Paul's Blog Entries for May 2006
Monday 1st May 2006
Local Packages
Wrestled with proftpd quite a bit. I noticed that Matthias' packages in Fedora Extras used the new DSO mechanism to split off modules that introduced significant additional dependencies into their own subpackages. Following this lead, I enabled just about all of the bundled modules, split off separate packages for ldap, mysql, postgresql, and tls, and then stuffed all the other non-default modules into an extras subpackage. The one that caused the most trouble was mod_facl, which prevented anonymous logins on my firewall box when enabled, and won't actually build on most older distributions because of broken libacl packages. The new version also includes a new ftpdctl tool (rather like rndc for named), so more SELinux policy updates will be needed for this.
Tuesday 2nd May 2006
Local Packages
Updated gtkwave to 3.0.0. The version bump should clear up any confusion there may be about the currently-maintained branch of the code (2.x is dead). The new version bundles some contributed code, which needed Makefile tweaks to get it to build cleanly using %{optflags} and the system zlib/bzip2 libraries.
Fedora Extras
Updated gtkwave to 3.0.0
Mail Server
Started doing server-side mail filtering using procmail in conjunction with the dovecot IMAP server.
In my main .procmailrc, I have a line near the top:
# Try out server-side filtering for mailing lists INCLUDERC=filter-mailing-lists
And the filter-mailing-list file contains a bunch of recipes like this:
# Server-side filter for Paul's mailing lists # Save MAILDIR OLDMAILDIR=$MAILDIR # Folders are relative to here MAILDIR=$HOME/mail/inbox # fedora-list :0 * ^List-Id:.*fedora-list\.redhat\.com .Linux.fedora-list/ # fedora-devel-list :0 * ^List-Id:.*fedora-devel-list\.redhat\.com .Linux.fedora-devel-list/ # ... more of the same ... # Restore MAILDIR MAILDIR=$OLDMAILDIR
Works very nicely, and means that I can turn off all client-side filtering so that:
- I get to read my mail sooner, and
- I don't need to set up a bunch of new filters every time I try a new mail client (e.g. when visiting my brother-in-law last month and using his computer).
Wednesday 3rdh May 2006
Car Repair
Last week the driver's side window on the Micra became detached from the regulator mechanism - again. The same problem had happened last September, and was repaired at Westway Nissan Manchester. Took it back there this morning and they repaired it for free this time.
Local Packages
There's a new version (2.0601) of perl-Devel-Symdump available upstream but a diff from the previous version shows only the addition of license text to the code, so I'm not bothering packaging an upgrade. Another reason is the issue rpm is likely to have with the numbering scheme when version 0.27 is released (rpm considers 2.0601 to be more recent than 0.27).
SELinux
Raised Bug #190561 on not being able to build SELinux policy modules in mock.
Thursday 4th May 2006
Local Packages
Finally got round round to building the dovecot 1.0 beta 7 package
Tuesday 9th May 2006
Local Packages
Updated gtkwave to 3.0.1
Fedora Extras
Updated gtkwave to 3.0.1
Updated perl-Crypt-DSA to 0.14
Added my name to the request for an update to python-twisted, needed for the new beta release of bittorrent
Wednesday 10th May 2006
Fedora Extras
Updated gtkwave to 3.0.2
Local Packages
Updated gtkwave to 3.0.2
Made a first attempt at packages for bittorrent 4.9.3 (the new beta release). This release drops support for python 2.2.x but I can't get it to build on python 2.3.x either (python setup.py build bails out with no diagnostics). The GUI now uses the wxPython toolkit for the downloader but still uses pygtk2 for maketorrent, hence both toolkits are needed (wxPython is available in Fedora Extras thankfully). The new version is built on Twisted, but the version in Fedora Extras is ancient, too old for bittorrent. So I made a bunch of python-twisted-* packages, but I only intend to keep them going until such time as Fedora Extras catches up.
Thursday 11th May 2006
Wiki
Wrote IsoImageFromMedia after seeing the advice on http://fedorafaq.org/ about using ide=nodma if you get mediacheck errors during OS installation.
Local Packages
Went through the Twisted packages I built over the last couple of days and checked that they built in mock. Quite a few had a missing build dependency on python-twisted-core, which I fixed.
Friday 12th May 2006
Local Packages
Updated dovecot to 1.0 beta8 (security fix)
Fedora Extras
Submitted perl-Authen-DigestMD5 (an optional dep of swaks) for review, which was promptly approved by JasonTibbitts
Reviewed swaks for JasonTibbitts
Saturday 12th May 2006
Bereavement
My grandma (dad's side) died shortly before midnight. She was 92.
Sunday 14th May 2006
Wiki
Updated JpackageJava to split the installation of the runtime and development packages into two steps, so that the development packages could be skipped by anyone not needing them.
Monday 15th May 2006
Fedora Extras
Addressed Bug #191602 for spamass-milter; the default install rejects mail with a spam score of 15 or more, and doesn't meddle with the Subject: or Content-Type: headers. Whilst these are perfectly sensible options, they're not the upstream defaults.
Local Packages
Updated perl-Sub-Uplevel to 0.12
Wiki
Changed over the configuration from using mod_fastcgi in external application mode to mod_fcgid as a dynamic FastCGI application. By doing this, I no longer need the separate initscript for the wiki application, I don't need to edit moin.fcg to specify a port number (unix domain sockets are used) and of course mod_fcgid is free software unlike mod_fastcgi, so I should be able to get it into Extras. First though, I want to get the SELinux issues sorted out.
Tuesday 16th May 2006
Local Packages
Updated perl-Jcode to 2.05
Updated contagged to 0.3, integrating an SELinux policy module into the package
Wiki
Removed the robots.txt entry for the wiki, so it should now get indexed by the search engines. I originally disallowed access to the wiki because it was a big resource drain when using mod_python, but I think it'll be OK using mod_fcgid
Wednesday 17th May 2006
Local Packages
Updated bittorrent to 4.9.4. Builds on python 2.3 are now working and the pygtk interface to maketorrent is now replaced with a wxPython interface, so the pygtk2 dependency has gone. However, the curses client appears to stick on Waiting for torrent to initialise and launchmanycore (the multi-torrent seed client) is thoroughly broken.
Updated perl-File-Find-Rule to 0.29
Built Twisted packages for Fedora Core 2, Fedora Core 3, and Red Hat Enterprise Linux 4, ready for when bittorrent is in a fit state to release for those distros.
With some guidance from OrionPoplawski, I updated contagged to get rid of virtually all of the PHP warning messages it was generating, and also tweaked it to use the separately-packaged php-Smarty library from Fedora Extras rather than the bundled version. It's getting very close to being ready for submission to Extras now.
Thursday 18th May 2006
Local Packages
Updated perl-Test-File to 1.15
Updated perl-Test-Prereq to 1.031
Tweaked the contagged package to be buildable on older distributions without SELinux/LoadableModules
Monday 22nd May 2006
Local Packages
Updated perl-Mail-Mbox-MessageParser to 1.4003
New package moin-macro-TitleIndexNonPersonal from my colleague Marek Piekarski
Raised CPAN RT#19406 on Module::Build, which won't build on old distributions
More cleanups in contagged, which now provides php-Smarty-noteparser as suggested by OrionPoplawski
Fedora Extras
Updated perl-Mail-Mbox-MessageParser to 1.4003
Fixed Bug #192617 about bluefish not generating debuginfo packages properly
Tuesday 23rd May 2006
Local Packages
Updated the bittorrent beta package to 4.9.6. This introduces a new dependency on python-twisted-web and fixes the curses client, but the seed client launchmany-curses is still foobarred.
Released my mod_fcgid package for general consumption. Will worry about the SELinux policy later.
Still more PHP cleanup work on contagged.
Fedora Extras
Updated my lat package to 1.0.5 and referenced it in the review request.
Wednesday 24th May 2006
Wiki Breakage
Noticed this morning that the wiki wasn't working (Internal Server Error for every page). The web server error log just had this:
[Wed May 24 09:05:05 2006] [notice] mod_fcgid: server /var/www/tips/cgi-bin/moin.fcgi(12213) started [Wed May 24 09:05:05 2006] [error] [client 212.56.100.58] Premature end of script headers: moin.fcgi [Wed May 24 09:05:11 2006] [notice] mod_fcgid: process /var/www/tips/cgi-bin/moin.fcgi(12213) exit(communication error), terminated by calling exit(), return code: 255
Spent half an hour or so trying to figure out what had broken mod_fcgid before settling for a temporary workaround of reinstating mod_fastcgi and running the wiki as an external FastCGI application (which worked). About ten minutes later it dawned on me what had gone wrong. Yesterday afternoon I remounted /tmp and /var with the noexec and nodev mount options. So I no longer was able to run CGI applications from /var/www. D'oh! I've now moved the web server directory from the default /var/www to /srv/www where it belongs, and have reinstated mod_fcgid.
Thursday 25th May 2006
Fedora Extras
OrionPoplawski kindly reviewed my milter-regex package
Local Packages
Updated perl-Net-IP to 1.25
Friday 26th May 2006
Local packages
Fixed yesterday's perl-Net-IP package, which had broken dependencies due to an error implementing a cosmetic change (sigh)
More PHP cleanups and SELinux work for contagged; it now only works from localhost by default too, as a security measure
Wiki
Made a new SELinux policy for the wiki running under mod_fcgid. It runs in a new domain, httpd_fastcgi_script_t, which is allowed to use unix-domain sockets, unlike httpd_sys_script_t:
apache.te:
policy_module(apache, 0.2.1)
require {
type devpts_t;
type httpd_t;
type httpd_log_t;
type httpd_sys_script_exec_t;
type restorecon_t;
type var_t;
type var_run_t;
type webalizer_t;
};
# Allow httpd to read /var/www -> /srv/www symlink
allow httpd_t var_t:lnk_file { getattr read };
# Allow restorecon to restore file contexts via the /var/www -> /srv/www symlink
allow restorecon_t var_t:lnk_file read;
# Allow webalizer to read the routing table
allow webalizer_t self:netlink_route_socket { r_netlink_socket_perms };
# ==========================================================
# Create and use httpd_fastcgi_script_t for mod_fcgid apps
# ==========================================================
apache_content_template(fastcgi)
kernel_read_kernel_sysctls(httpd_fastcgi_script_t)
# Allow FastCGI applications to live alongside regular CGI apps
allow httpd_fastcgi_script_t httpd_sys_script_exec_t:dir { search_dir_perms };
# Allow FastCGI applications to listen for FastCGI requests on their
# sockets and respond to them
allow httpd_fastcgi_script_t httpd_t:unix_stream_socket { rw_stream_socket_perms };
# FastCGI application doing something to the httpd error log
dontaudit httpd_fastcgi_script_t httpd_log_t:file ioctl;
# Not sure what this is doing (happens when fastcgi scripts start)
dontaudit httpd_t devpts_t:chr_file ioctl;
# mod_fcgid setting attr of its socket dir
allow httpd_t var_run_t:dir setattr;apache.fc:
/srv/www/tips/cgi-bin/moin.fcgi -- gen_context(system_u:object_r:httpd_fastcgi_script_exec_t,s0) /var/www/tips/cgi-bin/moin.fcgi -- gen_context(system_u:object_r:httpd_fastcgi_script_exec_t,s0)
Sunday 28th May 2006
Local Packages
Updated python-twisted-names to 0.3.0
Updated python-twisted-words to 0.4.0
Added missing flex buildreq to gtkwave
Fedora Extras
Have been going through my packages, rebuilding them in mock with a very much reduced default build environment that contains only the Exceptions list from the Packaging/Guidelines plus the buildsys-macros and seeing if there are any problems. So far, I've discovered:
bittorrent is OK
bluefish is OK
grepmail is OK
gtkwave needed a buildreq of flex
gtorrentviewer needed a buildreq of intltool
milter-regex is OK
perl-Authen-DigestMD5 is OK
perl-Class-Loader is OK
perl-Convert-BinHex is OK
perl-Crypt-DH is OK
perl-Crypt-DSA needed a buildreq of which, though it still passed the testsuite without it
perl-Crypt-Primes is OK
perl-Crypt-Random is OK
perl-Crypt-RSA is OK
perl-Crypt-SmbHash is OK
perl-Data-Buffer is OK
perl-Date-Simple is OK
perl-Digest-BubbleBabble is OK
perl-Digest-MD2 is OK
perl-FileHandle-Unget is OK
perl-IO-stringy is OK
perl-Mail-Mbox-MessageParser is OK
perl-MailTools is OK
perl-Math-GMP is OK
perl-Math-Pari is OK
perl-MIME-tools is OK
perl-Net-SSH-Perl is OK
perl-String-CRC32 is OK
perl-Tie-EncryptedHash is OK
pptp is OK
rbldnsd is OK
smbldap-tools is OK
spamass-milter is OK
Garden
- Trimmed the edge of the back lawn
Monday 29th May 2006
Fedora Extras
Having gone through my own packages looking for additional needed build requirements, I've now turned my attention to other people's packages that are failing to build in the new minimal mock environment. Raised bugs (with fixes) for gtkhtml36 and libqalculate, which are both packages whose submissions I reviewed.
Allotment
- Erected the cane support frame for the beans.
Local Packages
Updated perl-HTML-SimpleLinkExtor to 1.13
Tuesday 30th May 2006
Local Packages
Updated gtkwave to 3.0.3
Fedora Extras
Updated gtkwave to 3.0.3
Fedora Core
There are more packages with no bugs raised in the QA/FixBuildRequires effort than I thought. So I did my bit by raising bugs (with fixes) on policycoreutils, pkgconfig. and pump.
Wednesday 31st May 2006
Fedora Extras
Updated perl-Math-Pari to 2.010705
Raised missing-buildreq bug-and-fix on anjuta-gdl
Local Packages
Updated python-twisted to 2.4.0
Updated python-twisted-conch to 0.7.0
Updated python-twisted-lore to 0.2.0
Updated python-twisted-mail to 0.3.0
Updated python-twisted-news to 0.2.0
Updated python-twisted-runner to 0.2.0
Updated python-twisted-web to 0.6.0
Previous Month: April 2006
Next Month: June 2006