Everything is packed up, see you in August

… I hope to enjoy there and come back with enough energy to work on Gentoo.

BTW, in August I will start an ‘Alpha Arch Tester’ subproject so probably some of you will want to join us. If you want to, drop me a line.

Donnie, thanks for answering, I think I’ll buy it on August… will report when I adquire it.

Have a nice July people, see you in August.


Exams are over, and holidays start just now

Well.. it looks like finally the exams are over. The rest of today and tomorrow will be the only ‘holidays’ I’m going to have this year. Also Gentoo work is going to be delayed until the first days of August since I’m going to go to Ireland for the whole July and I don’t think I will be able to either check my mail or ssh home. In fact I don’t think I will be able to connect to Internet for the whole month. Anyway, I’m carrying my laptop just in case I found a hotspot or a [i]neglected[/i] access point :>

Although I’m going to Ireland to work it is a strange way of ‘working’… they pay me the trip to Ireland (Clonmel, Co. Tipperary) and some cash to spend there or wherever I want; I [i]just[/i] have to take care of ~10 spanish students. Great chance to finish those books I’m currently reading or I want to read; and also a really good oportunity to ‘disconnect’ from RealLife(TM).

Since my memory is getting worse and worse every day I thought I could spend that money on a Tungsten C, It’s a nice gadget and it will definately help me maintain a bit of order among the things I have to do… It’s also got Wi-Fi builtin which is ‘a must’ for me. Any experiences with it? If any of you has tried or owns this device I’d like to hear from you 🙂



Hi !

I’ve been using part of the ciaranm‘s bashrc (most of the Gentoo-related functions) and though it’s great I thought that something was missing. I needed something to extrackt the depend atoms on a package. I played a bit with sed and finally wrote something useful:

edeps() { 
    local FILES e
    if [ ! -z "${1}" ] ; then
        FILES=$(equery which ${1})
        FILES=$(ls *.ebuild)
    for e in ${FILES};
        echo -ne "\033[01;32m * \033[00m"
        echo -n "Depend atoms on: "
        echo -e "\033[01;38m${e##*/}\033[00m"
        sed -ne '/^[RP]\?DEPEND=\"[^\"]*$/,/^.*\" *$/p' \
            -e '/^[RP]\?DEPEND=\"[^\"]*\"$/p' ${e}

PD: BTW this is my very first post on the Gentoo Planet. I hope you’ll forgive my language mistakes since english is not my mother tongue. (I’m spanish).

1777 is not ‘protection’

The last few days we’ve been having a bit of discussion in #-netmail about uw apps. They display a *really* bogus message if the mail spool directory (/var/spool/mail) is not protected with 1777 (*sigh*):

Mailbox vulnerable - directory /var/spool/mail must have 1777 protection

Of course mailbase creates /var/spool/mail and sets 0775 on it. Thats a real protection since it prevents someone from doing:

for i in /var/spool/mail/* ; do touch ${i}.lock; done

and mess the mail system.

Quoting from the UW IMAP FAQ:

Directory protection 1777 is secure enough on most well-managed systems. If you can’t trust your users with a 1777 mail spool (petty harassment is about the limit of the abuse exposure), then you have much worse problems then that.

It sounds ridiculous to me. I think we will finally adopt the workaround in https://bugzilla.redhat.com/beta/show_bug.cgi?id=103479#c8 or probably patch the sources to remove that annoying message.

I wonder how 1777 on the mail spool directory should be used for security reasons (*sigh*) Maybe someone will explain it to me…

Any ideas on how to solve this ?


GLEP 34 also speaks spanish

Spanish translations for per-category metadata.xml files are almost finished. araujo is doing: dev-* media-* app-* and x11-*. And I just commited the rest: games-* gnome-* gnustep-* kde-* net-* mail-* rox-* sci-* sys-* www-* xfce-* and sec-policy.

It’s been boring… but anyway, we did it hehe

It took me like 1 hour to update, check, translate, check and commit around 70 files… but feels like a wasted hour 🙁 At least I hope it will get integrated in packages.g.o

PD: Hey ! bugs.g.o is now ssl enabled, now I can access bugzilla in networks I don’t trust (i.e university, work, … all of them but mines i think :P). So infra++


mailbase will help you maintain sane permissions

Hi all !

New mailbase version (net-mail/mailbase-0.00-r9 ~arch) will not change your /var/spool/mail/ permissions anymore.

Anyway since some net-mail devs think that the only right permissions in /var/spool/mail/ are 0775. If you set something different, mailbase will not overwrite them, but it will show you a nice warning:

  * Your /var/spool/mail/ directory permissions differ from
  *  those which mailbase set when you first installed it (0775).
  *  If you did not change them on purpose, consider running:
       chmod 0775 /var/spool/mail/

Think that we have good reasons to think 1777 is harmful… do not take the easy way by setting 1777 on /var/spool/mail/; better fix your MTA or switch to Maildir/ (the latter is a much better idea by the way).


mailer-config is on the way

As slarti announced a few days ago, mailer-config is on its way to ~arch.

We have commited several packages using the new scheme. This is a package.mask excerpt:

# mask these until the new mailwrapper/mailer-config scheme is ready
# it is secure to unmask them to test

It is safe to unmask them to start testing. The *big* mailers to come soon; I’m currently working on postfix and I’ll probably have it by tonight or tomorrow.

A few ‘shots’ to show it working:

posidon root # mailer-config -l
[1] default *
[2] esmtp-0.5.0
[3] nbsmtp-0.98
[4] ssmtp-2.61
posidon root # mailer-config -s 2
 * New default profile is: esmtp-0.5.0
posidon root # mailq
Mail queue is empty
posidon root # mailer-config -s 3
 * New default profile is: nbsmtp-0.98
posidon root # mailq
Showing queued mails in /root/.nbsmtp/.queue:

posidon root # mailer-config -s 4
 * New default profile is: ssmtp-2.61
posidon root # mailq
mailq: Mail queue is empty
posidon root # mailer-config -s 3
 * New default profile is: nbsmtp-0.98
posidon root # mailer-config -l  
[1] default
[2] esmtp-0.5.0
[3] nbsmtp-0.98 *
[4] ssmtp-2.61
posidon root # 

As you can see, three completely different behaviors of mailq, each one depending on which mailer profile you are using. This is great stuff ! We would like to hear your opinion about it.


Getting rid of virus / spam on toucan with maildrop

Hi !

All of you suffering from a ‘virus attack’ on your g.o accounts and not using an insane mail filtering engine might like this.

in .mailfilter:

exception {
        xfilter "/usr/bin/spamc"
        xfilter "/usr/bin/clamassassin"

if ( /^X-Spam-Status: .*Yes,/ )
        to ".maildir/.spam"

if ( /^X-Virus-Status: .*Yes/ )
        to "/dev/null"

in .forward:

|/usr/bin/maildrop -d ferdy

Thanks infra for letting us use clamassassin… I desperately needed it. Now my INBOX is much cleaner.