Hi Attached are 2 Email Templates one can use for the AM process. Worked on them with Jordi Mallach in IRC today (added some Questions, fixed spelling in another place). We are trying to make them even better, so please take a look at them and fix any errors you found. Also send any additional Question you may have for T&S or P&P to me or Jordi, so we can include them (if it is a good Question. :) ). Ah, if something goes wrong with the attachments, they are available here: http://people.debian.org/~joerg/nm/ Thx. P.S.: Jordi suggested to split my nm1.txt into two files/mails to the Applicant. One for the Assigned Mail and one for the T&S Stuff. I personally prefer to do it in one mail. :)
I'm glad to say that I have been appointed as your Application Manager. As such, I will go through the New Maintainer process with you and then send a summary to the Developer Accounts Managers (DAM) and a brief summary to the debian-newmaint Mailinglist. At http://www.debian.org/devel/join/nm-checklist you can see the steps we have to go through. I hope you know about the basic steps. If not, please read the information at the New Maintainers' Corner and feel free to ask any questions you might have. I'm here to help you get yourself integrated in the project, and I'm glad to help you in any way. The first step was to sign up to become a Debian Maintainer and get an Application Manager (AM) assigned. You have completed the first step. Now it's time to check your identity. Please send me a copy of your GPG public key. If your GPG key is signed by a Debian developer, the ID check is completed. However, if your key is not signed, then we have to figure out what to do for the ID check. Since many people trust Debian, we have to make sure that new volunteers are who they claim to be. The easiest check is having your GPG key signed by a Debian developer because this means that he has met you in real life and confirmed your identity. Also: please read http://www.dewinter.com/gnupg_howto/ to learn more about the web of trust and key signing. Also: http://www.herrons.com/kb2nsx/keysign.html The NM process offers another option: you can send me a scanned image of an ID card (passport, drivers licence) and the name of a person who I can contact and ask if this is really you. The person should be respectable, ie. university staff, employer -- it would be best that his name and his position can be found on a web site (e.g professors are listed on their university's web site). Having a signed key is the preferred option. If you tell me where you live (and some big places close to you), I can check if there are any Developers close to you. Only if we don't find any, you can send me a signed ID (please make sure the file size stays below 50K or so; JPG or PNG format). For this, issue: gpg -s -a -b firstname_secondname.png and send me firstname_secondname.png and .png.asc. Please tell me your preferred account name for the Debian machines and the email address to which mail should be forwarded. Please make sure that the account name is still free -- visit http://db.debian.org to find out if this is the case. Finally, please tell me about yourself and what you intend to do for Debian (and how this fits in with The Social Contract). Also, how you came to Linux and free software, and why you want to volunteer your time. If you have packaged an application for Debian already, please give me an URL where I can get the sources (the .diff and .orig) and the package itself (the .deb). Or send them to me (look at the bottom of this mail first for that, please.) Next I have some Questions for you. They apply mainly to the T&S Part, but they are not enough for it, you have to provide me a package (or good documentation / website stuff if you intent to do that for Debian). - How do you check that your Build-Depends Line contains all things needed to built your package? - Please explain me what a virtual package is. Where can you find a list of defined virtual packages? - What does it mean for a package to have line like "Architecture: i386 alpha powerpc" in the control file? Do you have to provide binary packages for all these architectures if you upload your package? What is the difference between "Architecture: all" and "Architecture: any"? - How do you manage new upstream releases? - There is a bug in your package, fixed in Upstream CVS/development branch. What do you do with it? - What do you do if Upstream releases a tarball once every year and then distributes minor revisions only in the form of patches? How do you manage your package then? I look forward to hearing from you and hope we will be able to go through the steps without any problems. The next step is "Philosophy and Procedures" -- I will ask you a few questions by e-mail which you have to answer. Finally, thanks for volunteering! Debian is a volunteer effort and you can make a difference! P.S. Please sign every Mail you send to me with your GPG Key or I cant accept them!
We have to check that you understand the Social Contract and the Debian Free Software Guidelines (DFSG). Have you read them? If not, please do so. You can find them in /usr/share/doc/debian or on http://www.debian.org First, please explain the key points of the Social Contract and the DFSG _in your own words_. Also, describe what you personally think about these documents. Secondly, a few questions, based on them: - What is Debian's (current) approach to non-free software? Why? Is non-free part of the Debian System? - Debian was offered a Debian-specific license to package a certain piece of software (I forget which). Would we put it in main? - Donald Knuth, author of TeX, insists that no-one has the right to modify the source code of TeX, and that any changes must be made using "change files" (a sort of patch file). Is this allowed for a program for the main section of Debian? - Do you know (and can you explain) the difference between free speech and free beer? Is Debian mainly about free speech or free beer? - The e-mail client pine is in non-free. Can you tell me the difference between main, contrib and non-free? Do you know what's wrong with Pine's current license in regard to the DFSG? (If you don't know this, never mind). - At http://people.debian.org/~wolfie/mpg123_copyright you can find the license of mpg123. Can you tell me why this program is non-free according to the DFSG? Do you agree to uphold the Social Contract and the DFSG? If you are accepted as a Debian developer, you will get accounts on the Debian machines. Have you read the Debian Machine Usage Policies (DMUP) at http://www.debian.org/devel/dmup ? Do you accept them? I'm sure you have read the Debian Developers' Reference at http://www.debian.org/doc/packaging-manuals/developers-reference/ - What are Non-Maintainer Uploads (NMUs) and when would you do an NMU? - Tell me 3 different methods to close a bug in the BTS. - What would you do if a bug was reported against your package and you are not able to fix it yourself? - You've just heard about this great program and would like to package it, what would you do? - Do you know what 'lintian' is? Why is it useful? - What does version 3.4-2.1 mean? What Debian control file would you put this in? - You have a package in contrib, why would it have to go there? What could you do (in theory at least) to get it into main? - If you had a file in your package which usually gets changed by a administrator for local settings, how do you make sure your next version of the package doesn't overwrite it? - How do you check if your package has been compiled successfully on different architectures? - There are many Debian suites, like "stable", "unstable", "testing", "woody" and "sid". Can you explain why there are so many and what the differences are? How does a package get from one to the other? - How can you ensure your package's description is in a good state and in a valid format? - What should you do if a security bug pops up in one of your packages? - Imagine you maintain a package which depends very closely to some other package. How would you keep track of the development of other packages, even if you are not the maintainer? - What should you do before signing another developer's gpg key? - What would you do if you wanted to retire from the project? A word on mailing lists: there are quite a lot of Debian mailing lists now and packaging-related packages, and I'd just like to check with you whether you know about the key ones. I think all of the packages are listed as dependencies of task-debian-devel, but you may not be aware of what you have got. Packages: dpkg-dev All of the primary tools needed to put a Debian package together: dpkg-buildpackage, dpkg-source, etc. debhelper A very useful set of scripts designed to make debian/rules files more readable and uniform. debian-policy Describes the policy relating to packages and details of the packaging mechanism. Covers everything from required gcc options to the way the maintainer scripts (postinst etc.) work, package sections and priorities, etc. An absolute must-read. Also useful is the file /usr/share/doc/debian-policy/upgrading-checklist.txt, which lists changes between versions of policy. doc-debian Lots of useful Debian-specific documentation: the constitution and DFSG, explanation of the Bug Tracking System (BTS), etc. maint-guide The New Maintainer's Guide to making Debian packages. devscripts Lots of useful (and not-so-useful) scripts to help build packages. developers-reference Lots of information on procedures and suchlike. dupload or dput Automatically upload packages to the archive once they are built. fakeroot Build packages without having to be root. reportbug Tool to report bugs. pbuilder Tool to check the build-depends of your package in a sane environment. It's not half as bad as it seems at first, but the long-term advantages to the maintainer and user of having such detailed descriptions of package building should be clear ;-) And as for mailing lists, you do not really need to read lots, but the most significant ones are probably: debian-announce: Major public announcements debian-devel-announce: Major announcements to the developer community These two lists are must-subscribes. Everything else is optional. I abbreviate 'debian-' to '-' from now on! -security-announce: security updates to stable -private: you'll be subscribed automatically when your new-maintainer application is accepted; sensitive discussions, flamewars etc. You can unsubscribe if you wish. -devel: general mailing list for developer issues -policy: where possible changes to debian-policy are discussed There are many others; check the mailing list page on the web site for details. Finally, http://www.debian.org/devel/ offers very good resources for Debian developers. The WNPP page at http://www.debian.org/devel/wnpp/ is important if you want to announce that you are working on a new package or if you want to adopt one. http://bugs.debian.org/ has a good description on the Bug Tracking System. http://people.debian.org/~igenibel/ is also an interesting place to keep track of your packages.
-- begin OjE-ist-scheisse.txt bye, Joerg Encrypted Mail preferred! Registered Linux User #97793 @ http://counter.li.org end
Attachment:
pgpysBBD7WQzx.pgp
Description: PGP signature