Re: Changelog not signed by "human"
On Fri, Mar 16, 2007 at 09:27:04AM -0700, Kapil Hari Paranjape wrote:
> Hello,
>
> On updating my system today I obtained a version of "screen" which
> was a binary-only upload which contained the following changelog
> entry:
>
> screen (4.0.3-0.3+b1) unstable; urgency=low
>
> * Binary-only non-maintainer upload for i386; no source changes.
> * Rebuild to fix a bug of indeterminate origin that causes screen to switch
>
> -- Debian/i386 Build Daemon <buildd_i386-saens> Tue, 6 Mar 2007 17:06:12 -0600
>
> I saw two somewhat suspicious aspects to this.
> (a) The second sentence in the changelog appears to be
> incomplete.
> (b) The changelog is not-signed by a "human"!
> It is possible that I have mis-understood how changelogs for binary
> uploads are signed and that I am just being paranoid!
>
> Could someone please clarify?
When a binNMU is necessary, someone with appropriate access to the right
machine will run this:
wanna-build -b <arch>/build-db -d unstable -m "Rebuild for the GCC10 transition" --binNMU=1 foobar_1.2-3
which will result in the buildd host downloading the source, adding a
changelog entry, compiling it, and the human behind the curtains signing
the log.
Since the buildd host generates the changelog entry, it's only natural
that it's also the buildd host which is listed in the changelog entry.
--
<Lo-lan-do> Home is where you have to wash the dishes.
-- #debian-devel, Freenode, 2004-09-22
Reply to: