Re: SPECS: vim.spec - update to 7.1.236, add vim-plugin-securemodeline...
On Saturday 16 February 2008 11:41:03 Michal Kochanowicz wrote: On Sat, Feb 16, 2008 at 10:31:26AM +0100, Michal Kochanowicz wrote: Is this a reason for which !-- vim: set encoding=utf-8: -- doesn't work any more in XML files for users? OK, I -e --nodeps'ed this package and now it works as it should. This package should be optional!! rather add the 'encoding' to whitelist and rebuild package. it's there to secure you from malicious files which set exec, dlopen to vim modelines, but still have modeline enabled (upstream and other distros have just disabled modelines processing) -- glen ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: rpm.spec - let -build depend on rpm-specdump - sort preamble
On Friday 15 February 2008 21:44:18 Jakub Bogusz wrote: On Fri, Feb 15, 2008 at 08:43:04PM +0100, glen wrote: Author: glen Date: Fri Feb 15 19:43:04 2008 GMT Module: SPECS Tag: HEAD Log message: - let -build depend on rpm-specdump What for? AFAIK no package needs it to build. but ./builder behaves better when it is present -- glen ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: kdelibs.spec - R: sperl (for fileshareset and filesharelist...
On Saturday 16 February 2008 19:29:21 Radoslaw Zielinski wrote: arvenil [EMAIL PROTECTED] [01-01-2008 18:40]: Author: arvenil Date: Tue Jan 1 18:40:26 2008 GMT Module: SPECS Tag: HEAD Log message: - R: sperl (for fileshareset and filesharelist) - release 10 [...] +Requires: sperl Nope. sperl has been separated in perl.spec for a reason -- so people don't have to have it installed. If these scripts fail badly when it's not available, update them to do that gracefully instead. Forcing installation of suid root binaries is a bad idea unless really necessary. KDE's file sharing sort of doesn't qualify. huh. i didn't like it either. so i'm reverting it :) -- glen ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: rpm.spec - let -build depend on rpm-specdump - sort preamble
On Sun, Feb 17, 2008 at 03:06:00PM +0200, Elan Ruusamäe wrote:
On Friday 15 February 2008 21:44:18 Jakub Bogusz wrote:
On Fri, Feb 15, 2008 at 08:43:04PM +0100, glen wrote:
Author: glen Date: Fri Feb 15 19:43:04 2008 GMT
Module: SPECS Tag: HEAD
Log message:
- let -build depend on rpm-specdump
What for?
AFAIK no package needs it to build.
but ./builder behaves better when it is present
rpm-build doesn't require or use builder.
As well as it doesn't require programs more crucial for builder (cvs,
wget).
rpm-build-tools.spec would be more appropriate place for such dependency
(or maybe even Suggests).
--
Jakub Boguszhttp://qboosh.pl/
___
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS (rpm-4_4_9): rpm.spec - find-lang moved to rpm-build-maros p...
On Sunday 17 February 2008 01:14:06 Marcin Krol wrote: Author: glen Date: Fri Feb 15 00:42:54 2008 GMT Module: SPECS Tag: rpm-4_4_9 Log message: - find-lang moved to rpm-build-maros package; rel 38 Was it really necessary? I was just one small step from branching rpm-build-macros for Titanium and leaving find_lang in rpm.spec. I've chosen huge release bump instead. yes, as i foresee more changes to the find-lang.sh, and rebuilding rpm package each time for that sucks. what's wrong with big numbers? you're arithmophobic/polyphobic? :) -- glen ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS (rpm-4_4_9): rpm.spec - find-lang moved to rpm-build-maros p...
what's wrong with big numbers? you're arithmophobic/polyphobic? :) I can live with them. However I hope not to see rpm-4.4.9-2.375745848e+12.i686.rpm :) M. ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: vim.spec - update to 7.1.236, add vim-plugin-securemodeline...
On Sun, Feb 17, 2008 at 03:05:01PM +0200, Elan Ruusamäe wrote: it's there to secure you from malicious files which set exec, dlopen to vim I know what it is for. If I wanted OS to think for me I'd use Mac. -- --= Michal Kochanowicz =--==--==BOFH==--==--= [EMAIL PROTECTED] =-- --= finger me for PGP public key or visit http://michal.waw.pl/PGP =-- --==--==--==--==--==-- Vodka. Connecting people.--==--==--==--==--==-- A chodzenie po górach SSIE!!! ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS (rpm-4_4_9): rpm.spec - find-lang moved to rpm-build-maros p...
On Sunday 17 February 2008 15:32:51 Marcin Krol wrote: what's wrong with big numbers? you're arithmophobic/polyphobic? :) I can live with them. However I hope not to see rpm-4.4.9-2.375745848e+12.i686.rpm :) Wrote: /home/users/glen/rpm/pld/RPMS/rpm-4.4.9-2.375745848e+12.i686.rpm :D -- glen ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: kde 3.5.9 dependency problems
Ehh. Looks like bug in poldek. It doesn't find proper requirements by dependencies. Adding them manually works. M. ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
kde 3.5.9 dependency problems
Hi. There are problems with recent kde No way to install some parts of it w/o using --nodeps. Few examples below. There are probably more. Weird things: rpm -qp --requires doesn't show these requirements. Also poldek --verify=deps doesn't show those problems, yet its impossible to install. M. poldek:/all-avail install kdepim-libs-3.5.9-2.i686 Processing dependencies... There are 1 package to install: I kdepim-libs-3.5.9-2.i586 Need to get 4.9MB of archives. After unpacking 21.0MB will be used. Executing rpm --install -vh --root / --noorder... error: Failed dependencies: /usr/lib/libknodecommon.so.3.0.0 is needed by kdepim-libs-3.5.9-2.i586 poldek:/all-avail install kdemultimedia-devel-3.5.9-2.i686 Processing dependencies... kdemultimedia-devel-3.5.9-2.i686 marks kdemultimedia-arts-3.5.9-2.i686 (cap kdemultimedia-arts = 9:3.5.9-2) kdemultimedia-devel-3.5.9-2.i686 marks kdemultimedia-libkcddb-3.5.9-2.i686 (cap kdemultimedia-libkcddb = 9:3.5.9-2) kdemultimedia-devel-3.5.9-2.i686 marks kdemultimedia-noatun-libs-3.5.9-2.i686 (cap kdemultimedia-noatun-libs = 9:3.5.9-2) There are 4 packages to install (3 marked by dependencies): I kdemultimedia-devel-3.5.9-2.i686 D kdemultimedia-arts-3.5.9-2.i686, kdemultimedia-libkcddb-3.5.9-2.i686, kdemultimedia-noatun-libs-3.5.9-2.i686 Need to get 1.5MB of archives. After unpacking 9.1MB will be used. Executing rpm --upgrade -vh --root / --noorder... error: Failed dependencies: /usr/lib/libarts_akode.so.0.0.0 is needed by kdemultimedia-devel-3.5.9-2.i686 /usr/lib/libarts_xine.so.0.0.0 is needed by kdemultimedia-devel-3.5.9-2.i686 /usr/lib/libaudiocdplugins.so.1.0.0 is needed by kdemultimedia-devel-3.5.9-2.i686 /usr/lib/libkmidlib.so.0.0.0 is needed by kdemultimedia-devel-3.5.9-2.i686 ___ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: perl-Template-Toolkit.spec - release 4: giving up for now; ...
radek wrote:
-%{?with_tests:%{__make} test}
+%{?with_tests:%{__make} test ||:}
If we ignore test errors so what is the point of performing the tests?
--
===
Andrzej M. Krzysztofowicz [EMAIL PROTECTED]
phone (48)(58) 347 19 36
Faculty of Applied Phys. Math., Gdansk University of Technology
___
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: perl-Template-Toolkit.spec - release 4: giving up for now; ...
Andrzej Krzysztofowicz [EMAIL PROTECTED] [17-02-2008 17:41]:
radek wrote:
-%{?with_tests:%{__make} test}
+%{?with_tests:%{__make} test ||:}
If we ignore test errors so what is the point of performing the tests?
We can see the results and are able to interpret them (known / new failures).
--
Radosław Zieliński [EMAIL PROTECTED]
pgpIp1UNATwJg.pgp
Description: PGP signature
___
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
Re: SPECS: kdelibs.spec - R: sperl (for fileshareset and filesharelist...
Dnia sobota 16 luty 2008, Radoslaw Zielinski napisał:
arvenil [EMAIL PROTECTED] [01-01-2008 18:40]:
Author: arvenil Date: Tue Jan 1 18:40:26 2008 GMT
Module: SPECS Tag: HEAD
Log message:
- R: sperl (for fileshareset and filesharelist)
- release 10
[...]
+Requires: sperl
Nope.
As far as i remember it requires sperl. Filesharing doesn't work without it.
It fails and KDE gives wrong clue.
Sharing folder '/home/users/Arvenil/DOM/pulpit/Nowy katalog' failed.
An error occurred while trying to share
folder '/home/users/Arvenil/DOM/pulpit/Nowy katalog'. Make sure that the Perl
script 'fileshareset' is set suid root.
But running this script from command line returns something more verbosive:
# fileshareset --add /home/users/Arvenil/DOM
Can't do setuid (cannot exec sperl)
Forcing installation of suid root binaries is a bad idea unless really
necessary.
True. I didn't know how much unsecure sperl is. Description suggest that it is
more secure:)
If these scripts fail badly when it's not
available, update them to do that gracefully instead.
I have propably found other solution. Simple and secure.
Just remove sgid from this scripts;)
--- kdelibs.spec17 Feb 2008 13:16:52 - 1.549
+++ kdelibs.spec17 Feb 2008 17:48:49 -
@@ -462,8 +462,8 @@
%attr(755,root,root) %{_bindir}/dcopserver_shutdown
%attr(755,root,root) %{_bindir}/dcopstart
#%attr(755,root,root) %{_bindir}/ghns
-%attr(2755,root,fileshare) %{_bindir}/filesharelist
-%attr(2755,root,fileshare) %{_bindir}/fileshareset
+%attr(755,root,fileshare) %{_bindir}/filesharelist
+%attr(755,root,fileshare) %{_bindir}/fileshareset
%attr(755,root,root) %{_bindir}/imagetops
%attr(755,root,root) %{_bindir}/kaddprinterwizard
%attr(755,root,root) %{_bindir}/kbuildsycoca
Works like a charm;) This scripts requires just (i hope so) write access
to /etc/smb.conf and propably /etc/exports. /etc/smb.conf and /etc/exports
belongs to group fileshare (664). So just add user to group fileshare and
then you can share you files in KDE. Also file sharing configuration in KDE
supports adding users to group fileshare.
Argh... i was happy to early. KDE has by default set filesharing to not use
fileshare group but allow all users to share files (IMO stupid). So without
sperl this cannot be done.
Also i see that this is now broken even when sperl is installed. When changing
in KDE configuration to not use filesharing group then KDE change group
for /etc/smb.conf and /etc/exports to root. Fleshareset has only sgid so it
fails.
So if we want this working then in KDE way there should be installed sperl and
fileshareset and filesharelist should have suid (now they have only sgid).
Changing sgid to suid for filesharelist and fileshareset is allowed?
But as you mention earlier sperl is unsecure so what are other propositions?
For me this is just broken. This file share feature should allow only sharing
files for users in group fileshare and it shouldn't change group and
privileges of /etc/smb.conf and /etc/exports.
BTW i found this[1] on the net ;)
[1] http://www.mail-archive.com/[EMAIL PROTECTED]/msg24787.html
--
Regards, Kamil Dziedzic
--
Pozdrawiam, Kamil Dziedzic
signature.asc
Description: This is a digitally signed message part.
___
pld-devel-en mailing list
pld-devel-en@lists.pld-linux.org
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
