Related follow-up issue:
Unable to boot LUKS-encrypted system
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103457
Related upstream discussion on hostonly mode versus portability:
* https://github.com/dracut-ng/dracut-ng/pull/1238
* https://github.com/dracut-ng/dracut-ng/issues/748
It is my hopefully reasonable expectations, that a generic initrd
(presumably "hostonly=no") does support LUKS encryption.
In any case, I very much prefer generic initrd. By "generic initrd", I
mean "create once - boot anywhere". Install on internal hard drive, copy
to USB, boot on another com
Package: pipewire
Severity: normal
PipeWire tested versions:
* 0.3.65 (bookworm)
* 1.2.3 (bookworm-backports)
Description of bug:
When using VirtualBox with the Audio Controller set to "Intel HD Audio"
in the VM's audio settings, videos (local or in-browser, e.g., YouTube)
fail to play and r
Package: dracut
Severity: important
Exactly the same issue as reported in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041614
is happening again.
Not duplicating here. [1]
This is happening because upstream has reverted the prior fix. [2]
[1] Why did I not post in the old bug? Because i
I am not opposing your recommendation; but I'm curious: did you have any of
these conditions in mind for the service? The early-init maybe?
Best would be to just keep it as is.
One of the reasons to keep haveged as mentioned in haveged readme:
> want to deploy an additional entropy source.
Package: haveged
Severity: important
Dear maintainer,
could you please update the new haveged version 1.9.18?
(But isn't haveged obsolete? No, it's not. See [1].)
Cheers,
Patrick
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999811#29
HAVEGED no longer considered obsolete.
This was bad wording from 2021.
This was revised in 2022. [1] Readme was also udpated in 2022. [2] Quote
from the new readme [3]:
> It means that HAVEGED service is now less relevant. However, it's
still useful in the following situations, when you
> .
Package: shim-signed
Severity: normal
Dear maintainer,
Debian's update-secureboot-policy [1] might be an outdated version of
Ubuntu's update-secureboot-policy [2]. Could you please update it?
Rationale? This might cause a broken DKMS feature to automatically
enroll the DKMS signing key. [3]
Package: dkms
Severity: normal
Dear maintainer,
as of Debian bookworm, the most non-intuitive, difficult for users to
figure out setup step that must be applied on Secure Boot enabled
systems is the following:
sudo mokutil --import /var/lib/dkms/mok.pub
This is documented in DKMS readme
Package: cowbuilder
Severity: normal
Dear maintainer,
even though I will be writing a lot about pbuilder, I am pretty sure
that this is a cowbuilder issue.
When running cowbuilder there is a warning:
> W: --override-config is not set; not updating apt.conf Read the
manpage for details.
Th
Fedora, Arch kept calling the package dracut. They did not add the "-ng"
appendix.
Would it be an option for Debian to keep calling it dracut even though
the git upstream repository will be changed to dracut-ng?
If permissible, that might be easier.
It seems unlikely that the dracut without
Package: wnpp
Severity: wishlist
X-Debbugs-CC: pkg-privacy-maintain...@lists.alioth.debian.org
* Package name: AppArmor.d
Version : 583aa2a119afdb0cd2e916eb618bc9bf48b98814
Upstream Author : Alexandre Pujol
* URL : https://github.com/roddhjav/apparmor.d
* License
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/2053153/
Package: general
Severity: wishlist
Feature request:
Change Debian's default umask to a more secure value such as umask 0077.
Why?
Quote Securing Debian Manual [1]
> Debian's default umask setting is 022 this means that files (and
directories) can be read and accessed by the user's group and
bug report / feature request:
Dear maintainer,
could you fix initramfs-tools compatibility with libpam-tmpdir and /tmp
mounted with noexec please?
Cheers,
Patrick
Ok, not a bug in cryptsetup-initramfs.
Let's reassign to initramfs-tools-core as a bug or feature request?
(Depending on how one wanted to look at it.)
Would that be appropriate?
And also forward to upstream, which has its issue tracker hosted at
launchpad initramfs-tools?
This is not a bug in a downstream distribution.
To reproduce this bug in Debian:
1) sudo apt install libpam-tmpdir
2) Mount /tmp with noexec.
Could this be fixed in Debian please?
f=~/Desktop/install-debian.desktop
gio set -t string "$f" metadata::xfce-exe-checksum "$(sha256sum "$f" |
awk '{print $1}')"
This bug is assigned to grub-pc (legacy BIOS). grub-efi (and probably
others) are however equally affected. Should this bug therefore be
re-assigned to grub?
I haven't found any bug report for grub-efi.
Is this bug report the reason why non-US keyboard layouts result in
broken password prompt
Didn't work for me but this did:
https://forum.xfce.org/viewtopic.php?id=16357
Hi Thomas,
understood.
Thank you for your elaboration and maintaining dracut in Debian!
Cheers,
Patrick
Package: mkosi
Severity: low
Dear maintainer,
as for the headline, I know "create legacy-free OS images" was the
original branding of the project.
mkosi know supports legacy BIOS booting. I see you already updated the
package description to reflect that.
Images are no longer "legacy-free".
https://salsa.debian.org/debian/dracut/-/merge_requests/20 was not
merged but will Debian get this change from upstream dracut when a new
version is uploaded to Debian?
Package: dracut-core
Severity: normal
When attempting to install dracut inside a chroot while libpam-systemd
wasn't installed, dracut showed an error message and the resulting image
was unbootable.
> ```
> dracut-install: ERROR: installing 'poweroff'
> dracut-install: ERROR: installing 'reboo
Package: src:linux
Severity: normal
Kernel module signature verification can be enabled using the
`module.sig_enforce=1` kernel parameter on non-EFI systems.
On non-EFI systems, `mokutil` won't work. But then how could one enroll
the key without needing to recompile grub or the kernel?
Can
On Debian bookworm:
sudo apt install libpam-tmpdir
is enough to break cowbuilder, which then calls pbuilder.
I: Installing the build-deps
-> Attempting to satisfy build-dependencies
-> Creating pbuilder-satisfydepends-dummy package
Package: pbuilder-satisfydepends-dummy
Version: 0.invalid.0
Package: fpc
Severity: wishlist
apt install fp-units-win-rtl
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Unable to locate package fp-units-win-rtl
fp-units-win-rtl is a virtual package. It is provided by real package
fp-units-win-rtl-3.2.2
Any update?
, then the Tor systemd
unit should be able to restore it without needing to re-install the tor
package.
I would suggest the following /usr/lib/tmpfiles.d/tor.conf file contents:
d /var/lib/tor 02700 debian-tor debian-tor -
Z /var/lib/tor/* 0660 debian-tor debian-tor -
Kind regards,
Patrick
The design looks great!
I posted several comments here:
https://salsa.debian.org/extrepo-team/extrepo-data/-/merge_requests/240
Cheers,
Patrick
libvirt upstream no longer depends on iptables for years.
source:
https://gitlab.com/libvirt/libvirt/-/issues/406#note_1176654618
Should be trivial and safe to switch to nftables?
Thanks to Laszlo Gombos, this has been reported upstream.
Generic initrd does not work with encrypted root FS without further
configuration
https://github.com/dracutdevs/dracut/issues/2437
This might be duplicate of:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029324
I've checked with 'sudo lsinitrd' and I can see that
usr/lib/systemd/systemd-cryptsetup is there but cryptsetup is missing.
File /usr/lib/dracut/modules.d/90crypt/module-setup.sh
check() {
local fs
# if cryptsetup is not installed, then we cannot support encrypted
devices.
require_
This is happening with legacy BIOS boot. I didn't test it with EFI booting.
This is reproducible with both,
- Debian installed using debian-installer (that can be started from the
ISO boot menu) (which sets up an encrypted LVM),
- as well as with Debian installed using calamares (which uses gru
initramfs.
/usr/lib/dracut/modules.d/90crypt/module-setup.sh
> inst_multiple cryptsetup rmdir readlink umount
But since it's unavailable inside the dracut rescue shell it seems to be
missing for some reason.
Kind regards,
Patrick Schleizer
One thing to consider: A few onions are tor+https but most are tor+http.
But I guess that's not an issue because http vs https is declared in the
repository configuration files.
I think this would be a nice feature to have, indeed.
Thank you for your interest in this feature!
However, give
duplicate of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032408
inary_rootfs also does not handle this case.
Why am I interested to use '--chroot-filesystem ext4'? Because it saves
a lot time during testing to skip squashfs creation.
Making the scripts resilient against this seems useful to me either way
as such as situation might also happen through other kinds of customization.
Kind regards,
Patrick Schleizer
Dear maintainer,
this was my mistake. (A build script had a workaround leftover for a bug
that was now fixed in bookworm.) Not a bug in udev.
Sorry for the noise!
Please close.
Thank you!
Kind regards,
Patrick
Package: udev
Severity: important
Dear maintainer,
there's an issue in file /usr/share/initramfs-tools/hooks/udev
During installation inside chroot:
update-initramfs: Generating /boot/initrd.img-6.1.0-9-amd64
W: No zstd in /usr/bin:/sbin:/bin, using gzip
E: /usr/share/initramfs-tools/hooks/ud
Package: extrepo
Severity: wishlist
Dear maintainer,
- most clearnet repositories are reachable over Tor. This is simple to
accomplish by using the apt-transport-tor package (in
packages.debian.org for a long time already) by using the tor+https
syntax in sources.list.
- More and more repos
Package: fpc
Severity: wishlist
Dear maintainer,
when compiling fpc from upstream, folder
/usr/lib/fpc/3.2.2/units/x86_64-win64 would contain dependencies
required for cross-compilation.
(source: Building on Debian, target: compilation for Windows 64 bit)
However, Debian lacks the pre-compi
Johannes Schauer Marin Rodrigues:
It's currently broken because `lb` uses (at least) the following
parameters which are unsupported by mmdebstrap:
* --download-only
By looking at the source code of live-build I am reasonably sure, this
might only be happening because I previously set:
`lh confi
Package: mmdebstrap
Severity: normal
Dear maintainer,
live-build's `lb build` uses some command line options which are
unsupported by mmdebstrap.
live-build currently doesn't support configuration of the debootstrap
program [1] but until/if it does, I simply used "sudo cp
/usr/bin/mmdebstra
Package: live-build
Severity: wishlist
Dear maintainer,
currently scripts/build/bootstrap_debootstrap hardcodes `debootstrap`.
debootstrap ${DEBOOTSTRAP_OPTIONS} "${LB_PARENT_DISTRIBUTION_CHROOT}"
chroot "${LB_PARENT_MIRROR_BOOTSTRAP}" ${DEBOOTSTRAP_SCRIPT}
There are however other implementa
Package: live-build
Severity: normal
Dear maintainer,
could you please add support for dracut?
related:
- live-build: netboot IPv6 only and NFSv4 → dracut
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006612
- https://packages.debian.org/dracut-live
- https://packages.debian.org/kiwi-dr
Package: tor
Severity: normal
Dear maintainer,
Tor fails to start a few times before succeeding to start. This is
likely because the tor@default.service systemd unit does not wait for
'network.target.'
symptom:
[FAILED] to start Anonymizing overlay network for TCP
This only started happenin
A ton of progress was made thanks to Jan Mojzis and Jérémy Lal.
https://alioth-lists.debian.net/pipermail/pkg-nginx-maintainers/2022q4/002051.html
libnginx-mod-http-brotli has entered Debian sid:
https://packages.debian.org/search?keywords=libnginx-mod-http-brotli
https://packages.debian.org/sid
Package: linux
Severity: normal
Dear maintainer,
In Debian, linux-headers-generic is a virtual package.
https://packages.debian.org/bullseye/linux-headers-generic
In Ubuntu, linux-headers-generic is a real package.
https://packages.ubuntu.com/linux-headers-generic
It depends at time of writi
Package: live-boot
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
the following is a regression in Debian bullseye. No such issue in
Debian buster.
Kernel command line 'debug=1' shows that live-boot attempts to run the
following mount command:
mount -t -o ro,noatime 'PA
grub-live dracut support has been implemented.
Package: live-boot
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
This is a feature request to adopt / re-implement grub-live.
It provides functionality to "Boot existing Host Operating System or VM
into Live Mode".
1. install Debian normally.
2. install grub-live
3. choose in grub boo
Perhaps a disabled by default $initscript?
Package: gajim
Severity: important
X-Debbugs-CC: whonix-de...@whonix.org
Quote https://dev.gajim.org/gajim/gajim/-/issues/10527
> Steps to reproduce:
>
> Configure gajim to encrypt messages using OMEMO to a specific contact
> Update Gajim to 1.3.1
> Restart Gajim, update the plugins
> Try to sen
Package: reprepro
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
could you please add phased updates support?
https://blog.jak-linux.org/2021/02/18/apt-2.2/
> APT now implements phased updates. Phasing is used in Ubuntu to slow
down and control the roll out of updates
Package: libgcrypt20
Severity: important
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
Quote Werner Koch [1]:
> We have to announce the availability of Libgcrypt version 1.9.1.
This version fixes a *critical security bug* in the recently released
version 1.9.0. If you are already using
Dear Debian Developer,
thank you for your consideration of packaging roughtime for Debian!
Would an (alternative) roughtime client be more suitable, easier for
packaging?
I've created a simple list with information about roughtime including a
roughtime client list. Will expand that list as other
Great, so we have this feature request for cryptsetup-initramfs side.
Created a separate feature requests for Debian dracut side:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978644
Also reported against dracut upstream:
https://github.com/dracutdevs/dracut/issues/997
Cheers,
Patrick
Posted a feature request against upstream dracut just now:
https://github.com/dracutdevs/dracut/issues/997
Package: dracut-core
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
systemd does not wipe the LUKS disk encryption key for root disk from
RAM during shutdown.
Quote myself [0]:
> Avoiding all sidelines, keeping this simple, for my understanding and
for the record and pl
Package: cryptsetup
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
systemd does not wipe the LUKS disk encryption key for root disk from
RAM during shutdown.
Quote myself [0]:
> Avoiding all sidelines, keeping this simple, for my understanding and
for the record and ple
Recently there has been some related activity here:
https://github.com/Debian/apt/pull/124
https://salsa.debian.org/apt-team/apt/-/merge_requests/141
Package: flatpak
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
as already reported upstream, org.chromium.Chromium does not work out of
the box in Debian buster.
https://github.com/flathub/org.chromium.Chromium/issues/31
As the ticket mentions, sysctl kernel.unprivileg
Asked about this on VirtualBox issue tracker.
https://www.virtualbox.org/ticket/19751
Answered by arudnev, Oracle Corporation:
> A part of Guest Additions source code is the part of OSE repository and
> licensed under GPLv2. Guest Additions build also includes big list of 3rd
> party files und
Package: virtualbox-guest-additions-iso
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
package virtualbox-guest-additions-iso is currently in Debian non-free
repository. I believe this is might be a mistake.
Copyright file [1] of the package is saying
> Disclaimer: This
Package: clamav-daemon
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
package clamav-daemon ships a file /usr/bin/clamonacc which is a
background virus scaning guard / real-time protection. It's currently
non-trivial to use.
sudo clamonacc
ERROR: Clamonacc: at least one
Package: rsync
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
could you please add the openssl-rsync script to the rsync package?
To test:
wget https://download.samba.org/pub/rsync/openssl-rsync
chmod +x openssl-rsync
rsync --rsh=./openssl-rsync --dry-run rsync://mirro
Package: dhcpcanon
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Debian buster dhcpcanon_0.8.5-2_all.deb debian/postinst lacks apparmor
integration which should be auto added by debhelper.
sudo aa-enforce /etc/apparmor.d/sbin.dhcpcanon
ERROR: Include file /etc/apparmor.d/local/sbin.dhcp
Could you please provide feedback for this stackable wrappers proposal?
* https://github.com/Whonix/proposals/blob/master/634-stackable-wrappers.txt
* https://phabricator.whonix.org/T634
Kind regards,
Patrick
> This is a deliberate choice that we have made, as there is no reason
to use vanguards unless onion services are being hosted.
I believe this is wrong.
source: https://blog.torproject.org/announcing-vanguards-add-onion-services
Quote:
(Underline is mine.)
"The add-on uses our Control Port Pr
Mattia Rizzolo:
>> The profile is tested with HexChat.
>>
>> https://github.com/Whonix/apparmor-profile-xchat
>
> What would you think of properly integreting it into the upstream
> package at https://github.com/hexchat/hexchat ?
That would be better indeed but I was sent here. :)
https://githu
Package: hexchat
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
could you please review and merge the following AppArmor profile?
Called "XChat" but the package name was just not renamed to "HexChat".
The profile is tested with HexChat.
https://github.com/Whonix/apparmo
Package: linux-image-amd64
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
package linux-image-amd64 seems to have an outdated dependency.
https://packages.debian.org/buster-backports/linux-image-amd64 shows
dep: linux-image-5.4.0-0.bpo.2-amd64 (= 5.4.8-1~bpo10+1)
https
Talked to upstream about stable security support.
To make Debian stable distribution support possible, upstream offered to
backport security patches from newer versions to whatever version is
frozen in Debian stable should that be required.
Mariusz Zaborski osho...@vexillium.org would do that.
K
Package: vanguards
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
on Debian buster after "sudo apt install vanguards" it is not enabled by
default.
sudo systemctl status vanguards
● vanguards.service - Additional protections for Tor onion services
Loaded: loaded (/l
Same issue. I've changed to building in a cowbuilder chroot to exclude
host issues. Also excluded it being a full disk issue.
kmk_builtin_append -n
"/home/user/whonix_binary/temp_packages_virtualbox/virtualbox-6.1.0-dfsg/out/obj/UICommon/gen/qtrcc/VirtualBox2_x3.gen.o.dep"
""
"/home/user/whonix_bi
Would it make sense to add a git fasttrack branch to
https://salsa.debian.org/pkg-virtualbox-team/virtualbox/ ?
Package: virtualbox
Severity: wishlist
X-Debbugs-CC: lu...@debian.org
Dear maintainer,
please kindly consider Debian fasttrack:
http://fasttrack.debian.net
And coordinating with it:
https://salsa.debian.org/fasttrack-team/support/issues/10
Thank you for maintaining VirtualBox in Debian!
Chee
Some scripts that might help:
- https://github.com/ivan-californias/vbox-sign-modules
- https://github.com/Majal/maj-scripts/blob/master/vboxsign
Or better a more generic solution of signing all DKMS modules:
https://gist.github.com/dop3j0e/2a9e2dddca982c4f679552fc1ebb18df
New versions of DKMS
Package: glibc
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
https://github.com/GrapheneOS/hardened_malloc
> RFP: hardened-malloc -- hardened memory allocator
> * Package name: hardened-malloc
> Version : 2.0
> Upstream Author : Daniel Micay
> * URL : http
Package: wnpp
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
* Package name: hardened-malloc
Version : 2.0
Upstream Author : Daniel Micay
* URL : https://github.com/GrapheneOS/hardened_malloc
* License : MIT
Programming Lang: C
Description : ha
Linux Kernel Runtime Guard (LKRG) protects the kernel. It provides
security through diversity. Similar to running an uncommon operating
system (kernel) would.
It renders whole classes of kernel exploits ineffective. Makes other
exploits less reliable and more difficult to write (see features and
s
Package: wnpp
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
* Package name: lkrg
Version : 0.7
Upstream Author : Adam 'pi3' Zabrocki
* URL : https://www.openwall.com/lkrg/
* License : GPL-2
Programming Lang: C
Description : Linux Kernel Runtim
Package: virtualbox
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Fetched the source package from sid. Trying to compile on buster.
kmk_builtin_append -n
"/home/user/sourcesother/vbox/virtualbox-6.0.14-dfsg/out/obj/VBoxGlobal/gen/qtrcc/VirtualBox2_x4.gen.o.dep"
""
"/home/user/sourcesot
Package: dpkg
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
It would be useful if there was something in between of 'Recommends:'
and 'Depends:'.
“Weak-Depends”
Similar to “Depends”. It lists packages that get installed when using
'apt --no-install-recommends meta-package', but any pa
> I'm not sure what security-misc exactly is
Inspired by Kernel Self Protection Project (KSPP)
Implements most if not all recommended Linux kernel settings (sysctl)
and kernel parameters by KSPP.
https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
On top of that does other things
Johannes Schauer:
> 1. file wishlist bugs against the wrappers, asking them to allow passing
> additional options to their $DEBOOTSTRAP invocation
I guess this is the cleaner way and should be attempted first.
That might also help to,
- make programs that use of $DEBOOTSTRAP switch to use
Package: lockdown
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Let's join forces before we independently reinvent everything. :)
* https://packages.debian.org/buster/lockdown
* https://packages.debian.org/buster/hardening-runtime
* https://github.com/Whonix/security-misc
Package: hardening-runtime
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
We now have (at least) three very similar packages.
* https://packages.debian.org/buster/lockdown
* https://packages.debian.org/buster/hardening-runtime
* https://github.com/Whonix/security-misc
Let's join forces
Happy to report that both invocations of grml-debootstrap and pbuilder /
cowbuilder are compatible with mmdebstrap.
Johannes Schauer:
> you seem to claim that mmdebstrap does not support the --arch argument. But it
> does. It does so by configuring Getopt::Long with auto_abbrev. This means that
>
Awesome! Great to know you're interested in this!
Good question. I am not sure what I meant with that either. :) Will look
into it again.
First thing:
debootstrap:
--arch=ARCH
mmdebstrap:
--architectures=native[,foreign1,...]
In other words, grml-debootstrap calls debootstrap wit
Package: mmdebstrap
Severity: normal
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
could you please make mmdebstrap compatible with grml-debootstrap,
pbuilder and cowbuilder?
These applications support setting a custom debootstrap but mmdebstrap
cannot yet serve as a drop-in replacement
https://savannah.gnu.org/bugs/index.php?56887
Package: grub2
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Could you please make it possible to do signature verification with
grub-pc too?
Rationale:
We, the maintainers of Linux distributions that primarily run inside VMs
(Whonix; Kicksecure) would like to implement verified boot.
Thank you very much for looking into this!
Does the following information help to make head or tail of this?
Otherwise, I will provide better instruction for reproduction.
László Böszörményi (GCS):
> How did you create that Buster chroot?
#!/bin/bash
set -x
set -e
img=/home/user/test.img
ex
Package: linux
Severity: wishlist
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
Could you please consider review and merge of linux-hardened patches
(free, Libre alternative to grsecurity).
https://github.com/anthraxx/linux-hardened
Alternatively perhaps as a separate package.
RFP: li
Package: wnpp
Severity: wishlist
X-Debbugs-CC: debian-ker...@lists.debian.org
* Package name: linux-hardened
Version : 5.2
Upstream Author : linux-hardened
* URL : https://github.com/anthraxx/linux-hardened
* License : GPL-2
Programming Lang: C
Description
Package: fuse
Severity: grave
X-Debbugs-CC: whonix-de...@whonix.org
Dear maintainer,
The following code from /var/lib/dpkg/info/fuse.postinst is failing.
if [ -e /dev/fuse ]
then
udevadm test --action -p $(udevadm info -q path -n /dev/fuse)
> /dev/null 2>&1
fi
+ [ -e /dev/fuse ]
+ ud
Actually, not an mmdebstrap issue.
My /etc/apt/apt.conf.d/99mmdebstrap contained:
Dpkg::Options force-confnew;
It should have been:
Dpkg::Options --force-confnew;
This caused the aptitude issue.
So this is rather an aptitude issue of non-helpful error messages and
not an mmdebstrap issue.
So
1 - 100 of 195 matches
Mail list logo
