/srv/irclogs.ubuntu.com/2011/11/19/#ubuntu-motu.txt

=== virusuy is now known as virusuy-away
=== sagaci_ is now known as sagaci
=== yofel_ is now known as yofel
tumbleweedLaney: Think I've got a coherent complete upload history set. Ready to take it?10:33
=== Quintasan_ is now known as Quintasan
tumbleweedmeh, summer is here. It's still and hot :/14:30
tumbleweedhighvoltage: getting well baked?14:30
=== virusuy-away is now known as virusuy
highvoltagetumbleweed: staying mostly inside for the moment :)14:46
tumbleweedthe curse of being bound to a computer...14:47
highvoltageI have to be careful, I get subnurnt really easy. (even in london in the winter once)14:54
tumbleweedheh15:03
=== JackyAlcine is now known as EvilJackyAlcine
=== EvilJackyAlcine is now known as JackyAlcine
broderScottK, tumbleweed, micahg, Laney: i'm working on revamping the backports docs to try and do a better job of delineating "end-user" and "developer" targeted docs. what i have so far is at http://bit.ly/rNEOWc20:31
broderi'd like to split the docs between help.u.c (end-user) and wiki.u.c (dev)20:32
broderinterested in your thoughts. also interested in how to avoid wall-of-text syndrome for the stuff i have drafted20:32
ScottKAvoiding wall of text isn't something I'm very good at.20:34
ScottKbroder: Scanned it and I think it's good.  My only comment is to make clear that "developer" is anyone that wants to build/test a backport.20:35
broderi guess i'm hoping it will balance well as a reference against requestbackport's less verbose output20:35
broderah, good catch20:36
ScottKIt might even be better to call it tester instead of developer.  not sure.20:36
broderi don't think i actually use the word developer in the docs, just my title, which was more placeholder20:36
ScottKOK.20:36
broderbut i should probably make it clear in the text20:37
ScottKThere are really five states: Requester, Builder, Tester, Approver, User20:37
ScottKApprover is the only one that requires an ubuntu-dev type person.20:37
ScottKBuilder is the only one that may need some technical/packaging knowledge.20:38
* broder nods20:38
ScottKI think having information for requesting/building/testing as distinct things would be good as people can sometimes do one of those things and not the others.20:39
ScottKGoing from Requesting -> Building/Testing would be a good bridge from h.u.c to w.u.c.20:39
broderi'm not sure we should encourage that, because you risk setting the expectation that requested backports will eventually get handled without any additional input from the requester, and that just doesn't happen in practice20:40
ScottKI think we should say that.20:41
ScottKYou can file a request, but ...20:41
broderfiar20:41
ScottKThere was a time when there were people who would test backports they didn't request.20:41
ScottKIt might happen again if we get things ramped up a bit.20:41
broderyeah, and i still want to try to automate some of the testing, which will probably also help20:42
broderok. i'll play with it some and see if i can tease those roles apart more20:42
ScottKGreat20:42
virusuyhi everyone21:22
virusuyi'm trying to package a simple bash script21:22
virusuyand i need to modify $PATH21:23
virusuywhere should i declare that in the package ?21:23
tumbleweedvirusuy: that sounds wrong. Why do you need to modify $PATH?21:26
CarlFKonce a .deb is on a stable repo (or maybe beta too) it won't be updated: a newer version may come out, but it will have a new file name.  right ?21:27
tumbleweedCarlFK: yes, but why are you asking?21:27
virusuytumbleweed: but if i don't modify $PATH, how can i call the script without using the full path ?21:27
CarlFKtrying to figure out if I should bother telling squid to expire debs21:27
tumbleweedvirusuy: what are you trying to do?21:29
CarlFKhttp://bazaar.launchpad.net/~ubuntu-branches/ubuntu/oneiric/squid-deb-proxy/oneiric/view/head:/squid-deb-proxy.conf#L52  refresh_pattern deb$   129600 100% 12960021:29
CarlFK129600 min is 90 days.21:29
CarlFKmade me wonder where 90 days came from21:29
virusuytumbleweed: i have a bash script21:30
tumbleweedvirusuy: so, put it in /usr/bin, so it'll be on people's paths21:31
virusuytumbleweed: ok then21:31
l3ontumbleweed, around ? :)21:51
l3onI've solved this ftbfs:21:51
l3onhttps://launchpad.net/ubuntu/+source/clearsilver/0.10.5-1.2/+build/293041021:51
l3onWhat's next step?... file a bug?21:51
tumbleweedl3on: yup, https://wiki.ubuntu.com/SponsorshipProcess21:53
l3ontumbleweed, well.. which info I have to report?21:53
l3onI mean.. I patched a source file21:53
jtaylorl3on: idealy file a bug vs upstream and debian21:53
jtaylorformat-security issues are probably no reason to diverge from debian at this point21:54
l3onpatch is:21:54
l3on-  cgi_error (cgi, s);21:54
l3on+  cgi_error (cgi, "%s", s);21:54
l3ondirectly to upstream ?21:54
jtaylorif upstream is affected yes21:55
jtaylorhere an example bug I filed: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=64635021:55
ubottuDebian bug 646350 in src:mupdf "mupdf: FTBFS with -Werror=format-security" [Normal,Open]21:55
jtaylorIn your case you would add the aptch too21:56
l3onok jtaylor I'll do it :)21:56
l3onand in Ubuntu jtaylor I have to file a "merge bug" ?21:57
jtaylorubuntu will get the fix automatically when debian fixes it21:57
jtayloris there any info if this flag will stay enabled for precise?21:58
l3onI don't know how I can check it21:58
l3onI read this: http://en.wikipedia.org/wiki/Format_string_vulnerabilities21:59
l3onand applied patch21:59
tumbleweedjtaylor: I would assume it won't. Last I heard, we were waiting for the first rebuild to see how bad the fallout was21:59
tumbleweedbut the rebuild won't happen until feature freeze21:59
jtaylorok thx21:59
jtaylorl3on: in this case we will want to wait a bit before fixing the package in ubuntu22:00
l3onOk, I'm going to file only bug debian.22:00
jtaylorcarrying difference to debian is a maintenance overhead which might not be necessary in this case yet22:00
l3onOk, I got it :)22:00
jtaylordebian does not enable that flag for the whole archive22:00
jtaylorbut thanks for looking at it, your help will be much appreciated when ubuntu decides to keep the flag22:02
l3onok bug filed in debian e upstream22:25
l3ondebian 64932222:25
ubottuDebian bug 649322 in clearsilver "" [Normal,Open] http://bugs.debian.org/64932222:25
tumbleweedl3on: whoops, that doesn't have a subject22:26
l3ondamn ...22:26
jtaylorno problam you can fix that easily22:26
jtayloralso you should add tags22:26
jtaylorit has a patch so the patch tag should be added, also these issues are tracked in so called usertags, "hardening-format-security hardening" for user debian-qa@lists.debian.org22:27
l3onI'm reading how to do it22:28
jtaylorl3on: mail this to http://paste.ubuntu.com/743693/ control@bugs.debian.org22:30
tumbleweedif you have working mail on your machine, there's a handy tool called bts in devscripts, for things like that22:32
l3onthank you jtaylor .. I was still reading retitle command :P22:32
l3onah wow .. nice, I'm looking at manpage22:33
jtayloryou should also keep how to reproduce it in debian in the bug22:35
jtaylorin this case it is by enable the hardened build22:35
l3onThe export+include ? :)22:36
l3onAh ok, I'm making note about this ...22:36
jtayloryes just helps to quickly test it22:36
jtayloryou quited the d-d-a mail it is in there, but adding cliffnotes is always nice22:37
l3onok :)22:38
jtaylordon't forget to subscribe to the bug22:38
jtaylorthe bts will not do that for you even when you file it22:39
l3onand in Ubuntu how people will know that there is a pending patch in Debian ?22:40
jtaylorduring rebuilds bugs are filed in ubuntu22:41
jtaylorwhich you link and tag with the debian bugs22:41
jtayloralso when fixing issues you always look in debian if there is a fix already22:41
l3onOk,thanks for this :)22:42
l3onMmm.. I sent mail at control .. but nothing changes...22:50
jtaylorit takes a while22:50
l3onoki :)22:51
jtaylorthe bts is not very fast, some parts are only updated every 15 minutes22:51
l3onthis problem will be reported in the same way?22:51
l3onhttps://launchpadlibrarian.net/83733832/buildlog_ubuntu-precise-i386.libccscript3_1.1.7-1.1_FAILEDTOBUILD.txt.gz22:51
jtayloryes looks like the same issue22:52
jtaylorbefore you file issues, check if it was already filed22:53
jtaylorI did a few of these a while back22:53
jtayloralso you should always check if debian is really affected22:53
l3onok, I checked and it filed under debian 64341722:54
ubottuDebian bug 643417 in src:libccscript3 "libccscript3: FTBFS: compiler.cpp:1147:38: error: format not a string literal and no format arguments [-Werror=format-security]" [Serious,Open] http://bugs.debian.org/64341722:54
l3onanother question :)23:00
l3onWhy some builds seem to fail whet apply patch ?23:00
l3onand patch comes from debian23:01
l3onthis for example:23:01
l3onhttps://launchpadlibrarian.net/85415333/buildlog_ubuntu-precise-i386.magics%2B%2B_2.12.9-5_FAILEDTOBUILD.txt.gz23:01
jtaylorthat is a special case23:01
jtaylorthe buildtool needs patching so it correctly handles the as-needed flag23:02
jtaylorbecause libtool sucks ;)23:02
l3onlol23:02
jtaylorso this package had a patch included in the it23:02
jtaylorbut the underlying libtool was updated so the patch does not apply anymore23:02
jtaylordh-autoreconf has gained the ability to do the patching now23:02
jtaylorwhich is more robust as it only needs one package to be up to date isntead of many23:03
jtaylordh-autoreconf --as-needed23:03
l3onwell.. I have to go.. thanks for all :)23:09
l3onbye23:10

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!