Custom Query (1145 matches)
Results (82 - 84 of 1145)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#388 | fixed | config-package-dev maintainer scripts don’t undivert on deconfigure | andersk | |
Description |
We currently undivert on prerm when [ "$1" = "remove" ]. This should probably be [ "$1" != "upgrade" ], so as to include the deconfigure case as well. More generally, we should check that we handle all these cases correctly. |
|||
#461 | fixed | pyhesiodfs should pass -o nonempty to fuse | andersk | |
Description |
pyhesiodfs fails to start up on a nonempty /mit. root@ringworld:/etc/init.d# /usr/bin/pyhesiodfs /mnt fuse: mountpoint is not empty fuse: if you are sure this is safe, use the 'nonempty' mount option Traceback (most recent call last): File "/usr/bin/pyhesiodfs", line 226, in <module> main() File "/usr/bin/pyhesiodfs", line 223, in main server.main() File "/usr/lib/python2.6/dist-packages/fuse.py", line 713, in main main(**d) fuse.FuseError: filesystem initialization failed From fuse/README: nonempty Allows mounts over a non-empty file or directory. By default these mounts are rejected (from version 2.3.1) to prevent accidental covering up of data, which could for example prevent automatic backup. |
|||
#529 | fixed | Make Athena ready to transition away from single-DES | kaduk | andersk |
Description |
[Not entirely a Debathena bug, but this is the most convenient place to keep track of it.] As an experiment, I modified my Kerberos principal to have only a triple-DES enctype using kadmin: kadmin: cpw -e des3-hmac-sha1:normal andersk This works out fine from a Kerberos client perspective:
However, it exposed some problems with various password-authenticated services:
Given that single-DES is critically weak, is disabled by default in current releases of Kerberos, and will be removed entirely in future releases, we should talk with network and try to get these little problems worked out sooner rather than later. SolutionIn at least one case (ca.mit.edu), the problem was that the server’s /etc/krb5.conf had the line default_tkt_enctypes = des-cbc-crc. This line should be removed. Since we think this misconfigured /etc/krb5.conf has been copied to many MIT servers, that’s probably all we need to do to fix most or all of these problems. |