21 files changed, 329 insertions, 104 deletions

diff --git a/open_issues/_san.mdwn b/open_issues/_san.mdwn
index fad53727..5980784b 100644
--- a/open_issues/_san.mdwn
+++ b/open_issues/_san.mdwn
@@ -1,4 +1,5 @@
-[[!meta copyright="Copyright © 2012, 2013 Free Software Foundation, Inc."]]
+[[!meta copyright="Copyright © 2012, 2013, 2015 Free Software Foundation,
+Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -10,7 +11,7 @@ License|/fdl]]."]]"""]]
 
 [[!meta title="Port the GCC and LLVM/clang Sanitizers (*san) to the Hurd"]]
 
-[[!tag open_issue_gcc]]
+[[!tag open_issue_gcc open_issue_llvm]]
 
 GCC and LLVM/clang provide several *sanitizers*,
 <http://clang.llvm.org/docs/UsersManual.html#controlling-code-generation>, such
@@ -23,7 +24,7 @@ as:
     GNU Tools Cauldron 2012.  <http://code.google.com/p/address-sanitizer/>.
 
   * Memory Sanitizer, an detector of uninitialized reads (MSan;
-    `-fsanitize=memory)
+    `-fsanitize=memory`)
 
     <http://code.google.com/p/memory-sanitizer/>
 
@@ -62,3 +63,8 @@ first look they reimplement a lot of [[/glibc]] by directly using
     <jakub> richi: that said, I don't want to spend as much time as I've done
       so far on it, and in the time I'll allocate for it optimizing the code it
       generates is higher on the todo list than ports to other targets
+
+
+# 2015-04-14
+
+[[!message-id "20150414130851.GA6154@type.bordeaux.inria.fr"]].
diff --git a/open_issues/automatically_checking_port_deallocation.mdwn b/open_issues/automatically_checking_port_deallocation.mdwn
index fb8cfd01..6aeaf207 100644
--- a/open_issues/automatically_checking_port_deallocation.mdwn
+++ b/open_issues/automatically_checking_port_deallocation.mdwn
@@ -20,3 +20,13 @@ IRC, unknown channel, unknown date.
     <youpi> which is already a good thing
     <youpi> of course the coverage can't be perfect
     <youpi> one of the bugs I fixed happened only for setuid binaries for instance
+
+- - -
+
+portseal can automatically detect port leaks.  It is somewhat
+intrusive, as it leverages a source-transformation and hence requires
+a recompilation of the code that contains the port leak.  Currently,
+it is a prototype.  If you are looking for a port leak, I'd love you
+to try it though:
+
+[[http://darnassus.sceen.net/gitweb/teythoon/portseal.git]]
diff --git a/open_issues/blkrrpart_ioctl.mdwn b/open_issues/blkrrpart_ioctl.mdwn
deleted file mode 100644
index b3a91bfb..00000000
--- a/open_issues/blkrrpart_ioctl.mdwn
+++ /dev/null
@@ -1,32 +0,0 @@
-[[!meta copyright="Copyright © 2009 Free Software Foundation, Inc."]]
-
-[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
-id="license" text="Permission is granted to copy, distribute and/or modify this
-document under the terms of the GNU Free Documentation License, Version 1.2 or
-any later version published by the Free Software Foundation; with no Invariant
-Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
-is included in the section entitled
-[[GNU Free Documentation License|/fdl]]."]]"""]]
-
-[[!meta title="BLKRRPART IOCTL"]]
-
-[[!tag open_issue_glibc open_issue_hurd open_issue_gnumach]]
-
-Just like in other Unix systems one can, for example, use `fdisk` or `parted`
-to manage hard disks' partition tables.  After doing changes to a disk's
-partition table, the kernel has to be instructed to reinitialize its internal
-data structures: where does a partition begin, where does it end, etc.
-
-With `fdisk` and friends this is done on Linux with the `BLKRRPART` IOCTL,
-which is used to tell the kernel to reread the disk's partition table.
-
-`parted` also uses this interface on Linux, but for GNU Hurd, the corresponding
-function, `libparted/arch/gnu.c (gnu_disk_commit)`, doesn't do anything at all.
-The infrastructure in [[GNU_Mach|microkernel/mach/gnumach]] is already there,
-`linux/src/drivers/block/ide.c (ide_ioctl) <BLKRRPART>` and
-`linux/src/drivers/scsi/sd_ioctl.c (sd_ioctl) <BLKRRPART>`, but the IOCTL needs
-to be routed from `libparted` through [[hurd/glibc]]'s Hurd IOCTL interface,
-through Hurd's [[hurd/libstore]], to [[GNU_Mach|microkernel/mach/gnumach]].
-
-This is not a huge project, and actually one that is suitable for someone who
-wants to start with hacking the system.
diff --git a/open_issues/code_analysis.mdwn b/open_issues/code_analysis.mdwn
index 2e3d2dea..2e10da80 100644
--- a/open_issues/code_analysis.mdwn
+++ b/open_issues/code_analysis.mdwn
@@ -63,6 +63,10 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks.
 
   * [clang](http://www.google.com/search?q=clang+analysis)
 
+      * <http://darnassus.sceen.net/~teythoon/qa/gnumach/scan-build>
+
+      * <http://darnassus.sceen.net/~teythoon/qa/hurd/scan-build>
+
   * [Linux' sparse](https://sparse.wiki.kernel.org/)
 
   * <http://klee.llvm.org/>
@@ -122,7 +126,9 @@ There is a [[!FF_project 276]][[!tag bounty]] on some of these tasks.
         <teythoon> that, and most tools are horrible to use, frama-c is really
           an exception in this regard
 
-  * [Coverity](http://www.coverity.com/) (nonfree?)
+  * [Coverity](http://www.coverity.com/) (nonfree)
+
+      * <https://scan.coverity.com/projects/1307> If you want access, speak up in #hurd or on the mailing list.
 
       * IRC, OFTC, #debian-hurd, 2014-02-03
 
diff --git a/open_issues/console_vs_xorg.mdwn b/open_issues/console_vs_xorg.mdwn
index ffefb389..39a3336d 100644
--- a/open_issues/console_vs_xorg.mdwn
+++ b/open_issues/console_vs_xorg.mdwn
@@ -1,4 +1,4 @@
-[[!meta copyright="Copyright © 2012 Free Software Foundation, Inc."]]
+[[!meta copyright="Copyright © 2012, 2015 Free Software Foundation, Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -11,6 +11,17 @@ License|/fdl]]."]]"""]]
 [[!tag open_issue_glibc open_issue_hurd]]
 
 
+# console switching and DMs
+
+Something like VT_ACTIVATE would need to be implemented to allow console
+switching. In the meanwhile xorg refuses the vtx option, thus making lightdm &
+such fail with an Xserver error:
+
+       (EE) Fatal server error:
+       (EE) Unrecognized option: vt7
+
+In the meanwhile DMs could be taught not to use the vtx option.
+
 # IRC, freenode, #hurd, 2012-08-30
 
     <gean> braunr: I have some errors about keyboard in the xorg log, but
diff --git a/open_issues/e2fsck_i_file_acl_hi.mdwn b/open_issues/e2fsck_i_file_acl_hi.mdwn
index d03b733c..7fe347f6 100644
--- a/open_issues/e2fsck_i_file_acl_hi.mdwn
+++ b/open_issues/e2fsck_i_file_acl_hi.mdwn
@@ -1,4 +1,5 @@
-[[!meta copyright="Copyright © 2010, 2011 Free Software Foundation, Inc."]]
+[[!meta copyright="Copyright © 2010, 2011, 2015 Free Software Foundation,
+Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -8,6 +9,8 @@ Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
 is included in the section entitled [[GNU Free Documentation
 License|/fdl]]."]]"""]]
 
+Fixed in e2fsprogs 1.42.13
+
 IRC, unknown channel, unknown date.
 
     <Duck> something's broken in ext2, fsck, or the like
@@ -36,3 +39,7 @@ IRC, unknown channel, unknown date.
 
 This is due to an erroneous read/write from e2fsck, see
 <http://sourceforge.net/tracker/?func=detail&aid=3379227&group_id=2406&atid=102406>.
+
+Fixed in e2fsprogs 1.42.13
+
+See [[!debbug 760275]]
diff --git a/open_issues/ext2fs_dtime.mdwn b/open_issues/ext2fs_dtime.mdwn
new file mode 100644
index 00000000..5cb5fb7b
--- /dev/null
+++ b/open_issues/ext2fs_dtime.mdwn
@@ -0,0 +1,21 @@
+[[!meta copyright="Copyright © 2014 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!tag open_issue_hurd]]
+
+    /dev/hd0s1: Deleted inode 95849 has zero dtime.  FIXED.
+
+This is actually sorta benign.  What typically happens is that one upgrades e.g.
+a library, and there are still some processes using it (e.g. because it's libc).
+The library file is thus kept on the filesystem, so as to be able to load parts
+of it on demand.  The file is thus marked as deleted, but the deletion hasn't
+been effective yet, thus dtime being zero. e2fsck notices this and finishes
+deleting the file.  To really fix this, we would probably have to really unmount
+the filesystem.
diff --git a/open_issues/gcc.mdwn b/open_issues/gcc.mdwn
index 45590928..b46a48cc 100644
--- a/open_issues/gcc.mdwn
+++ b/open_issues/gcc.mdwn
@@ -1,5 +1,5 @@
-[[!meta copyright="Copyright © 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014
-Free Software Foundation, Inc."]]
+[[!meta copyright="Copyright © 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014,
+2015 Free Software Foundation, Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -835,23 +835,6 @@ kepler.SCHWINGE and [[12 min|performance#measure]] on laplace.SCHWINGE.
 
 <http://gcc.gnu.org/install/test.html>
 
-Testing on GNU/Hurd is blocked on
-[[fork_mach_port_mod_refs_ekern_urefs_owerflow]].
-
-TODO.  On GNU/Hurd, it is advisable to reboot after having built and installed
-GCC, before running the testsuite, as otherwise there seems to be a tendency
-that the system crashes during the `gcc.c-torture/compile/limits-structnest.c`
-tests, which are rather memory hungry, see [[!message-id
-"87bol6aixd.fsf@schwinge.name"]].  Likewise, it also seems advisable to add
-further reboots in between, that is, separate `make check`'s `check-host` into
-several separate runs, and then one for `check-target` (see
-`[build]/Makefile:do-check`, `[build]/gcc/Makefile:CHECK_TARGETS`), as
-otherwise there seems to be a tendency for the system crashing sooner or later.
-(Running `check-host` accumulates to something like 44 hours worth of
-forking/execing of GCC and testcases.)  On GNU/Linux we run it in one go, so
-that we'll catch any fundamental rearrangements of/additions to the testsuites.
-
-
     $ make -k check 2>&1 | tee log_test
     [...]
 
@@ -861,6 +844,9 @@ This runs for [[7 h 35 min|performance#measure]] on kepler.SCHWINGE and [[15 h
 
 ## Analysis
 
+  A lot of the failures are due to gcc's unwind support not knowing about signal trampoline on GNU/Hurd, this is a TODO.
+
+
     $ toolchain/logs/process gcc test
 
   * PTYs
diff --git a/open_issues/glibc/static.mdwn b/open_issues/glibc/static.mdwn
new file mode 100644
index 00000000..26076a5e
--- /dev/null
+++ b/open_issues/glibc/static.mdwn
@@ -0,0 +1,34 @@
+[[!meta copyright="Copyright © 2015 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!tag open_issue_glibc]]
+
+statically-linked executables don't work with i686 libc (which happens to be the default), from the 2015 glibc tarball:
+
+    ../configure --prefix=/ --enable-add-ons=libpthread --enable-pt_chown --disable-nscd CFLAGS=-O2
+    make lib
+    make -C ../mach objdir=$PWD subdir=mach ..=../
+    make -C ../hurd objdir=$PWD subdir=hurd ..=../
+    
+    # create a test.c
+    gcc test.c -o test.o -c
+    gcc test.o -o test -static -v
+
+the last command gives 
+
+    /usr/lib/gcc/i586-gnu/4.9/collect2 -plugin /usr/lib/gcc/i586-gnu/4.9/liblto_plugin.so -plugin-opt=/usr/lib/gcc/i586-gnu/4.9/lto-wrapper -plugin-opt=-fresolution=/tmp/ccBtYgpy.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_eh -plugin-opt=-pass-through=-lc --sysroot=/ --build-id -m elf_i386 --hash-style=gnu -static -o test /usr/lib/gcc/i586-gnu/4.9/../../../i386-gnu/crt0.o /usr/lib/gcc/i586-gnu/4.9/../../../i386-gnu/crti.o /usr/lib/gcc/i586-gnu/4.9/crtbeginT.o -L/usr/lib/gcc/i586-gnu/4.9 -L/usr/lib/gcc/i586-gnu/4.9/../../../i386-gnu -L/usr/lib/gcc/i586-gnu/4.9/../../.. -L/lib/i386-gnu -L/usr/lib/i386-gnu test.o --start-group -lgcc -lgcc_eh -lc --end-group /usr/lib/gcc/i586-gnu/4.9/crtend.o /usr/lib/gcc/i586-gnu/4.9/../../../i386-gnu/crtn.o
+    
+thus using the following to statically link against the just-build glibc:
+
+    BUILD=/path/to/glibc-2.19-hurd+libpthread-20150515/build /usr/lib/gcc/i586-gnu/4.9/collect2 -plugin /usr/lib/gcc/i586-gnu/4.9/liblto_plugin.so -plugin-opt=/usr/lib/gcc/i586-gnu/4.9/lto-wrapper -plugin-opt=-fresolution=/tmp/ccDjhjdt.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_eh -plugin-opt=-pass-through=-lc --sysroot=/ --build-id -m elf_i386 --hash-style=gnu -static -o test $BUILD/csu/crt0.o $BUILD/csu/crti.o /usr/lib/gcc/i586-gnu/4.9/crtbeginT.o -L/usr/lib/gcc/i586-gnu/4.9 -L/usr/lib/gcc/i586-gnu/4.9/../../../i386-gnu -L/usr/lib/gcc/i586-gnu/4.9/../../.. -L/lib/i386-gnu -L/usr/lib/i386-gnu test.o --start-group -lgcc -lgcc_eh $BUILD/libc.a $BUILD/hurd/libhurduser.a $BUILD/mach/libmachuser.a --end-group /usr/lib/gcc/i586-gnu/4.9/crtend.o $BUILD/csu/crtn.o 
+
+And then ./test gets killed early during libc initialization.
+
+Passing --host=i586-gnu --build=i586-gnu fixes the kill, so the issue is most probably in some i686-specific file.
diff --git a/open_issues/gnumach_PCI_access.mdwn b/open_issues/gnumach_PCI_access.mdwn
new file mode 100644
index 00000000..dc099563
--- /dev/null
+++ b/open_issues/gnumach_PCI_access.mdwn
@@ -0,0 +1,18 @@
+[[!meta copyright="Copyright © 2014 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+Currently, GNU Mach requires the presence of the BIOS32 Service Directory for PCI access. 
+The other possible methods are direct access, which is somewhat dangerous and using mmconfig, the preferred default in Linux.
+Direct access is already supported, but only used if BIOS32 is present for safety reasons.
+The relevant Linux code could be adapted and reused.
+
+
+[[!tag open_issue_gnumach]]
+
diff --git a/open_issues/kill_setuid.mdwn b/open_issues/kill_setuid.mdwn
new file mode 100644
index 00000000..047dceda
--- /dev/null
+++ b/open_issues/kill_setuid.mdwn
@@ -0,0 +1,49 @@
+[[!meta copyright="Copyright © 2015 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!tag open_issue_hurd]]
+
+http://bugs.debian.org/413326
+
+The X server does not terminate when the user X session is finished. This is due
+to xinit not being able to kill the setuid Xorg.
+
+On the sending side, glibc does:
+
+        err = HURD_MSGPORT_RPC (__proc_getmsgport (proc, pid, &msgport),
+                                  (taskerr = __proc_pid2task (proc, pid,
+                                                              &refport)) ?
+                                  __proc_getsidport (proc, &refport) : 0, 1,
+                                  kill_port (msgport, refport));
+        }
+
+I.e. asks proc for the task port, and if that fails, asks proc for the
+session port, then it sends the signal.
+
+It happens that since the target got setuid'ed, the proc server had set it
+owned by root, and hence (rightfully) refuses to return the task port through
+pid2task.  As a result only proc_getsidport() works, but that will be accepted
+by the receiving side only for some signals.
+
+POSIX says
+
+«
+  For a process to have permission to send a signal to a process designated
+  by pid, unless the sending process has appropriate privileges, the real or
+  effective user ID of the sending process shall match the real or saved
+  set-user-ID of the receiving process.
+»
+
+And indeed Xorg keeps the original user uid as real uid, so that xinit can kill
+it when the session is finished.
+
+We probably need to implement another reference port that the killer can send to
+the killee. It may be useful for some other operations that users can do on the
+setuid processes they have started.
diff --git a/open_issues/kvm.mdwn b/open_issues/kvm.mdwn
index 6dfffc9a..327f97ca 100644
--- a/open_issues/kvm.mdwn
+++ b/open_issues/kvm.mdwn
@@ -23,3 +23,15 @@ with Virtualbox.
     <pochu> ok, ty
 
 2010-07-31, GNU Mach commit 039176372b4271f370ef38eb2ee5d43923a5b28b.
+
+# KVM-on-KVM (nested KVM)
+
+This seems sluggish like hell. jenkins.debian.net suffers badly from it: it
+takes like an hour to complete the "Loading additional components" step.
+
+It's actually slower than just running qemu-on-KVM.
+
+This doesn't happen with Linux L2 guests.
+
+Date: Tue, 11 Nov 2014
+https://www.mail-archive.com/kvm@vger.kernel.org/msg109570.html
diff --git a/open_issues/libpthread_dlopen.mdwn b/open_issues/libpthread_dlopen.mdwn
index a825fdff..9e127841 100644
--- a/open_issues/libpthread_dlopen.mdwn
+++ b/open_issues/libpthread_dlopen.mdwn
@@ -1,5 +1,5 @@
-[[!meta copyright="Copyright © 2011, 2012, 2013, 2014 Free Software Foundation,
-Inc."]]
+[[!meta copyright="Copyright © 2011, 2012, 2013, 2014, 2015 Free Software
+Foundation, Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -15,6 +15,15 @@ License|/fdl]]."]]"""]]
 
 # [[FAQ entry|faq/libpthread_dlopen]]
 
+Some applications don't themselves link against libpthread, but then load
+plugins which do link against libpthread.  This means internally switching from
+single-threading to multi-threading, which is only supported since libc0.3
+2.19-16~2. Previously, it would result in errors such as:
+
+    ./pthread/../sysdeps/generic/pt-mutex-timedlock.c:70: __pthread_mutex_timedlock_internal: Assertion `__pthread_threads' failed.
+
+*This is now fixed as of libc0.3 2.19-16~2.*
+
 # IRC, freenode, #hurd, 2010-01-24
 
     <pinotree> youpi: hm, thought about the pthread/stubs issue w/ dlopen'ed
diff --git a/open_issues/perl.mdwn b/open_issues/perl.mdwn
index 48343e3e..62d29ac1 100644
--- a/open_issues/perl.mdwn
+++ b/open_issues/perl.mdwn
@@ -24,6 +24,18 @@ features.
 
 There is a [[!FF_project 264]][[!tag bounty]] on this task.
 
+# Bugs in perl
+
+There is a bug in perl's putenv which makes it interact badly with fakeroot-tcp and fakeroot-sysv (not fakeroot-hurd), this shows up as this
+
+    *** glibc detected *** /usr/bin/perl: free(): invalid pointer: 0x01026000 ***
+    
+See http://rt.perl.org/rt3/Ticket/Display.html?id=91452 for details
+
+A workaround is to do this before building packages calling perl inside fakeroot:
+
+export FAKEROOTUID=0 FAKEROOTEUID=0 FAKEROOTSUID=0 FAKEROOTFUID=0 FAKEROOTGID=0 FAKEROOTEGID=0 FAKEROOTSGID=0 FAKEROOTFGID=0
+
 ---
 
 
diff --git a/open_issues/problematic_packages.mdwn b/open_issues/problematic_packages.mdwn
new file mode 100644
index 00000000..b4784e59
--- /dev/null
+++ b/open_issues/problematic_packages.mdwn
@@ -0,0 +1,29 @@
+[[!meta copyright="Copyright © 2014, 2015 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!meta title="Problematic packages"]]
+
+[[!tag open_issue_gnumach open_issue_hurd]]
+
+This page lists the few packages whose build makes the Debian buildd box crash as of 2015, August:
+
+* Kill pfinet
+
+  * [[nbd|hurd/libstore/nbd_store]]
+  * rsyslog
+
+* Kill the session
+
+  * ruby-hiredis
+  * libxs
+
+* ext2fs gets stuck
+
+  * emacs24
diff --git a/open_issues/procfs_umount.mdwn b/open_issues/procfs_umount.mdwn
new file mode 100644
index 00000000..f31467df
--- /dev/null
+++ b/open_issues/procfs_umount.mdwn
@@ -0,0 +1,24 @@
+[[!meta copyright="Copyright © 2014 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!tag open_issue_hurd]]
+
+As soon as one has accessed /proc/mounts, /proc can't be umount: 
+
+    # settrans -ga /proc
+    settrans: /proc: Device or resource busy
+
+This is because mtab is still mounted on /proc/mounts:
+
+    # settrans -ga /proc/mounts
+    # settrans -ga /proc
+
+settrans -R is supposed to be doing this, but unfortunately this is not
+implemented yet in libnetfs, see #ifdef NOTYET in netfs_shutdown.
diff --git a/open_issues/ssh.mdwn b/open_issues/ssh.mdwn
index 6d000b00..965cfddf 100644
--- a/open_issues/ssh.mdwn
+++ b/open_issues/ssh.mdwn
@@ -1,4 +1,4 @@
-[[!meta copyright="Copyright © 2013 Free Software Foundation, Inc."]]
+[[!meta copyright="Copyright © 2013, 2015 Free Software Foundation, Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -18,3 +18,4 @@ One has to disable compression in /etc/sshd_config:
 
     Compression no
 
+The error returned by `inflate` is `Z_DATA_ERROR`.
diff --git a/open_issues/symlink_translator.mdwn b/open_issues/symlink_translator.mdwn
new file mode 100644
index 00000000..80ce7f0e
--- /dev/null
+++ b/open_issues/symlink_translator.mdwn
@@ -0,0 +1,24 @@
+[[!meta copyright="Copyright © 2015 Free Software Foundation, Inc."]]
+
+[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled [[GNU Free Documentation
+License|/fdl]]."]]"""]]
+
+[[!tag open_issue_hurd]]
+
+The /hurd/symlink translator does not work as expected:
+
+    % settrans -ca broken /hurd/symlink missing
+    % file broken
+    broken: empty
+
+Here is the expected behavior, as implemented by the short-cut logic
+in lib*fs:
+
+    % ln -s missing broken_symlink
+    % file broken_symlink
+    broken_symlink: broken symbolic link to missing
diff --git a/open_issues/virtualization/fakeroot.mdwn b/open_issues/virtualization/fakeroot.mdwn
index 88a18a93..441d5c13 100644
--- a/open_issues/virtualization/fakeroot.mdwn
+++ b/open_issues/virtualization/fakeroot.mdwn
@@ -1324,3 +1324,7 @@ License|/fdl]]."]]"""]]
     <braunr> it happens (rarely) when directly using ext2
     <braunr> and more often through fakeroot
     <braunr> i didn't take the time to investigate
+
+## youpi
+
+    the daily script of debian-installer uses the -s / -i options of fakeroot. How could we manage to implement them?
diff --git a/open_issues/virtualization/networking.mdwn b/open_issues/virtualization/networking.mdwn
index f8bda063..122f21ab 100644
--- a/open_issues/virtualization/networking.mdwn
+++ b/open_issues/virtualization/networking.mdwn
@@ -34,48 +34,34 @@ Collection about stuff that is relevant for *virtualization* and *networking*.
 
 [[community/meetings/GHM2013]].
 
-
-## IRC, freenode, #hurd, 2013-08-23
-
-    <youpi> good news
-    <youpi> with a couple small patches, openvpn does work as joe user
-
-
-## IRC, freenode, #hurd, 2013-08-30
-
-    <youpi> it's really cool that openvpn ended up working completely the day
-      before :)
-
-
-## IRC, freenode, #hurd, 2013-09-03
-
-    <_d3f> Hey guys, how did you get openvpn working on the Hurd? just curious
-      as I saw it in the GHM video
-    <_d3f> no one here who has a clue how to get *vpn working on the Hurd?
-    <braunr> _d3f: youpi did it
-    <braunr> i don't know the details
-    <_d3f> okay, I will question him when I see him around, thx. Do you know if
-      it was a lot of work to get the tun device working? Because I would like
-      to use tinc on the Hurd.
-    <braunr> _d3f: a bit but not that much either
-    <_d3f> braunr: well, okay. Do you know if the source of his 'port' is
-      online, I haven't found it :/
-    <braunr> it should be soon
-
-
-## IRC, freenode, #hurd, 2013-09-04
-
-    <_d3f> youpi: you are the guy who has brought openvpn to the hurd, right? I
-      would like to know how you got the tun/tap thing working as I would like
-      to use tinc on it. :)
-    <youpi> _d3f: essentially no modification of openvpn iirc
-    <youpi> just tell it to open the tun node created by pfinet
-    <youpi> and read/write it
-    <youpi> i.e. the existing generic code in place in openvpn
-    <_d3f> I will have a look at it, somekind tinc builds with the linux
-      specific device.c but I wasn't able to exchange keys. I will have a look
-      at the device handling again and try to get the pfinet tun node used.
-
+OpenVPN can use pfinet's tun as it is, and be configured completely as joe user,
+as shown below. Note that the tun0 node name has to begin with "tun", so pfinet
+knows it's a tun.
+
+    $ mkdir -p $HOME/servers/socket
+    $ touch $HOME/servers/tun0
+    $ settrans -ca $HOME/servers/socket/2 /hurd/pfinet $HOME/servers/tun0 -a 10.0.0.1 -p 10.0.0.2
+    $ cat vpn.conf
+    client
+    dev tun
+    dev-node /home/samy/servers/tun0
+    ...
+    $ openvpn --config vpn.conf --verb 5
+    ...
+
+So we let openvpn running, and now we can make applications use the pfinet
+TCP/IP stack started above: the remap command below starts a new shell, where
+it redirects /servers/socket/2 (where the system TCP/IP stack resides) onto
+$HOME/servers/socket/2 (where the new TCP/IP stack resides).
+
+    $ remap /servers/socket/2 $HOME/servers/socket/2
+    $ wget www.gnu.org
+
+Ideally openvpn would be made to setup pfinet itself, but at least for now it
+can be configured by hand like that.
+
+It would probably be possible to make pfinet able to produce a tap too, would
+need some code.
 
 ## IRC, freenode, #hurd, 2013-09-07
 
@@ -98,3 +84,5 @@ Collection about stuff that is relevant for *virtualization* and *networking*.
     <d3f> yeah I know, I talked to him as I am tring to get tinc working on the
       Hurd (tinc builds by now). I will give him a shot about creating the
       "tun" device
+
+tun has indeed nothing to do with devnode and netdde, it's pfinet which creates it, as documented above.
diff --git a/open_issues/wine.mdwn b/open_issues/wine.mdwn
index 842442f1..6d48fda0 100644
--- a/open_issues/wine.mdwn
+++ b/open_issues/wine.mdwn
@@ -1,5 +1,5 @@
-[[!meta copyright="Copyright © 2010, 2011, 2013, 2014 Free Software Foundation,
-Inc."]]
+[[!meta copyright="Copyright © 2010, 2011, 2013, 2014, 2015 Free Software
+Foundation, Inc."]]
 
 [[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
 id="license" text="Permission is granted to copy, distribute and/or modify this
@@ -174,3 +174,9 @@ allocation. There is kernel support for this,* however.
     <Andre_H> gnu_srs1: well, the stable branch is called stable because not
       everything get's there :)7
     <Andre_H> gnu_srs1: the PATH_MAX patch needs more thinking...
+
+## IRC, freenode, #hurd, 2015-02-09
+
+    <Andre_H> since Wine 1.7.28 it runs quite well on Gnu/Hurd - wiki.winehq.org/Hurd
+    <Andre_H> ( https://source.winehq.org/git/wine.git/commitdiff/6d50cfcac28f84e07777fc10874887356832102e )
+