[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian derivatives census: OSMC: welcome!

Hi Sam,

I would like to welcome yourself and OSMC to the Debian derivatives
census! Would you like to take this opportunity to introduce yourself
and OSMC to us all? 


It would be great if you could join our mailing list and IRC channel:


I would encourage you to look at Debian's guidelines for derivatives:


You may want to look at our census QA page, some of the mails from
there may apply to OSMC.


I've made a few changes to the OSMC census page:


The page says that OSMC modifies Debian binary packages. It is quite
rare that distributions modify Debian binary packages instead of
modifying source packages and rebuilding them. Does OSMC actually do
this? If so could you describe what kind of modifications you are
making? If not I guess the page needs to be fixed.

Some of the Release files in the apt repository for OSMC are missing
the Valid-Until header, which allows clients to find out when active
network attackers are holding back newer Release files. At minimum,
rolling releases and suites containing security updates should have
this header. With reprepro you can use the ValidFor config option.


The apt repository for OSMC does not contain source packages. I can't
tell if that includes for packages licensed under the GNU GPL but I
think it does based on the names of some things. This may or may not be
a copyright violation depending on whether our not you distribute those
elsewhere. In any case, please add source packages to your repository
so that Debian can automatically create patches to be presented to
Debian package maintainers.


I've added the OSMC blog to Planet Debian derivatives which helps the
Debian community find out the things that are happening in the world of
Debian derivatives.


Since OSMC is based in the UK, OSMC folks from there might be
interested in joining the Debian UK group. In particular there is an
weekend-long BBQ every year and regular mini-DebConfs and BSPs.


Next year the annual Debian conference is in Montreal, Canada. It would
be great if developers from OSMC could attend DebConf. If this isn't
possible, the year after DebConf will be in Prague or Taipei.


I would encourage OSMC to contribute financially to ensure the
continued survival of Debian and the success of the annual Debian


I would encourage any attendees to volunteer to ensure the continued
the success of the annual Debian conference, here are some examples of
things that need helpers.


I note that OSMC is based on Debian stable. The Debian release team
recently released a timeline for the freeze for the next Debian stable
release. I would encourage you to review it and prepare your plans for
rebasing on the next Debian release (stretch).


A great way to help ensure that the next Debian release working well is
to install and run the how-can-i-help tool and try to work on any
issues that come up.


OSMC devs might want to join the Debian ARM list and say hello:


You might want to consider adding DNSSEC to your domains, TLSA records
and SSL to some of your domains. SSL on the repository will help OSMC
users to obscure package names and version numbers from global active
adversaries. You might also want to add HSTS headers.

Please feel free to circulate this mail within the OSMC team.



Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: