Thursday 1st November 2007
Local Packages
Updated curl to 7.17.1; I've also split out a separate libcurl package, renamed curl-devel to libcurl-devel, and builds for Fedora 8 onwards use NSS rather than OpenSSL by default (all as per current Rawhide)
Updated perl-Sub-Uplevel to 0.18
Updated perl-Test-File to 1.22
Friday 2nd November 2007
Local Packages
Updated sendmail to 8.14.2
Monday 5th November 2007
Wiki
Had a go at updating moin to 1.6.0beta1 but had to roll it back because of a couple of issues:
My default theme monobook is incompatible with it, and my python-fu is nowhere near good enough to fix it
The migration script that updates the wiki markup to the new style botched all of my InterWiki links
I'll try again with later betas, but I'm very wary of them new
Tuesday 6th November 2007
Local Packages
Updated curl to strip the URL variable from the pkgconfig file for libcurl on older distributions, which causes pkg-config on those distributions to barf and result in libcurl not being found by applications looking for it
Updated dovecot to support winbind authentication (as per the official Fedora packages), useful for single-sign on in conjunction with samba
Updated proftpd to include LDAP schema and LDIF files for managing quotas, as per the official Fedora packages
With the release of Fedora 8 due imminently, I've also started building any of my packages needed for Fedora 8 that haven't yet been built during the Fedora 8 development cycle (i,e, those that still have a .fc7 dist tag in the development repo).
Today's packages were: grepmail, gtorrentviewer, mod_fastcgi, moin, moin-macro-MiniPage, moin-macro-TitleIndexNonPersonal, moin-theme-balanced, moin-theme-hypermodern, moin-theme-mentalwealth, moin-theme-monomoin, moin-theme-widget, python-twisted, python-twisted-conch, python-twisted-lore, python-twisted-mail, python-twisted-names, python-twisted-news, python-twisted-runner, python-twisted-web, python-twisted-words, tidy (20051026 version), torrentsniff, and xv
Some of these had dist tag issues requiring spec file changes and hence rebuilds for all distributions.
Wednesday 7th November 2007
Local Packages
Updated moin-theme-monobook to 0.5 (not compatible with the current beta of moin)
Updated nmap to include some patches from the official Fedora package, such as the one that removes the instructions on how to scan microsoft.com
Updated xxdiff to build using flex on Fedora 7 onwards, and flex-new elsewhere
More updates for the forthcoming Fedora 8 release: perl-ConfigReader-Simple, perl-FileHandle-Unget, perl-HTML-SimpleLinkExtor, perl-HTTP-SimpleLinkChecker, perl-Test-Prereq, php4-pcntl, php4-pcntl-gtk, pptpconfig, tcptraceroute
Thursday 8th November 2007
Local Packages
Completed populating the Fedora 8 repository with builds of city-fan.org-release, perl-HTTP-Size, weblint, and weblint++
Fedora 8 and VMware Server
Upgraded my work desktop to Fedora 8 in the morning, and found I needed a few extra steps to get VMware Server up and running:
# rpm -Uvh VMware-server-1.0.4-56528.i386.rpm
Before configuring VMware Server, it's necessary to install a few additional packages, patch the kernel modules, and make an SELinux tweak. VMware defaults to using a reserved port (902) for the server; it's easier to make it play nice with SELinux by using an unreserved port such as 4800.
# yum install gcc-c++ kernel-devel xinetd 'perl(ExtUtils::MakeMaker)' # cd # wget http://knihovny.cvut.cz/ftp/pub/vmware/vmware-any-any-update114.tar.gz # semanage port -a -t inetd_child_port_t -p tcp 4800 # tar xf vmware-any-any-update114.tar.gz # cd vmware-any-any-update114 # ./runme.pl # restorecon -v /etc/services
![/!\](/moin_static1911/monobook/img/alert.png "/!\"){kind=small}
If you have a firewall enabled, you'll need to poke a hole in it to allow connections to port 4800 or whatever your chosen port is
SELinux in Fedora 8
Came across a new (to me) type of SELinux denial whilst trying to get a crontab entry like this one to work in Fedora 8:
45 4 * * * /softlib/scripts/updates-sync | Mail -s "Fedora updates subset mirror report" phowarth
Even after adding all of the rules suggested by audit2allow -R in a local policy module, I was still getting Permission denied errors with SELinux in enforcing mode, but it was working in permissive mode.
In /var/log/audit/audit.log, I found this:
type=SELINUX_ERR msg=audit(1194609955.230:176): security_compute_sid: invalid context unconfined_u:unconfined_r:system_mail_t:s0 for scontext=unconfined_u:unconfined_r:unconfined_crond_t:s0 tcontext=system_u:object_r:sendmail_exec_t:s0 tclass=process
After querying this on fedora-selinux-list, I found that auditallow doesn't currently cope with this sort of denial (which is not an AVC denial), and what I needed to add was:
role unconfined_r types system_mail_t;
So the policy module I ended up with to allow my mail from cron was this:
policy_module(localmisc, 0.0.8)
require {
type system_mail_t;
class netlink_route_socket { bind create getattr nlmsg_read read write };
}
#============= system_mail_t ==============
role unconfined_r types system_mail_t;
allow system_mail_t self:netlink_route_socket { bind create getattr nlmsg_read read write };
unconfined_read_tmp_files(system_mail_t)
Friday 9th November 2007
Local Packages
Updated bittorrent to 5.2.0; there are no GUI changes since 5.0.9 so the GUI still won't work with wxPython 2.8.x, e.g. on Fedora 7 or later
Updated getmail to 4.7.7
Wiki
Updated SubsetRepositories for Fedora 8; it's quite a bit simpler than for Fedora 7 so I ended up creating separate pages, namely SubsetRepositoriesFedora7 and SubsetRepositoriesFedora8
Monday 12th November 2007
Local Packages
Updated perl-ConfigReader-Simple to 1.26
Rebuilt ppp and pptp to fix minor packaging issues
Wednesday 14th November 2007
Local Packages
Updated moin-theme-monobook to fix another broken reference to headbg.jpg
Monday 19th November 2007
Local Packages
Updated curl to fix use of nonblocking sockets in conjunction with NSS (patch from Rawhide), a bug exposed when trying to use the Linux Second Life client
Tuesday 20th November 2007
Local Packages
New package getlive for fetching mail from Hotmail Live accounts
Desktop/Server Upgrade
Updated (fresh install) my main desktop/buildsystem/file/dns/dhcp server machine to Fedora 8. My meticulous pre-upgrade preparation of recording how everything was configured led to a very good result - an almost painless update.
The biggest issue I'm having is that the X server regularly hangs in a SIGALARM loop, rendering it useless and having to be sent a SIGKILL. As I do most work remotely, this isn't currently a showstopper but it's a bug I need to get fixed. Will raise a bugzilla ticket on it soon.
Wednesday 21st November 2007
Local Packages
Updated getlive to 0.55
Fedora Project
Raised Bug #394071 regarding my X server lockups.
Tuesday 27th November 2007
Local Packages
Updated perl-HTML-SimpleLinkExtor to 1.18
Updated perl-HTTP-SimpleLinkChecker to 1.14
Wednesday 28th November 2007
Local Packages
New package bluefish-unstable, the development version of the bluefish editor; the package is designed to be parallel-installable with the Fedora bluefish package
Fedora Project
It came to my attention yesterday that smbldap-tools wouldn't be released for EPEL because of missing dependencies (perl-Crypt-SmbHash, perl-Digest-MD4, perl-IO-Socket-SSL, perl-Jcode, perl-Net-SSLeay, perl-Unicode-Map, perl-Unicode-Map8, perl-Unicode-MapUTF8, perl-Unicode-String), so I set about getting that fixed.
Asked AurelienBompard if he was interested in branching and maintaining in EPEL his packages perl-Jcode, perl-Unicode-Map, perl-Unicode-Map8, perl-Unicode-MapUTF8, and perl-Unicode-String
Took over (from the recently declared AWOL JosePedroOliveira), branched, updated, and built perl-Digest-MD4 for Rawhide, EPEL-4, and EPEL-5
Branched, updated, and built perl-Crypt-SmbHash for EPEL-4 and EPEL-5
Took over (from WarrenTogami) the perl-Net-SSLeay package, updated it in Rawhide to 1.32, branched it for EPEL-4, updated that to 1.30-4, which is the version/release included in RHEL5
Took over (from WarrenTogami) the perl-IO-Socket-SSL package, branched it for EPEL-4, updated that to 1.01-1, which is the version/release included in RHEL5, and built a cosmetically-changed version of 1.12 in Rawhide
Also today, AdamJackson kindly fixed Bug #357241 (imlib bug exposed by EXA) for me, applying the debian patch mentioned in the bug report. I just hadn't got round to it yet.
Thursday 29th November 2007
Local Packages
Rebuilt curl to fix SSL with PEM certificates on NSS-based builds (Fedora 8 onwards) and to re-enable GSSAPI support
Updated dovecot to 1.0.8
Friday 30th November 2007
Local Packages
Updated perl-MailTools to 2.02
Updated perl-Net-SSLeay to 1.32
Rebuilt perl-IO-Socket-SSL against updated perl-Net-SSLeay and add buildreq perl(Test::Simple) as per the Fedora package
New package perl-Test-NoWarnings
New package perl-Test-Tester
Rebuilt perl-MIME-tools to resync with the Fedora package
Rebuilt curl with a simplified build process and revised %description as per the Fedora package
Fedora Project
Made more suggestions in the curl merge review, all of which were accepted
Night Out
Went to see Marillion at the Manchester Academy. I won two tickets in a prize draw for people pre-ordering their 15th album, which will be out next year. Good to see the lads still obviously enjoying themselves after all these years.
Previous Month: October 2007
Next Month: December 2007