Re: Bits (Nybbles?) from the Vancouver release team meeting
On Mon, Mar 14, 2005 at 01:49:24PM +0000, Colin Watson wrote:
> On Mon, Mar 14, 2005 at 11:11:55AM +0100, Sven Luther wrote:
> > On Mon, Mar 14, 2005 at 02:12:48AM -0800, Thomas Bushnell BSG wrote:
> > > Where human delay did come into play was in getting the xfree86 mess
> > > cleaned; in theory it should have taken one or two days, but in
> > > practice it took much longer.
> > Why not fully eliminate the human factor ? Ubuntu does automated build from
> > source only uploads, the package sources are built and signed by a developer,
> > autobuilt on all arches, and i don't believe they are individually signed
> > after that.
> Ubuntu is in the happy situation of having a system in a DMZ - i.e. not
> network-accessible in general without having to get through other
> barriers first - with very few login accounts and full-time maintenance
> on which to do auto-signing, and similar systems to act as buildds.
> Debian isn't remotely in that position. Auto-signing requires a great
> deal of care and thought before blindly enabling it, and certainly it
> must not happen on a generally network-accessible machine and it
> probably shouldn't happen while the buildds remain generally
Ok, i understand that, but still the main point is that debian currently
doesn't accept source-only uploads, as ubuntu has done a policy of doing.
I believe that it should be possible for the tier 1 arches to get a similar
setup than what ubuntu does, and there should be nothing stopping us from
setting up something accessible for the tier2 buildd networks. We just need to
come up with a policy for this, and not just say no to start with.
As we are 'dropping' tier 2 arches anyway, we are handing over the
responsability to whoever will take over these ports maintenance anyway.
> We were in a bad enough situation during the server compromise when it
> was discovered that some developers had inadvertently left their private
> GPG keys on network-accessible machines with lots of login accounts.
> Surely you acknowledge that as a mistake by those developers, and not
> something we should be encouraging by making it an essential part of our
Yes, but that is no reason to say that we can't do it, just that we have to be
carefull about it. I personally will gladly get donation for any number of
needed powerpc boxes needed for setting up such a fully automated buildd
infrastructure, like ubuntu has. This would need 3 machines with lot of disk
and memory space, i guess, given the N+1 and N <= 2 numbers.
But then, there remains the fact that such an infrastructure was strongly
vetoed by the ftp-master last time it was brought upon a couple years ago i
think it was.