Package dovecot-postfix
Hello I have had a problem concerning the dovecot server recently. I have installed dovecot-postfix. So, in the file there was written a warning saying that only dovecot-postfix.conf will be used. But it seems that it read config from both files dovecot.conf (especially the lda protocol settings) and dovecot-postfix.conf. The only solution to solve the problem (local delivery wasn't made) was to write the lda settings in dovecot.conf. I don't know if I made a mistake somewhere (and I don't have an account on launchpad, so I would like to tell you before making a bug report), but I would like to give you the information. I hope this will be usefull and you understand all what I said ! Have nice year's end fest... -- Stéphane Guedon http://www.22decembre.eu/ ma carte de viste : http://www.22decembre.eu/downloads/Stephane-Guedon.vcf -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Security vulnerabilities in default Ubuntu install boot process
Hi, You may already know this, but I thought I should try and raise awareness since it has affected someone I work with and the fix should be fairly simple: By default GRUB / GRUB2 will allow anyone who walks up to the computer to select 'Recovery Mode' and gain root privileges. This is clearly insecure. There are also some circumstance in which a failed boot (eg fsck error) drops to a root shell. This is also highly insecure behaviour and should not be the default. The 'recovery mode' boot option vulnerability is already widely known and reported all over the web. I understand that some users may forget their password but the rest of us should not have our security compromised for their convenience. GRUB / GRUB2 should be password protected by the installer by default, either using the primary users details or requesting another set of login details for GRUB. I understand that GRUB and GRUB2 have this support already and integration with the installer is all that would be required. Instead of dropping to a root shell directly on boot failure the primary users password should be required. I have no idea whether this would be easy to implement or not. Giving root access to anyone local to the machine as freely as Ubuntu currently does is a very bad idea and needs attention. Thanks for taking the time to read this, Crispin ps: I've also posted this on the ubuntu brainstorm site here: http://brainstorm.ubuntu.com/idea/23182/ -- Quote of the [period of time 'till I change it]: “Isn't it enough to see that the garden is beautiful, without having to believe there are fairies at the bottom of it too?.” - Douglas Adams. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Midnight Commander: bug report and patch
Hi, all - I tried reporting this bug in Launchpad more about a week back, and never got any response. Since it's a pretty big one (zip file contents not showing up), I figured I'd send it here; hopefully, someone finds it helpful! The problem was caused by the regex in /usr/share/mc/extfs/uzip failing to parse the output of '/usr/bin/unzip -qq -v'. As a result, the subsequent code that processes the return from that regex also fails. Please take a look at the diff file for the fix (tested on ~20 random zip files.) Best regards, -- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET * -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
kernel-package: bug: The UTS Release version in include/linux/version.h does not match current version
I have this problem on Karmic with the latest linux kernel from git. Now the header is in include/generated/utsrelease.h. Please correct version_vars.mk. Kirill Afonshin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Qt Creator
Hello. Why in the repositories of Ubuntu Qt Creator is still version 1.2 and not 1.3? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
glade-doc dependency problem
Hi All, Reference Bug #477300 (https://bugs.launchpad.net/ubuntu/+source/scrollkeeper/+bug/477300?comments=all). It appears glade-doc depends on libscrollkeeper0, which is no longer available. Jeff $ sudo apt-get install glade-doc Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: glade-doc: Depends: libscrollkeeper0 but it is not installable E: Broken packages -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Making Resolution Setting More User-Friendly
I have been troubled by how confusing it can be for new users of Ubuntu/Kubuntu/Xubuntu to get their old display hardware showing higher resolution. I have attempted to write a WWW page that is designed to help these newbies as well as confused old-timers like myself. Could anyone interested in helping with this look at http://yosemitefoothills.com/UbuntuLucidDisplayNotes.html and give me feedback. A mailto link is given at the end. What I would really like to see is some install option or script that would be offered when EDID fails or when the X Window System knows that the installation is questionable. Such choices could be placed in the Display application already offered to set resolutions. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Security vulnerabilities in default Ubuntu install boot process
Crispin Cooper [2009-12-31 1:49 +]: By default GRUB / GRUB2 will allow anyone who walks up to the computer to select 'Recovery Mode' and gain root privileges. This is clearly insecure. Not really: https://wiki.ubuntu.com/SecurityTeam/FAQ#Rescue%20Mode Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Security vulnerabilities in default Ubuntu install boot process
On Mon, Jan 4, 2010 at 12:43 PM, Martin Pitt martin.p...@ubuntu.com wrote: This is clearly insecure. Not really: Yes. And I would hope for a wiki article that explains how encrypted filesystems protect you from these risks, instead of attempting to argue whether these risks exist. P. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Qt Creator
On Sat, Jan 2, 2010 at 7:07 AM, Dmitry Unruh dmitryun...@googlemail.com wrote: Why in the repositories of Ubuntu Qt Creator is still version 1.2 and not 1.3? $ rmadison qtcreator qtcreator | 1.2.1-3ubuntu1 | karmic/universe | source, amd64, i386 qtcreator | 1.3.0-0ubuntu2 | lucid/universe | source, amd64, i386 Lucid has 1.3.0; perhaps you'd like to request a backport to karmic-backports? See https://help.ubuntu.com/community/UbuntuBackports#How to request new packages Thanks! -Dan -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Making Resolution Setting More User-Friendly
Am 01.01.2010 um 01:13 schrieb Craig Van Degrift: I have been troubled by how confusing it can be for new users of Ubuntu/Kubuntu/Xubuntu to get their old display hardware showing higher resolution. I have attempted to write a WWW page that is designed to help these newbies as well as confused old-timers like myself. Could anyone interested in helping with this look at http://yosemitefoothills.com/UbuntuLucidDisplayNotes.html and give me feedback. I have the same problem and solve it by putting something like this into /etc/X11/Xsession.d/45custom_xrandr-settings ($HOME/.Xsession no longer works): xrandr --newmode 1280x1024 SGI 134.400 1280 1296 1440 1688 1024 1025 1028 1066 +hsync +vsync xrandr --addmode VGA1 1280x1024 SGI You can get the required numbers with PowerStrip, a tool for MS Windows. SGI is an arbitrary name, VGA1 (sometimes VGA) can be found with xrandr --info, IIRC. These new resolutions then show up in the standard panel for resolution settings and survive reboots. A few versions back (before Jaunty Jackalope) Ubuntu used to find these resolutions it's self. HTH, Markus - - - - - - - - - - - - - - - - - - - Dipl. Ing. Markus Hitter http://www.jump-ing.de/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Security vulnerabilities in default Ubuntu install boot process
On Mon, Jan 4, 2010 at 6:06 AM, Patrick Freundt patrick.freu...@googlemail.com wrote: On Mon, Jan 4, 2010 at 12:43 PM, Martin Pitt martin.p...@ubuntu.com wrote: This is clearly insecure. Not really: Yes. And I would hope for a wiki article that explains how encrypted filesystems protect you from these risks, instead of attempting to argue whether these risks exist. Such articles abound. One such article discussing in great detail how you might encrypt your home directory in Ubuntu is here: * http://www.linux-mag.com/cache/7568/1.html Beyond this, you can use the Server or the Alternate installer to encrypt your entire drive using LVM. * https://help.ubuntu.com/community/EncryptedFilesystemLVMHowto And I agree with the security team's assessment -- if an attacker has physical access to your hard drive, encryption is your only real protection. Adding a password to Grub/Grub2 simply means that the attacker needs to have a screwdriver at their disposal. :-Dustin -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Qt Creator
On Sat, Jan 2, 2010 at 1:07 PM, Dmitry Unruh dmitryun...@googlemail.com wrote: Hello. Why in the repositories of Ubuntu Qt Creator is still version 1.2 and not 1.3? Because it was too recent to be included in Karmic. You can install Qt 4.6 and Qt Creator 1.3.0 for Karmic from my PPA: http://launchpad.net/~pgquiles/+archive/ppa -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Making Resolution Setting More User-Friendly
On Tue, Jan 5, 2010 at 12:49 AM, Markus Hitter m...@jump-ing.de wrote: Am 01.01.2010 um 01:13 schrieb Craig Van Degrift: I have been troubled by how confusing it can be for new users of Ubuntu/Kubuntu/Xubuntu to get their old display hardware showing higher resolution. I have attempted to write a WWW page that is designed to help these newbies as well as confused old-timers like myself. Could anyone interested in helping with this look at http://yosemitefoothills.com/UbuntuLucidDisplayNotes.html and give me feedback. I have the same problem and solve it by putting something like this into /etc/X11/Xsession.d/45custom_xrandr-settings ($HOME/.Xsession no longer works): xrandr --newmode 1280x1024 SGI 134.400 1280 1296 1440 1688 1024 1025 1028 1066 +hsync +vsync xrandr --addmode VGA1 1280x1024 SGI You can get the required numbers with PowerStrip, a tool for MS Windows. You can also get them from the “cvt command. I have toyed with the idea of adding this to a “Do you not see the resolution you're after button in gnome-display-properties. It would actually be quite easy to implement, although I think it'd require extending the xrandr plugin for gnome-settings-daemon a bit. For added bonus points, it would talk to gdm's gnome-settings-daemon, too. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: Midnight Commander: bug report and patch
Date: Thu, 24 Dec 2009 11:37:30 -0500 From: Ben Okopnik b...@linuxgazette.net Subject: Midnight Commander: bug report and patch To: ubuntu-devel-discuss@lists.ubuntu.com Message-ID: 20091224163730.ga6...@linuxgazette.net Content-Type: text/plain; charset=us-ascii Hi, all - I tried reporting this bug in Launchpad more about a week back, and never got any response. Since it's a pretty big one (zip file contents not showing up), I figured I'd send it here; hopefully, someone finds it helpful! The problem was caused by the regex in /usr/share/mc/extfs/uzip failing to parse the output of '/usr/bin/unzip -qq -v'. As a result, the subsequent code that processes the return from that regex also fails. Please take a look at the diff file for the fix (tested on ~20 random zip files.) Best regards, -- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET * * You're absolutely right. I had this the other day and didn't even think anymore about it. But mc should theoretically read what's inside an archive and display its contents. I just tried mine and it works for RAR and 7z archives, but not ZIP. Odd. Regards -- Chris Jones linuxdyna...@comcen.com.au Founder Linux Dynamix Foundation http://linuxdynamixfoundation.freehostia.com -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
proper procedure regarding bug reports
To avoid misunderstandings I would like to ask the list in a bit more detailed kind of way for the proper procedure regarding bug reports, - because I am lacking official feedback regarding bug #500601, and on the one side I am aware that we had christmas and new year celebrations, people are generally busy with many things, etc. and on the other side I would like to move forward with several other topics that indirectly rely on this bug report. When you are sure that a software is not behaving as expected and you easily managed to reproduce that behaviour isolated from other influences, then how much time should you give to a bug report till you try a next step? What would be such a next step? P. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss