Re: Linux Core Consortium

To: debian-devel@lists.debian.org
Cc: Andreas Barth <aba@not.so.argh.org>
Subject: Re: Linux Core Consortium
From: Tollef Fog Heen <tfheen@err.no>
Date: Sun, 12 Dec 2004 19:48:15 +0100
Message-id: <[🔎] 87vfb74akw.fsf@vawad.err.no>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20041211093323.GC14227@bignachos.com> (Brian Nelson's message of "Sat, 11 Dec 2004 01:33:23 -0800")
References: <[🔎] 41B7873E.1050109@perens.com> <[🔎] 20041210115013.GA4891@nighthawk.oase.mhn.de> <[🔎] 20041210143554.GA18523@mauritius.dodds.net> <[🔎] 200412101638.10988@fortytwo.ch> <[🔎] 20041210185213.GB14227@bignachos.com> <[🔎] 20041211084147.GN15853@mails.so.argh.org> <[🔎] 20041211093323.GC14227@bignachos.com>

* Brian Nelson 

| Anyone, developer or non-developer, can help fix toolchain problems.
| However, the only people who can work on the testing-security
| autobuilders are ... the security team and the ftp-masters?  What's
| that, a handful of people?  With a bottleneck like that, isn't that a
| much more important issue?

The problem is not the autobuilder infrastructure per se.  It is that
testing and unstable are largely in sync (!).  This, combinded with the
fact that testing must not have versions newer than unstable (they
will then be rejected) means testing-security wouldn't work at the
moment.

If the above is a tad unclear, consider this case:

Package: foo
Version: 1.0-1 (in both testing and unstable)

This has a security bug, and the security team uploads 1.0-1sarge0
with «testing» in the changelog.  This works fine on
security.debian.org and is mapped to the testing-security repository.
Then security.debian.org uploads to ftp-master, but the upload is
rejected because of the version mismatch.

We have exactly the same problem with stable, but stable and unstable
are a lot less in sync than testing and unstable, so we don't see the
problem as much.

There are a few ways to solve those problems, they are being explored
and worked on, but none of them are pretty.

Thanks a lot to both Daniel Silverstone and Colin Watson for their
helpful explanations about this.  (And a good meal.)

-- 
Tollef Fog Heen                                                        ,''`.
UNIX is user friendly, it's just picky about who its friends are      : :' :
                                                                      `. `' 
                                                                        `-

Reply to:

Follow-Ups:
- Re: Linux Core Consortium
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- Linux Core Consortium
  - From: Bruce Perens <bruce@perens.com>
- Re: Linux Core Consortium
  - From: Michael Banck <mbanck@debian.org>
- Re: Linux Core Consortium
  - From: Steve Langasek <vorlon@debian.org>
- Re: Linux Core Consortium
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: Linux Core Consortium
  - From: Brian Nelson <pyro@debian.org>
- Re: Linux Core Consortium
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Linux Core Consortium
  - From: Brian Nelson <pyro@debian.org>

Prev by Date: Re: Obfuscated source
Next by Date: Re: On the freeness of a BLOB-containing driver
Previous by thread: Re: Linux Core Consortium
Next by thread: Re: Linux Core Consortium
Index(es):
- Date
- Thread