[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice for building tomcat8 on jessie?



On Wed, 2018-07-25 at 21:20 -0700, tony mancill wrote:
> On Tue, Jul 24, 2018 at 06:42:47AM -0700, tony mancill wrote:
> > On Sun, Jul 22, 2018 at 11:09:06PM -0400, Roberto C. Sánchez wrote:
> > > On Thu, Jul 19, 2018 at 10:35:50PM -0700, tony mancill wrote:
> > > > Hi Roberto,
> > > > 
> > > > I was able to build your jessie branch in clean jessie chroot without
> > > > any problems.  I use sbuild on amd64.  It took about 50 minutes:
> > > > 
> > > 
> > > Hi Tony &co.,
> > > 
> > > I feel like after spending an unreasonable amount of time trying to
> > > determine the reason for the failure to build on my system that I cannot
> > > come up with a reasonable theory for the failure.  At this point,
> > > further investigation does not seem likely to be productive on my end it
> > > will only continue delaying the security update for users of tomcat8 in
> > > jessie.
> > > 
> > > As I am not comfortable uploading a package that does not build, could I
> > > trouble you to build the package and upload it for me?  The upload would
> > > need to go to security-master and once the ACCEPT comes back from the
> > > archive software I would release the security advisory (I have already
> > > prepared the text).  I have made the necessary commits and pushed them
> > > to my fork on salsa.  Since you are able to build on your system, you
> > > should only need to pull, build, sign, and upload.
> > > 
> > > Please let me know if you would be albe to assist with this.
> > 
> > Hello Roberto,
> > 
> > Yes, I can help with this.  As an additional step before the upload, it
> > is probably prudent to do some smoke-testing with the built package.  I
> > will get it built this evening and then share a link to the build.
> 
> The build and binaries are available here:
> 
>    https://people.debian.org/~tmancill/jessie-security/
> 
> I didn't upload the (signed) changes and dsc file because in the past
> someone mentioned that they could be used to upload to the archive
> as-is, and perhaps we'll find something during our testing.

What you can do is to change the release name in the .changes file to
"UNRELEASED" before signing it.  That way, it's possible to verify the
integrity of the packages but the archive would reject an upload.

I put this entry in my .dput.cf to support this practice:

[pdo]
fqdn = people.debian.org
method = rsync
login = benh
incoming = public_html/packages/
allowed_distributions = UNRELEASED$

Ben.

-- 
Ben Hutchings
Tomorrow will be cancelled due to lack of interest.

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: