[dak/master] Only move accepted files in cron.unchecked
This avoids triggering the taint check in spawn().
---
config/debian-security/cron.unchecked | 5 ++++-
dak/new_security_install.py | 4 ----
2 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/config/debian-security/cron.unchecked b/config/debian-security/cron.unchecked
index f55315c..8685f34 100755
--- a/config/debian-security/cron.unchecked
+++ b/config/debian-security/cron.unchecked
@@ -62,6 +62,10 @@ if [ -n "$changes" ]; then
dak process-upload -a -d "$disembargo" >> $reportdis
fi
+# sync accepted files to ftpmaster
+cd ${base}
+find ${queuedir}/accepted -type f -exec mv -t /srv/queued/ftpmaster '{}' +
+
if [ "${doanything}" = "false" ] && [ "${dopolicy}" = "false" ]; then
echo "$timestamp": Nothing to do >> $report
exit 0
@@ -113,7 +117,6 @@ done
if [ "x${dopolicy}x" = "xtruex" ]; then
# We had something approved from a policy queue, push out new archive
- find /srv/security-master.debian.org/queue/accepted -type f -exec mv -t /srv/queued/ftpmaster '{}' +
dak dominate
#dak generate-filelist
cd $configdir
diff --git a/dak/new_security_install.py b/dak/new_security_install.py
index 8bd86fb..4f718b4 100755
--- a/dak/new_security_install.py
+++ b/dak/new_security_install.py
@@ -100,10 +100,6 @@ def _do_Approve():
for queue in ("embargoed",):
spawn("dak process-policy {0}".format(queue))
- # 2. sync the stuff to ftpmaster
- print "Sync stuff for upload to ftpmaster"
- spawn("find /srv/security-master.debian.org/queue/accepted -type f -exec mv -t /srv/queued/ftpmaster '{}' +")
-
# 3. Run all the steps that are needed to publish the changed archive
print "Domination"
spawn("dak dominate")
--
1.7.2.5
Reply to: