Re: Bug#414534: ITP: sucrack -- multithreaded su bruteforcer

[Tim Brown]

On Monday 12 March 2007 18:25, Joerg Jaspert wrote:
> On 10956 March 1977, Tim Brown wrote:
> > Why package it?  Other than the practical uses outlined above, because
> > having binaries on a system outside of the package management system is a
> > PITA to keep track of / update and it makes building a new system very
> > quick.
>
> Why do I need a package for this? If i am able to install a package I
> have access to the files john needs. If i dont have it I copy it from
> elsewhere as a static binary anyway. (You know, we dont love static
> binaries in debian packages)

That's not strictly true - how do you audit ssh key phrases, or binaries which 
use an arbitrary obfuscation of the password in their user database?  The 
advantage of this package is that it can drive anything which prompts you for 
a password, which allows more varied uses.

TIm
-- 
Tim Brown




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Not depending on shlibs because of plugins?

[Christoph Berg]

Re: Russ Allbery 2007-01-06 <[EMAIL PROTECTED]>
> This is what I'd do.  Yes, it's a bunch of extra packages, but it clearly
> expresses the actual dependency structure, rather than an approximation of
> it, and that's usually a good thing in the long run.

As a very late follow up, here's what the rules file would have looked
like, paired with ${db-*:Depends} fields in control:

[...]
binary binary-arch: install
dh_installchangelogs -a ChangeLog
dh_installdocs -a
dh_movefiles -a
# compute shlib deps for libyada
dh_shlibdeps -a
# move plugins in place and compute deps for them
mv debian/tmp/usr/lib/libyada_*.so* debian/libyada4/usr/lib
dpkg-shlibdeps -T"debian/libyada4.substvars" -pdb-postgres 
-edebian/libyada4/usr/lib/libyada_pgsql.so.4
dpkg-shlibdeps -T"debian/libyada4.substvars" -pdb-mysql 
-edebian/libyada4/usr/lib/libyada_mysql.so.4
dpkg-shlibdeps -T"debian/libyada4.substvars" -pdb-sqlite 
-edebian/libyada4/usr/lib/libyada_sqlite3.so.4
# remove the libc dependency (already covered by dh_shlibdeps)
perl -i -pe 's/libc\d \(>= [0-9.-]+\), // if /^db-/' 
debian/libyada4.substvars
# make sure there's only one dep per plugin (otherwise A | B | C won't 
work)
if egrep '^db-.*,' debian/libyada4.substvars ; then exit 1 ; fi
dh_strip -a
dh_compress -a
dh_fixperms -a
dh_makeshlibs -a
dh_installdeb -a
dh_gencontrol -a
dh_md5sums -a
dh_builddeb -a
[...]

I went the other way though, there's now separate packages for the sql
backend wrappers. (Which promptly triggered a "circular dependency
hell" bug report - #414691.)

Christoph
-- 
[EMAIL PROTECTED] | http://www.df7cb.de/


signature.asc
Description: Digital signature

Re: What happened to Agnula.org (DeMuDi)?

[Tomas Nykung]

RalfGesellensetter wrote:

> 
> Maybe I'd rather go for the Suse Multimedia Live CD.
>
ftp://ftp.suse.com/pub/suse/i386/live-cd-9.2/SUSE-Linux-9.2-LiveCD-Audio.iso

This is OT for this mailinglist, but...

DeMuDi is dead, SUSE 9.2 is antique and AFAIK not security supported
anymore.

I would recommend you to try out 64Studio.
http://64studio.com

It's based on Debian testing (Etch).
Note that there is both a 64 bit and a 32 bit version available, be
sure to download the correct version for your hardware if you
decide to try it.


Tomas


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: dpkg-genchanges: warning: package XYZ in control file but not in files list

[Michelle Konzack]

Hallo Roman,

Am 2007-03-08 22:01:25, schrieb Roman Müllenschläder:
> Am Donnerstag, 8. März 2007 schrieb Roman Müllenschläder:
> > Hi there ...
> >
> > I've got a little problem ;)
> 
> Sorry .. will never user reply for a new message anymore ;)

Things happen!

I create a new debian/control on the fly.

Thanks, Greetings and nice Day
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant


-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
# Debian GNU/Linux Consultant #
Michelle Konzack   Apt. 917  ICQ #328449886
   50, rue de Soultz MSM LinuxMichi
0033/6/6192519367100 Strasbourg/France   IRC #Debian (irc.icq.com)


signature.pgp
Description: Digital signature

Bug#414737: ITP: scratchbox2 -- Transparent cross compiling environment

[Riku Voipio]

Package: wnpp
Severity: wishlist
Owner: Riku Voipio <[EMAIL PROTECTED]>


* Package name: scratchbox2
  Version : 0.0.1
  Upstream Author : Lauri Leukkunen <[EMAIL PROTECTED]>
* URL : http://rahina.org/sb2/
* License : LGPL
  Programming Lang: C, lua
  Description : Transparent cross compiling environment

Scratchbox2 uses a LD_PRELOAD library to create a transparent cross
compiling environment. Scratchbox2 automatically maps file system accesses to
crosscompiler, target libraries and headers using a flexible lua path mapping
engine. Together with CPU transparency, provided by qemu or sbrsh,
scratchbox2 enables fast crosscompiling without modifying build scripts.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

May one use ~rc1 within versions although older lintians are complaining?

[Roman Müllenschläder]

Hi there ...

I'm packaging for debian right now and wanted to now if I may use a version 
number like: 1.0.8~rc1-1 ?

Reason is the following: I have this packages on my repository for making it 
available to users for testing puposes. I know that the initial release 
should be 1.0.8-1. So if I do updates on the package now, I can't increment 
the version (which is now 1.0.8-1).

So my wish would be to use 1.0.8~rc1-1/2/3... until initial release which will 
be 1.0.8-1 then.

My version of lintian is 1.23.22 and it gives error if I use this version 
number and I'm fearing these error prevent the package from beeing 
sponsored !?

Lg
Roman


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: May one use ~rc1 within versions although older lintians are complaining?

[Margarita Manterola]

On 3/13/07, Roman Müllenschläder <[EMAIL PROTECTED]> wrote:


I'm packaging for debian right now and wanted to now if I may use a version
number like: 1.0.8~rc1-1 ?


If you use that number, the upstream version should be 1.0.8~rc1.  Is
that the upstream number?  If you want to have release candidates of
your _own_ package, you should do: 1.0.8-1~rc1


My version of lintian is 1.23.22 and it gives error if I use this version
number and I'm fearing these error prevent the package from beeing
sponsored !?


What's the error given by lintian?

The versions for lintian (from packages.qa.debian.org) are:

Stable: 1.23.8
Testing:1.23.28
Unstable:  1.23.28

So, why are you using a version that's not the one in testing, nor the
one in stable?

--
Besos,
Marga

Re: May one use ~rc1 within versions although older lintians are complaining?

[Roman Müllenschläder]

Am Dienstag, 13. März 2007 schrieb Margarita Manterola:
> On 3/13/07, Roman Müllenschläder <[EMAIL PROTECTED]> wrote:
> > I'm packaging for debian right now and wanted to now if I may use a
> > version number like: 1.0.8~rc1-1 ?
>
> If you use that number, the upstream version should be 1.0.8~rc1.  Is
> that the upstream number?  If you want to have release candidates of
> your _own_ package, you should do: 1.0.8-1~rc1

So the versions will be 1.0.8-1~rc1(2,3,4) ?

> > My version of lintian is 1.23.22 and it gives error if I use this version
> > number and I'm fearing these error prevent the package from beeing
> > sponsored !?
>
> What's the error given by lintian?

It gives:
bad-version-number
and
bad-version-in-relation depends:

> The versions for lintian (from packages.qa.debian.org) are:
>
> Stable: 1.23.8
> Testing:1.23.28
> Unstable:  1.23.28
>
> So, why are you using a version that's not the one in testing, nor the
> one in stable?

Because my laptop, where I'm building the packages on, is running Edgy ;)

Maybe I should compile lintian by hand ... tried using sources from feisty but 
they need to much dependencies ...

LG
Roman

Re: May one use ~rc1 within versions although older lintians are complaining?

[sean finney]

hi roman,

On Tue, 2007-03-13 at 20:23 +0100, Roman Müllenschläder wrote:
> Am Dienstag, 13. März 2007 schrieb Margarita Manterola:
> > On 3/13/07, Roman Müllenschläder <[EMAIL PROTECTED]> wrote:
> > > I'm packaging for debian right now and wanted to now if I may use a
> > > version number like: 1.0.8~rc1-1 ?
> >
> > If you use that number, the upstream version should be 1.0.8~rc1.  Is
> > that the upstream number?  If you want to have release candidates of
> > your _own_ package, you should do: 1.0.8-1~rc1
> 
> So the versions will be 1.0.8-1~rc1(2,3,4) ?

i would disagree and suggest your original versioning scheme with
1.0.8~rc1-1.  or, if upstream isn't using that particular naming scheme,
you might want to make it clearer with
1.0.8~somethingthatidentifiesyou1-1 or something similar.

my rationale is that if you do 1.0.8-1~rc1, you're in effect saying that
it *is* upstream version 1.0.8, (and a debian revision << -1).  but if
you do 1.0.8~foo-1, you're saying that it's << upstream version 1.0.8.

but that's just imho, maybe there are arguments for doing it the other
way as well.


sean


signature.asc
Description: This is a digitally signed message part

Re: May one use ~rc1 within versions although older lintians are complaining?

[Margarita Manterola]

On 3/13/07, sean finney <[EMAIL PROTECTED]> wrote:

On Tue, 2007-03-13 at 20:23 +0100, Roman Müllenschläder wrote:
> > If you use that number, the upstream version should be 1.0.8~rc1.  Is
> > that the upstream number?  If you want to have release candidates of
> > your _own_ package, you should do: 1.0.8-1~rc1
> So the versions will be 1.0.8-1~rc1(2,3,4) ?


Yes.


i would disagree and suggest your original versioning scheme with
1.0.8~rc1-1.  or, if upstream isn't using that particular naming scheme,
you might want to make it clearer with
1.0.8~somethingthatidentifiesyou1-1 or something similar.

my rationale is that if you do 1.0.8-1~rc1, you're in effect saying that
it *is* upstream version 1.0.8, (and a debian revision << -1).  but if
you do 1.0.8~foo-1, you're saying that it's << upstream version 1.0.8.


My suggestion was only for the case when the upstream version _IS_
1.0.8, and the maintainer is relasing "release candidates" of the
Debian package, not of the upstream version.

If the release candidates are of the 1.0.8 version itself, then the
original tarball should be called foo_1.0.8~rc1.orig.tar.gz, and
lintian shouldn't complain.

--
Besos,
Marga

Re: May one use ~rc1 within versions although older lintians are complaining?

[Peter Samuelson]

[Roman Müllenschläder]
> > So, why are you using a version that's not the one in testing, nor the
> > one in stable?
> 
> Because my laptop, where I'm building the packages on, is running Edgy ;)

I know I'm stating the obvious here ... but you shouldn't try to
develop packages for Debian exclusively on Ubuntu systems.  You won't
be able to test your packages.  Not being able to test your packages is
generally considered a Bad Thing.  (Or you at least tell your sponsor
"this package has not been tested on Debian", right?)


signature.asc
Description: Digital signature

Re: May one use ~rc1 within versions although older lintians are complaining?

[Roman Müllenschläder]

Am Dienstag, 13. März 2007 schrieb Peter Samuelson:
> [Roman Müllenschläder]
>
> > > So, why are you using a version that's not the one in testing, nor the
> > > one in stable?
> >
> > Because my laptop, where I'm building the packages on, is running Edgy ;)
>
> I know I'm stating the obvious here ... but you shouldn't try to
> develop packages for Debian exclusively on Ubuntu systems.  You won't
> be able to test your packages.  Not being able to test your packages is
> generally considered a Bad Thing.  (Or you at least tell your sponsor
> "this package has not been tested on Debian", right?)

Why is every question I'm asking here treated like me beeing a child in time, 
not able to do the logical?

Testing a package is useless and senseless ... I know that well!

SCNR

Lg
Roman

Re: May one use ~rc1 within versions although older lintians are complaining?

[Roman Müllenschläder]

Am Dienstag, 13. März 2007 schrieb Margarita Manterola:
> On 3/13/07, sean finney <[EMAIL PROTECTED]> wrote:
> > On Tue, 2007-03-13 at 20:23 +0100, Roman Müllenschläder wrote:
> > > > If you use that number, the upstream version should be 1.0.8~rc1.  Is
> > > > that the upstream number?  If you want to have release candidates of
> > > > your _own_ package, you should do: 1.0.8-1~rc1
> > >
> > > So the versions will be 1.0.8-1~rc1(2,3,4) ?
>
> Yes.
>
> > i would disagree and suggest your original versioning scheme with
> > 1.0.8~rc1-1.  or, if upstream isn't using that particular naming scheme,
> > you might want to make it clearer with
> > 1.0.8~somethingthatidentifiesyou1-1 or something similar.
> >
> > my rationale is that if you do 1.0.8-1~rc1, you're in effect saying that
> > it *is* upstream version 1.0.8, (and a debian revision << -1).  but if
> > you do 1.0.8~foo-1, you're saying that it's << upstream version 1.0.8.
>
> My suggestion was only for the case when the upstream version _IS_
> 1.0.8, and the maintainer is relasing "release candidates" of the
> Debian package, not of the upstream version.

That's the case!

> If the release candidates are of the 1.0.8 version itself, then the
> original tarball should be called foo_1.0.8~rc1.orig.tar.gz, and
> lintian shouldn't complain.

Now that well!

The problem is that the mentioned lintian warning was fixed in .27 .. so if 
testing and unstable are using .28, there should be no problem with just 
ignoring the warnings for now and see what my _tests_ on debian will 
announce!

Thx
Roman

Re: May one use ~rc1 within versions although older lintians are complaining?

[The Fungi]

On Tue, Mar 13, 2007 at 08:23:16PM +0100, Roman Müllenschläder wrote:
[...]
> Because my laptop, where I'm building the packages on, is running
> Edgy ;)
[...]

If you're developing packages for Debian, not Ubuntu, I would
suggest at a minimum that you do your builds in a Sid chroot
(pbuilder and/or UML work well for this too, depending on how
powerful your system is). I do packaging solely for Debian and yet I
*still* use a chroot to build, and usually a virtual server when
testing out the results.
-- 
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP([EMAIL PROTECTED]); IRC([EMAIL PROTECTED]); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER([EMAIL PROTECTED]);
MUD([EMAIL PROTECTED]:6669); WWW(http://fungi.yuggoth.org/); }


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: May one use ~rc1 within versions although older lintians are complaining?

[Roman Müllenschläder]

Am Dienstag, 13. März 2007 schrieb The Fungi:
> On Tue, Mar 13, 2007 at 08:23:16PM +0100, Roman Müllenschläder wrote:
> [...]
>
> > Because my laptop, where I'm building the packages on, is running
> > Edgy ;)
>
> [...]
>
> If you're developing packages for Debian, not Ubuntu, I would
> suggest at a minimum that you do your builds in a Sid chroot
> (pbuilder and/or UML work well for this too, depending on how
> powerful your system is). I do packaging solely for Debian and yet I
> *still* use a chroot to build, and usually a virtual server when
> testing out the results.

Second time in this thread I have to tell that I'm not baking my packages in 
an oven and pray they will run on debian ...

This was not my question! I had a straight question and did already get the 
answer. 

Thx anyway ... 

Xcuse for beeing that rude, but it's the 5th mail I send to debian lists and 
always got arrogant answers. Is this a way for DD's to show they are 
different, better or what?

For nearly 5 years I work with opensource and love debian! But my efforts 
since the last 3 month of making debian packages showed up a complete 
different side ... sadly!
Giving me an impression of elitist.

How comes?

Lg
Roman

Btw. pls stop cc'ing me! I'm subscribed and hate deleting neddless mails!

Re: May one use ~rc1 within versions although older lintians are complaining?

[Ben Finney]

Roman Müllenschläder <[EMAIL PROTECTED]> writes:

> Am Dienstag, 13. März 2007 schrieb The Fungi:
> > On Tue, Mar 13, 2007 at 08:23:16PM +0100, Roman Müllenschläder wrote:
> > > Because my laptop, where I'm building the packages on, is running
> > > Edgy ;)
> >
> > If you're developing packages for Debian, not Ubuntu, I would
> > suggest at a minimum that you do your builds in a Sid chroot
> > (pbuilder and/or UML work well for this too, depending on how
> > powerful your system is). [...]
>
> Second time in this thread I have to tell that I'm not baking my
> packages in an oven and pray they will run on debian ...

I'm not sure why you mention it here. The post you're replying to
contains a suggestion to build in a chroot; it says nothing to suggest
you're doing things improperly.

> Xcuse for beeing that rude, but it's the 5th mail I send to debian
> lists and always got arrogant answers. Is this a way for DD's to
> show they are different, better or what?

You may be reading unpleasant things where they are not in the message.

> Btw. pls stop cc'ing me! I'm subscribed and hate deleting neddless
> mails!

I concur. This practice (copies of messages to people who didn't ask
for them) is against the explicit code of conduct for the Debian
mailing lists http://www.debian.org/MailingLists/#codeofconduct>.

-- 
 \   "If you do not trust the source do not use this program."  -- |
  `\ Microsoft Vista security dialogue |
_o__)  |
Ben Finney


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Free laptop...? Here is how.....

[John Hamel]

Quote:
"Notebooks4free is a way for you to get totally FREE stuff! We have partnered 
with large online advertisers looking to acquire new customers. In 
exchange for trying cool online offers, you can receive free products. Our 
company, Notebooks4free, started over 5 years ago and has quickly 
become a recognized leader in online pay-for-performance customer acquisition 
for well-known advertisers. Inc. magazine recently named us the 18th 
fastest growing company in the U.S. on their prestigious 500 list and we feel 
like we have only just begun!"

How to get Your FREE LAPTOP of choice:

Hello,
Everyone knows those free sites that claim to work right, well they are 
actually legit, I need 20 referrals for my free laptop of my choice. This 
laptop is 
needed for school and I don't have enough money, so I'm doing Notebooks4free. 
They have really easy stuff like a blockbuster trial and other things 
that you can cancel and never get billed for. Anyways, if you want to check it 
out, here is the link: http://www.notebooks4free.com/default.aspx?r=783924 
company doesn't scam or anything, the catch: I need 20 referrals to sign up 
with my link and Complete 1 offer with bogus information. You get your 
own FREE LAPTOP too after you sign up and get 20 other people to sign up. Cool, 
even if it does take you a while to get your referrals just think it is still 
free. 
Not much to lose.

( Literally it takes like only a couple of weeks to get all the referrals you 
need and once that it is done you will have your laptop shipped)

Im not lieing or advertising, i am just like you, I want a Laptop. I had 
previously gotten free stuff from this same site so I know that it works.

Please use my link when going to sign up at Notebooks4free.

http://www.notebooks4free.com/default.aspx?r=783924


Good-luck and ThankYou, "Help Me, Help You!"
John Hamel   


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#414844: ITP: tweak -- an efficient hex editor

[Daniel Kahn Gillmor]

Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor <[EMAIL PROTECTED]>


* Package name: tweak
  Version : 3.01
  Upstream Author : Simon Tatham <[EMAIL PROTECTED]>
* URL : http://www.chiark.greenend.org.uk/~sgtatham/tweak/
* License : MIT
  Programming Lang: C
  Description : an efficient hex editor

 Tweak is a hex editor. It allows you to edit a file at very low
 level, letting you see the full and exact binary contents of the
 file. It can be useful for modifying binary files such as
 executables, editing disk or CD images, debugging programs that
 generate binary file formats incorrectly, and many other things.
 .
 It is written by Simon Tatham, who publishes it at
 http://www.chiark.greenend.org.uk/~sgtatham/tweak/


-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Huge cache dirs in $HOME

[Pierre THIERRY]

Hi,

I just discovered today that some packages can store pretty huge cache
data in my $HOME, and found that rather problematic. When I backup my
home, I don't want to waste backup space or time to do it, because I
have to check what eats space and tell if it's cache data.

Couldn't such packages, like beagle and tracker, just use the standard
directory for that purpose, like specified in XDG's basedir?

That would be very helpful, I find.

Could it be made mandatory, for packages that produce rather big caches,
like indexing tools?

Separately,
Pierre
-- 
[EMAIL PROTECTED]
OpenPGP 0xD9D50D8A


signature.asc
Description: Digital signature