Debian Traffic #17 For 5�Jan�2001

Editor: Zack Brown

By Peter Eckersley ,� Prashanth Mundkur �and� Zack Brown

Debian Home Page (http://www.debian.org) | Weekly News (http://www.debian.org/News/weekly/) | Social Contract (http://www.debian.org/social_contract) | Constitution (http://www.debian.org/devel/constitution) | Policy Manual (http://www.debian.org/doc/debian-policy/) | Developer's Reference (http://www.debian.org/doc/packaging-manuals/developers-reference/) | Documentation Project (http://www.debian.org/doc/ddp) | debian-devel Archives (http://lists.debian.org/#debian-devel)

Table Of Contents

Introduction

Want to help write KC Debian? See the KC Authorship page (../author.html) the KC Debian homepage (index.html) , and the Thread Summary FAQ (../summaryfaq.html) . Send any questions to the KCDevel mailing list. (mailto:kcdevel@zork.net)

Mailing List Stats For This Week

We looked at 383 posts in 1308K.

There were 163 different contributors. 73 posted more than once. 0 posted last week too.

The top posters of the week were:

1. Adding A New Package Category: Education

14�Dec�2000�-�28�Dec�2000 (8 posts) Archive Link: "menu-policy: education"

Summary By Zack Brown

People: Ben Armstrong,�Yann Dirson,�,�Erik Steffl,�Andreas Schuldei

Andreas Schuldei announced his work on packaging kvoctrain, a vocabulary trainer. The package didn't seem to fit into any existing category, so he suggested a new one - 'education'. Tom Cato Amundsen liked the idea, and pointed out that the solfege package would also fit nicely in that category. Ben Armstrong added:

Not to mention 'typist', 'tipptrainer', 'gcompris' ... Probably a whole host of things that will be coming at Debian from Debian Jr.'s quarter. In some cases it could be argued that these belong in 'games'. But where the primary goal of the game is to teach a skill rather than just to amuse, I feel 'education' may be more appropriate, e.g. 'mathwar' is a flash-card game.

Furthermore, we are not alone in wanting to create a section devoted to education. The FSF is working on a new 'education' section and will be producing a page on their website shortly (it's not quite finished yet).

Therefore I strongly support the creation of an education section, not just in the menu, but in the ftp archives.

This is not a new idea. There was a lengthy discussion in April last year starting here:

http://lists.debian.org/debian-devel-9904/msg00592.html

And indeed, one package has already been put in "Apps/Educational":

http://lists.debian.org/debian-devel-9904/msg00683.html
http://lists.debian.org/debian-devel-9904/msg00697.html
http://lists.debian.org/debian-devel-9904/msg00699.html

The problem is, this section has apparently not been formalized in policy yet.

I couldn't find anything in the archives of debian-policy about an education section proposal.

There was no reply to this, but elsewhere, Yann Dirson also applauded the idea of an 'education' category, adding, "I suppose the place to discuss this is debian-policy, and the way of asking for this would be a bug on "debian-policy"." (Ben disagreed with this, though, and discussion continued on debian-devel) Yann went on to examine various categories under which 'education' could be grouped. Apps/Education he felt would get lost, as there were already a huge number of subsections under 'apps'. Games/Education he felt would be too restrictive. In the end, he supported putting 'education' on the top level, not as a subcategory. Erik Steffl suggested the existing Apps/Educational, where he'd already added the Arithmetic Quiz and Tipptrainer packages. But Ben agreed with Yann that a top-level placement would be fine. He suggested the following subcategories:

2. Group Policy

23�Dec�2000�-�27�Dec�2000 (6 posts) Archive Link: "Bug#80343: general: Lack of policy on which files should be owned by which user"

Summary By Prashanth Mundkur

People: KORN Andras,�Brian May,�Arthur Korn,�Hamish Moffatt,�,�Eray Ozkural

KORN Andras (Andrew) was a bit peeved about " a general confusion among some Debian developers as to what user ids such as 'nobody' should be used for. I suggest that the policy be updated with relevant advice." He explained that " As I see it, 'nobody' should be a user that owns no files and has no privileges; thus, if a service running as 'nobody' were to be compromised, the attacker wouldn't gain the ability to change any files." Along the same lines, if processes that ran as user 'daemon' (like portmap, the 'at' daemon, lprng and the distributed-net client) were compromised, signals could be sent to other 'daemon' processes and/or their files written to, possibly leading to privilege escalation. He suggested "Most packages that contain programs run 'at system level' ('daemons') should probably create their own user id that the program can run under (luckily, many packages already do this)."

Brian May expressed his dislike of the one UID per daemon idea: "as you end up having more UIDs for daemons then users" . He elaborated "it would be easy to hide back-door entry point in /etc/passwd if lots of entries exist (eg. missing password field)" , to which Arthur Korn responded that passwd file validation can be performed by a script.

To Brian's objection "As the number of entries grows, the chance that one/more entries will conflict with some NIS, openldap or remote NFS system increases. Especially since adduser, etc, do not support NIS or openldap. I am not sure of the details here - can adduser assign a local user a UID that conflicts with that from some other source?" , Arthur responded "Then we should fix adduser and libc(PAM/NSS)."

Other discussion focused on the merits of having a seperate group for every user. When Eray Ozkural asked for the reason for this policy, Hamish Moffat provided a free tutorial:

Let's say you have a pair of users, Jose and HoseB, each with home directories in /home, with a single-user group each. They have some confidential files which they keep in their home directories and want to hide from each other.

They also work on a project together, in /project. They have another group, which they both belong to, and all the files in /project use that GID. There are other users on the system who are not working on the project and who should not be able to look at /project.

Jose and HoseB can set their umask to allow group read/write by default. When they write to their home directories, the files belong to their individual user groups, so nobody else can read them. When they write in /project, the files belong to the project group, so they can both read them. And nobody except Jose and HoseB can read the files in /project either, because they're not world read/writable.

Now, imagine if Jose and HoseB shared a 'users' group, which their home directories used, as well as the project group. When they write to their home directories, their files end up group read/writeable to all users!

Or if they set their umask to allow user read/write only, then they end up with files in /project which the other person can't read. They have to remember to fix file permissions all the time.

[...]

Per-user groups are very meaningful, and are a good demonstration of why Debian is a superior OS to many others.

3. Wishful Thinking About Package Management

23�Dec�2000�-�31�Dec�2000 (52 posts) Archive Link: "What do you wish for in an package manager?"

Summary By Peter Eckersley

People: Dwayne C. Litzenberger,�Joseph Carter,�Adam Heath,�Matthijs Melchior,�Wichert Akkerman,�Ben Collins,�Brian May,�Eray Ozkural,�Richard Atterer,�,�Andreas Fuchs

Dwayne C. Litzenberger started a lively conversation by saying "I'm starting work on a new linux package manager. The idea is to be able to replace rpm, dpkg, apt, dselect (backend) with one,written mostly from scratch and designed to be as simple (code, not features) and clean as possible." . He then asked for feature suggestions.

Despite some skepticism about the necessity of such a project, many interesting hypothetical package management features were discussed.

Joseph Carter said "I think if dpkg used some sort of hashed database index it would be a hell of a lot nicer to people's CPUs and memory." Adam Heath replied "This is perfectly doable, and on my todo for dpkg 1.9." There was some brief controversy over the use of binary package databases.

John Hasler and Matthijs Melchior simultaneously suggested a rollback command "to undo the installation of a package and revert to the version that was installed previously, without having the original .deb available." . Wichert Akkerman commented "dpkg will support rollback at some point, when reiserfs supports transactions." There was some confusion about why filesystem level transactions would be required for this, until Ben Collins pointed out "the old package does not understand that the new package possibly setup some things (configuration settings, diversions, symlinks, removal of cruft, alternatives) that it cannot recover from." Andreas Fuchs added that multiple filesystems make the task non-trivial even with transaction support.

Brian May proposed,
get rid of maintainer scripts (don't ask me how...) so that upgrading packages is guaranteed not to destroy your computer, even if the package came an from untrusted source. This could be carried further by saying "no daemons can be started by UID=root without express permission by some protected config file".
Eray Ozkural replied
Here's a MFTL sol'n :) You need to devise a package description/configuration language that is declarative rather than procedural.

Richard Atterer suggested "An installer that is smart enough to realize that it is about to overflow the disc, so it deletes any .deb files that have been downloaded and already installed."

Numerous other possibilities were raised and considered briefly. Some, such as using bzip2 (instead of gzip) for compression, allowing users to install .debs in their home directories, and coping with non-standard situations (such as read-only shared NFS directories), have been extensively discussed on the list before. There was also a rambling debate on the necessity and feasibility of installing several versions of the same package simultaneously.

4. Cloning Debian Installs

25�Dec�2000�-�26�Dec�2000 (6 posts) Archive Link: "Need to clone machines efficiently - help?"

Summary By Prashanth Mundkur

People: Aaron Lehmann,�Peter Eckersley,�Frank Copeland,�,�Aaron Lehmann

Erik Winn, a volunteer with a Portland group (http://www.freegeek.org) that "recycles used technology and provides computers, education and access to the internet in exchange for comunity service", wrote in to ask for help in cloning hundreds of machines over the local network.

Aaron Lehmann provided a link to System Imager from VA Linux, http://systemimager.org, adding "It requires the hardware to be basically identical across machines. Once you set up the server, which is a significant task, cloning the master client onto the other clients is a cinch, involving putting the automatically-generated floppy disk into the disk drive and turning on the computer."

Mircea Luca and Frank Copeland provided a link to the FAI project: http://www.informatik.uni-koeln.de/fai/.

Peter Eckersley contributed the experiences of a similar project called Computerbank (http://www.computerbank.org.au) in Australia that seeks "to supply free GNU/Linux systems to low income individuals, community groups and disadvantaged schools":

The way we've ended up doing it is this:

So we start a normal debian install, but then pick task-computerbank-whatever and it's done.

A custom task package might play really well with an automated installer, if your hardware is sufficiently uniform to support one.

Peter thought an international affiliation between Free Geek and Computer Bank may be advantageous.

Frank supplied the task packages used by Computerbank:

deb http://thingy.apana.org.au/computerbank/debian cbv/
deb-src http://thingy.apana.org.au/computerbank/debian cbv/

5. Tracking Changed Packages

27�Dec�2000�-�30�Dec�2000 (7 posts) Archive Link: "How to get changelog file for a given _binary_ package?"

Summary By Zack Brown

People: Marc Haber,�Matt Zimmerman,�Ingo Saitz,�

Marc Haber said, "we use a number of backported potato packages and I am working on a script that sends me e-mail when a new version of these packages appears in woody." He wanted to have the script simply periodically pull the changelogs of those packages off of the Debian site via the http://cgi.debian.org/cgi-bin/get-changelog?package=$package URL, where $package stood for the name of the package in question. But for certain packages, such as libdb2-util, the URL would only say, "No such changelog file".

Matt Zimmerman replied, "The get-changelog CGI doesn't seem to have worked for quite some time now. I don't think the problem is necessarily with multiple binary packages, but that a lot of data is missing. I am working on a replacement that uses a database backend, but it would need to be hooked into dinstall/da-katie/whatever in order to be most effective, and I don't expect that to happen anytime soon."

Rick Younie suggested something like "lynx�-dump�http://packages.debian.org/libdb2-util", or adding Woody to the sources.list and parsing the Package files locally. And Ingo Saitz suggested simply, "subscribe to debian-devel-changes@lists.debian.org to get an email whenever a package in unstable is changed. Just filter for the packages that you have modified by parsing the subject should be sufficient :)"

Sharon And Joy

Kernel Traffic is grateful to be developed on a computer donated by Professor Greg Benson and Professor Allan Cruse in the Department of Computer Science at the University of San Francisco. This is the same department that invented FlashMob Computing. Kernel Traffic is hosted by the generous folks at kernel.org. All pages on this site are copyright their original authors, and distributed under the terms of the GNU General Public License version 2.0.