Re: holding back the tide
On Fri, Dec 29, 2000 at 11:31:41PM -0500, Branden Robinson wrote: > severity 80842 serious > severity 80843 serious > thanks > > gcc won't build on arm, so XFree86 won't build on arm, so XFree86 can't go > into testing, so LOTS of things can't go into testing. > > Adam Heath, please consider helping the gcc maintainer do some DBS surgery, > because it is DBS that is keeping gcc from building. Uh, gcc does not use DBS. And the gcc maintainer is hard at work with the grande scheme of things, manipulating gcc2.95 and gcc2.97 for concurrent installation. Give Matthias time, or email him directly with your concerns. -- ---===-=-==-=---==-=-- / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=--===-=-=-=-===-==---=--=---'
Re: need headers for target architecture: asm/unistd.h
* Andreas Schuldei ([EMAIL PROTECTED]) [001229 23:24]: > I try to build a crosscompiler i386->arm (but also other archs). At one > point headerfiles for the target architecture are needed. Where could I find > headerfiles for other archs? Are there development packages for this purpose? > Who has done this before? Will desaster wait at the other end if I use the include files from the kernel?
Re: List of packages that could be dropped
On 20001226T152221+0100, Christian Kurz wrote: > |malaga (210 days old) > > Has this package been dropped? No. -- %%% Antti-Juhani Kaijanaho % [EMAIL PROTECTED] % http://www.iki.fi/gaia/ %%%
PAM problem with Courier
Hello, Debian developers !
As some of you have noticed, I'm resp. my company works on a complete
Courier package which eventually replaces the imap-only package.
I'm trying to get authentification with MySQL to get work with PAM
instead of the courier-authmysql module. I installed the
libpam-mysql module from woody.
Any access with a existing local user comes through to the PAM
modules, other accesses are failing before PAM is tried.
Hints are welcome, relevant config file see below.
Ciao
Racke
/etc/pam.d/pop3
#%PAM-1.0
#
# $Id: pop3d.authpam,v 1.1 2000/10/06 02:19:19 mrsam Exp $
#
# Copyright 1998 - 1999 Double Precision, Inc. See COPYING for
# distribution information.
#
# To use the authpam authentication module with courierpop3d, you must
# configure your PAM library to authenticate the "pop3" service.
# See your system documentation for information on how to configure your
# PAM services. In most cases, all you need to do is to install this file
# as /etc/pam.d/pop3, but check your system documentation to make sure.
auth required /lib/security/pam_warn.so
auth requisite/lib/security/pam_mysql.so host=localhost
database=snailrace user=racke password=nevairbe table=users usercol=id
passwordcol=crypt crypt=y
/etc/courier/pop3d
##VERSION: $Id: pop3d.dist.in,v 1.1 2000/12/10 18:02:12 mrsam Exp $
#
# pop3d created from pop3d.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 1998 - 2000 Double Precision, Inc. See COPYING for
# distribution information.
#
# Courier POP3 daemon configuration
#
##NAME: install_prefix:0
#
# This is read by /usr/sbin/pop3d
#
# The following settings shouldn't be changed.
prefix=/usr
exec_prefix=/usr
sbindir="/usr/sbin"
##NAME: PIDFILE:0
#
PIDFILE=/var/run/courier/pop3d.pid
##NAME: MAXDAEMONS:0
#
# Maximum number of POP3 servers started
#
MAXDAEMONS=40
##NAME: MAXPERIP:4
#
# Maximum number of connections to accept from the same IP address
MAXPERIP=4
##NAME: AUTHMODULES:0
#
#
##
## Authentication modules which attempt to validate userid/password
## combinations. See authpam(8) for more information. The default set
## is installed at configuration time. You may have to edit the following
## to remove unnecessary authentication modules. In particular, if
## authpam is included in the list below, you will have to remove authpwd
## and authshadow, since their functionality is included in the authpam
## module.
##
#
AUTHMODULES="authpam"
##NAME: POP3AUTH:0
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
##NAME: POP3AUTH_TLS:0
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"
##NAME: PORT:0
#
# Port to listen on for connections. Default is port 110
PORT=110
##NAME: ADDRESS:0
#
# IP address to listen on. 0 means all IP addresses.
ADDRESS=0
##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options. The following defaults should be fine.
#
TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts. Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
# prefix=/usr
# exec_prefix=/usr
# . ${sysconfdir}/pop3d
# case x$POP3DSTART in
# x[yY]*)
#/usr/sbin/pop3d start
#;;
# esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.
POP3DSTART=YES
Re: holding back the tide
Branden Robinson wrote: >gcc won't build on arm, so XFree86 won't build on arm, so XFree86 can't go >into testing, so LOTS of things can't go into testing. The latest "2.95.3" gcc ought to be OK on ARM. I think it should be in woody soon if it isn't already. p.
Re: RFC: pools and catagories of packages
On Fri, Dec 29, 2000 at 09:59:07AM +0100, Bastian Kleineidam wrote: > > > !ocseirF iH > > On Thu, 28 Dec 2000, esoR ocsirF wrote: > > Graphics > > |_Gimp > > |_Xfig > > etc... > Why dont you use existing hierarchies? I like those of Freshmeat and > even more the Sourceforge Trove. > I don't know about freshmeat (I only use it for the software search engine), but IMHO Sourceforge suffers just as much or probably even more so from the current Debian hierarchy problem: too generic or just overcrowded categories. mvg, Filip -- USER ERROR: replace user and press any key to continue pgpOIdpP5oxLj.pgp Description: PGP signature
Re: PAM problem with Courier
On Sat, Dec 30, 2000 at 01:15:54PM +0100, Stefan Hornburg wrote: > > auth required /lib/security/pam_warn.so > auth requisite /lib/security/pam_mysql.so host=localhost > database=snailrace user=racke password=nevairbe table=users usercol=id > passwordcol=crypt crypt=y > This is wrong. First of all, we don't use pam_warn on Debian (if you're intent is to make this work on Debian). Secondly, never use the full path to the module. Lastly, the auth module should be "requisite". So try this (note, I know nothing about the pam_mysql module, but I do know PAM): authrequiredpam_mysql.so host=localhost database=snailrace user=racke password=nevairbe table=users usercol=id passwordcol=crypt crypt=y Note, this is very bad indeed. For one, you need to make this file's permissions something like 600, so normal users cannot read it. Depending on what user the pop3 service is run under, you might also need to change the owner of the file so that the daemon can have access to it. Lastly, are you sure that "pop3" is the service name used by the program? Note, this has nothing to do with the service name listed for the port it is using, so check the source for the call to pam_start(), and check the first argument passed to it. That is the service name, and the name of the file expected in /etc/pam.d/ -- ---===-=-==-=---==-=-- / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=--===-=-=-=-===-==---=--=---'
Re: holding back the tide
On Fri, 29 Dec 2000, Branden Robinson wrote: > severity 80842 serious > severity 80843 serious > thanks > > gcc won't build on arm, so XFree86 won't build on arm, so XFree86 can't go > into testing, so LOTS of things can't go into testing. > > Adam Heath, please consider helping the gcc maintainer do some DBS surgery, > because it is DBS that is keeping gcc from building. Branden, do some fucking research next time, before you place blame. Bug 80843 even proves it doesn't use dbs, or are you so dense as to not know what a dpatch file is? BEGIN GEEK CODE BLOCK Version: 3.12 GCS d- s: a-- c+++ UL P+ L !E W+ M o+ K- W--- !O M- !V PS-- PE++ Y+ PGP++ t* 5++ X+ tv b+ D++ G e h*! !r z? -END GEEK CODE BLOCK- BEGIN PGP INFO Adam Heath <[EMAIL PROTECTED]>Finger Print | KeyID 67 01 42 93 CA 37 FB 1E63 C9 80 1D 08 CF 84 0A | DE656B05 PGP AD46 C888 F587 F8A3 A6DA 3261 8A2C 7DC2 8BD4 A489 | 8BD4A489 GPG -END PGP INFO-
Re: holding back the tide
For the record, dbs does NOT have this problem with tar changing options for bzip2. It uses bzip2, gzip, compress(or whatever) directly. BEGIN GEEK CODE BLOCK Version: 3.12 GCS d- s: a-- c+++ UL P+ L !E W+ M o+ K- W--- !O M- !V PS-- PE++ Y+ PGP++ t* 5++ X+ tv b+ D++ G e h*! !r z? -END GEEK CODE BLOCK- BEGIN PGP INFO Adam Heath <[EMAIL PROTECTED]>Finger Print | KeyID 67 01 42 93 CA 37 FB 1E63 C9 80 1D 08 CF 84 0A | DE656B05 PGP AD46 C888 F587 F8A3 A6DA 3261 8A2C 7DC2 8BD4 A489 | 8BD4A489 GPG -END PGP INFO-
Re: ITP: water -- A graphical water effect demo.
Hamish Moffatt <[EMAIL PROTECTED]> wrote: >On Sat, Dec 16, 2000 at 02:38:15PM +0900, Miles Bader wrote: >> [The suggested alternative `sdlwater' is completely wrong, since it >> simply adds an arbitrary implementation detail to the name -- something > >OK, so call it water-demo or waterdemo or something along those lines. >I looked through the output of 'dpkg -l' on one of my systems and >saw very few packages with plain English names. For what it's worth, about 6% of the current distribution (355 packages) match entries in /usr/share/dict/words: abacus abuse ae aegis aide aleph alien ami ammonite amor amphetamine an anarchism andrew ant apache apt aptitude archie arena ark arrow artist ascii ash asp at august ava axe ... (OK, so 'ascii' is a bit dubious.) -- Colin Watson [EMAIL PROTECTED]
Re: aacraid driver
"Brian Boerner" <[EMAIL PROTECTED]> writes: >> Well, if you want it, take it up with the Kernel maintainer -- that >> is, file a bug on kernel-image-2.2.18pre21-compact or >> kernel-source-2.2.18pre21 or whatever. >> >> Do not make the request here -- we cannot do anything about it. > I thought since this was the "debian-devel" list that the > distro kernel maintainers would be monitoring and/or interested > in obtaining official working versions of the source. I'm certainly > not interested in trying to hunt down all the distro kernel maintainers. > That would be a black hole. All you have to do is file a bug against kernel-source-2.2.18pre21. If you're not willing to do that, then there's nothing I can really do to help you. -- .Adam Di [EMAIL PROTECTED]http://www.onShore.com/>
Re: PAM problem with Courier
Hello Stefan, > As some of you have noticed, I'm resp. my company works on a complete > Courier package which eventually replaces the imap-only package. > I'm trying to get authentification with MySQL to get work with PAM > instead of the courier-authmysql module. I installed the > libpam-mysql module from woody. > Any access with a existing local user comes through to the PAM > modules, other accesses are failing before PAM is tried. > Hints are welcome, relevant config file see below. If users who don't have local accounts on the system are rejected before they reach PAM, then you'll need to look somewhere other than your PAM config file to find the problem. Perhaps courier is failing early because it knows the username doesn't exist in the password file, and it will need this later to find the mailbox? I imagine courier expects its auth modules to provide more information than what's just available through PAM, which means the authpam module more than likely is trying to use getpwnam() to get the rest of what it needs. A look at the source to courier-authpam would tell. Since courier-authmysql almost certainly gets the rest of this information from the mysql database, you'd need to do one of two things: 1) expose the rest of the mysql database using an nss_mysql module (in which case there's not much point to using mysql instead of a password file), or 2) stick with courier-authmysql. If this is really what's going on, I strongly recommend option 2, because PAM is not a good fit for this problem. Steve Langasek postmodern programmer
Re: How to get changelog file for a given _binary_ package?
On Wed, Dec 27, 2000 at 03:17:54PM +, Marc Haber wrote: > we use a number of backported potato packages and I am working on a > script that sends me e-mail when a new version of these packages > appears in woody. You can subscribe to debian-devel-changes@lists.debian.org to get an email whenever a package in unstable is changed. Just filter for the packages that you have modified by parsing the subject should be sufficient :) Happy new year! Ingo -- "Disclosed Source" programs mean software for which the source code is available without confidential or trade secret restrictions and for which the source code and object code are available for distribution without license charges.
Re: holding back the tide
On Sat, Dec 30, 2000 at 12:02:53PM -0600, Adam Heath wrote: > > Adam Heath, please consider helping the gcc maintainer do some DBS surgery, > > because it is DBS that is keeping gcc from building. > > Branden, do some fucking research next time, before you place blame. Bug > 80843 even proves it doesn't use dbs, or are you so dense as to not know what > a dpatch file is? Bdale told me it was using DBS, or pasted some output that looked like DBS to me. Also I thought I remembered you boasting months ago that DBS was used in our XFree86, glibc, and gcc packages. If I'm wrong, fine. Matthias sent me a mail that said this problem should be fixed with today's dinstall run. -- G. Branden Robinson| Debian GNU/Linux | Music is the brandy of the damned. [EMAIL PROTECTED] | -- George Bernard Shaw http://deadbeast.net/~branden/ | pgpcvSGg67He3.pgp Description: PGP signature
Re: libgd's dependency on xlib stops netsaint from "testing"
On Sat, Dec 30, 2000 at 03:56:47AM +0100, Bernd Eckenfels wrote: > Hello, > > ist it possible to make libgd not depend on xlibs? This will install a lot I think not. It's uses X libs so, ... > of unwanted stuff on servers and it even seems to habe problems with > dependencies currently.. looks to me like netsaint which depends on libgd1g which is wrong, cause libgd1g is not in unstable - it was deprecated and libgd now builds only libgd1 1.8.3 ... > is not moved to testing because libgd1g is not in testing, yet. xlibs is not any it won't be there. > yet moved to testing. It would be nice if you can avoid using xlibs, which because glibc 2.2 is not in testing IIRC so plenty of packages are not in testing now. Try to guess how many packages from unstable it is keeping from testing. Petr Cech
Re: Close list
This useless thread generated more traffic than I've seen in spam in the last couple of months. (And if you add the traffic from the last couple of times we had this *same discussion*...) I'd like to propose that we blacklist people who propose solutions to deal with non-existant spam problems on debian lists. -- Mike Stone
Re: holding back the tide
Branden Robinson writes: > > If I'm wrong, fine. Matthias sent me a mail that said this problem should > be fixed with today's dinstall run. I said, that I uploaded new packages. But with new package names ... Let's see when they arrive in testing.
Re: holding back the tide
On Sat, 30 Dec 2000, Branden Robinson wrote: > On Sat, Dec 30, 2000 at 12:02:53PM -0600, Adam Heath wrote: > > > Adam Heath, please consider helping the gcc maintainer do some DBS > > > surgery, > > > because it is DBS that is keeping gcc from building. > > > > Branden, do some fucking research next time, before you place blame. Bug > > 80843 even proves it doesn't use dbs, or are you so dense as to not know > > what > > a dpatch file is? > > Bdale told me it was using DBS, or pasted some output that looked like DBS > to me. Also I thought I remembered you boasting months ago that DBS was > used in our XFree86, glibc, and gcc packages. Bdale hates dbs, doesn't know what it is, so I don't trust his assement of the issue. I never said glibc nor gcc use dbs. They use a system like dbs, one I feel is incorrect(each .dpatch system includes code to apply the patch, which, I feel, is code duplication). BEGIN GEEK CODE BLOCK Version: 3.12 GCS d- s: a-- c+++ UL P+ L !E W+ M o+ K- W--- !O M- !V PS-- PE++ Y+ PGP++ t* 5++ X+ tv b+ D++ G e h*! !r z? -END GEEK CODE BLOCK- BEGIN PGP INFO Adam Heath <[EMAIL PROTECTED]>Finger Print | KeyID 67 01 42 93 CA 37 FB 1E63 C9 80 1D 08 CF 84 0A | DE656B05 PGP AD46 C888 F587 F8A3 A6DA 3261 8A2C 7DC2 8BD4 A489 | 8BD4A489 GPG -END PGP INFO-
Re: holding back the tide
Adam Heath writes: > Bdale hates dbs, doesn't know what it is, so I don't trust his assement of > the > issue. I never said glibc nor gcc use dbs. They use a system like dbs, one > I > feel is incorrect(each .dpatch system includes code to apply the patch, > which, > I feel, is code duplication). There was no alternative system, when I "designed" the dpatch system. The code duplication is needed, because a .dpatch is self-contained. For most cases it calls patch with the .dpatch file as the patch file. Other commands are run after applying the patch. Currently that's only the case for configure. It's tedious to regenerate the patches if you have two independent patches for a configure.in. But yes, you could extend this format to use Pre-Patch and Post-Patch commands.
Re: What do you wish for in an package manager?
On Fri, Dec 29, 2000 at 11:47:44PM +, Mark Seaborn wrote:
> They are unrelated if they do not need to communicate (as an
> example). If they do not need to communicate, they may as well run on
> different machines, in which case they can use different versions of
> libc. But I want to be able to merge those two machines into one --
> this is what a multi-user system is all about -- and have the two
> programs continue to use different libcs.
s/libc/kernel/ and you have a big problem. Use
plex86, VMware or an IBM mainframe. Or a pile of
inexpensive PCs (but hey, you already had that!
How nice!)
> As I suggested before, it would be easy if different processes could
> have different views on the filesystem. This is feasible on the
> Hurd. Linux is not as flexible, unfortunately. I can envisage
You are not up to date; Al Viro has been a busy boy.
Expect process namespaces in 2.5; maybe even as an
additional patches in 2.4.x (x>=1). Most of the
groundwork is already there.
Or look at ClusterNFS. Or any of the zillion hacks that
do something similar, with varying levels of success.
> modifying libc so that it is possible to redirect files elsewhere on a
> per-process basis (ideally this would be done in a general manner so
> that a call to open() could be forwarded to a server in another
> process, which would then pass back opened fd).
libc ain't enough, really. You'd need to trick the
syscalls, too. For what you describe above, modifying
libc sounds just like extra work. LD_PRELOAD, perhaps.
But the real solution is a kernel-based one. And it's already
designed and waiting for someone like Al Viro to have a month
off. Anyone want to pay him a month worth of salary?-)
> (I'm very interested in user filesystems in general. I played with
> perlfs last year, but it was too unreliable, and it broke when I
> upgraded perl anyway. Modifying libc now seems the way to go, but I'm
> not prepared to hack libc on this level yet.)
My current collection of resources is at
http://tv.debian.net/linux/kernel/fs.html
(but that doesn't include most of the stacking material;
I haven't organized it yet)
--
[EMAIL PROTECTED],havoc,gaeshido}.fi,{debian,wanderer}.org,stonesoft.com}
Perl poetry: for ($tv) { s/blood/caffeine/ while /blood/ }
Re: ITP: ttyrec -- a tty recorder
Quoting Joey Hess ([EMAIL PROTECTED]): > My little playback program performs better (even though it is written in > perl), because it takes the latency of a system call into consideration: Where can we find it ? :) Greets, Robert -- Linux Generation All extremists should be taken out and shot.
Re: ITP: ttyrec -- a tty recorder
Robert van der Meulen wrote: > Quoting Joey Hess ([EMAIL PROTECTED]): > > My little playback program performs better (even though it is written in > > perl), because it takes the latency of a system call into consideration: > Where can we find it ? :) In the bug report I mentioned in my message. -- see shy jo
Re: holding back the tide
On Sun, Dec 31, 2000 at 01:05:23AM +0100, Matthias Klose wrote: > Adam Heath writes: > > Bdale hates dbs, doesn't know what it is, so I don't trust his assement of > the > > issue. I never said glibc nor gcc use dbs. They use a system like dbs, > one I > > feel is incorrect(each .dpatch system includes code to apply the patch, > which, > > I feel, is code duplication). > > There was no alternative system, when I "designed" the dpatch > system. The code duplication is needed, because a .dpatch is > self-contained. For most cases it calls patch with the .dpatch file as > the patch file. Other commands are run after applying the > patch. Currently that's only the case for configure. It's tedious to > regenerate the patches if you have two independent patches for a > configure.in. But yes, you could extend this format to use Pre-Patch > and Post-Patch commands. On top of that, a lot of patches for gcc are obtained from the gcc-patches list. Some of those are in -p0 format, some are in -p1. So it is always useful to not have to modify these. On top of that, each .dpatch includes a description of what the patch does, so that the gcc build system can parse it out and put all of the Debian changes into one file, specific to that revision/arch. Adam, don't put down a system that precedes dbs. It is tried and true to it's purpose and solves things that DBS cannot. -- ---===-=-==-=---==-=-- / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- [EMAIL PROTECTED] ' `---=--===-=-=-=-===-==---=--=---'
Re: Bug#80929: O: shaper -- Traffic Shaper for Linux
Christoph Lameter <[EMAIL PROTECTED]> wrote: >Package: wnpp >Severity: normal > >The current maintainer of shaper, Christoph Lameter <[EMAIL PROTECTED]>, >has orphaned this package. If you want to be the new maintainer, >please take it -- fix the outstanding bugs and upload a new version >with your name in the Maintainer: field. > >Some information about this package: > >Package: shaper I'd like to take shaper (I spent a couple of months at work working on traffic shaping [1]), but I'm still waiting for my application manager to write up my application and send it to the DAM. Would anyone like to sponsor me in the meantime? If so, I'll file an ITA. [1] Linux 2.2 has a more flexible way of handling it, but the userspace tools are much more difficult to use. -- Colin Watson [EMAIL PROTECTED]
Re: libgd's dependency on xlib stops netsaint from "testing"
On Sat, Dec 30, 2000 at 11:19:27PM +0100, Petr ?ech wrote: > I think not. It's uses X libs so, ... Hmm... currently I am a bit confused ybout all those dependencies (xlibs, xpm4g, ...) so i will wait till this is resolved to make further comments. I tried all the time hard to keep away and X Packates from my servers, but now I will need them for libgd, which is commonly used on some web servers. What about a light Version without xpm support? Hmm.. has anybody the command Line handy to see which symbols of libX11 are used by libgd? I see only one X Symbol in "nm -u -D /usr/lib/libgd.so.1.8.3" which is XpmReadFileToXpmImage which is satisfied by xpm4g. > which is wrong, cause libgd1g is not in unstable - it was deprecated and libgd > now builds only libgd1 1.8.3 ... Yes, netsaint depends on libgd1 (>= 1.8.3-6) which is in unstable only. And I guess libgd1 wont be moved to testing unless xlibs is moved there. Well.. perhaps it is possible to remove the dependency from xlibs to xfree86-common? Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (OO) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Processed: .
Processing commands for [EMAIL PROTECTED]: > reassign 80819 general Bug#80819: manpages: multiple errors Bug reassigned from package `manpages' to `general'. > End of message, stopping processing here. Please contact me if you need assistance. Darren Benham (administrator, Debian Bugs database)
Re: holding back the tide
On Sat, 30 Dec 2000, Ben Collins wrote: > > There was no alternative system, when I "designed" the dpatch > > system. The code duplication is needed, because a .dpatch is > > self-contained. For most cases it calls patch with the .dpatch file as > > the patch file. Other commands are run after applying the > > patch. Currently that's only the case for configure. It's tedious to > > regenerate the patches if you have two independent patches for a > > configure.in. But yes, you could extend this format to use Pre-Patch > > and Post-Patch commands. > > On top of that, a lot of patches for gcc are obtained from the > gcc-patches list. Some of those are in -p0 format, some are in -p1. So > it is always useful to not have to modify these. On top of that, each > .dpatch includes a description of what the patch does, so that the gcc > build system can parse it out and put all of the Debian changes into one > file, specific to that revision/arch. I don't like -p0, as it doesn't allow the top-level dir to be changed. dbs has -p1 hardcoded, but, I'll try to make it not be so the next generation version. You can put a description in the patch, just like you can with dpatches. Patch itself will ignore non-diff text in the file, read the manpage. :) > Adam, don't put down a system that precedes dbs. It is tried and true > to it's purpose and solves things that DBS cannot. I wasn't putting it down. Each system has evolved to perform what the users have desired of it. BEGIN GEEK CODE BLOCK Version: 3.12 GCS d- s: a-- c+++ UL P+ L !E W+ M o+ K- W--- !O M- !V PS-- PE++ Y+ PGP++ t* 5++ X+ tv b+ D++ G e h*! !r z? -END GEEK CODE BLOCK- BEGIN PGP INFO Adam Heath <[EMAIL PROTECTED]>Finger Print | KeyID 67 01 42 93 CA 37 FB 1E63 C9 80 1D 08 CF 84 0A | DE656B05 PGP AD46 C888 F587 F8A3 A6DA 3261 8A2C 7DC2 8BD4 A489 | 8BD4A489 GPG -END PGP INFO-
tcpdump bug???
Hello, Anyone else agree that there is a bug in tcpdump here? snoopy:~# tcpdump -i ppp0 -e tcpdump: listening on ppp0 12:26:39.696219 ip: 202.12.87.129 > 203.12.236.226: icmp: echo request 12:26:39.842301 ip: 203.12.236.226 > 192.168.87.134: icmp: echo reply 12:26:40.694174 ip: 202.12.87.129 > 203.12.236.226: icmp: echo request 12:26:40.832367 ip: 203.12.236.226 > 192.168.87.134: icmp: echo reply I am trying to get masquerading working with 2.4.0test10. According to this tcpdump, the packet is getting sent from the masqueraded address OK, but the reply goes back to the private address. So either: 1. masquerading doesn't work (probably my fault), and tcpdump is showing the wrong source address. This could also be a kernel bug, but I am skeptical (doesn't the kernel pass the raw data directly to tcpdump?). 2. the remote host determines the real IP address via ESP and uses that instead of the correct address. Note: I get similar results for TCP as well as ICMP. -- Brian May <[EMAIL PROTECTED]>
Re: dbs
> "Adam" == Adam Heath <[EMAIL PROTECTED]> writes: Adam> I don't like -p0, as it doesn't allow the top-level dir to Adam> be changed. dbs has -p1 hardcoded, but, I'll try to make it Adam> not be so the next generation version. Adam> You can put a description in the patch, just like you can Adam> with dpatches. Patch itself will ignore non-diff text in Adam> the file, read the manpage. :) Is there any documentation I can find for dbs? -- Brian May <[EMAIL PROTECTED]>
Boxed Penguin Prototype showcases customization of Debian to build infrastructure server
In order to actually get something done in an electronic office, we need a certain amount of infrastructure. In a large environment, the incremental costs are somewhat visible, but you won't see how much work it took to get there. In practice, starting from ground zero means identifying a large collection of interesting subsystems, then customizing each one, figuring out how to manage and maintain it, deploying it, documenting local procedures and policies, and then moving on to the next one. This turns out to be a huge amount of one-time effort - which doesn't get streamlined or tuned, beyond becoming part of a particular sysadmin's knowledge base. Boxed Penguin (http://www.boxedpenguin.com/) hopes to come up with a general open-source solution to this problem: we hope to construct a set of tools that allow sites to easily and quickly deploy infrastructure. We'd like to draw your attention to our initial prototype, based on Debian GNU/Linux, available at our website. The prototype demonstrates how a site could combine various components of Debian together to set up an infrastructure. Kerberos acts as a central authentication service. SASL and PAM are used to provide security to applications like LDAP and IMAP. AFS is used as a secure, distributed file system for the site's data. LDAP is used to provide a means for distributing account information. Most of the work in the prototype focused on integrating various components. For example scripts are provided to create all the parts of a user account: Kerberos authentication information, an LDAP password entry, AFS volumes for home directories and an IMAP mailbox. Other scripts provide manipulation of group data. The other hard problem we attempted to solve was the integration of the package installation. Because we were creating a unified infrastructure, we knew more about the desired state of the system than the author of any package. For example, we knew that LDAP would be using Kerberos SASL for authentication and thus didn't need an admin password. We wanted to turn this extra knowledge into a simplified installation experience for our users. In most cases we took advantage of Debconf and gave packages the hints we needed. We hope that by bringing our prototype to the attention of the Debian community, we can focus developer interest on problems that pop up when you try and deploy Debian throughout a site or environment instead of on a single machine. For example, while effective, our technique of stuffing debconf configuration in the boxedp-assumptions package could probably be replaced with a better-architected system for providing additional information to packages about containing frameworks. Also, we're interested in Debian's input on the problems we are trying to solve and on how Debian can best be used to solve these problems. Thanks, --Sam
Re: tcpdump bug???
On Sun, Dec 31, 2000 at 12:42:51PM +1100, Brian May wrote: > 2. the remote host determines the real IP address via ESP and uses > that instead of the correct address. tcpdump and masquerading is somewhat tricky. It's a well knon kernel feature and the reason for it is, that is is much faster for normal operation that way: http://www.uwsg.iu.edu/hypermail/linux/kernel/9707.0/0066.html Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (OO) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Re: tcpdump bug???
> "Bernd" == Bernd Eckenfels <[EMAIL PROTECTED]> writes: Bernd> On Sun, Dec 31, 2000 at 12:42:51PM +1100, Brian May wrote: >> 2. the remote host determines the real IP address via ESP and >> uses that instead of the correct address. Bernd> tcpdump and masquerading is somewhat tricky. Bernd> It's a well knon kernel feature and the reason for it is, Bernd> that is is much faster for normal operation that way: Bernd> http://www.uwsg.iu.edu/hypermail/linux/kernel/9707.0/0066.html Apparently, the problem was meant to have been fixed in 2.2.X, see: http://bugs.debian.org/10955> This is 2.4.0test10 Does this mean that the bug been re-introduced? I didn't see anything about it being performance related. -- Brian May <[EMAIL PROTECTED]>
