/srv/irclogs.ubuntu.com/2009/09/15/#ubuntu-motu.txt

dhillon-v10hi all I need some help getting the source of a package with dget00:14
andvdhillon-v10, whats the problem?00:15
dhillon-v10andv: did you get my email00:15
andvdhillon-v10, yes, was finishing something00:15
andvdhillon-v10, anyway the verification failed is ok00:16
andvthe package is signed by a key ID which is different from your key00:16
andvthat's why it fails00:16
dhillon-v10andv: For that reason the ~ wasn't present00:16
dhillon-v10andv: I looked again and again in the control file, the ~ was absent00:17
andvdhillon-v10, I gave a dget -xu https://launchpad.net/ubuntu/+archive/primary/+files/livehttpheaders_0.15-0ubuntu1.dsc00:18
andvand it worked00:18
andvdhillon-v10, if it's absent just add it00:18
dhillon-v10for some strange reason it actually worked this time00:19
dhillon-v10thanks :)00:19
andvnp00:19
dhillon-v10andv: again the ~ isn't present in build depends00:19
andvdhillon-v10, if it's not there add it00:20
andvyourself00:20
dhillon-v10okay that's the answer I was looking for, do you want for all instances :)00:20
andvmake a debdiff and add it into the bug report00:20
andv:)00:20
dhillon-v10andv: this task was relatively easy but required carefully analysis thanks for you help00:21
andvnp00:23
dhillon-v10alright done00:28
dhillon-v10how do I submit the patch now, just go to LP and attach it with the bug file00:31
mruizhi all00:50
james_wthanks nxvl01:16
zookoCould I interest someone in uploading Tahoe-LAFS into Karmic?01:17
zookoIt is all FFe'ed and approved and reviewed and good to go.01:17
jtimbermanCan someone please review launchpad # 424576, to bump the chef version to match upstream?01:33
jtimbermani provided a debdiff on the ticket.01:34
jtimbermanthere's some important bug fixes in that release..01:34
zookoOh, I see that iulian wanted to wait for a new version of pycryptopp: http://revu.ubuntuwire.com/p/tahoe-lafs01:38
ScottKjtimberman: Is it just bug fixes?02:06
LaserJock!info mpfr02:20
ubottuPackage mpfr does not exist in jaunty02:20
LaserJock!info libmpfr102:20
ubottuPackage libmpfr1 does not exist in jaunty02:20
jtimbermanScottK: yeah, think so. some important ones though per our CTO :)02:20
ScottKLaserJock: We're considering putting a small sampling of kdeedu apps on the netbook ISO (it's not limited to CD size).  I was wondering if you had any suggestions for what might be useful on a netbook?02:22
LaserJockScottK: ktouch? :-)02:23
ScottKLaserJock: You tell me, you're the expert.  We can discuss on #kubuntu-netbook if you want.02:24
=== zooko is now known as zookophone
arandHow to I grab bzr code from LP in a rush?04:51
arandnvm, found the lp howto04:59
=== ApOgEE__ is now known as ApOgEE
=== Guest62273 is now known as santiago-ve
dholbachgood morning06:32
fabrice_spGood morning dholbach !06:36
dholbachhiya fabrice_sp!06:37
mruizguten morgen06:38
mruizdholbach, thanks for the upload... since I came back, I have forgotten some things06:45
dholbachno worries :)06:45
mruizdholbach, but I'm baaack06:46
dholbach:-)06:47
=== zul_ is now known as zul
=== micahg1 is now known as micahg
=== dholbach_ is now known as dholbach
=== asac_ is now known as asac
slytherinCan anyone please provide me with output of this command on a karmic installation - pkg-config --cflags libxul-embedding10:03
jussi01slytherin: http://paste.ubuntu.com/271377/10:04
slytherinjussi01: You need to install package xulrunner-dev.10:05
dholbachttx is reviewing in #ubuntu-reviews10:05
jussi01slytherin: jussi@eagle:~$ pkg-config --cflags libxul-embedding10:06
jussi01-DXPCOM_GLUE -fshort-wchar -I/usr/include/xulrunner-1.9.1.3/stable10:06
slytherinjussi01: Thanks. This is missing nspr includes.10:07
jussi01yw10:07
slytherinasac: any idea why 'pkg-config --cflags libxul-embedding' does not include nspr headers? They were included in xulrunner 1.9.10:07
asacslytherin: yes.10:09
asacits bug 42763810:09
ubottuLaunchpad bug 427638 in xiphos "xulrunner includes no longer have nspr headers; explicit link against nspr is required." [Undecided,Confirmed] https://launchpad.net/bugs/42763810:09
asaci am about to fix that10:09
slytherinasac: Thanks. I should have looked through the bugs.10:10
asacno problem10:10
asaci shoudl really fix this pronto ;)10:11
alusnginx released a security fix yesterday, at version 0.6.39. ubuntu base 9.04 still lists 0.6.35 in apt10:42
aluswhen will a new package be available?10:42
slytherin!sru | alus10:42
ubottualus: Stable Release Update information is at http://wiki.ubuntu.com/StableReleaseUpdates10:42
hyperairhow does something enter <release>-security?10:43
gesersomeone prepares a patch (debdiff) and subscribes ~ubuntu-security and they review and sponsor it10:43
alusslytherin: I see information about the stable release update process.. I can't find any information about nginx here http://people.canonical.com/~ubuntu-archive/pending-sru.html10:45
alushttp://qa.ubuntuwire.com/sru/todo.html is just blank10:45
alusnothing in launchpad says "nginx"10:45
slytherinalus: It was just released yesterday, wasn't it?10:46
geseralus: the pending sru page is for packages in -proposed which need to be tested before they go to -updates10:46
alusslytherin: yes.. and I could install it from source in less time than it has taken me to find out when it will be updated in apt10:47
alusslytherin: not to mention how long it would take someone to exploit it10:47
alusgeser: so, is nginx just not in the queue, or should I look somewhere else?10:47
geseralus: someone needs to extract the needed changes from the new release and prepare a patch for it (-security only accept patches)10:47
slytherinAnyway, I am not from security team. So I can not comment on policies for security updates.10:48
alusgeser: ah, well that would explain why it's several versions behind. what a pain10:48
geseralus: as nginx is in universe, someone from the community needs to prepare a security update for the package in jaunty10:48
hyperairslytherin: did you shift /usr/share/ant/lib/ant-proguard.jar?10:49
alusthe developer prepared a new tarball. isn't there a nginx source tarball to .deb script?10:49
hyperairslytherin: what should i be using instead, then?10:49
alushow did it get in apt in the first place? did someone do it by hand and then throw away the process they used to do that?10:50
geseralus: the "source package" contains infomation how to build it from the tarball, but it might need some changes for the new upstream version10:51
geseralus: but no new tarballs are accepted for -security, one needs to extract the patch for the security issue and apply it on the version that's currently in the archive10:52
alusthat seems far more error prone, and much slower10:53
hyperairalus: it's about auditing the changes10:53
alusby applying the same process that was applied to the original diff, and diffing the results, you could produce this patch10:53
alushyperair: the package maintainers did not write the software, and the original developer had a bug. I don't expect anybody will find anything useful10:54
geseralus: and the risk for regressions is much smaller if you only fix the security problem10:54
alusthe risk of introducing new problems seems higher10:54
alusnobody involved is the original developer, and knows the codebase10:54
geseralus: but the developer doesn't obviously know how to write secure software (else the problem wouldn't rise) so some review from security aware people is good10:55
alusuh10:56
alusthe security aware people obviously don't know how to write a tiny, fast webserver either10:56
alusand why didn't the security aware people catch the bug when they accepted the nginx version they had already?10:57
alusthey can verify that the patch fixes the bug, but that has already been verified10:57
geserbecause nobody reviews every line of code before it lands in Ubuntu10:58
hyperairalus: <release>-security exists ONLY for pushing security updates. packages accepted into the UNSTABLE version of ubuntu is not audited by the same security team10:58
alusbut maybe only if you use the tarball as it appears on the developer's website10:58
hyperairthat's why the patch has to be isolated, put onto the existing jaunty package, and tested again10:59
alushyperair: so, fixes to software that was never reviewed are delayed by "-security"10:59
geseralus: how sure are you that the new tarball doesn't introduce any other bugs which aren't currently in the version in jaunty?10:59
alusleaving vulnerable systems out there in the wild for longer?10:59
alusgeser: how are you sure that the new tarball isn't better?10:59
hyperairalus: please remember that when an ubuntu version is released, the archive is frozen.10:59
hyperairalus: hence every change done must be tested intensively to make sure there are no regressions11:00
geseralus: I'm not sure, it probably even is11:00
alusthis process seems overly cautious to prevent possible breakage, while ensuring it prolongs actual breakage11:01
hyperairalus: then file a bug, isolate the patch, and get it in11:01
hyperairalus: it's not overly cautious, it's a necessary measure.11:01
alushonestly, it's easier for me to ignore apt and install it from source11:02
alusand that's far more work than I want to do11:02
wgrantNew versions *do* break things.11:02
wgrantAnd that's a lot of users to break.11:02
wgrantSo a minimal, obvious, well-tested patch is essential.11:02
alusit's not a new-feature release. it's a update to the "legacy-stable" version of nginx11:02
wgrantThen the patch should be simple to isolate.11:03
aluswgrant: that is overly demanding for a package management system. software packages develop however they like11:03
alusand as I use I would like to install them11:03
alusso the package management system is in the way11:03
geseralus: don't forget that those rules apply to all packages and not only nginx, so they might more strict than necessary in this specific case11:04
alusif a user does not upgrade, their publicly facing webserver is vulnerable. it's quite easy to find out if a website uses a vulnerable version11:04
wgrantalus: Feel free to isolate the patch and get an update pushed out.11:04
wgrantIt shouldn't take long.11:04
alusit's all new to me. it would take quite a while11:05
alusI know how to install from a tarball. that takes no time at all11:05
hyperairAndres Rodriguez <andreserl<at>ubuntu.com>11:06
hyperairthat's the last person who uploaded.11:06
hyperairyou could contact him11:06
hyperairlooking at the changelog, he seems to be handling all the syncs/merges of nginx in ubuntu from debian11:07
slytherinhyperair: read README.Debian. :-)11:07
hyperairslytherin: ah thanks11:07
slytherinhyperair: Actually I removed the symlink as recommended by upstream documentation and because of past bad experiences to to presence of such symlinks.11:11
slytherinhyperair: I will try to push this in Debian policy.11:11
hyperairi see11:11
hyperairokay11:11
alushyperair: ok, I sent him an email11:12
alusthanks guys.11:12
moldyhi12:22
moldyi want to create a new version of an ubuntu package including a new version of the upstream sources12:23
moldyare there some tools that can save me from doing all the packaging work again, by including information from the previous version, just bumping the upstream version number?12:24
moldyi'm not sure how to handle the "new upstream version" case at alll... if anyone could point me to some docs, that would be great12:26
porthose_https://wiki.ubuntu.com/PackagingGuide/Recipes/PackageUpdate12:28
moldyporthose_: thank you, just found that12:28
moldyporthose_: at the "dch -i" step, i should change the upsrteam and ubuntu version manually?12:29
moldyporthose_: dch does not seem to detect it by itself12:29
porthose_depends on what you want to do if you are packaging for debian then no if you are packaging it for ubuntu the yes12:30
porthose_the/then12:30
moldypackaging for ubuntu12:30
moldywell, dch does not seem to realize there is a new upstream version at all, that's why i am asking12:31
moldyit still says "1.0dev1" instead of "1.0dev2"12:31
porthose_then I would say your changelog entry is incorrect12:33
moldyhm, in what regard?12:34
moldyput differently: how does dch detect the fact that there is a new upstream version?12:34
moldyas far as i understand, it only seems to try to do this when using the -d option12:34
pochudch -v '1.2.3-1'12:35
* porthose_ goes and finds some coffee *yawn*12:36
moldypochu: ah, so i should so something like "dch -v 1.0dev2-0ubuntu1"?12:36
pochuI think so12:36
moldypochu: ok, thanks12:36
nicolasvwHow can one package an application for which upstream only provides svn and no release tarballs?13:05
slytherinnicolasvw: create your own tarball.13:30
qnixHi, Feature Freeze disallows any package version upgrade, right?13:49
oreonsera13:52
sistpoty|workqnix: it means that new features need to get approved first13:52
sistpoty|workqnix: (and hence need to be justified)13:52
qnixsistpoty|work: so I can still ask to sync a package with debian unstable ?13:52
sistpoty|workqnix: yes, but if it introduced new features, than you should get a FFe first ;)13:53
qnixkk :P13:53
nicolasvwslytherin: thank, I'll do it that way.14:41
bddebianHeya gang15:06
sistpoty|workhi bddebian15:06
bddebianHeya sistpoty|work15:07
=== porthose_ is now known as porthose
sebnerhuhi bddebian sistpoty|work :)15:13
sistpoty|workhi sebner15:13
qnixwhy dh_install reports me: dh_install: usr/include/gdal/gdal_proxy.h exists in debian/tmp but is not installed to anywhere15:16
qnixbut if I do a dpkg-deb -c myfile.deb, the file is present15:16
bddebianAnAnt: Sorry I missed you the other day, do you still want/need me to look at something?15:22
AnAntHello, for some reason mdbtools in karmic doesn't work, yet the one from Debian (please look at LP 430057) worked for me15:23
ubottuLaunchpad bug 430057 in mdbtools "Sync mdbtools 0.5.99.0.6pre1.0.20051109-5 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/43005715:23
AnAntbddebian: yeah15:23
AnAntbddebian: gplcver15:23
jbernard_nixternal: is the next membership meeting on the 24th? if so I'll be happy to update the wiki, it still says the 9th at the moment15:23
bddebianAnAnt: Is it still on mentors?15:23
AnAntbddebian: yup15:24
AnAntit's an NMU15:24
AnAnthttp://mentors.debian.net/debian/pool/main/g/gplcver/gplcver_2.12a-1.1.dsc15:24
bddebianAnAnt: You haven't posted your patch or an NMU to BTS.  Have you tried to contact the maintainer?15:34
AnAntbddebian: I did  try to contact him for another reason, and got no reply15:36
AnAntbddebian: on Aug, 10th15:37
AnAntbddebian: yet the maintainer seems to be active till at least july of this year according to his QA page15:37
jtimbermanI need two MOTU to ACK FFE for new upstream version of Chef (0.7.10) which fixes some important bugs from 0.7.8: https://bugs.launchpad.net/ubuntu/+source/chef/+bug/42457616:00
ubottuLaunchpad bug 424576 in chef "Chef new upstream version 0.7.10" [Undecided,New]16:00
mathiazjtimberman: you need to two members of the motu-release team to give an ACK for a FFe.16:06
mathiazjtimberman: see https://wiki.ubuntu.com/FreezeExceptionProcess#Exceptions%20for%20Universe/Multiverse16:07
mathiazjtimberman: I've subscribed motu-release to the bug16:07
jtimbermanmathiaz: cool. also need libmixlib-config-ruby updated to upstream release 1.0.12, bug link is: https://bugs.launchpad.net/ubuntu/+source/libmixlib-config-ruby/+bug/42067416:08
ubottuLaunchpad bug 420674 in libmixlib-config-ruby "Update libmixlib-config-ruby to new upstream version 1.0.12" [Undecided,New]16:08
jtimbermanshould i add motu-release to that one too?16:08
mathiazjtimberman: nope - as it's a bug fix only16:10
mathiazjtimberman: you should seek sponsorship though - https://wiki.ubuntu.com/SponsorshipProcess16:10
jtimbermanmathiaz: alrighty.16:10
mathiazjtimberman: we're in FeatureFreeze - so new features need to be acked16:10
mathiazjtimberman: if it a bug fix only upstream release then it can go in16:10
jtimbermanRight.16:11
mathiazjtimberman: but you'll always need sponsorship since you don't have upload rights.16:11
jtimbermanmathiaz: gotcha.16:11
jtimbermansubscribed ubuntu-universe-sponsors to it.16:11
mathiazjtimberman: are you planning to push the update to debian as weel?16:17
mathiazjtimberman: *well*16:17
mathiazjtimberman: it may be easier to get it uploaded to debian and then ask for a sync in ubuntu16:17
jtimbermanmathiaz: it should go in debian too, yes, as the 0.7.10 is what i'm currently trying to get into debian now.16:19
mathiazjtimberman: I'm refering to libmixlib-config-ruby16:20
jtimbermanmathiaz: right, mixlib-config 1.0.12 is required for chef 0.7.10:)16:20
mathiazjtimberman: right - since mixlib-config is already in debian, it may be easier to get the new version in debian16:21
jtimbermanmathiaz: DEHS shows 1.0.12: http://dehs.alioth.debian.org/report.php?package=libmixlib-config-ruby16:21
mathiazjtimberman: and then ask for a sync16:21
mathiazjtimberman: in ubuntu16:22
jtimbermanmathiaz: okay, pinging a DD :)16:22
mathiazjtimberman: otherwise you'll have to redo the mixlib-config debdiff to follow the ubuntu convention16:22
jtimbermanoh, is my debdiff debianized?16:23
* jtimberman should make a separate sbuild server for debian 16:23
jtimbermanor something.16:23
mathiazjtimberman: well first - it's been generated the wrong way16:24
mathiazjtimberman: and then the version number is a debian number - it ubuntu it would be 1.0.12-0ubuntu116:24
jtimbermangotcha.16:24
jtimbermanwell i'll see if thom will upload to debian again :)16:24
mathiazjtimberman: and the maintainer field would have to be updated - per https://wiki.ubuntu.com/DebianMaintainerField16:24
mathiazjtimberman: if you can get it in debian it would be much better.16:25
jtimbermanmathiaz: indeed. working on that.16:25
jtimbermanmathiaz: do i turn the launchpad bug into a sync request, or close it and open a new bug?16:26
mathiazjtimberman: leave it open for now.16:26
mathiazjtimberman: *once* the new upstream version is in debian, I'd suggest to turn the bug in a sync request16:26
mathiazjtimberman: following https://wiki.ubuntu.com/SyncRequestProcess16:26
mathiazjtimberman: and asking sponsorship again since you don't have upload rights16:27
jtimbermanmathiaz: alrighty.16:28
=== zul_ is now known as zul
jtimbermanmathiaz: libmixlib-config-ruby 1.0.12 uploaded, accepted: http://packages.qa.debian.org/libm/libmixlib-config-ruby/news/20090915T161725Z.html17:30
RiddellYokoZar: ping17:34
RiddellYokoZar: springlobby has a debian/copyright which mentions  src/boost but there's no such directory17:35
RiddellI could accept and file a bug but I'd prefer to reject and have it uploaded correctly17:35
RoAkSoAxhey guys what to do in a case where solving a FTBFS, after debuild -S and doing a debdiff between the debian and the ubuntu revision, changes in config.guess and config.sub are showed? these changes are also showed in the diff.gz17:55
* sebner has a deja-vĂ¹ :)17:56
christoph_debianRoAkSoAx: maybe working with filterdiff helps?17:57
RoAkSoAxrigth, the thing is that AFAIK, changes in config.guess and config.sub should not be showed, but still, they are18:01
randomactioniirc the solution was to rm -f them in debian/rules clean target18:02
sebnerRoAkSoAx: delete that stuff from the debdiff18:03
RoAkSoAxsebner, I did. Then I did a apt-get source package, applied that debdiff to the sourcepackage, debuild -S and changes were showed again...18:04
christoph_debianI'd ask the debian maintainer to fix it on the way as you're opening a bug anyway18:04
sebnerRoAkSoAx: not wondering because that stuff gets generated evidently anytime. Show me the rules file18:05
RoAkSoAxsebner, http://pastebin.ubuntu.com/271548/18:05
sebnerRoAkSoAx: remove that stuff: http://paste.ubuntu.com/271567/18:06
RoAkSoAxsebner, I did, and the same :)18:06
sebnerwhat a evil package :P18:07
=== k0p_ is now known as k0p
RoAkSoAxsebner, haha yeah I've already found 2 with the same issue :) :S18:08
RoAkSoAxI'll keep investigating though :)18:09
sebnerRoAkSoAx: sorry I couldn't help :\18:09
RoAkSoAxsebner, no prob :)18:09
christoph_debianRoAkSoAx: did you remove the copying on the same tree you already did the debuild -S ?18:10
RoAkSoAxchristoph_debian, yep, I keep downloading the source again and again and get the same result. I'm gonna try it again step by step to see what can I be doing wrong :)18:13
christoph_debianRoAkSoAx: if you called debuild -S once before removing the parts from rules it can't work if you get the same still with removing it from rules first I'll get that source package and see why it does impossible things ;)18:15
RoAkSoAxchristoph_debian, maybe that's it, that's why i'm doing it changing my steps :) thanks for the advice18:16
RoAkSoAxweird, now I don't get the config.{sub,guess} changes but I do get changes in  .pc/.version :s18:19
RoAkSoAxfinally, no undesired changed18:22
=== micahg1 is now known as micahg
tagJust how unstable is karmic right now? :-)20:07
directhexvery20:07
tagCrappy20:07
Mabohi21:31
hjmfplease take a look to bug #43027222:00
ubottuLaunchpad bug 430272 in ubuntu "karmic boot hung after /scripts/init-bottom" [Undecided,Confirmed] https://launchpad.net/bugs/43027222:00
directhexhjmf, "Topic for #ubuntu-devel is: Neither karmic nor the buildds are in a happy place right now, things are being sorted"22:02
mruizHi... Why some packages are not available at merges.ubuntu.com ?22:17
sebnermruiz: define "some packages", most packages are syncs so don't need to be merged22:19
mruizsebner, for instance gaphor . It needs a merge22:19
sebnermruiz: right, interesting22:21
sebnermruiz: you should more worry if it'd need a FFe though22:21
ScottKjtimberman: Chef FFe is approved.22:23
jtimbermanScottK: Thanks :)22:24
jpdsmruiz: Maybe the autosyncs have been disabled and thus it's stopped syncing?22:24
jtimbermanScottK: libmixlib-config-ruby update uploaded to debian earlier today, that should be bumped in ubuntu karmic too22:24
jpdsAnd then not checking for merges?22:24
ScottKjpds: It's supposed to keep checking.22:24
ScottKjtimberman: You'll need to file a sync request and seek sponsorship through the normal process for that.22:25
jpdsScottK: Dunno myself. I thought it stopped after DIF.22:25
ScottKjpds: No.  It being stopped was one reason that DaD existed.  Part of the agreement for killing DaD was it would keep running.22:26
Ngif I'm doing python distutils and cdbs, how would I add something to the postinst without losing the automatically generated one?22:36
NgI don't appear to be able to instruct any quick magic to register my gconf schema for me, so I need to do that in the postinst afaict22:36
Ng(and presumably deregister it in the prerm)22:36
RiddellNg: adding <packagename>.postinst into debian/rules should do it, cdbs/debhelper will merge in its own stuff at the end22:44
mathiazNg: have you looked at dh_gconf?22:45
Ngmathiaz: can I just drop that into my debian/rules after the cdbs includes?22:47
mathiazNg: yes - at binary-install/package-name::22:49
mathiazNg: something like that:22:49
LaneyDaviey: Yo, just looking at your change. Where does the db-pending-config file come from?22:49
mathiazNg: http://paste.ubuntu.com/271731/22:50
mathiazNg: look into /usr/share/cdbs/1/class/gnome.mk22:50
mathiazNg: to see how the gnome cdbs class uses dh_gconf22:51
Ngmathiaz: thanks22:51
Ngyou guys are always incredibly helpful :)22:51
jtimbermanlibmixlib-config-ruby ready to sync from debian sid/main23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!