IRC log of #zope for Tuesday, 2011-06-28

« Monday, 2011-06-27 Index Wednesday, 2011-06-29 »
*** sp0cksbeard has quit IRC00:01
*** ViicT has quit IRC00:11
*** J1m has quit IRC00:54
*** alecm has quit IRC01:01
*** alecm has joined #zope01:01
*** alecm has joined #zope01:01
*** TresEquis has quit IRC01:21
*** evilbungle has quit IRC01:22
*** TomBlockley has quit IRC01:22
*** Arfrever has quit IRC01:35
*** kiorky_ has quit IRC01:57
*** kiorky_ has joined #zope01:58
*** alexpilz has quit IRC02:15
*** alexpilz1 has joined #zope02:15
*** rockfruit has quit IRC02:21
*** alga has quit IRC02:33
*** MrTango has quit IRC02:44
*** ccomb has quit IRC02:56
*** daMaestro has quit IRC02:57
*** purserj has quit IRC03:09
*** tote has quit IRC03:09
*** yac has quit IRC03:09
*** f10w has quit IRC03:09
*** cwarner has quit IRC03:09
*** raydeo has quit IRC03:09
*** CIA-90 has quit IRC03:09
*** kiorky_ has quit IRC03:09
*** jham has quit IRC03:09
*** bigkevmcd has quit IRC03:09
*** allisterb has quit IRC03:09
*** mitchell`off has quit IRC03:09
*** gawel has quit IRC03:09
*** mgedmin has quit IRC03:09
*** alecm has quit IRC03:09
*** supton has quit IRC03:09
*** [Arfrever] has quit IRC03:09
*** ajmitch has quit IRC03:09
*** dixond has quit IRC03:09
*** zenwryly has quit IRC03:09
*** tiwula has quit IRC03:09
*** kiorky has quit IRC03:09
*** River_Rat has quit IRC03:09
*** BGaddie has quit IRC03:09
*** markvandenborre has quit IRC03:09
*** kosh has quit IRC03:09
*** avn has quit IRC03:09
*** planetzopebot has quit IRC03:09
*** lewellyn has quit IRC03:09
*** rodgort has quit IRC03:09
*** BeeBob has quit IRC03:09
*** espent_ has quit IRC03:09
*** strichter has quit IRC03:09
*** chaoflow has quit IRC03:09
*** sm has quit IRC03:09
*** moo-_- has quit IRC03:09
*** do3cc_ has quit IRC03:09
*** betabug has quit IRC03:09
*** Spanktar has quit IRC03:09
*** mcdonc has quit IRC03:09
*** JT has quit IRC03:09
*** astoon has quit IRC03:09
*** waldi has quit IRC03:09
*** _mup_ has quit IRC03:09
*** kiorky_ has joined #zope03:13
*** alecm has joined #zope03:13
*** strichter has joined #zope03:13
*** Spanktar has joined #zope03:13
*** tiwula has joined #zope03:13
*** supton has joined #zope03:13
*** sm has joined #zope03:13
*** astoon has joined #zope03:13
*** avn has joined #zope03:13
*** planetzopebot has joined #zope03:13
*** bigkevmcd has joined #zope03:13
*** kiorky has joined #zope03:13
*** raydeo has joined #zope03:13
*** kosh has joined #zope03:13
*** zenwryly has joined #zope03:13
*** moo-_- has joined #zope03:13
*** waldi has joined #zope03:13
*** River_Rat has joined #zope03:13
*** BGaddie has joined #zope03:13
*** allisterb has joined #zope03:13
*** tote has joined #zope03:13
*** _mup_ has joined #zope03:13
*** [Arfrever] has joined #zope03:13
*** lewellyn has joined #zope03:13
*** yac has joined #zope03:13
*** ajmitch has joined #zope03:13
*** mitchell`off has joined #zope03:13
*** mcdonc has joined #zope03:13
*** purserj has joined #zope03:13
*** f10w has joined #zope03:13
*** rodgort has joined #zope03:13
*** do3cc_ has joined #zope03:13
*** CIA-90 has joined #zope03:13
*** cwarner has joined #zope03:13
*** BeeBob has joined #zope03:13
*** jham has joined #zope03:13
*** mgedmin has joined #zope03:13
*** gawel has joined #zope03:13
*** betabug has joined #zope03:13
*** markvandenborre has joined #zope03:13
*** espent_ has joined #zope03:13
*** chaoflow has joined #zope03:13
*** dixond has joined #zope03:13
*** JT has joined #zope03:13
*** Spanktar has quit IRC03:19
*** tiwula has quit IRC03:44
*** Spanktar has joined #zope04:33
*** River-Rat has joined #zope05:12
*** River_Rat has quit IRC05:14
*** dayne has joined #zope06:16
*** dayne has quit IRC06:24
*** astoon has quit IRC06:29
*** sm has quit IRC06:39
*** tiwula has joined #zope06:45
*** rfw has joined #zope07:16
*** rfwalrus has joined #zope07:24
*** rfwalrus has quit IRC07:24
*** rfwalrus has joined #zope07:24
*** rfw has quit IRC07:24
*** rfwalrus is now known as rfw07:24
*** cwarner_ has joined #zope07:25
*** cwarner has quit IRC07:27
*** tiwula has quit IRC08:48
*** zagy has joined #zope08:52
*** wosc has joined #zope08:53
*** __mac__ has joined #zope09:01
*** strichter has quit IRC09:08
*** hever has joined #zope09:18
*** alecm_ has joined #zope09:20
*** alecm_ has joined #zope09:20
*** hever has quit IRC09:20
*** hever has joined #zope09:22
*** tisto has joined #zope09:24
*** espent_ has quit IRC09:24
*** alecm has quit IRC09:25
*** alecm_ is now known as alecm09:25
*** espent has joined #zope09:25
*** MrTango has joined #zope09:48
*** Wu has joined #zope09:49
*** planetzopebot has quit IRC10:08
*** planetzopebot has joined #zope10:08
*** alga has joined #zope10:14
*** __mac__ has quit IRC10:16
*** menesis has joined #zope10:20
*** goschtl has joined #zope10:32
*** ccomb has joined #zope10:35
*** avoinea has joined #zope10:35
betabugwas anywhere mentioned which zope versions the security fix will affect? (the one coming out at 15:00UTC)10:36
*** gwik has joined #zope10:40
*** kleist has joined #zope10:42
*** kfoo has joined #zope10:45
*** benji has joined #zope10:45
*** kfoo has left #zope10:46
bigkevmcdbetabug: "All recent versions of Zope are affected." isn't terribly helpful :-)10:50
betabugyeah, that's what I thought10:58
*** espent has quit IRC10:58
*** espent has joined #zope10:59
*** __mac__ has joined #zope11:04
*** mitchell`off is now known as mitchell`11:09
*** ccomb has quit IRC11:15
*** mcdonc has quit IRC11:19
*** mcdonc has joined #zope11:20
*** menesis has quit IRC11:46
*** benji has quit IRC11:47
*** gwik has quit IRC11:48
*** gwik has joined #zope11:53
*** ccomb has joined #zope11:54
*** sylvain has joined #zope11:54
*** sunew has joined #zope11:54
*** TomBlockley has joined #zope12:00
planetzopebotHow to inject template code in Plone? (active questions tagged zope - Stack Overflow)  http://stackoverflow.com/questions/6503861/how-to-inject-template-code-in-plone12:08
*** gwik has quit IRC12:14
*** gwik has joined #zope12:16
*** alexpilz1 has left #zope12:20
*** TomBlockley has quit IRC12:24
*** TomBlockley has joined #zope12:24
*** __mac__1 has joined #zope12:27
*** __mac__ has quit IRC12:27
*** __mac__1 has quit IRC12:32
*** wosc has quit IRC12:32
*** sashav has joined #zope12:34
*** gwik has quit IRC12:38
*** gwik has joined #zope12:38
*** wosc has joined #zope12:39
*** teix has joined #zope12:44
*** menesis has joined #zope12:47
*** evilbungle has joined #zope12:50
*** eperez has joined #zope12:54
*** marche1990 has joined #zope12:55
marche1990Is there a newer MySQL adapter for zope than http://www.zope.org/Members/adustman/Products/ZMySQLDA ??12:57
*** marche1990 has quit IRC13:03
*** evilbungle has quit IRC13:06
*** evilbungle has joined #zope13:06
*** __mac__ has joined #zope13:07
*** benji has joined #zope13:08
*** __mac__ has quit IRC13:11
betabughmmm, not waiting even 15 minutes for an answer? great13:11
mcdoncdouble question marks at the end of a sentence means "i really want to know"13:35
mcdoncjust in case you were wondering13:36
betabugyeah, but leaving right after would mean "I don't want to know really"13:36
betabugoh oh13:37
betabugsorry, that was for another #13:37
*** __mac__ has joined #zope13:40
*** menesis has quit IRC13:47
*** J1m has joined #zope13:57
*** m8 has joined #zope13:57
*** rfw has quit IRC14:01
*** evilbungle has quit IRC14:12
*** menesis has joined #zope14:17
*** evilbungle has joined #zope14:18
*** tisto is now known as tisto|lunch14:20
*** hever has quit IRC14:24
*** dayne has joined #zope14:29
*** Spanktar has quit IRC14:45
*** Wu has quit IRC14:48
*** benji has quit IRC14:59
*** J1m has quit IRC14:59
*** gwik has left #zope15:00
*** kleist_ has joined #zope15:04
*** evilbungle is now known as evilbungle|out15:05
*** kleist has quit IRC15:08
*** victor_ has joined #zope15:14
*** victor_ has quit IRC15:14
*** victor_ has joined #zope15:14
*** victor_ is now known as ViicT15:14
*** tisto|lunch is now known as tisto15:28
*** strichter has joined #zope15:28
*** m8 has quit IRC15:32
*** eperez has quit IRC15:35
* kosh sets betabug on fire15:47
*** sp0cksbeard has joined #zope16:05
*** J1m has joined #zope16:08
*** evilbungle|out is now known as evilbungle16:10
betabug"Zope 2.10 and 2.11 users who have not installed PloneHotfix20110720 are not affected by this vulnerability"16:13
betabugwhich probably means older versions will be fine too16:14
koshit is interesting16:15
koshthat still means that most of my servers are probably affected since they are 2.12 but none run plone16:15
betabugreading in the tea leaves, seems to be something that went wrong with an older security hotfix16:15
betabughttp://pypi.python.org/pypi/Products.PloneHotfix20110720/1.0 this one16:16
koshwhat is also interesting is a mention of PluggableAuthService  which is related to the same vulnerability16:16
do3cc_betabug, is there a not too much?16:16
betabugdo3cc_: what?16:16
betabugI bet the problem is in this part: "a patch to the ZPublisher to fix an issue with the checking of whether traversed methods are publishable"16:16
betabugdo3cc_: I couldn't parse "is there a not too much?"16:17
koshpretty good call on that one16:17
do3cc_"Zope 2.10 and 2.11 users who have not installed PloneHotfix20110720  are not affected by this vulnerability" <- is there a not too much in this sentence?16:17
betabugdo3cc_: no16:18
betabugto me this means that PloneHotfix20110720 introduced the bug16:18
koshso no security hotfixes since august 2008 and now we get one because of a plone fix ;)16:19
betabughaha16:19
betabug*if* my theory is right - I might be totally off16:19
do3cc_seeing the announcement now16:19
do3cc_I'd bet a beer for it16:19
koshthe patch should be out in about 1 hour and 40 minutes16:20
betabugwell, if 2.9 and 2.10 are not affected, I'm off the hook16:21
betabuganother win for slacking16:22
*** hever has joined #zope16:22
koshI went to 2.12 though because it was so much faster and blob support16:23
koshit is amazing how secure older versions of zope are though16:24
*** hever has quit IRC16:24
betabugof course it might be that older versions are actually affected and "secrecy" or lack of interest in old stuff results in us not learning the details16:24
koshcan you imagine take any other older version of any other web framework and using that?16:24
*** evilbungle has quit IRC16:24
*** hever has joined #zope16:24
kosha 2 year old version of rails, php, other python frameworks, java frameworks etc would fall in seconds16:24
betabugkosh: sure I can imagine, but I can also imagine the consequences :-)16:24
betabugwell, the PloneHotfix20110720 said in its code "# patch not needed in Zope 2.9", so there is hope for me16:32
*** dayne has quit IRC16:33
*** wosc has quit IRC16:44
betabugok, so 2.9 is not affected16:51
* kosh blames betabug for that16:53
betabugyou blame me for 2.9 *not* being affected?16:53
do3cc_for 2.10 being16:53
koshyeah you should have to do all this patching also! :)16:54
koshwhile your country melts down from financial problems16:54
betabugdo3cc_: 2.10 is only if you've put on that previous fix16:55
kosh2.10 only if you use plone pretty much16:55
betabugwhich goes in the category "mistakes I've learned to avoid a *long* time ago" for me16:56
koshwhat I wonder about is how serious is the security issue if plone is not involved16:57
*** evilbungle has joined #zope16:58
betabugI guess there is some trick to get access to something in the acquisition path16:58
koshbetabug: because when I have tried to access restricted resources they still all seem to be restricted but I have explicit security permissions on every method16:58
koshyeah probably16:58
betabugyou could compare the publisher.py patch from the old hotfix to what's in the zope source and see what you get16:59
betabugbut the new patch will come out any minute and probably with some explanations16:59
koshnope an hour from now16:59
betabugoh?17:00
betabugdamn time zone conversion, haha17:01
*** libero has joined #zope17:01
koshI just did a serach for current time UTC on google :)17:02
betabugyeah17:02
*** libero has left #zope17:03
*** RichardBarrell has joined #zope17:05
*** dayne has joined #zope17:06
planetzopebotSecurity announcement update (gmane.comp.web.zope.announce)  http://permalink.gmane.org/gmane.comp.web.zope.announce/150217:08
*** sm has joined #zope17:13
*** MrWu has joined #zope17:20
*** benji has joined #zope17:30
*** jakke has joined #zope17:30
*** ViicT has quit IRC17:33
*** victor_ has joined #zope17:40
*** victor_ has joined #zope17:40
*** victor_ is now known as ViicT17:40
*** kleist_ is now known as kleist_LulzSec17:41
*** hannosch has joined #zope17:41
koshgreetings evil hannosch17:43
hannoschgreetings, 15 minutes to new Zope releases17:43
koshyup17:44
koshyeah betabug has been snickering that since he is on 2.9 he gets to ignore this security problem :)17:44
* kosh beats betabug with a stick17:44
*** sunew has quit IRC17:45
*** Arfrever has joined #zope17:47
betabugslacking pays off17:47
betabug"my" servers are either on 2.9 or 2.10 and ofcoz no plone anywhere17:48
hannoschbetabug: you do know that Python has security fixes witch aren't in 2.4 anymore, right? Python 2.4 and Zope < 2.12 are unsupported and it's only a question of time until someone finds an exploitable issue17:48
betabugsure17:49
*** MrWu is now known as Wu17:49
betabugbut I'm not doing this for a hobby - if the server's owners don't pay for upgrading their apps, I can't force them17:49
koshthere is certainly that17:50
hannoschsure, wait until they got hacked :)17:50
koshI keep all my apps on the same codebase so when I do codebase testing for a new version of zope I move them all up17:50
koshhannosch: well that is what most people do on any other web framework at least17:50
koshhannosch: I have noticed that very few customers will pay for prevention and real maintenance17:50
hannoschit depends on what they are aiming for and how critical the site is to their business17:51
hannoschI think we have solved support/maintenance agreements to most customers after doing project work for them17:51
betabuglast month I helped "fix" an old app built on 2.9/CMF and some weird code base - what should I tell them? "pay to build it all from scratch"?17:53
betabugor "you should have made a service contract with whoever made that app" ?17:54
koshI have dealt with many companies that don't have the money they once did and have had to cut things back17:54
kosheven some pretty big companies have cut way back on spending and that includes maintenance17:54
betabugthat app went through 3 hands or so17:54
koshthankfully zope stands up vastly better then other frameworks even on little maintenance17:54
betabugyeah, that's good luck for those companies17:55
betabugother than that I have no easy solution for them, since new zope releases puts blocks in their way, requiring code to be rewritten17:56
betabugin case of an old CMF app, I can't even start to imagine how much work it would involve17:56
*** daMaestro has joined #zope17:57
*** runyaga has joined #zope18:00
*** runyaga has quit IRC18:00
*** runyaga has joined #zope18:00
koshhmm zope.org won't load for me, the browser is just spinning on it18:01
betabugzope.org is ooold too18:01
koshI wish more things would use my unique urls it provides such an insane speedup18:02
koshI have sites that went from 3 seconds to render to .5 seconds18:02
koshthat is a big saving in server load and it means you can serve more people on the same hardware18:02
koshhmm so far I don't see the file to download anywhere18:03
betabugkosh: http://plone.org/products/plone-hotfix/releases/20110622/Zope_Hotfix_20110622-1.0.zip18:06
*** ChrisW has joined #zope18:06
koshjust got it18:06
ChrisWso, where's the code for this security fix then?18:06
ChrisWit only affect PAS?18:07
hannoschfull details at http://zope2.zope.org/news/security-vulnerability-announcement-privilege-escalation18:07
ChrisWhannosch: ...which doesn't give any details.18:07
ChrisWguess I'll just have a nose around the hotfix...18:08
hannoschif that's still cached try http://plone.org/products/plone/security/advisories/2011062218:08
ChrisW...which still doesn't give much detail of what the affected components are18:10
*** mitchell` is now known as mitchell`off18:11
hannoschChrisW: look at the svn-commits if you want more detail18:11
ChrisWwhen were those commits made and where?18:12
ChrisWlooked for them after the announcement last week and found nothing...18:12
hannoschChrisW: there were made 15 minutes ago18:13
hannoschnot much point in pre-announcing a hotfix if you can see the result a week before18:13
ChrisWpersonally, I find the withholding of patches in general to be offensive18:14
hannoschwithholding? we are only doing a coordinated release, as this is such a critical flaw18:15
hannoschI'd call that responsible18:15
ChrisWshrugs, potato potato18:15
koshwel I have all my systems patching18:18
betabugpre-announcing was ok for me, but I would have preferred the exact version info earlier - I understand that those infos would have given the issue away to a determined attacker though18:19
koshI will watch my error logs to see if I run into any bugs but I got all of my servers patched and everything seems to be working18:20
betabugkosh: leave your email address on the server, so the evil hax0rs can send you a notice when they pwned you ;-)18:22
koshhehe18:23
koshhowever it does seem that this bug ahs been treated far more seriously then more serious bugs I have seen in other framework which barely make the patchnotes18:28
*** alexpilz has joined #zope18:28
koshof course if you had as many security issues to refer to as most web frameworks you could never cover them like this18:28
hannoschwell, being able to read any data from your database and file system (with enough expertise) sounds dangerous to me18:29
koshyes very dangerous18:29
ChrisWisn't that what PHP does by design? ;-)18:29
koshbut not any worse then all the sql injection exploits that routinely show up in minor patches18:29
koshhowever this is a big deal for zope since zope is supposed to fail closed when almost all other web systems are fail open18:30
ChrisWfor the Zope2-only patch, I'm still trying to figure out what the vulterability is..18:30
koshhannosch: my point is that zope seems to take security far far more seriously18:30
koshChrisW: there is a way to construct a url such that you can read any resource without authentication is my understanding18:31
ChrisWalso, how can I run the log checker over a whole dir of .gzip'ed logs...18:31
koshwhat log checker?18:31
ChrisWhttp://plone.org/products/plone-hotfix/releases/CVE-2011-0720/logchecker.py18:31
hannoschkosh: sure, we don't have a security issue every week or months. one of the strong selling points18:31
koshhannosch: or even ever year18:31
koshhannosch: the last hotfix was auguest 200818:31
hannoschChrisW: you are looking at the wrong one. that's an older vulnerability18:32
ChrisWhannosch: it was linked from the latest entry on plone.org18:32
ChrisWhannosch: not correct on 2008: http://svn.zope.org/repos/main/Zope/hotfixes18:32
*** jakke has quit IRC18:33
*** alga has quit IRC18:33
koshChrisW: ah I did not see the 2010 one when I was looking through the list of hotfixes18:34
betabugkosh: yeah, it's the one that this one was referring to18:34
koshwhat was that one about?18:36
*** avoinea has quit IRC18:36
*** zagy has quit IRC18:37
*** bernie has joined #zope18:38
hannoschthe last one was about missing security declarations, so for example all data stored in any catalog could be read by anyone18:38
koshah18:38
*** __mac__ has quit IRC18:38
berniehello... has anyone succeeded at installing the 20110622 Plone hotfix?18:38
*** __mac__ has joined #zope18:39
berniebuildout fails saying that it can't find the setup.py script...18:39
ChrisWhannosch: by url access or by writing code through the zmi?18:39
hannoschChrisW: url access18:40
ChrisWso how did the privilege escalation work on that one? was it announced through zope-announce?18:40
*** __mac__ has quit IRC18:41
*** goschtl has quit IRC18:41
*** __mac__ has joined #zope18:42
*** __mac__ has quit IRC18:46
*** tiwula has joined #zope18:50
*** kleist_LulzSec is now known as kleist19:01
planetzopebotSecurity Hotfix 20110622 released (gmane.comp.web.zope.announce)  http://permalink.gmane.org/gmane.comp.web.zope.announce/150319:08
*** bernie has left #zope19:14
*** m8 has joined #zope19:21
*** menesis has quit IRC19:24
*** hannosch has quit IRC19:25
*** ChrisW has left #zope19:42
*** redir has joined #zope19:45
*** m8 has quit IRC19:50
*** jpfarias has joined #zope19:52
jpfariashello there!19:52
jpfariasanyone knows if it is possible to copy objects from one zodb to another?19:52
*** dayne has quit IRC19:52
jpfariasbasically19:52
jpfariasI have one zodb file (Data.fs)19:52
jpfariasbut pack is failing on it for some reason I dont know19:53
jpfariasso I want to make a new Data.fs19:53
jpfariasand copy all important objects to it19:53
*** m8 has joined #zope19:53
do3cc_jpfarias: thats not how it works19:55
jpfariasdo3cc_:  yeah I know19:55
koshexport and then import and you can see if your failed objects are in the ones you care about19:55
koshhowever if you have a damaged Data.fs file you better find out if your hardware is failing because outside of hardware failures a damaged Data.fs file is extremely rare19:56
jpfariasso this is not a zope application, it is running on pyramid framework19:56
do3cc_do you have a traceback_19:56
do3cc_?19:56
jpfariasI just figured zope developers have a lot of experience with zodb, so I could ask here19:56
jpfariasdarn, I had the traceback19:56
betabugwell, probably you want to truncate the Data.fs19:56
jpfariasI would need to pack again to get it19:57
jpfariasthe db is now 83GB19:57
jpfariasand it takes forever to get to the error when I try to pack19:57
jpfariaslol19:57
jpfariasit was failing with KeyError19:57
jpfariasnot PosKeyError19:57
jpfariasthe key was 'Defaul' if I remember well19:58
jpfariasI can figure the line the error was happening19:58
do3cc_that sounds like you changed your data structures and now you have pickles for objects from your old class and your new classes try to work on them19:59
jpfariasZODB/FileStorage/fspack.py19:59
*** sylvain has quit IRC19:59
jpfariasline 26719:59
*** strichter has quit IRC19:59
koshwe need a full traceback, not just part of one line of a traceback20:00
jpfariasok20:01
jpfariaslemme try to reproduce it20:01
*** tisto has quit IRC20:02
jpfariasanyway20:03
jpfariasit looks like I can navigate thru the whole tree of objects20:04
jpfariasand they work fine20:04
jpfariasso if I could just get the most recent copy of them20:04
jpfariasand store on another Data.fs20:04
jpfariasthat would save my ass20:04
jpfarias:)20:04
jpfariasis that not an option?20:04
*** RichardB_ has joined #zope20:05
koshsomewhere in that tree something is damaged, since it is 83GB and you could not check that much by hand you have just not found the broken objects20:05
koshyou need to find and fix the problem20:06
koshalso find out why your ZODB is 83GB20:06
jpfariasyeah I made a walker that goes thru every branch of the objects tree20:06
jpfariasit takes a while to finish20:06
jpfariasbut it gets there20:06
jpfariasso my application is a crawler20:06
do3cc_do you have biig objects in there?20:06
jpfariasthat gets data from some sites on the web20:07
*** RichardB_ is now known as RichardBarrell_20:07
jpfariasso it has like 10k updates a day20:07
*** RichardBarrell has quit IRC20:07
jpfariasand I didn't pack for a few weeks now20:07
*** RichardBarrell_ is now known as RichardBarrell20:07
jpfariasbecause of this error I am getting20:07
jpfariasusually it would stay around 12~15GB after a pack20:07
*** strichter has joined #zope20:08
do3cc_when you touch EACH object in the zodb, you do not get an error?20:09
jpfariasnope20:09
do3cc_nope as in yes, I do not get an error?20:09
jpfariasyeah, no error20:10
jpfariasthe application is running too20:10
jpfariasand it doesnt give any error20:10
jpfariasso it really confuses me20:10
jpfariaswhy pack() is not working20:11
jpfariaswhere can I paste the traceback?20:11
do3cc_pastie.or20:12
do3cc_pastie.org20:12
do3cc_if I understand it correctly, the code starts with the oldest object in zodb and looks, if it is somehow reachable. If it is, it cannot be removed20:12
jpfariashttp://pastie.org/213518620:12
do3cc_so it will touch objects you can't20:13
jpfariasI have this error too20:14
jpfariasit might be the source of my problems20:14
jpfariashttp://stackoverflow.com/questions/5144164/zope-zodb-pack-error20:14
jpfariasif I do something similar to what is suggested on this post20:14
jpfariasI get past this error20:14
jpfariasbut then the other error comes up20:14
*** benji has quit IRC20:17
do3cc_https://mail.zope.org/pipermail/zodb-dev/2010-June/013464.html20:17
jpfariasyeah20:17
jpfariasI am getting picklingError tho20:18
jpfariasnot attributeerror20:18
jpfariasyou think it is safe to ignore that error too?20:18
jpfariasI would like to understand why I get that error tho20:19
*** sm has quit IRC20:28
jpfariashttp://pastie.org/213527520:32
jpfariasthis is what I get if I do the try/except trick20:32
*** menesis has joined #zope20:33
*** Wu has quit IRC20:36
*** sm has joined #zope20:38
jpfariashmm, jim says the pack can be done without gc20:40
jpfariassince  zodb 3.920:40
jpfariashow do I do that?20:40
jpfariasor was that removed in 3.10?20:41
jpfariasonly options I see for pack() it t and days20:41
*** alga has joined #zope20:53
*** Spanktar has joined #zope20:55
*** zagy has joined #zope21:01
jpfariasguess I will have to do some export / import script21:01
jpfariasto start with a fresh db21:02
*** alecm has quit IRC21:02
*** alecm has joined #zope21:03
*** alecm has joined #zope21:03
*** evilbungle has quit IRC21:38
*** RichardBarrell has quit IRC21:38
*** TomBlockley has quit IRC21:40
*** mizzmetal has joined #zope21:59
mizzmetalWould anyone be able to guide me to where I could see if http://plone.org/products/plone/security/advisories/20110622 is applicable for zope2.7.4 (I know, its old, but sometimes thats just life.)  The article mentions that zope 2.8 and 2.9 aren't affected.22:01
koshwell if 2.8 is not affected then 2.7 would not be either22:02
koshunless it is runnong one of the affected versions of plone22:03
mizzmetalThanks, Kosh.22:06
mizzmetalI'm not familiar with zope; but that security bulletin was something I was asked to investigate. Is there a quick way I can determine the version of plone running on my zope stacks?22:06
koshthat I have no idea about, I don't use plone I just know about the zope version itself22:08
koshhowever as someone pointed out earlier running a version of zope that old does have security issues already since it is running on an old python also22:08
mizzmetalGood point, Kosh.22:09
mizzmetalI appreciate the help!22:09
mizzmetaltake care.22:09
*** mizzmetal has quit IRC22:09
*** hever has quit IRC22:21
*** menesis has quit IRC22:25
*** teix has quit IRC22:45
*** hever has joined #zope22:47
*** hever has quit IRC22:51
*** kleist has quit IRC23:04
*** alecm_ has joined #zope23:24
*** alecm_ has joined #zope23:24
*** alexpilz has left #zope23:26
*** alecm has quit IRC23:29
*** alecm_ is now known as alecm23:29
*** m8 has quit IRC23:29
*** evilbungle has joined #zope23:51
*** evilbungle has quit IRC23:53
« Monday, 2011-06-27 Index Wednesday, 2011-06-29 »

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!