[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian machine usage policy

I hereby present the DMUP, or Debian Machine Usage Policy. This document
contains two sections: the first are the rules on handling the policies
and any violations of it. The second part contains the actual policies.


Debian Machine Usage Policy
Version 1.1

1. Introduction

This document describes the policies for using Debian machines and
all rules surrounding those

In short:
1. Don't by any wilful, deliberate, reckless or unlawful act interfere
   with the work of another developer or jeopardize the integrity of data
   networks, computing equipment, systems programs, or other stored

2. Don't use Debian Facilities for private financial gain or for
   commercial purposes, including consultancy or any other work outside
   the scope of official duties or functions for the time being, without
   specific authorization to do so.
3.  Don't use Debian Facilities for unlawful activities, including, but
    not limited to, software piracy.

This document contains two parts: policies and guidelines. The rules
in the policies are binding and may not be violated. The guidelines
specify rules that may be violated if necessary but we would rather
one did not.

2. General statements

2.1 Privilege
Access to Debian Facilities is a privilege, not a right or a
commercial service, and we reserve the right to revoke this privilege
at any time, without prior notice. An explanation will be given within
48 hours.

2.2 Guarantees
There is no guarantee of service. Although we will do our best to assure
that everything functions perfectly, we can't give any guarantees.

2.3 Privacy
If necessary to keep machines working properly the DSA is allowed to edit
user files. (for example modifying .forward files to break mail loops)

2.3 Used abbreviations
  DSA   - Debian Systems Administration
  DMUP  - Debian Machine Usage Policy (this document)
  DPL   - Debian Project Leader

3. Penalties

If someone violates the rules set in this document he will be subjected
to a penalty. The penalty depends on the number of previous violations
and the offense involved.

3.1 First offense

1. The accounts of the offender will be suspended and access will
   not be available.

2. The offender will be required to contact the Debian Systems Administration
   and convince us that there will be no further breaches of the DMUP by the

3. If the offender fails to contact the DSA within 14 days, the account will
   be terminated and the offender expelled from the Debian project. If the
   offender has announced he will be on vacation in this time frame this
   period will be extended with the announced duration of the vacation

4. If the offender is expelled from the project he can register to become
   a maintainer again after a period of a month. The offense will remain
   on record.

3.2 Second offense

1. The offenders accounts will be suspended immediately and the
   offender expelled from the project.
2. If the offender does not file for an appeal within the designated
   time frame the account is terminated.

3. The offender is prohibited from registering as a Debian maintainer

3.3 Publication

1. The offense and the penalty will be announced to Debian developers only.

2. Should it, in the sole opinion of the Debian project leader, be considered
   necessary, then a public announcement will be made. This can include
   the offenders identity.

3.4 Appeal

1. If the offender does not agree with the decision made by the DSA he can
   appeal to the developers. This is only possible in the 14 days directly
   following the day the offender was informed of the sentence. This is
   done using the procedure as detailed in section 4.2 of the Debian

2. During the time the appeal is processed the account will remain suspended.

4. The policies

This section lists the policies. This list is not and can not be inclusive.

Disk usage:

All machines run a /tmp cleanup daemon and expire files after a week.
Some machines have /scratch partitions specifically for storing large
data sets without fear of them being erased. If you receive an email
notification that your homedir is large and that we need more space then
please promptly take action. The DSA's may find it necessary to clean up
exceptionally large space users without warning.


Please use ssh/scp if at all possible (check the copyright, it is not
free software, and there is no free replacement) rather than less
secure alternatives (rsh, telnet or FTP).

Idle connections are killed after an hour; this is easy to bypass,
but please don't do so without good cause.

Mirroring via any private means any portion of the public archives from
the private servers is strictly forbidden without the prior consent of the
residing Mirror Master. Developers are free to use any publicly available
forms of access.


Do not run any long running process without the permission of the DSA's.
Running servers of any sort (this includes IRC bots) without prior permission
from the DSA's is also forbidden.  Avoid running processes that are abusive in
CPU or memory. If necessary the DSA's will reap up such processes without

WWW pages:

In general, web space on Debian machines is provided for the purpose of
communicating ideas and files related to the project, or to the Free
Software community in general. Private 'vanity' pages on Debian machines
are discouraged.

Commercial web pages are not permitted.

You are responsible for the content of your WWW pages, including
obtaining the legal permission for any works they include and ensuring
that the contents of these pages do not violate American law.

You are responsible for and accept responsibility for any defamatory,
confidential, secret or other proprietary material available via your
WWW pages.

You may not advertise your WWW pages, or cause another person to
advertise it, by techniques that would be classified as abuse if they
were carried out from a Debian Account. This includes, but is not
limited to, bulk em ailing and excessive news posting. Such action may
be treated under the appropriate DMUP as if it had been done from the
Account, or as a violation of this DMUP or both.


Using Debian machines for reading mail is OK, please choose a lightly
loaded machine [ie not master]. We do not support the use of mail download
methods such as POP or IMAP, use your ISP's mail server and forwarding. As
with web pages incoming mail is generally encouraged to be of an Free
Software nature or related to the project somehow. The DSA's may find it
necessary to compress, relocate or erase mail without warning.

If a Developer becomes unreachable for a prolonged time their accounts,
data and mail forwarding/filtering/etc may be disabled until they

Don't use Debian facilities in a manner which constitutes net abuse.
Debian does not have any Usenet news servers. It may be that some of the
Debian machines have access to such a news server, but their use through
Debian machines is strictly forbidden.

Examples of what we consider net abuse:

* Chain Letters and Ponzi Pyramid-Selling Schemes
          Such messages work (or rather, don't work) in much the same
          way as their paper-based cousins. The most common example of
          this in email is MAKE-MONEY-FAST. In addition to being a
          waste of resources, such messages are illegal in certain
* Unsolicited Commercial Email (UCE)
          Unsolicited Commercial Email is advertising material
          received by email without the recipient either requesting
          such information or otherwise expressing an interest in the
          material advertised.
          Since many Internet users use a dial-up connection and pay
          for their online time, it costs them money to receive
          email. Receipt of unsolicited commercial advertising
          therefore costs them money and is particularly unwelcome.
          It should be noted that a user has not expressed an interest
          by the mere act of posting a news article in any particular
          newsgroup, unless of course they have made a specific
          request for information to be emailed to them.
* Unsolicited Bulk Email (UBE)
          Similar to the above UCE but not attempting to sell
          anything. Its sole purpose is usually to annoy.
* Forged headers and / or Addresses
          Forging headers or messages means sending mail such that its
          origin appears to be another user or machine, or a
          non-existent machine.
          It is also forgery to arrange for any replies to the mail to
          be sent to some other user or machine.
          However, in either case, if prior permission has been
          granted to you by the other user or the administrators of
          the other machine, then there is no problem, and of course
          "null" reverse paths can be used as defined in the relevant
* Mail Bombing
          Mail bombing is the sending of multiple emails, or one large
          email, with the sole intent of annoying and / or seeking
          revenge on a fellow Internet user. It is wasteful of shared
          Internet resource as well as serving no value to the
          Due to the time taken to download it, sending long email to
          sites without prior agreement can amount to denial of
          service, or access to email at the receiving site. Note that
          if binary attachments are added to mail this may increase
          the size considerably. If prior arrangement has not been
          made, the mail will be extremely unwelcome.
* Denial of Service attacks
          Denial of Service is any activity designed to prevent a
          specific host on the Internet making full and effective use
          of their facilities. This includes, but is not limited to:
          + Mail bombing an address in such a way to make their
            Internet access impossible, difficult, or costly.
          + Opening an excessive number of mail connections to the
            same host.
          + Intentionally sending email designed to damage the
            receiver's systems when interpreted; for example, sending
            malicious programs or viruses attached to an email.
          + Using a smarthost or SMTP relay without authorization to do so.
* Mailing List Subscriptions
          You must not subscribe anyone, other than a user on your own
          host, to a mail list or similar service without their
* Illegal Content
          You must not send via email any item which it is illegal to
          send or possess.
* Breach of Copyright or Intellectual Property
          You must not send (via email) or post Copyright material or
          Intellectual Property unless you have permission to do so.

* Binary Postings to non-Binary Groups
          Outside of the alt.binaries... and alt.pictures... newsgroup
          hierarchies, the posting of encoded binary data is
          considered most unwelcome. The majority of Usenet sites and
          readers do not have the capability for selective
          transmission of articles (kill-filing) and such posts can
          result in a significant amount of resources being tied up
          and wasted in the transmission process, and as such can be
          considered as a denial of service attack on multiple
          recipients. [Example]

* Excessive Cross-Posting

          Simply put, this form of unacceptable behavior occurs when
          the same article is cross-posted to a large number of
          unrelated newsgroups.

* Excessive Multi-Posting

          Simply put, this form of unacceptable behavior occurs when
          a substantively similar (perhaps differing only in Subject
          header) article is posted to a large number of unrelated


 / Generally uninteresting signature - ignore at your convenience  \
| wichert@liacs.nl                    http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: pgp7HHFk1wZnu.pgp
Description: PGP signature

Reply to: