version and parameter divergence from Debian

The debian package is very out of date, so I don't think this bug report makes sense.

In any case, it's not a security issue.

Marc Deslauriers dixit:

>The debian package is very out of date, so I don't think this bug report
>makes sense.

Well, the (newer?) Ubuntu package lacks parameters.

>In any case, it's not a security issue.

Probably not, except it breaks our scripts pulling entropy from
a central server (using stunnel piped into rngd).

bye,
//mirabilos
--
Yay for having to rewrite other people's Bash scripts because bash
suddenly stopped supporting the bash extensions they make use of
 -- Tonnerre Lombard in #nosec

Ubuntu is using this upstream for rng-tools: http://sourceforge.net/projects/gkernel/files/rng-tools/

Same as many other distributions out there. If you look at changelogs in Debian, you will see that a different fork of this project is used with indeed many optional flags added that haven't been up-streamed. It would be great if someone submitted changes from the codebase used in Debian to the upstream. Failing that, it might make sense to import debian's rng-tools, as rng-tools-debian into Ubuntu.

Hm, I fail to find the correct source there, or a mailing list, or… anything useful.

However, your suggestion to import rng-tools-debian sounds nice.
What do I need to do to make this happen?

On 9 October 2014 13:08, Thorsten Glaser <email address hidden> wrote:
> Hm, I fail to find the correct source there, or a mailing list, or…
> anything useful.
>

Source tarball is here:
http://sourceforge.net/projects/gkernel/files/rng-tools/5/rng-tools-5.tar.gz/download

And matches checksum with orig tarball that is in ubuntu.

Documentation is in the kernel listing that as upstream location for
user space utility:

https://www.kernel.org/doc/Documentation/hw_random.txt

> However, your suggestion to import rng-tools-debian sounds nice.
> What do I need to do to make this happen?

Rename source/binary package(s) and upload into ubuntu.

--
Regards,

Dimitri.

Dimitri John Ledkov dixit:

>> However, your suggestion to import rng-tools-debian sounds nice.
>> What do I need to do to make this happen?
>
>Rename source/binary package(s) and upload into ubuntu.

How do I do that? I know about subscribing ubuntu-sponsors
for sync/merge requests on existing packages, but…

Sorry to bother.

bye,
//mirabilos
--
<ch> you introduced a merge commit │<mika> % g rebase -i HEAD^^
<mika> sorry, no idea and rebasing just fscked │<mika> Segmentation
<ch> should have cloned into a clean repo │ fault (core dumped)
<ch> if I rebase that now, it's really ugh │<mika:#grml> wuahhhhhh

I’ve done a first test cut of it into my PPA:

https://launchpad.net/~mirabilos/+archive/ubuntu/ppa/+sourcepub/4628516/+listing-archive-extra

(Ugh. Some of the compiler warnings deserve being handled, although in Debian itself.)

This is now up for review and testing. I’ll test it, too.

Heya,

On 19 December 2014 at 09:35, Thorsten Glaser
<email address hidden> wrote:
> I’ve done a first test cut of it into my PPA:
>
> https://launchpad.net/~mirabilos/+archive/ubuntu/ppa/+sourcepub/4628516
> /+listing-archive-extra
>
> (Ugh. Some of the compiler warnings deserve being handled, although in
> Debian itself.)
>
> This is now up for review and testing. I’ll test it, too.
>

On the surface that looks correct way to do it.

I guess it might make sense to do a Castling move:
rename ubuntu's rng-tools _source_ package to be rng-tools-gkernel but
make it keep the binary package names.
keep debian's rpng-tools _source_ package name but rename binary to be
rng-tools-debian.

That way we don't need to blacklist things and merges.ubuntu.com and
the like will operate correctly and provide sensible outputs.

--
Regards,

Dimitri.

Dimitri John Ledkov dixit:

>> This is now up for review and testing. I’ll test it, too.

>On the surface that looks correct way to do it.

OK, thanks. My first tests look okay as well (after I have
changed the Depends in the package *using* it to allow for
rng-tools-debian; it might sense to use a versioned Provides
in vivid…) so far.

>I guess it might make sense to do a Castling move:
>rename ubuntu's rng-tools _source_ package to be rng-tools-gkernel but
>make it keep the binary package names.
>keep debian's rpng-tools _source_ package name but rename binary to be
>rng-tools-debian.

Hm, interesting. Yes, might make sense, but I didn’t want to
impose at first. How difficult is it to get something like
this accepted?

>That way we don't need to blacklist things and merges.ubuntu.com and
>the like will operate correctly and provide sensible outputs.

Ah okay. That will certainly be of aid when we indeed push
further code fixes into Debian.

bye,
//mirabilos
--
<diogenese> Beware of ritual lest you forget the meaning behind it.
<igli> yeah but it means if you really care about something, don't
    ritualise it, or you will lose it. don't fetishise it, don't
    obsess. or you'll forget why you love it in the first place.

Putting the Launchpad bug into Cc.

---------- Forwarded message ----------
Message-ID: <email address hidden>
Date: Mon, 10 Dec 2018 18:23:56 +0100 (CET)
Subject: rng-tools: replaced with inferior version

Source: rng-tools
Version: 5-1
Severity: serious
Justification: breaks existing uses of this package

This is the same as Launchpad bug #1333293 now arrived
in Debian itself.

The options (at least) -B, -H, -T, -t are gone, which
breaks my application using rngd.

I had to create this…
https://launchpad.net/~mirabilos/+archive/ubuntu/ppa/+sourcepub/4628516/+listing-archive-extra
… in order to be able to continue using rngd as before.

Will we be reintroducing rng-tools 2.x as rng-tools-debian
into Debian buster/sid? Otherwise, support for all those
missing functionality and options MUST be added to the
new rng-tools package.

Thanks,
//mirabilos
--
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg