/srv/irclogs.ubuntu.com/2011/10/13/#ubuntu-motu.txt

=== med_out is now known as medberry
=== medberry is now known as med_out
alkisgHi, I'm developing an app called epoptes, where the epoptes-client part gets installed in clients, and on postinst it autodetects with avahi (or if not, it presends a debconf dialog) a public crypto key and the DNS name or IP of the server where the epoptes-server runs. It then saves that DNS name and uses it when the epoptes-client service starts on boot.05:28
alkisgMy question is, where should the key+DNS name be saved? In /etc or in /var? And if I store it in /etc/default/epoptes, should that be a conffile, even if postinst will modify its contents?05:28
RAOFalkisg: I'd probably lean towards /etc, particularly since this seems like it's meant to be end-user-editable.  Which would mean it probably *should* be a conf-file, because you don't want it overwritten on updates.05:31
=== almaisan-away is now known as al-maisan
alkisgThank you RAOF. My next question is, I'd like to minimize the cases where the debconf dialog is displayed. When the client service runs, it connects to the server and offers it a remote shell so that a sysadmin on the server can manage all the clients (execute commands etc) through a GUI. So it's somewhat security-sensitive.05:36
alkisgWould it be reasonable to assume that if only one such server is published on avahi at the time the client postinst runs, then this is the server from which the sysadmin will be controlling the clients, and not present a debconf confirmation/entry dialog in this case?05:36
=== al-maisan is now known as almaisan-away
RAOFI guess this depends on where you expect this to be deployed.05:37
alkisgSchool computer labs, mostly05:38
alkisgWhere the teacher will be monitoring clients, executing commands on them tem05:38
alkisg*ec05:38
alkisg*etc, damn :)05:38
RAOFIf this is intended to land in the main archive, then that seems insecure, as there are any number of systems that won't be on trusted networks.05:38
alkisgI'd like it to be included in universe, but no, not in main05:38
RAOFI don't think I'd automatically have it trust a machine it discovers via avahi.05:39
alkisgAh, but I could use preseeding in order to automate installations, right?05:40
alkisgSo if the sysadmin put the server name with preseeding, then I'd trust that avahi-published server with the same dns name...05:40
alkisgDoes preseeding sound reasonable?05:41
alkisgAlso, if the dns name goes in /etc and it's a conffile that was changed in postinst, that will prompt the user on upgrades. I think there's a configuration mechanism that somehow marks that file so that no prompt appears if the user didn't manually edit the file, how's that mechanism called? UCF?05:47
RAOFYeah, preseeding would be reasonable.  And, now that I think of it, as long as your postinst respects any existing file, it doesn't need to be marked as a conffile.05:48
alkisgThank you very much :)05:48
Angelohello06:56
dholbachgood morning07:08
Angelodholbach: hi!07:09
Angelo:-)07:09
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
=== almaisan-away is now known as al-maisan
handschuhhi, what I am just wondering. is it allowed to include python "binary" code into source packages while java-bytecode is not allowed there?11:33
RhondaBoth is allowed along the same rules: If they get regenerated when producing the binary package and don't get installed directly into the binary package, they are accepted in the source package.11:43
RhondaUnder the assumption that those binaries are actually produced from the same set of source. But to assure that, the binary package is only allowed to contain binaries that are produced during the build process.11:45
handschuhWhat for example for binaries that are only needed for the build process and not for the actual package itself?11:46
geserhandschuh: what you mean with "python binary code"?11:47
handschuhgeser: for instance the waf "binary"11:47
Rhondahandschuh: binaries needed for the build process do require source-full rebuild too.11:47
Rhondahandschuh: Whether they end in the actual binary package or produce those binary packages isn't the difference here.11:47
RhondaIncluded binaries in source packages are not allowed to be used in any sense, they need to be reproduced before from source.11:48
handschuhRhonda: thats good to know, thank you. What if I find such a package in the universe repos?11:48
RhondaThe only exception here is obviously multiverse for which no source is required to be available. ;)11:48
RhondaThen file a serious bugreport against them.11:49
geserhandschuh: file a bug and let us know here11:49
RhondaBecause of policy violation.11:49
handschuhok, I already did that with the bug report11:49
tumbleweedhandschuh: can you tell us the bug number?11:50
handschuh87300311:50
Rhondabug #87300311:50
ubottuLaunchpad bug 873003 in postler (Ubuntu) "waf binary in sourcecode" [Undecided,New] https://launchpad.net/bugs/87300311:50
tumbleweedaah, waf11:50
handschuhyes waf11:50
tumbleweedwaf is a special case of horribleness11:50
handschuhindeed!11:50
handschuhmaybe the same holds for the midori package11:51
handschuhbut I did NOT check that11:51
RhondaIt might be a horribleness, but that doesn't warrant an exception for main/universe11:51
tumbleweedwell, waf can't be broken out into a separate package, it has to be bundled with every source package that needs it11:52
handschuhyes thats the tricky part11:52
RhondaThen the sourcecode has to be bundled with the source package, too11:52
tumbleweedRhonda: naturally :)11:52
Rhondasourcecode of waf, that is11:52
* tumbleweed thought waf was python, though11:52
RhondaOr, would a waf-source "binary" package be able to work around for that?11:52
tumbleweedno, the problem is that waf doesn't provide a stable API to packages that use it11:53
handschuhit has been removed from lucid on11:53
RhondaThat bugreport should potentially be forwarded to Debian.11:53
handschuhI think there is no debian package of polster11:54
RhondaThough: Maintainer: Devid Antonio Filoni <d.filoni@ubuntu.com>11:54
Rhondahandschuh: Well, there is.11:54
RhondaYou think wrong. :)  http://packages.debian.org/postler11:54
handschuhRhonda: indeed, I missed that11:54
Rhondaand, the included waf isn't a binary file?11:54
* Rhonda did a quick apt-get source postler11:54
Rhondahandschuh: which is the "binary" file there?11:55
handschuh"waf"11:55
Rhondawaf: a python script text executable11:55
DktrKranzoh, waf again? plese, no!11:55
handschuhlook at the last lines11:55
Rhondahandschuh: Not a binary in the source package I look at over here?11:55
Rhondaoh11:55
handschuhyes, nasty11:55
Rhondaline 161 that is, right11:56
Rhondawtf does it do that?11:56
handschuhthats the actual waf script11:56
tumbleweedbdrung: ubuntu-distro-info is currently broken in Debian testing11:56
handschuhIMHO11:56
DktrKranzthere was a waf package (with me being one of the co-maintainers), upstream "kindly" asked us to refrain from package it, and let waf "binary" to be distributed with several programs11:56
Rhondahandschuh: I'm filing the bugreport now.11:56
handschuhRhonda: thanks a lot!11:57
LaneyDktrKranz even sponsored postler ;-)11:58
DktrKranzyeah11:58
tumbleweedbdrung: aah, no it's just confused by precise not being open yet11:58
DktrKranzFYI, here's a summary about waf: http://lists.debian.org/debian-devel/2010/02/msg00714.html12:00
handschuhRhonda: same thing with midori (since the authors are partially the same)12:00
handschuhDktrKranz: yes, I read that and thats what caught my attention (also a python script that has 160 lines an 90kb of size)12:01
Rhondahandschuh: checking12:01
RhondaDo you have an LP bug number? Or not filed?12:01
handschuhRhonda: not filed since I checked that just now12:02
Rhondahmm, that's a different maintainer12:03
Laneyis there any place to search the contents of source packages?12:05
RhondaDktrKranz: You didn't mention in that blaaaahhhhh12:05
Rhondacorsac!!12:05
* Laney thinks a lintian error for waf would be worthwhile12:06
handschuhLaney: yes that would be very helpful to avoid waf12:06
Rhondaat least that was done post-squeeze.12:06
Laneyyeah?12:07
DktrKranzwell, to be honest, waf has source code12:07
DktrKranzthere's an option to unpack it into wafadmin directory12:07
Rhondanot in midori anymore, not since 0.3.0-1.112:08
DktrKranzobviously, it isn't the preferred form of modification12:08
handschuhRhonda: it is in 0.4.012:09
=== Quintasan_ is now known as Quintasan
DktrKranzthe win-win solution is to get rid of waf for good12:09
DktrKranzIIRC, there are ~10 packages using it, with midori being the more publicized one12:09
Rhondahandschuh: what is in 0.4.0?12:10
handschuhRhonda: waf12:12
RhondaI know.12:13
RhondaBut the source was removed in 0.3.0-1.1, that's what I meant.12:13
handschuhah, ok I see12:13
handschuhit should not be to hard to get rid of waf in those two packages as I was able to compile them with a 10 line makefile12:14
handschuhs/them/postler12:15
handschuhRhonda: thank you for the fast reaction on that issue!12:21
=== dpm_ is now known as dpm
Laneydoesn't look like the maintainer responds to bugs though12:22
RhondaDoesn't matter as long as the release team removes the package. :)12:22
Rhondahuhm12:24
Rhondahandschuh: Just reading the mail from DktrKranz, the line 161 seems to be an embedded .tar.bz2 file.12:24
DktrKranzit is12:24
DktrKranzand gets unpcked in $PWD/.waf-*/wafadmin12:25
Rhondahmm, so the bugreports might be invalid then?12:25
bdrungtumbleweed: what's the output of ubuntu-distro-info on testing?12:26
=== al-maisan is now known as almaisan-away
handschuhRhonda: yes that is correct but in general, this could contain anything. One never knows until one extracts the file and unpacks it12:28
=== almaisan-away is now known as al-maisan
DktrKranzAFAIK, embedded waf sources are all DFSG-free (while waf source tarball distributed upstream isn't). Sources are in place when launching waf, the correct way to invoke them would be launching waf-light once unpacked, or write something that does just that12:29
Rhondahandschuh: Well, you don't know what's in a source package until you unpack it neither.12:29
RhondaThere are packages that contain multiple upstream tarballs in a single source package.12:30
DktrKranzbut I guess is an overkill for a 10 package work...12:30
Rhondahmm, how do I enter a \r in vim?  \n is ^M12:31
handschuhRhonda: indeed. so it is invalid, or not?12:31
=== med_out is now known as medberry
Rhondahandschuh: I fail to find the proper way to unpack and repack that included binary because it contains a substitution of \r for #% and \n for #*13:03
RhondaAnd thus can't be directly saved. Missing the tools to un- and repack the included tarball this still is valid (to me)13:03
handschuhRhonda: good. to me it is also still valid since accepting this would mean that one can pack the sources in a non standard-way (for instance base64 then some xor with a value that is in the unpack-script) which might be theoretically ok but it at least very ugly in my opinion.13:07
=== al-maisan is now known as almaisan-away
=== almaisan-away is now known as al-maisan
murraycDo I need to do anything for a "dependency-wait" build status?13:22
gesercheck which dependency is missing and why13:25
geserif it's only because the other dep is still building then wait and recheck later13:26
geserthe "dependency-wait" build gets retried automatically but you don't get a notify if is still in depwait for an other reason13:26
murraycgeser: It's just a regular oneirc package. https://launchpad.net/~openismus-team/+archive/ppa/+build/284072313:32
gesermurrayc: typo in your Build-Depends line: it's libgtksourceview-3.0-dev (note the - before the 3.0)13:37
murraycgeser: Ah. Thanks. I have looked at that so many times looking for a typo, but didn't see it.13:38
=== al-maisan is now known as almaisan-away
tumbleweedbdrung: it doesn't have precise yet, so http://paste.ubuntu.com/707395/15:27
tumbleweedwe should have waited for it to migrate before doing more stuff15:28
tumbleweedbdrung: we also need a u-d-t upload soonish, to update the dependencies15:29
bdrungtumbleweed: we should wait for getting 0.3 migrated15:30
bdrungtumbleweed: the u-d-t upload does not hurry15:30
tumbleweedI'll ask for a speedy migration15:30
tumbleweedbdrung: we'll have to SRU it in natty too. Which means clearing the existing SRU15:35
bdrungtumbleweed: or we need to get the SRU migrated to updates in then get it in15:38
tumbleweedindeed, that is preferable. I was going to ask for volunteers in #ubuntu-testing (if they aren't all exhausted)15:39
tumbleweedbdrung: http://paste.debian.net/hidden/178c8b32/15:42
bdrungtumbleweed: feel free to propose something that a user can change15:54
jtaylorwhat do I do with this: https://code.launchpad.net/~jtaylor/ubuntu/natty/pycryptopp/sru-811721/+merge/7933019:43
jtaylorI can only set the status ti WIP needs review or merged19:44
jtaylorno deny19:44
jtaylorset it to merged?19:44
jtayloror delete it?19:44
tumbleweedjtaylor: members of ubuntu-branches can set other statuses, just ask (normally in -devel)19:53
tumbleweeda slight confuion there is that it'll actually be merged into -proposed19:53
=== yofel_ is now known as yofel
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
=== medberry is now known as med_out
=== Quintasan_ is now known as Quintasan
=== SanbarComputing is now known as sanbar

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!