Re: Facilitating external repositories
]] Wouter Verhelst > Having said that, I do agree with you that we should not allow just > about anyone to create a repository which will be automatically trusted > by the whole Debian system. Establishing such a trust chain should, > indeed, require some vetting by at least one Debian Developer, so that > malicious packages can be rejected, if needs be. I've always been a bit unhappy about the idea of using keys to decide which repositories are trusted or not. The signature is there primarily to act as an anti-MITM tool. This is a bit similar (or maybe equivalent) to the difference between authentication and authorization for access control. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87sia2isgc@xoog.err.no
Re: Bug#787739: ITP: plip -- fully automated protein-ligand interaction profiler
On 06/05/2015 03:04 PM, Geert Stappers wrote: On Fri, Jun 05, 2015 at 02:08:37PM +0200, Simon Richter wrote: On 05.06.2015 11:25, Alex Mestiashvili wrote: This might be confusing to old people. PLIP is a protocol for transporting IP packets over the parallel port. I agree that the name is a bit ambiguous, but I see a couple of reasons why it is still might be ok: Yes, I also think it is probably okay -- I just wanted to mention that it might be confusing at first. In other words: 'plip' is a good name for the "protein-ligand interaction profiler" Groeten Geert Stappers Thank you for the answers, I'll go with the name "plip" mostly due to the potential problems with the repository renaming. Best regards, Alex -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55754adb.6000...@biotec.tu-dresden.de
Re: Invoking ‘init’ from an init.d script (Wheezy)
On Fri, Jun 5, 2015 at 7:39 PM, Konstantin Khomoutov wrote: > On Fri, 5 Jun 2015 16:25:21 +0200 > Alexander Thomas wrote: > > [...] >> That would be an option, but it might still cause the same problem of >> apt-get hanging as we currently experience when doing the update >> before runlevel S. >> >> We looked deeper into this and found out that apt-get always hangs >> while installing a package before the first runlevel switch. An strace >> reveals an endless loop of SIGCONT and ioctl calls. Running other >> commands that use ioctl also results in a hang, so the controlling >> terminal seems to lack certain capabilities at this stage. We have >> found a workaround: we spawn a new terminal with agetty and run the >> update script in there, this allows to perform the apt-get >> dist-upgrade in runlevel S and avoid the init 1 hack. > > I would try running apt-get with somelogfile 2>&1 > redirections: that should ensure it sees no terminal at all on its stdin > and that should avoid code paths dealing with TTY-related ioctls > altogether. (Well, excluding the isatty(3) call which supposedly uses > fstat(2) and checks to see the device's major number is that of a TTY). The https://lists.debian.org/cakr4ymxoqq0a-rvztymts3c371tgxocvx+yra96ovyy6y-d...@mail.gmail.com
Re: Invoking ‘init’ from an init.d script (Wheezy)
Hi, On 06/08/2015 10:29 AM, Alexander Thomas wrote: > We > falsely assumed that setting DEBIAN_FRONTEND=noninteractive > APT_LISTCHANGES_FRONTEND=none, and using the -y and --force-yes > options, would never invoke terminal-related code. Please be aware that --force-yes makes apt ignore invalid signatures for repositories, cf. https://bugs.debian.org/787174. It is a really unsafe option that should probably not be used in any automated way, though I have seen people do so in several places. Regards, Ansgar -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55756519.3080...@debian.org
Keysigning, Dublin, Wednesday (morning)?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I'm in Dublin on Wednesday and looking to add signatures to my Debian key. Is anyone available? preferably Morning, or evening, I have a meeting in the afternoon. regards Alastair - -- Alastair McKinstry, , , https://diaspora.sceal.ie/u/amckinstry Software is like Poetry - most of it shouldn't have been written. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVdWQUAAoJEMvmu05dmtOlHVMQAISLrSh5DuogyYW44vGZGpSw vz3P8AFz5ElfFDKXu7OVYOLigrPUz20t/k7IB5649HTie3APcQTs3YX8LI5cFjra Rk2PMwA1Lh+HD65gqRNmT89YtXzHDHyDdiPPO3TMilf0xyxONmFWigI3MmRDeSh8 FFEUcUkOJN1JZpoNpyUXKJ/gl7sv/+oQ2gUUOAq0HnTLFrYZULzLpNmSnsjvqONa vKGyJY3d6HtAt1P6t/X+SyYaKga0Wj+q/WiwZoWEDCBm6Cvneq121p8NpB8bbj6e XoUGggRnTl+UPdL/wHjd8ObxN0KPd1r9CAHDfjhDJfJlKwwxvgEMtAHSmLmHeyBy sBBmpmIrrmVLLoae1k63aJJgT8MO6NHl8elHTGXwhm3eC+THWDoW6zW9Oo3N5aPj PFjO7SD2cAy8Bdjh6yYqyt8tLQEC5uqZIWSMwraxfdWCnZBgEaeZiBcjTD7pMOKF 8YZXkiargk1F9B19nFXxvn7mP3eUSuyLfubWGt9UwbmEICHF7YCf341V4ANQSmAe Lo9QVqeifuWJAHAepucU6KDVFiwvTs8FvJha3SE/FknTGcGeCxsyCzPSTvwft/e9 XvDseOxy94uJAPqxLovhjq6AvT0cqtTHLkkGD3stv/nOFnSy+wGOEfl5LDUtinBk 0L8p7Q54s5rSQ1Ze36CA =rf7s -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55756414.3010...@debian.org
Re: Invoking ‘init’ from an init.d script (Wheezy)
On Mon, Jun 8, 2015 at 11:49 AM, Ansgar Burchardt wrote: > Hi, > > On 06/08/2015 10:29 AM, Alexander Thomas wrote: >> We >> falsely assumed that setting DEBIAN_FRONTEND=noninteractive >> APT_LISTCHANGES_FRONTEND=none, and using the -y and --force-yes >> options, would never invoke terminal-related code. > > Please be aware that --force-yes makes apt ignore invalid signatures for > repositories, cf. https://bugs.debian.org/787174. It is a really unsafe > option that should probably not be used in any automated way, though I > have seen people do so in several places. I know, but this is a closed system and nothing is pulled in from external repositories during this automated update. The stuff that is included in the local patch repository is thoroughly tested before release. Still, enforcing proper signing and getting rid of that --force-yes is on our TODO list. Regards, -- Alexander Thomas -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAKr4yMwunBRBYctToqw=ce9iebypixujvpbsehftp-6denb...@mail.gmail.com
Re: Facilitating external repositories
On 4 June 2015 at 17:18, Wouter Verhelst wrote: > - Run "apt-get update"; > - Install the "eid-mw" and/or "eid-viewer" packages. These two steps can be accomplished with a single APT URL, e.g.: install pkg which will refresh and install request package(s). Ubuntu's software centre is the default handler for apt: urls, and I believe there are other software packages also provide similar functionality. I don't believe there is an apt-url scheme to add a repository with a GPG key, but it would be very cool. Or, e.g. for apt repositories to become discoverable in general similar to how e.g. coreos/rkt URL discovery works to find containers and their gpg signatures derived from simple urls. Regards, Dimitri. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/canbhluir0_kvtj2krhlh+wrivn1uhjbsb-p7r6dwbeagoyn...@mail.gmail.com
Bug#788076: RFP: gtk3-nocsd -- LD_PRELOADable library to disable GTK+ 3 client side decoration
Package: wnpp Severity: wishlist * Package name: gtk3-nocsd Upstream Author : PCMan * URL or Web page : https://github.com/PCMan/gtk3-nocsd * License : LGPL-2.1 Description : LD_PRELOADable library to disable GTK+ 3 client side decoration gtk3-nocsd is a small LD_PRELOADable library used to disable the client side decoration (CSD) of GTK+ 3. Since GTK+ 3.10, its developers added a so-called header bar or custom title bar. With this and the client-side decoration, the original title bar and window border provided by the window manager are disabled by GTK+. This makes all GTK+ 3 programs look like alike. Even worse, this may break some window manager or compositors. Unfortunately, the GTK+ developers decided to be against the existing standards and provide no option to turn it off. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87y4jufma6@kiva6.ethz.ch
Bug#788075: ITP: deken -- minimal package management system for Pure Data externals
Package: wnpp Severity: wishlist Owner: IOhannes m zmoelnig * Package name: deken Version : 0.1 Upstream Author : Chris McCormick * URL : https://github.com/pure-data/deken * License : BSD-3-clause Programming Lang: Python, Tcl Description : minimal package management system for Pure Data externals deken is a package installer for Pure Data, that allows to search for externals in an online database and download pre-compiled binaries. It also comes with a tool that allows the creation (and upload) of such binaries. I intend to talk with upstream about the best way to (additionally) integrate the externals already packaged for Debian. I intend to do the packaging under the pkg-multimedia-maintainers team umbrella. fmards IOhannes -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150608115043.5972.89845.report...@umlautq.umlaeute.mur.at
mudlet bug #787354: icon had wrong license
Hi, I'm trying to work out what would be the best way forward for this. mudlet has an icon, mudlet.svg which had a cc-by-nc-sa license. I reported it to upstream who basically said "oh yeah, we stuffed up, not sure how it got there, fixed now". Do I need to rebuild mudlet for jessie to fix this? It seems to be quite a lot of mucking around just for something we know has the wrong license. If it needs rebuilding, does this mean I also have to muck around with the source file too as it has this the "incorrect file"? Alternatively I could make a note in the bug report and not make it a serious level so its not RC. - Craig -- Craig Small (@smallsees) http://enc.com.au/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint:5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5 -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150608124145.gb19...@enc.com.au
Re: mudlet bug #787354: icon had wrong license
On 2015-06-08 13:41, Craig Small wrote: I'm trying to work out what would be the best way forward for this. mudlet has an icon, mudlet.svg which had a cc-by-nc-sa license. I reported it to upstream who basically said "oh yeah, we stuffed up, not sure how it got there, fixed now". Do I need to rebuild mudlet for jessie to fix this? It seems to be quite a lot of mucking around just for something we know has the wrong license. With my SRM hat on, we're generally happy to consider the issue resolved if the package in unstable contains the correct license information and the file(s) involved are other distributable, as at that point it's basically a documentation issue rather than a licensing one. Assuming that's the case, no separate update for Jessie would be required. Regards, Adam -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/b7f1ed3de488419edafb587a328a0...@mail.adam-barratt.org.uk
Bug#788104: ITP: lfdk -- Linux Firmware Debug Kit - a tool to help debug PCI, IO and memory spaces
Package: wnpp Severity: wishlist Owner: Colin Ian King * Package name: lfdk Version : 0.1.0 Upstream Author : Merck Hung * URL : http://sourceforge.net/projects/lfdk/ * License : GPL-2+ Programming Lang: C Description : Linux Firmware Debug Kit - a tool to help debug PCI, IO and memory spaces Linux Firmware Debug Kit (lfdk) is a tool to help debug x86 firmware. It allows one to view memory space, IO space and PCI space which facilitates debugging firmware / resource settings. lfdk has a very similar user interface to the DOS "RU" memory editor. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/debian-devel
Re: DEB_SIGN_KEYID vs DEBSIGN_KEYID
On Sun, Jun 07, 2015 at 10:36:41AM +0200, Harald Dunkel wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Hi folks, > > Trying to get rid of my old GPG key I stumbled over this: > > For devscripts you can define a variable "DEBSIGN_KEYID". For > dpkg it is called "DEB_SIGN_KEYID". git-buildpackage doesn't Gbp has a keyid option. What would be the usecase for the env var? Cheers, -- Guido > support a keyid environment variable at all, as it seems. All > ignore the default-key option set in .gnupg/gpg.conf . > > Would it be possible to get a common line here? > > > Thanx in advance > Harri > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJVdAKZAAoJEAqeKp5m04HLtWIH/ilKMAmWhtOgEQhYYg0HejVR > xLvxAI2LJTpMI9Z2EkTwKjU0tVQNOJlupBlO42h3pt3zFNMgQkQPwlS6bNnNue34 > HHutVmo+9/ONz7aigIzUuELjNmk4DR/9UXWweUM+A/oDSwJx5Q/i05aPu0pOC7Wx > Sr9YGYznz1PTkoWqZ/2OJTdAGIhN801ElFt22hkykVDJwoqJym9bdEVQkrm90lky > lINvsFokS7rmMrvHFOMFJ5Bpp2MN4HLvwba0qzwxPs9m2hSpFUvRRMAxWYjtzi4l > 7CqyAjub+GRgqGZuDFQlDZM5efmeSNe8y6B95BlenE0ORAbDm5bGbZOVyz+1VCc= > =IXqs > -END PGP SIGNATURE- > > > -- > To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: https://lists.debian.org/55740299.1040...@afaics.de > -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150608164812.gb11...@bogon.m.sigxcpu.org
