[Pkg-utopia-maintainers] Bug#818759: network-manager-gnome: Unencrypted private Keys are insecure
Sorry, bit of info about versions network-manager/stable,now 1.6.2-3 amd64 [installed] network-manager-gnome/stable,now 1.4.4-1 amd64 [installed] On Mon, 5 Mar 2018 01:19:56 -0500 Andrei Audzeiwrote: > I have the same message when I try to use encrypted user key for wifi > connection (TLS, WPA & WPA2 Enterprise). > > I found a mention about fresh same issue on > https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1339607?comments=all , > and one point of last (#16) comment can be a root of trouble. > > On my laptop I use full disk encryption LVM. So, I moved my protected key > to mounted USB flash - and wifi connection works fine! I think, that > problem in disk encryption. Can you approve this and fix it? ___ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
[Pkg-utopia-maintainers] Bug#818759: network-manager-gnome: Unencrypted private Keys are insecure
I have the same message when I try to use encrypted user key for wifi connection (TLS, WPA & WPA2 Enterprise). I found a mention about fresh same issue on https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1339607?comments=all, and one point of last (#16) comment can be a root of trouble. On my laptop I use full disk encryption LVM. So, I moved my protected key to mounted USB flash - and wifi connection works fine! I think, that problem in disk encryption. Can you approve this and fix it? ___ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
Re: [Pkg-utopia-maintainers] dbus-broker Debian packaging
Hi David, On 04/03/2018 05:08, David Herrmann wrote: > *) The dbus-broker project uses submodules to link some code > statically. The easiest way to build dbus-broker is using our .tar.xz > tarballs provided with each release [1]. These include *all* source > files, including the right submodule versions. If you want to build > from -git directly, though, I recommend the strategy used by the > arch-linux -git package [2]. They check out all required repositories > and then use git to check out the correct revisions. This is > definitely more flexible than the tarball based approach, but also > needs slightly more maintenance, as you need to stay up-to-date with > the submodules. Debian tooling handles the submodules fine, I just compared the released tarball for v11 with the one generated by the Debian tooling from the git repository and they are substantially identical. However, I noticed that not all the submodules have the same license as dbus-broker, I need to complete the debian/copyright file. Also, I noticed that Red Hat is listed as the copyright holder. Is that true for all contributions? > *) The dbus-broker binary itself is definitely intended to be useful > on its own. However, no such users are known, and so far we have *not* > stabilized its API, yet. Hence, I would not split it apart now, but > leave it for a future extension. That is, something like a > `dbus-broker-core` package, which just contains the broker, but not > the launcher. I think that having `dbus-broker` and `dbus-broker-launcher` packages would be more logical, but I don't see reasons why the split cannot happen when the need will emerge, or when the API will be stable. > *) We are reworking the Fedora package at the moment. I cannot say how > the ultimate solution will look like, but the plan right now is this: > dbus-daemon is split into multiple packages. One packages > (dbus-daemon-utils) provides all the utilities (dbus-send, > dbus-monitor, ...). I would call this `dbus-utils`, but.. bikeshedding. > Another package (dbus-daemon) provides the daemon > binary and its related tools (dbus-daemon, dbus-launch, ...), as well > as a renamed service file `dbus-daemon.service`. > For dbus-broker we provide one package that ships the broker+launcher, > as well as the dbus-broker.service unit file. > Lastly, we intend to recreate the `dbus` package as a simple package > that both dbus-daemon and dbus-broker depend on, and it provides the > daemon-xml files (config and policy). If there is interest for dbus-broker in Debian and the dbus maintainers agree, I can work on patches to do the same for the Debian's dbus package. > Depending on what the default setup for your system should be, you > should run `systemctl enable dbus-{daemon,broker}.service`. They will > then create the dbus.service symlink. Fedora intends to use the > systemd-presets for this. That would need to be done differently on Debian, I guess. I will need to do some reading about what the correct solution would be there. > I hope this information is of help to you! Thank you for the detailed reply, it surely helps. Cheers, Dan ___ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
Re: [Pkg-utopia-maintainers] dbus-broker Debian packaging
Hi Daniele On Sun, Mar 4, 2018 at 3:00 AM, Daniele Nicolodiwrote: > Hello Debian dbus maintainers and dbus-broker authors, > > I'm working on packaging dbus-broker for Debian [0]. > > In the packaging, I'm not sure in how many binary packages the project > should be split. I thought asking the authors and the dbus maintainers > could be valuable. > > dbus-broker provides dbus-broker-launcher and systemd unit files that > provide configuration files compatibility with the D-Bus reference > implementation, however dbus-broker can be useful in itself to implement > private buses. > > Should dbus-broker and the launcher (and the systemd unit files) be part > of two separate binary packages? Is the interface between the broker > and the launcher stable? > > Should be the system D-Bus be replaced when dbus-broker is install? > What about the user bus? > > Is the Debian Utopia team interested in team maintenance of the > dbus-broker package? I would also need a sponsor to upload the package. Thank you for reaching out to us! I will just provide a short list of things you might find useful. I hope this answers most of the questions regarding the upstream package. *) The dbus-broker project uses submodules to link some code statically. The easiest way to build dbus-broker is using our .tar.xz tarballs provided with each release [1]. These include *all* source files, including the right submodule versions. If you want to build from -git directly, though, I recommend the strategy used by the arch-linux -git package [2]. They check out all required repositories and then use git to check out the correct revisions. This is definitely more flexible than the tarball based approach, but also needs slightly more maintenance, as you need to stay up-to-date with the submodules. Both ways are supported by us upstream. *) The dbus-broker binary itself is definitely intended to be useful on its own. However, no such users are known, and so far we have *not* stabilized its API, yet. Hence, I would not split it apart now, but leave it for a future extension. That is, something like a `dbus-broker-core` package, which just contains the broker, but not the launcher. *) We are reworking the Fedora package at the moment. I cannot say how the ultimate solution will look like, but the plan right now is this: dbus-daemon is split into multiple packages. One packages (dbus-daemon-utils) provides all the utilities (dbus-send, dbus-monitor, ...). Another package (dbus-daemon) provides the daemon binary and its related tools (dbus-daemon, dbus-launch, ...), as well as a renamed service file `dbus-daemon.service`. For dbus-broker we provide one package that ships the broker+launcher, as well as the dbus-broker.service unit file. Lastly, we intend to recreate the `dbus` package as a simple package that both dbus-daemon and dbus-broker depend on, and it provides the daemon-xml files (config and policy). Depending on what the default setup for your system should be, you should run `systemctl enable dbus-{daemon,broker}.service`. They will then create the dbus.service symlink. Fedora intends to use the systemd-presets for this. *) There is currently a proposal to make dbus-broker the default with F29 onwards. This has not been approved, yet, though. I hope this information is of help to you! David [1] https://github.com/bus1/dbus-broker/releases [2] https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=dbus-broker-git ___ Pkg-utopia-maintainers mailing list Pkg-utopia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-utopia-maintainers