Merge commit 'dkg/master'

5 files changed, 66 insertions, 2 deletions

diff --git a/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn b/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn
new file mode 100644
index 0000000..1d70313
--- /dev/null
+++ b/website/bugs/genericize-filesystem-locations-for-testsuite.mdwn
@@ -0,0 +1,28 @@
+[[meta title="genericize all filesystem locations to enable test suite:" ]]
+
+I'm in the process of writing a testsuite for the monkeysphere so that
+we can verify that it actually performs all the basic expected duties
+properly.
+
+It occurs to me that lines like these:
+
+    ETC="/etc/monkeysphere"
+    VARLIB="/var/lib/monkeysphere"
+
+Actually make it very difficult to generically test the tool without
+it being installed system-wide.
+
+Is there any reason that we should not allow these directories to be
+overridden with environment variables in the same way that
+`/usr/share/monkeysphere/share` is handled?
+
+    SHARE=${MONKEYSPHERE_SHARE:-"/usr/share/monkeysphere"}
+
+I guess i'm proposing something like:
+
+    SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"}
+    SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
+
+Thoughts?
+
+--dkg
diff --git a/website/bugs/make-tarball-is-not-idempotent.mdwn b/website/bugs/make-tarball-is-not-idempotent.mdwn
new file mode 100644
index 0000000..03779c5
--- /dev/null
+++ b/website/bugs/make-tarball-is-not-idempotent.mdwn
@@ -0,0 +1,12 @@
+[[meta title="make tarball is not idempotent" ]]
+
+The current monkeysphere Makefile has a "tarball" target, which
+produces the "upstream tarball".  Unfortunately, it is not idempotent.
+That is, if you run it twice in a row (without changing any other
+source), the second .orig.tar.gz file is bytewise different from the
+first.
+
+We should fix this so that the tarball generated is the same at least
+as long as no local file has been touched.
+
+--dkg
diff --git a/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn b/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn
index 8f518c1..e58b9c7 100644
--- a/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn
+++ b/website/bugs/postinst-clobbers-gpg.conf-settings.mdwn
@@ -1,4 +1,4 @@
-[[ meta title="debian packaging postinst script clobbers gpg.conf settings in /var/lib/monkeysphere" ]]
+[[meta title="debian packaging postinst script clobbers gpg.conf settings in /var/lib/monkeysphere" ]]
 
 Do we want to allow the system administrator to make adjustments to
 the `gpg.conf` config files found in `/var/lib/monkeysphere`?  At the
diff --git a/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn b/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn
new file mode 100644
index 0000000..65268c5
--- /dev/null
+++ b/website/bugs/problems-with-root-owned-gpg-keyrings.mdwn
@@ -0,0 +1,24 @@
+[[meta title="Problems with root-owned gpg keyrings"]]
+
+`/var/lib/monkeysphere/gnupg-host/` is root-owned, and the public
+keyring in that directory is controlled by the superuser.
+
+We currently expect the `monkeysphere` user to read from (but not
+write to) that keyring.  But using a keyring in a directory that you
+don't control appears to trigger [a subtle bug in
+gpg](http://bugs.debian.org/361539) that has been unresolved for quite
+a long time.
+
+With some of the new error checking i'm doing in
+`monkeysphere-server`, typical operations that involve both keyrings
+as the non-privileged user can fail with an error message like:
+
+    gpg: failed to rebuild keyring cache: file open error
+
+Running the relevant operation a second time as the same user usually
+lets things go through without a failure, but this seems like it would
+be hiding a bug, rather than getting it fixed correctly.
+
+Are there other ways we can deal with this problem?
+
+--dkg
diff --git a/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn b/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn
index 614e471..c491f8b 100644
--- a/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn
+++ b/website/bugs/setup-subcommand-for-monkeysphere-server.mdwn
@@ -1,4 +1,4 @@
-[[ meta title="proposed new monkeysphere-server subcommand: setup" ]]
+[[meta title="proposed new monkeysphere-server subcommand: setup" ]]
 
 What if everything that's done in the package post-installation
 scripts (aside from maybe the creation of the monkeysphere user