diff options
-rw-r--r-- | TODO_bfh.txt | 16 | ||||
-rw-r--r-- | TODO_debian.txt | 5 | ||||
-rw-r--r-- | TODO_progress-linux.txt | 60 | ||||
-rw-r--r-- | notes/dpkg.txt | 1 | ||||
-rw-r--r-- | notes/dpkg_upgrade-path.txt | 20 | ||||
-rw-r--r-- | notes/gnupg.txt | 1 | ||||
-rw-r--r-- | notes/igmpproxy.txt | 39 | ||||
-rw-r--r-- | notes/rustc_bootstrap.txt | 46 | ||||
-rw-r--r-- | stuff/enigmail_disable-setup-wizard.patch | 56 | ||||
-rw-r--r-- | stuff/enigmail_remove-configure-delay.patch | 52 | ||||
-rw-r--r-- | stuff/firefox.prefs | 2 | ||||
-rw-r--r-- | stuff/firefox_timezone-spoofing.patch | 22 | ||||
-rw-r--r-- | stuff/firefox_useragent-spoofing.patch | 40 | ||||
-rw-r--r-- | stuff/libreoffice_Java-Enable.xcd | 15 |
14 files changed, 375 insertions, 0 deletions
diff --git a/TODO_bfh.txt b/TODO_bfh.txt new file mode 100644 index 0000000..116b462 --- /dev/null +++ b/TODO_bfh.txt @@ -0,0 +1,16 @@ +https://www.21x9.org/de/thunderbird-zentral-konfigurieren.html + +bfh-team-ntw +- debian: beagle, gemma, plink, plink1.9, vcftools, xauth +- third-party: admixture, distruct, gcta, haploview, igv, pest, pgdspider, vce +- todo?: snp1001 + +bfh-stack-nvidia-cuda +- nvidia: nvidia-cuda-toolkit, libcudnn7, libnccl2, nvidia-smi +- other: nvtop, gpustat +- recommends: nvidia module, nvidia-kernel-dkms, linux-headers-amd64 + +bfh-stack-r-language +- r: r-base, r-cran-littler, +- r plugins: build-essential, gfortran, liblapack-dev, libblas-dev, libgdal-dev, +- rstudio: rstudio-server, apache2, dehydrated, dehydrated-apache2, diff --git a/TODO_debian.txt b/TODO_debian.txt new file mode 100644 index 0000000..5f657af --- /dev/null +++ b/TODO_debian.txt @@ -0,0 +1,5 @@ +packages: +- geeignetes nach libexec verschieben. + +ITPs: +- newspipe https://sr.ht/~cedric/newspipe/ web RSS aggregator diff --git a/TODO_progress-linux.txt b/TODO_progress-linux.txt new file mode 100644 index 0000000..1ce0892 --- /dev/null +++ b/TODO_progress-linux.txt @@ -0,0 +1,60 @@ +fuchur-backports: +if nss 3.63 does *not* migrate to bullseye, rebuild firefox 87.* against backported nss + + + +cgit customized defaults + + +general: +- fix no-reconfiguration when running dpkg-reconfigure for sources.list.d in progress-linux debconf handling + +- default terminal font +- debconf supress frontend warnings + +- openssh: use ~/.config/ssh in addition + +--------- + +git: verify repos: +- grep for lsb-release +- grep for commit dates (at least apt+linux in fuchur, firefox in fuchur-backports) +- scroll through git diff debian..HEAD for "obvious mistakes" + +fuchur-bugs: +- man-db trigger immer noch aktiv?! +- irker mit farben funktioniert nicht!! +- gnome-shell: create override dynamically if firefox-esr/firefox available? + -> retire firefox by uploading empty package depending on firefox-esr, and update progress-linux-metapackages/bfh-metapackages + +new patched packages: +- distro-release data dingens + + + + +phpmyadmin +nagios-plugins-contrib +raspi-firmware +https://addons.thunderbird.net/en-US/thunderbird/addon/importexporttools-ng/?src=userprofile +mailboxalert +mailredirect + + +engywuck-backports: +ansible.git +mycli.git +nagios-plugins-contrib.git +novnc.git +ntfs-3g.git +ntpsec.git +paramiko.git +pgcli.git +prompt-toolkit.git +python-pgspecial.git +python-sphinx-issues.git +python-werkzeug.git +s3fs-fuse.git +sqlparse.git +tigervnc.git +wordpress.git diff --git a/notes/dpkg.txt b/notes/dpkg.txt new file mode 100644 index 0000000..3f5a492 --- /dev/null +++ b/notes/dpkg.txt @@ -0,0 +1 @@ +dpkg-buildpackage --changes-option=-S diff --git a/notes/dpkg_upgrade-path.txt b/notes/dpkg_upgrade-path.txt new file mode 100644 index 0000000..efab23a --- /dev/null +++ b/notes/dpkg_upgrade-path.txt @@ -0,0 +1,20 @@ + Debian Progress + +native 1.2.3 1.2.3-0progress5u1 +non-native 1.2.3-4 1.2.3-4progress5u1 + +native (sec) 1.2.3 1.2.3+deb10u1 +non-native (sec) 1.2.3-4+deb10u1 1.2.3-4+deb10u1progress5u1 + +native (bpo) 1.2.3 1.2.3-0.0~progress5+u1 +non-native (bpo) 1.2.3-4 1.2.3-4~progress5+u1 + + +Upgrade paths: + native -> native (sec) -> native+1 -> native+1 (sec) -> native (bpo) + + native -> non-native (sec) -> non-native (bpo) + + native -> native (sec) -> non-native (bpo) + + non-native -> non-native (sec) -> non-native (bpo) diff --git a/notes/gnupg.txt b/notes/gnupg.txt new file mode 100644 index 0000000..fa4465e --- /dev/null +++ b/notes/gnupg.txt @@ -0,0 +1 @@ +gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys $key diff --git a/notes/igmpproxy.txt b/notes/igmpproxy.txt new file mode 100644 index 0000000..b35bb23 --- /dev/null +++ b/notes/igmpproxy.txt @@ -0,0 +1,39 @@ + +# apt install igmpproxy + + +##------------------------------------------------------ +## Enable Quickleave mode (Sends Leave instantly) +##------------------------------------------------------ +quickleave + + +##------------------------------------------------------ +## Configuration for enp1s0 (Upstream Interface) +##------------------------------------------------------ +phyint enp1s0 upstream ratelimit 0 threshold 1 + altnet 0.0.0.0/0 + + +##------------------------------------------------------ +## Configuration for enp2s0 (Downstream Interface) +##------------------------------------------------------ +phyint enp2s0 downstream ratelimit 0 threshold 1 + + +##------------------------------------------------------ +## Configuration for enp3s0 (Downstream Interface) +##------------------------------------------------------ +phyint enp3s0 downstream ratelimit 0 threshold 1 + +# https://api.init7.net/tvchannels.xspf playlist + +--- + +-A INPUT -s 224.0.0.0/4 -j ACCEPT +-A FORWARD -s 224.0.0.0/4 -d 224.0.0.0/4 -j ACCEPT +-A OUTPUT -d 224.0.0.0/4 -j ACCEPT + +--- + +https://github.com/jensbin/init7tv diff --git a/notes/rustc_bootstrap.txt b/notes/rustc_bootstrap.txt new file mode 100644 index 0000000..1972dd7 --- /dev/null +++ b/notes/rustc_bootstrap.txt @@ -0,0 +1,46 @@ +if rustc 1.48.0+dfsg-1 in the debian archive.. +...and cargo 0.48.0-1 + +1. import rustc in git as usual +- import rustc in git +- change maintainers/uploaders/bugs/vcs +- fix version number (remove +dfsg, use -0~progress[...]) +- commit changelog and push release + +=> 1.48.0-0~progress5+u0.1 + +2. create stage0 tarball +- buildd: install build-depends plus rustc, quilt, curl +- buildd: run debian/rules source_orig-stage0 +- extract generated stage0 tarball in git and commit + +3. adjust packaging +- adjust cargo and rustc build-depends as shown in source_orig-stage0 target +- squash this together with the commit that has the extracted stage0 tarball + +4. build source package as usual. + +5. build the binary packages with build-profile +sudo apt build-dep -y -Ppkg.rustc.dlstage0 . + +dpkg-buildpackage -B -Ppkg.rustc.dlstage0 +dpkg-buildpackage -A -Ppkg.rustc.dlstage0 + +6. upload packages to the archive + +7. build cargo with it + +=> 0.48.0-1~progress5+u0.1 + +8. rebuild rustc without upstream binaries and with cargo-build-with-rustc-from-upstream + +=> 1.48.0+dfsg-1~progress5+u0.1 + +9. rebuild cargo with rustc-build-without-upstream-binaries + +=> 0.48.0-1~progress5+u0.2 + +10. rebuild rustc with cargo again. + +=> 1.48.0+dfsg-1~progress5+u1 +=> 0.48.0-1~progress5+u1 diff --git a/stuff/enigmail_disable-setup-wizard.patch b/stuff/enigmail_disable-setup-wizard.patch new file mode 100644 index 0000000..f872500 --- /dev/null +++ b/stuff/enigmail_disable-setup-wizard.patch @@ -0,0 +1,56 @@ +commit 03948d040a7a7636f313c043f865513137590d54 +gpg: Signature made Wed 08 Jul 2020 05:03:58 PM CEST +gpg: using EDDSA key 95409F2944B1C6D44C6B49D53E6CA28DAAF8DD14 +gpg: Good signature from "Daniel Baumann <daniel.baumann@progress-linux.org>" [ultimate] +Primary key fingerprint: 9540 9F29 44B1 C6D4 4C6B 49D5 3E6C A28D AAF8 DD14 +Author: Daniel Baumann <daniel.baumann@progress-linux.org> +Date: Wed Jul 8 17:03:47 2020 +0200 + + Disabling setup wizard autostart on first use. + + Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org> + +diff --git a/debian/patches/progress-linux/0001-disable-setup-wizard.patch b/debian/patches/progress-linux/0001-disable-setup-wizard.patch +new file mode 100644 +index 0000000..0fce3e7 +--- /dev/null ++++ b/debian/patches/progress-linux/0001-disable-setup-wizard.patch +@@ -0,0 +1,29 @@ ++Author: Daniel Baumann <daniel.baumann@progress-linux.org> ++Description: Disabling setup wizard autostart on first use. ++ ++diff -Naurp enigmail.orig/package/configure.jsm enigmail/package/configure.jsm ++--- enigmail.orig/package/configure.jsm +++++ enigmail/package/configure.jsm ++@@ -211,21 +211,7 @@ var EnigmailConfigure = { ++ let vc = Cc["@mozilla.org/xpcom/version-comparator;1"].getService(Ci.nsIVersionComparator); ++ ++ if (oldVer === "") { ++- try { ++- let setupResult = await EnigmailAutoSetup.determinePreviousInstallType(); ++- ++- switch (EnigmailAutoSetup.value) { ++- case EnigmailConstants.AUTOSETUP_NOT_INITIALIZED: ++- case EnigmailConstants.AUTOSETUP_NO_ACCOUNT: ++- break; ++- default: ++- EnigmailPrefs.setPref("configuredVersion", EnigmailApp.getVersion()); ++- EnigmailWindows.openSetupWizard(win); ++- } ++- } ++- catch(x) { ++- // ignore exceptions and proceed without setup wizard ++- } +++ EnigmailPrefs.setPref("configuredVersion", EnigmailApp.getVersion()); ++ } ++ else { ++ if (vc.compare(oldVer, "1.7a1pre") < 0) { +diff --git a/debian/patches/series b/debian/patches/series +index 35ca52a..acc0a9f 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -17,3 +17,4 @@ + 0016-always-return-a-struct_time.patch + 0017-avoid-cmp-in-favor-of-__lt__.patch + 0019-Avoid-weird-Preprocessor.py-misbehavior.patch ++progress-linux/0001-disable-setup-wizard.patch diff --git a/stuff/enigmail_remove-configure-delay.patch b/stuff/enigmail_remove-configure-delay.patch new file mode 100644 index 0000000..2d6facc --- /dev/null +++ b/stuff/enigmail_remove-configure-delay.patch @@ -0,0 +1,52 @@ +commit bb325a5481dc0d06d6e4211b9d62a9c36510b19c +gpg: Signature made Wed 08 Jul 2020 05:04:01 PM CEST +gpg: using EDDSA key 95409F2944B1C6D44C6B49D53E6CA28DAAF8DD14 +gpg: Good signature from "Daniel Baumann <daniel.baumann@progress-linux.org>" [ultimate] +Primary key fingerprint: 9540 9F29 44B1 C6D4 4C6B 49D5 3E6C A28D AAF8 DD14 +Author: Daniel Baumann <daniel.baumann@progress-linux.org> +Date: Wed Jul 8 17:03:47 2020 +0200 + + Removing configure delay on first use. + + Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org> + +diff --git a/debian/patches/progress-linux/0002-remove-configure-delay.patch b/debian/patches/progress-linux/0002-remove-configure-delay.patch +new file mode 100644 +index 0000000..6218e38 +--- /dev/null ++++ b/debian/patches/progress-linux/0002-remove-configure-delay.patch +@@ -0,0 +1,25 @@ ++Author: Daniel Baumann <daniel.baumann@progress-linux.org> ++Description: Removing configure delay on first use. ++ ++diff -Naurp enigmail.orig/package/configure.jsm enigmail/package/configure.jsm ++--- enigmail.orig/package/configure.jsm +++++ enigmail/package/configure.jsm ++@@ -194,18 +194,6 @@ var EnigmailConfigure = { ++ configureEnigmail: async function(win, startingPreferences) { ++ EnigmailLog.DEBUG("configure.jsm: configureEnigmail()\n"); ++ ++- if (!EnigmailStdlib.hasConfiguredAccounts()) { ++- EnigmailLog.DEBUG("configure.jsm: configureEnigmail: no account configured. Waiting 60 seconds.\n"); ++- ++- // try again in 60 seconds ++- EnigmailTimer.setTimeout( ++- function _f() { ++- EnigmailConfigure.configureEnigmail(win, startingPreferences); ++- }, ++- 60000); ++- return; ++- } ++- ++ let oldVer = EnigmailPrefs.getPref("configuredVersion"); ++ ++ let vc = Cc["@mozilla.org/xpcom/version-comparator;1"].getService(Ci.nsIVersionComparator); +diff --git a/debian/patches/series b/debian/patches/series +index acc0a9f..63b1fec 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -18,3 +18,4 @@ + 0017-avoid-cmp-in-favor-of-__lt__.patch + 0019-Avoid-weird-Preprocessor.py-misbehavior.patch + progress-linux/0001-disable-setup-wizard.patch ++progress-linux/0002-remove-configure-delay.patch diff --git a/stuff/firefox.prefs b/stuff/firefox.prefs new file mode 100644 index 0000000..8a99873 --- /dev/null +++ b/stuff/firefox.prefs @@ -0,0 +1,2 @@ +pref("privacy.firstparty.isolate", true); +pref("privacy.resistFingerprinting", true); diff --git a/stuff/firefox_timezone-spoofing.patch b/stuff/firefox_timezone-spoofing.patch new file mode 100644 index 0000000..6fd6778 --- /dev/null +++ b/stuff/firefox_timezone-spoofing.patch @@ -0,0 +1,22 @@ +Author: Daniel Baumann <daniel.baumann@progress-linux.org> +Description: Disabling timezone spoofing with privacy.resistFingerprinting. + Enabling privacy.resistFingerprinting unconditionally sets the timezone to + UTC. If privacy.resistFingerprinting is enabled by default, the timezone + should be excluded. + . + https://bugzilla.mozilla.org/show_bug.cgi?id=1330890 + +diff -Naurp firefox.orig/toolkit/components/resistfingerprinting/nsRFPService.cpp firefox/toolkit/components/resistfingerprinting/nsRFPService.cpp +--- firefox.orig/toolkit/components/resistfingerprinting/nsRFPService.cpp ++++ firefox/toolkit/components/resistfingerprinting/nsRFPService.cpp +@@ -807,9 +807,7 @@ void nsRFPService::UpdateRFPPref() { + + bool privacyResistFingerprinting = + StaticPrefs::privacy_resistFingerprinting(); +- if (privacyResistFingerprinting) { +- PR_SetEnv("TZ=UTC"); +- } else if (sInitialized) { ++ if (sInitialized) { + // We will not touch the TZ value if 'privacy.resistFingerprinting' is false + // during the time of initialization. + if (!mInitialTZValue.IsEmpty()) { diff --git a/stuff/firefox_useragent-spoofing.patch b/stuff/firefox_useragent-spoofing.patch new file mode 100644 index 0000000..9ac5913 --- /dev/null +++ b/stuff/firefox_useragent-spoofing.patch @@ -0,0 +1,40 @@ +Author: Daniel Baumann <daniel.baumann@progress-linux.org> +Description: Disabling useragent spoofing with privacy.resistFingerprinting. + Enabling privacy.resistFingerprinting unconditionally sets the useragent to a + different OS/version combination. If privacy.resistFingerprinting is enabled by + default, the useragent should be excluded. + +diff -Naurp firefox.orig/dom/base/Navigator.cpp firefox/dom/base/Navigator.cpp +--- firefox.orig/dom/base/Navigator.cpp ++++ firefox/dom/base/Navigator.cpp +@@ -1922,17 +1922,6 @@ nsresult Navigator::GetUserAgent(nsPIDOM + } + } + +- // When the caller is content and 'privacy.resistFingerprinting' is true, +- // return a spoofed userAgent which reveals the platform but not the +- // specific OS version, etc. +- if (!aIsCallerChrome && +- nsContentUtils::ShouldResistFingerprinting(aCallerPrincipal)) { +- nsAutoCString spoofedUA; +- nsRFPService::GetSpoofedUserAgent(spoofedUA, false); +- CopyASCIItoUTF16(spoofedUA, aUserAgent); +- return NS_OK; +- } +- + nsresult rv; + nsCOMPtr<nsIHttpProtocolHandler> service( + do_GetService(NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "http", &rv)); +diff -Naurp firefox.orig/netwerk/protocol/http/nsHttpHandler.cpp firefox/netwerk/protocol/http/nsHttpHandler.cpp +--- firefox.orig/netwerk/protocol/http/nsHttpHandler.cpp ++++ firefox/netwerk/protocol/http/nsHttpHandler.cpp +@@ -482,9 +482,6 @@ nsresult nsHttpHandler::Init() { + mAppVersion.AssignLiteral(MOZ_APP_UA_VERSION); + } + +- // Generate the spoofed User Agent for fingerprinting resistance. +- nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true); +- + mSessionStartTime = NowInSeconds(); + mHandlerActive = true; + diff --git a/stuff/libreoffice_Java-Enable.xcd b/stuff/libreoffice_Java-Enable.xcd new file mode 100644 index 0000000..8b131c6 --- /dev/null +++ b/stuff/libreoffice_Java-Enable.xcd @@ -0,0 +1,15 @@ +<!-- /etc/libreoffice/registry/Java-Enable.xcd --> + +<!-- Disabling to use Java --> + +<?xml version="1.0"?> +<oor:data xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oor="http://openoffice.org/2001/registry"> + <dependency file="main"/> + <oor:component-data oor:package="org.openoffice.Office" oor:name="Java"> + <node oor:name="VirtualMachine"> + <prop oor:name="Enable"> + <value>false</value> + </prop> + </node> + </oor:component-data> +</oor:data> |