January 2011 - Arch-dev-public - lists.archlinux.org

Re: [arch-dev-public] [arch-general] [signoff] kernel26-2.6.37-4
by Dan McGee 28 Jan '11

28 Jan '11

On Fri, Jan 28, 2011 at 2:12 AM, Andrea Scarpino <andrea(a)archlinux.org> wrote: > On Thursday 27 January 2011 22:29:46 Tobias Powalowski wrote: >> Hi guys, >> please signoff 2.6.37 series for both arches. >> >> Upstream >> changes: >> http://kernelnewbies.org/LinuxChanges >> >> Features included: >> - modules are now gzipped, this saves 70MB disk space >> - added CONFIG_EXT3_DEFAULTS_TO_ORDERED=y >> - aufs2.1 latest snapshot >> - added crypto headers >> - added xen headers > Everything ok. Sign off x86_64 Signoff both, NFS4 working between two boxes of different architectures. -Dan

1 0

[arch-dev-public] [signoff] mkinitcpio 0.6.8-1
by Thomas Bächler 28 Jan '11

28 Jan '11

Minor update. I would like to highlight two improvements: 1) autodetection of filesystems now only probes the root device, not all block devices. This might solve some bugs with mkinitcpio hanging during image generation. 2) gzipped kernel modules should now be supported. This can increase the installed size of our kernel package by 100MB. Shortlog: Dave Reisner (1): mkinitcpio: mount real root device instead of symlink Thomas Bächler (6): Do not include everything from /block/ in the SCSI hook. autodetect: only probe the root device filesystems: remove cp437, it is added as an extra module whenever fat is used If filesystem autodetection fails, use all_modules instead of checked_modules Support .ko.gz kernel modules, in addition to .ko Release version 0.6.8 Tom Gundersen (1): mount: forbid suid,exec,dev from /proc and /sys

5 5

[arch-dev-public] Adding nvidia-lts in [extra]
by Eric Bélanger 28 Jan '11

28 Jan '11

Hi, I would like to add nvidia-lts in extra repo. I'm already maintaining the PKGBUILD on AUR. Any objections? Eric

3 2

[arch-dev-public] PyPoppler
by Ray Rashif 27 Jan '11

27 Jan '11

I'm bringing this [1] in as python2-poppler for a feature request [2], though it will just be an optional dependency. The question is, can any existing package make use of it (PDF functionality, mainly export)? If not, it will go to [community] instead. In case anyone happens to know. [1] http://aur.archlinux.org/packages.php?ID=18009 [2] https://bugs.archlinux.org/task/22572

2 2

[arch-dev-public] [signoff] openssh-5.7p1-2
by Gaetan Bisson 27 Jan '11

27 Jan '11

Hi again, So openssh-5.7p1-2 is now in [testing] and its only difference with the previous version is that it has PAM re-enabled in sshd_config, following the consensus we reached on the openssh-5.7p1-1 signoff thread. Please test and signoff this new package. (For convenience, I reproduce the upstream ChangeLog from 5.6 below.) -- Gaetan Changes since OpenSSH 5.6 ========================= Features: * Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656) is NOT implemented. Certificate host and user keys using the new ECDSA key types are supported - an ECDSA key may be certified, and an ECDSA key may act as a CA to sign certificates. ECDH in a 256 bit curve field is the preferred key agreement algorithm when both the client and server support it. ECDSA host keys are preferred when learning a host's keys for the first time, or can be learned using ssh-keyscan(1). * sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command * scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. * ssh(1): automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys, since these are now preferred when learning hostkeys for the first time. * ssh(1)/sshd(8): add a new IPQoS option to specify arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 * sftp(1): the sftp client is now significantly faster at performing directory listings, using OpenBSD glob(3) extensions to preserve the results of stat(3) operations performed in the course of its execution rather than performing expensive round trips to fetch them again afterwards. * ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races. stale server sockets are now automatically removed. (also fixes bz#1711) * ssh(1)/sshd(8): add a KexAlgorithms knob to the client and server configuration to allow selection of which key exchange methods are used by ssh(1) and sshd(8) and their order of preference. * sftp(1)/scp(1): factor out bandwidth limiting code from scp(1) into a generic bandwidth limiter that can be attached using the atomicio callback mechanism and use it to add a bandwidth limit option to sftp(1). bz#1147 BugFixes: * ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories. bz#1809 * ssh(1): avoid NULL deref on receiving a channel request on an unknown or invalid channel; bz#1842 * sshd(8): remove a debug() that pollutes stderr on client connecting to a server in debug mode; bz#1719 * scp(1): pass through ssh command-line flags and options when doing remote-remote transfers, e.g. to enable agent forwarding which is particularly useful in this case; bz#1837 * sftp-server(8): umask should be parsed as octal * sftp(1): escape '[' in filename tab-completion * ssh(1): Typo in confirmation message. bz#1827 * sshd(8): prevent free() of string in .rodata when overriding AuthorizedKeys in a Match block * sshd(8): Use default shell /bin/sh if $SHELL is "" * ssh(1): kill proxy command on fatal() (we already killed it on clean exit); * ssh(1): install a SIGCHLD handler to reap expiried child process; bz#1812 * Support building against openssl-1.0.0a Portable OpenSSH Bugfixes: * Use mandoc as preferred manpage formatter if it is present, followed by nroff and groff respectively. * sshd(8): Relax permission requirement on btmp logs to allow group read/write * bz#1840: fix warning when configuring --with-ssl-engine * sshd(8): Use correct uid_t/pid_t types instead of int. bz#1817 * sshd(8): bz#1824: Add Solaris Project support. * sshd(8): Check is_selinux_enabled for exact return code since it can apparently return -1 under some conditions.

3 2

Re: [arch-dev-public] MySQL 5.5
by Ángel Velásquez 26 Jan '11

26 Jan '11

2010/12/21 Andrea Scarpino <andrea(a)archlinux.org>: > On Tuesday 21 December 2010 16:16:57 Andrea Scarpino wrote: >> I am trying to update mysql to 5.5.8. It uses cmake now. >> >> I built and successfully installed it on my system. It seems to work, but I >> won't broke any Arch Linux system and I want to know the right procedure on >> how to proceed with this major update. >> Also, before I put the packages in [testing], I'd like if someone can take a >> look to them or try the new packages. >> >> PKGBUILD is here[1]; packages are here[2]. >> A diff between my PKGBUILD and the current one is here[3]. >> >> Remember that you need to run mysql_upgrade as root after the installation >> and with mysql running. I added a message to post_update() for this. > No reply. This goes in [testing] to get more feedback. > > -- > Andrea Scarpino > Arch Linux Developer > Why partition table plugin was disabled? any particular reason? -- Angel Velásquez angvp @ irc.freenode.net Arch Linux Developer / Trusted User Linux Counter: #359909 http://www.angvp.com

2 1

[arch-dev-public] [signoff] lvm2/device-mapper 2.02.82-1
by Eric Bélanger 26 Jan '11

26 Jan '11

Hi, lvm2/device-mapper 2.02.82-1 are in testing for minor upstream update. Please test and signoff. Users signoffs are welcome. Thanks Eric

2 2

[arch-dev-public] [RFT] initscripts 2011.01-1
by Thomas Bächler 26 Jan '11

26 Jan '11

Okay, this has been sitting in git for a loooong time, and I am throwing it out there. This should receive lots of testing, as there has been major rewriting done. We need to make sure there are no regressions. It should also fix a small number of bugs. New known bugs: When netcfg's init scripts are called, these lines are printed: /etc/rc.d/functions: line 320: declare: add_hook: readonly variable /etc/rc.d/functions: line 320: declare: run_hook: readonly variable This happens when rc.functions is loaded twice, I'll look into fixing that. This is the shortlog: Dan McGee (1): Unify capitalization of 'Udev' Dave Reisner (2): rc.sysinit: condense calls to mkdir and chmod Use modprobe's --all flag instead of looping. Florian Pritz (1): restrict NETWORK_PERSIST to runlevel 0 and 6 Gerardo Exequiel Pozzi (1): Add support for serial console Heiko Baums (3): cryptsetup: read keys for non-root LUKS partitions as raw data from block device cryptsetup: abort if LUKS is found on swap partition cryptsetup: print name of device being opened Thomas Bächler (5): Remove a redundant subshell, see FS#20016 Fix two typos introduced by the latest patch series Change SWAP sanity check to use blkid in favor of cryptsetup Fix isLuks check Change copyright and license information Tom Gundersen (9): udevadm: trigger events of type subsystems as well as devices udevadm: retry failed udev events after filesystems have been mounted udev: do not copy /lib/udev/devices/* to /dev locale: set the sysfs value default_utf8 rather than enabling/disabling utf8 in locale.sh mount: forbid suid,exec,dev from /proc and /sys lvm: run vgchange in sysinit mode lvm: enable/disable monitoring of lvm2 groups cryptsetup: fix indentation PATH: export a standard path in rc.sysinit Victor Lowther (15): Bashify initscripts. A little creative parameter expansion simplifies stat_die(). Clean up status() function. Simplify in_array. Finish bashifying functions. Bashify rc.multi Bashify rc.single. Both rc.single and rc.shutdown use the same code to kill everything. Bashify rc.shutdown Bashify rc.sysinit, part 1 Rewrite /etc/crypttab processing. Bashify netfs Bashify adjtime.cron Trivial bashification of network script. Add a PKGBUILD for building initscripts-git for testing.

1 0

[arch-dev-public] [signoff] openssh-5.7p1-1
by Gaetan Bisson 26 Jan '11

26 Jan '11

Hi everyone, OpenSSH 5.7 has just been released. Due to Guillaume's work on this package, the upgrade was quite straightforward and openssh-5.7p1-1 is now in [testing]. All tests pass on both architectures. Enjoy your shiny new ECDSA keys! (And then please signoff.) -- Gaetan Changes since OpenSSH 5.6 ========================= Features: * Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656) is NOT implemented. Certificate host and user keys using the new ECDSA key types are supported - an ECDSA key may be certified, and an ECDSA key may act as a CA to sign certificates. ECDH in a 256 bit curve field is the preferred key agreement algorithm when both the client and server support it. ECDSA host keys are preferred when learning a host's keys for the first time, or can be learned using ssh-keyscan(1). * sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command * scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host. Without this option the data is copied directly between the two remote hosts. * ssh(1): automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys, since these are now preferred when learning hostkeys for the first time. * ssh(1)/sshd(8): add a new IPQoS option to specify arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 * sftp(1): the sftp client is now significantly faster at performing directory listings, using OpenBSD glob(3) extensions to preserve the results of stat(3) operations performed in the course of its execution rather than performing expensive round trips to fetch them again afterwards. * ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races. stale server sockets are now automatically removed. (also fixes bz#1711) * ssh(1)/sshd(8): add a KexAlgorithms knob to the client and server configuration to allow selection of which key exchange methods are used by ssh(1) and sshd(8) and their order of preference. * sftp(1)/scp(1): factor out bandwidth limiting code from scp(1) into a generic bandwidth limiter that can be attached using the atomicio callback mechanism and use it to add a bandwidth limit option to sftp(1). bz#1147 BugFixes: * ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories. bz#1809 * ssh(1): avoid NULL deref on receiving a channel request on an unknown or invalid channel; bz#1842 * sshd(8): remove a debug() that pollutes stderr on client connecting to a server in debug mode; bz#1719 * scp(1): pass through ssh command-line flags and options when doing remote-remote transfers, e.g. to enable agent forwarding which is particularly useful in this case; bz#1837 * sftp-server(8): umask should be parsed as octal * sftp(1): escape '[' in filename tab-completion * ssh(1): Typo in confirmation message. bz#1827 * sshd(8): prevent free() of string in .rodata when overriding AuthorizedKeys in a Match block * sshd(8): Use default shell /bin/sh if $SHELL is "" * ssh(1): kill proxy command on fatal() (we already killed it on clean exit); * ssh(1): install a SIGCHLD handler to reap expiried child process; bz#1812 * Support building against openssl-1.0.0a Portable OpenSSH Bugfixes: * Use mandoc as preferred manpage formatter if it is present, followed by nroff and groff respectively. * sshd(8): Relax permission requirement on btmp logs to allow group read/write * bz#1840: fix warning when configuring --with-ssl-engine * sshd(8): Use correct uid_t/pid_t types instead of int. bz#1817 * sshd(8): bz#1824: Add Solaris Project support. * sshd(8): Check is_selinux_enabled for exact return code since it can apparently return -1 under some conditions.

5 15

[arch-dev-public] [signoff] nilfs-utils 2.0.21
by Ionuț Bîru 26 Jan '11

26 Jan '11

Hi, new bug fix release. Please test and signoff. Users signoffs are welcome. Changelog: nilfs-utils-2.0.21 Fri Jan 21, 2011 JST * get rid of the warning telling disk format is unstable * change license of libraries and header files to LGPL; crc was replaced with an LGPL implementation along with this. * discard blocks at mkfs time * add verbose option to mkfs.nilfs2 * kill gcc warnings -- Ionuț

1 0