Re: APT do not work with Squid as a proxy because of pipelining default

Daniel Burrows writes: > On Wed, May 19, 2010 at 03:28:00PM +0200, Bjørn Mork was > heard to say: >> Pierre Habouzit writes: >> > This is bullshit. It's *VERY* easy to "support" pipelining: parse one >> > request at a time, and until you're done with a given request, you just >> > stop to watc

Re: APT do not work with Squid as a proxy because of pipelining default

David Kalnischkies writes: > Hi all, > > i don't want to interrupt your battles so feel free to ignore me, > but i want to raise some questions (for you and me) none the less: > > The notice about the - in the eyes of the writer of this manpage > section - broken squid version 2.0.2 in the apt.co

Bug#582346: ITP: libobject-id-perl -- Perl module providing a unique identifier for any or every object

Package: wnpp Severity: wishlist Owner: Ivan Kohler Owner: Ivan Kohler * Package name: libobject-id-perl Version : 0.1.0 Upstream Author : Michael G Schwern * URL : http://search.cpan.org/dist/Object-ID/ * License : Perl Programming Lang: Perl Description

Re: APT do not work with Squid as a proxy because of pipelining default

Bjørn Mork writes: > Goswin von Brederlow writes: > >> A HTTP/1.1 conforming server or proxy > > This is not the real world... > >> is free to process pipelined >> requests serially one by one. The only requirement is that it does not >> corrupt the second request by reading all available data

Re: UPG and the default umask

On 05/19/2010 03:48 PM, Christoph Anton Mitterer wrote: > See above, or do you wish a larger paper discussing the issues?! ^^ So FUD it is. At least you're consistent. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O signatur

Bug#582345: ITP: libhash-fieldhash-perl -- Perl module implementing a lightweight field hash

Package: wnpp Severity: wishlist Owner: Ivan Kohler Owner: Ivan Kohler * Package name: libhash-fieldhash-perl Version : 0.10 Upstream Author : Goro Fuji * URL : http://search.cpan.org/dist/Hash-FieldHash/ * License : Perl Programming Lang: Perl Descriptio

Re: APT do not work with Squid as a proxy because of pipelining default

Philipp Kern writes: > On 2010-05-19, Goswin von Brederlow wrote: >> Reading that I don't think that is really a pipelining issue. You do not >> need pipelineing for it to work. The real problem is keep-alive. The >> connection isn't destroyed after each request so you can put multiple >> reques

Re: APT do not work with Squid as a proxy because of pipelining default

On Wed, May 19, 2010 at 03:28:00PM +0200, Bjørn Mork was heard to say: > Pierre Habouzit writes: > > This is bullshit. It's *VERY* easy to "support" pipelining: parse one > > request at a time, and until you're done with a given request, you just > > stop to watch the socket/file-descriptor for

Re: How to set ulimit (nofile) for a daemon

On Thu, May 20, 2010 at 01:30:37AM +0200, Bernd Eckenfels wrote: > In article <20100519225812.gb28...@dario.dodds.net> you wrote: > > These daemons load pam_limits *when running on behalf of other users*. > > That's an entirely different scenario than running a daemon per se. > In the case of a ja

Re: How to set ulimit (nofile) for a daemon

On Wed, 19 May 2010, Russ Allbery wrote: > Thomas Koch writes: > > HBase needs a high nofile limit. What would be the preferred way to set > > the limit for the HBase daemons? > > > Just call ulimit in the initscript? > > That's what I'd do. I'd suggest having it in /etc/default/hbase (or whate

Re: How to set ulimit (nofile) for a daemon

Thomas Koch writes: > HBase needs a high nofile limit. What would be the preferred way to set > the limit for the HBase daemons? > Just call ulimit in the initscript? That's what I'd do. -- Russ Allbery (r...@debian.org) -- To UNSUBSCRIBE, email

Re: UPG and the default umask

Le Wed, May 19, 2010 at 01:10:25PM -0600, Aaron Toponce a écrit : > > UPG is only if the user name and group name match, > and the user is the only member of that group. Hi Aaron and everybody, is there any ‘official’ definition of UPG, for instance the first document presenting the concept afte

Re: UPG and the default umask

On 19/05/2010 23:22, Santiago Vila wrote: On Wed, 19 May 2010, Roger Leigh wrote: On 19/05/10 18:25, Santiago Vila wrote: For the record: I've changed the umask setting in /etc/profile to this: if [ "`id -u`" -ge 1000 ]; then Should we also be catering for the reserved globally allocated UI

Re: How to set ulimit (nofile) for a daemon

In article <20100519225812.gb28...@dario.dodds.net> you wrote: > These daemons load pam_limits *when running on behalf of other users*. > That's an entirely different scenario than running a daemon per se. In the case of a java process started with an init script, it would be su doing the pam chai

Re: snapshot.debian.org implications for you

On Wed, 19 May 2010, Felipe Sateler wrote: > On 19/05/10 10:08, Raphael Hertzog wrote: >> On Wed, 19 May 2010, Felipe Sateler wrote: Most of the repackaging is done because we don't _want_ to redistribute those files not because we do not have the right to redistribute them. >>> >>> [cit

Re: UPG and the default umask

On Mon, May 17, 2010 at 04:00:57AM +0200, Thomas Hochstein wrote: > Felipe Sateler schrieb: > > > I mean, is there a reason for why I would want a non-UPG system? > > What about a hosting environment where you need to have user files > world-readable (HTML documents or (PHP) scripts readable by w

Bug#582321: TAG: dirsum -- commandline directory summary

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: itp Severity: wishlist Version: 0.4; * Package name : dirsum Version : 0.4 Upstream Author : Dirk Bartley * URL: http://code.dyne.org/?r=dirsum * License: GNU GPL Description: Dirsum is a command line tool to assist sorting out which dir

Re: How to set ulimit (nofile) for a daemon

On Wed, May 19, 2010 at 06:51:25PM -0400, Felipe Sateler wrote: > >This is the wrong answer to the question "how do I set ulimits for a daemon > >process?" /etc/security/limits.d is only processed by pam_limits, which has > >no reason to be in the path for service startup. > cron, atd and schroo

Re: How to set ulimit (nofile) for a daemon

On 19/05/10 18:32, Steve Langasek wrote: On Wed, May 19, 2010 at 06:20:35PM -0400, Felipe Sateler wrote: HBase needs a high nofile limit. What would be the preferred way to set the limit for the HBase daemons? Just call ulimit in the initscript? The java process is started by "daemon" (Debian

Re: APT do not work with Squid as a proxy because of pipelining default

Hi all, i don't want to interrupt your battles so feel free to ignore me, but i want to raise some questions (for you and me) none the less: The notice about the - in the eyes of the writer of this manpage section - broken squid version 2.0.2 in the apt.conf manpage was changed the last time in 2

Re: How to set ulimit (nofile) for a daemon

On Wed, May 19, 2010 at 06:20:35PM -0400, Felipe Sateler wrote: > >HBase needs a high nofile limit. What would be the preferred way to set the > >limit for the HBase daemons? > >Just call ulimit in the initscript? > >The java process is started by "daemon" (Debian package "daemon"). > >Thank you,

Re: UPG and the default umask

On Wed, May 19, 2010 at 09:11:54PM +, Christoph Anton Mitterer wrote: > Nevertheless may I suggest to stop any further active changes in that > issue (UPG/umask) until this discussion here is over and final > decision has been made. Sorry, but Debian is a do-ocracy first, and a democracy then.

Re: UPG and the default umask

On Wed, 19 May 2010, Roger Leigh wrote: > On 19/05/10 18:25, Santiago Vila wrote: > > For the record: I've changed the umask setting in /etc/profile to this: > > > > if [ "`id -u`" -ge 1000 ]; then > > Should we also be catering for the reserved globally allocated UIDs in the > range 6-64999

Re: How to set ulimit (nofile) for a daemon

On 19/05/10 11:46, Thomas Koch wrote: Hi, HBase needs a high nofile limit. What would be the preferred way to set the limit for the HBase daemons? Just call ulimit in the initscript? The java process is started by "daemon" (Debian package "daemon"). Thank you, Thomas Koch, http://www.koch.ro

Re: snapshot.debian.org implications for you

On 19/05/10 10:08, Raphael Hertzog wrote: On Wed, 19 May 2010, Felipe Sateler wrote: Most of the repackaging is done because we don't _want_ to redistribute those files not because we do not have the right to redistribute them. [citation needed] My perception of the matter is the other way ar

Re: UPG and the default umask

On Wed, 19 May 2010 15:22:04 -0600, Aaron Toponce wrote: > You've only mentioned that SSH won't operate if the write bit is set on > the keys or anything under the ~/.ssh/ directory. Can you explain how an > ssh client failing to connect to an external ssh server because of the > umask is compromi

Bug#582315: ITP: pyrit-cuda -- NVIDIA CUDA support for Pyrit

Package: wnpp Severity: wishlist Owner: Christian Kastner * Package name: pyrit-cuda Version : 0.3.0 Upstream Author : Lukas Lueg * URL : http://code.google.com/p/pyrit/ * License : GPLv3 + linking exceptions for OpenSSL and CUDA Programming Lang: C, Python

Re: UPG and the default umask

On 05/19/2010 03:11 PM, Christoph Anton Mitterer wrote: > Or is that already, the case? At least I've had the impression that > neither mine, nor the arguments of some other people (Harald, Peter, etc.) > were even answered here. You've only mentioned that SSH won't operate if the write bit is set

Re: UPG and the default umask

btw: What happened to the idea of movin umask completely away from /etc/profile? I mean regardless of the discussion about UPGs and which value is the "best" default for umask, I found it to be a good idea to drop it there. Can someone please explain me the reason why login.defs isn't used for tha

Bug#582308: ITP: mango-lassi -- Share mouse and pointer with other computers

Package: wnpp Severity: wishlist Owner: Kartik Mistry -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * Package name: mango-lassi Version : 001 Upstream Author : Lennart Poettering , Sven Herzberg * URL : http://github.com/herzi/mango-lassi/ * License : GPL-2+

Re: UPG and the default umask

On Wed, 19 May 2010 22:51:25 +0200, Willi Mann wrote: > The gain would be a guard against accidental 002 umasks in non-UPG > environments, which I'm quite sure will happen. Either because admins do > not > read the release notes or because they forget to do the change on one of > their newly-in

Re: UPG and the default umask

Hi! > Some people proposed complex code to determine whether UPG was in use > for system users. Such thing would be an "exception to the exception" > and as such I think it would be a bad thing, as it would make things > a lot more complex without any real gain. The gain would be a guard against

Re: APT do not work with Squid as a proxy because of pipelining default

Goswin von Brederlow writes: > A HTTP/1.1 conforming server or proxy This is not the real world... > is free to process pipelined > requests serially one by one. The only requirement is that it does not > corrupt the second request by reading all available data into a buffer, > parsing the fir

Re: UPG and the default umask

On 05/19/2010 01:25 PM, James Vega wrote: > Except /etc/profile won't be sourced again unless "newgrp - " is > used, right? Correct, or the user issues a new login shell after the change has been made. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O .

Re: UPG and the default umask

On 05/19/2010 01:20 PM, Philipp Kern wrote: > Sorry, I assumed that UPG is a system-wide concept and that I could just > change to my collaboration group and have a useful umask there too. So we > only cater for the setgid flag on directories? The "newgrp" command changes your default group. The

Re: UPG and the default umask

On Wed, May 19, 2010 at 3:10 PM, Aaron Toponce wrote: > On 05/19/2010 01:00 PM, Philipp Kern wrote: >> When I do "newgrp " it's still UPG and the umask should still be >> 2, no?  This check would change my umask. > > If the new default group is named something other than your username, > it's no l

Re: UPG and the default umask

On 2010-05-19, Aaron Toponce wrote: > On 05/19/2010 01:00 PM, Philipp Kern wrote: >> When I do "newgrp " it's still UPG and the umask should still be= >> 2, no? This check would change my umask. > > If the new default group is named something other than your username, > it's no longe UPG. UPG is

Re: UPG and the default umask

On 19/05/10 18:25, Santiago Vila wrote: For the record: I've changed the umask setting in /etc/profile to this: if [ "`id -u`" -ge 1000 ]; then Should we also be catering for the reserved globally allocated UIDs in the range 6-64999 with this check (Policy §9.2.2)? Regards, Roger -- T

Re: UPG and the default umask

On 05/19/2010 01:00 PM, Philipp Kern wrote: > When I do "newgrp " it's still UPG and the umask should still be > 2, no? This check would change my umask. If the new default group is named something other than your username, it's no longe UPG. UPG is only if the user name and group name match, and

Re: APT do not work with Squid as a proxy because of pipelining default

#include * Robert Collins [Tue, May 18 2010, 02:02:59PM]: > Given that pipelining is broken by design, that the HTTP WG has And if not? Counter example, it seems to work just fine with my apt-cacher-ng proxy, at least bug reports related to that have appeared for about a year now. > increased th

Re: UPG and the default umask

On 2010-05-19, Aaron Toponce wrote: > I suggested this, which I don't think is complex. However, what you have > suggested should work just fine. > > if [ "$(id -un)" =3D "$(id -gn)" ] && [ "$UID" -gt 99 ]; then > umask 0002 > else > umask 0022 > fi id -n might cause network accesses, if

Re: UPG and the default umask

On 05/19/2010 11:25 AM, Santiago Vila wrote: > For the record: I've changed the umask setting in /etc/profile to this: > > if [ "`id -u`" -ge 1000 ]; then > umask 002 > else > umask 022 > fi [snip] > Some people proposed complex code to determine whether UPG was in use > for system users. Su

Re: shutdown on power button?

On Wed, May 19, 2010 at 04:17:49PM +0200, Luca Niccoli wrote: > This would be definitely a bug, not intended behaviour. I absolutely agree. This code is used to find out of powerdevil is running: for p in $(pidof kded4); do test -r /proc/$p/environ || continue

Re: UPG and the default umask

For the record: I've changed the umask setting in /etc/profile to this: if [ "`id -u`" -ge 1000 ]; then umask 002 else umask 022 fi which is fully consistent with Debian policy when it says that user accounts, by default, start at uid 1000. So, this is now a very simple rule (umask 002) with

Re: Parallellizing the boot in Debian Squeeze - ready for wider testing

On Sun, May 09, 2010 at 13:27:08 +0200, Marc Haber wrote: > On Sat, 8 May 2010 11:47:40 +0200, Julien Cristau > wrote: > >As far as I'm concerned, "faster boot" is irrelevant. Using an init > >daemon that actually does its job of supervising services, and lets us > >get rid of most of the stupidi

Re: SRWare Iron: Chromium without the data-mining

On Wed, May 19, 2010 at 3:15 AM, Mike Hommey wrote: > > opt-in like in the Options dialog ? > > "Show suggestions for navigation errors" > > "Use a suggestion service to help complete searches and URLs typed in > the address bar" > > "Use DNS pre-fetching to improve load performance" > > There is

Re: APT do not work with Squid as a proxy because of pipelining default

Bjørn Mork writes: > Pierre Habouzit writes: >> On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote: >> >>> 2) http proxy servers cannot always process pipelined requests due to >>>the complexity this adds (complexity is always bad for security), and >> >> This is bullshit. It's *VE

Re: APT do not work with Squid as a proxy because of pipelining default

Bjørn Mork writes: > Petter Reinholdtsen writes: >> [Roger Lynn] >>> But apt has been using pipelining for years. Why has this only just >>> become a problem? >> >> It has been a problem in Debian Edu for years. Just recently I >> figured out the cause and a workaround. > > And FWIW I have exp

Re: SRWare Iron: Chromium without the data-mining

I demand that Ryan Oram may or may not have written... > http://www.srware.net/en/software_srware_iron_chrome_vs_iron.php > This should become a full open source project with a community behind it. > With Mozilla disregarding H.264, the community needs a full browser capable > of H.264 video play

Re: APT do not work with Squid as a proxy because of pipelining default

On 2010-05-19, Goswin von Brederlow wrote: > Reading that I don't think that is really a pipelining issue. You do not > need pipelineing for it to work. The real problem is keep-alive. The > connection isn't destroyed after each request so you can put multiple > requests into the stream and exploi

Re: APT do not work with Squid as a proxy because of pipelining default

Robert Collins writes: > Well, I don't know why something has 'suddenly' become a problem: its > a known issue for years. The HTTP smuggling > [http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf] > attacks made that very obvious 5 years ago now. Reading that I don't think that is real

How to set ulimit (nofile) for a daemon

Hi, HBase needs a high nofile limit. What would be the preferred way to set the limit for the HBase daemons? Just call ulimit in the initscript? The java process is started by "daemon" (Debian package "daemon"). Thank you, Thomas Koch, http://www.koch.ro -- To UNSUBSCRIBE, email to debian-d

Re: shutdown on power button?

On Wednesday 19 May 2010 16:42:12 Luca Niccoli wrote: > that it's not meant for bug reporting. I actually thought it was the intended behaviour... Bye -- Salvo Tomaselli signature.asc Description: This is a digitally signed message part.

Re: shutdown on power button?

On 19 May 2010 16:38, Luca Niccoli wrote: > File it to the BTS please. Hint: since you already found out that the culprit was /etc/acpi/powerbtn-acpi-support.sh, running $reportbug /etc/acpi/powerbtn-acpi-support.sh would have automatically filed a bug against the package that owns it. In gener

Re: shutdown on power button?

On 19 May 2010 16:30, Salvo Tomaselli wrote: > But as every good luser i opened powerdevil and set it to lock the screen, so > for me it was totally unreasonable since it did something else than what i had > manually configured to do. Then it's a bug in acpi-support-base, since the powerbtn scri

Re: shutdown on power button?

On Wednesday 19 May 2010 16:17:49 Luca Niccoli wrote: > Mmm, you are saying that you are running KDE, with the KDE power > manager; that you have configured KDE not to switch the computer off > on power button; and that nonetheless the computer goes off when you > press it? That is exactly what i

Re: shutdown on power button?

On Wednesday 19 May 2010 16:14:41 Luca Niccoli wrote: > I don't think you can call this an unreasonable > behaviour. But as every good luser i opened powerdevil and set it to lock the screen, so for me it was totally unreasonable since it did something else than what i had manually configured to

Re: [Debian-eeepc-devel] Ethernet not working on 1005HA

On 19 May 2010 16:09, Abhishek Dasgupta wrote: > Just upgraded to the latest bits from squeeze, and ethernet is not > working here. Tried modprobing atl1c but that did not change anything. > Ethernet was working before the upgrade. Anyone else has this problem? See bug #573607 The kernel fixing t

Re: shutdown on power button?

On 19 May 2010 16:10, Salvo Tomaselli wrote: >> Right, if you do not have a DE running, one way to react on the power >> button is using acpid *and* acpi-support-base. > But if i have it (and most of the time this is the case) it's just very > annoying having configured kde to lock the screen and

Re: shutdown on power button?

On 19 May 2010 14:10, Salvo Tomaselli wrote: > It is, i just turned off my laptop (installed in march) for mistake, and i > dindn't install manually acpid. It's not acpid that shuts down the computer on power button, it's acpi-support-base (installed by default) If you pressed the power button o

Re: shutdown on power button?

On Wednesday 19 May 2010 15:19:08 Michael Meskes wrote: > On Wed, May 19, 2010 at 01:23:05PM +0200, Salvo Tomaselli wrote: > > I have noticed that the default configuration is to shutdown the computer > > when the power button is pressed. > > You might want to check which software did react on the

Re: snapshot.debian.org implications for you

On Wed, 19 May 2010, Felipe Sateler wrote: > >Most of the repackaging is done because we don't _want_ to redistribute > >those files not because we do not have the right to redistribute them. > > [citation needed] > > My perception of the matter is the other way around. Take the case of stripped

Re: snapshot.debian.org implications for you

On 18/05/10 04:13, Raphael Hertzog wrote: On Tue, 18 May 2010, Peter Palfrader wrote: On Wed, 12 May 2010, Felipe Sateler wrote: Would it be feasible to have some sort of automation surrounding this? Breaches that are fixed by a subsequent upload will very likely contain some strings in the cha

Re: shutdown on power button?

On Wed, May 19, 2010 at 01:23:05PM +0200, Salvo Tomaselli wrote: > I have noticed that the default configuration is to shutdown the computer > when > the power button is pressed. You might want to check which software did react on the button. > But on normal desktop installations, the DE will h

Re: APT do not work with Squid as a proxy because of pipelining default

Pierre Habouzit writes: > On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote: > >> 2) http proxy servers cannot always process pipelined requests due to >>the complexity this adds (complexity is always bad for security), and > > This is bullshit. It's *VERY* easy to "support" pipelinin

Re: APT do not work with Squid as a proxy because of pipelining default

On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote: > 2) http proxy servers cannot always process pipelined requests due to >the complexity this adds (complexity is always bad for security), and This is bullshit. It's *VERY* easy to "support" pipelining: parse one request at a time, a

Re: shutdown on power button?

On Wednesday 19 May 2010 13:56:55 Philipp Kern wrote: > I doubt it's the default. You have to install acpid to get this > behaviour, at least in VMs. It is, i just turned off my laptop (installed in march) for mistake, and i dindn't install manually acpid. Bye -- Salvo Tomaselli signature.asc

Re: shutdown on power button?

On 2010-05-19, Salvo Tomaselli wrote: > So maybe this default should be reviewed? I doubt it's the default. You have to install acpid to get this behaviour, at least in VMs. Kind regards, Philipp Kern -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubs

shutdown on power button?

I have noticed that the default configuration is to shutdown the computer when the power button is pressed. But on normal desktop installations, the DE will handle the event and take the appropriate actions. I also think that on non-desktop it should be the admin to decide whether if this behavi

Re: SRWare Iron: Chromium without the data-mining

]] Mike Hommey | opt-in like in the Options dialog ? «opt-in» usually means «requires active effort to be enabled», so in this case, disabled by default. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-devel-requ...@lists

Re: APT do not work with Squid as a proxy because of pipelining default

Petter Reinholdtsen writes: > [Roger Lynn] >> But apt has been using pipelining for years. Why has this only just >> become a problem? > > It has been a problem in Debian Edu for years. Just recently I > figured out the cause and a workaround. And FWIW I have experienced this problem for years t

Re: Re: Parallellizing the boot in Debian Squeeze - ready for wider testing

On Mon, May 17, 2010 at 03:06:10PM +0100, Scott James Remnant wrote: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543420#10 > > > This pretty much proves my point. I was never sent these patches, > instead Debian kept them to itself and never attempted to get them > upstream. Well, we ca

Re: SRWare Iron: Chromium without the data-mining

On Tue, May 18, 2010 at 08:39:00PM -0400, Ryan Oram wrote: > >From the Ubuntu mailing list, in case of you aren't subscribed there: > > On Tue, May 18, 2010 at 8:27 PM, Dane Mutters wrote: > > I think some of you would be interested in reading this page that > > (allegedly) documents some of the

Re: SRWare Iron: Chromium without the data-mining

On Wednesday 19 May 2010 02:39:00 Ryan Oram wrote: > I wasn't aware of this when I posted this thread on the mailing list. > I still feel, however, the suggestion and DNS-prefetching features be > made opt-in. What do you mean by "opt-in"? I have searched and the only meaning i could find was abou