Re: Your Stealth Mail Bomber

[Tom Lear]

On Tue, 19 Jan 1999, Zephaniah E, Hull wrote:

> Well, I think its time that we start trying to truly enforce our spam
> policy...

Advertising policy.  Yes this is long overdue.
- Tom 

Re: Where does 'www-data' come from?

[Tom Lear]

On Tue, 19 Jan 1999, Eduardo Marcel Macan wrote:

>   We seem to have a ever-standing bug against postgresql saying we
> cannot have a user called www-data accessing databases (postgresql
> complains about the '-' in the name, it looks like it is not a valid char
> for postgresql usernames at all). Since I have been making kludges in
> several scripts a client of mine has for them to work on debian+Pg I
> started to wonder... Where does the name "www-data" come from? IS there any
> argument against 'www' ?

Actually, in postgres if you create "www-data" (quotes included and they
must be double quotes) it works.

>   See, I am not suggesting that we change the username to solve the
> postgres problem, this would solve this problem, but not THE problem with
> postgres. I am just wondering why it is not called just 'www'.

I've wondered that myself.
- Tom

Re: Debian booth at LinuxTag '99?

[M.C. Vernon]

On Tue, 19 Jan 1999, Michael Bramer wrote:

> All is in german. No part is in english. sorry.

Does this mean there's little point in English-only people turning up?

(maybe if we get enough debian people there, we can have a bilingual stall
:))

Matthew

-- 
Elen sila lumenn' omentielvo

Steward of the Cambridge Tolkien Society
Selwyn College Computer Support
http://www.geocities.com/Area51/Chamber/8841/
http://www.cam.ac.uk/CambUniv/Societies/tolkien/
http://pick.sel.cam.ac.uk/

Re: LSB?

[Joseph Carter]

On Tue, Jan 19, 1999 at 05:38:25PM +0100, Vincent Renardias wrote:
> > Reasonable objection notwithstanding, I intend to write a letter to those
> > responsible for the LSB to attempt to raise the issues we have with their
> > current proposal.  I would appreciate discussion on these issues in other
> > parts of this thread.
> 
> If you're interested in the LSB, you should join the LSB mailing list and
> offer to help.

Last I heard the LSB list was closed to the general public, though
archives were available.  Is this still the case?  If the LSB project now
welcomes "outsiders" to work with the project, great.  Otherwise I'm
concerned doing that would be in vain.


> "writing a letter to those responsible" is _very_ likely to be useless
> considering this lsb-fhs is a very first snapshot and that most problems
> with it reported on debian-devel have already been reported on the LSB
> mailing-list.

As I've said, last I heard this list was not available to the public.


> > I encourage those who have a significant opinion not yet voiced in the
> > LSB thread found on debian-devel to write them down either as part of
> > the thread or directly to me to aid in the drafting of this letter.
> 
> Please just don't do that.
> Whining on debian-devel/Freshmeat/Slashdot will _not_ help. Joining the
> LSB-test mailing-list and offer to help is a much better thing to do.

That's not what I intended to do.  I _WAS_ intending to draft a letter
based on what we think as a group and send it to -private for peer review
and figuring out who does what next.  I wouldn't want to publish the
letter on -devel as some non-developers would read the draft as a final
letter to the LSB people and I want some peer review before anything is
read as "official" from Debian.


The reaction to Ian's original dfsg2 proposal (which IMO was right to
send to -devel) from those outside Debian who heard only rumors
indirectly or read what they wanted into the proposal and went around
bashing Debian for adopting this new dfsg indicates to me there is at
least some reason for a letter which in the draft stages and is intended
to be reviewed by developers first to be handled in this way.  To those
who went on rumor or read what they wanted into a proposal without
reading the attached threads, consider yourselves flamed and read before
you comment in the future.  =p  (this is of course not directed at you
personally Vincent..)


-- 
"I'm working in the dark here."  "Yeah well rumor has it you do your best
work in the dark."
   -- Earth: Final Conflict

Re: Debian goes big business?

[Mark Phillips]

> Shawn writes:
> > I am all for a for-profit business forming as a value-added seller of
> > Debian products. Such a business could focus on pre-installations,
> > packaging and marketing, and user support. I would think a very
> > successful business could be built on such a model, and there would be no
> > necessary control flowing either way between said business and the Debian
> > organization. The Debian community would control the software, such a
> > business (and there could be many of them) would control its own
> > marketing, packaging, support program, etc.
> 
> Exactly!  This is just the sort of company I would love to participate in.


How about the following variation on the theme?

Rather than starting a for-profit business as a value-added seller of
Debian products, why not start a not-for-profit, user centred,
association that does the same job?  It would work a bit like an
automobile association.  Users would join by paying a membership fee.
It would be run by a board elected by the members - one vote per
member.  Membership fees and other income would be used to pay
employees who do the work.

Earlier posts have suggested that Debian itself could be turned into
such an association, but I don't believe that would be in Debian's
best interests.  I believe Debian should remain a developer
controlled, entirely volunteer, organization.  A flaw with the status
quo however, is that there is no mechanism to ensure that the needs of
users are looked after.  This is where a separate "Debian User
Association" could fill the gap.  Well actually, the "gap" isn't all
that large, because fortunately debian users are looked after quite
well at the moment.  But perhaps a user association could do even
better, as well as taking over some of the "user assistance" work that
developers currently do, freeing them up to concentrate more on
development.

The "Debian User Association" (DUA) would be separate from "Debian",
but the two would obviously wish to cooperate closely with each other.
DUA would concentrate on user issues --- value adding to the
distribution in user-centred ways.  It would provide user support to
members --- perhaps produce regular publications that deal with
frequent user issues.  It would also be heavily involved in marketing.

There is one big advantage of this structure over a for-profit Debian
business in that, I believe, current (and future) debian users would
be more enthusiastic about signing up.  With a business, the profits
would go to the owners, where as with the DUA, the aim of the
organisation would be to serve its members.  A DUA would provide a
mechanism for improved user support and marketability.  It would
provide a mechanism for paid workers, without damaging Debian's
volunteer developer model.  It would be a means for promoting Debian,
in keeping with the Debian spirit.

Mark.


_/\___/~~\
/~~\_/~~\__/~~\__Mark_Phillips
/~~\_/[EMAIL PROTECTED]
/~~\HE___/~~\__/~~\APTAIN_
/~~\__/~~\
__
"They told me I was gullible ... and I believed them!" 

Re: Debian appears to be ancient

[Edward Betts]

On Tue, 19 Jan, 1999, Wichert Akkerman wrote:
> Previously Ben Pfaff wrote:
> > No such file appears in my copy of Content-i386 from 28 Dec 1998.
> > Where are you getting it from?
> 
> Duh, I had the directory wrong, the correct dictory is
> /usr/doc/copyright/base. dpkg -S can't see where it is coming from
> though. The contents is also weird. Look at its copyright:
>   Copyright (C) 1995 The Debian Association
> 

Are you sure it was /usr/doc/copyright/base ?

-- 
GNU does not eliminate all the world's problems, only some of them.
-- The GNU Manifesto

Re: New DFSG Draft revision #3

[Gregor Hoffleit]

On Sat, Jan 16, 1999 at 06:39:53PM -0800, Darren Benham wrote:
> I'm not sure I'd agree that the version of DFSG aj and I are working
> would allow the "powered by" clause -- atleast not as a binding
> restriction. In our proposal, the section you quote says nothing
> about the notices in finished work the way Ian's proposal did. I
> wouldn't call a produced web page either source or documentation and
> it's certainly not the software being executed.

In the case of Zope, I have to disagree. You have to think of Zope as
an application with an GUI realized in HTML. I don't see a difference
to an application that publishes its GUI as X11 calls:

Your DFSG2 draft says "The license may require such notices to be
displayed: * during execution of the software".

Consider a license for an application with an X11 GUI. If the license
would require that you always give credits to the original author by
the way of an "About" panel, I think this would be acceptable
according to your draft.

Now where's the difference if the same program also has an web GUI and
if the license had the same requirement ?


> Personally, I think it would be a far reach to even call any/all web
> pages "advertising material".  And if it could, under the current
> wording, I'd change it to be "material offering the software
> package" or some such thing... Unless
> Debian *wants* that sort of attribution clause to be DFSG-free

Yep. This has nothing to do with the advertising clause.


> > This leads me to the following question: The current DFSG doesn't
> > explicitely rule out postcard-ware nor things like the ZPL attribution
> > requirement [2]. The new proposals all disallow postcard-ware
> 
> hence the desire to release a second version of the DFSG...
> 
> > requirements, but specifically allow notice requirements. This leads
> 
> but in a very restricted sense...
> 
> > me to the conclusion that notice requirements are accepted by the
> > common interpretation of the current DFSG (contrary to
> > postcard-ware-like requirements). Is that correct ?
> 
> I supposed it could be argued, in letter.. but they seem unacceptable in the
> spirt of the DFSG.

Well, do you think requirements for notices during the executions of
the software are acceptable in the spirit of the DFSG ? If that's the
cause, I don't think you can rule out the "powered by" clause in the
ZPL.

Don't get me wrong: I don't advocate the notices clause in your
proposal. It's just that I think it's obvious that it includes
licenses like Zope's, and since nobody argued against the clause, I
wondered if that was an commonly accepted interpretation of the DFSG
between the developers.

Gregor

Re: Bug#27050 (fdutils): A cause for security concern?

[Wichert Akkerman]

Previously Anthony Fok wrote:
> As the Slink deep freeze and release are impending, I would like to ask your
> advice: Should I follow the suggestion given by the bug reporter Thomas
> Roessler?

I think so. For people who want to mount floppies without being root
you can also use a line in /etc/fstab like this:

/dev/fd0 /floppyauto  noauto,noexec,nodev,user   0  0

fdmount should probably be audited so we really know if it's secure. You
could submit it to the security-auditing list
([EMAIL PROTECTED]).

> If so, should I fix this bug before Slink is out?

Yes. I would hate to discover a vulnerability and release an advisory
days after we release slink..

Wichert.

-- 
==
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: [EMAIL PROTECTED]
WWW: http://www.wi.leidenuniv.nl/~wichert/


pgpotBh2GpOsx.pgp
Description: PGP signature

Developers' keyring and slink freeze

[Julian Gilbey]

Please, please, PLEASE can we put the latest version of the
debian-keyring package into slink.  I see no reason why we shouldn't
have the latest version of the maintainers' keys in slink, especially
as some people may, on occasion, use them to test the validity of a
downloaded package or of an email.

   Julian

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Julian Gilbey Email: [EMAIL PROTECTED]
   Dept of Mathematical Sciences, Queen Mary & Westfield College,
  Mile End Road, London E1 4NS, ENGLAND
  -*- Finger [EMAIL PROTECTED] for my PGP public key. -*-

Re: Is anyone reading wnpp mail?

[Martin Schulze]

Joop Stakenborg wrote:
> I have done some posting to [EMAIL PROTECTED], but I
> never get an answer and nothing really happens.

The most easiest way to reach the maintainer is to enter IRC,
server irc.debian.org and "/msg netgod".

> Is anyone reading the wnpp mail?

Generally yes, but only frequently (contrary to regularily).

Regards,

Joey

-- 
Those who don't understand Unix are condemned to reinvent it, poorly.

Please always Cc to me when replying to me on the lists.

Re: LSB?

[Joseph Carter]

On Tue, Jan 19, 1999 at 02:57:46PM -0500, Dale Scheetz wrote:
> > You can start by writing to our man on point with the LSB, Dale Scheetz.
> 
> Absolutely!

As said elsewhere, I was going to submit the draft to -private.  If you
think it would be better for you to handle it, say so and I'll stay out
of it.  I offered because nobody else had and based on opinions found
here on -devel and on Debian's irc channels, I felt someone should do
something.  I'm not trying to work around you or without the opinions of
other developers.


> > It is noteworthy, however, that Dale hasn't already commented in this 
> > thread. Are you still actively following the LSB, Dale?
> 
> That only has to do with the fact that I also have "billions" of other
> things to do besides reading ill informed postings on this list.
> 
> I'm sorry if I sound harsh. It is only because I am already overloaded
> with "other people's problems" as well as a raft of my own.

I can understand that you've had a lot to do.


> If you wish to educate yourself with /. and not check the facts before
> spreading fud, then I have no time for you. For information about what the
> LSB is doing check the web site (www.linuxbase.org), where you will find
> all of the borring details about how this committee is organized and what
> is currently going on, or ask me <[EMAIL PROTECTED]>.

I was using just what they had released.  Not anything based on Slashdot
(which probably has a story on this by now, but I haven't read it..)


> The test suite under discussion is completely the product of TOG, as a
> "favor" to the LSB. I made my objections to the chair of the LSB Committee
> when TOG first suggested the name of the test suite, but (as usual) my
> objections were ignored ;-)

Figures.  =>


> The FHS test suite was suggested, soon after the license was resolved on
> the POSIX test suite produced by TOG. With the current license, we can
> "pick and choose" from the test suites available, those tests that suit
> the needs of the LSB. So, it really doesn't matter if TOG insists on
> misnaming the test suite, we can still use it as we please, within the
> constraints of the Artistic license.

Why then did the release info indiciate this was the first version of a
LSB compliance test suite but wasn't finished yet so we can't claim based
on it that we're compliant?  The FUD was not in a Slashdot article, it
was on the page which you download the thing from.  Essentially, anyone
not part of the (AFAIK never opened to the public) LSB mailing list would
read this exactly as I did.  And in fact that's what they did read,
before I even knew there was a release.


> In addition, there is going to be a "physical" meeting of the major
> participants (myself included) soon, so we can get to know each other
> better, and get a better idea of what we are each going to be able to
> accomplish. There is also going to be a meeting between us and the various
> vendors and distributions that have an interest in the outcome of this
> standard, so that we can come to understand their needs better as well.
> I believe that Ian J.  will be representing Debian at
> that meeting.
> 
> So, if I seem to not be "johnie on the spot" as much as I have in the
> past, rest assured that I am grinding away on LSB Testing issues, right
> along with all the other things I grind at ;-)

Mostly I am concerned with the information which you regard as FUD being
found at the original URLs, not in any story published on Slashdot or
whatever.  I am glad to see it's not as much a worry as I originally
thought and (as Vincent suggested) I am interested in helping however I
can.  I didn't mean to step on your toes and I am sorry if my message
indicated that was my intent.  Based on the information I had, the
release info for this test suite, I saw the same problems other people
were seeing and felt it necessary to start to get the ball rolling to
avert disaster with the LSB.


> The following is directed at Joseph:
> 
> If you insist on associating the deficiencies in one thing with the
> capabilities of another, I'm surprised your life isn't total chaos. Such
> reasoning is totally without logic, and you would be better off rolling
> dice to decide your next move.
> 
> I strongly suggest you do better research, next time you think you should
> badmouth someone else's work. There are some very quality folks working on
> the LSB, and you denigrate their efforts when you draw the unsubstantiated
> conclusions you presented above.

I consider this unfair at the very least.  Before the LSB project was
created there was an irc meeting which was held somewhat in secret,
though I heard about it.  I attended about half of that meeting based on
what I know and there I offered to help.  My offer was rejected then.  I
tried to follow the project afterward, but information was kept internal
and the only way I could follow anything was by reading public archives
of a private list, which I wasn't even aware of until su

Re: Debian v2.1 ("Slink") Deep Freeze

[Brian White]

> > After considerable delay, Slink is almost ready for release.  As such, it
> > will go into the "deep freeze" on Wednesday, January 20th.  New uploads
> > will be _greatly_ restricted.  Also, the following packages will be
> > removed because of release-critical bugs still open against them:
> 
> Unless someone fixes them before wednesday, right? (on a related note,
> wednesday in what timezone?).

As in when the automatic install runs on arount 3:00pm EST.

  Brian
  ( [EMAIL PROTECTED] )

---
No man dies except he who has not lived.

Re: Debian v2.1 ("Slink") Deep Freeze

[Brian White]

> >Debian v2.1 ("Slink") Deep Freeze
> >
> > After considerable delay, Slink is almost ready for release.  As such, it
> > will go into the "deep freeze" on Wednesday, January 20th.
> 
> Brian, will you please consider to do a ftp.debian.org bug hunting *before*
> doing any deep freeze?

The ftp maintainers will have to take care of that.  I'm not sure if Guy
shares the [EMAIL PROTECTED] mail with his helpers.  They're pretty
good about getting things done usually.

> Some bugs reported two months ago have not been fixed yet. This means that
> either:
> 
> * They are difficult to fix (unlikely).
> * There are not enough ftp.debian.org maintainers (I don't know).
> * The release manager does not care about ftp.debian.org bugs (I hope not).
> * Some other reason (Which one?).
> 
> Could somebody explain me, why, oh why, do we have to wait more than two
> months for trivial ftp.debian.org bugs to be fixed?

  Brian
  ( [EMAIL PROTECTED] )

---
Seize the moment!  Live now.  Make "now" always the most important time. -- JLP

Re: New DFSG Draft revision #3

[Darren Benham]

On 20-Jan-99 Gregor Hoffleit wrote:
> In the case of Zope, I have to disagree. You have to think of Zope as
> an application with an GUI realized in HTML. I don't see a difference
> to an application that publishes its GUI as X11 calls:
> 
> Your DFSG2 draft says "The license may require such notices to be
> displayed: * during execution of the software".

Are you saying that this zope software (and I am unfamaliar with it) is running
while the webpage is being displayed?  I think I need to know more about Zope
to understand the situtation.  I'm picturing this like... vim or nvi or {fillin
your favorite editor} requiring  at the top of every file.

The easiest way to find out if it's the "commonly accepted interpretation" is
to see if there is any other software, in main, with the same license... 

-- 
=
* http://benham.net/index.html <><  *
*  * -BEGIN GEEK CODE BLOCK- ---*
*Darren Benham * Version: 3.1   *
*  <[EMAIL PROTECTED]>  * GCS d+(-) s:+ a29 C++$ UL++> P+++$ L++>*
*   KC7YAQ * E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS--   *
*   Debian Developer   * PE++ Y++ PGP++ t+ 5 X R+ !tv b DI+++ D++   *
*  <[EMAIL PROTECTED]>  * G++>G+++ e h+ r* y+*
*  * --END GEEK CODE BLOCK-- ---*
=


pgpbio6VHoxCB.pgp
Description: PGP signature

Re: Debian booth at LinuxTag '99?

[Martin Schulze]

Federico Di Gregorio wrote:
> On Tue, Jan 19, 1999 at 03:54:55PM +0100, Christian Weisgerber wrote:
> > Wichert Akkerman <[EMAIL PROTECTED]> wrote:
> > 
> > > End of June.. sounds like I'll be able to be there. Does anyone know any
> > > cheap places to stay for a couple of days in the neighborhood?
> 
> I am thinking about being there (I'll come from italy). If you
> find something, Wichert, can you please let me know... I CAN'T
> read german (hope conference language will be english, at least in
> part).

Errr, you'd better wait for the German Linux Kongress then which is 
a real conference, with talks held in english.  As far as I remember
the Linuxtag is an exhibition with some talks for users (contrary to
the conference which is meant for developers or both).

Regards,

Joey

-- 
Those who don't understand Unix are condemned to reinvent it, poorly.

Please always Cc to me when replying to me on the lists.

Re: No intend to package vbox

[Martin Schulze]

Roland Rosenfeld wrote:
> >> here at work we are going to use vbox. Since there is no Debian
> >> package already I wonder if somebody has interest in packaging it.
> >> I don't feel much interest but need for it so I would appreciate if
> >> s/o else would step forward.
> 
> > As Ruud reminded me isdnutils contains a vbox, but a quite old
> > version. What we need is vbox 2 beta 4.
> 
> As far as I can see isdnutils-3.0-8 includes vbox 2.0.0 beta 5, which
> is a little bit newer than vbox 2 beta 4 with the following changes:

Thanks.  I've forwarded that to my collegue.

Regards,

Joey

-- 
Those who don't understand Unix are condemned to reinvent it, poorly.

Please always Cc to me when replying to me on the lists.

Re: Debian v2.1 ("Slink") Deep Freeze

[Brian White]

> > dpkg  17624  dpkg: installs regular dir when .deb contains 
> > symlink !
> >   21182  dpkg: dpkg can go into an infinite loop with 
> > --force-configure-any
> >   28519  dpkg: dpkg creates circular symlinks
> >   28817  dpkg takes no care over libdpkg
> >   30090  weirdass dpkg coredumps and xbase upgrade insanity
> >   30891  dpkg: Patch for update-alternatives to fix jdk 
> > problems
> 
> Is anyone actually working on these? Should they really hold up the
> release?

To answer the first question, I don't know.  To answer the second, that is
the reason for the bug severities in the first place so presumably, yes.


> > nonus.debian.org  21423  Dpkg-ftp can't handle alternative distributions
>  This is important??
> 
> > wu-ftpd-academ30931  wu-ftpd-academ: Can't build from source!
> 
> I have compiled wu-ftpd-academ from source on saens at least 10 times, I
> did not get the problems described in the bug.

Close it saying you can't reproduce it and ask someone to re-open it if they
can reproduce it.

  Brian
  ( [EMAIL PROTECTED] )

---
 If at first you don't succeed, so much for skydiving.

Intent to package: micq

[Max]

I'm going to pyut my maintainer application in RSN (I have to scan in my
license *grumble*)

After that, I would like to package micq, which is a text mode icq client,
which is in the public domain.  I already have preliminary version
packaged.

--- Max/TazQ/MTFFM/Whatever My Nickname Is Today (http://crazy.ml.org)

Warning: This email is for informational purposes only.  Do not ingest,
digest, reject, inject, deject, osmose or otherwise process this email.
If taken internally, seek psychiatric help immediately.

Re: Debian booth at LinuxTag '99?

[Christian Weisgerber]

In article <[EMAIL PROTECTED]>,
Federico Di Gregorio <[EMAIL PROTECTED]> wrote:

> I am thinking about being there (I'll come from italy). If you
> find something, Wichert, can you please let me know... I CAN'T
> read german (hope conference language will be english, at least in
> part).

The conference language will be German. In particular, all presentations
will be in German. Sorry. I'm not entirely happy with this, but the bulk
of the target audience are unsophisticated users who would be
discouraged by English (even if they wouldn't admit it). It's a
trade-off; we would probably not be able to attract more people from
throughout Europe than we would lose from the nearby 100km radius.
Feedback to the contrary will be given due consideration for LinuxTag
2000. ;-)

Of course you can talk to the various exhibitors in English, and the
mentioned Debian BOF/developers meeting could be done in English, too.

-- 
Christian "naddy" Weisgerber  [EMAIL PROTECTED]
carpe librum: books 'n' reviews http://www.carpe.com/buch/>

Re: Debian booth at LinuxTag '99?

[Christian Weisgerber]

In article <[EMAIL PROTECTED]>,
Marcus Brinkmann <[EMAIL PROTECTED]> wrote:

> I think I can come, too. It's a weekend which is nice. I hope the
> youthhostel has enough beds for everyone.

We intend to contact the youth hostel and ask them to generally reserve
as many beds as possible for LinuxTag visitors, but AFAIK this hasn't
been done yet.

If you plan to stay there, please be aware that the youth hostel is not
located in Kaiserslautern proper but in a nearby small town (Hoch-
speyer) deep in the woods, and for all practical purposes a car will be
required to get from there to Kaiserslautern and vice versa.

> Debianers, can we organize us a bit?

It would indeed be helpful if the Debian team could organize and speak
"with one voice" to us.

-- 
Christian "naddy" Weisgerber  [EMAIL PROTECTED]
carpe librum: books 'n' reviews http://www.carpe.com/buch/>

Re: Debian booth at LinuxTag '99?

[Christian Weisgerber]

In article <[EMAIL PROTECTED]>,
Philipp Frauenfelder <[EMAIL PROTECTED]> wrote:

> 26 and 27 of june is a weekend, right?

"cal" is part of the bsdmainutils package, which is listed as important.
;-)

> There is a youth hostel about 15km away. Check
> http://www.djh.de/herbergsverzeichnis/herbergen/6/67691.html
> 21.- (which currency? Euro or DM?) for bed and breakfast.

That's DEM. Note that the "seniors" category starts at the tender
age of 27.

> Does one need to be member of an association to get a bed there?

Uh, I don't think so.

-- 
Christian "naddy" Weisgerber  [EMAIL PROTECTED]
carpe librum: books 'n' reviews http://www.carpe.com/buch/>

Re: Debian goes big business?

[Steve Shorter]

On Wed, 20 Jan 1999, Mark Phillips wrote:

> 
> How about the following variation on the theme?
> 
> Rather than starting a for-profit business as a value-added seller of
> Debian products, why not start a not-for-profit, user centred,
> association that does the same job?  It would work a bit like an
> automobile association.  Users would join by paying a membership fee.
> It would be run by a board elected by the members - one vote per
> member.  Membership fees and other income would be used to pay
> employees who do the work.

How about an ISP that in addition to user support etc also
does some real technical training in Linux admin and C programming.
An Internet Service Provider, that is a school and user "club" and
Linux/Debian advocate. Where else could youth go to gget real technical
training; the High Schools don't teach any thing techncial and probably
couldn't do a good job of it anyway. The ISP's won't teach squat to
their clients, scared they might give away some "secret" of the trade
and have  more competition.

There must be some potential in this idea. What about a "network"
of mutually supportive  organizations that have some real local 
(geographically)presence. No one else is doeing this. What a great way to 
expand the
technical user base and recruit youth and build the Internet at the same time.

Or am I dreaming to much?

-steve

Re: Debian v2.1 ("Slink") Deep Freeze

[Martin Schulze]

Brian White wrote:
> > > nonus.debian.org  21423  Dpkg-ftp can't handle alternative distributions
> >  This is important??

I don't know what this bug is referring to, but there is a new dpkg-ftp
which can handle multiple servers.  I wrote a dpkg-multiftp method for
the same reasn, the new dpkg-ftp maintainer has merged both.

Regards,

Joey

-- 
Those who don't understand Unix are condemned to reinvent it, poorly.

Please always Cc to me when replying to me on the lists.

Revision 4 of DFSG

[Darren Benham]

Remember, if you don't want a new DFSG at all, you can always vote it
down and argue against it when the proposal is made.  In the mean
time, lets see if we can atleast make this the best wording we can.

Also, remember, I think the proposal needs to be worded so that the
DFSG ballot has an option with AND without the deprecated clauses so
now is not the time to try to get them removed...

Please let me know what you think, then.

- Darren
-- Cut Here -



  Debian Free Software Guidelines
  ---

  Anthony Towns <[EMAIL PROTECTED]>
 Darren Benham <[EMAIL PROTECTED]>

   draft version 2.4.1 18 January 1999 


Copyright Notice


 copyright ©1999 Anthony Towns & Darren Benham

 This document is free software; you may redistribute it verbatim in
 any format. You may modify this document and redistribute it in any
 form so long as you change the title of this document. You may use
 parts of this document for any purpose.

 This is distributed _without any warranty_; without even the implied
 warranty of merchantability or fitness for a particular purpose. 

 This document, in it's source form, exists in DebianDoc format. _Parts
 marked  are notes and questions and not part of the actual
 document. They will be removed in the final work._ 


---


Contents


 1.Introduction 
 1.1.  Application 

 2.Requirements 
 2.1.  Use 
 2.2.  Source Code 
 2.3.  Distribution 
 2.4.  Modified and Derived Software 
 2.5.  Termination of License 

 3.Restrictions 
 3.1.  Limitation of Liability
 3.2.  Notices of Authorship 
 3.3.  Misrepresentation of Authors 
 3.4.  License of Derived Works 
 3.5.  Restrictions on charges 
 3.6.  Availability of source code 
 3.7.  Integrity of the Original Work 
 3.8.  Fees for Distribution 

 4.Notes  
 4.1.  Deprecated 
 4.2.  Non-binding Requests 
 4.3.  Weaker Restrictions 
 4.4.  Source Code 
 4.5.  Example Licenses 


---


1. Introduction 


 The Debian Free Software Guidelines define what it means for software
 to be free as far as the Debian project is concerned. Software that
 follows these guidelines is termed "DFSG-free". 

 These guidelines are separated into two sections: a list of freedoms
 we require of DFSG-free software and a list of restrictions on those
 freedoms that we are willing to accept. 


1.1. Application 
-

 These guidelines are intended to be applied to software programs, that
 is, machine-readable programs that instruct a computer how to perform
 specific tasks, and items directly related to such programs, and any
 accompanying documentation. These guidelines do not, however, refer to
 other documents, most notably opinion pieces, documents from standards
 bodies and other non-executable works. In addition, documentation that
 does not accompany the software it documents is also not covered by
 these guidelines. 

  

 These guidelines are intended to be applied to software programs, that
 is, machine-readable programs that instruct a computer how to perform
 specific tasks and its source code. These guidelines do not, however,
 refer to documentation and other non-executable works, including
 program documentation, opinion pieces, and documents from standards
 bodies. 


---


2. Requirements 



2.1. Use 
-

 Anyone must be able to use the software in any way without paying a
 fee or royalty. 

  


2.2. Source Code 
-

 Source code must be freely available.  


2.3. Distribution 
--

 Anyone must be able to give away or sell copies of the executables and
 sources without paying a fee or royalty. However, nobody can be
 required to distribute the software. 

  

  


2.4. Modified and Derived Software 
---

 Anyone must be able to use and distribute the software (source or
 executables) with modifications and anyone must be able to distribute
 software that uses parts of the licensed source.  


2.5. Termination of License 


 The license must remain valid until the licensee terminates it or the
 terms of the license are violated.  


---


3

Re: Bug#27050 (fdutils): A cause for security concern?

[Robert Donn]

On Tue, Jan 19, 1999 at 05:16:01PM -0500, Avery Pennarun wrote:
> When the docs for a setuid program warn you "not to trust its security"
> then be afraid, be very afraid.  It shouldn't be automatically setuid in
> Debian until _some_ security-conscious person has audited it carefully.

On a related note, I recently had a relatively grave security concern with
the 'xzx' package (a ZX Spectrum emulator for X) - after it faulted one time
(can't remember what happened - I think it just stopped responding to
closing the window and using 100% CPU), I had a number of things go wrong -
I checked out the binary itself, and found it was suid root!

Now, the postinst (which sets the suid bit) never warned me about this, and
I can also see no reason for it to be suid root - it doesn't appear to give
up root priviledges once started (and contains file dialogs).

I'm not sure whether this violates policy or not (and thus whether to file a
bug against it) - but Policy does not require postinsts using
chmod/suidregister to give message or query, then perhaps it
needs to be added...

--
Robert Donn 

Re: Debian goes big business?

[Christian Lavoie]

DISCLAIMER: These are notes, and can have technical impossibilites 
(especially concerning '.deb'ianizing of StarOffice)

Ok, here's the sum up:

- Debian will lose its spirit if it goes itself for-profit.
- A for-profit corporation based on Debian itself will eventually try 
to influence/own it. (Consequences: See previous comment)

Bottom line: Debian should remain developer controlled.

To preserve a kind of user support, we should create a DUA, which 
would have to do some/all of the following:

- Provide single user free of charge support through internet. 
(email/newsgroups/knowledge base/whatever)
- Provide corporate support, at a cost (cause they think it's better 
to pay it anyway), with the usual things sucha thing includes 
(on-site, 24 hours a day, programmation capable team to adapt a 
product)
- Work head-to-head against RedHat/Caldera/SuSE for publicity on 
Debian and promoting .deb packaging of things like 
StarOffice/WordPerfect
- Certification of technicians proficient in installing 
Debian/scripting and maintaining of a Debian system.
- Be rentable, so it can re-invest back in publicity.
- Cannot influence Debian developers more than the Debian users it 
deserves would influence it. (Meaning, you don't pay programmers, but 
you can kindly ask them for a bugfixe/feature ;P )

Bottom line: Co-operative society/stores based on users, democratic 
voting, no shareholding, all votes equals.

On a side note, if a user-based co-operative society forms, would a 
developer-based society of the same kind be appreciated? It could for 
an example provide acquisition of patents (basically, to GPLized them) 
and work to allow developers for better recognition, allow to access 
better resources (like an equivalent to a membership to W3C, or other 
reserved to corporation bodies thingies.) and tries to augment 
developer communication and tries to 'enforce' major headings of the 
dist. (Like, say, we're switching to libc7)

Christian Lavoie

Re: Debian appears to be ancient

[John Hasler]

Edward Betts writes:
> Are you sure it was /usr/doc/copyright/base ?

hasler/~ ll /usr/doc/copyright/base
total 2
-rw-r--r--   1 root root 1197 Dec 31  1969 debian.README
-- 
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
Elmwood, WI

Re: Debian appears to be ancient

[Ben Pfaff]

John Hasler <[EMAIL PROTECTED]> writes:

   Edward Betts writes:
   > Are you sure it was /usr/doc/copyright/base ?

   hasler/~ ll /usr/doc/copyright/base
   total 2
   -rw-r--r--   1 root root 1197 Dec 31  1969 debian.README

So what package does it come from, then, and what version?  I still
don't have that file:

   blp:~(0)$ ls /usr/doc/copyright/base
   ls: /usr/doc/copyright/base: No such file or directory

It's also not in Contents-i386 for stable, frozen, or unstable AFAICT.
-- 
"...In the UNIX world, people tend to interpret `non-technical user'
 as meaning someone who's only ever written one device driver."
--Daniel Pead

Re: New DFSG Draft revision #3

[Anderson MacKay]

On Tue, 19 Jan 1999, Darren Benham wrote:
> On 20-Jan-99 Gregor Hoffleit wrote:
> > In the case of Zope, I have to disagree. You have to think of Zope as
> > an application with an GUI realized in HTML. I don't see a difference
> > to an application that publishes its GUI as X11 calls:
> > 
> > Your DFSG2 draft says "The license may require such notices to be
> > displayed: * during execution of the software".
> 
> Are you saying that this zope software (and I am unfamaliar with it) is 
> running
> while the webpage is being displayed?  I think I need to know more about Zope
> to understand the situtation.  I'm picturing this like... vim or nvi or 
> {fillin
> your favorite editor} requiring  at the top of every file.

 To crash in uninvited, and only to clear up what Zope is: Zope is
an object publishing environment in Python, designed primarily for
building web-based applications.  Another way of putting this is that it's
a sort of ORB system that turns URLs into Python object calls, usually
generating HTML as a result.  You could also look at it as a user
publishing system, since it has its own permission controls and hierarchy,
some database connectivity, and lots of really cool stuff that can all be
administered via the web.  (It was formerly the Principia web application
environment, a commercial product of Digital Creations, inc.) Comparable
things include Allaire's Cold Fusion product, the WebObjects environment
(does Apple make that?), maybe even things like ASP (in a primitive sense)
... while it's all of these things and none of them, this may give you
some idea of what Zope does.  Short version: if you like writing classes
in Python and want to interface them to the web, while allowing things
like users publishing their own content, Zope is exactly what you're
looking for.  Okay.  

As I read the license, it just requires that you display notice that your
website was created using Zope, e.g. a sort of "powered by Zope" logo
kinda thing, and you need a "credits" page of some sort.  I'm not even
sure this license requires that this notice be on every page, just that it
be in some obvious place near the "front" of the site.  (But I don't have
the license here in front of me, unfortunately ...)

Andy

Re: packages.debian.org

[James A. Treacy]

On Tue, Jan 19, 1999 at 10:53:43PM +0100, Josip Rodin wrote:
> On Tue, Jan 19, 1999 at 11:40:01PM +0100, Vincent Renardias wrote:
> > > One more feature (or a bugfix since it pointed to 404 before :) has
> > > been added: you can call http://packages.debian.org/some_package and
> > > it will redirect you to the search results on some_package. Jason
> > > Gunthorpe enabled that one too (thanks!).
> > 
> > Interestingly enough, it works fine for the 'mount' and 'wine' packages,
> > but not for 'gdb' or 'sac' (while they all in the main section).
> > Any reason to this? 
> 
> I tried now for gdb, and it points me to:
> http://cgi.debian.org/cgi-bin/search_packages.pl?keywords=gdb&searchon=names&version=all&release=all
> which is the exact same location of where the /distrib/packages.html
> points me after submitting the form (with all these options the same).
> 
swish++ seems to really not want to index three letter words or words with no 
vowels.
I thought the changes I made fixed it, but there may still be problems with 
indexing
words in META tags. I'll look into it.

Jay Treacy

Re: packages.debian.org

[James A. Treacy]

Try again. The system installed version of the indexing program was being
used instead of my custom job. This has been fixed so it should work correctly
now.

Jay Treacy

Re: Debian goes big business?

[Christian Lavoie]

> To preserve a kind of user support, we should create a DUA, which
> would have to do some/all of the following:

> - Provide single user free of charge support through internet.
> (email/newsgroups/knowledge base/whatever)
> - Provide corporate support, at a cost (cause they think it's better
> to pay it anyway), with the usual things sucha thing includes
> (on-site, 24 hours a day, programmation capable team to adapt a
> product)
> - Work head-to-head against RedHat/Caldera/SuSE for publicity on
> Debian and promoting .deb packaging of things like
> StarOffice/WordPerfect
> - Certification of technicians proficient in installing
> Debian/scripting and maintaining of a Debian system.
> - Be rentable, so it can re-invest back in publicity.
> - Cannot influence Debian developers more than the Debian users it
> deserves would influence it. (Meaning, you don't pay programmers, but
> you can kindly ask them for a bugfixe/feature ;P )

Sorry replying to my own post, but how about the following:

- Paying guys to maintain deb packages, package unpackaged software? 
High-school/college students would appreciate a lot, IMHO. Although 
not highly rewarding, it does include some technical knowledge, and 
proves some proficiency in compiling and ocnfiguration of Debian 
systems.

Christian Lavoie

Re: Debian appears to be ancient

[Buddha Buck]

> John Hasler <[EMAIL PROTECTED]> writes:
> 
>Edward Betts writes:
>> Are you sure it was /usr/doc/copyright/base ?
> 
>hasler/~ ll /usr/doc/copyright/base
>total 2
>-rw-r--r--   1 root root 1197 Dec 31  1969 debian.README
> 
> So what package does it come from, then, and what version?  

It's in the "base" package, which on my system is version 1.1.0-14.  
The package itself was split a long time ago into several other 
packages, but because it contains several hard-to-upgrade files (e.g., 
/dev/*), it can't be removed from systems which contain it.  The 
upgrade would totally trash the system.

Newer installs don't have that problem, it's just the older installs.

> It's also not in Contents-i386 for stable, frozen, or unstable AFAICT.
-- 
 Buddha Buck  [EMAIL PROTECTED]
"Just as the strength of the Internet is chaos, so the strength of our
liberty depends upon the chaos and cacaphony of the unfettered speech
the First Amendment protects."  -- A.L.A. v. U.S. Dept. of Justice

Re: LSB?

[Dale Scheetz]

On Tue, 19 Jan 1999, Joseph Carter wrote:



> 
> > The test suite under discussion is completely the product of TOG, as a
> > "favor" to the LSB. I made my objections to the chair of the LSB Committee
> > when TOG first suggested the name of the test suite, but (as usual) my
> > objections were ignored ;-)
> 
> Figures.  =>
> 
> 
> > The FHS test suite was suggested, soon after the license was resolved on
> > the POSIX test suite produced by TOG. With the current license, we can
> > "pick and choose" from the test suites available, those tests that suit
> > the needs of the LSB. So, it really doesn't matter if TOG insists on
> > misnaming the test suite, we can still use it as we please, within the
> > constraints of the Artistic license.
> 
> Why then did the release info indiciate this was the first version of a
> LSB compliance test suite but wasn't finished yet so we can't claim based
> on it that we're compliant?  The FUD was not in a Slashdot article, it
> was on the page which you download the thing from.  Essentially, anyone
> not part of the (AFAIK never opened to the public) LSB mailing list would
> read this exactly as I did.  And in fact that's what they did read,
> before I even knew there was a release.

My point is that you failed, and continue to fail, to recognize the
ownership of the location you "download the thing from", which is not the
LSB web site, but the site of "The Open Group", and TOG is _not_ the LSBC.

> 
> 


> > 
> > I strongly suggest you do better research, next time you think you should
> > badmouth someone else's work. There are some very quality folks working on
> > the LSB, and you denigrate their efforts when you draw the unsubstantiated
> > conclusions you presented above.
> 
> I consider this unfair at the very least.  Before the LSB project was
> created there was an irc meeting which was held somewhat in secret,
> though I heard about it.  I attended about half of that meeting based on
> what I know and there I offered to help.  My offer was rejected then.  I
> tried to follow the project afterward, but information was kept internal
> and the only way I could follow anything was by reading public archives
> of a private list, which I wasn't even aware of until such time as things
> started happening which lead to Bruce Perens leaving the LSB project.

All of which is old news. So what?

> 
> When the LCS project was formed I joined the list with the hopes of being
> able to help where I could and at least follow development of the
> project.  When LCS was merged back into LSB, people like me were left out
> in the cold.  No information since has been exactly released to the
> public, though I have been watching for it.
> 
While people like you may have been "left out in the cold", there was
plenty of effort to announce the new list organization. Everything
released by the LSBC is available at the linuxbase web site and has been
since shortly after "the reorganization".


> Then when the LSB project releases something and I go to check it out and
> read lots of stuff, much of it alarming and what you call FUD and bring
> it up here offering once again to do something, you tell me I haven't
> done my research.  I read the page attached to the official release.  If
> that page is in error it is not my error.
> 
Your error is in assigning authorship to the LSBC. 

> I propose the LSB project stop releasing FUD if they don't want it spread
> and that they stop keeping people who would like to at least follow the
> project and help it succeed where they can from doing so.
> 
To my knowledge no one has ever been "turned away" who has offered to help
with LSB work, not even TOG. If you realy wish to help then stop spreading
FUD. 

Luck,

Dwarf
--
_-_-_-_-_-   Author of "The Debian Linux User's Guide"  _-_-_-_-_-_-

aka   Dale Scheetz   Phone:   1 (850) 656-9769
  Flexible Software  11000 McCrackin Road
  e-mail:  [EMAIL PROTECTED] Tallahassee, FL  32308

_-_-_-_-_-_- If you don't see what you want, just ask _-_-_-_-_-_-_-

Re: texinfo and texi2* in tetex-bin?

[Joel Klecker]

At 17:15 -0200 1999-01-19, Lalo Martins wrote:
Oh boy! Cammon! Now I need to install 25M (tetex-bin~=10 +
tetex-base~=15) just to compile texi files into html or info?
Uhh, not "now", makeinfo and texi2html in tetex-bin is not a new 
development, it's been that way since at least bo, IIRC.

I really think we should continue to provide separate "texinfo"
and "texi2html" packages at least.
Those were never separate binary packages. The texinfo source package 
generates `info'.
--
Joel Klecker (aka Espy) http://web.espy.org/>
mailto:[EMAIL PROTECTED]>  mailto:[EMAIL PROTECTED]>
Debian GNU/Linux PowerPC -- http://www.debian.org/ports/powerpc/>

Re: Bug#27050 (fdutils): A cause for security concern?

[John Hasler]

Avery Pennarun wrote:
> When the docs for a setuid program warn you "not to trust its security"
> then be afraid, be very afraid.  It shouldn't be automatically setuid in
> Debian until _some_ security-conscious person has audited it carefully.

Would you say the same of daemons that run as root?
-- 
John HaslerThis posting is in the public domain.
[EMAIL PROTECTED]  Do with it what you will.
Dancing Horse Hill Make money from it if you can; I don't mind.
Elmwood, Wisconsin Do not send email advertisements to this address.

Re: Debian booth at LinuxTag '99?

[Alexander N. Benner]

hi

Ship's Log, Lt. Wichert Akkerman, Stardate 190199.0220:
> 
> If possible it might be nice to organise a couple of things like a
> meeting for Debian developers and a BOF about Debian maintainership.
> Oh, and the obligatory PGP-signing session of course :)
> 


I'd like to join, but I'm not sure about the date.
Please keep me (the list?) up2date what's planed


Greetings

-- 
Alexander N. Benner   - [EMAIL PROTECTED] -   IF SOMETHING GOES WRONG:
- if you have problems that seem to be due to kernel bugs, [...] then the
  second best thing is to mail them to me ([EMAIL PROTECTED])
- Bill Gates: Windos contains no bugs that the majority of users want fixed.

Re: Where does 'www-data' come from?

[Steve Bowman]

On Tue, Jan 19, 1999 at 10:34:27PM +, Oliver Elphick wrote:
> Johnie Ingram wrote:
>   >
>   >"Eduardo" == Eduardo Marcel Macan <[EMAIL PROTECTED]> writes:
>   >
>   >Eduardo>   See, I am not suggesting that we change the username
>   >Eduardo> to solve the postgres problem, this would solve this problem,
>   >Eduardo> but not THE problem with postgres. I am just wondering why it
>   >Eduardo> is not called just 'www'.
>   >
>   >I still say its a nasty Bug in postgresql createuser.  If you create a
>   >"wwwdata" user and then rename the user manually in pg_shadow, it
>   >works fine.  At the very least createuser could have an
>   >--allow-badname option like adduser.
> 
> The SQL command, CREATE USER, does allow it; I specifically disallowed it
> in the createuser command in order to stop people running into the GRANT
> bug.

Calling it a bug may be a bit harsh, but I'm glad you disabled it.
'-' is an operator in SQL and keeping people from using it foolishly
is a "good thing".  Just think of using & or | in filenames.  If you
want to confuse operators and operands, you deserve what you ask for,
but no one would call this a bug in bash (would they?).

My 2c.
Steve Bowman

> 
> -- 
> Oliver Elphick[EMAIL PROTECTED]
> Isle of Wight  http://www.lfix.co.uk/oliver
>PGP key from public servers; key ID 32B8FAA1
>  
>  "The LORD is my strength and song, and he is become my 
>   salvation; he is my God, and I will prepare him an 
>   habitation; my father's God, and I will exalt him."   
>Exodus 15:2 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 

Re: Debian booth at LinuxTag '99?

[Michael Bramer]

On Wed, Jan 20, 1999 at 02:12:29AM +0100, Christian Weisgerber wrote:
> In article <[EMAIL PROTECTED]>,

Hello Christian

One question: Is it right, that you search for a Linux Distribution for 
your 'Tagungs-CD'. Last year it was suse, the year befor redhat. Right?
This year, debian?


Grisu
-- 
Michael Bramer - a Debian Certified Linux Developerhttp://www.debian.org
PGP: finger [EMAIL PROTECTED]   --   Linux Sysadmin   --  Use Debian Linux
"The Box said 'Windows NT or better', so I installed Debian Linux"


pgpVC38sk3pIv.pgp
Description: PGP signature

Re: New DFSG Draft revision #3

[Darren Benham]

-BEGIN PGP SIGNED MESSAGE-


On 20-Jan-99 Anderson MacKay wrote:
> As I read the license, it just requires that you display notice that your
> website was created using Zope, e.g. a sort of "powered by Zope" logo
> kinda thing, and you need a "credits" page of some sort.  I'm not even
> sure this license requires that this notice be on every page, just that it
> be in some obvious place near the "front" of the site.  (But I don't have
> the license here in front of me, unfortunately ...)
> 
So, does Zope run when the URL is clicked and serve the HTML (like CGI?) or
does it generate the HTML page before hand and it just get served "real time".

I think, and this is just off the cuff, that my problem with the license, be it
the former OR latter, is the fact that the USER now has a license issue to deal
with.  I think (again, on the fly) that there should be no extra licensing
worries for the user.  They shouldn't *have* to look at the license of every
package, the first time they use it, to determine if there are any "extra"
restrictions that they have to comply with and we don't have (AFAIK) any way to
inform the user that I would consider adequate.  (ie, they might not see
messages via dselect/dpkg if a sysadmin installs it for them.  They might not
see the description if they install via apt... etc)

=
* http://benham.net/index.html <><  *
*  * -BEGIN GEEK CODE BLOCK- ---*
*Darren Benham * Version: 3.1   *
*  <[EMAIL PROTECTED]>  * GCS d+(-) s:+ a29 C++$ UL++> P+++$ L++>*
*   KC7YAQ * E? W+++$ N+(-) o? K- w+++$(--) O M-- V- PS--   *
*   Debian Developer   * PE++ Y++ PGP++ t+ 5 X R+ !tv b DI+++ D++   *
*  <[EMAIL PROTECTED]>  * G++>G+++ e h+ r* y+*
*  * --END GEEK CODE BLOCK-- ---*
=

-BEGIN PGP SIGNATURE-
Version: 2.6.3a
Charset: noconv

iQCVAwUBNqVh6Lbps1lIfUYBAQGURgQAqU7O3FzA/RwIkLQY7Dppr/2DpUFOE6B3
8TufPO31KrFmZcYEgbxRwQKLtwyvsmuFo3PVkiH4R4x7oc/l8ukc64K02Qv03KpR
Y4s+BAA4IPXCS03cJOLBOVgSU1Yq02/4O5JJMvKdagIt6vX7C4iQwti+7A022u4N
gcRv+uqfZFc=
=SmF5
-END PGP SIGNATURE-

Re: Bug#27050 (fdutils): A cause for security concern?

[Ben Collins]

On Wed, Jan 20, 1999 at 02:18:59PM +1300, Robert Donn wrote:
> I'm not sure whether this violates policy or not (and thus whether to file a
> bug against it) - but Policy does not require postinsts using
> chmod/suidregister to give message or query, then perhaps it
> needs to be added...

Any program that is suid or sgid for no reason what-so-ever is always a
reason for a bug report, especially if it's suid root...we need some
automatic catch for new packages that have suid or sgid binaries in
them, or call suidregister.

--
--- -  -   ---  -  - - ---   
Ben Collins <[EMAIL PROTECTED]>  Debian GNU/Linux
UnixGroup Admin - Jordan Systems Inc. [EMAIL PROTECTED]
-- -- - - - ---   --- -- The Choice of the GNU Generation

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Ossama Othman]

Hi Steve,

> If Debian *stops* making sure that new developers agree[1] with the
> DFSG, then think *I'd* reconsider my developer status. If you don't
> agree[1] with the DFSG, why on earth do you want to be a Debian
> developer? Now, when I joined, there was no DFSG or social contract,

Because I believe in free (insert my definition :) software and want to
contribute to it.

Steve, forgive me for giving you a brief response.  However, I believe
that I have justified my beliefs concerning the DFSG throughout the course
of this thread and rather hoped that this thread had ended.

Free thought is good thing, not a bad thing.  Just because I joined Debian
doesn't mean that I should have to abandon my opinions.  I will abide by
the DFSG even though there are some (very few) things that I disagree
with.  I do agree with the spirit of the DFSG, but not all of its
contents.

Steve, please don't misconstrue the tone of this message.  I'm not trying
to snap back at you or anything of the like.  I'm a big fan of Debian and
only want to see it grow and succeed.

One tired developer, :)
-Ossama

Re: Debian appears to be ancient

[John Hasler]

I wrote:
>   hasler/~ ll /usr/doc/copyright/base
>   total 2
>   -rw-r--r--   1 root root 1197 Dec 31  1969 debian.README

Ben Pfaff writes:
> So what package does it come from, then, and what version?

I don't know.  'dpkg -S' can't find it.  This machine was upgraded from
1.3: maybe it's a leftover.
-- 
John HaslerThis posting is in the public domain.
[EMAIL PROTECTED]  Do with it what you will.
Dancing Horse Hill Make money from it if you can; I don't mind.
Elmwood, Wisconsin Do not send email advertisements to this address.

README files for XF86Setup in slink

[Sergey V Kovalyov]

Hey guys, where are those 
/usr/X11R6/lib/X11/doc/README.* files required for XF86Setup in slink ?
Are they in a separate package ? Which ? I can't find them.
Or is this just a bug ? Anyone's aware and working on it ?

Sergey.

Re: pseudo package for upgrades from hamm

[Robert Woodcock]

Adam Heath wrote:
>I see a problem with all this talk about pseudo packages for upgrades from
>hamm.
>
>These 'pkgs' will have to remain in the system forever.  If someone skips
>slink, and goes to potato when that is released, the same problem will occur.
>
>If we ever fix dpkg/dselect/apt to handle a pkg rename, and we can guarantee
>that an old dpkg/dselect/apt will install the new dpkg/dselect/apt, then we
>will be able to remove the pseudo names.  But currently, I don't see how this
>is possible.

[the following is all just talk - I don't feel comfortable hacking dpkg
source yet]

We need to add a new field - call it anything you want - I called it
"Was-Part-Of:" in an earlier post, but I'm sure there's a better name than
that - "Previously:" maybe.

Anyway, say slink contains a package 'foobar', version 1.2-3. The
maintainer decides to split it into 'foo' and 'bar' for potato.

In the control files for the foo and bar packages, the maintainer slips in
that aforementioned field:

Package: foo
Version: 1.2-4
Previously: foobar (<< 1.2-3)

... and does the same thing for the bar package. dselect and apt check that
field, check the current version of foobar, and based on that, automagically
select the new packages.

Chances are, someone has ripped off my idea ;> and submitted it as a
wishlist bug against dpkg already, so I'll look through the list later and
file a wishlist bug if there isn't one already there.

That is, if noone has any better ideas on how to handle this.

>ps: When is Jason Gunthorpe going to rewrite dpkg?  :)

You really want dpkg written in C++? :>
-- 
Robert Woodcock - [EMAIL PROTECTED]
"Unix and C are the ultimate computer viruses" -- Richard Gabriel

Re: TIGER data

[Allan M. Wind]

On 1999-01-18 15:29, Bruce Perens wrote:

> I have the TIGER data ready to mail to Dale. This is the U.S. street map
> data which I am distributing under the GPL. It fit on 5 CDs rather than 6
> after re-compression with bzip2.

Might take a while to download via modem... :-)


/Allan
-- 
Allan M. Wind   Phone:  781.938.5272 (home)
687 Main St., 2nd fl.   Fax:781.938.6641 (home)
Woburn, MA 01801Email:  [EMAIL PROTECTED] (home)

Re: TIGER data

[Bruce Perens]

> Might take a while to download via modem... :-)

That's OK, the uncompressed raw data won't fit on your disk anyway. 25 GB.

This gets chopped down to one full CD, in a sort of binary format, for use.

Bruce
--
The $70 Billion US "budget surplus" hardly offsets our $5 Trillion national
debt. The debt increased by $133 Billion in the same year we found a
"surplus".
Bruce Perens K6BP [EMAIL PROTECTED] 510-620-3502 NCI-1001

Re: using TABS vs SPACES in E-Mail

[Brian May]

I have changed the subject header...

In article <[EMAIL PROTECTED]> you write:
>On Sun, Jan 17, 1999 at 06:34:49PM -0800, Steve Lamb wrote:

>2) We want it to _also_ be viewable by Windows users.  Since their fonts are
>   proportional, we can't use spaces to separate columns; tabs aren't great
>   either, but since they're generally guaranteed to be 8 spaces apart, you
>   can do a good job if your columns are under 8 characters wide.  You can
>   start guessing after they get wider.  But most importantly: you need
>   tabs, not spaces, so that it looks the same for the old-style formatting
>   people.
[...]
>ASCII text with 8 char tabs is severely flawed, but it's the only friend we
>have.  Don't screw with it.

Just my 2 cents: I think using TABS is Ok (I personally do not
know if any programs or OS that do not default to 8 characters),
except it messes up the formatting when you quote the message
in many mailers (eg pine, mh), using the Reply function.

Personally, I think the best formating possible might be to MIME encode
a text version *and* a HTML version (I think most mailers support MIME
these days?), however, entering the message might be difficult with
most mailers...

Given that people won't change to HTML overnight (if at all), IMHO,
any program that displays Mail using a proportional font is broken
and should be fixed if tables are to work.

Even better: don't use tables in E-Mail ;-)

off-topic! Anonymous CVS access?

[Oleg Krivosheev]

Hi, All

can someone tell me how to setup anonymous read-only
access to CVS tree via pserver in slink?
Of course with minimum security problems...

thanks a lot in advance

OK

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Manoj Srivastava]

Hi,
>>"Ossama" == Ossama Othman <[EMAIL PROTECTED]> writes:

 Ossama> I was referring to the fact that many of the developers
 Ossama> strongly felt that I should agree with the DFSG, i.e. not
 Ossama> have my own opinion of it.

I was under the imprtession that that was a requirement of the
 new maintainer process? The DFSG is critical to the core of debian,
 it is what makes Debian what it is. And even though diversity of
 opinion is indeed laudable, there has to be a basis for understanding
 and cooperation, without which an effort like Debian would
 crumble. If we all can't even agree about something as critical as
 the social contract and the DFSG, then indeed we have a problem.

manoj
-- 
 I cannot believe that God plays dice with the cosmos. Albert
 Einstein, on the randomness of quantum mechanics
Manoj Srivastava <[EMAIL PROTECTED]>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Re: Revision 4 of DFSG

[Anthony Towns]

On Tue, Jan 19, 1999 at 05:53:15PM -0800, Darren Benham wrote:
> Remember, if you don't want a new DFSG at all, you can always vote it
> down and argue against it when the proposal is made.  In the mean
> time, lets see if we can atleast make this the best wording we can.
> 
> Also, remember, I think the proposal needs to be worded so that the
> DFSG ballot has an option with AND without the deprecated clauses so
> now is not the time to try to get them removed...
> 
> Please let me know what you think, then.

FYI, also, the significant changes in this version:

* Do we want the DFSG to cover documentation as well? ie, man pages
  and stuff? Presumably we don't want it to cover things like RFCs
  and the FHS though. (check the Application section)

* The Introduction has been shortened a lot.

* Is the Limitation of Liability really a restriction on use or
  distribution? This is just a layout thing, but it'd be nice to
  get it right.

* Section 3.5, Restriction on Charges has been added to cover the
  Artistic License's `You may charge for distribution, but not the
  program itself.'  I'm personally still uncertain about this clause, 
  and what effect it would have on CD vendors and stuff.

What do people think of the wording now? Does it still suck, or is it getting
there, or...?

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

``Like the ski resort of girls looking for husbands and husbands looking
  for girls, the situation is not as symmetrical as it might seem.''


pgp2y1uFsVlES.pgp
Description: PGP signature

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Manoj Srivastava]

Hi,
>>[EMAIL PROTECTED] (Ossama Othman) wrote:
 >> Those with opinions that differ from the mainstream should not be
 >> branded "heretics" or encouraged to leave.

Why not? 

When views of people differ in detail ,there is basis for a
 dialogue. When even the fundamentals are contested, there is no
 common ground to build anything out of. (An extreme example is the
 white supremascist who went around trashing martin luther king, jr,
 in an alabama group this last weekend -- his views on racsm are so
 far from mine that there is no point even trying to interact with
 him). 

Admttedly, the situation we have here is not anywhere near as
 extreme as all that, but in pinciple I see nothing inherently wrong
 about the project insisting that there be some basis or commonality
 of philosophy in the candidates that are approved for inclusion in
 the group of developers, if only to prevent anarchy as the project is
 torn apart by wildly differing factions.

The DFSG defines what Deban stands for. Asking developers to
 agree with it is not uncalled for.

manoj
-- 
 "No job too big; no fee too big!" Dr. Peter Venkman, "Ghost-busters"
Manoj Srivastava <[EMAIL PROTECTED]>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Manoj Srivastava]

Hi,
>>"Ossama" == Ossama Othman <[EMAIL PROTECTED]> writes:

 Ossama> If we all agreed on the DFSG then how would change ever
 Ossama> occur?

Why is it so necesary for any change to occur?

And most of the developers I talked to were in favour of
 clarifying the DFSG, not changing the contents.

 Ossama> The DFSG is currently being modified due in part to
 Ossama> disagreement, isn't it?

Nope. An attempt s being made to reword it so that it is easy
 to see

 Ossama> Difference of opinion can be a good thing.  It can fuel
 Ossama> progress.  It can also hinder it but it but is up to us to
 Ossama> ensure that progress is made.  We shouldn't just avoid such a
 Ossama> situation by attempting to ensure that everyone agrees.

Why not? I think that in this case the divisiveness far
 outweighs any percieved ``progress'' to be made by people who
 disagree with the spirit of the DFSG. 

 Ossama> Please understand that what I am saying is that it should be
 Ossama> alright for developers to have different opinions of the DFSG
 Ossama> or whatever else.  However, if they want to be Debian
 Ossama> developers then they should abide the Social Contract and the
 Ossama> DFSG but not necessarily agree with them.

I think that a group of people putting out a distribution that
 holds the line on freedom of software can ill afford to have in their
 ranks people who are second guessing the validity of holding the
 line. 

manoj
 holding down a hard line
-- 
 "Taxes are not levied for the benefit of the taxed." Lazarus Long,
 from Robert Heinlein's _Time Enough For Love_
Manoj Srivastava <[EMAIL PROTECTED]>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Ossama Othman]

Hi Manoj,

>   I was under the imprtession that that was a requirement of the
>  new maintainer process? The DFSG is critical to the core of debian,
>  it is what makes Debian what it is. And even though diversity of
>  opinion is indeed laudable, there has to be a basis for understanding
>  and cooperation, without which an effort like Debian would
>  crumble. If we all can't even agree about something as critical as
>  the social contract and the DFSG, then indeed we have a problem.

I can see why agreement is so crucial but is it realistic to think that
everyone will agree with the DFSG or the Social Contract.  Just to be
clear, what I mean by "agree with the DFSG and the social contract" is
agree with certain parts of the them.  I am not at all saying that the
DFSG and the Social Contract should be done away with.

I believe that it is very crucial, if not necessary, for developers to
agree with the spirit of both of them, not necessarily all of their
contents. of them. The contents of the DFSG and perhaps the Social
Contract are not carved in stone.  Agreement with their contents will vary
as they change.  However, the goal or spirit (not necessarily the same) of
the DFSG and Social Contract probably won't change, and it is that spirit
I agree enthusiastically with and support.   For the record, I have no
problems with the Social Contract or its contents. :)

-Ossama

libpam, cracklib, and slink (was Re: Release-critical...)

[Chris Waters]

Wichert Akkerman wrote:

> Previously Jean Pierre LeJacq wrote:
> > There's no reason for this to be release-critical.  The system works
> > fine except for an annoying email message sent to root every day.

> It's *highly* annoying I have to say, and is very likely to cause lots
> of people to wonder where the number are coming from.

Actually, I believe that the real problem is that libpam0g depends on
cracklib.  Surely that's not right?  Cracklib has priority extra.

At the moment, everyone who installs ppp-pam (like me) will be forced to
install cracklib, and suffer with daily emails to root.  We need to fix
libpam0g.  Unfortunately, the maintainer seems to be inactive, and we're
dependent on NMUs.  (Ray, that's you!)

I think that there should be a release critical bug here, but I think it
should be #30862:  libpam0g depends on cracklib2.

Unless someone objects strongly, I'd like to bump #30862 up to
important.  This is a pretty visible problem IMO.
-- 
Chris Waters   [EMAIL PROTECTED] | I have a truly elegant proof of the
  or[EMAIL PROTECTED] | above, but it is too long to fit into
http://www.dsp.net/xtifr | this .signature file.

Re: Revision 4 of DFSG

[Robert Woodcock]

Anthony Towns wrote:
>* Is the Limitation of Liability really a restriction on use or
>  distribution? This is just a layout thing, but it'd be nice to
>  get it right.

Neither!

The limitation of liability in almost all licenses these days do not grant
or deny any rights.

The right to sue (i.e., the right to hold the other end liable) is usually
dependant on local laws and a statement to the contrary in a license
agreement typically would have no effect.

Also note that in all fields of endeavour you don't have to be able to sue
the author to use the software (although there's a large amount of letter-
recycling between the phrases ;)
-- 
Robert Woodcock - [EMAIL PROTECTED]
"Unix and C are the ultimate computer viruses" -- Richard Gabriel

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Ossama Othman]

Hi Manoj,

>  Ossama> If we all agreed on the DFSG then how would change ever
>  Ossama> occur?
> 
>   Why is it so necesary for any change to occur?

I meant if the need for change ever arose.

>   And most of the developers I talked to were in favour of
>  clarifying the DFSG, not changing the contents.

I guess it depends on how you look at it, clarifying may mean changing the
contents or vice versa, thought not necessarily either.  I am in favor in
of clarification, too.  Perhaps my interpretation of clarification is
different.

>  Ossama> The DFSG is currently being modified due in part to
>  Ossama> disagreement, isn't it?
> 
>   Nope. An attempt s being made to reword it so that it is easy
>  to see

Thanks for the clarification! :)

>  Ossama> Difference of opinion can be a good thing.  It can fuel
>  Ossama> progress.  It can also hinder it but it but is up to us to
>  Ossama> ensure that progress is made.  We shouldn't just avoid such a
>  Ossama> situation by attempting to ensure that everyone agrees.
> 
>   Why not? I think that in this case the divisiveness far
>  outweighs any percieved ``progress'' to be made by people who
>  disagree with the spirit of the DFSG. 

Ah!  I didn't say "disagree with the spirit of the DFSG."  I said disagree
with certain parts of what the DFSG dictates.  The spirit of the DFSG and
what it dicatates are not necessarily the same, at least from my point of
view.

>  Ossama> Please understand that what I am saying is that it should be
>  Ossama> alright for developers to have different opinions of the DFSG
>  Ossama> or whatever else.  However, if they want to be Debian
>  Ossama> developers then they should abide the Social Contract and the
>  Ossama> DFSG but not necessarily agree with them.
> 
>   I think that a group of people putting out a distribution that
>  holds the line on freedom of software can ill afford to have in their
>  ranks people who are second guessing the validity of holding the
>  line. 

Who's second guessing?  I do not think that I am second guessing.  On the
contrary I only wish to improve only if I feel improvement is needed.  My
vision of free software may not be the same as yours or everyone elses.  I
am going to hold the line of freedom that I envision while I at the same
time abiding by the DFSG and Social Contract.  If that isn't possible then
I will gladly move on.  However, I think that it is entirely possible to
feel that way.

>   manoj
>  holding down a hard line

Indeed you are.  That's great!  :)

-Ossama

Re: non-free --> non-dfsg

[Manoj Srivastava]

Hi,
>>"Ossama" == Ossama Othman <[EMAIL PROTECTED]> writes:

 >> If software is not DFSG-free, there is something in its license that limits
 >> its use as free software. If the author intended their software to be used
 >> and distributed and developed freely, there is indeed something wrong that
 >> they should know about.

 Ossama> But that argument assumes that DFSG-free is the be-all and
 Ossama> end-all of the definition of free software.

As far as Debian is concerned, it is. Notice how we call it
 the Debian FSG? 

 Ossama> The author may believe that his software is free even though
 Ossama> it isn't DFSG compliant.

The author is entitled to his/her opinion, of course. What
 does that have to do with us? 

 Ossama> Looking at it from the author's point of view, the author may
 Ossama> feel that Debian's definition of "free" is wrong and his is
 Ossama> right.  So he may also think about Debian that "there is
 Ossama> indeed something wrong that they should know about."

This is all very interesting, and so on, but where is this
 leading? All kinds of people may have all kinds of opinion about
 Debian. The point is?

manoj

-- 
 ...I would go so far as to suggest that, were it not for our ego and
 concern to be different, the African apes would be included in our
 family, the Hominidae. Richard Leakey
Manoj Srivastava <[EMAIL PROTECTED]>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Ossama Othman]

Hi Manoj,

>  >> Those with opinions that differ from the mainstream should not be
>  >> branded "heretics" or encouraged to leave.
> 
>   Why not? 

Isn't that rather extreme? :)

>   When views of people differ in detail ,there is basis for a
>  dialogue. When even the fundamentals are contested, there is no
>  common ground to build anything out of. (An extreme example is the
>  white supremascist who went around trashing martin luther king, jr,
>  in an alabama group this last weekend -- his views on racsm are so
>  far from mine that there is no point even trying to interact with
>  him). 
> 
>   Admttedly, the situation we have here is not anywhere near as
>  extreme as all that, but in pinciple I see nothing inherently wrong
>  about the project insisting that there be some basis or commonality
>  of philosophy in the candidates that are approved for inclusion in
>  the group of developers, if only to prevent anarchy as the project is
>  torn apart by wildly differing factions.

Philosophy of the DFSG is fine but asking someone to agree word for word
with any declaration or statement is asking for a lot.  I am going to give
an extreme example too so please bear with me.  Let's assume that we live
in a police state where speaking up against the law is unheard of and
punishable.  Which would you prefer: living in a society where people
follow the laws but speak up if the law isn't a fair one in their opinion,
or would you prefer the police state?  I greatly prefer the society where
one is allowed to speak up.  Do we want Debian to be a police state of
sorts?  I admit that this is an extreme analogy but I think that it
conveys what I am trying to say.

>   The DFSG defines what Deban stands for. Asking developers to
>  agree with it is not uncalled for.

What do you mean by "agree?"  With its spirit or its contents?  Asking
them to agree with its spirit is fine.  Asking them to abide by the DFSG
is fine.  However asking them to agree with everything it says isn't fair
and reflects negatively on Debian as an organization that stands for
software freedom.

-Ossama

__
Ossama Othman <[EMAIL PROTECTED]>
58 60 1A E8 7A 66 F4 44  74 9F 3C D4 EF BF 35 88  1024/8A04D15D 1998/08/26

>   manoj
> -- 
>  "No job too big; no fee too big!" Dr. Peter Venkman, "Ghost-busters"
> Manoj Srivastava <[EMAIL PROTECTED]>
> Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 
> 

Re: Where does 'www-data' come from?

[Brian May]

In article <[EMAIL PROTECTED]> you write:
>
>"Bart" == Bart Schuller <[EMAIL PROTECTED]> writes:
>
>Bart> Is www-data the uid of the web server process or is it the owner
>Bart> of the served files?
>
>Hm, good point.  At the moment its both -- /var/www is installed as
>www-data.www-data, but other packages like MRTG make subdirs owned by
>root.  And CGI is off in /usr/lib/cgi-bin, root.root per Policy.
>
>Might be a good idea to change the default ownerships.

Maybe the web files should be owned by "www-data" and the web
process should be owned by "www" or "httpd"? This way the
descriptive names continue to make sense. Practical
speaking, it is probably just as good to make web files
owned by root, however, then the name "www-data" won't
be the owner of any data.

Re: non-free --> non-dfsg

[Ossama Othman]

Hi Manoj,

>  Ossama> Looking at it from the author's point of view, the author may
>  Ossama> feel that Debian's definition of "free" is wrong and his is
>  Ossama> right.  So he may also think about Debian that "there is
>  Ossama> indeed something wrong that they should know about."
> 
>   This is all very interesting, and so on, but where is this
>  leading? All kinds of people may have all kinds of opinion about
>  Debian. The point is?

The point is that it easy to say "I am right and you are wrong."  Who
makes us right and them wrong?

-Ossama

Re: Debian Weekly News - 12 to 18 Jan 1999

[Achim Oppelt]

Hello Joey,

Thank you very much for your Debian Weekly News! I find them quite helpful
for keeping up-to-date with Debian development without having to read all
the mailing lists.

Just one minor criticism:

>  * For all those interested in XFree 3.3.3, Ben Gertzfield [15]posted
>that the Debian JP group has made their own 3.3.3 packages. They
>can be found at [16]ftp.debian.or.jp. Your mileage may vary, but
>it may be something to try before pulling you hair out when the
>binaries from the XFree group give you problems.

The name of the product is XFree86 (even though it is no longer i86
specific). And the name of the group of people creating it is The Xfree86
Project, Inc. While such points certainly don't matter in informal
discussions on mailing lists, I think that it would be a good idea to get
the terms right in a more or less official newsletter.

Achim

Re: LSB?

[Daniel Quinlan]

Joseph Carter <[EMAIL PROTECTED]> writes:

> Reasonable objection notwithstanding, I intend to write a letter to those
> responsible for the LSB to attempt to raise the issues we have with their
> current proposal.  I would appreciate discussion on these issues in other
> parts of this thread.  I encourage those who have a significant opinion
> not yet voiced in the LSB thread found on debian-devel to write them down
> either as part of the thread or directly to me to aid in the drafting of
> this letter.

I'm jumping in the discussion a little late (I just joined this list),
but please let me try to help explain things...

I'd like to fix the problems that Debian developers are finding in the
LSB.  I think most of the i386isms are due to problems in FHS (you can
blame me), which will be fixed in FHS 2.1.  Remember that the original
FHS dates back to when i386 was the only architecture included in
Linus' kernel. (Patches to the FHS source are welcome.)

I also imagine that some people have some concerns with the TOG FHS
test suite.  Basically, anyone is free to make a contribution to the
LSB test suite effort -- provided that:

  - It's free ("Open Source") and released under the license we say it
should use.  (Since we haven't chosen that license yet, Andrew Josey
is using the Artistic license for now, but he agreed to switch when
the LSB makes that decision.)
  - It must be in sync with the LSB written spec (which references the
FHS) and the LSB sample implemention should pass it.
  - It won't be incorporated into LSB 1.0 without passing muster of
the LSB test suite group (headed by Dale Scheetz).

The technical problems you note are due to deficiencies in the written
specification (in FHS 2.0), and are not mistakes on the part of Andrew
Josey of the Open Group.

Andrew has contributed more to the LSB effort than most people.  BUT,
the TOG is *not* defining LSB.  Linux people are defining it -- and if
a company passes every hurdle we insist that they pass, why shouldn't
we allow them to help?  (I haven't seen any marketing spin from TOG,
but if there is any, please point me to it.)

If anyone has interest in helping develop LSB test suites (or other
parts of the LSB), please email me and Dale Scheetz <[EMAIL PROTECTED]>.

- Dan

(By the way, before taking on other projects, I was heavily involved
in Debian, from the early days with Ian Murdock through Bruce Perens.)

Re: Resolutions to comments on LSB-FHS-TS_SPEC_V1.0

[Daniel Quinlan]

[ I added the FHS and debian-devel mailing lists to the Cc list, so
  a huge number of people are now being Cc'ed -- sorry. ]

Florian La Roche <[EMAIL PROTECTED]> writes:

>> So if there are no other bigger standards that would make it very
>> convenient to move all Linux-distributions to /var/mail and
>> abandon /var/spool/mail, I'd hope that /var/spool/mail will be
>> listed as de-facto-standard of Linux systems.

Erik Troan <[EMAIL PROTECTED]> writes:

> I would *much* prefer this, I just didn't think I'd be able to win
> the argument.

Since this is "the objection that won't die", I'm currently
considering four "ways out" of the mess created by this change that
went into FHS 2.0.

 1. totally revert, drop /var/mail, and specify /var/spool/mail
 2. partially revert, /var/spool/mail is a directory and /var/mail
must be a symbolic link to it
 3. allow a /var/spool/mail directory, provided that /var/mail is
a symbolic link to it
 4. allow either /var/spool/mail or /var/mail to be a directory,
provided that the other is a symbolic link to it.

I'm personally most in favor of #2 or #3.  I think #1 is almost as bad
as the original change in FHS 2.0 and #4 is potentially confusing.  No
matter what, FHS 2.1 will specify at least #3, if not one of the other
possibilities.

And for each possibility _PATH_MAILDIR is changed to reflect the
actual directory, not the symbolic link.

- Dan

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Craig Sanders]

On Mon, Jan 18, 1999 at 06:19:46PM -0600, Ossama Othman wrote:
> Hi Craig,
> 
> I get the impression that my objectivity is being misinterpreted again.

not sure what you mean by that.  i thought i was quite careful to state
that i was using a generic "you" in my examples, and not referring to you
personally.  if you got that impression, then i apologise because that was
not what i intended.

> IMHO, the idea that developer's should agree with the DSFG and/or the
> social contract in their entirety is dangerous and will only hinder
> Debian. I don't agree with all of Debian's policies, nor should I have to.
> However, I became a Debian developer knowing full well what Debian's
> policies are and I will follow them.  

i agree. i don't think developers have to 100% agree with every single
one of debian's policies.  I do think, however, that developers
should agree to abide by debian policies, and working within debian's
constitution to effect any changes, and (more importantly) they should
agree with the "spirit" of the social contract and DFSG.

unfortunately, "spirit" is an ill-defined and nebulous thing, hard to
pin down exactly.  The Social Contract and the DFSG are a good attempt
to define debian's spirit.

> When I can longer do so, and that may never happen, I will leave.
> This isn't a threat or anything of the sort.

your comments about leaving when/if you can no longer agree with
debian's policies is kind of what i meant. i don't think anyone should
be kicked out (except perhaps for extreme cases, which i cant/dont want
to imagine right now), but that their own priorities for what they feel
worthy of donating the time/energy to, and perhaps their own sense of
honour, will make the decision to leave.

similarly, i think that people who don't have a committment to debian's
"spirit" shouldn't join up as developers in the first place. they should
find somewhere more in tune with their own beliefs...they'd be happier
and more productive, and so would we.


BTW, people have left debian in the past for several reasons - including
running out of time (i.e they graduated or got a new job), and also over
major disagreements in direction.  some have gone on to do other, equally
worthwhile and valuable work either by themselves or in another group.


> My concern is that Debian is becoming (almost) elitist.  

what's wrong with elitism :-)

there's too much mediocrity in the world. more elitist high quality
stuff is needed.


> Some people are flat out saying "conform or get out," in a sense.  Is
> this really a healthy attitude for Debian to have?

i think you are greatly exaggerating the strength of the comments that
have been made.

OTOH, if someone ever did something seriously damaging to debian i
would hope that they did have the decency to voluntary get out without
dragging us all into a huge fight over whether they should be kicked out
or not.


> I happen to admire Debian a great deal.  If I feel that Debian may be
> doing something that may hurt itself then I will speak up about it, just
> as any Debian user should.  

yes.  "should" is the right word here.

> The fact that my opinions go against what is apparently the Debian
> mainstream way of thinking doesn't mean that I should leave.

however, if (after you have had your say) the majority of developers
think you are wrong and the vote goes against you then you should either
a) shut up about it for a reasonable period of time - several months at
least, or b) voluntary leave if you can't do (a).


> If used properly, diversity of opinion should only help Debian.  Those
> with opinions that differ from the mainstream should not be branded
> "heretics" or encouraged to leave.

you could have the debian chicken (in a slashed-circle) branded across
your forehead.

we should put that in our constitution. heretics to be branded and
marched out with a cattle-prod. maybe have different brands for the
different heresies so that all can see at a glance what kind of
perversion the branded one will try to lead them into.

btw, if you think that paragraph needed a smilie then you need to get
out more and relax a bit.

craig

--
craig sanders

Re: Resolutions to comments on LSB-FHS-TS_SPEC_V1.0

[H. Peter Anvin]

> > I would *much* prefer this, I just didn't think I'd be able to win
> > the argument.
> 
> Since this is "the objection that won't die", I'm currently
> considering four "ways out" of the mess created by this change that
> went into FHS 2.0.
> 
>  1. totally revert, drop /var/mail, and specify /var/spool/mail
>  2. partially revert, /var/spool/mail is a directory and /var/mail
> must be a symbolic link to it
>  3. allow a /var/spool/mail directory, provided that /var/mail is
> a symbolic link to it
>  4. allow either /var/spool/mail or /var/mail to be a directory,
> provided that the other is a symbolic link to it.
> 
> I'm personally most in favor of #2 or #3.  I think #1 is almost as bad
> as the original change in FHS 2.0 and #4 is potentially confusing.  No
> matter what, FHS 2.1 will specify at least #3, if not one of the other
> possibilities.
> 
> And for each possibility _PATH_MAILDIR is changed to reflect the
> actual directory, not the symbolic link.
> 
> - Dan

I believe the FHS 2.0 change was right on target.  Just about every
UNIX implementation today has moved away from /var/spool/mail to
/var/mail, and it has technical advantages.

If anything, specify /var/spool/mail being a symlink to /var/mail.

-hpa

Re: agreeing with the DFSG (was Re: non-free --> non-dfsg)

[Ossama Othman]

Hi Craig,

> > I get the impression that my objectivity is being misinterpreted again.
> 
> not sure what you mean by that.  i thought i was quite careful to state
> that i was using a generic "you" in my examples, and not referring to you
> personally.  if you got that impression, then i apologise because that was
> not what i intended.

There is no need to apologize Craig.  I understood that you were using the
generic "you."  I just thought that you misunderstood what I was trying to
say.  "My bad." :)

> i agree. i don't think developers have to 100% agree with every single
> one of debian's policies.  I do think, however, that developers
> should agree to abide by debian policies, and working within debian's
> constitution to effect any changes, and (more importantly) they should
> agree with the "spirit" of the social contract and DFSG.

I wholeheartedly agree!

> unfortunately, "spirit" is an ill-defined and nebulous thing, hard to
> pin down exactly.  The Social Contract and the DFSG are a good attempt
> to define debian's spirit.

Very true.  In general the DFSG and the Social Contract seem to do a good
job of attempting to define Debian's spirit.  I agree with you again!
 
> your comments about leaving when/if you can no longer agree with
> debian's policies is kind of what i meant. i don't think anyone should
> be kicked out (except perhaps for extreme cases, which i cant/dont want
> to imagine right now), but that their own priorities for what they feel
> worthy of donating the time/energy to, and perhaps their own sense of
> honour, will make the decision to leave.

It seems that we have had some misunderstandings.  I am very happy that
things are clearer now.

> similarly, i think that people who don't have a committment to debian's
> "spirit" shouldn't join up as developers in the first place. they should
> find somewhere more in tune with their own beliefs...they'd be happier
> and more productive, and so would we.

Ditto!

> BTW, people have left debian in the past for several reasons - including
> running out of time (i.e they graduated or got a new job), and also over
> major disagreements in direction.  some have gone on to do other, equally
> worthwhile and valuable work either by themselves or in another group.

Yep, I remember one notable one.

> > My concern is that Debian is becoming (almost) elitist.  
> 
> what's wrong with elitism :-)
> 
> there's too much mediocrity in the world. more elitist high quality
> stuff is needed.

Well, when you put it that way... :)

> > Some people are flat out saying "conform or get out," in a sense.  Is
> > this really a healthy attitude for Debian to have?
> 
> i think you are greatly exaggerating the strength of the comments that
> have been made.

Perhaps you are right.  I don't recall my state of mind when I made that
comment ...heh, "I have no recollection of that..."

> OTOH, if someone ever did something seriously damaging to debian i
> would hope that they did have the decency to voluntary get out without
> dragging us all into a huge fight over whether they should be kicked out
> or not.

One more agreement from me!

> > The fact that my opinions go against what is apparently the Debian
> > mainstream way of thinking doesn't mean that I should leave.
> 
> however, if (after you have had your say) the majority of developers
> think you are wrong and the vote goes against you then you should either
> a) shut up about it for a reasonable period of time - several months at
> least, or b) voluntary leave if you can't do (a).

I'd agree with you more about this if more developers were more vocal
about how they feel.  Right now less then a quarter of the developers seem
to express their opinion or even vote (someone correct me if I am wrong).

> > If used properly, diversity of opinion should only help Debian.  Those
> > with opinions that differ from the mainstream should not be branded
> > "heretics" or encouraged to leave.
> 
> you could have the debian chicken (in a slashed-circle) branded across
> your forehead.
> 
> we should put that in our constitution. heretics to be branded and
> marched out with a cattle-prod. maybe have different brands for the
> different heresies so that all can see at a glance what kind of
> perversion the branded one will try to lead them into.
> 
> btw, if you think that paragraph needed a smilie then you need to get
> out more and relax a bit.

LOL!  No, no, you didn't need a smilie face.  That was really funny!  Does
this mean I don't need to relax more? :)  You know, we should send some of
debian chicken t-shirts to a certain software company we all know.

Thanks for the discussion and clarification Craig!
-Ossama
__
Ossama Othman <[EMAIL PROTECTED]>
58 60 1A E8 7A 66 F4 44  74 9F 3C D4 EF BF 35 88  1024/8A04D15D 1998/08/26

Re: Resolutions to comments on LSB-FHS-TS_SPEC_V1.0

[Theodore Y. Ts'o]

   From: "H. Peter Anvin" <[EMAIL PROTECTED]>
   Date: Wed, 20 Jan 1999 00:19:26 -0800 (PST)

   I believe the FHS 2.0 change was right on target.  Just about every
   UNIX implementation today has moved away from /var/spool/mail to
   /var/mail, and it has technical advantages.

   If anything, specify /var/spool/mail being a symlink to /var/mail.

I agree.  I also don't think it's a big deal.  What's important is that
all of the MUA's get compiled so that they look for the mail spool in
/var/mail.  If /var/mail is a symlink to /var/spool/mail, or /u3/mail,
or something else --- that's fine.

I don't think distributions are required to move the spool directory
around as part of an upgrade; just install a symlink!  And if the user
has established a symlink so that the mail spool is on some entirely
different partition (for example, /u3/mail), then it's just a matter of
establishing a new symlink in /var/mail to point to /u3/mail.

- Ted

Re: libpam, cracklib, and slink (was Re: Release-critical...)

[J.H.M. Dassen]

On Tue, Jan 19, 1999 at 22:38:15 -0800, Chris Waters wrote:
> At the moment, everyone who installs ppp-pam (like me) will be forced to
> install cracklib, and suffer with daily emails to root.  We need to fix
> libpam0g.  Unfortunately, the maintainer seems to be inactive, and we're
> dependent on NMUs.  (Ray, that's you!)

*grumble, grumble* There's nothing special about me as a NM.

> I think that there should be a release critical bug here, but I think it
> should be #30862:  libpam0g depends on cracklib2.

Yup. I've looked at it again, and the dependency is superflous. (I modified
PAM to link it's .so's to all the libraries they need, and -lcracklib
slipped in there because I originally looked at enabling cracklib support).

I'm now preparing an upload that'll mark PAM as orphaned.

Ray
-- 
Obsig: developing a new sig

Re: Debian booth at LinuxTag '99?

[Federico Di Gregorio]

On Wed, Jan 20, 1999 at 02:00:02AM +0100, Christian Weisgerber wrote:
> In article <[EMAIL PROTECTED]>,
> Federico Di Gregorio <[EMAIL PROTECTED]> wrote:
> 
> > I am thinking about being there (I'll come from italy). If you
> > find something, Wichert, can you please let me know... I CAN'T
> > read german (hope conference language will be english, at least in
> > part).
> 
> The conference language will be German. In particular, all presentations
> will be in German. Sorry. I'm not entirely happy with this, but the bulk
> of the target audience are unsophisticated users who would be
> discouraged by English (even if they wouldn't admit it). It's a
> trade-off; we would probably not be able to attract more people from
> throughout Europe than we would lose from the nearby 100km radius.
> Feedback to the contrary will be given due consideration for LinuxTag
> 2000. ;-)

OK.
 
> Of course you can talk to the various exhibitors in English, and the
> mentioned Debian BOF/developers meeting could be done in English, too.

That's fine. If we gather enough english-speaking-developers german
won't be a problem (just to know, how do you say "beer" in german?)
Let's see there...

Ciao,
Federico
-- 

 Federico Di Gregorio   |  /  mailto:[EMAIL PROTECTED]  
  Debian developer! | / -1http://pcamb6.irfmn.mnegri.it/~fog 
*-=$< ;-P TeX Winzard?  |/http://www.debian.org  

Re: Debian booth at LinuxTag '99?

[Federico Di Gregorio]

On Wed, Jan 20, 1999 at 02:22:14AM +0100, Martin Schulze wrote:
> Federico Di Gregorio wrote:
> > On Tue, Jan 19, 1999 at 03:54:55PM +0100, Christian Weisgerber wrote:
> > > Wichert Akkerman <[EMAIL PROTECTED]> wrote:
> > > 
> > > > End of June.. sounds like I'll be able to be there. Does anyone know any
> > > > cheap places to stay for a couple of days in the neighborhood?
> > 
> > I am thinking about being there (I'll come from italy). If you
> > find something, Wichert, can you please let me know... I CAN'T
> > read german (hope conference language will be english, at least in
> > part).
> 
> Errr, you'd better wait for the German Linux Kongress then which is 
> a real conference, with talks held in english.  As far as I remember
> the Linuxtag is an exhibition with some talks for users (contrary to
> the conference which is meant for developers or both).

I know I will be free for the end of june (LinuxTag) but I am not
sure about the Linux Kongress... one goes where he can...
Ciao,
Federico
-- 

 Federico Di Gregorio   |  /  mailto:[EMAIL PROTECTED]  
  Debian developer! | / -1http://pcamb6.irfmn.mnegri.it/~fog 
*-=$< ;-P TeX Winzard?  |/http://www.debian.org  

Re: Processed: Change Important Severities

[Paul Slootman]

On Sun 17 Jan 1999, Debian Bug Tracking System wrote:
> 
> > severity 31717 normal
> Bug#31717: fileutils: 'mv regularfile symlink' problems
> Severity set to `normal'.

I think that this bug _should_ be important; it's just that it's not
important for slink as the bug is only in the fileutils version in
potato... So, if this is an effort to reduce the number of release-
critical bugs (for _slink_), then IMHO it's the wrong way to go about
it.


Paul Slootman
-- 
home: [EMAIL PROTECTED] | work: [EMAIL PROTECTED] | debian: [EMAIL PROTECTED]
http://www.wurtel.demon.nl | Murphy Software,   Enschede,   the Netherlands

Re: Resolutions to comments on LSB-FHS-TS_SPEC_V1.0

[Anthony Towns]

(on /var/mail vs /var/spool/mail)

On Wed, Jan 20, 1999 at 12:19:26AM -0800, H. Peter Anvin wrote:
> > Since this is "the objection that won't die", I'm currently
> > considering four "ways out" of the mess created by this change that
> > went into FHS 2.0.
> >  1. totally revert, drop /var/mail, and specify /var/spool/mail
> >  2. partially revert, /var/spool/mail is a directory and /var/mail
> > must be a symbolic link to it
> >  3. allow a /var/spool/mail directory, provided that /var/mail is
> > a symbolic link to it
> >  4. allow either /var/spool/mail or /var/mail to be a directory,
> > provided that the other is a symbolic link to it.
> I believe the FHS 2.0 change was right on target.  Just about every
> UNIX implementation today has moved away from /var/spool/mail to
> /var/mail, and it has technical advantages.

May I ask what these other technical advantages are? (it might be worth
adding them to the rationale section of the FHS HTML on Dan's site, too)

The debian-policy thread [0] in May/June last year basically said ``it's
a pain to convert, /var/spool isn't particularly inappropriate, especially
for POP and IMAP users'' and ``everyone else does it, therefore we must''.

Why not require /var/mail exist, but possibly be a symlink to a different
place if necessary? This will probably end up happening on a number of
user systems anyway and has the advantage that it's trivial to become FHS
compliant, code can still get #ifdef's removed, and everyone can be happy.

Cheers,
aj

[0] http://www.debian.org/Lists-Archives/debian-policy-9805/msg00174.html

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

``Like the ski resort of girls looking for husbands and husbands looking
  for girls, the situation is not as symmetrical as it might seem.''


pgpAko0DUzbZu.pgp
Description: PGP signature

Re: Debian appears to be ancient

[Hamish Moffatt]

On Tue, Jan 19, 1999 at 10:19:10PM -0600, John Hasler wrote:
> I wrote:
> >   hasler/~ ll /usr/doc/copyright/base
> >   total 2
> >   -rw-r--r--   1 root root 1197 Dec 31  1969 debian.README
> 
> Ben Pfaff writes:
> > So what package does it come from, then, and what version?
> 
> I don't know.  'dpkg -S' can't find it.  This machine was upgraded from
> 1.3: maybe it's a leftover.

I have three machines which are 1.1 -> 1.2 -> 1.3 -> 2.0 upgradees.
I checked two; one has it (Jan 1 1970), the other doesn't. Odd!


Hamish
-- 
Hamish Moffatt VK3TYD  [EMAIL PROTECTED], [EMAIL PROTECTED]
Latest Debian packages at ftp://ftp.rising.com.au/pub/hamish. PGP#EFA6B9D5
CCs of replies from mailing lists are welcome.   http://hamish.home.ml.org

Intent to package mixal

[Antti-Juhani Kaijanaho]

For those of you who are Knuth devotees like me, MIXAL should ring a
bell.  For others, I have added a small description below [1].

I'm going to package a MIX/MIXAL implementation (unimaginatively
called mixal by its author), the one which was designed and written by
Darius Bacon, then ported to UNIX and debugged by Eric S. Raymond,
with corrections to multiplication and division by Larry Gately.  The
source is available at the Retrocomputing Museum with a DFSG
compatible license.

This MIXAL reads, compiles and executes MIXAL programs in one process;
AFAIK you cannot key in your hand-compiled MIX code.  This MIXAL does
not do floating-point (since its author had only Volume I avaliable),
but it should be good enough for working the exercises in TAOCP.

A problem is that I'm hesitating about where to put mixal: in
interpreters or in otherosfs.  It is a MIXAL interpreter but it is
also a MIX emulator.  Another problem is that the upstream executable
is called `mix', which will surely result in name clashes.  Perhaps
taocp-mix or knuth-mix will be a better name.  Comments?


Antti-Juhani

[1] MIXAL is the assembly language for Donald Knuth's imaginary
computer MIX.  MIXAL is the chosen language in Knuth's monumental (and
yet unfinished) book series "The Art of Computer Programming", and all
example programs and programming exercises in it use MIXAL.  The
computer MIX has (to my knowledge) never been implemented in hardware,
but several software emulators exist.  The MIX has a 1960's
architecture with no hardware stack support, and will be replaced by
the equally imaginary RISC chip called MMIX 2009 [2] in future
editions.

[2] MMIX has a home page at
http://www-cs-staff.Stanford.EDU/~knuth/mmix.html>.
-- 
%%% Antti-Juhani Kaijanaho % [EMAIL PROTECTED] % http://www.iki.fi/gaia/ %%%

EMACS, n.:   Emacs May Allow Customised Screwups
   (unknown origin)

Re: Unmet Deps revisted

[Steve McIntyre]

Santiago Vila writes:
>>> smail is still optional, but conflicts with exim, so it should be extra.
>>> hello-debhelper conflicts with hello, and has absolutely no extra
>>> functionality over ordinary hello, so the binary should be removed, in
>>> either case it should be extra.
>>> gmc conflicts with mc, but both are optional.
>>>
>>> There are in total *ten* dselect Dependency/conflict resolution screens.
>>> (using the PageForward key). Am I *really* required to report them *all*,
>>> or may I ask our kind ftp.debian.org maintainers to do a *serious*
>>> dependency/conflict check *before* the deep freeze?

Am I missing something here? Where does it say that users should be able
to install _all_ optional packages?

-- 
Steve McIntyre, Allstor Software [EMAIL PROTECTED]
http://www.chiark.greenend.org.uk/~stevem/>My home page
"Can't keep my eyes from the circling sky, 
"Tongue-tied & twisted, Just an earth-bound misfit, I..."  

Re: Debian v2.1 ("Slink") Deep Freeze

[Paul Slootman]

On Tue 19 Jan 1999, Branden Robinson wrote:
> 
> XFree86 3.3.2.3a-8pre9v4 is available at
> http://master.debian.org/~branden/xfree86/ .

This doesn't seem to have the patches CRITICAL to the alpha port yet!
I sent you a note around 7th January about this, saying where you
could find the patches I needed to -8pre9v2. I'll say it again:

http://master.debian.org/~paul/alpha/xfree86/xfree86-alpha.diff

Without these, the X server crashes and burns. PLEASE add these patches
before uploading -9 !


Paul Slootman
-- 
home: [EMAIL PROTECTED] | work: [EMAIL PROTECTED] | debian: [EMAIL PROTECTED]
http://www.wurtel.demon.nl | Murphy Software,   Enschede,   the Netherlands

Re: Unmet Deps revisted

[Martin Schulze]

Steve McIntyre wrote:
> 
> Santiago Vila writes:
> >>> smail is still optional, but conflicts with exim, so it should be extra.
> >>> hello-debhelper conflicts with hello, and has absolutely no extra
> >>> functionality over ordinary hello, so the binary should be removed, in
> >>> either case it should be extra.
> >>> gmc conflicts with mc, but both are optional.
> >>>
> >>> There are in total *ten* dselect Dependency/conflict resolution screens.
> >>> (using the PageForward key). Am I *really* required to report them *all*,
> >>> or may I ask our kind ftp.debian.org maintainers to do a *serious*
> >>> dependency/conflict check *before* the deep freeze?
> 
> Am I missing something here? Where does it say that users should be able
> to install _all_ optional packages?

When selecting all packages of a certain priority there should be no
conflicts.  If there are two MTA's, then one is optional, the other is
extra.  I'm sure this is written down in one of our many policy, develop.
ref, packaging manuals.

Regards,

Joey

-- 
Computers are not intelligent.  They only think they are.

Please always Cc to me when replying to me on the lists.

Re: No intend to package vbox

[Paul Slootman]

On Tue 19 Jan 1999, Roland Rosenfeld wrote:
> 
> As far as I can see isdnutils-3.0-8 includes vbox 2.0.0 beta 5, which
> is a little bit newer than vbox 2 beta 4 with the following changes:

I'm planning to split up isdnutils sometime into separate parts; there
are many sites where for example vbox isn't used at all, so having it
installed isn't useful.

I was thinking of the following packages:

isdnutilscontains the basic isdnctrl, ipppd stuff needed for networking
isdnmonitoring   isdnlog, imon, xisdnload, ... that sort of thing
isdndocs the faqs and other docs
isdnvbox vbox

If anyone has better suggestions (I haven't really thought hard about this
yet) I'd like to hear them (please include reasoning).


Paul Slootman
-- 
home: [EMAIL PROTECTED] | work: [EMAIL PROTECTED] | debian: [EMAIL PROTECTED]
http://www.wurtel.demon.nl | Murphy Software,   Enschede,   the Netherlands

Re: Unmet Deps revisted

[Enrique Zanardi]

On Wed, Jan 20, 1999 at 10:22:39AM +, Steve McIntyre wrote:
> 
> Santiago Vila writes:
> >>> smail is still optional, but conflicts with exim, so it should be extra.
> >>> hello-debhelper conflicts with hello, and has absolutely no extra
> >>> functionality over ordinary hello, so the binary should be removed, in
> >>> either case it should be extra.
> >>> gmc conflicts with mc, but both are optional.
> >>>
> >>> There are in total *ten* dselect Dependency/conflict resolution screens.
> >>> (using the PageForward key). Am I *really* required to report them *all*,
> >>> or may I ask our kind ftp.debian.org maintainers to do a *serious*
> >>> dependency/conflict check *before* the deep freeze?
> 
> Am I missing something here? Where does it say that users should be able
> to install _all_ optional packages?

The policy manual suggests that:

"2.2 Priorities
[...]
   optional
  (In a sense everything is optional that isn't required, but
  that's not what is meant here.) This is all the software that
  you might reasonably want to install if you didn't know what it
  was or don't have specialised requirements. This is a much
  larger system and includes X11, a full TeX distribution, and
  lots of applications.
  
   extra
  This contains packages that conflict with others with higher
  priorities, or are only likely to be useful if you already know
  what they are or have specialised requirements.
"

By the definition of optional, a user may install all optional packages
if she doesn't know what they are (!) or don't have specialised
requirements.

If there are optional packages that conflict with each other, we should
choose one to stay in optional and move the others to extra. (Or change/
clarify the definition on the policy manual).

--
Enrique Zanardi[EMAIL PROTECTED]

Re: Bug#32156: anacron: It ran unnexpectedly!

[Christian Schwarz]

On Wed, 20 Jan 1999, Jason Gunthorpe wrote:

> Package: anacron
> Version: 2.0.1-2
> 
> This I cannot explain, my system has been running for the past 43 days without
> interruption and just now anacron fired up and started running things, at
> 12:30 on the dot - for the first time!
> 
> What gives?

I'm not sure why, but I'm still received these bug reports!  I've left
over a half year ago and I've orphaned all my packages then.  Perhaps
there is a bug in the script which tells the bug reporting system about
maintainers?  (Or did someone reupload an older version of anacron which
still lists me as maintainer?)  Anyways, it would be good if someone would
check this out and fix it.  It's not that I'm offended by such mails, but
I don't have time to work on anacron anymore and this way, probably noone
else notices about these bug reports (there was another bug report on
anacron which was also sent to me a some time ago).


Thanks,

Chris

-- Christian Schwarz
Do you know [EMAIL PROTECTED], [EMAIL PROTECTED]
Debian GNU/Linux?[EMAIL PROTECTED]
  
Visit  PGP-fp: 8F 61 EB 6D CF 23 CA D7  34 05 14 5C C8 DC 22 BA
http://www.debian.org   http://fatman.mathematik.tu-muenchen.de/~schwarz/

Xfree 3.3.3.1 packages...

[Sven LUTHER]

Hello, ...

i have made some package of the latest version of Xfree86, 3.3.3.1.

i have only compiled the powerpc packages, but i did the last part by hand, so
i have no changes file yet, and they will be rejected, anyway i upload them to
incoming so other people can play with them ...

the files are :

-rw-r--r--   1 root root26772 Jan 20 09:30
rstart_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root38168 Jan 20 09:30
rstartd_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   115968 Jan 20 09:30
twm_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   986868 Jan 20 09:30
xbase-clients_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   108900 Jan 20 09:30
xbase_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root98230 Jan 20 09:30
xdm_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   498268 Jan 20 09:30
xext_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root44038 Jan 20 09:30
xf86setup_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root  1306294 Jan 20 09:30
xfonts-100dpi_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root  1133794 Jan 20 09:30
xfonts-75dpi_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root   240822 Jan 20 09:30
xfonts-base_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root  2218720 Jan 20 09:30
xfonts-cjk_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root   333740 Jan 20 09:30
xfonts-cyrillic_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root33166 Jan 20 09:30
xfonts-pex_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root  1148452 Jan 20 09:30
xfonts-scalable_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root   181552 Jan 20 09:32
xfree86_3.3.3.1-0.2.diff.gz
-rw-r--r--   1 root root  818 Jan 20 09:37 xfree86_3.3.3.1-0.2.dsc
-rw---   1 root root  984 Jan 20 09:37
xfree86_3.3.3.1-0.2.dsc.asc
-rw---   1 root root  664 Jan 20 09:37
xfree86_3.3.3.1-0.2.dsc.pgp
-rw-r--r--   1 root root 43349250 Jan 20 09:34
xfree86_3.3.3.1.orig.tar.gz
-rw-r--r--   1 root root   200740 Jan 20 09:30
xfs_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root23864 Jan 20 09:30
xlib6-static_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   674826 Jan 20 09:30
xlib6g-dev_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root  1083832 Jan 20 09:30
xlib6g-static_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root  1070418 Jan 20 09:30
xlib6g_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   906462 Jan 20 09:30
xmanpages_3.3.3.1-0.2_all.deb
-rw-r--r--   1 root root96028 Jan 20 09:30
xmh_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root43596 Jan 20 09:30
xmodmap_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   980848 Jan 20 09:30
xnest_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   129290 Jan 20 09:30
xproxy_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root  1239892 Jan 20 09:30
xprt_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   167282 Jan 20 09:30
xserver-common_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   992282 Jan 20 09:30
xserver-fbdev_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root74886 Jan 20 09:30
xsm_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root   132440 Jan 20 09:30
xterm_3.3.3.1-0.2_powerpc.deb
-rw-r--r--   1 root root  1222772 Jan 20 09:30
xvfb_3.3.3.1-0.2_powerpc.deb

Friendly,

Sven LUTHER

Re: libpam, cracklib, and slink (was Re: Release-critical...)

[Ben Collins]

On Wed, Jan 20, 1999 at 09:46:21AM +0100, J.H.M. Dassen wrote:
> > I think that there should be a release critical bug here, but I think it
> > should be #30862:  libpam0g depends on cracklib2.
>
> Yup. I've looked at it again, and the dependency is superflous. (I modified
> PAM to link it's .so's to all the libraries they need, and -lcracklib
> slipped in there because I originally looked at enabling cracklib support).
>
> I'm now preparing an upload that'll mark PAM as orphaned.

Ack! We need pam to be maintained if we want to enable it's use in
potato. I'll take it, if no one intends on doing so themselves.

--
--- -  -   ---  -  - - ---   
Ben Collins <[EMAIL PROTECTED]>  Debian GNU/Linux
UnixGroup Admin - Jordan Systems Inc. [EMAIL PROTECTED]
-- -- - - - ---   --- -- The Choice of the GNU Generation

Re: France and Cryptography

[Joseph Carter]

On Tue, Jan 19, 1999 at 08:02:34PM +0100, Samuel Tardieu wrote:
> FYI, the French Prime Minister just announced that cryptography will
> become legal in France!
> 
> In the meantime (until our representatives adopt the law), the
> authorized key sizes go from 40 bits to 128 bits.

Now if the idiot in the White House would get a clue and lose the crypto
regs in the US

-- 
"I'm working in the dark here."  "Yeah well rumor has it you do your best
work in the dark."
   -- Earth: Final Conflict

Re: Debian booth at LinuxTag '99?

[Martin Bialasinski]

>> "FDG" == Federico Di Gregorio <[EMAIL PROTECTED]> writes:

FDG> That's fine. If we gather enough english-speaking-developers
FDG> german won't be a problem (just to know, how do you say "beer" in
FDG> german?)

It is "Bier", spoken nearly like the english word beer. But if you ask 
for a beer, you will be asked what kind of beer you want :-)

I have to check for the date of my exams, but if it is possible, I
will join as well.

Does it make sense to open a seperate mailinglist to coordinate and to 
 move the traffic away from -devel? I can host one.

Ciao,
Martin

Re: France and Cryptography

[Sven LUTHER]

On Wed, Jan 20, 1999 at 03:51:03AM -0800, Joseph Carter wrote:
> On Tue, Jan 19, 1999 at 08:02:34PM +0100, Samuel Tardieu wrote:
> > FYI, the French Prime Minister just announced that cryptography will
> > become legal in France!

it will become legal, but is not yet, isn't it ?

when will be the legalisation ?

Friendly,

Sven LUTHER

Re: Processed: Change Important Severities

[Wichert Akkerman]

severity 31717 important
thanks

Previously Paul Slootman wrote:
> I think that this bug _should_ be important; it's just that it's not
> important for slink as the bug is only in the fileutils version in
> potato... So, if this is an effort to reduce the number of release-
> critical bugs (for _slink_), then IMHO it's the wrong way to go about
> it.

Bah I say: we have exclusion lists for bugs that have severity important
or higher but are not a problem for the current release candidate. If
you think a bugreport should be added to that list please inform Brian
White and me so we can add it to those lists.

This particular bug was already on my exclusion list and is now also on
Brians list.

Wichert.

-- 
==
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: [EMAIL PROTECTED]
WWW: http://www.wi.leidenuniv.nl/~wichert/

Re: Unmet Deps revisted

[Wichert Akkerman]

Previously Martin Schulze wrote:
> When selecting all packages of a certain priority there should be no
> conflicts.

I think that if I try to install every package with priority extra
some things will start complaining very loudly..

Wichert.

-- 
==
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: [EMAIL PROTECTED]
WWW: http://www.wi.leidenuniv.nl/~wichert/


pgpNarewrX8vd.pgp
Description: PGP signature

evil strace NMU

[Wichert Akkerman]

I just became aware that someone did a NMU for strace, apparently to fix
some ARM issues. I strongly urge people to not do that, for several
reasons:

* nobody notified me of this NMU, I had to learn about it by reading
  debian-devel-changes
* I really don't have to time to track NMUs down to see what people
  changed, which means that changes will not make it into my sources.
* strace is troublesome enough as it is, evil NMU's only complicate
  things further. I really want to verify *all* strace patches before I
  incorporate them.
* last but certainly not least important: we have rules about doing
  NMUs. They also hold for porters. Please honour them.

Wichert.
-- 
==
This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: [EMAIL PROTECTED]
WWW: http://www.wi.leidenuniv.nl/~wichert/


pgpoerIngACXW.pgp
Description: PGP signature

Re: non-free --> non-dfsg

[Craig Sanders]

On Wed, Jan 20, 1999 at 01:18:37AM -0600, Ossama Othman wrote:
> >  Ossama> Looking at it from the author's point of view, the author may
> >  Ossama> feel that Debian's definition of "free" is wrong and his is
> >  Ossama> right.  So he may also think about Debian that "there is
> >  Ossama> indeed something wrong that they should know about."
> > 
> > This is all very interesting, and so on, but where is this
> >  leading? All kinds of people may have all kinds of opinion about
> >  Debian. The point is?
> 
> The point is that it easy to say "I am right and you are wrong."  Who
> makes us right and them wrong?

i think you're missing the point.

the point has nothing to do with who is right and who is wrong.

the point is that as far as Debian is concerned, the DFSG is THE test of
whether a program is free or not.

if a program passes all of the criteria, it is free.
if a program fails any one of the criteria, it is non-free.

debian's archives are run according to debian's policies. we'd be
hypocrites, otherwise. 


craig

PS: while it is true that a large majority of the free software / linux
community tends to agree with debian about what makes software free or
non-free (witness the rapid and enthusiastic adoption of the Open Source
Definition, which is the DFSG with debian references stripped out), that is
also irrelevant...

neither software authors, nor users, nor the communities, nor anyone
except debian developers get a vote when it comes to debian's policies.
nor should they.

--
craig sanders

Re: France and Cryptography

[Olivier Tharan]

> > On Tue, Jan 19, 1999 at 08:02:34PM +0100, Samuel Tardieu wrote:
> > > FYI, the French Prime Minister just announced that cryptography will
> > > become legal in France!

On Wed, Jan 20, 1999 at 01:10:42PM +0100, Sven LUTHER wrote:
> it will become legal, but is not yet, isn't it ?
> when will be the legalisation ?

There is an announcement on
http://www.internet.gouv.fr/francais/textesref/cisi190199/decis1.htm (sorry,
it's in French) ; for the moment, the maximum key size will go from 40 to 128
bits and then they will try get to get a law approved/voted by the
Parliament.

(This becomes slightly off-topic on debian-devel)

olive
-- 
Olivier Tharan, <[EMAIL PROTECTED]>

Multitasking:  Screwing up several things at once...

Re: Unmet Deps revisted

[Martin Schulze]

Wichert Akkerman wrote:
> Previously Martin Schulze wrote:
> > When selecting all packages of a certain priority there should be no
> > conflicts.
> 
> I think that if I try to install every package with priority extra
> some things will start complaining very loudly..

Isn't that what Santiago pointed out?

Regards,

Joey

-- 
Computers are not intelligent.  They only think they are.

Please always Cc to me when replying to me on the lists.

Re: Unmet Deps revisted

[Steve McIntyre]

On Wed, 20 Jan 1999, Martin Schulze wrote:

>> Am I missing something here? Where does it say that users should be able
>> to install _all_ optional packages?
>
>When selecting all packages of a certain priority there should be no
>conflicts.  If there are two MTA's, then one is optional, the other is
>extra.  I'm sure this is written down in one of our many policy, develop.
>ref, packaging manuals.

So how does this work if we get lots of (using the same example) different
MTAs? We get one in optional, one in extra, then where do the others go?

-- 
Steve McIntyre, Allstor Software [EMAIL PROTECTED]
Getting a SCSI chain working is perfectly simple if you remember that there
must be exactly three terminations: one on one end of the cable, one on the
far end, and the goat, terminated over the SCSI chain with a silver-handled
knife whilst burning *black* candles. --- Anthony DeBoer

Re: non-free --> non-dfsg

[Ossama Othman]

Hi Craig,

> > The point is that it easy to say "I am right and you are wrong."  Who
> > makes us right and them wrong?
> 
> i think you're missing the point.
> 
> the point has nothing to do with who is right and who is wrong.

Somewhere along the way of this thread I unwittingly moved into the
philosophical realm and started speaking as so, and lost track of how it
initially got started.  The question I posed was purely philosophical and 
wasn't meant to be applied toward Debian although I used Debian in my
analogy/question/whatever.  Please excuse the philosophy. :)

> the point is that as far as Debian is concerned, the DFSG is THE test of
> whether a program is free or not.

I thought that we came to an understanding that I understood that? Before
you answer this please read on.
 
> if a program passes all of the criteria, it is free.
> if a program fails any one of the criteria, it is non-free.
> 
> debian's archives are run according to debian's policies. we'd be
> hypocrites, otherwise. 

Yes, I agree. I am not disputing that.
(let's not get into my interpretation of "free" again, please)

> neither software authors, nor users, nor the communities, nor anyone
> except debian developers get a vote when it comes to debian's policies.
> nor should they.

I also agree.  My intention was only to look at the situation from the
other side.  Please don't mistake my objectivity for a lack of support of 
Debian policy.

Thanks,
-Ossama
__
Ossama Othman <[EMAIL PROTECTED]>
58 60 1A E8 7A 66 F4 44  74 9F 3C D4 EF BF 35 88  1024/8A04D15D 1998/08/26

Release-critical bugs

[Julian Gilbey]

The two bugs against lprng have suggestions by me in the bug reports
as to how to fix them.  If someone can check out my suggestion for
/etc/lprng.perms (Bug #23682) and do an NMU, that would be great.
Please correct #31889 in the process -- it's just the reversal of two
lines in the postinst.

I have uploaded a fixed netbase (NMU) to potato to close #32092 and
the slew of other bug reports against this version; it only applies to
potato so should not be on the release-critical list.

   Julian

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Julian Gilbey Email: [EMAIL PROTECTED]
   Dept of Mathematical Sciences, Queen Mary & Westfield College,
  Mile End Road, London E1 4NS, ENGLAND
  -*- Finger [EMAIL PROTECTED] for my PGP public key. -*-

Re: Unmet Deps revisted

[Santiago Vila]

On Wed, 20 Jan 1999, Wichert Akkerman wrote:

> Previously Martin Schulze wrote:
> > When selecting all packages of a certain priority there should be no
> > conflicts.
> 
> I think that if I try to install every package with priority extra
> some things will start complaining very loudly.

"extra" is the only priority in which packages are allowed to conflict at
each other freely, that's why the definition of extra says "you are
supposed to know what you are doing".

There is no such claim ("you are supposed to know what you are doing")
for required, important, standard or optional packages.

-- 
 "fcc06680272f29f0fd503c03c28cfd97" (a truly random sig)

Re: France and Cryptography

[Sven LUTHER]

On Wed, Jan 20, 1999 at 01:16:15PM +0100, Olivier Tharan wrote:
> > > On Tue, Jan 19, 1999 at 08:02:34PM +0100, Samuel Tardieu wrote:
> > > > FYI, the French Prime Minister just announced that cryptography will
> > > > become legal in France!
> 
> On Wed, Jan 20, 1999 at 01:10:42PM +0100, Sven LUTHER wrote:
> > it will become legal, but is not yet, isn't it ?
> > when will be the legalisation ?
> 
> There is an announcement on
> http://www.internet.gouv.fr/francais/textesref/cisi190199/decis1.htm (sorry,
> it's in French) ; for the moment, the maximum key size will go from 40 to 128
> bits and then they will try get to get a law approved/voted by the
> Parliament.
> 
> (This becomes slightly off-topic on debian-devel)

no it is not, this means i (living in france) can sign debia npackages without 
becoming
a dangerous terrorist or whatever, 

hey in the past i could have been put in jail for that ...

Friendly,

Sven LUTHER

Re: No intend to package vbox

[Roland Rosenfeld]

Paul Slootman <[EMAIL PROTECTED]> wrote:

> I'm planning to split up isdnutils sometime into separate parts;
> there are many sites where for example vbox isn't used at all, so
> having it installed isn't useful.

Sound reasonable.

> isdnvbox vbox

Hmmm, maybe this should be split into two packages, the vboxgetty and
vboxd on the one hand and the vbox client on the other hand. What I
want to say is, that there should be some chance to install only the
vbox client on a machine without the need to install a complete isdn
subsystem.

Tscho

Roland

-- 
 * [EMAIL PROTECTED] * http://www.rhein.de/~roland/ *
 PGP: 1024/DD08DD6D   2D E7 CC DE D5 8D 78 BE  3C A0 A4 F1 4B 09 CE AF

Re: France and Cryptography

[Fabrizio Polacco]

Sven LUTHER wrote:
> 
> > (This becomes slightly off-topic on debian-devel)
> 
> no it is not, this means i (living in france) can sign debia npackages 
> without becoming
> a dangerous terrorist or whatever,
> 
> hey in the past i could have been put in jail for that ...

Not at all.
Restriction was only for encription of text, not for signing it.

fab

Re: France and Cryptography

[Sven LUTHER]

On Wed, Jan 20, 1999 at 03:30:43PM +0200, Fabrizio Polacco wrote:
> Sven LUTHER wrote:
> > 
> > > (This becomes slightly off-topic on debian-devel)
> > 
> > no it is not, this means i (living in france) can sign debia npackages 
> > without becoming
> > a dangerous terrorist or whatever,
> > 
> > hey in the past i could have been put in jail for that ...
> 
> Not at all.
> Restriction was only for encription of text, not for signing it.

with key les than 40bit, but you could also go to jail (and still could, unitl 
they sign the text)
for signing with bigger keys¸ ...

this is great news for all french debia ndeveloppers, ...

Friendly,

Sven LUTHER