Re: *seconded* Re: Bits (Nybbles?) from the Vancouver release team meeting
Hi, Anthony Towns wrote:
> The reason for the N = {1,2} requirement is so that the buildds can be
> maintained by Debian, which means that they can be promptly fixed for
> system-wide problems, and which means access to them can be controlled,
That can be handled differently.
If somebody writes a small program which checks that the build systems are
up-to-date (do we need more than a list of packages vs. minimum-required-
versions for that?), we can lock out all the non-updated systems from
(LDAP login / wanna-build access) until they are updated.
DSA can still admin the one or two systems per arch which need stricter
checks -- for instance, those which are used by developers to test-build
packages. But I don't think they need to personally admin every builder
that's sitting behind a firewall, has no outside logins, and doesn't do
much besides building packages.
That'd reduce DSA's work load, not sacrifice security, and still afford
some level of build activity even if the other system admins don't react
immediately.
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf@smurf.noris.de
Reply to: