Re: Linux Core Consortium

To: debian-devel@lists.debian.org
Subject: Re: Linux Core Consortium
From: Andreas Barth <aba@not.so.argh.org>
Date: Sun, 12 Dec 2004 22:23:38 +0100
Message-id: <[🔎] 20041212212338.GW15853@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 87wtvnjjz3.fsf@informatik.uni-tuebingen.de>
References: <[🔎] 20041210115013.GA4891@nighthawk.oase.mhn.de> <[🔎] 20041210143554.GA18523@mauritius.dodds.net> <[🔎] 200412101638.10988@fortytwo.ch> <[🔎] 20041210185213.GB14227@bignachos.com> <[🔎] 20041211084147.GN15853@mails.so.argh.org> <[🔎] 20041211093323.GC14227@bignachos.com> <[🔎] 87vfb74akw.fsf@vawad.err.no> <[🔎] 87u0qrl3hv.fsf@informatik.uni-tuebingen.de> <[🔎] 87r7lv46kd.fsf@vawad.err.no> <[🔎] 87wtvnjjz3.fsf@informatik.uni-tuebingen.de>

* Goswin von Brederlow (brederlo@informatik.uni-tuebingen.de) [041212 22:20]:
> Tollef Fog Heen <tfheen@err.no> writes:
> > t-p-u is not uploaded from another host through a mapping.  (Remember,
> > uploads to stable are mapped to stable-security on
> > security.debian.org, then uploaded to stable from that host.  The
> > .changes file however, does not list stable-security, it only lists
> > stable.  And the trivial fix, to drop the mapping won't help either,
> > since then any DD could upload to stable by uploading to
> > stable-security, and we don't want that.)
> >
> > Also, AIUI, t-p-u will mostly be used when there's a newer version in
> > unstable and you can't get the version in unstable in (because of
> > dependencies) or you have to get a fix in immediately, in which case
> > you upload to "unstable testing-proposed-updates", so you don't hit
> > the version skew issue.

> Which is exactly what you have with security. There is a newer version
> in unstable than what you upload.

Not if testing and unstable are in sync. In this case, the upload to
testing-security needs to also go to unstable, and not only to
testing-proposed-updates.

> The problem seems to be more in rejecting unauthorized uploads to
> testing-security than a version problem.

No, that's easy. Allow security only via scp to queue/unchecked, and not
via anonymous ftp, means only to the few people that have direct access
to ftp-master, including a wrapper for the security team.


Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to:

References:
- Re: Linux Core Consortium
  - From: Michael Banck <mbanck@debian.org>
- Re: Linux Core Consortium
  - From: Steve Langasek <vorlon@debian.org>
- Re: Linux Core Consortium
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: Linux Core Consortium
  - From: Brian Nelson <pyro@debian.org>
- Re: Linux Core Consortium
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Linux Core Consortium
  - From: Brian Nelson <pyro@debian.org>
- Re: Linux Core Consortium
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Linux Core Consortium
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Linux Core Consortium
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Linux Core Consortium
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Linux Core Consortium
Next by Date: Re: Bug#285207: ITP: kwirelessmonitor -- KWirelessMonitor is a small KDE application that docks into the system tray and monitors the wireless network interface
Previous by thread: Re: Linux Core Consortium
Next by thread: Re: Linux Core Consortium
Index(es):
- Date
- Thread