buildd redundancy (was Re: Recompilation of ALL Debian packages ...
martin f krafft wrote:
> also sprach Henning Makholm <firstname.lastname@example.org> [2006.08.31.1641 +0200]:
>> Please read up on the regular (every few months) discussions about
>> "source-only uploads" in the list archives. (Capsule summary: yes,
>> it would be easy to do, but there is no consensus that it would be
>> *desirable* to do so).
> For instance: http://lists.debian.org/debian-devel/2006/07/msg00544.html
> You say people have argued against source-only uploads, but I think
> source-only is actually not what we are talking about. The subject
> line says: "recompile...".
> Whether or not requiring binary packages in the upload as a QA sort
> of measure is a good thing is a tangential debate.
> I would like to know why we can't just discard those binaries and
> rebuild them on trusted machines. Then we get the best of all
This is really a nice idea. It is *not* reasonable to do this until
we get the long awaited redundancy in the i386 buildd system.
Currently there is one buildd with one maintainer, unless something
has changed since http://release.debian.org/etch_arch_qualify.html was
last updated. (Has something changed? That looks out of date, but I don't
know who to ask.)
It's not reasonable to rely on one single machine like that: apart from the
mess that would happen if it went down or the person uploading its packages
took a week's vacation, a compromise of that one machine will root every
i386 Debian system. (I hope it's at least as secure as ftpmaster, but two
single points of failure are worse than one.)
Redundancy is needed for alpha, amd64, hppa, arm, and ia64 as well,
according to that chart.
Nathanael Nerode <email@example.com>
Bush admitted to violating FISA and said he was proud of it.
So why isn't he in prison yet?...