On Wed, Dec 03, 2003 at 10:20:14AM -0500, Anthony DeRobertis wrote:
> Please, please, use debian- or some other prefix! That shouldn't confuse
> any rational person
What about sys- as a prefix?
--
gram
signature.asc
Description: Digital signature
On Wed, 2003-12-03 at 21:04, Graham Wilson wrote:
> If you don't have much time for xml-resume-library, I am sure that you
> can give it to the Debian XML/SGML Project. Or you could even
> co-maintain it with us. Whatever works for you.
That sounds cool. I'm all about co-maintenance. So we'll m
On Tue, 2 Dec 2003, Andrea Glorioso wrote:
> > "t" == Tom <[EMAIL PROTECTED]> writes:
> t> One of the "flavors" linked to on
> t> http://www.debian.org/devel/debian-nonprofit/ is www.demudi.org
> t> --
>
> t> which is running IIS on Windows 2000!
> A little update.
> www.de
Dan Jacobson <[EMAIL PROTECTED]> writes:
> I recall prepending a nohup:
> [EMAIL PROTECTED] nohup invoke-rc.d xdm stop
> solved the problem. So maybe a nohup or trap inside /etc/init.d/xdm
> would be what you want. The only problem left then would be cleaning
> up the nohup.out created.
>
> Thi
Anthony DeRobertis <[EMAIL PROTECTED]> writes:
> On Wed, 2003-12-03 at 05:23, Manoj Srivastava wrote:
>
> > Because it buys little security wise?
>
> I can take a rescue disk, a CD with relevant packages on it, boot the
> suspect server from the rescue disk, and quickly check md5sums. At
>
On Wed, Dec 03, 2003 at 05:26:59PM -0500, Colin Walters wrote:
> On Fri, 2003-11-28 at 20:49, Martin Michlmayr wrote:
> > Okay, if I'm counting correctly, gnome-mag and xml-resume-library have
> > not been taken yet. Is anyone interested in these packages? Note
> > that gnome-mag has a RC outstan
Matt Zimmerman <[EMAIL PROTECTED]> writes:
> On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote:
>
> > Matt Zimmerman <[EMAIL PROTECTED]> writes:
> >
> > > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote:
> > >
> > > > But this kind of tampering _can_ be c
Wouter Verhelst <[EMAIL PROTECTED]> writes:
> Op wo 03-12-2003, om 10:09 schreef Andreas Barth:
> > > > file back signed by the build admin. The debian archive scripts
> > > > accepts packages signed by a buildd-key only if it is a binary package
> > > > for this architecture, the key is valid (i.
Manoj Srivastava <[EMAIL PROTECTED]> writes:
> On Mon, 1 Dec 2003 17:12:36 -0500, christophe barbe <[EMAIL PROTECTED]> said:
>
> > I don't see why adding a md5dsum_are_mandatory clause to the debian
> > policy would be difficult (what would be a good reason to not add
> > md5sum to a package?).
"Bernhard R. Link" <[EMAIL PROTECTED]> writes:
> * Manoj Srivastava <[EMAIL PROTECTED]> [031203 20:12]:
> > Before we make such a push, we should at least ensure that it
> > is something we really want to do. I think locally generated
> > checksums are a better solution.
>
> I don't think s
On Wed, Dec 03, 2003 at 04:23:33AM -0600, Manoj Srivastava wrote:
> On Mon, 1 Dec 2003 17:12:36 -0500, christophe barbe <[EMAIL PROTECTED]> said:
>
> > I don't see why adding a md5dsum_are_mandatory clause to the debian
> > policy would be difficult (what would be a good reason to not add
> > md5
I recall prepending a nohup:
[EMAIL PROTECTED] nohup invoke-rc.d xdm stop
solved the problem. So maybe a nohup or trap inside /etc/init.d/xdm
would be what you want. The only problem left then would be cleaning
up the nohup.out created.
This could also be done for other /etc/init.d/?dm's.
On Wed, 2003-12-03 at 17:47, Bernd Eckenfels wrote:
> On Wed, Dec 03, 2003 at 05:26:59PM -0500, Colin Walters wrote:
> > I'll take xml-resume-library back
>
> ok, i will stop to work on it
If you have any patches I'd be happy to take them...
signature.asc
Description: This is a digitally signe
On Wed, Dec 03, 2003 at 02:57:11AM +0100, Bernd Eckenfels wrote:
> On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> > The only way to have avoided this kernel vulnerability from day-0 of
> > discovery/fix release would have been to be constantly upgrading to
> > pre-release kernels
> You hit the nail on the head!! What we really need is a serious well
> experienced network/security admin/engineer who can help architect the
> system.
You could probably find some candidates from within the Debian community.
Perhaps a DD could comment on which mailing list would be appropriate
On Wed, 2003-12-03 at 19:34, Thomas Wana wrote:
> P.S.: in the pasted part:
>
> $ FreeBSD 5.1-RELEASE-p11 #0: Thu Nov 27 15:07:08 CET 2003
> FreeBSD: not found
>
Ah, wonderful... I need a new sig to torment my ex boss with.
Scott
--
Have you ever, ever felt like this?
Had strange things happe
On Wed, 2003-12-03 at 05:23, Manoj Srivastava wrote:
> Because it buys little security wise?
I can take a rescue disk, a CD with relevant packages on it, boot the
suspect server from the rescue disk, and quickly check md5sums. At
least, if all packages had md5sums I could.
signature.asc
The security advisory does not mention these (the current 2.4.x kernels
available in sarge), and the upstream fix is apparently not until 2.4.23.
Can we get an announcement as to the safety of these Debian packages?
--
Nathanael Nerode
http://home.twcny.rr.com/nerode/neroden/fdl.html
On Wed, Dec 03, 2003 at 10:48:57AM -0800, bruce wrote:
> Our goals:
> * Provide Project Management
> * Provide a Development Network of Servers
> * Provide Test Servers
> * Allow users to configure Test Servers as Required
> * Allow users to build/execute/test their code on the Test Servers
>
On Thu, Dec 04, 2003 at 10:27:57AM +1100, Russell Coker wrote:
> Current fingerprint readers have been shown to be very unreliable. Both
> false-positives and false-negatives are big problems.
and normally they cant be used over untrusted channels/terminals, since they
work with
a shared secret
On Thu, Dec 04, 2003 at 10:18:44AM +1100, Russell Coker wrote:
> > > What about RSA tokens? This solution does not require any special
> > > hardware to connect on the client side.
> > This also means it does not provide any additional security, besides the
> > costs.
> What makes you think that?
On Wed, Dec 03, 2003 at 06:30:16PM +0100, Jeroen van Wolffelaar wrote:
> On Wed, Dec 03, 2003 at 05:44:36PM +0100, Santiago Vila wrote:
> > file=main/libp/libpng/libpng2_1.0.12-3.woody.3_i386.deb
> > wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
> > wget -q -O 2.deb http://security.debia
Le mercredi 03 décembre 2003 à 14:00:51, Russell Coker a écrit:
> I agree that smartcards would help a lot. However as has been previously
> suggested the cost of 1200+ smart-card readers is probably prohibitive.
I don't know how a USB dongle compares with a smart card reader
regarding price.
>
On Wednesday 03 December 2003 21:31, Zenaan Harkness wrote:
> I agree. I would like to see .desktop standard adopted. There have been
> a few threads I have seen so far, and there seems to be some level of
> resistance to the idea.
The silly question is : What does our actual menu system provide t
On Wed, Dec 03, 2003 at 11:42:06PM +0100, Bernd Eckenfels wrote:
> On Wed, Dec 03, 2003 at 10:34:13AM +0100, Artur R. Czechowski wrote:
> > What about RSA tokens? This solution does not require any special hardware
> > to connect on the client side.
> This also means it does not provide any additio
On Thu, 4 Dec 2003 02:32, Manoj Srivastava <[EMAIL PROTECTED]> wrote:
> An even better security guideline is "something you are" -- so
> should we not spring for retinal scanners/fingerprint readers/other
> buiometrics? I mean, we _are_ talking about other peoples money. :P
Biometric sca
On Thu, 4 Dec 2003 09:42, Bernd Eckenfels <[EMAIL PROTECTED]> wrote:
> On Wed, Dec 03, 2003 at 10:34:13AM +0100, Artur R. Czechowski wrote:
> > What about RSA tokens? This solution does not require any special
> > hardware to connect on the client side.
>
> This also means it does not provide any a
Le mardi 02 décembre 2003 à 17:19:22, Tom a écrit:
> Smartcards would have avoided the Debian compromise: merely having a
> compromised DD box would have prevented bad guy from getting on the box
On Wed, 03 Dec 2003, Andreas Metzler wrote:
> Steve Greenland <[EMAIL PROTECTED]> wrote:
> [...]
> > I think the idea of a namespace for usernames used by packages is a good
> > idea, but rather than "debian-", we should take this to the LSB folk, so
> > that we can get it done once.
>
> The prob
On Thu, 4 Dec 2003 05:02, Andreas Schuldei <[EMAIL PROTECTED]> wrote:
> * Russell Coker ([EMAIL PROTECTED]) [031203 04:03]:
> > I have sent a message to Werner asking if the GPG smart-card device could
> > be re-implemented with a USB interface. I think that a USB dongle with
> > GPG technology wo
On Wed, Dec 03, 2003 at 05:26:59PM -0500, Colin Walters wrote:
> I'll take xml-resume-library back
ok, i will stop to work on it
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD [EMAIL PRO
On Thu, Dec 04, 2003 at 12:03:52AM +1100, Russell Coker wrote:
> For an initial order of 1200 units and the potential for other larger orders
> they may reconsider this.
There are some more tokens, which are baed on the open X9.9 DES protcol and
not the secret SecureID stuff.
Greetings
Bernd
--
On Wed, Dec 03, 2003 at 10:34:13AM +0100, Artur R. Czechowski wrote:
> What about RSA tokens? This solution does not require any special hardware
> to connect on the client side.
This also means it does not provide any additional security, besides the costs.
Greetings
Bernd
--
(OO) -- [EM
On Mon, 01 Dec 2003 11:16:53 -0700, Liberty Young <[EMAIL PROTECTED]> said:
> I'm installing by tarball. Unfortunately, my embedded OS doesn't
> have apt or dpkg (yet). I was thinking that make-kpkg modules_image
> or kernel_image would include in the packaged .deb a modules.dep
> that would inc
* Marc Haber
> The way -config does the configuration is something that is questioned
> by a lot of people. Most conservative eximists hate the configuration
> being split out in several files,
Absolutely, this is a slight convenience for the packagers which causes
a major inconvenience to
On Fri, 2003-11-28 at 20:49, Martin Michlmayr wrote:
> * Colin Walters <[EMAIL PROTECTED]> [2003-09-10 19:02]:
> > Therefore, I'm putting most (but not quite all) of my packages up
> > for adoption. Specifically:
> >
> > build-essential crack-attack dbus desktop-base fontconfig fontilus
> > gnome
* Manoj Srivastava <[EMAIL PROTECTED]> [031203 20:12]:
> Before we make such a push, we should at least ensure that it
> is something we really want to do. I think locally generated
> checksums are a better solution.
I don't think so. md5-calculation it not the fastest thing (especially
on
On Wed, Dec 03, 2003 at 11:14:29PM +0100, Wouter Verhelst wrote:
>
> Let me reiterate. You want to set up something with the Debian Project's
> machines so that I have to pay for the privilege of contributing?
>
> Thanks, but no thanks. Volunteers don't work that way.
>
No sweat, that's totally
Op wo 03-12-2003, om 22:36 schreef Tom:
> On Wed, Dec 03, 2003 at 09:24:07AM -0600, Manoj Srivastava wrote:
> > Heh. Your grasp of the practicality of the situation is
> > slipping. Not only do these guys donate a fairly expensive chunk of
> > billable hours and expertise, they must pay to b
Package: wnpp
Severity: wishlist
* Package name: libcaca
Version : 0.2
Upstream Author : Sam Hocevar <[EMAIL PROTECTED]>
* URL : http://sam.zoy.org/projects/libcaca/
* License : LGPL
Description : text mode graphics library
Package: libcaca-dev
Section: l
On Wed, Dec 03, 2003 at 05:44:36PM +0100, Santiago Vila wrote:
|| file=main/libp/libpng/libpng2_1.0.12-3.woody.3_i386.deb
|| wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
|| wget -q -O 2.deb http://security.debian.org/pool/updates/$file
|| diff 1.deb 2.deb
||
|| Binary files 1.deb
On Wed, Dec 03, 2003 at 05:44:36PM +0100, Santiago Vila wrote:
> wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
> wget -q -O 2.deb http://security.debian.org/pool/updates/$file
> diff 1.deb 2.deb
>
> Binary files 1.deb and 2.deb differ
>
> How could this happen? Should I worry about it
Package: wnpp
Severity: wishlist
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* Package name: distcmd
Version : 0.9
Upstream Author : Anthony DeRobertis <[EMAIL PROTECTED]>
* URL : http://ntp.derobert.net/DistCmd/
* License : GPL
Description : Distribute
On Wed, 2003-12-03 at 15:32, Manoj Srivastava wrote:
> An even better security guideline is "something you are" -- so
> should we not spring for retinal scanners/fingerprint readers/other
> buiometrics? I mean, we _are_ talking about other peoples money. :P
This idea has recently been in t
Op wo 03-12-2003, om 10:09 schreef Andreas Barth:
> > > file back signed by the build admin. The debian archive scripts
> > > accepts packages signed by a buildd-key only if it is a binary package
> > > for this architecture, the key is valid (i.e. in the right year), and
> > > this package has bee
On Tue, 2 Dec 2003 23:46:45 +, Geoff Richards <[EMAIL PROTECTED]> said:
> On Tue, Dec 02, 2003 at 01:28:28PM -0800, Tom wrote:
>> I read all the words but took a completely different meaning :-)
>> I'm from the South, we have different speech patterns...
> South of where?
The Mason-
On Wed, Dec 03, 2003 at 09:24:07AM -0600, Manoj Srivastava wrote:
> Heh. Your grasp of the practicality of the situation is
> slipping. Not only do these guys donate a fairly expensive chunk of
> billable hours and expertise, they must pay to be able to volunteer?
Sure, if you care about
On Mon, 2003-12-01 at 13:48, Branden Robinson wrote:
> To be solved properly this would require some sort of signaling
> mechanism detacted from most of the normal process hierarchy; say, an
> "invoke-rc.dd" (daemon) with which invoke-rc.d communicated.
Couldn't you just catch the signal, and ign
On Wed, Dec 03, 2003 at 09:26:15AM -0600, Manoj Srivastava wrote:
> Guess what the median age of a Debian developer is.
Don't know, don't care.
> Volunteer organization have dues?
Yes, I don't know what planet you're from, but on this planet the
Rotarians, Kiwanas, Civitans, Knights
On Wed, Dec 03, 2003 at 09:28:30AM -0600, Manoj Srivastava wrote:
> Sender: Tom Ballard <[EMAIL PROTECTED]>
Yeah, somebody else pointed that out. It's bullshit that mutt was doing
that to me. My /etc/email-addresses:
# This is /etc/email-addresses. It is part of the exim package
#
# This file
On Wednesday 03 December 2003 15:32, Manoj Srivastava wrote:
> An even better security guideline is "something you are" -- so
> should we not spring for retinal scanners/fingerprint readers/other
> buiometrics? I mean, we _are_ talking about other peoples money. :P
However 'something you a
On Mon, 2003-12-01 at 09:49, Marc Haber wrote:
> >Do you really think that one should use the old hostkeys again?
>
> Actually, yes. I trust the DSA not to allow a compromised system to be
> on the network.
Which is why they won't be re-using the old host keys.
Are you aware that the SSH host k
On Wed, 3 Dec 2003 08:30:55 +0100, Bernd Eckenfels <[EMAIL PROTECTED]> said:
> Hehe, well I am sorry. I had the impression 2.4.23 was older. Should
> have checked my facts.
> BTW: I do have checked the kernel version of the major distros, all
> ship newer kernels than debian (if you look at the
On Wed, 3 Dec 2003 14:17:18 +1100, Russell Coker <[EMAIL PROTECTED]> said:
> On Wed, 3 Dec 2003 12:34, Don Armstrong <[EMAIL PROTECTED]>
> wrote:
>> The problems associated with them aren't too terribly different
>> from those associated with keys or other forms of physical
>> security, notably,
On Wed, Dec 03, 2003 at 08:02:42AM +0100, Matthias Urlichs wrote:
> IMHO, there's no need to discuss this to death -- .desktop files make
> sense, therefore packages should supply them. There's no sane way to
> ask maintainers to do so except to file bugs, therefore bugs should be
> filed, and that
On Wed, 3 Dec 2003 01:24:50 -0800, Tom <[EMAIL PROTECTED]> said:
> On Wed, Dec 03, 2003 at 01:16:39AM -0800, Tom Ballard wrote:
> Oh, one last thing: each DD should pay for the device him/her self
> and should be required to fly to meet wherever they can pick them
> up. Why do you assume someb
On Wed, 3 Dec 2003 06:54:29 -0800, Tom Ballard <[EMAIL PROTECTED]> said:
> On Wed, Dec 03, 2003 at 08:45:49AM -0600, Steve Langasek wrote:
>>
>> Share the crack.
> In my experience kids in college and right out tend to freak out
> over the thought of having to spend a few dollars of disposable
On Wed, 3 Dec 2003 05:42:20 -0800, Tom Ballard <[EMAIL PROTECTED]> said:
> On Thu, Dec 04, 2003 at 12:20:57AM +1100, Hamish Moffatt wrote:
>>
>> How about including your full name somewhere in your posts too
>> then? I find it a bit off-putting to discuss security with someone
>> who's obscuring
On Sun, 2003-11-30 at 12:29, Steve Greenland wrote:
> I think the idea of a namespace for usernames used by packages is a good
> idea, but rather than "debian-", we should take this to the LSB folk, so
> that we can get it done once.
As long as the LSB allocates an area for distribution-created na
On Sun, 2003-11-30 at 15:46, Russ Allbery wrote:
> It does have the drawback that you could end up with accounts that differ
> only in case, which means that MTAs would probably have to be checked to
> make sure that they do the right thing.
RFC 2821 gives some great advice here:
"Howeve
On Wed, 2003-12-03 at 20:01, cobaco wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 2003-12-03 12:24, Fabian Fagerholm wrote:
> > On Wed, 2003-12-03 at 12:17, Andreas Tille wrote:
> > > On Tue, 2 Dec 2003, Fabian Fagerholm wrote:
> > > > The term suggests that the distribution is "
On Thu, 2003-12-04 at 03:18, John Goerzen wrote:
> On Wed, Dec 03, 2003 at 10:58:12AM +0100, Andreas Tille wrote:
> > On Tue, 2 Dec 2003, John Goerzen wrote:
> >
> > > First of all. This is obviously not a Debian projects
> > I see it clearly as Debian project and can't find the rationale why
> >
On Wed, 3 Dec 2003, cobaco wrote:
> hm, I've added a definition to the wiki:
>
> A Custom Debian Distribution (CDD) is a version of Debian that is tailored
I do not like the term "version". I'd prefer a "subset of Debian". You
get a CDD together with main but you get a helping hand to cope wit
On Thu, 2003-12-04 at 01:51, Andreas Metzler wrote:
> Steve Greenland <[EMAIL PROTECTED]> wrote:
> [...]
> > I think the idea of a namespace for usernames used by packages is a good
> > idea, but rather than "debian-", we should take this to the LSB folk, so
> > that we can get it done once.
>
> T
On Sun, 2003-11-30 at 07:47, Bernhard R. Link wrote:
> Could anyone familar with cups explain why this is no RC-bug?
From when I've seen it do it, for the same reason SWAT and webmin aren't
RC bugs: They do it because the administrator said to change the config.
signature.asc
Description: This
On Thu, 2003-12-04 at 01:02, Benj. Mako Hill wrote:
> On Wed, Dec 03, 2003 at 01:24:24PM +0200, Fabian Fagerholm wrote:
> > If some of the people who participated in the Debcamp Custom
> > Distribution BOF (see
> > http://www.debian.org/devel/debian-nonprofit/News/2003/20030717) are
> > listening,
On Wed, 3 Dec 2003, John Goerzen wrote:
> > I see it clearly as Debian project and can't find the rationale why
> > you sais that it is _obviousely_ not.
>
> It's not hosted on Debian machines. Nobody designated it ats a project.
> It doesn't use our BTS, it doesn't use our mailing lists, etc. I
On Wed, 2003-12-03 at 20:15, Herbert Xu wrote:
> AKL. Mantas Kriauciunas <[EMAIL PROTECTED]> wrote:
> >
> > Solution is to add freedesktop.org standartized menu entry for programs,
> > which could be started from menu (for example there is no meaning to
> > start apt-get tool from menu). Then user
Andreas Schuldei wrote:
> * Russell Coker ([EMAIL PROTECTED]) [031203 04:03]:
> > I have sent a message to Werner asking if the GPG smart-card device
> > could be re-implemented with a USB interface. I think that a USB
> > dongle with GPG technology would be a good option as most developer's
> > m
On Wed, 3 Dec 2003 13:26:02 +0100, Matthias Urlichs said:
> I'm also a bit concerned about MitM attacks; the hash-or-whatever which
Obviously you can do this only using a secure channel.
> the local side is supposed to sign should probably be encrypted with the
> signer's public key, otherwise I
Zenaan Harkness said on Wed, Dec 03, 2003 at 02:58:18PM +1100:
> Flavours (and sub-flavours/ tasks/ yadda) is as good a place to start as
> any. So here are some proposed flavours:
>
> - Enterprise (base packages and more "neutral" config)
> - Enterprise Desktop - with sub-flavours of:
> - S
I demand that Tom may or may not have written...
> On Wed, Dec 03, 2003 at 08:45:49AM -0600, Steve Langasek wrote:
>> Share the crack.
> In my experience kids in college and right out tend to freak out over the
> thought of having to spend a few dollars of disposable income, because they
> don't
On Thu, 4 Dec 2003 04:21:55 +1000, Anthony Towns
wrote:
>I'm going to ignore the -config package, since it's not really part of
>the problem.
Is it?
>Okay, so you want to say:
>
> * any exim4-daemon package should only be installed when exim4-base
> is already installed and setup
>
On Wednesday 03 December 2003 19:33, Joshua Kwan wrote:
> On Wed, Dec 03, 2003 at 09:22:14AM +0100, Werner Wobrowsky wrote:
> > Debian Installer sarge-i386-bussinescard.iso, httP://freedesktop.or/
>
> Cool, but...
>
> > FreeBSD 5.1-RELEASE-p11 #0: Thu Nov 27 15:07:08 CET 2003
> > [EMAIL PROTECT
On Wed, 3 Dec 2003 12:08:10 +0100, Matthias Urlichs said:
>> signature algorithm would allow for hashing the data on the remote
>> machine, and signing that hash locally.
>>
> ... that would work. It'd probably require a few hooks within GPG
> to generate a hash packet / .
Since I moved my actua
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2003-12-03 12:24, Fabian Fagerholm wrote:
> On Wed, 2003-12-03 at 12:17, Andreas Tille wrote:
> > On Tue, 2 Dec 2003, Fabian Fagerholm wrote:
> > > The term suggests that the distribution is "not-Debian", which is
> > > unneccessary and confusing.
>
On Wed, 3 Dec 2003, Andreas Tille wrote:
> On Wed, 3 Dec 2003, Fabian Fagerholm wrote:
>
> > In my view (as I said), it would be logical to name a further
> > subdivision of that product "flavor".
> I like this interpretation of the term flavor and it would be easily
> applicable for Debian-Med to
On Wed, Dec 03, 2003 at 10:58:12AM +0100, Andreas Tille wrote:
> On Tue, 2 Dec 2003, John Goerzen wrote:
>
> > First of all. This is obviously not a Debian projects
> I see it clearly as Debian project and can't find the rationale why
> you sais that it is _obviousely_ not.
It's not hosted on De
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2003-12-03 05:08, Theodore Ts'o wrote:
> To the extent that they are self-supporting, they become economically
> irrelevant to a commerical distribution or to a support provider of
> UserLinux. The best that you will get out of these customers are
On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote:
> Matt Zimmerman <[EMAIL PROTECTED]> writes:
>
> > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote:
> >
> > > But this kind of tampering _can_ be checked by apt before installing
> > > the deb simply by ad
On Mon, 1 Dec 2003 17:12:36 -0500, christophe barbe <[EMAIL PROTECTED]> said:
> I don't see why adding a md5dsum_are_mandatory clause to the debian
> policy would be difficult (what would be a good reason to not add
> md5sum to a package?).
Because it buys little security wise? Because t
On Mon, 1 Dec 2003 19:22:44 -0200, Henrique de Moraes Holschuh <[EMAIL
PROTECTED]> said:
> On Mon, 01 Dec 2003, Thomas Viehmann wrote:
>> Henrique de Moraes Holschuh wrote:
>> > On Mon, 01 Dec 2003, christophe barbe wrote:
>> >
>> >>Before mass bug-filling, it would be necessary to make it
>> >>
On Mon, 1 Dec 2003 18:08:28 +0100, Eduard Bloch <[EMAIL PROTECTED]> said:
> AFAICS the only way to verify the contents of maintainer scripts
> automaticaly is to have the binary package, verify its contents via
> .changes or Release/Packages path, extract it and compare the
> files. Too complicat
"AKL. Mantas Kriauciunas" <[EMAIL PROTECTED]> writes:
> Hi,
>
> Debian has a usability problem - it's hard to start lots of programs,
> installed from debian packages, because simple users just can't find
> them in menu.
> Standart debian menu entry isn't good solution for user-friendly
> desktop
On Wed, Dec 03, 2003 at 05:49:20PM +0100, Andreas Metzler wrote:
> exim4 is a metapackage that depends on the other three and is not hit by
> the problem. The rest is a straighforward chain.
>
> daemon -->-- -base -->-- -config.
> other possible dependencies would be:
> daemon -->-- -config -->--
Le Wed, Dec 03, 2003 at 08:58:19AM +0100, Andreas Tille a écrit :
> On Tue, 2 Dec 2003 [EMAIL PROTECTED] wrote:
>
> > This package is an empty dummy package that always depends on a package
> > built for Debian's default Python version.
> Why that. It should depend from Debian's Zope version or i
* Goswin von Brederlow ([EMAIL PROTECTED]) [031203 03:25]:
> Henning Makholm <[EMAIL PROTECTED]> writes:
> > If an attacker compromises the buildd to the point where he can gain
> > access to its secret key, he could just as well attack its build
> > environment, or simply use his access to convinc
On Wed, 2003-12-03 at 05:49, John Goerzen wrote:
> > * Office Suite - OpenOffice (there's no other near as feature complete)
>
> And OpenOffice is the only one that runs on only two -- yes, two --
> architectures that Debian supports.
You missed two. OOo is available on i386, powerpc, sparc and
Matthias Urlichs <[EMAIL PROTECTED]> wrote:
> AKL. Mantas Kriauciunas wrote:
>
>> Herbert Xu: "Please discuss this on debian-devel before filing further
>> bugs."
>
> IMHO, there's no need to discuss this to death -- .desktop files make
> sense, therefore packages should supply them. There's no s
John,
You hit the nail on the head!! What we really need is a serious well
experienced network/security admin/engineer who can help architect the
system.
Our goals:
* Provide Project Management
* Provide a Development Network of Servers
* Provide Test Servers
* Allow users to configure Test S
AKL. Mantas Kriauciunas <[EMAIL PROTECTED]> wrote:
>
> Solution is to add freedesktop.org standartized menu entry for programs,
> which could be started from menu (for example there is no meaning to
> start apt-get tool from menu). Then users of modern desktops will be
> happy, because they can ea
On Wed, Dec 03, 2003 at 09:22:14AM +0100, Werner Wobrowsky wrote:
> Debian Installer sarge-i386-bussinescard.iso, httP://freedesktop.or/
Cool, but...
> FreeBSD 5.1-RELEASE-p11 #0: Thu Nov 27 15:07:08 CET 2003
> [EMAIL PROTECTED]:/usr/src/sys/i386/compile/NEW
I didn't know the sarge ISOs supp
* Goswin von Brederlow ([EMAIL PROTECTED]) [031203 03:40]:
> Andreas Barth <[EMAIL PROTECTED]> writes:
> > * Wouter Verhelst ([EMAIL PROTECTED]) [031202 19:40]:
> > > So unless you have a suggestion that would solve this particular issue,
> > > I'm afraid this idea won't work in practice.
> > Two
On Wed, 2003-12-03 at 18:36, bruce wrote:
> hi...
>
> I was talking with Ian Murdock yesterday, and he suggested I pose the
> question to this group.
>
> We're interested in creating a development environment that would allow open
> source applications to be created. The development environment w
On Wednesday 03 December 2003 18:12, Andreas Metzler wrote:
> http://freedesktop.org/~daniel/d-i/
> cu andreas
You star ;)
Thanks
Tom
--
^__^| Tom Badran
(oo)\__ | Imperial College
(__)\ )\/\| Department of Computing
||w || ---
Debian Installer sarge-i386-bussinescard.iso, httP://freedesktop.or/
~daniel/d-i from 22.11.2003
MB Asus P4B266-E,
Installed on /dev/hdb3 without any problems.
$ dmesg
Copyright (c) 1992-2003 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
T
On Wed, Dec 03, 2003 at 06:04:26PM +, Tom Badran wrote:
> Is there anywhere i can download debian-installer beta images (im
> getting a new laptop tommorow), prefereably with support for
> reiserfs filesystems? Gluck still isnt working and i cant seem to
> find mirrors anywhere.
http://freede
Is there anywhere i can download debian-installer beta images (im getting a
new laptop tommorow), prefereably with support for reiserfs filesystems?
Gluck still isnt working and i cant seem to find mirrors anywhere.
Thanks
Tom
--
^__^| Tom Badran
(oo)\__ | Imperial Colle
* Russell Coker ([EMAIL PROTECTED]) [031203 04:03]:
> I have sent a message to Werner asking if the GPG smart-card device could be
> re-implemented with a USB interface. I think that a USB dongle with GPG
> technology would be a good option as most developer's machines already have
> USB suppor
On Wed, 03 Dec 2003 15:01:09 +1100, Zenaan Harkness wrote:
> (Really should read ahead further ... here are more, and all laid out
> together)
>
> * DFSG Free Software only (I know this one will get debated, but this is
> the whole point of Debian Enterprise - if you want proprietary software,
>
1 - 100 of 173 matches
Mail list logo
