[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

New DMUP version 1.1.2


the Debian System Debian Administration Team hereby announces an updated 
version of the Debian Machine Usage Policies (DMUP). It will become 
effective on July 04th, 2010 and is then the binding version.

Please note that this version only fixes the most important issues, such
as cleaning up DAM vs. DSA responsibilities.

While we are working on a new and improved DMUP that will hopefully fix
more warts and will concentrate on the really significant issues, this
is a work in progress which might take a while yet.

Therefore we release this version because we think it prudent to have a
DMUP that actually works within the way Debian is currently,
constitutionally structured.


Debian Machine Usage Policies

   Version 1.1.2
    0. This version of the Debian Machine Usage Policies becomes effective
       on July 04th, 2010 and supersedes all previous versions. It was 
       announced on May 09th, 2010.
    1. Introduction
       This document describes the policies for using Debian machines
       and all rules surrounding those.
       In short:
          + The Debian Systems Administration Team will do whatever is
            necessary to keep all machines and services working and
            running in a secure fashion.
          + Don't by any wilful, deliberate, reckless or unlawful act
            interfere with the work of another developer or jeopardize the
            integrity of data networks, computing equipment, systems
            programs, or other stored information.
          + Don't use Debian Facilities for private financial gain or for
            commercial purposes, including consultancy or any other work
            outside the scope of official duties or functions for the time
            being, without specific authorization to do so.
          + Don't use Debian Facilities for unlawful activities,
            including, but not limited to, software piracy.
       This document contains two parts: policies and guidelines. The
       rules in the policies are binding and may not be violated. The
       guidelines specify rules that may be violated if necessary but we
       would rather one did not.
    2. General statements
         1. Used abbreviations
               o DSA - Debian Systems Administration Team
               o DMUP - Debian Machine Usage Policy (this document)
               o DPL - Debian Project Leader
               o DAM - Debian Account Managers
         2. Privilege
            Access to Debian Facilities is a privilege, not a right or a
            commercial service, and DSA reserves the right to revoke this
            privilege at any time, without prior notice. An explanation
            will be given within 48 hours.
         3. Guarantees
            There is no guarantee of service. Although DSA will do its best
            to assure that everything functions perfectly, they can't give
            any guarantees.
         4. Privacy
            If necessary to keep machines working properly the DSA is
            allowed to edit user files. (for example modifying .forward
            files to break mail loops.)
    3. Penalties
       If someone violates the rules set in this document they will be
       subjected to a penalty. The penalty depends on the number of
       previous violations and the offense involved.
         1. First offense
              1. The accounts of the offender will be suspended and access
                 will not be available.
              2. The offender will be required to contact DSA and convince them
                 that there will be no further breaches of the DMUP by the offender.
              3. If the offender fails to contact DSA within 14 days, DSA
                 will suspend the corresponding account and propose to DAM the
                 expulsion of the offender from the Debian project. If the offender
                 has announced they will be on vacation in this time frame,
                 this period will be extended with the announced duration of
                 the vacation.
              4. If the offender is expelled from the project they can
                 register to become a maintainer again after a period of a
                 month. The offense will remain on record.
         2. Second offense
              1. The offenders accounts will be suspended immediately and
                 DSA will propose to DAM the expulsion of the offender from
                 the Debian project.
              2. If the offender does not file for an appeal within the
                 designated time frame the account is terminated.
         3. Publication
              1. The offense and the penalty will be announced to Debian
                 developers only.
              2. Should it, in the sole opinion of the Debian project
                 leader, be considered necessary, then a public
                 announcement will be made. This can include the offenders
         4. Appeal
              1. If the offender does not agree with the decision made by
                 DSA they can appeal to the developers. This is only
                 possible in the 14 days directly following the day the
                 offender was informed of the sentence. This is done using
                 the procedure as detailed in section 4.2 of the Debian
              2. During the time the appeal is processed the account will
                 remain suspended.
    4. The policies
       This section lists the policies. This list is not and cannot be

        Disk usage:
                All machines run a /tmp cleanup daemon and expire files
                after a week. Some machines have /scratch partitions
                specifically for storing large data sets without fear of
                them being erased. If you receive an email notification
                that your homedir is large and that more free space is
                needed then please promptly take action. DSA may find 
                it necessary to clean up without warning.

                Please use ssh/scp if at all possible rather than less
                secure alternatives (rsh, telnet or FTP).

                Idle connections are killed after an hour; this is easy to
                bypass, but please don't do so without good cause.

                Mirroring via any private means any portion of the public
                archives from the private servers is strictly forbidden
                without the prior consent of the residing Mirror Master.
                Developers are free to use any publicly available forms of

                Do not run any long running process without the permission
                of DSA. Running servers of any sort (this includes IRC bots)
                without prior permission from DSA is also forbidden. Avoid
                running processes that are abusive in CPU or memory. If
                necessary DSA will clean up such processes without warning.

        WWW pages:
                In general, web space on Debian machines is provided for
                the purpose of communicating ideas and files related to
                the project, or to the Free Software community in general.
                Private 'vanity' pages on Debian machines are discouraged.

                Commercial web pages are not permitted.

                You are responsible for the content of your WWW pages,
                including obtaining the legal permission for any works
                they include and ensuring that the contents of these pages
                do not violate the laws that apply to the location of the

                You are responsible for and accept responsibility for any
                defamatory, confidential, secret or other proprietary
                material available via your WWW pages.

                You may not advertise your WWW pages, or cause another
                person to advertise it, by techniques that would be
                classified as abuse if they were carried out from a Debian
                Account. This includes, but is not limited to, bulk
                emailing and excessive news posting. Such action may be
                treated under the appropriate DMUP as if it had been done
                from the Account, or as a violation of this DMUP or both.

                Using Debian machines for reading mail is OK, please
                choose a lightly loaded machine. We do not support the
                use of mail download methods such as POP or IMAP, use your
                ISP's mail server and forwarding. As with web pages
                incoming mail is generally encouraged to be of a Free
                Software nature or related to the project somehow.
                DSA may find it necessary to compress, relocate or erase
                mail without warning.

       If a Developer becomes unreachable for a prolonged time, their
       accounts, data and mail forwarding/filtering/etc may be disabled
       until they reappear.
       Don't use Debian facilities in a manner which constitutes net
       abuse. Debian does not have any Usenet news servers. It may be that
       some of the Debian machines have access to such a news server, but
       their use through Debian machines is strictly forbidden.
       Examples of what DSA considers net abuse:
          + Chain Letters and Ponzi Pyramid-Selling Schemes
            Such messages work (or rather, don't work) in much the same
            way as their paper-based cousins. The most common example of
            this in email is MAKE-MONEY-FAST. In addition to being a waste
            of resources, such messages are illegal in certain countries.
          + Unsolicited Commercial Email (UCE)
            Unsolicited Commercial Email is advertising material received
            by email without the recipient either requesting such
            information or otherwise expressing an interest in the
            material advertised.
            Since many Internet users use a dial-up connection and pay for
            their online time, it costs them money to receive email.
            Receipt of unsolicited commercial advertising therefore costs
            them money and is particularly unwelcome.
            It should be noted that a user has not expressed an interest
            by the mere act of posting a news article in any particular
            newsgroup, unless of course they have made a specific request
            for information to be emailed to them.
          + Unsolicited Bulk Email (UBE)
            Similar to the above UCE but not attempting to sell anything.
            Its sole purpose is usually to annoy.
          + Forged headers and / or Addresses
            Forging headers or messages means sending mail such that its
            origin appears to be another user or machine, or a
            non-existent machine.
            It is also forgery to arrange for any replies to the mail to
            be sent to some other user or machine.
            However, in either case, if prior permission has been granted
            to you by the other user or the administrators of the other
            machine, then there is no problem, and of course "null"
            reverse paths can be used as defined in the relevant RFCs.
          + Mail Bombing
            Mail bombing is the sending of multiple emails, or one large
            email, with the sole intent of annoying and / or seeking
            revenge on a fellow Internet user. It is wasteful of shared
            Internet resource as well as serving no value to the
            Due to the time taken to download it, sending long email to
            sites without prior agreement can amount to denial of service,
            or access to email at the receiving site. Note that if binary
            attachments are added to mail this may increase the size
            considerably. If prior arrangement has not been made, the mail
            will be extremely unwelcome.
          + Denial of Service attacks
            Denial of Service is any activity designed to prevent a
            specific host on the Internet making full and effective use of
            their facilities. This includes, but is not limited to:
               o Mail bombing an address in such a way to make their
                 Internet access impossible, difficult, or costly.
               o Opening an excessive number of mail connections to the
                 same host.
               o Intentionally sending email designed to damage the
                 receiver's systems when interpreted; for example, sending
                 malicious programs or viruses attached to an email.
               o Using a smarthost or SMTP relay without authorization to
                 do so.
          + Mailing List Subscriptions
            You must not subscribe anyone, other than a user on your own
            host, to a mail list or similar service without their
          + Illegal Content
            You must not send via email any item which it is illegal to
            send or possess.
          + Breach of Copyright or Intellectual Property
            You must not send (via email) or post Copyright material or
            Intellectual Property unless you have permission to do so.
          + Binary Postings to non-Binary Groups
            Outside of the alt.binaries... and alt.pictures... newsgroup
            hierarchies, the posting of encoded binary data is considered
            most unwelcome. The majority of Usenet sites and readers do
            not have the capability for selective transmission of articles
            (kill-filing) and such posts can result in a significant
            amount of resources being tied up and wasted in the
            transmission process, and as such can be considered as a
            denial of service attack on multiple recipients. [Example]
          + Excessive Cross-Posting
            Simply put, this form of unacceptable behavior occurs when the
            same article is cross-posted to a large number of unrelated
          + Excessive Multi-Posting
            Simply put, this form of unacceptable behavior occurs when a
            substantively similar (perhaps differing only in Subject
            header) article is posted to a large number of unrelated


On behalf of the Debian System Administration Team
Martin Zobel-Helas
 Martin Zobel-Helas <zobel@debian.org>  | Debian System Administrator
 Debian & GNU/Linux Developer           |           Debian Listmaster
 Public key http://zobel.ftbfs.de/5d64f870.asc   -   KeyID: 5D64 F870
 GPG Fingerprint:  5DB3 1301 375A A50F 07E7  302F 493E FB8E 5D64 F870

 Martin Zobel-Helas <zobel@debian.org>  | Debian System Administrator
 Debian & GNU/Linux Developer           |           Debian Listmaster
 Public key http://zobel.ftbfs.de/5d64f870.asc   -   KeyID: 5D64 F870
 GPG Fingerprint:  5DB3 1301 375A A50F 07E7  302F 493E FB8E 5D64 F870

Attachment: signature.asc
Description: Digital signature

Reply to: