|
Stable | Bug Report | Very Low | Very Low | [spamassassin] has different directory permissions than... | Deferred | |
Task Description
Description: The /usr/sbin directory in spamassassin has permissions 755 https://git.hyperbola.info:50100/packages/extra.git/tree/spamassassin/PKGBUILD#n88
And ‘filesystem’ sets it to 750 https://git.hyperbola.info:50100/packages/core.git/tree/filesystem/PKGBUILD#n135
So when installing spamassassin, pacman throws a warning
warning: directory permissions differ on /usr/sbin/
filesystem: 750 package: 755
Additional info: * spamassassin 3.4.2-1.hyperbola2
|
|
Stable | Bug Report | Very Low | Very Low | [postfix] has different directory permissions than 'fil... | Deferred | |
Task Description
Description: The /usr/sbin directory in postfix has permissions 755 https://git.hyperbola.info:50100/packages/extra.git/tree/postfix/PKGBUILD#n115
And ‘filesystem’ sets it to 750 https://git.hyperbola.info:50100/packages/core.git/tree/filesystem/PKGBUILD#n135
So when installing postfix, pacman throws a warning
warning: directory permissions differ on /usr/sbin/
filesystem: 750 package: 755
Additional info: * postfix-3.2.2-1.hyperbola6
|
|
Any | Bug Report | Low | Medium | [cryptsetup] when dmcrypt start, the "/" filesystem, m... | Assigned | |
Task Description
When dmcrypt service start, the “/” filesystem is remounted, mtab is updated and bootmisc is recording the login users, by waiting time scheduling:
* root: waiting for dmcrypt (50 seconds)
* root: timed out waiting for dmcrypt
* Remounting root filesystem read/write ...
* Remounting filesystems ...
* mtab: waiting for dmcrypt (50 seconds)
* mtab: timed out waiting for dmcrypt
* Updating /etc/mtab ...
* Creating mtab symbolic link
* bootmisc: waiting to dmcrypt (50 seconds)
* bootmisc: timed out waiting for dmcrypt
* Creating user login records ...
These features on dmcrypt service are useless and these lines print above filesystem passphrase order (the printed line), those ones break printed console and print the pressed keyboard digit when I’m setting up password. Sometimes this breaks services startup, and I need press “enter” consecutively to allow run the services.
|
|
Any | Freedom Issue | Medium | Medium | [filesystem] Review of permissions | Unconfirmed | |
Task Description
Description: Packages leaves warnings about installation being within difference of the filesystem. So the package filesystem should get another review in time and warnings get therefore a solution.
|
|
Stable | Bug Report | Very Low | Very Low | [fail2ban] update dovecot failregex to support verbose ... | Unconfirmed | |
Task Description
Description: The /etc/fail2ban/filter.d/dovecot.conf file has a failregex with the following:
^%(__prefix_line)s(?:auth|auth-worker\(\d+\)): (?:pam|passwd-file)\(\S+,<HOST>\): unknown user\s*$
and works with things like:
Month day time hostname dovecot: auth: passwd-file(user@domain.com,IP): unknown user
but with verbosity enabled in Dovecot, this output looks like this:
Month day time hostname dovecot: auth: passwd-file(user@domain.com,IP): unknown user (given password: password)
and in this case it doesn’t work, but it does if we fix the failregex if we replace it with:
^%(__prefix_line)s(?:auth|auth-worker\(\d+\)): (?:pam|passwd-file)\(\S+,<HOST>\): unknown user( \(given password: \S*\))?\s*$
with this new expression, it works with and without verbosity
And regarding postfix, to make it work correctly I “backported” some pieces from newest failregex:
/etc/fail2ban/postfixr-rbl.conf:
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: [45]54 [45]\.7\.1 Service unavailable; Client host \[\S+\] blocked using .* from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
/etc/fail2ban/postfix.conf: (second failregex)
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 45[04] 4\.7\.1 Client host rejected: cannot find your (reverse )?hostname, (\[\S*\]); from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
I can create a patch if you want. Note that I haven’t tested all filters, some others may also need some rework
Additional info: * fail2ban-0.9.6-2.hyperbola3
|
|
Testing | Implementation Request | Medium | Medium | linux-libre-lts-hypersec: New package with extra securi ... | Closed | |
Task Description
Description: Per a user request and to better secure the kernel, we can embed the cryptsetup and ciphers in the kernel. This would mean rather than exposed modules, they are built-in to the kernel and ready to use even without an intramfs.
To be embedded: ciphers aes, twofish, serpent; sha256, sha512 - and the necessary modules (don’t forget the block modes xts, lvm and cryptsetup …)
Additionally, we could include USB Guard and any other features that meet our social contract and security outlook.
|
|
Any | Freedom Issue | Medium | Low | [zynaddsubfx] vague terminology "Open Source" in descri ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
community/zynaddsubfx 3.0.1-1
Opensource software synthesizer capable of making a countless number of instruments.
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free software synthesizer capable of making a countless number of instruments.
|
|
Any | Feature Request | High | High | [zathura-pdf-mupdf] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si zathura-pdf-mupdf
Repository : community
Name : zathura-pdf-mupdf
Version : 0.3.1-3
Description : PDF support for Zathura (MuPDF backend)
Architecture : x86_64
URL : https://pwmt.org/projects/zathura-pdf-mupdf/
Licenses : zlib
Groups : None
Provides : None
Depends On : zathura jbig2dec openjpeg2 cairo desktop-file-utils openssl
Optional Deps : None
Conflicts With : zathura-pdf-poppler
Replaces : None
Download Size : 18.27 MiB
Installed Size : 33.50 MiB
Packager : Johannes Löthberg <johannes@kyriasis.com>
Build Date : Wed 03 May 2017 04:57:27 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | High | High | [yara] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si yara
Repository : community
Name : yara
Version : 3.5.0-3
Description : Tool aimed at helping malware researchers to identify and classify malware samples
Architecture : x86_64
URL : https://github.com/VirusTotal/yara
Licenses : BSD
Groups : None
Provides : None
Depends On : openssl file
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 218.21 KiB
Installed Size : 1103.00 KiB
Packager : Levente Polyak <anthraxx@archlinux.org>
Build Date : Sun 05 Mar 2017 08:00:00 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Testing | Implementation Request | Very Low | Medium | [yaics] add package | Closed | |
Task Description
Yaics is a simple GNU social client written in C++ and Qt and licensed under the GNU GPL 3.0 (or later).
Please implement yaics as an optional package.
https://stigatle.no/yaics/
https://gitlab.com/stigatle/yaics
|
|
Any | Freedom Issue | Medium | Low | [xwax] vague terminology "Open Source" and "Linux" in d ... | Closed | |
Task Description
This package contains vague terminology “Open Source” and “Linux”:
community/xwax 1.6-1
Open-source vinyl emulation software for Linux.
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source” and “Linux” as operating system, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
https://www.gnu.org/philosophy/words-to-avoid.html#Linux
It would be good example to set to have proper description of packages without using “Open Source” and “Linux” as operating system.
eg.
Free-software vinyl emulation software for GNU/Linux.
|
|
Any | Freedom Issue | Medium | Low | [xvidcore] vague terminology "Open Source" in descripti ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/xvidcore 1.3.4-1 [installed]
XviD is an open source MPEG-4 video codec
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
XviD is a free software MPEG-4 video codec
|
|
Any | Freedom Issue | Medium | Low | [xsd] vague terminology "Open Source" in description of ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/xsd 4.0.0-2
An open-source, cross-platform W3C XML Schema to C++ data binding compiler
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
A free-software, cross-platform W3C XML Schema to C++ data binding compiler
|
|
Any | Feature Request | High | High | [xmlsec] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si xmlsec
Repository : extra
Name : xmlsec
Version : 1.2.24-1
Description : XML Security Library is a C library based on LibXML2
Architecture : x86_64
URL : https://www.aleksey.com/xmlsec/index.html
Licenses : custom
Groups : None
Provides : None
Depends On : libxslt openssl gnutls nss libltdl
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 680.27 KiB
Installed Size : 5034.00 KiB
Packager : Andreas Radke <andyrtr@archlinux.org>
Build Date : Sun 30 Apr 2017 01:52:30 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Freedom Issue | Medium | Low | [xapian-core] vague terminology "Open Source" in descri ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/xapian-core 1:1.4.2-1
Open source search engine library.
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free software search engine library.
|
|
Any | Freedom Issue | Medium | Low | [x265] vague terminology "Open Source" in description o ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/x265 2.4-1
Open Source H265/HEVC video encoder
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free Software H265/HEVC video encoder
|
|
Any | Feature Request | High | High | [wvstreams] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl-1.0.
$ pacman -Si wvstreams
Repository : community
Name : wvstreams
Version : 4.6.1-12
Description : A network programming library written in C++
Architecture : x86_64
URL : http://alumnit.ca/wiki/?page=WvStreams
Licenses : LGPL
Groups : None
Provides : None
Depends On : zlib pam xplc openssl-1.0 readline
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 1098.88 KiB
Installed Size : 8180.00 KiB
Packager : Antonio Rojas <arojas@archlinux.org>
Build Date : Wed 05 Apr 2017 09:12:59 AM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | High | High | [wt] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it optdepends on openssl.
$ pacman -Si wt
Repository : community
Name : wt
Version : 3.3.7-3
Description : a C++ library and application server for developing and deploying web applications
Architecture : x86_64
URL : http://www.webtoolkit.eu/
Licenses : GPL
Groups : None
Provides : None
Depends On : boost-libs libharu graphicsmagick pango zlib
Optional Deps : openssl: for SSL support in built-in webserver
fcgi: for FastCGI support
postgresql-libs: for PostgreSQL Dbo support
sqlite: for Sqlite Dbo support
mysql++: for the hangman example
qt4: for the Wt/Qt interopability example (wtwithqt)
Conflicts With : None
Replaces : None
Download Size : 7.70 MiB
Installed Size : 38.73 MiB
Packager : Sven-Hendrik Haase <sh@lutzhaase.com>
Build Date : Mon 17 Apr 2017 05:50:47 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Freedom Issue | Medium | Low | [wiredtiger] vague terminology "Open Source" in descrip ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
community/wiredtiger 2.9.1-1
High performance, scalable, production quality, NoSQL, Open Source extensible platform for data management
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
High performance, scalable, production quality, NoSQL, Free Software extensible platform for data management
|
|
Any | Freedom Issue | Medium | Low | [wildmidi] vague terminology "Open Source" in descripti ... | Closed | |
Task Description
This package contains vague terminology “Open Source”:
extra/wildmidi 0.4.0-1
Open Source MIDI Synthesizer
According to: https://www.gnu.org/distros/free-system-distribution-guidelines.html
We shall avoid vague terminology such as “Open Source”, please see here: https://www.gnu.org/philosophy/words-to-avoid.html#Open
It would be good example to set to have proper description of packages without using “Open Source”.
eg.
Free Software MIDI Synthesizer
|
|
Any | Feature Request | High | High | [websocketpp] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it optdepends on openssl.
$ pacman -Si websocketpp
Repository : community
Name : websocketpp
Version : 0.7.0-1
Description : C++/Boost Asio based websocket client/server library
Architecture : any
URL : http://www.zaphoyd.com/websocketpp/
Licenses : BSD
Groups : None
Provides : None
Depends On : None
Optional Deps : openssl: TLS socket component support
asio: alternative asio transport support
boost: non C++11 environments support
boost-libs: non C++11 environments support
Conflicts With : None
Replaces : None
Download Size : 116.73 KiB
Installed Size : 1002.00 KiB
Packager : Levente Polyak <anthraxx@archlinux.org>
Build Date : Tue 23 Feb 2016 09:20:59 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Freedom Issue | Medium | Low | [webfs]: vague terminology "Content" in description of ... | Closed | |
Task Description
Description:
community/webfs 1.21-13
Simple and instant http server for mostly static content.
Description is vague because of the word “content”. Why not simply say “files” instead and be more specific.
Even empty files without data inside can be served.
See: https://www.gnu.org/philosophy/words-to-avoid.html#Content
|
|
Any | Feature Request | High | High | [webfs] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si webfs
Repository : community
Name : webfs
Version : 1.21-13
Description : Simple and instant http server for mostly static content.
Architecture : x86_64
URL : http://linux.bytesex.org/misc/webfs.html
Licenses : GPL
Groups : None
Provides : None
Depends On : mime-types openssl
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 26.04 KiB
Installed Size : 55.00 KiB
Packager : Jelle van der Waa <jelle@vdwaa.nl>
Build Date : Sat 04 Mar 2017 06:06:34 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | High | High | [vpnc] rebuild package against libressl | Closed | |
Task Description
Rebuild package against libressl, since it depends on openssl.
$ pacman -Si vpnc
Repository : extra
Name : vpnc
Version : 0.5.3.svn550-2
Description : VPN client for cisco3000 VPN Concentrators
Architecture : x86_64
URL : http://www.unix-ag.uni-kl.de/~massar/vpnc/
Licenses : GPL
Groups : None
Provides : None
Depends On : libgcrypt openssl iproute2
Optional Deps : openresolv: Let vpnc manage resolv.conf
Conflicts With : None
Replaces : None
Download Size : 71.40 KiB
Installed Size : 196.00 KiB
Packager : Jan de Groot <jgc@archlinux.org>
Build Date : Sat 04 Mar 2017 07:15:23 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
|
|
Any | Feature Request | High | High | [vi] adapt package in accordance with the Hyperbola Pac ... | Closed | |
Task Description
Adapt package in accordance with the Hyperbola Packaging Guidelines to follow the Hyperbola Social Contract .
|
|
Any | Feature Request | High | High | [vde2] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [vagrant] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [uwsgi] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [unshield] rebuild package against libressl | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [unrealircd] vague terminology "Open Source" in descrip ... | Closed | |
|
|
Any | Feature Request | High | High | [unrealircd] rebuild package against libressl | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [unixodbc] vague terminology "Open Source" in descripti ... | Closed | |
|
|
Any | Feature Request | High | High | [unbound] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [unar] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [uboot-tools] rebuild package against libressl | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [ttf-overpass] vague terminology "Open Source" in descr ... | Closed | |
|
|
Any | Feature Request | Very Low | Very Low | [ttf-iosevka] add Iosevka font | Closed | |
|
|
Any | Feature Request | High | High | [tor-lts] rebuild package against libressl | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [topbeat] vague terminology "Open Source" in descriptio ... | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [tomcat8] vague terminology "Open Source" in descriptio ... | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [tomcat7] vague terminology "Open Source" in descriptio ... | Closed | |
|
|
Any | Feature Request | High | High | [tnftp] rebuild package against libressl | Closed | |
|
|
Any | Freedom Issue | Medium | Low | [tkabber] vague terminology "Open Source" in descriptio ... | Closed | |
|
|
Any | Feature Request | High | High | [tinc] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [thrift] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [thc-ipv6] rebuild package against libressl | Closed | |
|
|
Any | Bug Report | Defer | Low | [texlive-most] Cannot remove from system | Closed | |
|
|
Any | Bug Report | Defer | High | [texlive-most] cannot export LaTeX - input csr10' fail ... | Closed | |
|
|
Any | Feature Request | High | High | [testdisk] rebuild package against libressl | Closed | |
|
|
Any | Feature Request | High | High | [tcpflow] rebuild package against libressl | Closed | |
|