Re: BREAKING NEWS: Debian developers aren't trusted
Steve Langasek a écrit :
> On Wed, Feb 14, 2007 at 11:16:56PM +1100, Hamish Moffatt wrote:
>>> There are additional problems with running a rogue autobuilder, such as
>>> unavailability of build logs, unreproducibility of builds, and unusability
>>> of the builds by the security team. Aurelian's buildds had the additional
>>> problem that they'd repeatedly rebuild packages they'd already uploaded,
>>> which isn't really useful. There's a potential issue wrt whether the
>>> build environment is secure as well, but I'm not familiar enough with
>>> that on any level to comment in any detail. All these could be solved
>>> by someone committed to making sure they do at least as good a job as
>>> the regular buildd network though.
>> Aren't most of these problems (rebuilding packages unnecessarily and
>> unavailability of logs) due to the difficulting getting new buildds
>> added to the regular network? Are there technical reasons why we can't
>> add new buildds more freely, or only political/social reasons?
> Technical reasons: there are various problems that arise on buildds, not
> because of poor maintenance practices but because of the fallibility of
> hardware and networks and all that jazz, that have an impact on the
> performance of the architecture as a whole wrt keeping up with the archive.
> As a result, the effort for managing autobuilders for an architecture scales
> on the order of O(n log n) for the number of buildds, i.e., there
Back in november, Bill Gatliff has offered a fast arm machine  to act
as a build daemon.
It should permit to reduce the number of arm build daemons, and thus
reduce the problems you described above. But it seems DSA has ignored
the mail from Bill.
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' email@example.com | firstname.lastname@example.org
`- people.debian.org/~aurel32 | www.aurel32.net