issues upsteam? -- Saludos, Felipe Sateler ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: [SCM] libav/master: Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov.
On Mon, Jul 9, 2012 at 4:32 PM, Reinhard Tartler wrote: > I've been trying out the commit hook that the dpkg guys are using. > Essentially, it sends email such as the following: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680613#49 > > I espc. like that the script automatically mails the bug submitter > with a link to the commitdiff to invite him to review the change. I like the idea a lot. > > However, I dislike the fact that the script requires to edit > debian/changelog and the actual change in the same change. Dpkg indeed uses that workflow, with a git merge driver for debian/changelog (that's how they avoid the inevitable conflicts). I think I still prefer generating debian/changelog later. If only because it "forces" to write a reasonable commit log. > I guess > this could be fixed in the script somehow if someone wanted to invest > some energy in that, though. > > For consistency with the other pkg-multimedia branches, I've disabled > that hook again now. If we want it, I think we should enable it for > all repositories, not only for libav.git. > > So, what do you think about this. Is this something we want to > implement team-wide? I'd say that yes, I want us to implement that team-wide. However, I'm personally unlikely to implement it, at least in the short term. -- Saludos, Felipe Sateler ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#681006: [synfigstudio] Mouse doesn't work at draw window, so I can't draw or select anything at it.
Package: synfigstudio Version: 0.63.05-1 Severity: important --- Please enter the report below this line. --- The program worked fine weeks ago. But suddenly mouse doesn't work in the work (I can't clic) window, only. In other window: tools, key time it works fine. I just see a GTK error message in console execution: (synfigstudio:12490): GLib-GObject-CRITICAL **: Object class gtkmm__CustomObject_N6studio15ValueBase_EntryE doesn't implement property 'editing-canceled' from interface 'GtkCellEditable' Thanks. --- System information. --- Architecture: i386 Kernel: Linux 2.6.38-2-686 Debian Release: wheezy/sid 500 testing security.debian.org 500 testing ftp.de.debian.org 500 testing debian-multimedia.informatik.uni-erlangen.de --- Package information. --- Depends(Version) | Installed -+-== libatkmm-1.6-1 (>= 2.22.1) | 2.22.6-1 libc6 (>= 2.8) | 2.13-33 libcairo2 (>= 1.2.4) | 1.12.2-2 libcairomm-1.0-1 (>= 1.6.4) | 1.10.0-1 libgcc1 (>= 1:4.1.1) | 1:4.7.1-2 libglib2.0-0 (>= 2.12.0) | 2.32.3-1 libglibmm-2.4-1c2a (>= 2.31.22) | 2.32.0-1 libgtk2.0-0 (>= 2.8.0) | 2.24.10-1 libgtkmm-2.4-1c2a (>= 1:2.24.0) | 1:2.24.2-1 libpangomm-1.4-1 (>= 2.27.1) | 2.28.4-1 libsigc++-2.0-0c2a(>= 2.0.2) | 2.2.10-0.2 libstdc++6 (>= 4.6) | 4.7.1-2 libsynfig0 | 0.63.05-1 Recommends (Version) | Installed ==-+-=== synfig-examples| 0.63.05-1 Package's Suggests field is empty. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: [SCM] libav/master: Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov.
I've been trying out the commit hook that the dpkg guys are using. Essentially, it sends email such as the following: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680613#49 I espc. like that the script automatically mails the bug submitter with a link to the commitdiff to invite him to review the change. However, I dislike the fact that the script requires to edit debian/changelog and the actual change in the same change. I guess this could be fixed in the script somehow if someone wanted to invest some energy in that, though. For consistency with the other pkg-multimedia branches, I've disabled that hook again now. If we want it, I think we should enable it for all repositories, not only for libav.git. So, what do you think about this. Is this something we want to implement team-wide? Cheers, Reinhard On Mon, Jul 9, 2012 at 9:57 PM, wrote: > The following commit has been merged in the master branch: > commit c08426ed8f0306f4276d2c76868c78969c2538ca > Author: Reinhard Tartler > Date: Mon Jul 9 21:56:12 2012 +0200 > > Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. > > Mark the transitional packages as Multi-arch: same to avoid that the > dependency can be satisfied by packages of other architectures, which > would break applications. Closes: #680613 > > diff --git a/debian/changelog b/debian/changelog > index 896c9a5..2109838 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,8 +1,12 @@ > libav (6:0.8.3-4) unstable; urgency=low > >* Declare a 'Breaks' relationship against mplayer, Closes: #671934 > + * Bug fix: "Multi-Arch: foreign libraries", thanks to Stepan Golosunov. > +Mark the transitional packages as Multi-arch: same > +to avoid that the dependency can be satisfied by packages of other > +architectures, which would break applications. Closes: #680613 > > - -- Reinhard Tartler Tue, 26 Jun 2012 08:46:42 +0200 > + -- Reinhard Tartler Mon, 09 Jul 2012 21:55:34 +0200 > > libav (6:0.8.3-3) unstable; urgency=low > > diff --git a/debian/control b/debian/control > index 170d9b8..b53e320 100644 > --- a/debian/control > +++ b/debian/control > @@ -486,7 +486,7 @@ Package: libavutil-extra-51 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libavutil51, > ${misc:Depends}, > @@ -531,7 +531,7 @@ Package: libavdevice-extra-53 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libavdevice53, > ${misc:Depends}, > @@ -546,7 +546,7 @@ Package: libavfilter-extra-2 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libavfilter2, > ${misc:Depends}, > @@ -561,7 +561,7 @@ Package: libpostproc-extra-52 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libpostproc52, > ${misc:Depends}, > @@ -576,7 +576,7 @@ Package: libavformat-extra-53 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libavformat53, > ${misc:Depends}, > @@ -591,7 +591,7 @@ Package: libswscale-extra-2 > Section: oldlibs > Priority: extra > Architecture: all > -Multi-Arch: foreign > +Multi-Arch: same > Depends: > libswscale2, > ${misc:Depends}, > > -- > Libav/FFmpeg packaging > > ___ > pkg-multimedia-commits mailing list > pkg-multimedia-comm...@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-commits -- regards, Reinhard ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Processed: Bug#680613 marked as pending
Processing commands for cont...@bugs.debian.org: > tag 680613 pending Bug #680613 [src:libav] libav: Multi-Arch: foreign libraries Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 680613: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680613 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
pd-iemnet 0.1-3 MIGRATED to testing
FYI: The status of the pd-iemnet source package in Debian's testing distribution has changed. Previous version: 0.1-2 Current version: 0.1-3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
petri-foo 0.1.5-1 MIGRATED to testing
FYI: The status of the petri-foo source package in Debian's testing distribution has changed. Previous version: 0.0.2+20110630.gitb083f60-1 Current version: 0.1.5-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: review qemplayer
I managed temporary to change limits from command line, but I/O priority can't be increased x@debian:~$ su - Password: root@debian:~# ulimit -e unlimited root@debian:~# ulimit -r unlimited root@debian:~# su - x x@debian:~$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) unlimited file size (blocks, -f) unlimited pending signals (-i) 8055 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size(512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) unlimited stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 8055 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited x@debian:~$ cat /proc/self/limits Limit Soft Limit Hard Limit Units Max cpu time unlimitedunlimitedseconds Max file size unlimitedunlimitedbytes Max data size unlimitedunlimitedbytes Max stack size8388608 unlimitedbytes Max core file size0unlimitedbytes Max resident set unlimitedunlimitedbytes Max processes 8055 8055 processes Max open files1024 4096 files Max locked memory 6553665536bytes Max address space unlimitedunlimitedbytes Max file locksunlimitedunlimitedlocks Max pending signals 8055 8055 signals Max msgqueue size 819200 819200 bytes Max nice priority unlimitedunlimited Max realtime priority unlimitedunlimited Max realtime timeout unlimitedunlimitedus x@debian:~$ mplayer_nice cant set I/O priority MPlayer svn r34540 (Debian), built with gcc-4.7 (C) 2000-2012 MPlayer Team ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
libffado 2.0.99+svn2171-2 MIGRATED to testing
FYI: The status of the libffado source package in Debian's testing distribution has changed. Previous version: 2.0.99+svn2124-1 Current version: 2.0.99+svn2171-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
pd-arraysize 0.1-1 MIGRATED to testing
FYI: The status of the pd-arraysize source package in Debian's testing distribution has changed. Previous version: (not in testing) Current version: 0.1-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: review qemplayer
I added following lines to /etc/security/limits.conf and rebooted @audio softnice-20 @audio softrtprio unlimited but it doesn't work id uid=1000(x) gid=1000(x) groups=1000(x),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev) nice -n-20 ls nice: cannot set niceness: Permission denied $ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 8055 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size(512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 8055 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Bug#679705: marked as done (supercollider-common: fails to upgrade from 'testing' - trying to overwrite /usr/share/SuperCollider/Extensions/README)
Your message dated Mon, 09 Jul 2012 15:18:17 + with message-id and subject line Bug#679705: fixed in supercollider 1:3.5.3~repack-1 has caused the Debian Bug report #679705, regarding supercollider-common: fails to upgrade from 'testing' - trying to overwrite /usr/share/SuperCollider/Extensions/README to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 679705: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679705 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: supercollider,supercollider-common Version: 1:3.5.2-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'testing'. It installed fine in 'testing', then the upgrade to 'sid' fails because it tries to overwrite other packages files without declaring a Breaks/Replaces relation. See policy 7.6 at http://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces >From the attached log (scroll to the bottom...): Preparing to replace supercollider 1:3.4.5-1 (using .../supercollider_1%3a3.5.2-1_amd64.deb) ... Unpacking replacement supercollider ... Preparing to replace supercollider-common 1:3.4.5-1 (using .../supercollider-common_1%3a3.5.2-1_all.deb) ... Unpacking replacement supercollider-common ... dpkg: error processing /var/cache/apt/archives/supercollider-common_1%3a3.5.2-1_all.deb (--unpack): trying to overwrite '/usr/share/SuperCollider/Extensions/README', which is also in package supercollider-server 1:3.4.5-1 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Preparing to replace supercollider-server 1:3.4.5-1 (using .../supercollider-server_1%3a3.5.2-1_amd64.deb) ... Unpacking replacement supercollider-server ... Errors were encountered while processing: /var/cache/apt/archives/supercollider-common_1%3a3.5.2-1_all.deb cheers, Andreas supercollider_1:3.5.2-1.log.gz Description: GNU Zip compressed data --- End Message --- --- Begin Message --- Source: supercollider Source-Version: 1:3.5.3~repack-1 We believe that the bug you reported is fixed in the latest version of supercollider, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 679...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Felipe Sateler (supplier of updated supercollider package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 07 Jul 2012 14:16:59 -0400 Source: supercollider Binary: supercollider supercollider-common supercollider-server supercollider-supernova libscsynth1 supercollider-dev supercollider-emacs supercollider-vim supercollider-gedit Architecture: source all amd64 Version: 1:3.5.3~repack-1 Distribution: unstable Urgency: low Maintainer: Debian Multimedia Packages Maintainers Changed-By: Felipe Sateler Description: libscsynth1 - SuperCollider synthesis server library supercollider - real time audio synthesis programming language supercollider-common - common files for SuperCollider supercollider-dev - development files for SuperCollider supercollider-emacs - SuperCollider mode for Emacs supercollider-gedit - SuperCollider mode for Gedit supercollider-server - real time audio synthesis server supercollider-supernova - real time audio synthesis server (multiprocessor version) supercollider-vim - SuperCollider mode for Vim Closes: 679705 Changes: supercollider (1:3.5.3~repack-1) unstable; urgency=low . [ Dan Stowell ] * Imported upstream version 3.5.3 - Removed 3 patches now upstreamed - Repack upstream source without boost sources * Fix build on non-x86/64: define BOOST_LOCKFREE_DCAS_ALIGNMENT (Update prefix.hpp to current boost SVN 2012-07-03) . [ Jonas Smedegaard ] * Unfuzz patch and refresh with shortening options. * Revive copyright/license tracking silently dropped in 1:3.5.1-1. . [ Felipe Sateler ] * Add missing epoch to versioned breaks/replaces. Closes: #679705 * Install README.extensions via debian/rules instead of a patch * Add DEP3 header to update_boostlockfree_prefixhpp.patch * Remove unused License paragraph * Bump Standa
supercollider_3.5.3~repack-1_amd64.changes ACCEPTED into unstable
Accepted: libscsynth1_3.5.3~repack-1_amd64.deb to main/s/supercollider/libscsynth1_3.5.3~repack-1_amd64.deb supercollider-common_3.5.3~repack-1_all.deb to main/s/supercollider/supercollider-common_3.5.3~repack-1_all.deb supercollider-dev_3.5.3~repack-1_amd64.deb to main/s/supercollider/supercollider-dev_3.5.3~repack-1_amd64.deb supercollider-emacs_3.5.3~repack-1_all.deb to main/s/supercollider/supercollider-emacs_3.5.3~repack-1_all.deb supercollider-gedit_3.5.3~repack-1_all.deb to main/s/supercollider/supercollider-gedit_3.5.3~repack-1_all.deb supercollider-server_3.5.3~repack-1_amd64.deb to main/s/supercollider/supercollider-server_3.5.3~repack-1_amd64.deb supercollider-supernova_3.5.3~repack-1_amd64.deb to main/s/supercollider/supercollider-supernova_3.5.3~repack-1_amd64.deb supercollider-vim_3.5.3~repack-1_all.deb to main/s/supercollider/supercollider-vim_3.5.3~repack-1_all.deb supercollider_3.5.3~repack-1.debian.tar.gz to main/s/supercollider/supercollider_3.5.3~repack-1.debian.tar.gz supercollider_3.5.3~repack-1.dsc to main/s/supercollider/supercollider_3.5.3~repack-1.dsc supercollider_3.5.3~repack-1_amd64.deb to main/s/supercollider/supercollider_3.5.3~repack-1_amd64.deb supercollider_3.5.3~repack.orig.tar.gz to main/s/supercollider/supercollider_3.5.3~repack.orig.tar.gz Changes: supercollider (1:3.5.3~repack-1) unstable; urgency=low . [ Dan Stowell ] * Imported upstream version 3.5.3 - Removed 3 patches now upstreamed - Repack upstream source without boost sources * Fix build on non-x86/64: define BOOST_LOCKFREE_DCAS_ALIGNMENT (Update prefix.hpp to current boost SVN 2012-07-03) . [ Jonas Smedegaard ] * Unfuzz patch and refresh with shortening options. * Revive copyright/license tracking silently dropped in 1:3.5.1-1. . [ Felipe Sateler ] * Add missing epoch to versioned breaks/replaces. Closes: #679705 * Install README.extensions via debian/rules instead of a patch * Add DEP3 header to update_boostlockfree_prefixhpp.patch * Remove unused License paragraph * Bump Standards-Version (no changes needed) * Remove unused lintian override package-contains-empty-directory * Update copyright hints file Override entries for your package: libscsynth1_3.5.3~repack-1_amd64.deb - optional sound supercollider-common_3.5.3~repack-1_all.deb - optional sound supercollider-dev_3.5.3~repack-1_amd64.deb - optional sound supercollider-emacs_3.5.3~repack-1_all.deb - optional sound supercollider-gedit_3.5.3~repack-1_all.deb - optional sound supercollider-server_3.5.3~repack-1_amd64.deb - optional sound supercollider-supernova_3.5.3~repack-1_amd64.deb - optional sound supercollider-vim_3.5.3~repack-1_all.deb - optional sound supercollider_3.5.3~repack-1.dsc - source sound supercollider_3.5.3~repack-1_amd64.deb - optional sound Announcing to debian-devel-chan...@lists.debian.org Closing bugs: 679705 Thank you for your contribution to Debian. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Processing of supercollider_3.5.3~repack-1_amd64.changes
supercollider_3.5.3~repack-1_amd64.changes uploaded successfully to localhost along with the files: supercollider_3.5.3~repack-1.dsc supercollider_3.5.3~repack.orig.tar.gz supercollider_3.5.3~repack-1.debian.tar.gz supercollider-common_3.5.3~repack-1_all.deb supercollider-emacs_3.5.3~repack-1_all.deb supercollider-vim_3.5.3~repack-1_all.deb supercollider-gedit_3.5.3~repack-1_all.deb supercollider_3.5.3~repack-1_amd64.deb supercollider-server_3.5.3~repack-1_amd64.deb supercollider-supernova_3.5.3~repack-1_amd64.deb libscsynth1_3.5.3~repack-1_amd64.deb supercollider-dev_3.5.3~repack-1_amd64.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: review qemplayer
On 12-07-09 at 02:37pm, wbrana wrote: > > is it possible for you to "reply" to messages, so threads are kept > > intact? also it would be nice if you could use a more meaningful > > subject ("my" package refer to a number of packages, non of which is > > qemplayer) > I can't reply to messages because I'm not subscribed to mailing list > because I don't want to get so many e-mails. I'm reading it using > archives. This is a team. You need to subscribe to participate in our teamwork. > > - - pam_limits allows you to fine-tune those priviliges on a > > per-user basis. e.g. you can grant access to realtime-priorities, > > but not to reading /etc/passwd or to /dev/null'ing your harddisks. > I will consider it. Will qemplayer be included in Debian if I will use > pam_limits? We are striving for high quality packaging, not doing silly negotiating. > > is there any specific reason, why you install files into > > /usr/share/doc/qemplayer/ and /usr/share/doc/qemplayer-12.5/? > I don't know why files are installed into /usr/share/doc/qemplayer/. > I'm installing into /usr/share/doc/qemplayer-12.5 because this way is > used on Gentoo. This is not Gentoo. This is Debian. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: Digital signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
review qemplayer
> is it possible for you to "reply" to messages, so threads are kept intact? > also it would be nice if you could use a more meaningful subject ("my" > package refer to a number of packages, non of which is qemplayer) I can't reply to messages because I'm not subscribed to mailing list because I don't want to get so many e-mails. I'm reading it using archives. > if your application is dropping root priviges as soon as it can, it > still _has_ root priviliges at some point. if the binary can be > compromised in a critical state, this means that the an attacker can > get easy root access to your machine. How can be that binary compromised? > you might want to contact the packagers of google chome and xorg about > that (and they most likely will either fix the problem or have a very > good explanation why they need setuid) chrome is using chroot and other things, which don't work without setuid xorg also needs to call functions which don't work without setuid chrome and xorg were just example. There are many setuid apps on Linux. xorg and many other apps are running as root all time. It will be much easier to get root access using these apps than mplayer_nice > - - pam_limits allows you to fine-tune those priviliges on a per-user > basis. e.g. you can grant access to realtime-priorities, but not to > reading /etc/passwd or to /dev/null'ing your harddisks. I will consider it. Will qemplayer be included in Debian if I will use pam_limits? > is there any specific reason, why you install files into > /usr/share/doc/qemplayer/ and /usr/share/doc/qemplayer-12.5/? I don't know why files are installed into /usr/share/doc/qemplayer/. I'm installing into /usr/share/doc/qemplayer-12.5 because this way is used on Gentoo. > all this should go into /usr/share/doc// I will consider it. ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: [SCM] zynaddsubfx packaging branch, master, created. debian/2.4.0-1.2
2012/7/9 Alessio Treglia : > Why didn't you imported the older revisions? git-import-dscs is our friend :) Just tried how does it works ... this looks like right way $ git-import-dscs --debsnap zynaddsubfx Should I delete zynaddsubfx repo and start again from beginning? Not too much work done yet. regards mira ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
Re: [SCM] zynaddsubfx packaging branch, master, created. debian/2.4.0-1.2
On Mon, Jul 9, 2012 at 12:43 AM, wrote: > commit 147cbcde269f463e4a1051ecc4d59b6378c3fdc7 > Author: Alessio Treglia > Date: Sun Aug 21 10:51:06 2011 +0200 > > Imported Debian patch 2.4.0-1.2 Why didn't you imported the older revisions? git-import-dscs is our friend :) -- Alessio Treglia | www.alessiotreglia.com Debian Developer | ales...@debian.org Ubuntu Core Developer| quadris...@ubuntu.com 0416 0004 A827 6E40 BB98 90FB E8A4 8AE5 311D 765A ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
reviewing qemplayer (was Re: Please review my package)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-07-05 11:52, IOhannes m zmoelnig wrote: > no real review (and i'm no DD, so i cannot upload anyhow) but a > few remarks (without even attempting to build the package): is there any specific reason, why you install files into /usr/share/doc/qemplayer/ and /usr/share/doc/qemplayer-12.5/? all this should go into /usr/share/doc// btw, a very good start to creating debian packages (e.g. adding .install and .docs files to automatically install files into their proper locations) is the "new maintainers guide" [1]. fgmasdr IOhannes [1] http://www.debian.org/doc/devel-manuals#maint-guide -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/6iNgACgkQkX2Xpv6ydvTDTgCglhxa4SGtFyK7gOD2S9mdg/nV 1d0AoIvzA9cYAq/MqN6Eu2MTaCfwnroK =nwD7 -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
review qemplayer (was Re: Please review my package)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi. is it possible for you to "reply" to messages, so threads are kept intact? also it would be nice if you could use a more meaningful subject ("my" package refer to a number of packages, non of which is qemplayer) On 2012-07-05 22:14, wbrana wrote: >> That doesn't change that it is a security hazard! Don't run user >> apps as root! Don't implement super-user features in user apps - >> implement it separately, and make it optional to use it. > I don't run user apps as root. MPlayer is never started as root. by setting the setuid flag, you _are_ running mplayer_nice as root. > > Here is mplayer_nice source code with comments: [...] this doesn't mean anything. if your application is dropping root priviges as soon as it can, it still _has_ root priviliges at some point. if the binary can be compromised in a critical state, this means that the an attacker can get easy root access to your machine. > Google Chrome is also using setuid binary XOrg server is also > setuid binary you might want to contact the packagers of google chome and xorg about that (and they most likely will either fix the problem or have a very good explanation why they need setuid) > According to http://linux.die.net/man/5/limits.conf it is possible > to enable low niceness for all processes started by all/some > user(s), but it isn't possible to limit it to mplayer_nice if > started by any user > so why do you not want to use it? do you think you are granting too much priviliges to "all/some user(s)" when using pam_limits? if so, please consider: - - why exactly does mplayer_nice need root priviliges? - - setuid'ing your binary grants the application super-user priviliges. among those are realtime-priorities, reading /etc/passwd and the like. setuid'ing grants all those priviliges. - - pam_limits allows you to fine-tune those priviliges on a per-user basis. e.g. you can grant access to realtime-priorities, but not to reading /etc/passwd or to /dev/null'ing your harddisks. - - pam_limits works on a per user (per group) basis. this is the traditional un*x way to handle security. consider an attacker who gains access to your machine as an unpriviliged user (eg. "www-data"). they can then simpy run /usr/bin/mplayer_nice to gain root access of your machine. with pam_limits, they first need to become a given user/group-member before they can start _any_ application with realtime priorities. this is bad enough, but not as the first scenario. - - check your /etc/security/limits.d/audio.conf chances are high that you already have this file and that it grants members of the audio group enough rights to run your application as you want it to run. i guess that all users interested in running (and supposed to run) mplayer_nice are already in the "audio" group. - - ... gsdfmrt IOhannes -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/6g+YACgkQkX2Xpv6ydvQzFgCfe2fdPylxw1yM0LZ0OHeepFVC S/8AoJ83WeVkNWeJuEvozLTe6bU8McvT =YqkY -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers