Re: wheezy-security to wheezy-lts transition
- To: Moritz Mühlenhoff <email@example.com>
- Cc: "Adam D. Barratt" <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org
- Subject: Re: wheezy-security to wheezy-lts transition
- From: Guido Günther <email@example.com>
- Date: Tue, 23 Feb 2016 08:35:13 +0100
- Message-id: <[🔎] 20160223073513.GA3226@bogon.m.sigxcpu.org>
- Mail-followup-to: Guido Günther <firstname.lastname@example.org>, Moritz Mühlenhoff <email@example.com>, "Adam D. Barratt" <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org
- In-reply-to: <[🔎] 20160222222848.GA2880@pisco.westfalen.local>
- References: <[🔎] email@example.com> <[🔎] 20160222174220.GB2486@bogon.m.sigxcpu.org> <[🔎] 20160222222848.GA2880@pisco.westfalen.local>
On Mon, Feb 22, 2016 at 11:28:48PM +0100, Moritz Mühlenhoff wrote:
> On Mon, Feb 22, 2016 at 06:42:20PM +0100, Guido Günther wrote:
> > Hi Adam,
> > On Sat, Feb 20, 2016 at 02:27:27PM +0000, Adam D. Barratt wrote:
> > > [apologies to anyone who's ended up with three copies of this; the
> > > original got eaten due to a misconfiguration on my side - please only
> > > reply to this copy]
> > >
> > > Hi,
> > >
> > > As I understand it, the plan is for wheezy-lts to re-use
> > > security.d.o:wheezy/updates directly, rather than a separate suite on
> > > ftp-master. Is that correct?
> > I think so. See
> > https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=prep-wheezy-lts;firstname.lastname@example.org
> While these two are long-standing enhancement bugs which would make
> the security team work much easier, they are unrelated to the plan
> outlined above.
I'm confused now. Arent these two bugs requirements to implement
1) and 3) from Raphael's BoF summary:
1/ the ftpmasters would reconfigure the suite to drop the "policy queue"
in front of the repositories so that uploads are immediately accepted
exactly like the current squeeze-lts repository (Ansgar told us this
was easy to do)
This solves problems 4 and 1 because LTS members no longer need shell
access if there is "approval" step in the workflow.
3/ the ftpmasters will fix dak to also send the ACCEPTED mails to the
person who signed the upload (this was already part of their plans
even before this discussion, this now gives them one reason more
to actually do it before the Wheezy LTS period start, aka in February
> That plan was mentioned during the DebConf BoF, but I'm not aware that anyone
> is working on that and I'm unsure whether it's feasible to implement
> in time?
> Especially since even far simpler changes like the two mentioned above are
> open for quite a long time.
I'm happy to help here but besides setting up my own dak and testing the
provided patches I'm not sure how.