14 files changed, 375 insertions, 0 deletions
diff --git a/TODO_bfh.txt b/TODO_bfh.txt
new file mode 100644
index 0000000..116b462
--- /dev/null
+++ b/TODO_bfh.txt
@@ -0,0 +1,16 @@
+https://www.21x9.org/de/thunderbird-zentral-konfigurieren.html
+
+bfh-team-ntw
+- debian: beagle, gemma, plink, plink1.9, vcftools, xauth
+- third-party: admixture, distruct, gcta, haploview, igv, pest, pgdspider, vce
+- todo?: snp1001
+
+bfh-stack-nvidia-cuda
+- nvidia: nvidia-cuda-toolkit, libcudnn7, libnccl2, nvidia-smi
+- other: nvtop, gpustat
+- recommends: nvidia module, nvidia-kernel-dkms, linux-headers-amd64
+
+bfh-stack-r-language
+- r: r-base, r-cran-littler,
+- r plugins: build-essential, gfortran, liblapack-dev, libblas-dev, libgdal-dev,
+- rstudio: rstudio-server, apache2, dehydrated, dehydrated-apache2,
diff --git a/TODO_debian.txt b/TODO_debian.txt
new file mode 100644
index 0000000..5f657af
--- /dev/null
+++ b/TODO_debian.txt
@@ -0,0 +1,5 @@
+packages:
+- geeignetes nach libexec verschieben.
+
+ITPs:
+- newspipe	https://sr.ht/~cedric/newspipe/		web RSS aggregator
diff --git a/TODO_progress-linux.txt b/TODO_progress-linux.txt
new file mode 100644
index 0000000..1ce0892
--- /dev/null
+++ b/TODO_progress-linux.txt
@@ -0,0 +1,60 @@
+fuchur-backports:
+if nss 3.63 does *not* migrate to bullseye, rebuild firefox 87.* against backported nss
+
+
+
+cgit customized defaults
+
+
+general:
+- fix no-reconfiguration when running dpkg-reconfigure for sources.list.d in progress-linux debconf handling
+
+- default terminal font
+- debconf supress frontend warnings
+
+- openssh: use ~/.config/ssh in addition
+
+---------
+
+git: verify repos:
+- grep for lsb-release
+- grep for commit dates (at least apt+linux in fuchur, firefox in fuchur-backports)
+- scroll through git diff debian..HEAD for "obvious mistakes"
+
+fuchur-bugs:
+- man-db trigger immer noch aktiv?!
+- irker mit farben funktioniert nicht!!
+- gnome-shell: create override dynamically if firefox-esr/firefox available?
+  -> retire firefox by uploading empty package depending on firefox-esr, and update progress-linux-metapackages/bfh-metapackages
+
+new patched packages:
+- distro-release data dingens
+
+
+
+
+phpmyadmin
+nagios-plugins-contrib
+raspi-firmware
+https://addons.thunderbird.net/en-US/thunderbird/addon/importexporttools-ng/?src=userprofile
+mailboxalert
+mailredirect
+
+
+engywuck-backports:
+ansible.git
+mycli.git
+nagios-plugins-contrib.git
+novnc.git
+ntfs-3g.git
+ntpsec.git
+paramiko.git
+pgcli.git
+prompt-toolkit.git
+python-pgspecial.git
+python-sphinx-issues.git
+python-werkzeug.git
+s3fs-fuse.git
+sqlparse.git
+tigervnc.git
+wordpress.git
diff --git a/notes/dpkg.txt b/notes/dpkg.txt
new file mode 100644
index 0000000..3f5a492
--- /dev/null
+++ b/notes/dpkg.txt
@@ -0,0 +1 @@
+dpkg-buildpackage --changes-option=-S
diff --git a/notes/dpkg_upgrade-path.txt b/notes/dpkg_upgrade-path.txt
new file mode 100644
index 0000000..efab23a
--- /dev/null
+++ b/notes/dpkg_upgrade-path.txt
@@ -0,0 +1,20 @@
+			Debian			Progress
+
+native			1.2.3			1.2.3-0progress5u1
+non-native		1.2.3-4			1.2.3-4progress5u1
+
+native (sec)		1.2.3			1.2.3+deb10u1
+non-native (sec)	1.2.3-4+deb10u1		1.2.3-4+deb10u1progress5u1
+
+native (bpo)		1.2.3			1.2.3-0.0~progress5+u1
+non-native (bpo)	1.2.3-4			1.2.3-4~progress5+u1
+
+
+Upgrade paths:
+	native -> native (sec) -> native+1 -> native+1 (sec) -> native (bpo)
+
+	native -> non-native (sec) -> non-native (bpo)
+
+	native -> native (sec) -> non-native (bpo)
+
+	non-native -> non-native (sec) -> non-native (bpo)
diff --git a/notes/gnupg.txt b/notes/gnupg.txt
new file mode 100644
index 0000000..fa4465e
--- /dev/null
+++ b/notes/gnupg.txt
@@ -0,0 +1 @@
+gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys $key
diff --git a/notes/igmpproxy.txt b/notes/igmpproxy.txt
new file mode 100644
index 0000000..b35bb23
--- /dev/null
+++ b/notes/igmpproxy.txt
@@ -0,0 +1,39 @@
+
+# apt install igmpproxy
+
+
+##------------------------------------------------------
+## Enable Quickleave mode (Sends Leave instantly)
+##------------------------------------------------------
+quickleave
+
+
+##------------------------------------------------------
+## Configuration for enp1s0 (Upstream Interface)
+##------------------------------------------------------
+phyint enp1s0 upstream  ratelimit 0  threshold 1
+        altnet 0.0.0.0/0
+
+
+##------------------------------------------------------
+## Configuration for enp2s0 (Downstream Interface)
+##------------------------------------------------------
+phyint enp2s0 downstream  ratelimit 0  threshold 1
+
+
+##------------------------------------------------------
+## Configuration for enp3s0 (Downstream Interface)
+##------------------------------------------------------
+phyint enp3s0 downstream  ratelimit 0  threshold 1
+
+# https://api.init7.net/tvchannels.xspf playlist
+
+---
+
+-A INPUT   -s 224.0.0.0/4 -j ACCEPT
+-A FORWARD -s 224.0.0.0/4 -d 224.0.0.0/4 -j ACCEPT
+-A OUTPUT  -d 224.0.0.0/4 -j ACCEPT
+
+---
+
+https://github.com/jensbin/init7tv
diff --git a/notes/rustc_bootstrap.txt b/notes/rustc_bootstrap.txt
new file mode 100644
index 0000000..1972dd7
--- /dev/null
+++ b/notes/rustc_bootstrap.txt
@@ -0,0 +1,46 @@
+if rustc 1.48.0+dfsg-1 in the debian archive..
+...and cargo 0.48.0-1
+
+1. import rustc in git as usual
+- import rustc in git
+- change maintainers/uploaders/bugs/vcs
+- fix version number (remove +dfsg, use -0~progress[...])
+- commit changelog and push release
+
+=> 1.48.0-0~progress5+u0.1
+
+2. create stage0 tarball
+- buildd: install build-depends plus rustc, quilt, curl
+- buildd: run debian/rules source_orig-stage0
+- extract generated stage0 tarball in git and commit
+
+3. adjust packaging
+- adjust cargo and rustc build-depends as shown in source_orig-stage0 target
+- squash this together with the commit that has the extracted stage0 tarball
+
+4. build source package as usual.
+
+5. build the binary packages with build-profile
+sudo apt build-dep -y -Ppkg.rustc.dlstage0 .
+
+dpkg-buildpackage -B -Ppkg.rustc.dlstage0
+dpkg-buildpackage -A -Ppkg.rustc.dlstage0
+
+6. upload packages to the archive
+
+7. build cargo with it
+
+=> 0.48.0-1~progress5+u0.1
+
+8. rebuild rustc without upstream binaries and with cargo-build-with-rustc-from-upstream
+
+=> 1.48.0+dfsg-1~progress5+u0.1
+
+9. rebuild cargo with rustc-build-without-upstream-binaries
+
+=> 0.48.0-1~progress5+u0.2
+
+10. rebuild rustc with cargo again.
+
+=> 1.48.0+dfsg-1~progress5+u1
+=> 0.48.0-1~progress5+u1
diff --git a/stuff/enigmail_disable-setup-wizard.patch b/stuff/enigmail_disable-setup-wizard.patch
new file mode 100644
index 0000000..f872500
--- /dev/null
+++ b/stuff/enigmail_disable-setup-wizard.patch
@@ -0,0 +1,56 @@
+commit 03948d040a7a7636f313c043f865513137590d54
+gpg: Signature made Wed 08 Jul 2020 05:03:58 PM CEST
+gpg:                using EDDSA key 95409F2944B1C6D44C6B49D53E6CA28DAAF8DD14
+gpg: Good signature from "Daniel Baumann <daniel.baumann@progress-linux.org>" [ultimate]
+Primary key fingerprint: 9540 9F29 44B1 C6D4 4C6B  49D5 3E6C A28D AAF8 DD14
+Author: Daniel Baumann <daniel.baumann@progress-linux.org>
+Date:   Wed Jul 8 17:03:47 2020 +0200
+
+    Disabling setup wizard autostart on first use.
+    
+    Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
+
+diff --git a/debian/patches/progress-linux/0001-disable-setup-wizard.patch b/debian/patches/progress-linux/0001-disable-setup-wizard.patch
+new file mode 100644
+index 0000000..0fce3e7
+--- /dev/null
++++ b/debian/patches/progress-linux/0001-disable-setup-wizard.patch
+@@ -0,0 +1,29 @@
++Author: Daniel Baumann <daniel.baumann@progress-linux.org>
++Description: Disabling setup wizard autostart on first use.
++
++diff -Naurp enigmail.orig/package/configure.jsm enigmail/package/configure.jsm
++--- enigmail.orig/package/configure.jsm
+++++ enigmail/package/configure.jsm
++@@ -211,21 +211,7 @@ var EnigmailConfigure = {
++     let vc = Cc["@mozilla.org/xpcom/version-comparator;1"].getService(Ci.nsIVersionComparator);
++ 
++     if (oldVer === "") {
++-      try {
++-        let setupResult = await EnigmailAutoSetup.determinePreviousInstallType();
++-
++-        switch (EnigmailAutoSetup.value) {
++-          case EnigmailConstants.AUTOSETUP_NOT_INITIALIZED:
++-          case EnigmailConstants.AUTOSETUP_NO_ACCOUNT:
++-            break;
++-          default:
++-            EnigmailPrefs.setPref("configuredVersion", EnigmailApp.getVersion());
++-            EnigmailWindows.openSetupWizard(win);
++-        }
++-      }
++-      catch(x) {
++-        // ignore exceptions and proceed without setup wizard
++-      }
+++      EnigmailPrefs.setPref("configuredVersion", EnigmailApp.getVersion());
++     }
++     else {
++       if (vc.compare(oldVer, "1.7a1pre") < 0) {
+diff --git a/debian/patches/series b/debian/patches/series
+index 35ca52a..acc0a9f 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -17,3 +17,4 @@
+ 0016-always-return-a-struct_time.patch
+ 0017-avoid-cmp-in-favor-of-__lt__.patch
+ 0019-Avoid-weird-Preprocessor.py-misbehavior.patch
++progress-linux/0001-disable-setup-wizard.patch
diff --git a/stuff/enigmail_remove-configure-delay.patch b/stuff/enigmail_remove-configure-delay.patch
new file mode 100644
index 0000000..2d6facc
--- /dev/null
+++ b/stuff/enigmail_remove-configure-delay.patch
@@ -0,0 +1,52 @@
+commit bb325a5481dc0d06d6e4211b9d62a9c36510b19c
+gpg: Signature made Wed 08 Jul 2020 05:04:01 PM CEST
+gpg:                using EDDSA key 95409F2944B1C6D44C6B49D53E6CA28DAAF8DD14
+gpg: Good signature from "Daniel Baumann <daniel.baumann@progress-linux.org>" [ultimate]
+Primary key fingerprint: 9540 9F29 44B1 C6D4 4C6B  49D5 3E6C A28D AAF8 DD14
+Author: Daniel Baumann <daniel.baumann@progress-linux.org>
+Date:   Wed Jul 8 17:03:47 2020 +0200
+
+    Removing configure delay on first use.
+    
+    Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
+
+diff --git a/debian/patches/progress-linux/0002-remove-configure-delay.patch b/debian/patches/progress-linux/0002-remove-configure-delay.patch
+new file mode 100644
+index 0000000..6218e38
+--- /dev/null
++++ b/debian/patches/progress-linux/0002-remove-configure-delay.patch
+@@ -0,0 +1,25 @@
++Author: Daniel Baumann <daniel.baumann@progress-linux.org>
++Description: Removing configure delay on first use.
++
++diff -Naurp enigmail.orig/package/configure.jsm enigmail/package/configure.jsm
++--- enigmail.orig/package/configure.jsm
+++++ enigmail/package/configure.jsm
++@@ -194,18 +194,6 @@ var EnigmailConfigure = {
++   configureEnigmail: async function(win, startingPreferences) {
++     EnigmailLog.DEBUG("configure.jsm: configureEnigmail()\n");
++ 
++-    if (!EnigmailStdlib.hasConfiguredAccounts()) {
++-      EnigmailLog.DEBUG("configure.jsm: configureEnigmail: no account configured. Waiting 60 seconds.\n");
++-
++-      // try again in 60 seconds
++-      EnigmailTimer.setTimeout(
++-        function _f() {
++-          EnigmailConfigure.configureEnigmail(win, startingPreferences);
++-        },
++-        60000);
++-      return;
++-    }
++-
++     let oldVer = EnigmailPrefs.getPref("configuredVersion");
++ 
++     let vc = Cc["@mozilla.org/xpcom/version-comparator;1"].getService(Ci.nsIVersionComparator);
+diff --git a/debian/patches/series b/debian/patches/series
+index acc0a9f..63b1fec 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -18,3 +18,4 @@
+ 0017-avoid-cmp-in-favor-of-__lt__.patch
+ 0019-Avoid-weird-Preprocessor.py-misbehavior.patch
+ progress-linux/0001-disable-setup-wizard.patch
++progress-linux/0002-remove-configure-delay.patch
diff --git a/stuff/firefox.prefs b/stuff/firefox.prefs
new file mode 100644
index 0000000..8a99873
--- /dev/null
+++ b/stuff/firefox.prefs
@@ -0,0 +1,2 @@
+pref("privacy.firstparty.isolate", true);
+pref("privacy.resistFingerprinting", true);
diff --git a/stuff/firefox_timezone-spoofing.patch b/stuff/firefox_timezone-spoofing.patch
new file mode 100644
index 0000000..6fd6778
--- /dev/null
+++ b/stuff/firefox_timezone-spoofing.patch
@@ -0,0 +1,22 @@
+Author: Daniel Baumann <daniel.baumann@progress-linux.org>
+Description: Disabling timezone spoofing with privacy.resistFingerprinting.
+ Enabling privacy.resistFingerprinting unconditionally sets the timezone to
+ UTC. If privacy.resistFingerprinting is enabled by default, the timezone
+ should be excluded.
+ .
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1330890
+
+diff -Naurp firefox.orig/toolkit/components/resistfingerprinting/nsRFPService.cpp firefox/toolkit/components/resistfingerprinting/nsRFPService.cpp
+--- firefox.orig/toolkit/components/resistfingerprinting/nsRFPService.cpp
++++ firefox/toolkit/components/resistfingerprinting/nsRFPService.cpp
+@@ -807,9 +807,7 @@ void nsRFPService::UpdateRFPPref() {
+ 
+   bool privacyResistFingerprinting =
+       StaticPrefs::privacy_resistFingerprinting();
+-  if (privacyResistFingerprinting) {
+-    PR_SetEnv("TZ=UTC");
+-  } else if (sInitialized) {
++  if (sInitialized) {
+     // We will not touch the TZ value if 'privacy.resistFingerprinting' is false
+     // during the time of initialization.
+     if (!mInitialTZValue.IsEmpty()) {
diff --git a/stuff/firefox_useragent-spoofing.patch b/stuff/firefox_useragent-spoofing.patch
new file mode 100644
index 0000000..9ac5913
--- /dev/null
+++ b/stuff/firefox_useragent-spoofing.patch
@@ -0,0 +1,40 @@
+Author: Daniel Baumann <daniel.baumann@progress-linux.org>
+Description: Disabling useragent spoofing with privacy.resistFingerprinting.
+ Enabling privacy.resistFingerprinting unconditionally sets the useragent to a
+ different OS/version combination. If privacy.resistFingerprinting is enabled by
+ default, the useragent should be excluded.
+
+diff -Naurp firefox.orig/dom/base/Navigator.cpp firefox/dom/base/Navigator.cpp
+--- firefox.orig/dom/base/Navigator.cpp
++++ firefox/dom/base/Navigator.cpp
+@@ -1922,17 +1922,6 @@ nsresult Navigator::GetUserAgent(nsPIDOM
+     }
+   }
+ 
+-  // When the caller is content and 'privacy.resistFingerprinting' is true,
+-  // return a spoofed userAgent which reveals the platform but not the
+-  // specific OS version, etc.
+-  if (!aIsCallerChrome &&
+-      nsContentUtils::ShouldResistFingerprinting(aCallerPrincipal)) {
+-    nsAutoCString spoofedUA;
+-    nsRFPService::GetSpoofedUserAgent(spoofedUA, false);
+-    CopyASCIItoUTF16(spoofedUA, aUserAgent);
+-    return NS_OK;
+-  }
+-
+   nsresult rv;
+   nsCOMPtr<nsIHttpProtocolHandler> service(
+       do_GetService(NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "http", &rv));
+diff -Naurp firefox.orig/netwerk/protocol/http/nsHttpHandler.cpp firefox/netwerk/protocol/http/nsHttpHandler.cpp
+--- firefox.orig/netwerk/protocol/http/nsHttpHandler.cpp
++++ firefox/netwerk/protocol/http/nsHttpHandler.cpp
+@@ -482,9 +482,6 @@ nsresult nsHttpHandler::Init() {
+     mAppVersion.AssignLiteral(MOZ_APP_UA_VERSION);
+   }
+ 
+-  // Generate the spoofed User Agent for fingerprinting resistance.
+-  nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
+-
+   mSessionStartTime = NowInSeconds();
+   mHandlerActive = true;
+ 
diff --git a/stuff/libreoffice_Java-Enable.xcd b/stuff/libreoffice_Java-Enable.xcd
new file mode 100644
index 0000000..8b131c6
--- /dev/null
+++ b/stuff/libreoffice_Java-Enable.xcd
@@ -0,0 +1,15 @@
+<!-- /etc/libreoffice/registry/Java-Enable.xcd -->
+
+<!-- Disabling to use Java -->
+
+<?xml version="1.0"?>
+<oor:data xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oor="http://openoffice.org/2001/registry">
+  <dependency file="main"/>
+  <oor:component-data oor:package="org.openoffice.Office" oor:name="Java">
+    <node oor:name="VirtualMachine">
+      <prop oor:name="Enable">
+        <value>false</value>
+      </prop>
+    </node>
+  </oor:component-data>
+</oor:data>