Re: Killing policy queues

To: debian-dak@lists.debian.org
Subject: Re: Killing policy queues
From: Ansgar Burchardt <ansgar@debian.org>
Date: Fri, 01 Jun 2012 15:54:20 +0200
Message-id: <[🔎] 4FC8C98C.2060002@debian.org>
In-reply-to: <20120530190351.GA4558@debian.org>
References: <4FC50358.2070808@debian.org> <87bol66rj2.fsf@gkar.ganneff.de> <20120530190351.GA4558@debian.org>

On 05/30/2012 09:03 PM, Raphael Geissert wrote:
> On Wed, May 30, 2012 at 09:45:37AM +0200, Joerg Jaspert wrote:
>> On 12861 March 1977, Ansgar Burchardt wrote:
>>> Advantages:
>>>  - Less ways to handle package installation.
>>>  - Signature checked when the package arrives in the archive, not again
>>> when it is accepted from the policy queues.
> 
> In practice, would that improve anything re the current issues with
> buildd's keys expiration?

Not right away.  The information from the .changes should be stored in
the database, but for now I plan to continue using the .changes when
accepting packages from policy queues (to know which binaries/source go
together).

Also signatures need to be valid when moving files from security-master
to ftp-master.

>>>  - We can generate Packages/Sources for policy queues[2].
> 
> There is a long-standing idea of allowing one or some updates to be
> "pre-released" so that some people could test them in advance.
> This has been done for both embargoed and unembargoed issues, usually
> by copying the files to some protected directory.
> 
> If this change could help us achieve that, it would be great.

You could use an extra public archive (or just suite) for that and copy
packages there.  My current work would allow that, but it does not
include a (non-ftpmaster) tool for copying packages.

Ansgar

Reply to:

Prev by Date: Re: Hashsum mismatch prevention strategies
Next by Date: multi-archive support in dak: first report
Previous by thread: Re: Hashsum mismatch prevention strategies
Next by thread: multi-archive support in dak: first report
Index(es):
- Date
- Thread