New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Distro packages needed #105

Closed
geckolinux opened this Issue Jul 20, 2015 · 112 comments

Comments

Projects
None yet
@geckolinux

geckolinux commented Jul 20, 2015

This issue tracks ongoing work to package borg in various distributions.

Done items are documented in the install docs and should be edited there directly when new packages are published.

Non-exhaustive list of packages needing work:

  • Redhat derivatives:
  • OS X
    • brew cask
    • darwin ports or eventually a DMG, once we get a GUI, could be nice
    • standalone binary releases + regular testing, see #913
  • Windows
    • Native - in progress, see #983 for roadmap
    • Cygwin - in progress, see #440, likely to be abandoned for the native port above

Note: there are binary release packages for Linux, FreeBSD and OS X on the github releases page.

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Oct 31, 2015

Contributor

Debian is in new queue, and Ubuntu Xenial (the 16.04 LTS will probably have it).

Contributor

LocutusOfBorg commented Oct 31, 2015

Debian is in new queue, and Ubuntu Xenial (the 16.04 LTS will probably have it).

@mhalano

This comment has been minimized.

Show comment
Hide comment
@mhalano

mhalano Nov 5, 2015

Where I can find Debian package?

mhalano commented Nov 5, 2015

Where I can find Debian package?

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Nov 5, 2015

Contributor

un unstable as soon as it is processed from new queue
https://ftp-master.debian.org/new/borgbackup_0.27.0-1.html

or you can build it from our git :)

Contributor

LocutusOfBorg commented Nov 5, 2015

un unstable as soon as it is processed from new queue
https://ftp-master.debian.org/new/borgbackup_0.27.0-1.html

or you can build it from our git :)

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 9, 2015

Contributor

i unchecked Debian as done while we wait for the new queue. i think we should also aim for backports in jessie there as well.

Contributor

anarcat commented Nov 9, 2015

i unchecked Debian as done while we wait for the new queue. i think we should also aim for backports in jessie there as well.

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Nov 9, 2015

Contributor

well, we need some backports e.g. msgpack and setuptools-scm before

Contributor

LocutusOfBorg commented Nov 9, 2015

well, we need some backports e.g. msgpack and setuptools-scm before

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 9, 2015

Contributor

sure, that would be fine as well i think.

Contributor

anarcat commented Nov 9, 2015

sure, that would be fine as well i think.

@rmoriz

This comment has been minimized.

Show comment
Hide comment
@rmoriz

rmoriz Nov 11, 2015

Homebrew cask: Homebrew/homebrew-cask#15102

Background:

Cask is an addon-on for OSX HomeBrew to install binary-backages, see http://caskroom.io/ and https://github.com/caskroom/homebrew-cask/blob/master/USAGE.md for a introduction.

Motivation:

The homebrew-cask allows OSX uses to install the binary release of borg using the homebrew and cask toolchain with a single command.

I like the zero-dependency approach of the borg-binary releases. IMHO backup tools need to be self-contained as much as possible.

Usage, once merged by upstream:

  • install Homebrew: http://brew.sh/
  • install Cask: brew install caskroom/cask/brew-cask
  • install borg: brew cask install borgbackup

qweq

update: added explenation as requested by @anarcat

rmoriz commented Nov 11, 2015

Homebrew cask: Homebrew/homebrew-cask#15102

Background:

Cask is an addon-on for OSX HomeBrew to install binary-backages, see http://caskroom.io/ and https://github.com/caskroom/homebrew-cask/blob/master/USAGE.md for a introduction.

Motivation:

The homebrew-cask allows OSX uses to install the binary release of borg using the homebrew and cask toolchain with a single command.

I like the zero-dependency approach of the borg-binary releases. IMHO backup tools need to be self-contained as much as possible.

Usage, once merged by upstream:

  • install Homebrew: http://brew.sh/
  • install Cask: brew install caskroom/cask/brew-cask
  • install borg: brew cask install borgbackup

qweq

update: added explenation as requested by @anarcat

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 11, 2015

Contributor

@rmoriz thanks! but what is "homebrew cask"? does that replace homebrew? should it be our sole source of OSX packages? what about regular homebrew, DMG images or darwin ports?

thanks for any clarification.

Contributor

anarcat commented Nov 11, 2015

@rmoriz thanks! but what is "homebrew cask"? does that replace homebrew? should it be our sole source of OSX packages? what about regular homebrew, DMG images or darwin ports?

thanks for any clarification.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 11, 2015

Contributor

@rmoriz thanks for the update, but what about the other questions? should we be providing DMG files or darwin ports?

Contributor

anarcat commented Nov 11, 2015

@rmoriz thanks for the update, but what about the other questions? should we be providing DMG files or darwin ports?

@rmoriz

This comment has been minimized.

Show comment
Hide comment
@rmoriz

rmoriz Nov 11, 2015

@anarcat why not? I've just suggested homebrew-cask as one way. There is more than one way to do it. AFAIK there are still some MacPorts user out there.

I personally don't think a .DMG distro is that useful givent hat borg is cli-only, however if you decide to build and sign(!) .DMGs, the homebrew-cask cask can be modified to use the DMG and not the single-binary-release. Here's an example for Vagrant, a Ruby utility that gets released as a DMG (including all dependencies, like its own Ruby) and here is the cask for that

rmoriz commented Nov 11, 2015

@anarcat why not? I've just suggested homebrew-cask as one way. There is more than one way to do it. AFAIK there are still some MacPorts user out there.

I personally don't think a .DMG distro is that useful givent hat borg is cli-only, however if you decide to build and sign(!) .DMGs, the homebrew-cask cask can be modified to use the DMG and not the single-binary-release. Here's an example for Vagrant, a Ruby utility that gets released as a DMG (including all dependencies, like its own Ruby) and here is the cask for that

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 11, 2015

Contributor

okay, so darwin ports / macports is still an option, thanks!

DMG certainly doesn't make sense as long as we don't have a gui, see #314 and borgweb for that...

Contributor

anarcat commented Nov 11, 2015

okay, so darwin ports / macports is still an option, thanks!

DMG certainly doesn't make sense as long as we don't have a gui, see #314 and borgweb for that...

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 12, 2015

Contributor

marked guisd as in progress as @lfam is waiting for more testing before shipping it officially.

Contributor

anarcat commented Nov 12, 2015

marked guisd as in progress as @lfam is waiting for more testing before shipping it officially.

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Nov 12, 2015

Contributor

Debian accepted it from New queue, Ubuntu should follow in a few hours.

Contributor

LocutusOfBorg commented Nov 12, 2015

Debian accepted it from New queue, Ubuntu should follow in a few hours.

@geckolinux

This comment has been minimized.

Show comment
Hide comment
@geckolinux

geckolinux Nov 12, 2015

Could somebody possible create an openSUSE OBS repo for Borg? Thanks!

geckolinux commented Nov 12, 2015

Could somebody possible create an openSUSE OBS repo for Borg? Thanks!

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 12, 2015

Contributor

@geckolinux i aded that to the list! let us know if there's any progress there.

Contributor

anarcat commented Nov 12, 2015

@geckolinux i aded that to the list! let us know if there's any progress there.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 12, 2015

Contributor

@LocutusOfBorg thanks for the updated, changed the summary accordingly.

Contributor

anarcat commented Nov 12, 2015

@LocutusOfBorg thanks for the updated, changed the summary accordingly.

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg
Contributor

LocutusOfBorg commented Nov 13, 2015

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 13, 2015

Contributor

marked Ubuntu as done then. next focus on those would be backports i guess.

Contributor

anarcat commented Nov 13, 2015

marked Ubuntu as done then. next focus on those would be backports i guess.

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Nov 13, 2015

Contributor

you can use "requestbackport" tool, but the build-dependencies are not there.

Contributor

LocutusOfBorg commented Nov 13, 2015

you can use "requestbackport" tool, but the build-dependencies are not there.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 15, 2015

Contributor

i think that, once the debian package hits backports, we can add it to https://borgbackup.readthedocs.org/en/stable/installation.html#installation-distribution-package

same with ubuntu (and the others).

Contributor

anarcat commented Nov 15, 2015

i think that, once the debian package hits backports, we can add it to https://borgbackup.readthedocs.org/en/stable/installation.html#installation-distribution-package

same with ubuntu (and the others).

@jungle-boogie

This comment has been minimized.

Show comment
Hide comment
@jungle-boogie

jungle-boogie Nov 15, 2015

Contributor

Regarding freebsd, it's easy enough to pip install borgbackup. Having a package would also install the deps, but for me it was just liblz4.

You already have the binary so it's simple/easy enough to download and put it in your path.

Contributor

jungle-boogie commented Nov 15, 2015

Regarding freebsd, it's easy enough to pip install borgbackup. Having a package would also install the deps, but for me it was just liblz4.

You already have the binary so it's simple/easy enough to download and put it in your path.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 15, 2015

Contributor

of course, but it would be nice to have pkg install borgbackup working as well, no?

Contributor

anarcat commented Nov 15, 2015

of course, but it would be nice to have pkg install borgbackup working as well, no?

@adidalal

This comment has been minimized.

Show comment
Hide comment
@adidalal

adidalal Nov 16, 2015

borgbackup has been added to homebrew-cask (Homebrew/homebrew-cask#15102)

adidalal commented Nov 16, 2015

borgbackup has been added to homebrew-cask (Homebrew/homebrew-cask#15102)

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 16, 2015

Contributor

alright, thanks! added OSX to the list of "distribution packages", as well as OSX, Debian and Ubuntu in #417.

i've also added the Arch Linux official repositories as an eventual target.

Contributor

anarcat commented Nov 16, 2015

alright, thanks! added OSX to the list of "distribution packages", as well as OSX, Debian and Ubuntu in #417.

i've also added the Arch Linux official repositories as an eventual target.

@dragetd

This comment has been minimized.

Show comment
Hide comment
@dragetd

dragetd Nov 18, 2015

Contributor

With the help of Petric Frank and Thomas this ebuild (0.28.2) works for Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=552470

To get it into portage, one would have to set up as the maintainer and submit it to the sunrise overlay (more people will test it there) or have a well-known gentoo member take care of it directly.

Contributor

dragetd commented Nov 18, 2015

With the help of Petric Frank and Thomas this ebuild (0.28.2) works for Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=552470

To get it into portage, one would have to set up as the maintainer and submit it to the sunrise overlay (more people will test it there) or have a well-known gentoo member take care of it directly.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Nov 18, 2015

Contributor

@dragetd thanks, i updated the summary accordingly.

Contributor

anarcat commented Nov 18, 2015

@dragetd thanks, i updated the summary accordingly.

@billyc

This comment has been minimized.

Show comment
Hide comment
@billyc

billyc Nov 20, 2015

I created a Borg Installer for Windows, located here, based on the 0.28.2 release. Perhaps others would find this useful.

It encapsulates a tidy Cygwin install along with the dependencies required to run Borg. It includes a compiled (fast) version of msgpack-python, which took a while for me to figure out. =)

With this installed, a Windows user can run any regular borg commands from a cmd window or from batch files. Paths must still be specified in /cygwin/c/format but otherwise cygwin is mostly invisible.

Curious if anyone finds this useful; feedback welcome! I might automate the creation of the installer for future releases if that would be welcome.

billyc commented Nov 20, 2015

I created a Borg Installer for Windows, located here, based on the 0.28.2 release. Perhaps others would find this useful.

It encapsulates a tidy Cygwin install along with the dependencies required to run Borg. It includes a compiled (fast) version of msgpack-python, which took a while for me to figure out. =)

With this installed, a Windows user can run any regular borg commands from a cmd window or from batch files. Paths must still be specified in /cygwin/c/format but otherwise cygwin is mostly invisible.

Curious if anyone finds this useful; feedback welcome! I might automate the creation of the installer for future releases if that would be welcome.

@rumpelsepp

This comment has been minimized.

Show comment
Hide comment
@rumpelsepp
Contributor

rumpelsepp commented Apr 23, 2016

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Apr 23, 2016

Contributor

Amazing! Now we're just missing fedora and... well, windows. :)

Contributor

anarcat commented Apr 23, 2016

Amazing! Now we're just missing fedora and... well, windows. :)

@bpereto

This comment has been minimized.

Show comment
Hide comment
@bpereto

bpereto commented Apr 23, 2016

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Apr 23, 2016

Contributor

On 2016-04-23 11:57:24, Benjamin Pereto wrote:

@anarcat fedora is in place. see #879
Overview:
https://apps.fedoraproject.org/packages/borgbackup

okay then the summary needs to be updated here and a PR needs to be done
to update install docs!

whoohoo!

a.

Celui qui sait jouir du peu qu'il a est toujours assez riche.
- Démocrite

Contributor

anarcat commented Apr 23, 2016

On 2016-04-23 11:57:24, Benjamin Pereto wrote:

@anarcat fedora is in place. see #879
Overview:
https://apps.fedoraproject.org/packages/borgbackup

okay then the summary needs to be updated here and a PR needs to be done
to update install docs!

whoohoo!

a.

Celui qui sait jouir du peu qu'il a est toujours assez riche.
- Démocrite

@ThomasWaldmann

This comment has been minimized.

Show comment
Hide comment
@ThomasWaldmann

ThomasWaldmann Apr 24, 2016

Member

@rmoriz @adidalal @elnappo i updated github releases with borg-macosx64 1.0.2 binary - with fixed lzma and updated osxfuse 3.2.0.

Member

ThomasWaldmann commented Apr 24, 2016

@rmoriz @adidalal @elnappo i updated github releases with borg-macosx64 1.0.2 binary - with fixed lzma and updated osxfuse 3.2.0.

@adidalal

This comment has been minimized.

Show comment
Hide comment
@adidalal

adidalal Apr 24, 2016

@ThomasWaldmann Will be merged shortly (Homebrew/homebrew-cask#20744)

For future reference, Cask updates are super easy - cask-repair -v {{new_version}} borgbackup will update the required values and submit a PR automatically. (further details in our CONTRIBUTING)


Also install is just brew cask install borgbackup or the older syntax brew install Caskroom/cask/borgbackup (the two commands are equivalent now that Homebrew and Homebrew-Cask are a bit more tightly integrated)

adidalal commented Apr 24, 2016

@ThomasWaldmann Will be merged shortly (Homebrew/homebrew-cask#20744)

For future reference, Cask updates are super easy - cask-repair -v {{new_version}} borgbackup will update the required values and submit a PR automatically. (further details in our CONTRIBUTING)


Also install is just brew cask install borgbackup or the older syntax brew install Caskroom/cask/borgbackup (the two commands are equivalent now that Homebrew and Homebrew-Cask are a bit more tightly integrated)

@ThomasWaldmann

This comment has been minimized.

Show comment
Hide comment
@ThomasWaldmann

ThomasWaldmann Apr 24, 2016

Member

@adidalal ah, interesting. I usually do not work on OS X, so I am not really familiar with it.

Member

ThomasWaldmann commented Apr 24, 2016

@adidalal ah, interesting. I usually do not work on OS X, so I am not really familiar with it.

@adidalal

This comment has been minimized.

Show comment
Hide comment
@adidalal

adidalal Apr 24, 2016

@ThomasWaldmann Not a problem, just thought it might be useful info to have for whoever ends up submitting Cask updates for borgbackup in the long run - we rely on users to submit PRs for app updates, as there are far too many for the core maintainers to keep track of, and so we've tried to make that process as easy as possible for both maintainers and contributors. (Also, updated Cask is now live)

adidalal commented Apr 24, 2016

@ThomasWaldmann Not a problem, just thought it might be useful info to have for whoever ends up submitting Cask updates for borgbackup in the long run - we rely on users to submit PRs for app updates, as there are far too many for the core maintainers to keep track of, and so we've tried to make that process as easy as possible for both maintainers and contributors. (Also, updated Cask is now live)

@enkore

This comment has been minimized.

Show comment
Hide comment
@enkore
Contributor

enkore commented May 16, 2016

@FelixSchwarz

This comment has been minimized.

Show comment
Hide comment
@FelixSchwarz

FelixSchwarz May 17, 2016

while borg is not in CentOS / RHEL "core" (and won't be until at least RHEL 8 due to missing Python 3) it is now in EPEL.

FelixSchwarz commented May 17, 2016

while borg is not in CentOS / RHEL "core" (and won't be until at least RHEL 8 due to missing Python 3) it is now in EPEL.

@pmakowski

This comment has been minimized.

Show comment
Hide comment
@pmakowski

pmakowski Jun 1, 2016

Done in Mageia (Cauldron) so will be in Mageia 6 http://madb.mageia.org/package/show/application/0/release/cauldron/name/borgbackup
Version is now 1.03

pmakowski commented Jun 1, 2016

Done in Mageia (Cauldron) so will be in Mageia 6 http://madb.mageia.org/package/show/application/0/release/cauldron/name/borgbackup
Version is now 1.03

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Jun 3, 2016

Contributor

@enkore, @pmakowski i have added raspbian, openindiana and mageia to the install docs in #1120.

i have now learned how to install binary packages in way more distributions than i ever wanted to. it would be great if people would send pull requests to update the docs themselves instead of me having to come by and redo this every month or so... in fact, maybe it would be more useful if the summary of this ticket would be change to not have an "exhaustive list" of all the distributions that actually ship with borg, especially considering how only a select few people can update the ticket summary here (as opposed to do pull requests to update the docs).

in other words, could the summary here be changed to remove the checked boxes and keep only the todo list? i would gladly make the change myself if i still had access...

something like this:

This issue tracks ongoing work to package borg in various distributions. Done items are documented in the install docs and should be edited there directly when new packages are published.

Non-exhaustive list of packages needing work:

  • Redhat derivatives:
  • OS X
    • brew cask
    • darwin ports or eventually a DMG, once we get a GUI, could be nice
    • standalone binary releases + regular testing, see #913
  • Windows
    • Native - in progress, see #983 for roadmap
    • Cygwin - in progress, see #440, likely to be abandoned for the native port above

Note: there are binary release packages for Linux, FreeBSD and OS X on the github releases page.

Contributor

anarcat commented Jun 3, 2016

@enkore, @pmakowski i have added raspbian, openindiana and mageia to the install docs in #1120.

i have now learned how to install binary packages in way more distributions than i ever wanted to. it would be great if people would send pull requests to update the docs themselves instead of me having to come by and redo this every month or so... in fact, maybe it would be more useful if the summary of this ticket would be change to not have an "exhaustive list" of all the distributions that actually ship with borg, especially considering how only a select few people can update the ticket summary here (as opposed to do pull requests to update the docs).

in other words, could the summary here be changed to remove the checked boxes and keep only the todo list? i would gladly make the change myself if i still had access...

something like this:

This issue tracks ongoing work to package borg in various distributions. Done items are documented in the install docs and should be edited there directly when new packages are published.

Non-exhaustive list of packages needing work:

  • Redhat derivatives:
  • OS X
    • brew cask
    • darwin ports or eventually a DMG, once we get a GUI, could be nice
    • standalone binary releases + regular testing, see #913
  • Windows
    • Native - in progress, see #983 for roadmap
    • Cygwin - in progress, see #440, likely to be abandoned for the native port above

Note: there are binary release packages for Linux, FreeBSD and OS X on the github releases page.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Jun 3, 2016

Contributor

the install docs are turning into a miniature distrowatch, i like it. :) it would be great to have version numbers in there to see if the packages are up to date, but that will make probably too much churn, unless the checks are automated.

Contributor

anarcat commented Jun 3, 2016

the install docs are turning into a miniature distrowatch, i like it. :) it would be great to have version numbers in there to see if the packages are up to date, but that will make probably too much churn, unless the checks are automated.

@pya

This comment has been minimized.

Show comment
Hide comment
@pya

pya Aug 3, 2016

Using conda (http://conda.pydata.org/docs/) seems a good option here. It would work for all three major platforms. Once a conda package exists, the only thing a user needs to do is to type conda install borgbackup. All dependencies can be inside the package. No need for so many platform-specific installation instructions. All is binary. So, the user does not need to have C compiler. Furthermore, conda-forge (https://conda-forge.github.io) can make CI and multi-platform support much easier.

pya commented Aug 3, 2016

Using conda (http://conda.pydata.org/docs/) seems a good option here. It would work for all three major platforms. Once a conda package exists, the only thing a user needs to do is to type conda install borgbackup. All dependencies can be inside the package. No need for so many platform-specific installation instructions. All is binary. So, the user does not need to have C compiler. Furthermore, conda-forge (https://conda-forge.github.io) can make CI and multi-platform support much easier.

@ThomasWaldmann

This comment has been minimized.

Show comment
Hide comment
@ThomasWaldmann

ThomasWaldmann Nov 28, 2016

Member

@Kleptos I've seen you put a USD 15 bounty on this. As this is a rather generic ticket, it is hard to say who shall get it, can you clarify?

Member

ThomasWaldmann commented Nov 28, 2016

@Kleptos I've seen you put a USD 15 bounty on this. As this is a rather generic ticket, it is hard to say who shall get it, can you clarify?

@benediktg

This comment has been minimized.

Show comment
Hide comment
@benediktg

benediktg Dec 3, 2016

borgbackup is now in openSUSE Factory (and available via zypper in borgbackup from official Tumbleweed main repos).
https://build.opensuse.org/package/show?project=openSUSE%3AFactory&package=borgbackup

benediktg commented Dec 3, 2016

borgbackup is now in openSUSE Factory (and available via zypper in borgbackup from official Tumbleweed main repos).
https://build.opensuse.org/package/show?project=openSUSE%3AFactory&package=borgbackup

@bgeron

This comment has been minimized.

Show comment
Hide comment
@bgeron

bgeron Feb 6, 2017

There is currently no built package for Ubuntu in the official repos without known security issues. Can anyone update me with the status on this?

bgeron commented Feb 6, 2017

There is currently no built package for Ubuntu in the official repos without known security issues. Can anyone update me with the status on this?

@enkore

This comment has been minimized.

Show comment
Hide comment
@enkore

enkore Feb 6, 2017

Contributor

Something to ask the Ubuntu Security Team

Contributor

enkore commented Feb 6, 2017

Something to ask the Ubuntu Security Team

@ThomasWaldmann

This comment has been minimized.

Show comment
Hide comment
@ThomasWaldmann
Member

ThomasWaldmann commented Feb 6, 2017

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg Feb 6, 2017

Contributor

zesty and my ppa are fine
https://launchpad.net/~costamagnagianfranco/+archive/ubuntu/borgbackup

I don't want to bother the security team for something that has no CVE...

Contributor

LocutusOfBorg commented Feb 6, 2017

zesty and my ppa are fine
https://launchpad.net/~costamagnagianfranco/+archive/ubuntu/borgbackup

I don't want to bother the security team for something that has no CVE...

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Feb 6, 2017

Contributor

@LocutusOfBorg although i agree that CVEs should be requested and assigned (and it's easy, just send an email with a short description to the oss-security list), the debian security team can track security issues with only a bug number in the BTS (or even nothing at all, in the worst case, but we really prefer some global identifier). not sure about the ubuntu secteam, but I presume they would prefer to deal with security issues without CVEs than just not know about them.

Contributor

anarcat commented Feb 6, 2017

@LocutusOfBorg although i agree that CVEs should be requested and assigned (and it's easy, just send an email with a short description to the oss-security list), the debian security team can track security issues with only a bug number in the BTS (or even nothing at all, in the worst case, but we really prefer some global identifier). not sure about the ubuntu secteam, but I presume they would prefer to deal with security issues without CVEs than just not know about them.

@enkore

This comment has been minimized.

Show comment
Hide comment
@enkore

enkore Feb 7, 2017

Contributor

#2106 / #2107

TLDR I requested CVEs and a week or two after the release they were actually assigned but there was no notification of that (since every form submission generates emails in their system I kinda expected it -- my bad / didn't know better), so I didn't notice and it didn't get into the docs for some time.

Contributor

enkore commented Feb 7, 2017

#2106 / #2107

TLDR I requested CVEs and a week or two after the release they were actually assigned but there was no notification of that (since every form submission generates emails in their system I kinda expected it -- my bad / didn't know better), so I didn't notice and it didn't get into the docs for some time.

@anarcat

This comment has been minimized.

Show comment
Hide comment
@anarcat

anarcat Feb 7, 2017

Contributor

that's kind of ridiculous - they should have notified you. definitely not "your bad". :) you can't be expected to constantly reload the CVE list to figure out wtf is going on... ;) thanks for the followup!

Contributor

anarcat commented Feb 7, 2017

that's kind of ridiculous - they should have notified you. definitely not "your bad". :) you can't be expected to constantly reload the CVE list to figure out wtf is going on... ;) thanks for the followup!

@ThomasWaldmann

This comment has been minimized.

Show comment
Hide comment
@ThomasWaldmann

ThomasWaldmann Mar 12, 2017

Member

close this issue as it is not in scope of borg development (we do not create packages ourselves)?

so, issues about packaging borgbackup for X should be opened in the issue tracker of X, if needed.

Member

ThomasWaldmann commented Mar 12, 2017

close this issue as it is not in scope of borg development (we do not create packages ourselves)?

so, issues about packaging borgbackup for X should be opened in the issue tracker of X, if needed.

@enkore

This comment has been minimized.

Show comment
Hide comment
@enkore

enkore May 15, 2017

Contributor

There is currently no built package for Ubuntu in the official repos without known security issues. Can anyone update me with the status on this?

Since about half a year later Ubuntu still ships vulnerable packages...
... I took the liberty to create an issue on their tracker: https://bugs.launchpad.net/ubuntu/+source/borgbackup/+bug/1690846

Contributor

enkore commented May 15, 2017

There is currently no built package for Ubuntu in the official repos without known security issues. Can anyone update me with the status on this?

Since about half a year later Ubuntu still ships vulnerable packages...
... I took the liberty to create an issue on their tracker: https://bugs.launchpad.net/ubuntu/+source/borgbackup/+bug/1690846

@LocutusOfBorg

This comment has been minimized.

Show comment
Hide comment
@LocutusOfBorg

LocutusOfBorg May 15, 2017

Contributor

sorry I missed the CVE part.
I uploaded them for review to Ubuntu Release team

Contributor

LocutusOfBorg commented May 15, 2017

sorry I missed the CVE part.
I uploaded them for review to Ubuntu Release team

@lpefferkorn

This comment has been minimized.

Show comment
Hide comment
@lpefferkorn

lpefferkorn Jul 27, 2018

Hi,
Just to let you know that Borg is also available for OS X through Macports.org: https://github.com/macports/macports-ports/blob/master/sysutils/borgbackup/Portfile
This is an alternative to brew

I'm the maintainer, feel free to reach out to me for any question.

Thanks for BorgBackup, keep up the good work!

lpefferkorn commented Jul 27, 2018

Hi,
Just to let you know that Borg is also available for OS X through Macports.org: https://github.com/macports/macports-ports/blob/master/sysutils/borgbackup/Portfile
This is an alternative to brew

I'm the maintainer, feel free to reach out to me for any question.

Thanks for BorgBackup, keep up the good work!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment