[gentoo-dev] Last rites: www-apps/roundup

# Thomas Deutschmann (17 Feb 2017) # Unpatched security vulnerability per bug #576868 # Removal in 30 days. www-apps/roundup -- Regards, Thomas Deutschmann signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Suggested sync method/Portage config for devs on ~arch?

On 2017-02-28 10:52, James Le Cuirot wrote: > I use hasufell's repo too. I'm surprised we haven't made it more > official. The public Gentoo git mirror is https://github.com/gentoo-mirror/gentoo This git mirror includes pre-generated metadata. No need for any hack/additional step. Devs maybe

[gentoo-dev] [PATCH] mysql-v2.eclass: Drop dead g3nt8.org mirror

Removing g3nt8.org mirror which is no longer hosting mysql-extras tarball and not controlled by any Gentoo dev anymore (i.e. dead domain, up for sale). --- eclass/mysql-v2.eclass | 1 - 1 file changed, 1 deletion(-) diff --git a/eclass/mysql-v2.eclass b/eclass/mysql-v2.eclass index 21931cc8e9..b6

[gentoo-dev] Re: RFC: Pre-GLEP: Security Project

Hi, I am quoting : > == Abstract == > This GLEP outlines the purpose, responsibilities and abilities of the > Gentoo Security Project. > > == Motivation == > This GLEP aims to document the processes of the Security Project and > enpowering the

Re: [gentoo-dev] RFC: Pre-GLEP: Security Project

On 2017-03-12 00:54, Kristian Fiskerstrand wrote: >> 1. From this proposal it looks like the Security Project Lead >> obtains a lot of power and a lot of responsibility, maybe too much >> for a single person to handle. >> >> While the Deputy may be assigned, this still gives all power to >> single

Re: [gentoo-dev] RFC: Pre-GLEP: Security Project

On 2017-03-12 23:53, Kristian Fiskerstrand wrote: > On 03/11/2017 11:23 PM, Andrew Savchenko wrote: >> While the Deputy may be assigned, this still gives all power to >> single hands. Maybe it will be better to establish something like >> the Security Project Council (SPC)? E.g. three project membe

Re: [gentoo-dev] RFC: Pre-GLEP: Security Project

On 2017-03-12 19:35, Kristian Fiskerstrand wrote: >> Why do Security Project members need to be ebuild devs? >> Non ebuild developers can contribute by producing GLSAs, >> for example. > > Where is that requirement stated? I agree with Roy. That's also my reading of > * The applicant must have

Re: [gentoo-dev] RFC: Pre-GLEP: Security Project

On 2017-03-13 21:33, Rich Freeman wrote: > [...] > > And this is why I think you are talking past each other. Kristian is > thinking in terms of security being a special project, and Thomas is > thinking in terms of security being a normal project. Both are making > completely reasonable suggest

Re: [gentoo-dev] RFC: Pre-GLEP: Security Project

On 2017-03-13 22:47, Kristian Fiskerstrand wrote: > now I'm even more lost. Gentoo Developer quiz does not imply ebuild > repository access, we have current developers in the project without > tree access and they are doing an outstanding job, so depending on the > definition of "full membership" .

Re: [gentoo-dev] [PATCH] mysql-v2.eclass: Drop dead g3nt8.org mirror

This is now committed. -- Regards, Thomas signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] gcc-6.x status inquiry

On 2017-05-03 21:25, Matthias Maier wrote: > Let's keyword gcc-6 and try to get gcc-7 into the tree on time. +1 -- Regards, Thomas signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Dropping ia64/ppc/sparc profiles to dev/exp

On 2017-05-07 21:23, David Seifert wrote: > TL;DR > ia64/ppc/sparc teams are pretty much dead. They have been for a long > time and this won't change any time soon. Gentoo should focus its > resources on archs that are important and has the manpower to support. > Let us please drop these 3 archs to

Re: [gentoo-dev] Dropping ia64/ppc/sparc profiles to dev/exp

On 2017-05-09 10:12, Rich Freeman wrote: > Why not? If an arch is considered a non-security-supported arch > then you would just ignore it in a security bug. We dropped security coverage already for ia64 and are in the process to drop it for sparc as well. So how do you want to cleanup a package

[gentoo-dev] Last rites: www-apps/joomla

# Thomas Deutschmann (17 May 2017) # Multiple unpatched security vulnerabilities (see bug #603756, #610696, #612650 ...) # Removal in 30 days. www-apps/joomla -- Regards, Thomas Deutschmann / Gentoo Security Team C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description

[gentoo-dev] Last rites: mail-client/squirrelmail

# Thomas Deutschmann (17 May 2017) # Unpatched security vulnerability per bug #616700 # Removal in 30 days. mail-client/squirrelmail -- Regards, Thomas Deutschmann / Gentoo Security Team C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

[gentoo-dev] [PATCH] ssl-cert.eclass: Set default key length to 4096 bit and allow to specify message digest

--- eclass/ssl-cert.eclass | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/eclass/ssl-cert.eclass b/eclass/ssl-cert.eclass index 6bec347234d..bfe5291314c 100644 --- a/eclass/ssl-cert.eclass +++ b/eclass/ssl-cert.eclass @@ -1,4 +1,4 @@ -# Copyright 1999-2014 Gentoo Found

Re: [gentoo-dev] [PATCH] ssl-cert.eclass: Set default key length to 4096 bit and allow to specify message digest

Hi, now committed via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8daf322064245417d95057131f89e4e4e1d75f96 -- Regards, Thomas signature.asc Description: OpenPGP digital signature

[gentoo-dev] Last rites: www-apps/postfixadmin

# Thomas Deutschmann (08 Jun 2017) # Unmaintained in Gentoo; Unpatched security bugs. # Removal in 30 days. Bug #608726 www-apps/postfixadmin If you are using www-apps/postfixadmin or want to keep the package in official Gentoo repository, it is now _your_ time to offer your help or this

Re: [gentoo-dev] Re: taking a break from arches stabilization

>>> Anecdotal evidence against, currently gnupg 2.1.21 scdaemon bug will >>> happily sign a third party public keyblock's UID using signature subkey >>> on smartcard, which results in useless signature that doesn't have any >>> effect, but the application builds fine. >>> >>> This means gnupg 2.1.2

[gentoo-dev] Last rites: media-gfx/autotrace

# Thomas Deutschmann (16 Jul 2017) # Discontinued project with multiple vulnerabilities, removal # in a month (#620802) media-gfx/autotrace -- Regards, Thomas Deutschmann / Gentoo Security Team C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital

Re: [gentoo-dev] Sanity check: enewuser in binpkg with portage-utils

Hi, keep in mind that when installing a binpkg, src_* functions are skipped, see https://devmanual.gentoo.org/ebuild-writing/functions/ So when you are doing anything with the actual user, you have to do that in a pkg_* function. In case of "exeopts", if you do something like exeopts -m 6710

Re: [gentoo-dev] Sanity check: enewuser in binpkg with portage-utils

On 2017-07-20 19:17, Michał Górny wrote: > No. This is entirely wrong and insane. Tar stores user and group > names, and restores them correctly. Oops, thanks for correction. -- Regards, Thomas signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] sys-libs/ncurses: erronious deletion of *.dll.a files; possibly other packages affected

Hi, sounds like we should convert to prune_libtool_files usage from ltprune.eclass. However, the eclass says > # Discouraged. Whenever possible, please use much simpler: > # find "${D}" -name '*.la' -delete || die So this would need clarification. -- Regards, Thomas signature.asc Descript

Re: [gentoo-dev] Packages up for grabs

Hi, I'll take > dev-php/pecl-gearman> sys-cluster/gearmand if nobody else is interested. -- Regards, Thomas signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

directly, not working with /bin/sh not /bin/bash ...). -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

or set a flag in an already existing bug which will cause build bot to ignore this version. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

On 2017-12-14 01:58, Kent Fredric wrote: > On Wed, 13 Dec 2017 21:58:05 +0100 > Thomas Deutschmann wrote: > >> b) Because not all devs care about stable Gentoo, I would recommend >> auto-stabilization: I.e. if a package is in the repository for x days >> build bot wou

[gentoo-dev] Last rites: net-libs/polarssl

# Thomas Deutschmann (14 Dec 2017) # Unpatched security vulnerability per bug #537108 # Removal in 30 days. Please migrate to net-libs/mbedtls if you have # not done yet. net-libs/polarssl -- Regards, Thomas Deutschmann / Gentoo Security Team C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

member that mixed systems aren't officially supported. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

> should be done the way we currently do them, by filing a stable request > then using the current stabilization process. I am not sure if something like this should be a general rule. But like said, maintainer could either opt-in or opt-out from auto-stabilization. So if you think your new

Re: [gentoo-dev] AMD64 Arch Testers needed urgently

quot; stabilization and after some time... So why should we wait... -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [QA] New policy: 'files' directory must not be larger than 32 KiB

an be found upstream. 3) https://devmanual.gentoo.org/general-concepts/mirrors/ -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [QA] New policy: 'files' directory must not be larger than 32 KiB

asy/clean task to just add *one* small/temporary patch if you need to. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] The problem of unmaintained packages in Gentoo

add it with a mask. Breaking ~arch because a dev was unable to test for some reason is IMHO unacceptable -- even for ~arch. That's the whole reason why keywords/p.mask exist ;-) -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] RFC: Bugzilla arch list reordering

nt, however I prefer a label item like current "Unstable arches" which makes it easy for me to spot the end of the typical list. In mgorny's variant I don't understand the differentiation between "exp" and "~arch". I won't split them to be honest. Ca

[gentoo-dev] Last rites: sys-cluster/ganglia-web

# Thomas Deutschmann (23 Feb 2018) # Unmaintained in Gentoo, known critical vulnerabilities like # auth bypass. Removal in 30 days. Bugs #559658, #592080. sys-cluster/ganglia-web If you are using sys-cluster/ganglia-web or want to keep the package in official Gentoo repository, it is now _your_

Re: [gentoo-dev] python-any-r1 deps used only for testing

.gentoo.org/repo/gentoo.git/commit/?id=cfaa5ec192519a74951fd57f05c483984e408e4b. Thank you for the report. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] New Portage fork: sys-apps/portage-mgorny

t like /::gentoo to make sure the package from Gentoo repository isn't used. But I guess you are talking about a different thing? -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] New category: app-metrics

I second this. Please keep "prometheus-" prefix. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] rfc: /etc/init.d/modules loading modules defined in files

On 2016-08-17 01:49, Matthias Maier wrote: >> I have received a request to implement a feature in OpenRC to allow >> multiple software packages to drop files in a directory, /etc/modules.d >> for example, which would define modules the /etc/init.d/modules script >> would load. > > What about /etc/m

[gentoo-dev] [PATCH] eutils.eclass: Show death notice only when user patches were really applied

As part of the user requested feature from [Gentoo-Bug #543878] eutils.eclass shows a warning regarding user applied patches in case of an error [Link 1]. However this warning will always be shown even if no user patch were applied at all (example: empty /etc/portage// directory). This commit add

Re: [gentoo-dev] [PATCH] eutils.eclass: Show death notice only when user patches were really applied

On 2016-08-22 09:30, Ulrich Mueller wrote: > I wonder if extending an obsolete feature is worth the effort. > In EAPI 6, epatch_user has been replaced by eapply_user. Well, I created the patch in November 2015 but never submitted it. Yesterday someone in #gentoo-dev also asked about that false-pos

[gentoo-dev] [PATCH v2] eutils.eclass: Show death notice only when user patches were really applied

As part of the user requested feature from [Gentoo-Bug #543878] eutils.eclass shows a warning regarding user applied patches in case of an error [Link 1]. However this warning will always be shown even if no user patch were applied at all (example: empty /etc/portage// directory). This commit add

[gentoo-dev] [PATCH v3] eutils.eclass: Show death notice only when user patches were really applied

Here's v3. Ulm suggested to get rid of the global EPATCH_N_APPLIED_PATCHES variable so that EAPI 6' environment stays clean. Thomas Deutschmann (1): eutils.eclass: Show death notice only when user patches were really applied eclass/eutils.eclass | 8 +++- 1 file changed, 7

[gentoo-dev] [PATCH v3] eutils.eclass: Show death notice only when user patches were really applied

As part of the user requested feature from [Gentoo-Bug #543878] eutils.eclass shows a warning regarding user applied patches in case of an error [Link 1]. However this warning will always be shown even if no user patch were applied at all (example: empty /etc/portage// directory). This commit add

Re: [gentoo-dev] newsitem: openrc runscript transition (draft 3)

On 2016-08-24 19:07, William Hubbs wrote: > I do not plan to drop runscript at this point, that will happen when > openrc-1.0 is released, which will be a while yet. ...and that's the reason why I don't think this needs a newsitem. There's _no_ problem and no _immediate_ user interaction is requir

Re: [gentoo-dev] newsitem: openrc runscript transition (draft 3)

On 2016-08-24 23:59, William Hubbs wrote: > Since OpenRC is used outside of Gentoo, a warning like this would have > to be: > > * /etc/init.d/test uses runscript and must be converted to openrc-run > * For more details see the OpenRC NEWS file > > because we don't know where or if the file will b

Re: [gentoo-dev] [PATCH v3] eutils.eclass: Show death notice only when user patches were really applied

Hi, now committed, see commit f7d866b62b. -- Regards, Thomas signature.asc Description: OpenPGP digital signature

[gentoo-dev] [PATCH] php-ext-source-r3.eclass: Add src_test function

php-ext-source-r3 eclass currently does not provide FEATURES=test support like php-ext-pecl-r3 eclass does. This commit will add and export the src_test function from php-ext-pecl-r3 eclass to php-ext-source-r3 eclass to allow testing of PHP standalone extensions as well. --- eclass/php-ext-source

[gentoo-dev] [PATCH] php-ext-source-r3.eclass: Add src_test function

Hi, I'd like to commit the following changes to php-ext-source-r3.eclass to add FEATURES=test support for PHP standalone extensions as well. The function itself is copied from php-ext-pecl-r3.eclass, so nothing new. Thanks. Regards, Thomas aka Whissi Thomas Deutschmann (1): php-ext-s

Re: [gentoo-dev] [PATCH] php-ext-source-r3.eclass: Add src_test function

On 2016-10-08 00:18, Thomas Deutschmann wrote: > [...] > > Thomas Deutschmann (1): > php-ext-source-r3.eclass: Add src_test function > > eclass/php-ext-source-r3.eclass | 14 +- > 1 file changed, 13 insertions(+), 1 deletion(-) Now committed: https://g

Re: [gentoo-dev] gpg: signing failed: Inappropriate ioctl for device

On 2016-12-11 15:13, gro...@gentoo.org wrote: > But this commit sits in my copy of the tree, and I cannot > push it. What can I do? You can't push because the commit isn't signed? If it is the last commit, just run `git commit --amend -S` If it isn't the last commit, try `git log` to get the com

Re: [gentoo-dev] [PATCH] linux-info.eclass: enable EAPI 7

t/commit/?id=c6b150836dfef848e51ec2cce801b12daf2c77b1 -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

[gentoo-dev] News item review: OpenSSH LDAP support

Hello everyone, please review the following news item. The 'xx'-es will be replaced with the publication date. --- Title: OpenSSH LDAP support Author: Thomas Deutschmann Posted: 2018-08-xx Revision: 1 News-Item-Format: 2.0 Display-If-Installed: net-misc/openssh When your sshd aut

Re: [gentoo-dev] [PATCH 0/3] GLEP 63: rationale part

on't use it, why do we care and enforce such a value? Well, if you take the *now* proposed "Foreword" into account I *could* arrange with such a statement because expiration date plays a role in the web of trust and GLEP 63 seems to be more than just a OpenGPG policy for commit/pus

Re: mcrypt status (Re: [gentoo-dev] Idea for a new project: gentoo-libs)

ll likely do something wrong. In favor of a better solutions which should prevent such a misuse, mcrypt was deprecated. See also: = [1] https://why-cant-we-have-nice-things.mwl.be/requests/deprecate-then-remove-mcrypt. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A7

[gentoo-dev] Last rites: sys-apps/microcode-ctl

# Thomas Deutschmann (05 Aug 2018) # Deprecated. Using recent microcodes with this package either won't work # or crash your system. Please change your setup and make use of kernel's # early microcode loading feature, see https://wiki.gentoo.org/wiki/Microcode # for more details. Rem

[gentoo-dev] Re: commit 50078fbbb39667734 for linux-info.eclass

Hi, just an acknowledge for the moment that kernel project has seen the request and is currently looking into this. Thanks. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

[gentoo-dev] Re: News item review v2: Migration required for OpenSSH with LDAP

Changes: * Incorporated suggestions by Peter Stuge * Package sys-auth/sakcl added --- Title: Migration required for OpenSSH with LDAP Author: Thomas Deutschmann Posted: 2018-08-xx Revision: 1 News-Item-Format: 2.0 Display-If-Installed: net-misc/openssh If your sshd authenticates against LDAP

[gentoo-dev] Re: News item review v3: Migration required for OpenSSH with LDAP

Changes: * Incorporated suggestions by Peter Stuge * Package sys-auth/sakcl added * Last sentence corrected --- Title: Migration required for OpenSSH with LDAP Author: Thomas Deutschmann Posted: 2018-08-xx Revision: 1 News-Item-Format: 2.0 Display-If-Installed: net-misc/openssh If your sshd

[gentoo-dev] Re: News item review v3: Migration required for OpenSSH with LDAP

On 2018-08-07 01:44, Thomas Deutschmann wrote: > Title: Migration required for OpenSSH with LDAP > Author: Thomas Deutschmann > Posted: 2018-08-xx > Revision: 1 > News-Item-Format: 2.0 > Display-If-Installed: net-misc/openssh > > If your sshd authenticates against LDAP,

Re: [gentoo-dev] [PATCH] use.desc: Improve description of USE=test

gs.gentoo.org/show_bug.cgi?id=664104. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [PATCH] use.desc: Improve description of USE=test

ional stuff didn't run due to USE=-test accidentally set by the user (in the past or was forgotten). The code above in an early phase like pkg_setup would prevent such a bad user experience, not? -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Gentoo i486 support

On 2018-08-22 16:30, Mike Gilbert wrote: > So +1 from me on removing -march=i686 from the x86 arch profile. +1 -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Changing policy about -Werror

or" creates undesired problems in most cases. Given that we have another rule that any package must respect user's CFLAGS any user or dev who care can add "-Werror" back to his/her CFLAGS... but don't force every user of Gentoo to deal with that. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Changing policy about -Werror

n architecture. Not a general failure. See x86 build.log, https://paste.pound-python.org/show/F1361Zp3aCHJLje8sBRe/ -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Changing policy about -Werror

really need to discuss this. Simply because everyone interested in "-Werror" *can* set that flag via CFLAGS, even just per package, whereas the majority, not interested in this, cannot do the same to filter "-Werror". Nobody advocating for "-Werror" replied to that fa

Re: [gentoo-dev] New copyright policy approved, please weigh your Signed-off-bys

alternative is cleaner. Especially, since there > are commits with a Signed-off-by line that don't comply with the > conditions of the Linux DCO. +1 for ignoring "Signed-Off-By" line until 2018-09-16 00:00:00. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Last rites: sys-process/vixie-cron

now, see https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0fd44962557b7870ac34c9b64f9bcfefc508f1e0 for details. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Signed-off-by verification incoming

_BY is present since 2013-04-22 20:01:29 -0700. So it should be available for all developers. > 3) Announce it ahead of time. I agree. Communication was bad. We should have included dev howto with that announcement. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2

[gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774

online. ;] Maybe it is time to destabilize ARM on Gentoo to stop the impression that we really support ARM. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774

r, this update is critical for anyone using something like net-dns/unbound with DNSSEC validation enabled (which isn't enabled by default but you are encourage to switch this on). -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 sig

Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774

ntion that again we have a lacking architecture (net-dns/dnssec-root is not the only package where ARM arch team is lacking behind) which affects anyone "trusting" somehow in STABLE keywords. If everyone is using ~ARCH and don't care about STABLE keywords, well, we could save a

Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774

words, too. If ARM can keep up I am quiet. But please, be honest. We don't need another HPPA. Nobody will win something if we tell world "ARM is a first class citizen in Gentoo" when it isn't (anymore). But if people would know it is ~ARCH, we would not disappoint expectations. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Is there any way I can help with pull requests?

iners project and deal with all those pull requests. Looking forward to see your Gentoo developer bug in near future! :-) -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] adding app-crypt/gentoo-keys to @system

27;t handle keyserver failures very well. I.e. no real timeout and switch to another server. But we enabled WKD a long time ago which fixed most problems for me because this will avoid normal keyservers in general. So I am wondering which problems do you have... -- Regards, Thomas Deutschmann / Gen

[gentoo-dev] Re: dev-libs/libaio: package up for grabs

On 2019-04-25 00:45, Gokturk Yuksek wrote: > The following package is up for grabs: > > dev-libs/libaio I'll take it. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [RFC] New QA policy: Packages must not disable installing manpages via USE flags

[1] https://gitweb.gentoo.org/repo/gentoo.git/tree/net-misc/iputils/iputils-.ebuild?id=ec886beb76dc342eec146f7e4d3785437c12bfa9#n159 -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

[gentoo-dev] [PATCH 1/3] savedconfig.eclass: Make save_config() re-use configuration file scheme used by restore_config()

From: Arfrever Frehtes Taifersar Arahesis Fixes: https://bugs.gentoo.org/686348 Signed-off-by: Arfrever Frehtes Taifersar Arahesis Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.eclass | 40 ++- 1 file changed, 27 insertions(+), 13 deletions

[gentoo-dev] [PATCH 2/3] savedconfig.eclass: Always quote filename in output

Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.eclass | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/eclass/savedconfig.eclass b/eclass/savedconfig.eclass index b96f55d4c27c..5c6fd228269c 100644 --- a/eclass/savedconfig.eclass +++ b/eclass/savedconfig.eclass

[gentoo-dev] [PATCH 3/3] savedconfig.eclass: Only check config file candidate once

Due to the injection of $CTARGET and $CHOST in file path we could end up with an already checked config file candidate if $CTARGET or $CHOST isn't used. This commit will make sure that we don't check the same file twice. Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.e

[gentoo-dev] Re: [PATCH 1/3] savedconfig.eclass: Make save_config() re-use configuration file scheme used by restore_config()

On 2019-08-03 15:31, Mike Gilbert wrote: > The summary line on this patch is too long. GLEP 66 states it must be > no longer than 69 characters. v2 will have summary line <=69 characters, thanks. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638

Re: [gentoo-dev] [PATCH 1/3] savedconfig.eclass: Make save_config() re-use configuration file scheme used by restore_config()

On 2019-08-03 18:20, Ulrich Mueller wrote: >>>>>> On Sat, 03 Aug 2019, Thomas Deutschmann wrote: > >> +# @ECLASS-VARIABLE: _SAVEDCONFIG_CONFIGURATION_FILE > > 31 chars? Seems excessive for a name of a private variable. And? I'll keep that name for readabil

[gentoo-dev] [PATCH v2 1/3] savedconfig.eclass: Re-use configuration file scheme

From: Arfrever Frehtes Taifersar Arahesis Make save_config() re-use configuration file scheme used by restore_config(). Fixes: https://bugs.gentoo.org/686348 Signed-off-by: Arfrever Frehtes Taifersar Arahesis Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.eclass | 40

[gentoo-dev] [PATCH v2 2/3] savedconfig.eclass: Always quote filename in output

Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.eclass | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/eclass/savedconfig.eclass b/eclass/savedconfig.eclass index f62a6055ffdb..1ea464271aff 100644 --- a/eclass/savedconfig.eclass +++ b/eclass/savedconfig.eclass

[gentoo-dev] [PATCH v2 3/3] savedconfig.eclass: Only check config file candidate once

Due to the injection of $CTARGET and $CHOST in file path we could end up with an already checked config file candidate if $CTARGET or $CHOST isn't used. This commit will make sure that we don't check the same file twice. Signed-off-by: Thomas Deutschmann --- eclass/savedconfig.e

[gentoo-dev] [PATCH] mount-boot.eclass: Fix ro check

Make sure we check only /boot mount and not any mount containing '/boot'. Closes: https://bugs.gentoo.org/691874 Signed-off-by: Thomas Deutschmann --- eclass/mount-boot.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eclass/mount-boot.eclass b/eclass/mount-b

[gentoo-dev] Re: [PATCH] mount-boot.eclass: Fix ro check

Hi, now pushed, https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7840e73dde3ff715806aff61708f134479581d9c -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [RFC] package.deprecated to mark packages deprecated and report dependencies

package.deprecated file we would have a check in real time against current repository. And once all CI warnings are gone you can commit the mask. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital

[gentoo-dev] [PATCH] autotools.eclass: drop outdated sys-devel/gettext blocker

All Signed-off-by: Thomas Deutschmann --- eclass/autotools.eclass | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/eclass/autotools.eclass b/eclass/autotools.eclass index 9143aa454d0d..9df0e1b93663 100644 --- a/eclass/autotools.eclass +++ b/eclass/autotools.eclass

[gentoo-dev] act-{user,group} & RDEPEND

ed PMs don't do at the moment what specification will allow them to do? Moving to (B)DEPEND will address the problem for non-binary package users only. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Re: [gentoo-commits] repo/gentoo:master commit in: eclass/

"must" and maybe clarify per-package exception and limit to update case if you believe that really *all* *new* eclasses must be send to mailing list. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Re: [gentoo-commits] repo/gentoo:master commit in: eclass/

sing anything I suggested to improve devmanual in case you believe this should be a hard requirement. Because at the moment I don't believe it should be a hard requirement, *I* will not propose any changes. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] Re: [gentoo-commits] repo/gentoo:master commit in: eclass/

ixing' devmanual. It's about *changing* devmanual which I *just* pointed out. But whoever will propose changing devmanual should support such a change because he/she will probably have to argue for that change. Something I cannot do when I like status quo like I do currently or have concerns.

Re: [gentoo-dev] [RFC] Using HTTPS mirrors only in thirdpartymirrors (when possible)

idate checksums for distfiles and thirdpartymirrors file is only used for distfiles. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] [PATCH v3 1/1] kernel-2.eclass: Support move of genpatches tarballs from /space/distfiles-local to devspace

rts with "https..."). I also tried that code and it's working fine for me... -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

Re: [gentoo-dev] RFC: Should the bot add PRs directly to TRACKER tickets?

changing packages to address the issue raised in tracker bug used that bug as reference. In other words: The initial failure was that no individual bugs per affected package was created... -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 7

[gentoo-dev] Last rites: net-misc/openssh-blacklist

# Thomas Deutschmann (2019-11-07) # EAPI 0. It's been almost a decade since that openssl bug. # Removal in 30 days. Bug #697218. net-misc/openssh-blacklist -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Descri

Re: [gentoo-dev] Package up for grabs: sys-apps/lsb-release

On 2019-11-07 18:57, Jeroen Roovers wrote: > sys-apps/lsb-release - Linux Standard Base version query program > > Low maintenance, but with six open bug reports. base-system will take that package. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638

[gentoo-dev] RFC acct-{user,group} for nginx

vers/nginx. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5 signature.asc Description: OpenPGP digital signature

  1   2   3   >