[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Document correct buildd chroot setup somewhere?


is the correct setup for the buildd chroots documented somewhere? I 
frequently have to have the same discussions with buildd admins again 
and again to have them fix the configuration of the stable-security 
chroots. It would be easier if I could just point them to the 
documentation. And maybe, if there was some documentation, the 
configuration wouldn't be broken that often.

Right now it is not that a big problem because the currently pending 
apache2 DSA is not that urgent. But it would be a big problem if there 
was a critical hole in apache and we need a week to get everything 
fixed and built.

TTBOMK, the correct setup currently is:

- include source *and* binary lines for the security-master/buildd/ 
dir (don't know what the dir is called exactly)
- do not include incoming.debian.org
- do not include s-p-u

- *disable* signature check because the buildd dir on security master 
is not signed

The latter is obviously problematic but we have to live with it until 
ftp-masters have changed dak on security-master. An alternative may be 
to use https with certificate verification (over stunnel if apt cannot 
do that).


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: