lifelessok,thats amusing:01:19
lifelessrobertc@lifelessgwy:/etc/ppp/ip-up.d$ sudo sudo do-release-upgrade01:20
lifelessChecking for a new ubuntu release01:20
lifelessNo new release found01:20
lifelessrobertc@lifelessgwy:/etc/ppp/ip-up.d$ less /etc/issue01:20
lifelessUbuntu 6.06.2 LTS \n \l01:20
wgrantlifeless: That's correct.01:26
wgrantlifeless: Dapper upgrades won't be activated until
lifelesswgrant: not according to https://help.ubuntu.com/community/HardyUpgrades01:27
lifelessit claims it should work now01:27
lifelesswgrant: I appreciate you may be right; but the docs out there disagree01:27
wgranthttp://changelogs.ubuntu.com/meta-release-lts says that the docs are wrong.01:28
wgrantYou might want to add a -p01:29
lifeless(because its pointing at dapper ? )01:29
wgrantBecause there's no Hardy in there.01:29
wgrantWhereas meta-release-lts-proposed does have it.01:30
lifelessk; I've not actually dug around the meta-release internals before01:30
lifelessthanks; I'll documentt his01:31
wgrantThey're what the upgrade tool uses to work out what's new.01:31
lifelessyes, I'm aware of the principle01:31
lifelessjust hadn't looked at the details01:31
wgrantDocumentation is good.01:31
lifelesstime to see how the upgrade goes01:32
lifeless(this machine has 96MB of memory)01:33
lifelessP133, firewall/cache for my home network. LOTS of disk - a whole 2.7GB01:34
lifelesssorry, 3.9GB, 2.7GB of which is used.01:34
wgrantI don't think I've run Ubuntu on anything that old.01:35
lifelessdigital obselescence is vastly exaggerated01:36
cody-somervillegrr... I hate how Firefox opens your homepage when you open a new window.04:32
* cody-somerville has his homepage set to 30 or so tabs.04:32
johanbrcody-somerville: Why not keep those 30 tabs as bookmarks or as a saved session instead?04:40
cody-somervillethats what I'll end up doing.04:40
chubs_cody-somerville: I feel sorry for your bandwidth04:42
* cody-somerville has only used 5GB this month :P.... he spends too much time at work :(04:42
=== n8k99_ is now known as n8k99
Tyrone_manHey everyone, I was wondering if there is a way to get an iso of intrepid, or do I have to work up from an existing system by a dist-upgrade to a given repo? Thanks05:26
RAOFTyrone_man: http://iso.qa.ubuntu.com/ ?05:27
persiaTyrone_man: There's no livecd yet, but the alternate CD has testing images from http://iso.qa.ubuntu.com/ : report success/failure please.05:27
Tyrone_manoh, thanks.05:28
* persia loses the race to RAOF again: maybe glue is the answer05:28
Tyrone_manI will see about a virtual install, but I'd like to let you all know of a little bug in hardy (for your safety). Sometimes, when deleting big (1gb+) files, the userfs will just go psycho and swell up the ram and swap, even after deletion, resulting in a HUGE slowdown, and misstypes at a terminal, such as messing a keystroke, along the lines of rm -R ./* to rm -R /* ... thus forcing you to type this from fedora..05:31
lifelesswhats an rfs, that you use it?05:41
Tyrone_manyea, the new gfs. Ya know, the big shiny upgrade that everyone was waiting for05:41
pwnguinoh that05:42
Tyrone_manI meant userspace fs05:42
Tyrone_mansorry, my bad05:42
pwnguinso this is a network mount?05:42
Tyrone_manIt was just a local partition on my disk, was doing some video editing, sent something to trash can while I was cleaning another dir, and bam... I figured it out when i hit 'ls' and got 'cannot locate /bin/ls' .. i was like :<05:44
Tyrone_manI'm sorry, did I mess that up again? It's gvfs isn't it? Or was that the old one... gfs is a network fs?05:46
pwnguinthe new gnome stuff is supposed to be a FUSE thing05:48
pwnguinnormally you shouldnt need that for a local partition...05:49
pwnguinmy suspicion is that deleting your large file triggered a copy05:50
Tyrone_manHmm, weird,05:50
pwnguinor maybe forced some actual deletions05:50
Tyrone_manYea, I never read up its spec more than it was outside the kernel05:50
pwnguinanyways, i know of a few people having performance problems in hardy with disk05:50
wgrantGVFS is the GNOME-VFS replacement.05:51
Tyrone_manyea, probably a copy, it went from a 200mb ram usage to 999mb in 5 secons, then in 1 minute it flooded my swap05:51
wgrantGFS is a different filesystem altogether.05:51
pwnguini believe gvfs is what this topic is about ;)05:51
Tyrone_manI see, that makes sense, thanks for the correction. It makes sense, I remember something from the kernel config on fs's05:51
wgrantThere kernel knows nothing of GVFS.05:52
wgrantBut GVFS uses FUSE, which the kernel does know about.05:52
Tyrone_manAh, so FUSE is a new generic api for userspace?05:52
pwnguinbut a performance problem who knows05:52
RAOFWell, gvfs doesn't really use fuse.05:52
pwnguinFUSE aint new05:52
wgrantRAOF: For non-GVFS apps it does.05:52
pwnguinRAOF: waa?05:52
RAOFwgrant: Right.05:52
RAOFBut anything using gvfs itself won't be touching fuse.05:53
Tyrone_manI see05:53
Tyrone_manBut FUSE is just an api, correct?05:53
pwnguinthat statement seems wrong but i dont know where05:54
RAOFKinda. It's also a kernel module.05:54
Tyrone_manSo it's a modular module api.05:54
Tyrone_manI see05:54
pwnguinplus some processes05:54
RAOFYup.  The fuse module farms out the actual filesystem access to external processes.05:55
pwnguinits sorta a microkernel approach to filesystems05:55
wgrantThat's a fairly good way of putting it, pwnguin.05:55
Tyrone_manI recall that implies lag from call to action05:55
wgrantOf such an incredibly small amount it's probably not noticable, but sure.05:55
RAOFThere's _always_ lag from call to action?05:56
Tyrone_manRight, I was looking into microkerns when reading up on Hurd05:56
wgrantFUSE will introduce a tiny bit more.05:56
lifelessits called clock cycles :P05:56
wgrantBut nothing at all significant.05:56
RAOFRight.  But not of a qualitatively different kind.  You'll still block on a blocking write, etc.05:56
pwnguinfuse will introduce copy problems etc05:56
lifelessso its a bug in pqm/bzrlib05:56
RAOFpwnguin: Really?  In what way?05:56
pwnguinbut for stuff that isn't disk, its invaluable05:57
lifelessmeh echannel05:57
RAOFlifeless: :)05:57
RAOFpwnguin: Oh, you mean needing to copy data from userspace to kernelspace?05:58
pwnguinRAOF: correct me if im wrong, but with sshfs, incoming data is written to the ssh process, then to the destination, etc05:58
RAOFDunno about the specifics.  It would of course be perfectly possible.05:59
pwnguinthats the traditional microkernel argument05:59
pwnguinextra copying to move data around, extra context switches05:59
Tyrone_manextra possibilities to toast your drive??06:00
Tyrone_manor, rather, your mem?06:00
lifelesscopying is orthogonal, thats what the MMU allows us to prevent06:00
pwnguinif swap went through the roof it was an application06:00
pwnguinTyrone_man: its going to be very hard to diagnose your problem with the OS blown out of the way etc =(06:01
RAOFlifeless: Mapping parts of someone else's address space to your own?06:01
Tyrone_manHey, nothing was writting to the file, it was dead. Its done this many times, in various ways, but yea. Always when trashing it, not doing RM. Well, I still saved my /home and /root06:01
lifelessRAOF: handing off data via zero-copy06:02
pwnguin0 copy messaging06:02
Tyrone_manmaybe a dumb question, but is the trashing function handled by a script or an actual compiled app? I never really noticed either way.06:07
pittiGood morning06:50
* slangasek waves06:50
* bliZZardz smiles06:52
* StevenK waves to pitti 06:53
StevenKpitti: Would you mind casting your gaze over bug #195260?06:53
ubottuLaunchpad bug 195260 in mailscanner "MailScanner won't start due to variable $FIELD_NAME" [Undecided,Fix committed] https://launchpad.net/bugs/19526006:53
pittiStevenK: right, looks like v-done06:54
StevenKpitti: So it gets slammed into -updates and the Hardy task closed?06:55
pittiStevenK: yes06:55
StevenKpitti: Make it so, when you have a chance :-)06:55
StevenKpitti: Thanks :-)06:56
=== tkamppeter_ is now known as tkamppeter
* StevenK checks intrepid's NEW queue06:57
* StevenK wonders how libhildonthumbnail-dev is in testing and unstable and not intrepid06:59
geserGood morning pitti07:07
StevenKpitti: Could you be convinced to pull that over?07:07
pittihey geser07:07
dholbachgood morning07:21
* pitti hugs dholbach07:24
* dholbach hugs pitti back07:25
pittiStevenK: weird, no idea why the autosync scripts don't pick that up07:27
StevenKpitti: Me neither07:27
StevenKpitti: It seems to be a perfect candidate07:27
pittiE: libhildonthumbnail-dev: not found07:27
StevenKpitti: That's a binary package name07:28
pittioh, hildon-thumbnail07:28
StevenKMaybe it failed to build07:28
* StevenK digs07:28
pittiStevenK: we have a much newer version07:28
StevenKOh, hildon-thumbnail-dev07:29
* StevenK will stop being thick soon. Hopefully.07:29
=== hunger_t is now known as hunger
=== Zic_ is now known as Zic
fabbionesuperm1: ping?08:15
pittihey fabbione, good morning!08:15
pittifabbione: sorry, dude, for not winning the championship this time :)08:15
fabbionepitti: hey man...08:16
fabbioneit's ok.. Spain did play much better than Italy08:16
fabbionethey for sure deserve to go further more than we do :)08:16
superm1fabbione, pong, but only on the condition that it's quick. i'm headed to bed in a few minutes08:16
fabbionesuperm1: yeps. very..08:17
fabbionedpkg: error processing /var/cache/apt/archives/libmyth-0.21_0.21.svn20080607-0.0_amd64.deb (--unpack): trying to overwrite `/usr/lib/libmythlivemedia-0.21.so.0.21.0', which is also in package libmyth-0.21-008:17
fabbionei know this is happening becuase i have a mixed archives08:17
superm1that looks like weekly builds08:17
superm1or something08:17
fabbioneubuntu + debianmultimeida08:17
superm1oh yuck08:17
superm1why did you do that?08:17
pitti\o/ different package names08:17
fabbionebecause there are a couple of packages i need from there08:17
fabbioneand i am pretty sure i am not the only one08:18
fabbionecan we either sync package names08:18
fabbioneor perhaps be smart and nice to fools like me and add a C/R/P into our packages?08:18
superm1well honestly anything that we "need" from debian multimedia should be pulled into ubuntu multiverse at minimum08:18
fabbionei am pretty sure you can't pull everything...08:19
superm1but i'll talk to marillat about syncing up to our package naming standards08:19
superm1its a little nicer the way we do it08:19
fabbionethat would be sort of nice08:19
fabbioneit's really nothing urgent for me08:19
fabbionelet's get this straight.. just very nice to have08:19
superm1well remember that d-m is not necessarily binary compatible08:19
superm1so if there are packages that you need, lets try to at least get those in ubuntu?08:19
fabbioneget some sleep.. i will try to remember what i need from there :)08:20
fabbionethis installation is somehow X years old :)08:20
superm1there is a filter in synaptic that shows you where stuff comes from08:20
superm1it might be useful to you08:20
* fabbione doesn't even have synaptic installed...08:21
persiafabbione: apt-cache policy?08:22
fabbioneyeah.. no worries.. i just need to remember the packages first08:22
persiaAh.  I was thinking of some pipe that fed the results of grep-dctrl on your debian-multimedia packages.gz into apt-cache policy to make you a handy list.08:23
* fabbione ponders a much simpler solution with apt pinning08:25
=== jscinoz_ is now known as jscinoz
=== LucidFox is now known as LucidFix
=== LucidFix is now known as LucidFox
=== ryu2 is now known as ryu
=== asac_ is now known as asac
=== slangasek changed the topic of #ubuntu-devel to: frozen: Ubuntu 8.04.1 | Development of Ubuntu (not support, not application development on Ubuntu) | #ubuntu for support and general discussion for dapper/feisty/gutsy/hardy, #ubuntu+1 for intrepid | #ubuntu-motu for getting involved in development | http://wiki.ubuntu.com/UbuntuDevelopment | See #ubuntu-bugs for http://wiki.ubuntu.com/HelpingWithBugs
=== fta_ is now known as fta
seb128is launchpad working correctly for other people?10:10
seb128it sorts of work for me but I've to retry several times on some pages because it's being slow or something10:11
seb128I don't get errors but pages just don't load10:11
slangasekseems too be working for me10:11
seb128hum, ok10:11
cody-somervilleslangasek, please accept bug #232364 as release critical.10:23
ubottuLaunchpad bug 232364 in xfce4-utils "dbus-launch hangs at session start waiting on socket output in libxcb" [Critical,In progress] https://launchpad.net/bugs/23236410:23
slangasekcody-somerville: from what I read in scrollback over the weekend, we don't have a confirmed fix for that yet?10:24
cody-somervilleslangasek, I believe I have a fix so that Xubuntu logins won't freeze.10:24
cody-somervilleslangasek, It doesn't fix the libxcb issues, just avoids them10:24
cody-somervilleslangasek, I'm working very hard to get it tested and will be doing uploads today.10:24
slangasekok, I'm happy to include that if you can get it SRUed today10:24
slangasek(or tomorrow, even, but today is better :)10:25
persiaBe nicer to fix the xcb issues.  Might also help with bug #8794710:25
ubottuLaunchpad bug 87947 in libxcb "xcb_xlib.c:50: xcb_xlib_unlock: Assertion `c->xlib.lock' failed." [High,Fix released] https://launchpad.net/bugs/8794710:25
persia(which is broken for multiverse non-free java, so can't be fixed there)10:25
cody-somervilleWell, we could recompile without libxcb10:25
cody-somervillebut I don't think we have time for the point release10:26
slangasekyeah, I haven't responded to the email thread yet, but I'm not keen on "completely change how we're building libX11" as a last-minute SRU for .110:26
slangasekto be accurate, I'm not keen on it as an SRU at all :)10:26
cody-somervilleslangasek, it is either that or wait 4-6 weeks for the next stable release of libxcb10:27
cody-somervilleWhich will introduce massive changes10:27
cody-somervilleMassive, untested, changes10:28
slangasekI'm going to go with option C10:28
cody-somervilleis that all of the above?10:28
slangasekI don't know what it is yet, but I'm assuming it's better than the other two ;)10:28
* persia removes the Java considerations from any influence on SRU: that's only interesting for intrepid.10:28
cody-somervilleI thought Java stuff was fixed in hardy?10:29
persiacody-somerville: For some JREs (the ones for which we have source).10:29
persiaslangasek: Is there a handy tool that generates the list of CD-inclusive packages, or is it just the union of the various seeds for the various derivatives?10:30
slangasekpersia: the latter10:30
persiaslangasek: Ah.  Thanks in advance for your difficult and patient processing of the hardy-proposed queue :)10:31
slangasekheh :-)10:32
cody-somervilleslangasek, fyi, upstream thought disabling xcb in Hardy was the best way to go.10:33
mvoBenC: removing-old-kernels looks really excellent!11:02
wgrantThanks ionbotu.11:04
ion_(Read: “it’s not here, so URL please”)11:05
* mvo was reading https://wiki.ubuntu.com/KernelTeam/removing-old-kernels11:07
ion_mvo, benc: I suggest making hardlinks instead of copying.11:09
persiaion_: Can you guarantee it's the same filesystem?11:12
ion_persia: do_cp() { cp -al "$@" || cp -a "$@"; }11:13
persiaion_: That works :)11:13
wgrantIt's only copying within /boot and /lib, so it shouldn't be a problem.11:14
ion_Better make sure to fall back to copying anyway.11:14
* persia has /boot and /lib on different partitions11:14
wgrantpersia: Right, but it's copying within those two, not between them.11:14
persiaAh.  "within" :)11:15
wgrantIf you have subdirectories of both on different filesystems, you've probably got bigger problems.11:15
ogradid anyone here ever try to use gnome bugzilla through https  ?11:19
ogratheir cert seems *really* boked ... FF complains all the time with popups11:26
TheMusocjwatson: With my community hat on, I'm happy to take care of yaboot-installer if you don't have time for it, and if you are ok with me doing it.11:31
cjwatsonTheMuso: I think kirkland was doing it; the first time round his merge was a bit busted, but I need to look at it again11:39
TheMusocjwatson: oh ok.11:40
* cjwatson has another look11:40
cjwatsonliw: you might want to look at https://wiki.ubuntu.com/KernelTeam/removing-old-kernels too and see how it relates to your plans11:41
cjwatsonkirkland: how are things going with yaboot-installer, anyway?11:47
=== jpds_ is now known as jpds
=== jpds is now known as Guest29283
=== mneptok_ is now known as mneptok
=== Simira_ is now known as Simira
dokoasac, pitti: bug #211309: I don't see how the code requires the xulrunner -dev package.12:18
ubottuLaunchpad bug 211309 in icedtea-gcjwebplugin "[hardy] Java plugin not registered in Firefox 2" [Undecided,Confirmed] https://launchpad.net/bugs/21130912:18
=== pitti_ is now known as pitti
=== lifeless_ is now known as lifeless
asacdoko: do we really want to support ffox 2?12:24
asacdoko: how do you link? do you use pkg-config?12:24
dokoasac: sure, using xulrunner-1.912:28
asacdoko: how?12:29
dokoasac: http://launchpadlibrarian.net/15062865/buildlog_ubuntu-hardy-i386.icedtea-gcjwebplugin_1.0-0ubuntu7_FULLYBUILT.txt.gz12:30
asacdoko: how is the MOZILLA check done?12:31
dokoasac: using pkg-config12:31
asacwhat .pc file is used?12:32
dokoPKG_CHECK_MODULES(MOZILLA, mozilla-plugin libxul-unstable, [MOZILLA_FOUND=yes], \12:33
doko  [MOZILLA_FOUND=no])12:33
asacdoko: does it build without libxul-unstable?12:34
dokoasac: no, we had this discussion last year ...12:34
asaccant remember12:34
asacand using firefox-2-dev doesnt work either?12:35
dokoasac: for both firefox2 and firefox3?12:36
asacdoko: ah right. since its xpcom and we dont have the glue files in firefox 2, we cannot build it for both at the same time12:38
asacdoko: i would just invalidate that bug if i was you12:38
asacotherwise we might need a SRU for firefox-2 to provide the complete sdk12:39
dokohurray for sane packaging ;-p ok, will do that12:39
=== elmo_ is now known as elmo
asacdoko: well. i didnt't put much work into that for obvious reasons12:40
asacand iirc we already discussed that we cannot do it :)12:41
liwcjwatson, yeah, that page is on my todo list12:44
ograasac, https://bugs.gnome.org/show_bug.cgi?id=359592 is there a way to avoid getting a popup about the ssl cert on *every* action ?12:49
ubottuGnome bug 359592 in general "don't use OpenGL savers if no hardware support" [Normal,Unconfirmed]12:49
ograi even get it if i switch to a differnt tab12:50
asacogra: i dont get a ssl cert popup except for the first time12:54
ograi get a sec_error_untrusted_issuer error every time i switch towards or away from the tab12:56
asacogra: ok. thats != every action :)=12:56
* asac tries12:56
asacogra: nope12:56
asacogra: accept cert. stop browser12:56
asacmaybe you never close it (as usual) and some settings need to be safed?12:57
ograthats what i get in my face all the time12:59
ograand i restarted the browser etc12:59
asacogra: yeah. i see that dialog too, but just one time per session13:00
asacogra: i think its a bug, but its not as bad as you see it13:00
ogra_thats what i get in my face all the time13:02
ogra_and i restarted the browser etc13:02
asacogra: got that13:02
asac14:00 < asac> ogra: yeah. i see that dialog too, but just one time per session13:02
asac14:00 < asac> ogra: i think its a bug, but its not as bad as you see it13:02
ogra_good, i wasnt sure13:02
ogra_well, i'll switch to non https for gnome in the future ... its just so heavily in your face13:03
asacI have to do something else today. remind me tomorrow and I'll try to figure figure whats going on.13:03
ogra_it wont make 8.04.1 anyway, i guess we have time to look at it :)13:03
asacogra_: yeah. if it re-pops up everytime its pretty annoying i presume13:04
asacogra_: most likely not. but you never know :)13:04
ogra_right, as i said no prob to switch to http instead ...13:04
ogra_i rarely put confidential data in public bugtrackers anyway, no real need for https13:05
ogra_and i mean, in the end gnome should just fix their cert :)13:05
=== ogra_ is now known as ogra
* asac applaudes13:05
* ogra scratches head about the tuxtype package ... the only diff i have are two translations there, no code or packaging diffs ... 13:10
mvoogra: then sync it :P13:11
ograwell, i dont want to lose the translations (and dont want to upset translators), i guess i'll file a debian bug and attach them so holger can pull them in13:12
cjwatsonanyone want to take my netbase merge?13:12
cjwatsonoh, hey, Reinhard already caused himself to be assigned to it :-)13:13
ograis it big ? apart from ltsp i'm nearly done13:13
cjwatsonshouldn't be too bad13:13
ogratedg, how about xscreensaver ?13:13
ograits idling on MOM since a while :)13:14
mvoogra: yes13:14
mvoogra: I'm poking it right now13:14
ogramvo, xss ?13:14
mvoshould be good again13:14
mvooh, sorry13:14
mvoI mean mom was ideling for a day or so13:14
mvonow its updated again13:14
siretartcjwatson: wh00ps. I guess I need to do it then ;)13:14
tedgtedg: ?13:15
tedgogra: ?13:15
tedg(wow, that was funny)13:15
ogratedg, http://merges.ubuntu.com/x/xscreensaver/REPORT13:15
tedgogra: Would you sponsor it from my PPA?13:16
ograsure, got something there already ? else ping me if its ready for upload13:17
tedgtedg: Yeah, it's there already.13:18
ograoh, https://launchpad.net/~tedg isnt you it seems :)13:18
tedgogra: https://edge.launchpad.net/~ted-gould/+archive13:18
tedgogra: Can one get an alias in LP?13:18
ograyup, there now13:18
mvothere is a sponsoring request for xss in dholbach page too13:19
mvo(just fyi)13:19
tedgYeah, I'm trying to figure out how that guy didn't have problems with the Debian and Ubuntu URL patch.13:20
ogramvo, right, but without having bene assigned to ted for a while, i am (and want to be) just the upload bitch :)13:20
seb128ogra: GNOME doesn't use broken certs?13:21
ograseb128, bugzilla tells me so, see the screenshot ...13:22
seb128never had a such issue and I use bugzilla daily13:22
ograseb128, with https or http ?13:23
Ngit's a self-sign cert13:23
ograyou have to approve it first anyway13:23
seb128ogra: dunno, whatever is the default13:23
ograbut usually it doesnt show any further error messages ... here i get a popup every time i change tabs13:23
seb128I don't think I ever got a such error messages, but I'm using epiphany-browser and not firefox13:24
* ogra sighs about packages using quilt in the clean target 13:28
cjwatsonogra: just wanted to draw your attention to bug 242315 - sorry about the mess there13:28
ubottuLaunchpad bug 242315 in tuxpaint-stamps "please sync tuxpaint-stamps 2008.03.01-1 from debian unstable" [Undecided,Fix released] https://launchpad.net/bugs/24231513:28
ogracjwatson, i commented, the op fixes seem to be in debin13:30
MacSlowin a package I've to merge I've in the ubuntu-variant: (= ${Source-Version}) and in the debian-variant: (= ${binary:Version})13:30
cjwatsonogra: I didn't see them in the new debian/rules; were they done in the upstream source instead?13:30
cjwatsonMacSlow: the Debian variant is superior13:31
ograhmm, i saw them in rules, wrid13:31
MacSlowcjwatson, ah ok thanks13:31
* ogra checks again13:31
cjwatsondefinitely not there13:32
ogra(sorry my line is maxed out with the xss upload ... takes a min)13:33
MacSlowDoes each dpatch-based patch have to start with a unique ordinal number?13:35
cjwatsonMacSlow: (further information in the deb-substvars(5) manual page)13:35
cjwatson(for Source-Version et al)13:35
dokopitti: what does your comment for the bonnie++ sync mean? it's not yet synced13:35
cjwatsondoko: looks like the start of an abortive sync run; i.e. something went wrong with the bot13:37
cjwatsondoko: oh, I know. the Debian version is less than the current Ubuntu version13:37
cjwatson1.03c+nmu1 < 1.03ubuntu1 - so we can't sync, you have to invent a version number and merge. I think the nearest we have to best practice is 1.03ubuntu2, merge the changelog, and explanatory comment13:38
dokoargh ... yeah for a "debian native" tarball13:38
cjwatsondoko: looks like your merge in hardy should have been 1.03bubuntu1, not 1.03ubuntu113:39
=== pgraner__ is now known as pgraner
dokocjwatson: hmm, no, it was 1.03aubuntu113:42
cjwatsondoko: no, that was the gutsy merge13:42
cjwatsonI'm looking at the changelog right now ;-)13:42
cjwatsonbonnie++ (1.03ubuntu1) hardy; urgency=low13:42
cjwatsonbonnie++ (1.03b) unstable; urgency=low13:42
cjwatsonbonnie++ (1.03aubuntu1) gutsy; urgency=low13:42
dokohmm, mom doesn't show this version ...13:43
cjwatsonmom may be confused due to Ubuntu being newer13:43
cjwatsonbut that's what's in the archive13:43
* doko merges ...13:44
cjwatson(cf. https://launchpad.net/ubuntu/+source/bonnie++)13:44
cjwatsonsoren: mind if I merge console-tools?13:46
sorenNot at all.13:46
sorenIn fact, I'd appreciate it if you did :)13:46
cjwatsonit's a clean merge anyhow13:47
asacogra: intrepid or hardy?13:49
ograasac, hardy13:50
* Ng curses thinkpad trackpoints for their wandering pointer syndrome13:51
ion_I have had no problems with them.13:51
Ngboth of mine will just wander off in a straight line for a few seconds every now and then13:52
Ngwhich is great when you have sloppy focus and don't realise ;)13:52
ion_Funny. I have never encountered that.13:52
SpadsI've run into it pretty often13:53
ograNg, that only gets intresting at password input :)13:53
Spadsthat's why I stick to the touchpad for switching focus13:53
=== emgent_ is now known as emgent
Ngogra: I'm pretty paranoid about that, thankfully :)13:54
tedgSpads: How do you have the touchpad change focus independent of the trackpointer?13:57
mvomine too13:58
Spadstedg: I don't.  I just don't move the trackpointer because it will wander after13:58
* tedg is trying to come up with some mischief based on this new information... I need a blowgun...14:00
asacogra: give the latest nss a try from my ppa14:03
asacogra: https://edge.launchpad.net/~asac/+archive14:03
ograwill do14:04
BenCion_: It already is making hard links :)14:26
ion_benc: Alright, good.14:27
=== fbond_ is now known as fbond
BenCion_: And the good thing is, depmod and update-initramfs unlink before updating, so there's no chance of modifying what's in last-good-boot14:29
ion_benc: Wouldn’t it be better to write to a temporary file and then move it over the old one instead of unlinking and then writing?14:33
BenCion_: If depmod did that, it would taint the files I've saved in last-good-boot14:34
BenCSo no, that would not be better14:34
BenCBut I assume you meant, write a tmp file, unlink and rename, which is what happens14:35
=== pitti_ is now known as pitti
ion_benc: Ah, i misunderstood.14:35
BenCbut the point was that with hardlinks, I had to make sure programs that modified the files I saved away didn't overwrite them14:35
dholbachseb128: is your stock-reply script the 'newest one' or is somebody maintaining their version of it more actively?14:52
seb128dholbach: mine is all but the newest one, I didn't change it since the oslo sprint14:53
dholbachOK :)14:53
seb128dholbach: kees wrote a nice one where you can add entries directly in the webbrowser, etc but when I tried it was not working under epiphany-browser so I stayed on my version14:53
dholbachseb128: right now it's the only one I can find14:53
seb128james_w: hi, will you do the gnome-system-tools merge or should I look at it?15:03
kirklandTheMuso: yeah, i started yaboot-installer, but didn't finish it...  cjwatson gave me some great feedback, but I hadn't gotten a chance to pick it back up15:04
TheMusokirkland: Ok.15:04
james_wseb128: hi, I started to take a look the other day, but it was a bit larger than I had time for then. I'm happy to look again if you are busy with other things.15:04
kirklandTheMuso: I'll forward you cjwatson's review, if you'd like15:05
seb128james_w: let's say that I'm not looking for extra work at the moment so if you want to look at it you are really welcome ;-)15:05
TheMusokirkland: If you don't have time to go through with finishing it, sure I'll have a poke, that might be useful, in case there is something I need to be aware of.15:05
james_wseb128: sure, I'll get to it once I've finished my current task, hopefully today.15:06
mvodoko: do you mind if I take the opensp merge?15:06
seb128james_w: there is no hurry, any time this week will be alright15:06
cjwatsonTheMuso: feel free to just upload once you're done15:06
kirklandTheMuso: sent15:07
TheMusocjwatson: Ok, it won't e tonight now, but I'll get to it tomorrow evening. :)15:07
TheMusokirkland: Thanks.15:07
dokomvo: please go ahead, working through my outstanding merges from the bottom of the list15:09
mvodoko: thanks15:10
mvodoko: you can remove "recode" from your list too, its a sync (I just filed a request)15:16
=== thekorn_ is now known as thekorn
kirklandTheMuso: hey, if you won't be offended, I'll take another crack at the yaboot-installer merge and run it by you.  That's the only merge I've attempted using bzr rather than deb, and cjwatson pointed out a few fundamental things I did wrong.15:25
TheMusokirkland: I'm easy. I don't remember seeing a bzr branch for it anywhere...15:25
seb128mvo: what syncs are you looking at?15:28
pittiRiddell: does KDE use PolicyKit anywhere?15:28
seb128doko: you can remove scim-anthy from your list too15:29
mvoseb128: I can not do syncs myself, but I just requested one for recode (not urgent at all)15:31
cjwatsonalready processed15:31
mvowoah, thanks :)15:32
Riddellpitti: no :(15:33
pittiRiddell: oh, hm; I'm just changing jockey to use PK15:33
wgrantPackage, Policy, or somethingelse, Kit?15:34
pittiRiddell: however, if jockey-kde just continues to run as root, that will be transparent15:34
pittiwgrant: both actually eventually, but PolicyKit for now15:34
pittiI moved the backend bits into a D-BUS service15:34
wgrantRight, I thought both would be applicable.15:34
pittisince with the current version some bits are really awkward15:34
Riddellpitti: so ideally it would use some kde policykit thing and work properly?15:34
pittire (sorry, doorbell)15:49
pittiRiddell: the only thing which is really necessary is the "authentication agent"15:50
pittiRiddell: i. e. the thing which presents which auth is requested and asks for your password15:50
pittiRiddell: http://hal.freedesktop.org/docs/PolicyKit-gnome/ref-auth-daemon.html has some screenshots15:50
pittiRiddell: the rest is UI independent (all just D-BUS services)15:50
pittiRiddell: but if the frontend continues to run as root for now, the dialog is not necessary15:51
pittisince root already has all possible PK privileges implicitly15:51
pittiRiddell: (policykit-kde would be a nice bounty or GSoc project, I think)15:51
pittiback in 30 mins15:52
dholbachbryce, soren: did you get any weird bug reports about the mouse cursor just moving in the top left 50x20 pixels in an intrepid KVM guest?15:57
asacogra: could you test?15:58
dholbachit feels like the map of mouse movement is scaled from 1024x800 (or whatever it is) to 50x20 (or whatever it is)15:58
dholbachit sucks :)15:58
sorendholbach: Not that I've noticed. That doesn't mean they aren't there, though. I'm still way behind on LP bug mail.15:58
ograasorry had a long phonecall and some other cleanup to do afterwards, i'll test it right now, gimme a min to update15:58
ograasac, ^^^15:59
dholbachsoren: do you think it'd make sense to compare an intrepid xorg.log of a working guest with my broken one?16:00
tkamppeterSomeone here who knows about svn-buildpackage and the Perl infrastructure?16:00
asacogra: thx16:00
jclintondoes Ubuntu have an equivalent of the NMU process?16:01
jclintoni'm Gnome Games upstream maintainer and we're drowning under duplicates generated from a bug in Ubuntu's version of python-support16:02
jclintondebian's copy was patched this morning16:02
jclintonhoping someone in Ubuntu can get the fix in today16:02
seb128jclinton: the intrepid ubuntu version has been fixed by mvo too I think16:02
ograasac, hmm, it forgot about the cert completely now, i have to re-allow it16:02
dholbachjclinton: https://wiki.ubuntu.com/SponsorshipProcess explains how to get a fix uploaded16:02
jclintonseb128: the drowning is coming from hardy users16:02
jclintondholbach: i'm not an ubuntu dev16:03
asacjclinton: we dont need a term for that as we are not maintainer focussed, we work in teams and its considered an exceptional procedure to upload a package you havent touched before16:03
ograasac, and the popup is gone :)16:03
asacogra: funny16:03
asacogra: can you please file a bug so we can get this "crash" fix into 8.04.1?16:03
seb128jclinton: that is not going to be fixed quickly, hardy updates are frozen for 8.04.1 and it usually take a least one week for an update to be tested, etc before being actually moved to hardy-updates16:03
ograasac, will do16:03
* Lightkey goes to play another round of GNOME Mines :-D16:03
dholbachjclinton: right - it explains how to get a fix uploaded if you're not part of the ubuntu-dev team16:04
asacogra: let me know16:04
jclintonalright, i'll just have gnome bugzilla maintainers blacklist the bug reports from ubuntu then16:04
seb128jclinton: what are the upstream and ubuntu bug numbers for the issue?16:04
jclintonseb128: i'll grab, a moment16:05
seb128jclinton: you can still try, I doubt they will do that ;-)16:05
wgrantIt was a pretty impressively long bug when I saw it a few hours ago.16:05
seb128well, as always when bug-buddy send duplicates16:05
seb128we stop it for C program but nobody adapted the python code to do that16:05
jclintonseb128: http://bugzilla.gnome.org/show_bug.cgi?id=524665 and http://bugs.debian.org/48651616:06
ubottuGnome bug 524665 in glchess "Unable to import 'main' on startup" [Critical,Resolved: fixed]16:06
jclintonseb128: we have an autoreject policy for bugbuddy16:07
jclintonseb128: it's a pain to do it and its not perfered but this kind of case is why its there16:07
seb128jclinton: right, I know how the GNOME bugzilla works, you can add bugs to the autoreject list16:07
seb128jclinton: but the criterious is on the bug content, not the distribution16:07
cjwatsonis this a regression from hardy in hardy-updates?16:07
jclintonseb128: right16:08
jclintoncjwatson: yes16:08
cjwatsonhow can that be? glchess and python-support are not in hardy-updates16:08
seb128cjwatson: not likely, python-support didn't change there16:08
jclintoncjwatson: sorry i mean to say that python-support's unstable version is in hardy16:08
cjwatsonalthough gnome-games is newer in hardy-updates16:08
seb128wgrant: oh, 100 duplicates is a small count16:09
cjwatsonjclinton: the bug appears to have been introduced by python-support's triggers support, which is not in hardy16:09
ograasac, bug 242379 for you16:09
ubottuLaunchpad bug 242379 in nss "constantly shows popups with certification errors on some pages" [Undecided,New] https://launchpad.net/bugs/24237916:09
seb128I doubt that's the same bug16:09
cjwatsonpython-support | 0.7.5ubuntu1 |         hardy | source, all16:09
seb128what cjwatson said16:09
cjwatsonif there is a regression from hardy to hardy-updates, it should be fixed regardless of the freeze16:10
jclintonthere are two ubuntu users there confirm that it is in hardy16:10
cjwatsonbear in mind that Ubuntu users may have deliberately chosen to upgrade parts of their system to intrepid but not said so16:10
cjwatsonthe version of Ubuntu they supply in bug reports basically only confirms the version of base-files16:10
jclintonhrm... and bugbuddy can't collect that information...16:11
seb128the bug has been opened upstream on 2008-03-2716:11
seb128so I doubt that's a regression16:11
seb128and there is not an increase in the duplicates16:11
seb128in the duplicates rate rather16:12
jclintonso, since i'm not an ubuntu user, what does someone have to do to install glchess right now? (which should have been removed from the repos two years ago)16:12
jclintondo they have to install parts of intrepid?16:13
seb128jclinton: and we don't package glchess out of gnome-games16:13
jclintonseb128: it was standalone before it was part of gnome-games16:13
wgrantseb128: We do...16:13
wgrant!info glchess hardy16:13
ubottuglchess (source: glchess): 2D/3D chess interface. In component universe, is optional. Version 1.0+debian-1 (hardy), package size 191 kB, installed size 1800 kB16:13
stgrabersynced from debian, same version in the archive since gutsy it seems16:14
seb128wgrant: we don't split the gnome-games version out I meant16:14
cjwatsonglchess is still in Debian unstable too16:14
jclintonyea, working on that one in those channels, also16:14
jclintonbut in any event, it should cause the insanity with python-support even if they are both in the repos16:15
seb128glchess and gnome-games have packaging conflicts16:16
seb128you can't install glchess if you have gnome-games installed16:16
jclintonseb128: right16:16
seb128so I doubt those users are using the glchess universe package16:16
jclintonseb128: the problem is when glchess is uninstalled and gnome-games is installed in the same apt transaction16:16
jclintonseb128: they are16:16
seb128are you sure?16:17
jclintonseb128: yes16:17
jclintoni've recreated the same thing in debian unstable and have two confirmations from ubuntu hardy users16:17
seb128I'm not sure why so many users would like to install glchess when it's already installed as part of gnome-games16:17
dokoseb128: will we demote scrollkeeper for intrepid?16:17
seb128doko: likely yes16:17
jclintonseb128: because our 3d is broken because of an xorg driver fuckery16:17
jclintonseb128: they are almost certainly trying to get 3d to work16:18
seb128  File "/usr/sbin/update-python-modules", line 125, in install_modules_func16:18
seb128    raise "Trying to overwrite %s which is already provided by %s"%(os.path.join(dir,file),otherdir)16:18
seb128Trying to overwrite glchess/game.py which is already provided by /usr/share/python-support/gnome-games-data16:18
seb128glchess doesn't install on hardy for me16:18
jclintonyou have to do it manually to go TO glchess16:19
* ogra hugs seb128 frantically, reading that scrollkeeper answer 16:19
jclintonbut doing it in reverse works16:19
seb128ogra: ;-)16:19
seb128jclinton: I've tried to sudo apt-get install glchess and I run into this issue16:19
jclintonseb128: i'm getting exhausted defending my claim that this really is a bug in ubuntu; if you don't want to believe me i'll just resort to the blacklisting method16:20
seb128jclinton: heh, calm down, I don't deny anything, I'm just trying to understand the issue16:20
jclintonseb128: i am happy to provide you with any information that i have16:21
seb128jclinton: you come here, say that the has to be fixed today or you will reject ubuntu bugs and point to a python-support bug which doesn't concern the hardy version16:21
seb128jclinton: I can understand you are frustrated by the issue but let's try to be constructive16:21
jclintonseb128: hold and i'll show you why it does16:21
jclintonseb128: a moment16:21
siretartcjwatson: netbase merged, ifupdown has had an "cleanup" NMU upload only, so I don't plan to work on that16:21
seb128jclinton: having a testcase would be nice16:22
seb128jclinton: I don't get why the standalone glchess bugs would go to bugzilla.gnome.org16:22
seb128if those users are really installing the glchess package you should get no bug16:22
jclintonseb128: still getting you the info but the bug happens after they install glchess and discover that its worse and decide to go back to gnome-games16:27
dholbachcan anybody give me their Xorg.0.log of a working KVM intrepid guest?16:28
seb128jclinton: I did install glchess and gnome-games back on my hardy system and I didn't get the bug, maybe there is some extra steps required ...16:29
jclintonseb128: so perhaps these people really do have parts of intrepid installed?16:29
seb128the bugzilla bug has been opened before hardy16:30
seb128and there is most like a python-support issue somewhere, but not sure how to trigger it16:30
jclintonseb128: the first half of the bug was our own stupidity16:30
jclintonseb128: that was fixed in ubuntu's upload of
seb128looking at some recents duplicates now16:31
jclintonseb128: i /think/ this is the root cause: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=44673016:33
ubottuDebian bug 446730 in bittornado "bittornado: fails to start: ImportError: No module named BitTornado" [Grave,Closed]16:33
jclintonseb128: the 'fix' was uploaded to debian in 0.7.516:33
jclintonseb128: which may or may not be part of the ubuntu version16:33
seb128hardy has 0.7.5 yes16:34
jclintonseb128: either way the fix points to a more fundamental problem with python module overwrites16:34
seb128ok, I managed to get the bug16:36
seb128that's a corner case16:36
jclintonfor my own edification, what did you have to do?16:36
seb128have gnome-games installed16:37
seb128sudo apt-get install glchess16:37
seb128there is a file conflict between this one and gnome-games-data but gnome-games-data doesn't get remove because the packaging conflict is only on gnome-games16:37
seb128so you are in a broken installation state16:37
jclintonseb128: ah; someone doing this via synaptic would have no idea?16:38
seb128on the first try I remove gnome-games-data to have the packaging system in a consitant state16:38
seb128and reinstalled gnome-games16:38
seb128if you reinstall gnome-games directly you are screwed16:38
jclintonseb128: ok i can file a bug against gnome-games in launchpad for the conflict16:38
seb128or they would get an installation error but can revert to gnome-games16:38
=== thekorn_ is now known as thekorn
seb128jclinton: would be nice, I'll do a sru adding the conflict16:39
* mvo hugs seb128 for finding this error16:39
jclintonseb128: but really glchess should not be in the repos16:39
seb128sru = stable update16:39
jclintonok awesome16:39
seb128jclinton: well, it's there because some people might want it and not the whole gnome-games, it's coming from debian16:39
seb128you can try to convince them they should not have it16:39
seb128but everybody is not a GNOME user ;-)16:40
jclintonseb128: looks like theres already a few dups of this in your LP16:41
jclintonseb128: i'll get you the oldest16:41
seb128jclinton: thanks16:41
jclintonseb128: https://bugs.launchpad.net/ubuntu/+source/glchess/+bug/13850916:42
ubottuLaunchpad bug 138509 in glchess "package glchess None [modified: /var/lib/dpkg/info/glchess.list] failed to install/upgrade: trying to overwrite `/usr/share/applications/glchess.desktop', which is also in package gnome-games" [Low,Confirmed]16:42
jclintonseb128: i see 6 other dups; i'll marks then as such16:42
seb128jclinton: this one is fixed in fact16:42
seb128jclinton: gnome-games Conflicts on glchess16:43
seb128the issue is gnome-games-data now16:43
seb128(the .desktop are in gnome-games)16:43
jclintonseb128: but glchess should conflict with gnome-games-data dont we agree?16:45
seb128jclinton: yes16:45
seb128jclinton: in fact I'll change gnome-games-data rather16:46
seb128to make it conflict on glchess16:46
jclintonseb128: ok16:47
MacSlowI've a merge-related question...16:47
seb128jclinton: https://bugs.edge.launchpad.net/ubuntu/+source/gnome-games/+bug/23486516:47
ubottuLaunchpad bug 234865 in gnome-games "Package glchess fails to install and ask removal of gnome-games" [Unknown,Confirmed]16:47
seb128jclinton: I'll use this bug16:47
MacSlowin the REPORT for planner files debian/control and debian/control.in are marked to need work16:47
MacSlowbut <something>.in is the template from  which <something> is generated16:48
seb128MacSlow: control is autogenerated when doing clean16:48
MacSlowdo I really have to touch both?16:48
jclintonseb128: ok16:48
seb128MacSlow: no, just the control.in16:48
ograMacSlow, i usualy only change .in16:48
MacSlowseb128, ok... just needed assurance16:48
ograbut do a testbuild to confirnm its really used16:48
* ogra had packages with ,in files that werent in the past16:49
seb128jclinton: thanks for your help on the issue, the fix will be uploaded today16:49
MacSlowogra, I've a pbuilder environment setup by now and tend to use that before I "upload" (read: ask you folks for sponsorship)16:49
jclintonseb128: and thank you as well, especially for your patience16:49
jclintonseb128: much appreciated16:49
seb128always happy to work with upstream and fix issues ;-)16:50
seb128doko: ups, I synced scim-hangul a bit quickly, there was still an ubuntu change, you might want to do the merge still ;-) (or I'll fix it later but I've to go for sport soon)17:09
dokoseb128: I did ask ArneGoet1e to merge the scim-* packages, I'm not doing those today17:11
seb128doko: ok, thanks17:13
seb128ArneGoet1e: ^17:13
=== pitti_ is now known as pitti
=== Amaranth_ is now known as Amaranth
=== mrpouit is now known as mr_pouit
=== smarter_ is now known as smarter
ograKeybuk, do i understand right that 70-persistent-net.rules replaces iftab nowadays ?18:41
ogra(i have an edubuntu user where the devices seem to flip around on every boot)18:41
=== effie is now known as effie_jayx
ion_ogra: AFAIK yes.18:51
zuljcastro: ping19:01
jcastrozul: pong19:01
zuljcastro: can you register bugs.mysql.com into launchpad?19:02
jcastrozul: certainly19:02
zuljcastro: thank you19:02
* ogra thoguht they switched to LP19:02
ograwhy didnt they switch the bugtracker as well ?19:02
jcastrohmm, what kind of bugtracker is it?19:03
zuljcastro: its based on the php.net one19:04
jcastrodoes lp support it?19:04
zulI dunno :)19:05
ubottuLaunchpad bug 74449 in malone "Add support for MySql and PHP bugtracker." [Medium,In progress]19:05
zulmerci buckets19:05
Tyrone_manHey everyone, just checking in to let you know that virtual machine install from yesterdays alt-i386 iso was a no go. Missing the generic restricted kernel package19:50
kirklandsoren: one other weakness in the regexes is that they both require that the path is double-quoted20:30
kirklandsoren: is that a big deal to you?20:30
sorenkirkland: Only a bit.20:32
kirklandsoren: this works better: echo PATH=\"~/bin:blah\" | grep "^PATH=.*[:\"]~/bin[:\"]"20:34
kirklandsoren: well, see the regex at the end of that cut-n-pastable test20:34
kirklandsoren: actually, I could strip the quotes out with a first sed20:36
kirklandsoren: and put them back in with a second one20:36
kirklandsoren: hmm, but i don't like that...  makes the sed -i inline bit wierd20:37
kirklandsoren: so are you still in favor of prepending, or are you comfortable with appending in both new installs and upgrades?20:39
soren"^PATH="?(~/bin|.*:~/bin)[:$\"]\"?" perhaps?20:39
sorenkirkland: Well, I would have said prepend, but Jamie has a good point in the ~/bin/ls attack. It's a long shot, but that's the case for most vulnerabilities.20:40
kirklandsoren: right20:41
jdstrandnot to mention, people can use 'alias' if the want to override a system command20:41
kirklandsoren: ~/bin/ls was my reasoning for the safe/conservative approach20:41
sorenAlthough, .bashrc prepends it.20:41
slangasekI think it's fairly typical to want to prepend20:42
jdstrandhmm, I don't like it20:43
slangasekhaving the system directories listed first to prevent a command being overridden doesn't buy you any security - who has write access to your ~/bin directory that doesn't also have write access to your .bashrc20:43
jdstrandbut I setup my PATH on my own, and wasn't aware that there was precedent for prepending20:43
sbeattieeven without security considerations, if you have buggy scripts that don't fully list pathnames, you can get weird errors due to name collisions with scripts in ~/bin/20:44
slangasektrue, but that's a "so don't write buggy scripts then" :)20:45
sbeattieUh, yeah, "don't write buggy software" is working so well for our underworked security team. :-)20:45
slangasekhey, the security team doesn't have to support anything users put in ~/bin >:)20:46
jdstrandslangasek: while technically you are correct regarding writable .bashrc vs prepended ~/bin, I think certain attacks may find ~/bin more interesting or easier to implement than .bashrc edits, but that gets us into an even less likely scenario20:48
jdstrandslangasek: not to mention that .bashrc already does it, so if we don't in /etc/environment, that is inconsistent20:49
kees.bashrc already does it?20:49
sbeattieslangasek: sure, but you can waste a lot of time figuring out that something is broken due to that issue, even if in the end you get to say "not my problem". Not that I'm speaking from experience here.20:49
jdstrandkees: soren said yes20:50
jdstrandI'm looking into it20:50
keesjdstrand: where?20:50
keesor rather20:50
keessoren: where does ~/bin go into bashrc on a default system?20:50
keesI don't see it in /etc/skell or /etc/bash.bashrc20:50
jdstrandkees: .profile20:51
jdstrand./.profile:    PATH="$HOME/bin:$PATH"20:51
jdstrandthat's in /etc/skel20:51
keeskirkaldn actually... would that work better than ~ ($HOME)20:52
keeskirkland: ^^ (I can't type)20:52
keesyay I have my ~bin in two places in my path.20:52
sbeattiekees: since you're underemployed, do you think someday /etc/skel/ could contain tmp/ ?20:53
kirklandkees: hmm, i ran into a couple of issues in my testing, when using $HOME/bin in /etc/environment20:53
sbeattiekees: hah! I have /opt/wabi/bin in my path, I haven't used wabi in a good 10 years.20:54
keessbeattie: afaik, it's been a xdg (or maybe just fedora?) plan to have per-user tmp dirs20:54
sorenkirkland: Sorry, I have a few things around the house I need to handle....20:54
jdstrandheh-- apparently I noticed this at some point-- I commented it out of my ~/.profile20:54
kirklandsoren: okay, i couldn't get your suggested regex to work correctly20:54
* kees holds his head20:55
keesargh path20:55
keesthis is pretty goofy20:55
keesshould we _remove_ the .profile prepending?  This really smells like it needs a full spec20:56
kirklandsorry to stir up another pooh storm :-)20:56
jdstrandwell, I certainly am n favor of it20:56
kirklandautomatically prepending ~/bin seems all around dangerous20:56
kirklandwilling and knowledgable users can certainly do so20:57
kirklandbut if we're going to set this up automatically for users (as I am in favor of), I'd think appending would be the safest way to go20:57
slangasekI believe the difference between safest and unsafest here is trivial20:58
slangasekwhereas the difference in convenience may be substantial20:58
jdstrandhonestly, from a usability point of view, I think that we must be consistent20:59
kirklandjdstrand: what does that mean?21:01
jdstrandit looks like it happened way back in 2.04-6 or so21:01
jdstrandkirkland: it means we should be consistent with .profile, otherwise the patch doesn't work right (ie you still don't get the same environment you are striving for)21:02
kirklandjdstrand: okay21:02
jdstranddebian bug #67714 references it as recently changing21:02
ubottuDebian bug 67714 in bash "/etc/skel/.bash_profile: the ~/bin setup of PATH is not ok." [Wishlist,Closed] http://bugs.debian.org/6771421:02
jdstrandthat was back in 2000 :)21:02
jdstrandperhaps that is when I noticed it, and changed it in my own .profile ;)21:03
jdstrandhey, that was on the beloved woody21:04
kirklandjdstrand: i agree with your comment for consistency21:05
kirklandjdstrand: at least between ~/.profile and /etc/environment21:05
* jdstrand nods21:05
=== joejaxx_ is now known as joejaxx
slangaseksuperm1: preliminary mythbuntu CDs are available for 8.04.1 at http://cdimage.ubuntu.com/mythbuntu/hardy/current/, if you would care to give them a smoke test21:22
mario_limoncielllaga, ^ if you've got a few cycles.  otherwise i'll give a run tonight or tomorrow night21:24
kirklandslangasek: mario_limonciell: I have a new mythbuntu box to install... i'll give them a go too....21:24
lagamario_limonciell: ugh, not tonight, sorry21:25
mario_limoncielllaga, did you update the kernel version in the base seeds?21:25
mario_limoncielllaga, or have you lately?21:25
kirklandslangasek: your url wasn't quite right.... http://cdimage.ubuntu.com/mythbuntu/hardy/daily/current/21:25
mario_limonciellthen most definitely those are broke right now21:25
mario_limoncielllaga, could you commit a fix to the branch for that?21:25
lagai haven't been doing stuff on the alternate disks since the release. which is a shame.21:25
lagaya, will do.21:25
* laga hangs his head in shame21:26
slangasekkirkland: ah yes, sorry21:26
slangasekI should delegate all URL composition to my browser :)21:26
=== emgent is now known as emgent`
mario_limoncielland then kirkland pull tomorrow's disk if you can21:28
mario_limoncielllaga, do you know if Daviey has rolled the new live's yet on hardy?21:28
slangasektomorrow's disk?21:28
mario_limonciellslangasek, they're not dailieis?21:28
kirklandmario_limonciell: ah, okay21:28
lagamario_limonciell: -19 is the current kernel, right?21:28
lagamario_limonciell: no clue about daviey21:28
* kirkland cancels his current download at 40%21:28
slangasekmario_limonciell: they're not being built on a daily basis, no21:28
mario_limonciellslangasek, oh.  well after laga commits the change for the kernel bump, can you queue up one more?21:29
slangasekmario_limonciell: sure21:29
kirklandmario_limonciell: ping/remind me when new iso's go up and i'll test them out21:29
mario_limonciellokay great.  Thanks!21:29
lagamario_limonciell, slangasek: okay, i've just pushed rev 118321:31
lagai think you need to merge it?21:31
* slangasek watches gvfsd-smb-browse suddenly decide not to do Kerberos authentication, and pulls out his hair21:32
slangaseklaga: pushed it to where, please?21:33
lagaslangasek: heh, sorry! http://bazaar.launchpad.net/%7Emythbuntu/ubuntu-seeds/platform.hardy/21:34
slangaseklaga: hrm?  what needs to be changed in platform?21:34
slangasekwell, I guess I'll see if I try to merge it :)21:34
lagaslangasek: ah. i guess now comes the part mario_limonciell warned me about.21:35
kirklandslangasek: jdstrand: soren: kees: so is the consensus then to have the libpam-modules.postinst script *prepend* ~/bin, in order to be consistent with ~/.profile?  And, at the point in which we decide *appending* is better, we'll change both at the same time?21:35
lagaslangasek: we have our own platform.hardy.21:35
lagaslangasek: because we need a different set of packages. or something like that.21:35
jdstrandkirkland: unfortunately, I think we need to do that for consistency, unless we are prepared to change bash now21:35
slangaseklaga: ummm.  that defeats the purpose of the "platform" seed21:35
keesI would prefer to start with it correct (appended).21:35
jdstrandI'd rather change both21:35
slangasekwhich is to have a common seed for shared components21:35
mario_limonciella problem came up that the platform seed wasn't working when updating the metas21:36
mario_limoncielland there were extra components in it that weren't desirable afaik21:36
lagaslangasek: yes. i'll let mario_limonciell explain it. he also warned me that you were going to yell at me  ;)21:36
slangasekmario_limonciell: is something already implemented to make the CD building scripts look at this platform seed?21:36
Davieyand it was leaving crap behind, wasn't it?21:36
jdstrandkees: that defeats the purpose of kirkland's patch though21:36
mario_limonciellsomehow it gets pulled correctly during build yes slangasek21:36
=== beuno_ is now known as beuno
jdstrandkees: the problem is ultimately that the enviroments are different-- granted, appending gets it closer, but not the same21:37
mario_limonciellDaviey, i dont know that it was leaving stuff behind, but a lot of extra stuff got pulled in via it21:37
slangasekmario_limonciell: because AFAICS, the right way to do this would be to keep a single mythbuntu.$dist repo and just have it not inherit from the platform seeds <shrug>21:37
mario_limonciellyeah i agree21:37
mario_limonciellsomeone had suggested to adopt the platform seed since everyone else was doing it21:37
slangasekmario_limonciell, laga: anyway, if debian-cd is already looking at this seed, then I shouldn't need to do anything wrt merging21:37
mario_limoncielland then things started to break21:37
lagaso no merging needs to be done.21:37
jdstrandkees: I'd like to change bash *and* append in pam21:37
lagayeah, sorry for the confusion21:37
Davieymario_limonciell: ahh, didn't we try and remove the extra stuff or something.. and that was the problem. Geez it was so long ago, i can barely remember21:37
keesjdstrand: I think that's good21:38
* laga hands out cookies to anyone involved21:38
jdstrandkees: which is good?21:38
sbeattiejdstrand: I concur with changing both to append, despite my below zero influence in this matter.21:38
kirklandjdstrand: kees: okay, so i'll need to form two patches....21:38
jdstrand 521:39
kirklandjdstrand: kees: an updated one for pam, that APPENDS ~/bin in both the "new install" and "update" case (with the exceptions that soren mentioned)21:39
kirklandjdstrand: kees: plus a patch to bash that creates a .profile wthat APPENDS ~/bin21:39
jdstrandkirkland: that is a hearty +121:40
keesyeah, sounds right.21:40
jdstrandI *might* even go 1.521:40
* kirkland is ready to put this issue to bed and get back to ecryptfs :-)21:40
jdstrandit always nice getting *everyone* to weigh in on a 4 line patch21:41
* kees mutters about 1 line patches21:41
kirklandjdstrand: kees: does this need a new LP bug, or shall I continue to use 64064 ?21:41
jdstrandkirkland: bash needs a new bug21:41
kirklandjdstrand: okey doke, doing that now21:41
kirklandkees: one more question...  I see the one-line to be changed in skel.profile ... but again are we concerned about "fixing" this for upgrading users?21:43
jdstrandkirkland: while you didn't ask me, sed'ing user's .profiles makes me feel a little nauseated21:45
jdstrandjust a little21:45
kirklandjdstrand: agreed!21:45
jdstrandkirkland: though it is a good question :)21:45
kirklandjdstrand: sorry for not addressing you on that one :-)  no offense21:45
kirklandkees raised it last time21:46
jdstrandkirkland: none taken21:46
keeskirkland: er, well, we shouldn't change users's .profiles, but we should deal with /etc/skel/profile in a fashion similar to the pam patch21:47
* jdstrand may have misinterpreted kirkland's question based on kees' response21:48
keesI saw a few questions, so maybe I'm confused too21:48
kirklandkees: jdstrand: i think i understand....21:48
kirklandkees: jdstrand: don't "fix" user's .profiles (I wasn't planning on) ... but do "fix" /etc/skel/profile (which was my question)21:49
* jdstrand feels considerably less nauseated now21:49
keesright, good.  heh21:50
emgentcongrats ember21:53
emgentwelcome in ubuntu family.21:53
emberthanks emgent21:54
slangasekmario_limonciell, laga: new mythbuntu hardy image up21:56
lagagreat! kirkland ^^21:56
kirklandlaga: sweet!21:56
mario_limonciellthat was fast21:56
kirklandno kidding, mario_limonciell21:56
slangasekwell, hopefully I wasn't too fast for seed propagation ;)21:57
mario_limonciellaccording to http://cdimages.ubuntu.com/mythbuntu/hardy/daily/20080623.2/hardy-alternate-i386.list looks good to me21:58
mario_limoncieller why did that show up in bold?21:59
lagadidnt do that here22:00
CaesarIs there a known issue with the Hardy alternative installer?22:05
CaesarWe're seeing problems downloading installer components22:06
slangasekthe alternate installer should not normally need to download any installer components, it should be self-contained on the CD?22:06
CaesarPXE boot man22:06
CaesarToday it's complaining about apt-mirror-setup22:07
CaesarOn Friday it was a different udeb22:07
CaesarWe updated the installer today, because I saw someone had respun it22:07
slangasekapt-mirror-setup has a newer version in hardy-updates; could be a mirror sync issue of some kind?22:08
CaesarCould be22:08
CaesarOn Friday it was kickseed-common22:10
kirklandkees: jdstrand: http://pastebin.ubuntu.com/22434/22:16
* kirkland notes that the grep/sed regex is very tight, will only match if the sysadmin has not modified the default value of PATH in /etc/skel/.profile ... kirkland calls this a "feature".22:17
Tyrone_manSorry for interupting, I just tried today's iso for alt-i386, linux-generic doesn't work still, only the specific 2.6.26 kern entry, due to lack of restricted modules, and then pkgselect will not initiate. I can get a booting root shell, but as of yet, no applications22:20
jdstrandkirkland: so you are only changing it on upgrade if the path is $HOME/bin:$PATH. I like it22:22
jdstrandkirkland: should the compared bash version be 3.2-0ubuntu18?22:22
jdstranddpkg --compare-versions "$2" le 3.2-0ubuntu1922:22
jdstrand+bash (3.2-0ubuntu19) intrepid; urgency=low22:23
jdstrandkirkland: or use lt-- I like lt better personally22:23
kirklandjdstrand: good catch, agreed on lt22:23
CaesarIs there a way to get more information out of anna about why a udeb retrieval failed?22:25
Caesar"Loading apt-mirror-setup failed for unknown reasons. Aborting" doesn't really tell you much...22:26
jdstrandkirkland: stylistic point-- I generally like to separate out the files modified. I think it makes it slightly more clear22:26
jdstrandkirkland: eg:22:26
kirklandjdstrand: sure, in the changelog, okay22:26
slangasekCaesar: I think there should be more information in the logs, which are normally on ttys 3 and 4?22:26
jdstranddebian/skel.profile: put $HOME/bin at end of path22:27
jdstranddebian/bash.postinst: <something fairly specific>22:27
jdstrandkirkland: not that you need to change it now-- but maybe it makes sense to you. I think it makes it easier when merging22:27
Caesarslangasek: negative22:28
CaesarIt just mentions it's queuing it for download22:28
CaesarIt's quite unhelpful22:28
kirklandjdstrand: sure... i'll rev another one right now22:28
jdstrandkirkland: note, when outside of debian/, it is often not required, but in debian/, I think it makes it easier22:29
kirklandjdstrand: would I mention the (LP: #242479) on both, one, neither?  the first or the second?22:30
kirklandjdstrand: obviously not "neither" :-P22:30
jdstrandkirkland: what is the original bug again?22:31
jdstrandkirkland: (the pam one)22:31
kirklandjdstrand: https://bugs.edge.launchpad.net/ubuntu/+source/pam/+bug/6406422:31
ubottuLaunchpad bug 64064 in pam "would be nice to add ~/bin to the default PATH" [Wishlist,Fix released]22:31
jdstrandkirkland: yeah, just the bash one22:31
kirklandjdstrand: sorry, my question is whether I put it on both lines?  now that there is one for each file I touched?22:32
jdstrandkirkland: oh, can do:22:32
jdstrand* References22:32
jdstrand  LP: #NNNNNN22:32
jdstrandkirkland: in this case, it's clear cause it's just the one22:33
jdstrandkirkland: othertimes you can do:22:33
jdstrandjust on the first one22:34
jdstrandfirst listed22:34
jdstrandkirkland: it isn't a hard and fast rule, mind you :)22:34
kirklandjdstrand: patch updated: http://pastebin.ubuntu.com/22436/22:35
kirklandjdstrand: if that's good, i'll attach to the bug and perhaps you can sponsor22:35
jdstrandkirkland: sure no problem22:36
jdstrandkirkland: I like the text, it's very clear22:37
kirklandjdstrand: patch attached to https://bugs.edge.launchpad.net/ubuntu/+source/bash/+bug/24247922:38
ubottuLaunchpad bug 242479 in bash "~/.profile should append, rather than prepend $HOME/bin" [Low,In progress]22:38
kirklandjdstrand: I'll subscribe you22:38
* jdstrand nods22:39
cjwatsonCaesar: you have to use the installer image in hardy-updates22:40
cjwatsonCaesar: the one in dists/hardy became bust once stuff started to be duplicated in hardy-security/updates22:40
kirklandcjwatson: hey, good news... i floated your idea of a "root_squash" to mhalcrow (kernel ecryptfs maintainer) and he's working on a patch, says it's relatively trivial22:42
cjwatsonok, great22:42
kirklandcjwatson: jdstrand and I talked about something similar this weekend22:42
cjwatsonbad news is I hate your ~/bin munging22:42
cjwatsonit's totally pointless and a waste of effort, no security relevant22:42
cjwatsonjust leave it the way it is, it's just fine!22:42
cjwatsonTyrone_man: I processed the relevant linux-restricted-modules binaries this morning, so tomorrow's should be better, thanks22:43
kirklandcjwatson: at this point, tis mainly a consistency-thing...  i have a separate patch for /etc/environment in PAM22:43
kirklandcjwatson: there seems to be some back/and/forth about whether we prepend or append22:43
cjwatsonconsistency with what we've done so far is far more important22:44
kirklandcjwatson: i think we all agreed that it should be the same in both /etc/skel/.profile and /etc/environment (wrt to prepending/appending)22:44
cjwatsonpeople hate distros changing defaults back and forward on this kind of thing22:44
cjwatsonI agree that it should be the same in different login modes, yes22:44
kirklandkees and jdstrand both leaned toward appending in both cases22:44
cjwatsonI think the security arguments are completely specious22:45
keesfor note, my opinion was based on utility, not security.  it seemed like a bad idea to override system tools with things in ~/bin, but I'm sure that's a matter of opinion.  :)22:45
cjwatsonthe situation this will break is as follows:22:46
kirklandi thought it was something a user should do "consciously"22:46
kirkland(ie, override system tools)22:46
cjwatsonuser has been maintaining ~/bin for years across a variety of Ubuntu installations22:46
cjwatsonuser installs a new Ubuntu system, and copies over their ~/bin like they always did22:47
cjwatsonsome time later, user notices that some random script doesn't work, and gets horribly confused22:47
keesokay.  so, in the case of the /etc/environment change, it should also prepend?22:47
cjwatsonit may well have been a conscious decision at some point, but now we're requiring them to make it again, long after they've forgotten making it22:47
cjwatsonit should be a consistent rule across the system that user customisations override the system by default22:48
cjwatsonand that we don't mess around with user customisations22:48
cjwatsonsorry to be blunt, and I know I'm coming late to this, but I feel quite strongly about the general principle22:49
Caesarcjwatson: that's just awesome22:49
seb128slangasek: hey, could you consider the gnome-games upload I just did for 8.04.1? It adds a gnome-games-data conflicts on glchess, the non conflict leads to a broken gnome-games installation and upstream seems to get quite some duplicates from users running into the issue22:52
kirklandcjwatson: kees: okay, i can drop the bash patch, and mark "invalid" ....  but the pam /etc/environment should probably prepend ~/bin to be consistent.  would this be acceptable?22:52
jdstrandcjwatson: I take your point about user customizations. I did mention that the risk was low, but I don't think it's completely specious22:53
pwnguinseb128: on a related note, is it really a good idea to have bug reports go directly to upstream?22:53
jdstrandcjwatson: I am not arguing against you for leaving it as is either22:53
seb128pwnguin: if the issue is an upstream one, yes22:53
cjwatsonjdstrand: ok, we may have to agree to disagree on that (low vs. specious) :-)22:53
jdstrandcjwatson: I can accept that :)22:54
kirklandjdstrand: are you willing to concede the point, and are we back to prepending?22:54
cjwatsonI think that road leads to things like writing C code where scripts would be more appropriate because otherwise it's easier to modify the code22:54
seb128pwnguin: we often just forward the bug and act as a gateway between bug trackers, which is not really efficient, if you are able to open the bug upstream directly that's better22:54
cjwatsonkirkland: /etc/environment makes sense if $HOME expansion is possible there and if PAM clients actually handle that properly (i.e. have set $HOME when they run pam_env)22:55
pwnguinseb128: that has to generate some amount of friction in the cases where its not an upstream problem22:55
seb128if the bug is something we should consider for the current ubuntu version you might want to open the bug in launchpad too and add a watch on the upstream bug22:55
jdstrandkirkland: to me, cjwatson's point outweighs the risk, and I'm glad he weighed in22:55
seb128pwnguin: well, I said "if the issue is an upstream one"22:55
pwnguinseb128: as far as i know, none of our tools can place blame correctly ;)22:56
seb128none of the tool open bugs automatically either22:56
kirklandcjwatson: i have tested extensively....  all of the major window managers (Gnome, KDE, XFCE) handle it properly, and the Bourne-compatible shells do (bash, ash, dash, ksh)22:56
seb128you always have an user confirming the action22:56
seb128pwnguin: I'm not sure to get the question now22:57
cjwatsonkirkland: well, the shells don't deal with /etc/environment, normally22:57
pwnguinwhen glchess crashes, a bug-buddy window opens up22:57
cjwatsonI was thinking more login, sshd, etc.22:57
kirklandcjwatson: and to be precisely, "~/bin" works with more shells than "$HOME/bin" does, and so my pam patches have used "~/bin"22:57
seb128pwnguin: if you know the issue is an upstream one you can open it directly in their bug tracker, if you don't know open it in launchpad and we will do the work for you22:57
=== effie is now known as effie_jayx
seb128pwnguin: that's bug #88227, patches are welcome22:58
ubottuLaunchpad bug 88227 in gnome-python "should not run when apport is used" [Low,Confirmed] https://launchpad.net/bugs/8822722:58
cjwatsonkirkland: hmm, so you're saying that literally '~/bin' ends up in getenv("PATH")? That sounds a bit sketchy - doesn't the libc need to support that in order for that to be reliable?22:58
kirklandcjwatson: right, so I've tried login, ssh, and gdm/kdm22:58
cjwatsonkirkland: I was thinking it would be much more appropriate to actually expand $HOME in getenv("PATH")22:58
cjwatsonit should be /home/cjwatson/bin:... not ~/bin:...22:58
seb128pwnguin: we disable bug-buddy for crashers22:59
seb128pwnguin: there is just not so many programs using gnome-python and bug-buddy integration and nobody did the work to disable that code when apport is used yet23:00
kirklandcjwatson: yes, if ~/bin is in PATH in /etc/environment, then yes, ~/bin ends up in getenv("PATH").  same goes for $HOME/bin.23:00
kirklandcjwatson: it seemed to me that the bourne-compatible shells eval $PATH, and other shells do not23:00
cjwatsonkirkland: if ~/bin is in getenv("PATH"), execlp does not wok23:00
cjwatsonit has to actually be expanded to work reliably23:01
cjwatsonshells might get this right, but other programs that use execvp or execlp directly will fail23:01
cjwatsonkirkland: demonstration: http://paste.ubuntu.com/22449/23:02
kirklandcjwatson: okay, so in the bug i was originally fixing, a user wants to hit "alt-f2" in Ubuntu/Gnome, and type "ff"--their firefox wrapper they put in /home/user/bin/ff and it just "work"23:02
cjwatsonkirkland: this may need to be fixed by having pam_env expand something in /etc/environment23:03
cjwatsonrather than just using the value verbatim23:03
cjwatsonkirkland: try ${HOME}/bin:...23:04
kirklandcjwatson: k23:04
cjwatson/usr/share/doc/libpam-doc/html/sag-pam_env.html documents that as the proper method23:04
cjwatsonhowever, that may only work in pam_env.conf23:04
kirklandcjwatson: no difference if I put ${HOME}/bin in /etc/environment23:04
cjwatsonworth a try, though, and would seem like the best thing to support if a PAM extension is needed23:05
pwnguinseb128: thanks for the explaination. I wondered why they were going immediately to GNOME, now it makes more sense23:05
cjwatsonOK, I think that you need to extend pam_env to expand that, then23:05
cjwatsonI absolutely agree this ought to be fixed, but we can't rely on shell expansion23:05
seb128pwnguin: writting the patch to not use bug-buddy there should not be too hard, it's somewhat on my todo list23:05
seb128pwnguin: you are welcome to work on it if you want though ;-)23:06
pwnguinat the moment I don't know enough python to make it happen any time soon23:06
kirklandcjwatson: the expansion needs to be in pam_env, then?23:07
cjwatsonyeah, the PATH environment variable must be expanded23:07
cjwatsonpre-expanded I mean23:07
kirklandcjwatson: is that the only variable i should worry about expanding?23:08
kirklandcjwatson: or should it be a full eval?23:08
kirklandcjwatson: sorry, I meant $HOME23:08
cjwatsonthe semantics of environment variables depends on what uses them23:08
cjwatsonbut I think it would be generally appropriate to apply ${...} expansion to everything in /etc/environment, even though it's technically a behaviour change; however slangasek should have a say there23:09
cjwatsonit would definitely be confusing to expand PATH but not others23:09
kirklandcjwatson: okay, i've marked 242479 invalid.23:13
kirklandcjwatson: i'm looking at pam_env.c to see how painful env variable expansion will be23:13
kirklandcjwatson: this patch http://halcrow.us/~mhalcrow/patches/ecryptfs-excl-access-20080623.txt (untested) would allow a mount-time option, ecryptfs_exclusive_access_uid=1000, that the kernel would respect by not serving read/write requests to any other uid (even root).23:16
cjwatsonsounds reasonable23:17
slangasekseb128: gnome-games> glchess is in universe; SRU yes, 8.04.1 no, sorry23:26
slangasekkirkland, cjwatson: if we're going to start expanding variables in /etc/environment (which I agree is the right way to do it), we should be consistent about it rather than special-casing $HOME23:38
kirklandslangasek: yessir...23:38
kirklandslangasek: i'm still digging into the problem...  looking at pam_env.c, the code does try to expand env variables23:39
kirklandslangasek: but it's not doing so on /etc/environment23:39
=== macd_ is now known as macd
slangasekkirkland: right, the variable expansion is only done on pam_env.conf; I don't know why this is23:41
slangasekif possible, please run any patches you come up with past upstream, since we'll want to avoid diverging here and my pam patch load is already up to my chin23:42
kirklandslangasek: okay, i'm not going to spend much more time on this....23:42
kirklandslangasek: this was a 5-minute fix that I've devoted > 2 days on now :-/23:43
slangasekoh, I could've told you it wasn't a 5-minute fix from the beginning... :)23:43
slangasekwait, that didn't get tagged bitesize, did it?23:44
kirklandslangasek: "Nothing to see here, move along, move along..."  :-)23:44
kirklandslangasek: yes, it was23:44
slangasekyah, madness23:44
kirklandslangasek: I removed the tag after about hour 623:44
slangasekgood, thanks :)23:44
* jdstrand is back for just a moment23:44
jdstrandcjwatson: here is why I believe it's low, rather than specious-- group or other writable ~/bin23:45
jdstrandI happen to have access to one of those, on a machine where I am not the admin, and didn't setup that directory23:46
jdstrandplus, I just reviewed a perl vuln that accidentally followed symlinks and made things 77723:46
jdstrandso, obviousy, there is an amount of trust in group writable, but accidents happen23:47
jdstrandanyhoo, I'm off again23:47
kirklandcjwatson: slangasek: argh....  # Note that many environment variables that you would like to use23:49
kirkland# may not be set by the time the module is called.23:49
kirkland# For example, HOME is used below several times, but23:49
kirkland# many PAM applications don't make it available by the time you need it.23:49
kirklandslangasek: that's exactly what I'm seeing with login and /etc/security/pam_env.conf23:49
slangasekright, that's a potential concern23:49
kirklandslangasek: cjwatson: Okay, then I don't even think this is solvable with pam_env, sadly.23:51
slangasekwell, it's less of an issue for login because login spawns a shell which reads .profile, surely?23:52
slangasekthe problematic use case is gdm which runs lots of things that aren't under a login shell23:52
kirklandslangasek: right.  well, the simple, non-expanded ~/bin in /etc/environment works well in my simple tests worked well with Gnome/KDE/XFCE, as for allowing for running scripts in ~/bin23:55
slangasekhrm, I'm not sure how it manages to do that given cjwatson's counterexample23:56
kirklandslangasek: cjwatson has a test c program in a pastebin above where he shows, however, that a non-expanded PATH is not good for c programs23:56
kirklandslangasek: my test consisted of "alt-f2"23:57
kirkland slangasek: which was the user issue described in the original bug23:58
slangasekI wonder why that works :)23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!