=== jmarsden_ is now known as jmarsden
arandIs, or at what point is LTS → LTS upgrades scheduled to be available for testing (hardy→lucid)?02:25
persiaThey may not work, but that just means it's worth filing bugs.02:30
Tm_Tsooner the better02:30
arandpersia: Ok, then how would I do one?02:32
persiaTake an existing hardy install (or a new one).  Apply all the updates.  dist-upgrade.02:33
arandpersia: nice, just saw the -d flag for do-release-upgrade, cheers.02:40
=== robbiew is now known as robbiew_
RAOFOoof.  I'm surprised no one else seems to have noticed Tomboy crashing because of a liblaunchpad-integration-cil bug.04:47
RAOFMaybe everyone has liblaunchpad-integration-dev installed.04:48
mdeslaurROAF: bug #51866205:02
ubottuLaunchpad bug 518662 in tomboy "Unhandled Exception: System.DllNotFoundException: liblaunchpad-integration.so" [Undecided,New] https://launchpad.net/bugs/51866205:02
* RAOF shall play “merge the duplicates”05:02
arandRAOF: https://bugs.launchpad.net/ubuntu/+source/tomboy/+bug/516210 might be the main one?05:04
ubottuUbuntu bug 516210 in ubuntuone-client "Can't start Tomboy on Lucid" [Undecided,Invalid]05:04
BsimsHaving HD issues... getting the following error messages: ata1: hard resetting link, sd 0:0:0:0: [sda] Unhandled error code, and lost page write due to I/O error on sda1 however when it does it sets /dev/sdb to read only05:05
Bsimssmartmon says its clean, and I am running the long test now... anyone else see this after the last round of upgrades05:05
RAOFarand: No, it's not.  That's a different problem.05:06
arandRAOF: oh, ops.05:06
RAOFarand: That one is about the notification-indicator patch, which I think has been disabled.  The other one is about the launchpad-integration patch (well, actually about liblaunchpad-integration1-cil, which is broken).05:07
RAOFI don't suppose there's an early-rising Do-using core-dev who could take care of sponsoring bug #516920 before too many other duplicates wander into my inbox?06:03
ubottuLaunchpad bug 516920 in gnome-desktop-sharp2 "gnome-do crashes when Preferences selected from menu" [High,Confirmed] https://launchpad.net/bugs/51692006:03
StevenKRAOF: To Lucid? Since some enterprising user has nominated it for every release from Hardy to Lucid and Dapper06:04
StevenKOh. It's r1205606:05
RAOFI can't decline any of those, but only Lucid, yes.06:05
RAOFI've also got a patch to dh_clideps that will make these sort of problems cause a nice, clean FTBFS rather than silently breaking the archive.06:06
StevenKThat sounds good too06:06
RAOFWhich brings me to my next point.  Perl syntax is weird. :)06:07
StevenKRAOF: Every one of them declined06:07
RAOFThanks muchly.06:08
StevenKPatch looks sane, too06:08
RAOFWhat would be even nicer is to properly rewrite the .config file to resolve -dev symlinks, but that's harder to do safely, I think.06:09
StevenKRAOF: I think a FTBFS is a nice safe option, currently06:10
RAOFYes.  And it's much easier to do.06:10
StevenKEven given that diff is fairly brittle06:10
RAOFThe .config file doesn't change very frequently.06:11
StevenKRAOF: Uploaded.06:13
suji11 Anyone Advocate/Review my package IOK http://revu.ubuntuwire.com/p/iok06:29
shawnboyi'm looking for some opinions... a push in a direction. I'm a formally trained programmer, but from few yrs back (procedural). Looking for recommendations from Linux perspective on where to start to learn OO and what language. C? C++? Something else?07:25
dholbachgood morning07:39
pittiGood morning07:50
pittihey dholbach, wie gehts?07:50
dholbachpitti: gut, noch etwas gejetlagged, aber zumindest kommt der Koffer nachher! und dir?07:51
stefanlsdgejetlagged isnt a word :)07:51
d1bgood morning who is the maintainer of sane?07:52
d1b / which people07:52
pittidholbach: urgh, lost your luggage? that sucks07:52
ograstefanlsd, dholbach just created it07:52
pittidholbach: I'm reasonably well, got to bed at 2300 and woke up at 807:52
* ogra quickly adds it to aspell and uploads :)07:53
dholbachpitti: after getting delayed in Portland, I had 20 minutes in Amsterdam to change planes :)07:53
d1blaunchpad has it listed as07:53
pittidholbach: did that work out?07:53
dholbachpitti: for me yes, but not for the luggage :)07:53
ograd1b, best to check for the last uploader then or check the changelog for the person that did the most uploads of it07:53
ograpitti, so you made it through washington ?07:54
d1bogra: right but i have a general issue. also shouldn't they really be listed as the 'maintainer'.07:54
ograd1b, nope, if he/she steps back the team is the right contact address07:54
pittiogra: no, I spent 45 mins on the phone on Friday to get rerouted; the Washington one got cancelled; went through Chicago and Munich instead07:54
ograi though chicago was shut down as well ?07:55
ogra/bin/installer: line 48:   465 Segmentation fault      apt-get -y install oem-config07:56
ogragrrr !07:56
mdkeif someone in ~ubuntu-sru could take a quick look at ubuntu-docs 8.10.3 in the queue for intrepid-proposed, that would be appreciated08:22
d1bpitti: hi. i have emailed you. the sane-backends package is really out of date vs git for files such as those which define working device ids for a backend.08:23
crimsund1b: I'm looking at the merge as I type08:24
crimsun(as in I just did a "bzr clone lp:debian/squeeze/sane-backends")08:24
d1bcrimsun: what...?08:24
d1bdoesn't debian keep their backend in git?08:24
d1bcrimsun: http://git.debian.org/?p=sane/sane-backends.git;a=commitdiff;h=f3e63b4e4df29342c1b84efe13b65a77f16ca5e5 is one of the commits / examples im talking about.08:25
crimsund1b: I'm referring to a system by which Ubuntu source merges are generated, not necessarily which VCS is used by Debian08:25
d1bcrimsun: right.08:25
d1bcrimsun: debian-squeeze also is missing this08:27
pittid1b: got your mail08:42
pitticrimsun: oh, thanks; so you're on it?08:43
d1byes he appears to be on it. i think the problem is due to sane not having a release since...08:44
d1bi have now filed a bug in debian. hoping to get that fixed up too.08:44
crimsunyeah,I saw the bit in -bugs08:44
\shsoren: ping vmbuilder, separate boot partition doesn't work somehow when starting up such a vm (kvm here)08:49
\shsoren: could it be, that something is wrong with checking on "/boot/foo" in VMBuilder/disk.py ?08:50
mdkepitti: I wonder if you might be able to help with my ~sru question above?08:50
pittimdke: uh, intrepid .. *blows the dust away*08:52
pittimdke: I can have a look, but since it's quite out of fashion we usually only do OMGcritical fixes now08:52
mdkepitti: oh right. This isn't along those lines. i was just trying to get it off my bug list :)08:59
mdkepitti: if you say leave it, that's fine09:00
pittimdke: I'll have a look; if it's harmless, we can as well accept it09:00
mdkepitti: ok. I have to leave irc now but I'll pick up on any emails - thanks for taking a look09:00
=== tkamppeter__ is now known as tkamppeter
crimsund1b: / pitti: will look after rest/work; I shouldn't be merging this time of night/morning09:25
pittithanks; sleep well!09:25
ogramvo, i had an additional apt-get clean in the code that deleted the packages after copying them into place ... that caused the auth issues i guess09:47
ograoh my ...09:47
* ogra tries to verify09:47
mvoogra: so it works now?09:48
ograjust running a test ... will take 20-30min to do the two builds09:48
* mvo nods09:55
ografunny, it didnt require an apt-get update so the package lists were in place ... apt-get clean is just to quiet else i would have spotted it09:56
* ogra goes offline for the offline build test10:01
ogramvo, it still moans abour auth but at least finishes with --allow-unauthenticated10:14
mvoogra: hm, if you have  branch available of the script I can have a look10:16
ogramvo, https://code.launchpad.net/~project-rootstock-developers/project-rootstock/trunk10:18
alkisgIn LTSP, if I install edubuntu-desktop in the chroot, then $CHROOT/proc is in use and can't be cleanly unmounted. We do dpkg-divert start-stop-daemon and initctl - what else could be using /proc? lsof doesn't help...10:29
james_wcjwatson: do you have any problem with me upgrading lp:ubuntu/gfxboot-theme-ubuntu to 2a format?10:57
directhexhas someone done a grub2 graphical theme yet11:03
persiadirecthex: I thought I read in your blog that you did.11:05
directhexpersia, nothing for the lucid graphical style11:05
persiaOh, specifically for lucid.  You might ask in #ubuntu-artwork, but otherwise I suspect one is welcome.11:06
persiaEven just a framework that someone can tweak, unless it costs boot time.11:06
directhexi don't know what the cost is going to be. evidently there's a cost associated with loading images & extra grub modules, but i don't know how much it is real-world11:07
ScottKIf it's not == 0, then the chances of it going into the default install are nil.11:08
persiaOr rather, the chances of having it enabled by default are nil.  Having it available for those who choose to tweak their settings is a bit higher (but not extremely high).11:09
csurbhiasac, ping11:10
ivoksuuid-dev doesn't have /usr/lib/libuuid.la anymore?12:03
persiaivoks: .la files have been generally deprecated12:07
ivoksthanks, wasn't aware of that12:08
suji11Hi , am having dictionary file for tamil, this going to be install to this directory /usr/share/myspell/dicts , for this how to create debian package?12:13
soren\sh: Quite possible, yes.13:10
dantticjwatson: ping13:13
=== elpargo_ is now known as elpargo
OdyXHi. I am the usb-modeswitch{-data} maintainer for Debian. It has some bugs on Ubuntu which are solved by new versions in Debian. Who is supposed to ask for a sync ?13:25
ograOdyX, anyone can ask for a sync https://wiki.ubuntu.com/SyncRequestProcess ... note that we default to sync from testing for 10.04 though13:26
OdyXogra: Okay. My fixes are in testing :-> How late are we wrt to Ubuntu's freeeze ?13:27
ogradebian import freeze is on the 11th13:27
ograshould be fine if you file the request now13:27
OdyXoh. 3 days left then13:27
Q-FUNKhi! could anyone with core-dev upload priviledges please act on bug #493628 ?13:41
ubottuLaunchpad bug 493628 in mozvoikko "Please merge mozvoikko-1.0-4 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/49362813:41
pittimvo: do we still need this nasty $http_proxy hack in sudo?13:56
TeTeTmvo: it's important because of bug 43263113:57
ubottuLaunchpad bug 432631 in sudo "sudo only preserves some, but not all proxy env vars" [Medium,Confirmed] https://launchpad.net/bugs/43263113:57
mvopitti: not strictly, but I would agree we should keep it. its just one entry in the environment whitelist, or do you talk about a different one?13:57
pittimvo: well, it's creating inconsistencies, as reported by TeTeT13:58
persiaTeTeT: Isn't that intended behaviour?13:58
pittiand I'm not really keen on endlessly expanding the list13:58
TeTeTpersia: makes it tough to use in certain proxy architectures, where you serve some from within your network, others from the Internet13:59
pittimvo: but you can set the proxy on installation these days, can't you?13:59
TeTeTserve some=packages13:59
mvomy prevent approach would be to have them all in the whitelist then. we have all the bits&pieces in place to remove it, but it will be a inferiour user experience IMO13:59
mvoyes, proxy can be set during install and via network capplet13:59
mvobut the user needs to remember to click on "apply for all users" (or somesuch) when he sets the proxy13:59
pittimvo: aptdaemon gets it from where? it's not run through sudo13:59
mvowithout that, the proxy will only be in his session and if we remove the sudo support, then it will not be there in the terminal14:00
TeTeTpitti: IMO the first admin user14:00
mvopitti: aptdaemon gets it from the client (software-center) so that is fine14:00
pittiwell, perfect14:00
mvo I'm more concerned it people opening a terminal14:00
pitti(well, not perfect in fact, since it's the very same security problem)14:00
pittia proxy just conceptually isn't something that should be a per-user setting14:02
pittimvo: perhaps eventually the proxy capplet should _always_ apply system-wide?14:02
mvowe can make that happen, I guess, just check for admin group and not ask for a password14:02
persiaUm, why shouldn't proxies be per-user?  I agree in the case of apt proxies, but I can imagine all kinds of other sorts of proxies being per-user.14:02
TeTeTisn't /etc/cron.daily/apt also taking the proxy environment from a user?14:02
mvoTeTeT: its doing that to work around the same problem14:03
mvoand only if there is no proxy set via apt conf or the root environment14:03
TeTeTok, just saw the -z http_proxy14:04
TeTeTmvo + pitti : so there is no easy solution?14:05
pittimvo: no, I meant "apply system-wide" should always be the default button14:05
pittior action14:05
pittiugh, how can the daily cron job take an user's env? which user's?14:06
TeTeTpitti: first admin user14:06
persiaThat requires all sorts of hackery.14:07
pittiwe really need a system-wide setting for this14:07
TeTeTpitti: admin_user=$(getent group admin|cut -d: -f4|cut -d, -f1)14:07
pittipersia: while that might be true, I doubt that for the vast majority of use cases14:08
pittiwe don't have per-user network connections either14:08
pittiand a proxy is very tightly tied to a network configuration14:08
persiaWell, OK.  I'm thinking of things like a shared machine where someone wants a UK proxy for BBC, but others don't need it, and the like.14:09
pittiand if one special application wants to talk through a proxy, it should ceratinly handle that internally instead of clobbering $http_proxy?14:09
persiaI was thinking of the browser :)14:09
TeTeTpersia: the browser can use it's on proxy setting per user without problem, IMO14:09
mvowe have a way to set this system wide, the apt cron script checks gconf for the case when a user installed without proxy and never pressed "use system wide". this is only a precaution to ensure that e.g. security updates can get through14:09
pittithat already has its own (and also I still don't believe that per-user settings are much sensible there)14:10
mvoI'm in favour of removing all this, don't get me wrong, I'm just concerned that we break a lot of systems that used to work and will no longer work after the change14:10
pittimvo: OTOH that means if an user breaks his proxy settings, we break security updates system-wide?14:10
mvoits only the admin user and if he can no longer browse, he will notice14:11
pittiright, it's a case of "should've fixed that 5 years ago" :(14:11
mvoI mean, that is a bit of a theretical scenario, if he breaks his other network settings, the same hapepns14:11
mvoI think its just a unfortunate thing we inherited from the gnome control center14:12
mvomy take on it would be: make it consistent for lucid (by adding https_proxy, ftp_proxy) and remove for lucid+1 with appropriate way of telling the user14:13
TeTeTworks for me14:15
pitticouldn't we alternatively use the first admin user's proxy setting and write that into a system-wide conffile in a postinst?14:15
pittiit's no worse than we do now, but woudl at least be an one-time migration14:15
pittiand if we do it in lucid, we aren't stuck with it for another 4 releases14:15
mvoits worse in the sense that it will not update the config14:16
pittiwe have the "apply system wide" button14:16
mvoI mean, then we need to tell the user what we did if he has a different proxy on home/work14:16
pittiwe could update the label in g-c-c?14:16
mvooh, that is a good idea - update to indicate inconistency?14:17
pittiI mean, if persia's objection of "per-user settings make sense" is true, then we _don't_ always want to apply those to apt14:17
pittiand if it's false, then we shouldn't have per-user settings in the first place14:17
pittimvo: indicate inconsistency also sounds good; I meant, change the wording around "system wide" to point out "to also apply to package updates"14:17
mvoI guess that is a good way forward, apply once and when changed have a way to tell the users that its inconsistent14:18
mvo(apply once via postinst)14:18
pittimvo: does apt just use $http_proxy as well? I. e. /etc/environment?14:18
pittimvo: IOW, what does "apply system-wide" do? adding it to /etc/environment would make sense certainly?14:18
mvopitti: apt has its own apt.conf setting, but the system-wide button also writes to /etc/environment14:19
pittiah, I see14:19
mvopitti: it does both, add to apt.conf and environment14:19
pittimvo: AFAICS, /etc/cron.daily/apt only sets $http_proxy, though14:20
mvoright, it can go away entirely with the approach of apply+warn IMO14:21
pittimvo: right, I meant apparently apt does check $http_proxy?14:21
pittiit would make the entire system very consistent14:22
pittii. e. system-wide $http_proxy, and users can change14:22
pittiok, I'll summarize in the bug14:22
pittimvo: thanks for discussion!14:22
kitalliscould these two bugs be caused by a similar flaw? https://bugs.launchpad.net/ubuntu/+source/gnome-utils/+bug/29894 & https://bugs.launchpad.net/notify-osd/+bug/50055014:22
ubottuUbuntu bug 29894 in gnome-utils "can't take screenshot when menu on panel is opened" [Unknown,In progress]14:23
mvopitti: sure, thanks as well, I think we have a good solution14:23
pittimvo, TeTeT: bug 432631 updated; cross-check?14:27
ubottuLaunchpad bug 432631 in sudo "clean up system/per-user proxy handling" [Medium,In progress] https://launchpad.net/bugs/43263114:27
\shsoren: I changed that but no change :(14:27
mvopitti: thanks, done. I added the inconsitency check/warning. I think its important to ensure users keep updating the thing14:31
=== dholbach_ is now known as dholbach
smoseranyone know why https://launchpad.net/ubuntu/+source/cloud-utils is still 'pending publication'14:52
smoserbuild took place 2 days ago14:52
persiasmoser: Check the NEW queue.14:53
smoserpersia, thanks14:55
geserany main sponsor free to review and sponsor bug #509900?15:21
ubottuLaunchpad bug 509900 in vim "Merge vim 2:7.2.330-1 from Debian unstable" [Undecided,New] https://launchpad.net/bugs/50990015:21
ograoh, when did we stop setting LANG in /etc/environment ?15:54
pittidid we ever?15:56
ograyes, tollef added that ages ago15:57
ograpre dapper iirc15:57
ograand it was always carried along15:57
pitti/etc/environment works15:57
ogramine only has PATH15:57
pittibut we don't put it there by default15:57
ograwe used to though15:57
alkisgI think it changed in Interpid15:58
ograthat might be, my lappie was upgraded from intrepid originally until i did this renistall for the new HD15:58
ograsigh ...16:01
ograoem-config doesnt work at all here ... goes into an endless loop16:02
=== yofel_ is now known as yofel
smoseris it normal for publish-to-archive to lag build by more than a day ?16:16
smoserhttps://edge.launchpad.net/ubuntu/+source/linux-ec2 build finished 44 hours ago, but its not in archive yet.16:16
sistpoty|worksmoser: looks like it's in binary new: https://launchpad.net/ubuntu/lucid/+queue?start=3016:18
superm1smoser, if you look closer at the build ( https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-302.6 ), you can see that it's got "New" binaries.  that means an archive admin will have to accept them into the archive and adjust the component (main,restricted,universe,multiverse) accordingly16:18
superm1ogra, what version of oem-config are you testing that's going into an endless loop?16:19
ograsuperm1, well, i'm not sure i run it correctly or even set it up correctly, its the recent lucid version16:19
superm1ogra, well all there is to setting it up is "sudo oem-config-prepare", but the particulars on the version are important because there was some bugs that would cause that behavior within the last 2 versions or so, but should be resolved on the latest16:20
ograsuperm1, essentially i only want user timezone kbd and language settings in a bare debootstrapped chroot system ... i installed oem-config and touched /var/lib/oem-config/run16:21
sebnerAre there still problems with autosyncing debsrc3.0 packages?16:21
smoseri dont quite understand why linux-ec2 build would have produced "new" packages.16:21
ograsuperm1, the above makes it start but gets me also tasksel and a lot of extra stuff i'd like to avoid16:21
sorensmoser: New binary packages. ABI bump, right?16:21
superm1ogra, oh you're running the debconf frontend.... i'm not sure how stable it is at this point16:22
ograsuperm1, ah, i'll try to do an X setup then16:22
ograthough i need both frontends16:22
smoseroh. ok. yeah. ther ewas an abi bump.  so each time kernel bumps abi they have a "new" package.16:22
sorensmoser: Yes.16:22
smosersoren, you're right on abi bump.16:22
sorensmoser: This happens all the times for kernels. Most of the time, you just don't notice :)16:23
smoseris it proper for me to nag slangasek or james_w (per https://wiki.ubuntu.com/ArchiveAdministration#Archive%20days) to approve https://launchpad.net/ubuntu/lucid/+queue?queue_state=0&queue_text=linux ?16:29
james_wsmoser: it is16:31
ograsuperm1, oem-config-enable doesnt setup the /var/lib/oem-config/run it only puts the rc scripts in place it seems16:36
superm1ogra, oem-config-prepare is what i had mentioned, but essentially it's just touching /var/lib/oem-config/run for the next boot16:37
ograsuperm1, didnt happen here16:37
ograhmm, and installing the xorg package in the chroot didnt get me the graphical version ... i wonder what i'm missing16:38
smoserjames_w, could you do that for me then please ? thank you.16:38
ograsuperm1, do you know if ubiquity or d-i put anything in place i have to add to my chroot/image to make it start ubiquitys oem-config instead of the text version ? as far as i understood its just supposed to come up as DM16:42
ograroot@osiris:/# /usr/sbin/oem-config -q16:52
gesersebner: only with second autosyncs of packages using .orig.tar.bz2 (see bug #225151)16:56
ubottuLaunchpad bug 225151 in soyuz "Please add support for .orig.tar.bz2" [High,Triaged] https://launchpad.net/bugs/22515116:56
james_wsmoser: done16:57
sebnergeser: ah ic. thanks :)17:00
dupondjecould somebody check https://bugs.launchpad.net/ubuntu/+source/aptitude/+bug/391035 for me ? it needs sponsoring17:00
ubottuUbuntu bug 391035 in aptitude "aptitude stops displaying downloads" [Low,Triaged]17:01
dupondjewould be nice this fix gets into Lucid, as its broken since Karmic :(17:04
=== walters_ is now known as walters
superm1ogra, you've gotta install a gtk or kde frontend to use one of those (oem-config-gtk or oem-config-kde)17:07
ograoh, i thought that comes automatically with the new ubiquity dep17:08
ograsilly me17:08
geserdupondje: my C++ is a little bit rusty but don't you need to free(delete) the BlankLine allocation somewhere again?17:08
dupondjegeser: I didn't touch the free's etc, only the size of the thing :)17:09
tsimpsonit's allocated on the stack17:10
ograwow, the gtk frontend pulls in fvwm ???17:11
superm1ogra, it pulls in a window manager.  i suppose fvwm is one of those possibilities17:12
superm1most cases it's used people already have metacity or xfwm4 installed17:13
ograyeah, i guess i'm building a very special case atm ;)17:13
* ogra is working on an offline rootfs build tool for armel systems17:14
=== johanbr_ is now known as johanbr
ograand i thought it would be the easies to just pull in oem-config to set up user and pw ... but that effort gets wose and worse17:15
tsimpsondupondje: you really should use a patch, rather then directly modifying the source17:15
dupondjetsimpson: why exactly ? whats the difference ?17:15
geserdupondje: before it was on the stack and was cleared automatically, but now you use dynamic allocation (new) and should free it again (delete) else you get a memory leak17:16
tsimpsondupondje: several reasons, a couple of which are: 1) it's debian policy, 2) it's easy to see ubuntu changes, and 3) if upstream incorporate the patch, it's easy to remove our patch17:17
tsimpsonand yes, you do need to "delete[] BlankLine;" somewhere (the destructor)17:17
dupondjeok thanks for the input17:18
dupondjewill make a new debdiff17:18
smoserpitti, ping, your you have feedback on https://bugs.launchpad.net/ubuntu/+source/apport/+bug/513061 (last comment there)17:20
ubottuUbuntu bug 513061 in apport "apport reports 'not a genuine Ubuntu package' on fresh installation without apt cache" [Low,Triaged]17:20
ograno ui at all :/17:35
ograargh and installing metacity would install 400MB !17:37
* ogra wants old oem-config back ! that ubiquity merge is a mess if you dont use it with a desktop image17:37
ograah, i was trapped by recommends17:43
ograstill over 30M17:43
ograsuperm1, ok, its trying to start but breaks then with subprocess.Popen(proc)17:53
ograusing 2.1.16 btw17:54
superm1ogasawara_, can you get a full BT?  It might have logged that BT to /var/log/oem-config.log already for you.17:54
superm1ogra, ^17:54
ograi'll try to ... i sadly cant copy-paste from qemu17:55
superm1you should be able to at least scp that log file out hopefully to a real machine17:55
superm1or use something like pastebinit to get it out on the internets17:55
ograyeah, indeed17:55
ograseems to be a pygtk issue actually17:56
ograsuperm1, just fyi ... http://paste.ubuntu.com/371902/ i doubt its ubiquitys fault18:08
superm1ogra, yeah i agree.  have fun debugging that :)18:09
ograi'll probably give up on the UI part ... it pull sway to much into the rootfs anyway since the merge18:10
ograthe old oem-config was far better suited for that usecase18:10
ogra(which is why it was initially added to the spec :) )18:11
jonobdmurray, ping?18:14
jonoignore my msg :)18:14
superm1ogra, well the debconf frontend is probably still well suited for your case, just check with ev where it's at stability wise.18:19
ograseems i need to have a lot of debconf stuff set in advance though18:20
ogracurrently thats a plain debootstrapped system18:20
ograsuperm1, do you know if we have any docs what oem-config expects or do i need to dig through the code ?18:21
superm1ogra, for the debconf ui, i've no idea.  for the other UI's, nothing needs to be set in advance normally18:22
ograwell, then i'D expect the same for debconf actually18:22
ograi'll wait until ev is back18:22
apwpitti, whats happening with the states on bug# 44614618:37
apwbug #446146, you and JFo seem to be arguing :)18:37
ubottuError: Could not parse data returned by Launchpad: The read operation timed out (https://launchpad.net/bugs/446146)18:37
* apw slaps ubottu 18:37
apwbe more patient ubottu18:37
JFoI keep getting timeouts too18:38
czajkowskibe nice to the bot19:06
smosermaybe someone can help. i'm missing something and can't figure out what.  I'm trying to backport schroot to karmic.  I grabbed ubuntu source (lp:ubuntu/schroot) and applied changes at http://paste.ubuntu.com/371949/19:11
smoserwhenh i build with sbuild, it builds fine, but a schroot-common package is not built.  I'm at a loss as to why, I see i nthe log that files are copied to debian/install/usr/share/locale19:12
smoser(debian/schroot-common.install has 'debian/install/usr/share/locale usr/share')19:12
smoseri notice now the libsbuild-doc package is also not built19:17
maxbsbuild is commonly used for buildds. Therefore, I would be unsurprised if it defaulted to not building architecture=all packages.19:18
smosermaxb, thank you19:19
=== sabdfl1 is now known as sabdfl
gesersmoser: I don't use sbuild but I heard that you need to pass an option to sbuild to also build the arch-indep packages, check the manpage in that direction19:45
smosergeser, yeah maxb suggested above, and was correct.  i had to run with --arch-all19:46
smoserbut thank you19:46
dupondjetsimpson: geser: https://bugs.launchpad.net/ubuntu/+source/aptitude/+bug/39103519:46
ubottuUbuntu bug 391035 in aptitude "aptitude stops displaying downloads" [Low,Triaged]19:46
dupondjeadded a new patch19:46
geserkees: Hi, thanks for your last commit to ubuntu-dev-tools. would you consider it as a fix for bug #518574?19:52
ubottuLaunchpad bug 518574 in ubuntu-dev-tools "requestsync is dependent on a Debian batch process" [Undecided,New] https://launchpad.net/bugs/51857419:52
keesgeser: oh, hrm19:52
* kees reads19:52
keesgeser: yeah, I guess it does.  I will adjust my commeit19:53
dupondjegeser: could you check if its fully correct now ? :)20:03
kirklandslangasek: ping20:03
slangasekkirkland: hi20:03
kirklandslangasek: http://paste.ubuntu.com/371989/ <--- that's the pam patch I need for the improved ecryptfs functionality20:03
kirklandslangasek: i'm looking for guidance from you on the order of operations here20:03
kirklandslangasek: i'm prepping an email to upstream PAM20:03
kirklandslangasek: in what order should the patch be accepted, before I can upload it to Lucid?20:04
kirklandslangasek: ie, is upstream and debian acceptance pre-reqs for getting this patch into Lucid's pam soon?20:04
geserdupondje: looks ok as far as I can tell, you just need to wait for a main sponsor now20:04
dupondjegeser: ok thx for looking :)20:05
slangasekkirkland: why does pam_ecryptfs need pam_keyinit in the auth stage?  If you can tell me that, then I have no objection to it going into lucid first20:05
kirklandslangasek: hrm20:07
kirklandslangasek: this bit was written with dhowells20:07
kirklandslangasek: basically, we need pam_keyutils to establish the session keyring20:08
kirklandslangasek: whereas now, we're using the user keyring20:08
slangasekwhy are we expecting the session keyring to be established before the PAM session is opened? :)20:08
dupondjekees: I see you already uploaded patches for aptitude, is it maby possible to check https://bugs.launchpad.net/ubuntu/+source/aptitude/+bug/391035 ? Would be nice if this gets into Lucid. Just did a build, and it works perfect :)20:08
ubottuUbuntu bug 391035 in aptitude "aptitude stops displaying downloads" [Low,Triaged]20:08
* kirkland thinks20:09
slangasekactually, looks to me like we're missing a corresponding pam_sm_close_session() call - is that going to leave extra session keyrings hanging around in the kernel?20:10
kirklandslangasek: dhowells says that those are auto-reaped20:10
kirklandslangasek: okay, so pam_ecryptfs inserts the key in its pam_sm_authenticate()20:11
kirklandslangasek: which means the keyring must exist at that point20:11
slangasekwhy does it do that, rather than waiting until pam_sm_open_session() itself?20:11
kirklandslangasek: well, we need the passphrase the user actually entered20:12
kirklandslangasek: to unwrap the mount passphrase20:12
slangasekyes; which can be captured in the auth stage and stored as module data until the session stage20:12
kirklandslangasek: interesting...20:12
slangasekotherwise, what happens with a session-less service when you have pam_ecryptfs configured?20:13
keesdupondje: was that meant for someone else?20:13
kirklandslangasek: looking at the code ...20:14
dupondjekees: no, saw you had some change in aptitude. Just need somebody that wants to approve the patch.20:14
kirklandslangasek: pam_ecryptfs's session handler just does the mount, if necessary, and if possible20:15
kirklandslangasek: it expects the necessary keys to already be loaded20:15
slangasekwell, I'm questioning that assumption :)20:15
kirklandslangasek: which happens at the auth stage20:15
slangaseki.e., why should the kernel setup be done at the auth stage, if it's really tied to a session20:15
slangasekconsider a sessionless service that runs multiple user authentications in a single process20:16
slangasek(web services may fit this model)20:16
slangasek(or POP?)20:16
kirklandslangasek: hmm, so you're saying don't load the keys *unless* we're in a session20:19
* slangasek nods20:19
kirklandslangasek: okay, well, i can't find a good argument why not20:19
kirklandslangasek: i think this originally landed in pam_auth so that we would have access to the password20:20
slangasekI think pam_krb5 is probably a good example to follow, here20:20
keesdupondje: oh, yeah, that was just an ABI bump.  check with mvo20:20
kirklandslangasek: okay, well, my only concern is that this is a lot of code for me to muck around with at this point in Lucid20:20
dupondjekees: will do if he's around here somewhere :)20:20
slangasek(though I think pam_krb5 uses kerberos APIs to carry the creds between auth and session, instead of the PAM APIs)20:20
kirklandslangasek: i might need a good second set of eyes20:20
slangasekkirkland: I have several in my drawer20:21
=== xomas_ is now known as xomas
kirklandcjwatson: any objections to this grub2 patch?  -> http://paste.ubuntu.com/372039/21:23
jcolewhere is the global firefox settings file? i want to set the global homepage21:25
cr3when I run debuild: 1. I get .bzr in the resulting tarball; 2. the top directory is $(basename $(pwd)), whereas it should be name-version. how can I solve these problems?21:28
RAOFcr3: It sounds like you probably want to run “bzr bd” rather than debuild.  Are you building from a bzr packaging branch?21:31
cr3RAOF: I'm not sure what is a bzr _packaging_ branch, it's just a bzr branch which happens to contain a debian directory for packaging purposes if that's what you mean21:34
RAOFcr3: Yeah; it's source package you grab via bzr.  You want to use bzr builddeb (or its alias, bzr bd) in the same way that you'd use svn-buildpackage or git-buildpackage.21:35
cr3RAOF: but this package doesn't necessary have an upstream version, so looking for upstream tarball won't work21:39
RAOFbzr bd will either (a) find a nice revision property to tell it how to construct a tarball, or (b) you can use --split to create an .orig.tar.gz from the source tree.21:40
smoserkees, ping.21:50
kirklandslangasek: dhowells joined us here to help answer some of your hard pam questions for me21:53
keessmoser: hi! what's up?21:53
smoserbefore knowing any better, i modified mk-sbuild-lv to support setting up schroot mounts with union-type=aufs21:53
slangasekdhowells: hello :)21:53
smoser(i say knowing any better because i think there might be already existing tools, but mk-sbuild-lv was all i was familiar with, and it had more smarts than i wanted to copy)21:54
smoserwould accepting a patch be possible ?21:54
smoseror would you be uninterested in such a thing, kees21:54
slangasekdhowells: I've posed the argument to kirkland that neither pam_keyinit nor pam_ecryptfs should be messing with the session keyring in the auth stage, because there are valid use cases for sessionless authentication where we don't want the PAM stack to be modifying the keyring of the calling process21:55
dhowellsslangasek: sounds reasonable21:55
slangasekdhowells: and have proposed that he stow the creds in the auth stage with pam_set_data() and retrieve them in the session stage, at which point this patch to pam_keyinit is unnecessary21:56
dhowellsslangasek: the main thing about pam_keyinit is that it needs to be invoked before any PAM module that wants to create keys and hang them off the session keyring21:56
dhowellsslangasek: but it has to be called after "session pam_selinux open blah"21:57
slangasekso doing this in the auth phase is definitely wrong...21:57
dhowellsotherwise the keys and keyrings created by pam_keyinit, pam_ecryptfs, etc., don't get correct security labels21:58
* slangasek nods21:58
keessmoser: one sec, I'll read that22:01
dhowellsslangasek, kirkland: in fact, in can be argued that pam_ecryptfs shouldn't be reading the encrypted key files from the user's homedir until after pam_selinux has set the security label22:01
smoserkees, my feelings wont be hurt if you're not interested, prior to doing it i wasn't aware of a sbuild-createchroot.22:02
kirklanddhowells: that's possibly true; selinux never entered my consideration when doing the encrypted-home-directory work22:03
smoserdoes it seem to anyone else that schroot does not read files in /etc/schroot.conf/chroots.d/ like it says it does?22:04
smoser(err... chroot.d)22:05
keessmoser: on a call, so a bit lagged22:06
smoserno problem.22:06
kirklandslangasek: dhowells: so let me see where this leaves us ...22:09
kirklandslangasek strongly believes that we're doing stuff in auth that we should be doing in session22:10
kirklandburden is on kirkland to convince slangasek otherwise ;-)22:10
keessmoser: interesting.  I didn't know that schroot grew a "union-type".22:11
smoserin 1.4 and it is "preferred"22:11
smoserits faster and smaller than lvm22:11
keesvery interesting.22:12
persiakees: If you're deeply interested, I ought have a refactoring that generates a mk-sbuild-tgz in a couple more hours.22:12
persia(and I'd appreciate your review)22:12
keespersia: does schroot handle tgz sanely (i.e. a target named -source that updates the tgz?)22:13
kirklanddhowells: i can *try* to move my pam_ecryptfs stuff to the session bit22:13
persiaIf you set union-type=aufs, to my understanding.  I'm still testing locally22:13
kirklanddhowells: slangasek: but i have no idea yet how to move the cleartext login passphrase from the auth to the session (will need to look at krb5 per slangasek)22:14
smoserkees, that was my understanding also.22:14
smoseri believe that you can even hvae a loopback filesystem as the source for a union type22:15
keessmoser: cool, yeah, I like this.  persia: I'm interested, for sure.22:15
smoserif you didn't like the filesystems sitting in /srv/chroots unpacked22:15
slangasekkirkland: pam_set_data() in auth, pam_get_data() in session will do the trick (taking care to set an appropriate cleanup function...)22:15
keessmoser: okay, let me shake this patch out a bit (there is at least one little bug) and I'll commit it.22:15
persiakees: OK.  I'll be breaking for food soon, but ought be able to push a branch for review by somewhere shortly after midnight UTC.22:15
smoserkees, note the rename22:15
dhowellsslangasek: is there a chance that someone can steal the data?22:15
smoserif you think thats right.22:16
keespersia: let me get smoser's change in first, since that'll have the framework for "chroot type" in it.22:16
persiasmoser: I'm putting tarballs in /var/lib/schroot/tarballs/ by default.  Does that also make sense to you?22:16
keessmoser: yeah, I think that's fine.22:16
smoserpersia, i picked /srv/chroots, just as that was what was in the examples in man schroot22:16
smoservar/lib sounds reasonable.22:16
keespersia: that sounds good to me.  I'd like the chroots to be under there too (instead of /srv/*)22:16
smoserwe can definitely have it support tgz, directory, and lvm by users preference.22:17
kirklandslangasek: i'll give that a shot22:17
persiasmoser: Looking at your patch, I think we've been doing the same thing for the past while :)22:17
kirklandslangasek: assuming that works, then keyring creation should happen in the session22:17
smoserwell, good, then i *completely* wasted my time :)22:17
slangasekdhowells: the same chance that someone would intercept the password while it's being input22:18
smoserpersia, since you're kind of playing there, i would appreciate a sanity check...22:18
smoserfor me, contrary to doc, files in /etc/schroot/chroot.d/ are ignored22:18
persiasmoser: I'll let kees review the patch, since he's had lots more experience hacking that script than I :)  I split the scripts and refactored, rather than adding, but I like your approach better.  One note is that you might pull the lvm2 install out of the initialisation, and have a `dpkg -l lvm2 || sudo apt-get install lvm2` run only in cases where an lvm snapshot is requested.22:19
smoseri figured out the chroots.d, seems like there is a filter applied to filenames there that i wasnt passing. sbuild::is_valid_filename was filitering it out.22:23
smoseri have to run22:23
smoserkees, if we're dusting off that script, we really should write entries into /etc/schroot/chroots.d22:24
persiaWhat does that directory do?  I'm not finding it in the docs.22:24
=== azeem_ is now known as azeem
persiasmoser: You may also want to consider rebasing off the mk-sbuild-lv in lucid.  It's similar, but has a few other changes.22:28
Caesaryofel: ping22:29
Caesaryofel: bug #381753, I just want to make sure that marking it Fix Released isn't going to cause it to be overlooked for Hardy22:30
ubottuLaunchpad bug 381753 in dpkg "Handling of conflicting conffiles broken" [High,Fix released] https://launchpad.net/bugs/38175322:30
yofelCaesar: not sure (that's why I nominated it), but the bug is fixed in Ubuntu since Jaunty so it *is* fixed22:31
CaesarI can provide a patch if it helps, it's laughably small22:31
persiaCaesar: Please do, if you have one.  It may not affect the fix time, but having it in a state where it only requires review rather than requiring development tends to smooth the path.22:32
CaesarI don't have one, but at the time I looked at what the fix was, and it was a one-liner22:33
CaesarSo I can produce one relatively easily once I revisit the problem22:33
kapdiawhich option do i use on a live cd to only install a minimal system22:40
* kapdia can't access #ubuntu or #ubuntu-support22:41
RAOFI don't think you do - for that I think you need the alternate CD.  Also, not really a question for #ubuntu-devel; #ubuntu or #ubuntu+1 would be the appropriate venue.22:41
kapdiathx RAOF22:41
johnmcould anyone tell me if something has changed re: users being able to setuid root recently? in that, I can't :)23:04
slangasekwhat do you mean, "setuid root"?23:11
johnmslangasek: as in, setuid32(0).. but I've worked it out now I think.. been racking through it for a while now and its just been getting frustrating ;)23:12
slangasekehm, I don't know why you would expect a user to be able to call that23:13
johnmon a setuid binary?23:13
slangasekif it's on a setuid binary, then it's not the user calling setuid() :)23:18
tlyubut if it's a setuid binary, not _all_ of UIDs get set on exec...23:22
johnmindeed, but as an example I was setuit root on the binary and then called setuid() and it was failing, but it was an apparmor profile blocking it.23:25
johnmsomething I thought I'd disabled :)23:25
slangasekaha :)23:30

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!