Re: keysigning in Helsinki

[Wouter Verhelst]

On Wed, May 03, 2006 at 09:44:13PM +0200, Joost Yervante Damad wrote:
> Hi,
> 
> I will be in Helsinki from 8/5 till 14/5.
> 
> If someone wants to meet for a drink or some keysigning drop me an email.

You're almost a year late ;-)

-- 
Fun will now commence
  -- Seven Of Nine, "Ashes to Ashes", stardate 53679.4


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Policy change about `/usr/lib/cgi-bin' - Mass bug filing pending...

[Alexis Sukrieh]

* Tollef Fog Heen ([EMAIL PROTECTED]) disait :
> >As you might have noticed, the last policy version (3.7.0) says that
> >web application packages must not put CGIs under `/usr/lib/cgi-bin'
> >anymore:
> 
> Given that apache2 has almost a magnitude more installations than all 
> the other web servers in Debian (sans apache 1) combined and the apache 
> team has no intentions of adopting the cgi-lib policy, I think the idea 
> of cgi-lib is quite dead.

Then, I don't understand why we have this discussion _after_ the policy
has been changed...

I thought the policy was a trustable document, where developers could 
find guidelines for their work, it seems that it's not always true. Sad.

> If policy documents something which isn't true and won't be true, it 
> should be changed back again.

In the meantime, do you suggest to use lintian overrides for fixing this
in webapp packages or purely ignoring the lintian complaints?

I hope we can solve that issue soon, it's pretty confusing for maintainers.

Kind Regards,

Alexis.

-- 
Alexis Sukrieh <[EMAIL PROTECTED]>
0x1EE5DD34
Debian   http://www.debian.org
Backup Manager   http://www.backup-manager.org


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Policy change about `/usr/lib/cgi-bin' - Mass bug filing pending...

[Steve Langasek]

On Thu, May 04, 2006 at 09:49:29AM +0200, Alexis Sukrieh wrote:
> In the meantime, do you suggest to use lintian overrides for fixing this
> in webapp packages or purely ignoring the lintian complaints?

Given that there is no support for this from webserver maintainers and no
proposed migration path, and the change to policy has just been reverted in
3.7.2.0, it should be fixed in lintian instead.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


signature.asc
Description: Digital signature

Re: Keyboard error

[Michael Banck]

On Thu, May 04, 2006 at 07:43:24AM +0200, Gudjon I. Gudjonsson wrote:
>I know this is not an amd64 specific problem since it also appears
> on i386 but I have tired to send a bug report and without success.

I am sorry, but debian-devel is not the right place for such a request
(unless you want to discuss candidate patches).  Please ask on
debian-user or debian-x, or follow-up to the bug report in a couple of
days.  The X strike force is very busy shaking out all the bugs right
now.

If you cannot allow bugs to keep you from work, I suggest you run Debian
stable instead, which is also available for amd64.


cheers,

Michael

-- 
Michael Banck
Debian Developer
[EMAIL PROTECTED]
http://www.advogato.org/person/mbanck/diary.html


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#365995: ITP: pfm -- Postgresql client application using Tcl/Tk to design forms to input data and link between related tables allowing easy navigation within a database.

[Mark Hindley]

Package: wnpp
Severity: wishlist
Owner: Mark Hindley <[EMAIL PROTECTED]>


* Package name: pfm
  Version : x.y.z
  Upstream Author : Name <[EMAIL PROTECTED]>
* URL : http://www.example.org/
* License : (GPL, LGPL, BSD, MIT/X, etc.)
  Description : Postgresql client application using Tcl/Tk to design forms 
to input data and link between related tables allowing easy navigation within a 
database.

(Include the long description here.)

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (400, 'testing'), (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.16.1
Locale: LANG=en_GB, LC_CTYPE=iso_8859_1 (charmap=ISO-8859-1) (ignored: LC_ALL 
set to en_GB)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: the BTS gains a remote bug tracking feature for free !

[Mike Hommey]

On Wed, May 03, 2006 at 11:56:32AM +0200, Pierre Habouzit <[EMAIL PROTECTED]> 
wrote:
>   This tool lists every BTS bug that is forwarded to a remote Bug
> Tracker. If it knows how to get a Status and possibly a Resolution (if
> the Status is a closing Status), it gets them, and:
>   * sets upstream, fixed-upstream, wontfix tags according to the
> retrieved information ;

At least for mozilla products, please don't set fixed-upstream, since a
bug that is marked FIXED can only be fixed in mozilla trunk ONLY or in
the 1_8_BRANCH but not in 1_8_0_BRANCH.
See bz#272670 for example, it is fixed in mozilla trunk only, which means
it will be fixed in firefox 3.0. In quite a lot of time. Most of the
time, fixes on the trunk qre q pqin in the ass to backport because of
all the changes between gecko 1.8 and 1.9.
Moreover, I think a bug should be only marked fixed-upstream if it is
actually fixed in a released work, or a soon to be released work. Not in
a CVS branch that will reach release status in more than a year.

Apart from that, it's pretty neat.

Mike


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: XOrg transition, status of libxaw8

[Daniel Stone]

On Thu, May 04, 2006 at 10:15:36AM +1000, Drew Parsons wrote:
> On Wed, 2006-05-03 at 15:23 +0200, Wouter Verhelst wrote:
> > On Wed, May 03, 2006 at 10:26:21PM +1000, Drew Parsons wrote:
> > > Wouter asked:
> > > > Just out of curiosity, could you point me to arguments in favour of
> > > > Xprint?
> > > 
> > > http://www.dailynews.co.th/
> > > 
> > > QED
> > 
> > Err. You're saying Xprint is the only print implementation that can
> > print non-latin stuff properly and reliably?
> > 
> 
> Yes, that's right.
> 
> Unless you've taken particular pains to install your non-latin fonts the
> right way and get them used by mozilla the right way, the default
> mozilla printer just renders them with empty boxes, making the text a
> tad difficult to read.  Xprint manages to print them legibly without
> making further particular efforts to set up the fonts. I won't claim the
> result is always picture perfect (I'm expecting quality to improve with
> X11R7.1), but at least you can read it.
> 
> There is apparently some new FreeType support in mozilla printing which
> might change things (see http://www.jw-stumpel.nl/stestu.html#T9.3.2),
> but Xprint works where the default mozilla postscript driver does not.

I didn't set Mozilla up with anything special at all, and you might
remember me showing you dailynews and Russian/Japanese/etc sites
rendering correctly, all the way back at LCA 2005, I think it was. ;)

Cheers,
Daniel


signature.asc
Description: Digital signature

Re: Bug#363598: udev should conflict with ifrename

[Juha Jäykkä]

> Unless you can persuade the kernel developers to "fix this" then the
> correct solution is to configure network interfaces as an effect of
> hotplug events.

Eh.. excuse me, but did I get this right? Does this mean that there would
be no way of deconfiguring a network device which is not hot-pluggable?
What I mean is, how do I generate a hotplug event for, e.g. a NIC that's
integrated to the motherboard? I may well want to deconfigure it...

-- 
 ---
| Juha Jäykkä, [EMAIL PROTECTED]|
| Laboratory of Theoretical Physics |
| Department of Physics, University of Turku|
| home: http://www.utu.fi/~juolja/  |
 ---


signature.asc
Description: PGP signature

Re: Re: XOrg transition, status of libxaw8

[Drew Parsons]

Frank wrote:
> >> The
> >> CUPS queues print those thai (?) letters very nicely, it's a PostScript
> >> printer.
> >
> > Not on my computer.  The CUPS queues (and default postscript for that
> > matter) are broke in latest firefox on my system. "Paper size not
> > supported", bug #344401. Time to check the upstream bug discussion for
> > that, I see.
> 
> This error went away for me after the upgrade to 1.5.dfsg+1.5.0.2-2bpo1

Strange, my version is 1.5.dfsg+1.5.0.2-3, the one before it in the
changelog was 1.5.dfsg+1.5.0.2-2.  Was your -2bpo1 a local or
experimental version?

But following the upstream discussion, I have been able to restore CUPS
(and postscript/default) by manually deleting all references to user
preferences "print.*" in prefs.js. Although the bug discussion
indicates the problem will return in a few weeks time.

Curiously, now that I can test them, I find that both of them are now
successfully printing the non-latin pages.  I guess that means Xprint
will now fade in importance, but I'll keep maintaining it for the time
being.

Drew


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: Re: XOrg transition, status of libxaw8

[Drew Parsons]

Dan writ:
> On Thu, May 04, 2006 at 10:15:36AM +1000, Drew Parsons wrote:
> > > 
> > > Err. You're saying Xprint is the only print implementation that can
> > > print non-latin stuff properly and reliably?
> > > 
> > 
> > Yes, that's right.
> > 
> 
> I didn't set Mozilla up with anything special at all, and you might
> remember me showing you dailynews and Russian/Japanese/etc sites
> rendering correctly, all the way back at LCA 2005, I think it was. ;)
> 

Yes but you failed on the Thai test, remember? :-)  Well at least one
of them failed anyway, I remember. You're right, Russian was working.

Anyway, as I just replied to Wouter the CUPS/default printers in
firefox 1.5 now appear to be working (when they work at all, that is).
Hurrah, neh?

Cheers,

Drew


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#365995: ITP: pfm -- Postgresql client application using Tcl/Tk to design forms to input data and link between related tables allowing easy navigation within a database.

[Mark Hindley]

On Thu, May 04, 2006 at 10:39:30AM +0100, Mark Hindley wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Mark Hindley <[EMAIL PROTECTED]>
> 
> 
Sorry!

Other details should read:

 * Package name: pfm
   Version : 1.2.5
   Upstream Author : Willem Herremans <[EMAIL PROTECTED]>
 * URL : http://gborg.postgresql.org/project/pfm/projdisplay.php
 * License : GPL
   Description : Postgresql client application using Tcl/Tk to design forms 
to input data and link between related tables allowing easy navigation within a 
database.
 pfm (Postgres Forms) is a client for PostgreSQL. It uses Tcl/Tk
 to create forms to access the database. Complex relationships
 between tables can be easily explored.
 .
 The PostgreSQL server can be remote or local.
   
Mark


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#364319: base-files: PS1 setting for *ksh (PROPOSAL: /etc/profile.d/)

[cobaco (aka Bart Cornelis)]

On Wednesday 03 May 2006 22:56, Bill Allombert wrote:
> On Thu, Apr 27, 2006 at 12:53:01PM +0200, cobaco (aka Bart Cornelis) 
wrote:
> > On Sunday 23 April 2006 20:26, Russ Allbery wrote:
> > > Jari Aalto <[EMAIL PROTECTED]> writes:
> > > > What we need and what should have been done a long time ago, is to
> > > > modularize profile to /etc/profile.d/ where each program is
> > > > resposible for shipping reasonable defaults. Redhad has done this
> > > > long time and Cygwin does that too and it works very well.
>
> I suggest the post below that detail how they use it and why
> this is not needed in Debian:
>
> 

I'll take the various arguments in that mail and give my take on it (correct 
me if I misinterpreted anything):


Debian shells are not required to be POSIX compliant, only /bin/sh.
In practice, I expect you will have a hard time to write shell scripts
that are valid for both tcsh and bash. 


/etc/profile is only used by bourne-compatible shells (of which tcsh isn't 
one). Most things can be writte in a way that's valid for all 
bourne-compatible shells, and any bits that can't can easily be wrapped in 
an appropriate if-statement




I would like to point out that the correct way in Debian to set
environnement variable for all users is to use /etc/environnement.


while very true, this is not a valid objection: 
- there's no way to conditionally set variables through /etc/environment.
  Sometimes you want to influence things through environment variables based
  on run-time tests (see for example my desktop-profiles package which does
  exatly that in order to fix a corner-case bug for those shells that allow
  it)
- configuration packages are another valid use case (see below)

One approach will never fit everyone: where one person sees bloat another
sees service. (I think we can all agree on that?).

In light of that it makes sense to offer a mechanism through which people 
can pick and choose the level of service/bloat they want. Which is exactly 
what modularizing /etc/profile would allow (through configuration packages 
that implement a particular level of service/bloat).

NOTE: this does not get in the way of base-files only offering a minimal
  level of bloat/service. 

As for the whole part of the mail critizing the redhat bloat, it's 
irrelevant if somebody wants to provide a configuration package 
implementing the exact set of bloat/service offered by redhat then that's 
fine. Only those users that want it will install it. 

> In that case, I would suggest to introduce a /etc/bashrc.d and
> /etc/kshrc.d rather than a /etc/profile.d.

Why split it per bourne-shell-variant? 
- Most things can be put in a way that's valid for all bourne-compatible
  shells (i.e. those using /etc/profile). 
- Those few bits that are specic to 1 shell-variant can easily be surrounded
  by an appropriate if-statement as the start of this bug illustrates.
-- 
Cheers, cobaco (aka Bart Cornelis)


pgpZokFWFaOiC.pgp
Description: PGP signature

Re: XOrg transition, status of libxaw8

[Dagfinn Ilmari Mannsåker]

Drew Parsons <[EMAIL PROTECTED]> writes:

> Frank wrote:
>> >> The
>> >> CUPS queues print those thai (?) letters very nicely, it's a PostScript
>> >> printer.
>> >
>> > Not on my computer.  The CUPS queues (and default postscript for that
>> > matter) are broke in latest firefox on my system. "Paper size not
>> > supported", bug #344401. Time to check the upstream bug discussion for
>> > that, I see.
>> 
>> This error went away for me after the upgrade to 1.5.dfsg+1.5.0.2-2bpo1
>
> Strange, my version is 1.5.dfsg+1.5.0.2-3, the one before it in the
> changelog was 1.5.dfsg+1.5.0.2-2.  Was your -2bpo1 a local or
> experimental version?

-XbpoY is the Y-th backports.org version of -(X+1) from
testing/unstable.

-- 
ilmari
"A disappointingly low fraction of the human race is,
 at any given time, on fire." - Stig Sandbeck Mathisen


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Policy change about `/usr/lib/cgi-bin' - Mass bug filing pending...

[Martijn van Oosterhout]

On 5/3/06, Christoph Berg <[EMAIL PROTECTED]> wrote:

Using the path component "cgi-lib" which will even be visible to users
of the web server looks like a big chunk of NIH to me. Even worse, it
will break existing URLs when CGIs start to move to their location.


To be honest, I thought this policy had a different purpose entirely.
I thought it was to deal with the problem of people installing
packages and having them install things that conflict with the admin.
Or alternately, the problem of having packages be accessable via the
webserver before the admin has configured the package.

So, debian changes packages to install to cgi-lib where we can ensure
they won't conflict. If the admin wants to make them visible they
symlink the stuff from cgi-lib to cgi-bin. No special webserver
supported needed.

Just changing the names seems silly in the extreme.

Have a nice day,
--
Martijn van Oosterhout <[EMAIL PROTECTED]> http://svana.org/kleptog/

Re: Bug#365995: ITP: pfm -- Postgresql client application using Tcl/Tk to design forms to input data and link between related tables allowing easy navigation within a database.

[Dirk Eddelbuettel]

Mark Hindley  hindley.org.uk> writes:
> Package: wnpp
> Severity: wishlist
> Owner: Mark Hindley  hindley.org.uk>
> 
> * Package name: pfm
>   Version : x.y.z
>   Upstream Author : Name  example.org>
> * URL : http://www.example.org/
> * License : (GPL, LGPL, BSD, MIT/X, etc.)

Please fill in the four fields Version to License. 

>   Description : Postgresql client application using Tcl/Tk to design forms
to input data and link between
> related tables allowing easy navigation within a database.

Please reformat the Description into a shorter title line, ...

> (Include the long description here.)

... and a meaningful long description.

Dirk



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: XOrg transition, status of libxaw8

[Frank Küster]

Drew Parsons <[EMAIL PROTECTED]> wrote:

> Frank wrote:
>> >> The
>> >> CUPS queues print those thai (?) letters very nicely, it's a PostScript
>> >> printer.
>> >
>> > Not on my computer.  The CUPS queues (and default postscript for that
>> > matter) are broke in latest firefox on my system. "Paper size not
>> > supported", bug #344401. Time to check the upstream bug discussion for
>> > that, I see.
>> 
>> This error went away for me after the upgrade to 1.5.dfsg+1.5.0.2-2bpo1
>
> Strange, my version is 1.5.dfsg+1.5.0.2-3, the one before it in the
> changelog was 1.5.dfsg+1.5.0.2-2.  Was your -2bpo1 a local or
> experimental version?

No, as the version number implies it was 1.5.dfsg+1.5.0.2-3 recompiled
for sarge and uploaded to backports.org.  I'm using sarge as my daily
work distribution, sid is only in a chroot.

> But following the upstream discussion, I have been able to restore CUPS
> (and postscript/default) by manually deleting all references to user
> preferences "print.*" in prefs.js. Although the bug discussion
> indicates the problem will return in a few weeks time.

This I did also, just before installing this version, and it did not
help IIRC.  But both together did.  I think.  But thinking again, I
wouldn't swear what the order of events was.

Regards, Frank
-- 
Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX)

Re: Bug#363598: udev should conflict with ifrename

[Marco d'Itri]

On May 04, Juha Jäykkä <[EMAIL PROTECTED]> wrote:

> Eh.. excuse me, but did I get this right? Does this mean that there would
> be no way of deconfiguring a network device which is not hot-pluggable?
> What I mean is, how do I generate a hotplug event for, e.g. a NIC that's
> integrated to the motherboard? I may well want to deconfigure it...
ifdown $INTERFACE

-- 
ciao,
Marco


signature.asc
Description: Digital signature

Re: O: Gnus -- A versatile News and mailing list reader for Emacsen.

[Marc Haber]

On Sat, 29 Apr 2006 21:42:46 -0700, Russ Allbery <[EMAIL PROTECTED]>
wrote:
>At a guess:  He doesn't mean ship the pristine upstream, he means to ship
>a shell script that derives the Debian .orig.tar.gz from a pristine copy
>of upstream obtained separately so that the process is reproducible.  This
>lets others confirm the heritage of what's in Debian by checking over the
>transformation, grabbing the upstream distribution, applying the
>transformation themselves, and making sure they get back the same thing.

Right. Sorry for not making myself clear.

Greetings
Marc

-- 
-- !! No courtesy copies, please !! -
Marc Haber |   " Questions are the | Mailadresse im Header
Mannheim, Germany  | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Re: effectiveness of rsync and apt

[Marc Haber]

On Mon, 01 May 2006 09:30:55 +0200, Florian Weimer <[EMAIL PROTECTED]>
wrote:
>The downside is that anything that doesn't work on entire .debs is
>very likely to change them at the byte stream level (you only need to
>use slightly different zlib versions or parameters).  This means that
>the chain of cryptographic hashes that guard against malicious mirror
>or network operators breaks. 8-(

Since having cryptographic hashes is very very low on the priority
list of the people in Power over Debian, I wouldn't care too much.

Greetings
Marc

-- 
-- !! No courtesy copies, please !! -
Marc Haber |   " Questions are the | Mailadresse im Header
Mannheim, Germany  | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Re: effectiveness of rsync and apt

[Goswin von Brederlow]

Marc Haber <[EMAIL PROTECTED]> writes:

> On Mon, 01 May 2006 09:30:55 +0200, Florian Weimer <[EMAIL PROTECTED]>
> wrote:
>>The downside is that anything that doesn't work on entire .debs is
>>very likely to change them at the byte stream level (you only need to
>>use slightly different zlib versions or parameters).  This means that
>>the chain of cryptographic hashes that guard against malicious mirror
>>or network operators breaks. 8-(
>
> Since having cryptographic hashes is very very low on the priority
> list of the people in Power over Debian, I wouldn't care too much.
>
> Greetings
> Marc

I think what he ment is the md5sum in Packages.gz and apt-get cares
about them on download only. If you put the result of patching the
debs to a new version directly into apts cache it will eat them even
with a wrong checksum.

I actualy have a little hack how one could implement patch debs now to
test this out:

1. Create an archive mirror with rsync batch files (or xdelta or
whatever) between the last and current version of each package. It
might be simplest to replace the data.tar.gz in each deb with the
rsync batch file and leave the rest of the deb as is.

2. Create Packages.gz and friends for those patch debs

3. Create an apt method "http-patch" to apt that will first check for
the old version of the package or dpkg-repack it, then forks the http
method to download the patch deb, applies the patch and returns the
build deb.

4. Add

deb http-patch://server/path suite dist

to sources.list _before_ the normal http url.


One drawback of this hack would be that you get an error from the
http-patch method when you don't have the previous version available
before apt-get falls back to the http url.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Emacs out for lunch?

[Kurt Petersen]

I was the happy user of Emacs on Debian unstable. After a normal 
  apt-get update; apt-get dist-upgrade
Emacs disappeared and has not been seen later. I'm I the only one to
miss it?

Could this be the reason:

# apt-get install  emacs21-nox
[...]
The following packages have unmet dependencies:
  emacs21-nox: Depends: emacs21-bin-common (= 21.4a-3) but it is not going to 
be installed
E: Broken packages

Kurt


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Debian Policy version

[Hendrik Sattler]

Hi,

In the PTS I see:
The package should be updated to follow the last version of Debian Policy 
(Standards-Version 3.7.2 instead of 3.6.2.0).

However, version 3.7.2.0 is neither in unstable nor at 
http://www.debian.org/doc/debian-policy/
Both only have version 3.7.1.0. How comes that the PTS has a newer version 
than all the other sources?

HS


pgpp9dMp0oTpW.pgp
Description: PGP signature

Bug#366033: ITP: python-paste -- Tools for using a Web Server Gateway Interface stack

[Piotr Ozarowski]

Package: wnpp
Severity: wishlist
Owner: Piotr Ozarowski <[EMAIL PROTECTED]>

* Package name: python-paste
  Version : 0.9
  Upstream Author : Ian Bicking <[EMAIL PROTECTED]>
* URL : http://pythonpaste.org/
* License : MIT
  Programming Lang: Python
  Description : Tools for using a Web Server Gateway Interface stack

Python Paste brings consistency to Python web development and web application
installation, providing tools for both developers and system administrators.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-grsec
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian Policy version

[Frank Küster]

Hendrik Sattler <[EMAIL PROTECTED]> wrote:

> However, version 3.7.2.0 is neither in unstable nor at 
> http://www.debian.org/doc/debian-policy/
> Both only have version 3.7.1.0. How comes that the PTS has a newer version 
> than all the other sources?

http://incoming.debian.org/

-- 
Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX)

Re: Emacs out for lunch?

[Frank Küster]

Kurt Petersen <[EMAIL PROTECTED]> wrote:

> I was the happy user of Emacs on Debian unstable. After a normal 
>   apt-get update; apt-get dist-upgrade
> Emacs disappeared and has not been seen later. I'm I the only one to
> miss it?
>
> Could this be the reason:
>
> # apt-get install  emacs21-nox
> [...]
> The following packages have unmet dependencies:
>   emacs21-nox: Depends: emacs21-bin-common (= 21.4a-3) but it is not going to 
> be installed
> E: Broken packages

Yes, http://bugs.debian.org/365597

Although the bug is still marked open, it's at least "fixed enough" now
that the package builds again.  I don't know how long it will take until
the autobuilders try again.  

To work around this, install emacs21-common=21.4a-3 from testing (not
*-bin-common*). 

Regards, Frank
-- 
Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX)

Bug#366041: ITP: python-pastedeploy -- Load, configure, and compose WSGI applications and servers

[Piotr Ozarowski]

Package: wnpp
Severity: wishlist
Owner: Piotr Ozarowski <[EMAIL PROTECTED]>

* Package name: python-pastedeploy
  Version : 0.5
  Upstream Author : Ian Bicking <[EMAIL PROTECTED]>
* URL : http://pythonpaste.org/
* License : MIT
  Programming Lang: Python
  Description : Load, configure, and compose WSGI applications and servers

Paste Deployment is a system for finding and configuring WSGI applications and
servers. For WSGI application consumers it provides a single, simple function
(loadapp) for loading a WSGI application from a configuration file or a Python
Egg. For WSGI application providers it only asks for a single, simple entry
point to your application, so that application users don't need to be exposed
to the implementation details of your application.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-grsec
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#364319: base-files: PS1 setting for *ksh (PROPOSAL: /etc/profile.d/)

[Russ Allbery]

cobaco (aka Bart Cornelis) <[EMAIL PROTECTED]> writes:

> /etc/profile is only used by bourne-compatible shells (of which tcsh
> isn't one). Most things can be writte in a way that's valid for all
> bourne-compatible shells, and any bits that can't can easily be wrapped
> in an appropriate if-statement

/etc/profile is *not*, however, used by all Bourne-compatible shells.
(One significant exception is zsh.)  Therefore, one cannot put things into
/etc/profile and assume that all Bourne-compatible shells will then see
them.

I don't think this really counters the rest of your argument, but it's
something to be aware of.

-- 
Russ Allbery ([EMAIL PROTECTED])   


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Emacs out for lunch?

[Steve Langasek]

On Thu, May 04, 2006 at 06:08:46PM +0200, Frank Küster wrote:
> Yes, http://bugs.debian.org/365597
> 
> Although the bug is still marked open, it's at least "fixed enough" now
> that the package builds again.

No it isn't.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/


signature.asc
Description: Digital signature

Re: bits from the release team

[Goswin von Brederlow]

Andreas Barth <[EMAIL PROTECTED]> writes:

>  - secure apt
> secure apt is now part of testing.  However, we need to do something for key
> management etc - so some small issues need to be resolved.

>From a usability standpoint I find this the largest problem in debian
today. Finding the right key and getting it added to apt has been a
problem for so many users already and those are only the etch/sid
users.

I have two suggestions on this subject:

1) Create debian/dists//Release.key

I asked ftp-master before to place the respective key there but so far
nothing has happened.

The key should be placed in a common place for any apt-get-able
archive, be that debian, ubuntu, security, backports or any of the
others. Placing the key next to the Release and Release.gpg file is
the most logical place for both software and humans to find it.

Having Release.key be a keyring (instead of a single key) should allow
it to include revokations in case a key gets compromised, right?


2) 'apt-* update' should fetch Release.key

Keys should be fetchable directly from a debian archive, be that a cd,
file, ftp or http url in sources.list. I would prefer apt-get update
to do that when needed but if someone insists then apt-key update can
do it and apt-get can tell users about that for missing keys.

For obvious reasons a fetched key(ring) should not be silently added
to the apt keyring but checked first. That means checking all
signatures, showing the user the result [e.g. New key : X
signatures check, Y signatures unknown, Z signatures
failed. Accept/Reject/Ignore/Details?] and let the user decide what to
do about it.

A user should not have to first research about gpg and apt-key at length
to find the correct syntax and definetly shouldn't be at loss as to
where to find the key as it is now.


Having the key in the debian-keyring package was a nice idea but
ultimatly useless. Sarge users can't fetch the new etch keyring
package because the signature doesn't match and the signature doesn't
match because the sarge keyring doesn't have the key. Fun fun fun.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#366069: ITP: fusesmb -- filesystem client based on the samba file transfer protocol

[Samuel Mimram]

Package: wnpp
Severity: wishlist
Owner: Samuel Mimram <[EMAIL PROTECTED]>

* Package name: fusesmb
  Version : 0.8.4
  Upstream Author : Vincent Wagelaar <[EMAIL PROTECTED]>
* URL : http://www.ricardis.tudelft.nl/~vincent/fusesmb/
* License : mainly GPL (+ BSD)
  Programming Lang: C
  Description : filesystem client based on the samba file transfer protocol

 fusesmb is a filesystem client based on the samba file transfer protocol.
 .
 It is based on FUSE (userspace filesystem framework for Linux), thus you will
 have to prepare fuse kernel module to be able to use it.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Compiling packages for the standard distribution with -Os instead of -O2

[Joe Smith]

"Rogério Brito" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]

Hi there.

I think that this may be interesting to anybody that has to work with
computers that are not the latest/more recent as most people in richer
countries seem to have.

It seems to be that a good amount of people upgrade their computers in a
regular basis and, then, don't notice how things can get slower in
"weaker" computers.


Those of us that live in a country where the already installed base of
computers is not recent have to live with software that is ever growing
in terms of both RAM and CPU cycles and this leaves less computing power
for the applications needed to run.

One way to mitigate the memory consumption is to, among other things,
compile packages with optimization of GCC set to -Os, instead of -O2,
which seems to work at least for some programs (the Linux kernel,
mozilla-firefox and my own home-grown programs).


Wait a second. Optimizing for size should decrease speed.
That is the whole idea of size/speed optimization tradeoffs.






--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Debian Policy version

[Joe Smith]

"Frank Küster" <[EMAIL PROTECTED]> wrote in message 
news:[EMAIL PROTECTED]

Hendrik Sattler <[EMAIL PROTECTED]> wrote:


However, version 3.7.2.0 is neither in unstable nor at
http://www.debian.org/doc/debian-policy/
Both only have version 3.7.1.0. How comes that the PTS has a newer 
version

than all the other sources?


http://incoming.debian.org/


It seems to me that it is unreasonable for the PTS to be updated before the 
policy package actually hits the mirrors.
There is a period of time after a package leaves incomming but before the 
mirrors are updated when the package is difficult to

obtain.

It is bad enough that Debian-policy 3.7.1 does not indicate meeting itself, 
but now the PTS is stating that debian-policy should be updated to a version 
policy newer than "Latest Version" (as the general information section 
states).

See http://packages.qa.debian.org/d/debian-policy.html





--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: bits from the release team

[Joey Hess]

Goswin von Brederlow wrote:
> Having the key in the debian-keyring package was a nice idea but
> ultimatly useless. Sarge users can't fetch the new etch keyring
> package because the signature doesn't match and the signature doesn't
> match because the sarge keyring doesn't have the key. Fun fun fun.

Er, sarge doesn't have secure apt so that problem doesn't exist. Also,
secure apt allows you to install packages that don't have a trust path.

FWIW, I consider this issue solved by the debian-archive-keyring,
only issue I know if is that upgrades have to manually upgrade it before
upgrading apt.

-- 
see shy jo


signature.asc
Description: Digital signature

Re: bits from the release team

[Goswin von Brederlow]

Joey Hess <[EMAIL PROTECTED]> writes:

> Goswin von Brederlow wrote:
>> Having the key in the debian-keyring package was a nice idea but
>> ultimatly useless. Sarge users can't fetch the new etch keyring
>> package because the signature doesn't match and the signature doesn't
>> match because the sarge keyring doesn't have the key. Fun fun fun.
>
> Er, sarge doesn't have secure apt so that problem doesn't exist. Also,
> secure apt allows you to install packages that don't have a trust path.
>
> FWIW, I consider this issue solved by the debian-archive-keyring,
> only issue I know if is that upgrades have to manually upgrade it before
> upgrading apt.

Once you update apt it does. That is when you notice that suddenly you
need the key for authentication.

Also on every key upgrade you have to install an untrusted package.
That kind of takes the point out of the secure part. An attacker just
has to wait to next new year and then smuggle in his own key onto a
debian mirror. Most users will not notice the swap.


Not to mention that any inofficial apt archive is left out in the
rain. Do you expect every archive to have their own keyring package?
What about being "universal"? :)

> -- 
> see shy jo

MfG
Goswin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Compiling packages for the standard distribution with -Os instead of -O2

[Goswin von Brederlow]

"Joe Smith" <[EMAIL PROTECTED]> writes:

> "Rogério Brito" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
> Hi there.
>
> I think that this may be interesting to anybody that has to work with
> computers that are not the latest/more recent as most people in richer
> countries seem to have.
>
> It seems to be that a good amount of people upgrade their computers in a
> regular basis and, then, don't notice how things can get slower in
> "weaker" computers.
>
>>Those of us that live in a country where the already installed base of
>>computers is not recent have to live with software that is ever growing
>>in terms of both RAM and CPU cycles and this leaves less computing power
>>for the applications needed to run.
>>
>>One way to mitigate the memory consumption is to, among other things,
>>compile packages with optimization of GCC set to -Os, instead of -O2,
>>which seems to work at least for some programs (the Linux kernel,
>>mozilla-firefox and my own home-grown programs).
>
> Wait a second. Optimizing for size should decrease speed.
> That is the whole idea of size/speed optimization tradeoffs.

A lot of the time the reduced ram requirement can stop swapping (big
speed increase) and improve the cache hit ratios. That is also a
reason why -O3 isn't neccesarily better than -O2. Optimization can
make things worse too.

MfG
Goswin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: bits from the release team

[Joey Hess]

Goswin von Brederlow wrote:
> Once you update apt it does. That is when you notice that suddenly you
> need the key for authentication.

As I said, you have to install debian-archive-keyring first.

> Also on every key upgrade you have to install an untrusted package.

No, you merely have to upgrade debian-archive-keyring before the old key
exires, using the old key to validate the package containing the new
one.

> Not to mention that any inofficial apt archive is left out in the
> rain. Do you expect every archive to have their own keyring package?

No, I expect them to continue distributing the apt keys in various ways
as they already demonstratably do now, and probably eventually converge
on a single standard way with a standard well-known command to get the key.

-- 
see shy jo


signature.asc
Description: Digital signature

Re: the BTS gains a remote bug tracking feature for free !

[Anthony DeRobertis]

On Wed, May 03, 2006 at 01:21:41PM +0200, Pierre Habouzit wrote:

>  * the forward canonization is vital for things like tracking bugzilla's
>"merges" (it in fact rewrites a $(uri)/show_bug.cgi?old_nnn into the 
>$(uri)/show_bug.cgi?new_nnn)

Out of curiosity, how does it handle un-merges in Bugzilla?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Compiling packages for the standard distribution with -Os instead of -O2

[Anthony DeRobertis]

On Wed, May 03, 2006 at 11:02:57AM -0300, Henrique de Moraes Holschuh wrote:

> For Etch and Sid, it is probably a good idea to use -Os instead of -O2 at
> least on the bigger arches (ia32, ia64, amd64, etc), as we can probably
> trust gcc not to screw up.

If gcc generally generates faster code with -Os than -O2, then isn't
that a gcc bug, in that the optimizations enabled by -O2 are incorrectly
picked?

[Also, are there that man AMD64 machines with limited memory? Or IA64?]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366069: ITP: fusesmb -- filesystem client based on the samba file transfer protocol

[Anthony DeRobertis]

On Thu, May 04, 2006 at 10:29:25PM +0200, Samuel Mimram wrote:

>  fusesmb is a filesystem client based on the samba file transfer protocol.
>  .
>  It is based on FUSE (userspace filesystem framework for Linux), thus you will
>  have to prepare fuse kernel module to be able to use it.

Please explain in the long description how this is different/better than
the smbfs and cifs kernel file systems.

[Looking at the URL, it seems it has some sort of "network neighborhood"
thing built in.]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Policy change about `/usr/lib/cgi-bin' - Mass bug filing pending...

[Russ Allbery]

Alexis Sukrieh <[EMAIL PROTECTED]> writes:

> Then, I don't understand why we have this discussion _after_ the policy
> has been changed...

> I thought the policy was a trustable document, where developers could
> find guidelines for their work, it seems that it's not always true. Sad.

debian-policy, like every other package, will occasionally have bugs.
Let's not exaggerate.

> In the meantime, do you suggest to use lintian overrides for fixing this
> in webapp packages or purely ignoring the lintian complaints?

Given that I already modified lintian in Subversion for the Policy 3.7.2
release, I would vote that you just not worry about it.  There will be a
new upload of lintian shortly.  The point of syncing lintian to Policy
immediately is that I plan on *continuing* to sync lintian to Policy
immediately.  One of the advantages of doing this is that, since I'm
adding new tests for the testable changes in Policy as we go, people
actually *notice* Policy changes.  :)

lintian, like debian-policy and every other package, will also
occasionally have bugs.  This one in particular, in both cases, won't even
have migrated to testing.  It'll be fine, honest.

-- 
Russ Allbery ([EMAIL PROTECTED])   


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Compiling packages for the standard distribution with -Os instead of -O2

[Lionel Elie Mamane]

On Fri, May 05, 2006 at 03:54:57AM +0200, Goswin von Brederlow wrote:
> "Joe Smith" <[EMAIL PROTECTED]> writes:

>> Wait a second. Optimizing for size should decrease speed.
>> That is the whole idea of size/speed optimization tradeoffs.

> A lot of the time the reduced ram requirement can stop swapping (big
> speed increase) and improve the cache hit ratios.

Also, a good part of perceived slowness is loading the executable and
libraries from disk; that also gets faster with a smaller executable.

-- 
Lionel


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Work-needing packages report for May 5, 2006

[wnpp]

The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.

Total number of orphaned packages: 296 (new: 5)
Total number of packages offered up for adoption: 81 (new: 3)
Total number of packages requested help for: 19 (new: 1)

Please refer to http://www.debian.org/devel/wnpp/ for more information.



The following packages have been orphaned:

   galternatives (#365365), orphaned 5 days ago
 Description: graphical setup tool for the alternatives system
 Installations reported by Popcon: 293

   gnobog (#366013), orphaned today
 Description: GNOME Bookmarks Organizer
 Installations reported by Popcon: 84

   gnome-iconedit (#366012), orphaned today
 Description: A small tool to create icons for the gnome-desktop
 Installations reported by Popcon: 376

   qtorrent (#365959), orphaned yesterday
 Description: graphical BitTorrent client using Qt 3.x
 Installations reported by Popcon: 330

   rtlinux (#365717), orphaned 2 days ago (non-free)
 Description: Real-Time-Linux, a POSIX-compatible hard realtime
   operating system.
 Installations reported by Popcon: 41

291 older packages have been omitted from this listing, see
http://www.debian.org/devel/wnpp/orphaned for a complete list.



The following packages have been given up for adoption:

   id3ren (#365641), offered 3 days ago
 Description: id3 tagger and renamer
 Installations reported by Popcon: 386

   libecgi (#365474), offered 4 days ago
 Description: An ANSI C library for the creation of CGI applications
 Reverse Depends: libecgi-dev
 Installations reported by Popcon: 5

   linpqa (#365638), offered 3 days ago
 Description: freeware compiler and decompiler for PalmVII Palm Query
   Apps
 Installations reported by Popcon: 2

78 older packages have been omitted from this listing, see
http://www.debian.org/devel/wnpp/rfa_bypackage for a complete list.



For the following packages help is requested:

[NEW] apt-build (#365427), requested 5 days ago
 Description: Need new developer(s)
 Installations reported by Popcon: 395

   aboot (#315592), requested 315 days ago
 Description: Alpha bootloader: Looking for co-maintainers
 Reverse Depends: aboot aboot-cross dfsbuild ltsp-server
 Installations reported by Popcon: 54

   athcool (#278442), requested 555 days ago
 Description: Enable powersaving mode for Athlon/Duron processors
 Installations reported by Popcon: 211

   cvs (#354176), requested 70 days ago
 Description: Concurrent Versions System
 Reverse Depends: bonsai cvs-autoreleasedeb cvs-buildpackage cvs2cl
   cvs2html cvsconnect cvsd cvsdelta cvsps cvsreport (15 more omitted)
 Installations reported by Popcon: 6901

   docbook (#358522), requested 43 days ago
 Description: standard SGML representation system for technical
   documents
 Reverse Depends: alcovebook-sgml docbook-dsssl docbook-to-man
   sgmltools-lite
 Installations reported by Popcon: 3377

   docbook-xml (#358520), requested 43 days ago
 Description: standard XML documentation system, for software and
   systems
 Reverse Depends: dblatex docbook-dsssl docbook-ebnf
   docbook-html-forms docbook-jrefentry docbook-mathml docbook-simple
   docbook-slides docbook-website docbook-xsl-stylesheets-ko (6 more
   omitted)
 Installations reported by Popcon: 7503

   dpkg (#282283), requested 530 days ago
 Description: dselect: a user tool to manage Debian packages
 Reverse Depends: alien alsa-source and apt-build apt-src backuppc
   build-essential clamsmtp crosshurd cvs-autoreleasedeb (86 more
   omitted)
 Installations reported by Popcon: 12558

   grub (#248397), requested 724 days ago
 Description: GRand Unified Bootloader
 Reverse Depends: dfsbuild grub-splashimages grubconf replicator
 Installations reported by Popcon: 9367

   gtkpod (#319711), requested 284 days ago
 Description: manage songs and playlists on an Apple iPod
 Installations reported by Popcon: 316

   mwavem (#313369), requested 325 days ago (non-free)
 Description: Mwave/ACP modem support software
 Installations reported by Popcon: 4

   nas (#354174), requested 70 days ago
 Description: The Network Audio System
 Reverse Depends: abakus abuse acm acm4 alsaplayer-nas apollon ark
   arson asc audiooss (241 more omitted)
 Installations reported by Popcon: 8263

   openssl (#332498), requested 210 days ago
 Description: Secure Socket Layer (SSL) binary and related
   cryptographic tools
 Reverse Depends: afbackup afbackup-client amap amaya anon-proxy
   aolserver4-nsimap aolse