[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linux Core Consortium

* Tollef Fog Heen (tfheen@err.no) [041212 21:35]:
> * Goswin von Brederlow 
> | Tollef Fog Heen <tfheen@err.no> writes:

> | > * Brian Nelson 
> | >
> | > | Anyone, developer or non-developer, can help fix toolchain problems.
> | > | However, the only people who can work on the testing-security
> | > | autobuilders are ... the security team and the ftp-masters?  What's
> | > | that, a handful of people?  With a bottleneck like that, isn't that a
> | > | much more important issue?
> | >
> | > The problem is not the autobuilder infrastructure per se.  It is that
> | > testing and unstable are largely in sync (!).  This, combinded with the
> | > fact that testing must not have versions newer than unstable (they
> | > will then be rejected) means testing-security wouldn't work at the
> | > moment.
> | 
> | How is that different from testing-proposed-updates?
> t-p-u is not uploaded from another host through a mapping.  (Remember,
> uploads to stable are mapped to stable-security on
> security.debian.org, then uploaded to stable from that host.  The
> .changes file however, does not list stable-security, it only lists
> stable.  And the trivial fix, to drop the mapping won't help either,
> since then any DD could upload to stable by uploading to
> stable-security, and we don't want that.)

IIRC the changes file lists stable-security, e.g.:
 hpsockd (0.6.woody1) stable-security; urgency=high
(just looked into queue/done for that). And katie on ftp-master maps
stable-security to proposed-updates.

> Also, AIUI, t-p-u will mostly be used when there's a newer version in
> unstable and you can't get the version in unstable in (because of
> dependencies) or you have to get a fix in immediately, in which case
> you upload to "unstable testing-proposed-updates", so you don't hit
> the version skew issue.

Also uploads to testing-security will go to t-p-u on ftp-master, via the
same mapping mechanismn. (Just look into katie.conf, you'll see the
mappings there.)

BTW, there is now at http://people.debian.org/~aba/dak.patch a draft of
a patch tackling the necessary changes for *security. However, as this
is my first real katie-patch, there might be issues I don't (currently)
see, and even if not, implementing on ftp-master requires more than just
a short glance over it.

   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to: