[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian derivatives census: Huayra: welcome!



Hi Fernando,

I would like to welcome yourself and Huayra to the Debian derivatives
census! Would you like to take this opportunity to introduce yourself
and Huayra to us all in more detail? 

https://wiki.debian.org/Derivatives/Census/Huayra

It would be great if you could join our mailing list and IRC channel:

https://wiki.debian.org/DerivativesFrontDesk

I would encourage you to look at Debian's guidelines for derivatives:

https://wiki.debian.org/Derivatives/Guidelines

You may want to look at our census QA page, some of the mails from
there may apply to Huayra.

https://wiki.debian.org/Derivatives/CensusQA

You don't appear to be subscribed to the Huayra census page,
I've made a few changes to the Huayra census page:

https://wiki.debian.org/Derivatives/Census/Huayra?action=info

The page says that Huayra modifies Debian binary packages. It is quite
rare that distributions modify Debian binary packages instead of
modifying source packages and rebuilding them. Does Huayra actually do
this? If so could you describe what kind of modifications you are
making? If not I guess the page needs to be fixed.

Some of the Release files in the apt repository for Huayra are missing
the Valid-Until header, which allows clients to find out when active
network attackers are holding back newer Release files. At minimum,
rolling releases and suites containing security updates should have
this header. With reprepro you can use the ValidFor config option.

https://wiki.debian.org/RepositoryFormat#Date.2CValid-Until

I've added the Huayra dev blog to Planet Debian derivatives which helps
the Debian community find out the things that are happening in the
world of Debian derivatives. Unfortunately the main Huayra news source
doesn't have an RSS feed, could you add one?

http://planet.debian.org/deriv/
http://huayra.conectarigualdad.gob.ar/noticias

Since Huayra is based in Argentina you might be interested in joining
the #debian-ar IRC channel.

https://wiki.debian.org/LocalGroups#Argentina

Next year the annual Debian conference is in South Africa. It would be
great if developers from Huayra could attend DebConf16.

I would encourage ANSES (the Huayra government sponsor) to contribute
financially to ensure the continued survival of Debian and the success
of the annual Debian conference. Please note that sponsorship for
DebConf16 is not yet open.

https://www.debian.org/donations
http://debconf.org/sponsors/
http://debconf15.debconf.org/become-sponsor.xhtml

I would encourage any attendees to volunteer to ensure the continued
the success of the annual Debian conference, here are some examples of
things that need helpers.

https://wiki.debconf.org/wiki/DebConf13/VolunteerCoordination

A great way to help ensure that the next Debian release working well is
to install and run the how-can-i-help tool and try to work on any
issues that come up.

http://www.lucas-nussbaum.net/blog/?p=837
https://packages.debian.org/unstable/how-can-i-help
https://wiki.debian.org/how-can-i-help

I note that Huayra uses MATE, I would encourage you to
provide feedback and fixes to the Debian MATE team.

https://wiki.debian.org/PkgMate

You might want to consider adding DNSSEC to your domains, TLSA records
and SSL to some of your domains. SSL on the repository will help Huayra
users to obscure package names and version numbers from global active
adversaries. You might also want to add HSTS headers.

http://huayra.conectarigualdad.gob.ar/
http://repo.huayragnulinux.com.ar/

Please feel free to circulate this mail within the Huayra team.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: