Bug#825532: RFS: shadowsocks-libev/2.4.6+20160526+ds-1 [ITP]
Dear G,
Here's a slightly updated version, with my comment.
(pkg already uploaded to mentors)
On Mon, Jun 20, 2016 at 10:17 PM, Gianfranco Costamagna
<locutusofborg@debian.org> wrote:
>
>>>It's runtime config file, which will be installed to: etc/shadowsocks-libev
>>
>> not sure about hardcoding passwords that way... maybe generate them at install
>> time with apg or similar?
>> (postinst or similar)
>>
>> I don't want all the userbase to have the same tool with the same default password.
>
>>Done.
>>Add postinst script to handle this.
>
>
>>I like that solution!
>
>
> but shouldn't this be executed only during install?
> the place where you put suggests the code will be executed and re-executed during all
> the calls (configure deconfigure abort upgrade and so on)
>
> I would do it in configure, and don't care about the upgrade, because even re-running
> it will be a no-op (unless apg generates the same "barfoo!" password :) )
> LOL, in that case it will be changed during an apt-get {dist-}upgrade :)
It's my intention, to do it when upgrading/reinstall.
Because before this ITP/RFS, user may already build deb themselves,
and have this fixed passwd on system.
Here I want to make sure the fixed passwd will be gone.
>>Hope you cannot find a nitpick this time :-P
>
> there is always something to nitpick :)
>
> e.g.
> https://mentors.debian.net/package/shadowsocks-libev
> "W debian-watch-file-should-mangle-version
> line 7"
>
> what does it mean?
> I admit I didn't investigate it
It means false positive and a lintian bug: https://bugs.debian.org/505857#40
Besides your request, I have some other changes:
- upgrade to compat 10
- remove autoreconf setting in d/rules, because compat 10 already enables this
- use library libcorkipset (instead of libredjackipset)
- update patch, also use library libcorkipset
- update "Homepage" in d/control to use "https"
Cheers,
--
Roger Shimizu, GMT +9 Tokyo
PGP/GPG: 4096R/6C6ACD6417B3ACB1
Reply to: