]> git.decadent.org.uk Git - dak.git/blob - config/debian-security/dak.conf
dak/clean_queues.py: use Dir::Unchecked instead of looking for unchecked queue
[dak.git] / config / debian-security / dak.conf
1 Dinstall
2 {
3    // was non-us.d.o path before
4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
6    SigningKeyIds "55BE302B";
7    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
8    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
9    MyAdminAddress "ftpmaster@debian.org";
10    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
11    MyDistribution "Debian"; // Used in emails
12    BugServer "bugs.debian.org";
13    PackagesServer "packages.debian.org";
14    Bcc "archive@ftp-master.debian.org";
15    // GroupOverrideFilename "override.group-maint";
16    FutureTimeTravelGrace 28800; // 8 hours
17    PastCutoffYear "1984";
18    SkipTime 300;
19    CloseBugs "false";
20    OverrideDisparityCheck "false";
21    BXANotify "false";
22    DefaultSuite "stable";
23    SuiteSuffix "updates/";
24    OverrideMaintainer "dak@security.debian.org";
25    LegacyStableHasNoSections "false";
26    AllowSourceOnlyUploads "true";
27 };
28
29 Process-New
30 {
31   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
32   LockDir "/srv/security-master.debian.org/lock/new/";
33 };
34
35 Import-Users-From-Passwd
36 {
37   ValidGID "800";
38   // Comma separated list of users who are in Postgres but not the passwd file
39   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
40 };
41
42 Queue-Report
43 {
44   Directories
45   {
46     byhand;
47     new;
48     unembargoed;
49     embargoed;
50   };
51 };
52
53 Import-LDAP-Fingerprints
54 {
55   LDAPDn "ou=users,dc=debian,dc=org";
56   LDAPServer "db.debian.org";
57   ExtraKeyrings
58   {
59     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
60     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
61     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
62   };
63   KeyServer "wwwkeys.eu.pgp.net";
64 };
65
66 Check-Overrides
67 {
68   OverrideSuites
69   {
70     Stable
71     {
72       Process "0";
73     };
74
75     Testing
76     {
77       Process "0";
78     };
79
80   };
81 };
82
83 Clean-Queues
84 {
85   Options
86   {
87     Days 14;
88   };
89  MorgueSubDir "queue";
90 };
91
92 Rm
93 {
94   Options
95   {
96     Suite "unstable";
97   };
98
99   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
100   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
101 };
102
103 Clean-Suites
104 {
105   // How long (in seconds) dead packages are left before being killed
106   StayOfExecution 129600; // 1.5 days
107   MorgueSubDir "pool";
108   OverrideFilename "override.source-only";
109 };
110
111 Security-Install
112 {
113   ComponentMappings
114   {
115     main "ftp-master.debian.org:/pub/UploadQueue";
116     contrib "ftp-master.debian.org:/pub/UploadQueue";
117     non-free "ftp-master.debian.org:/pub/UploadQueue";
118     non-US/main "non-us.debian.org:/pub/UploadQueue";
119     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
120     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
121   };
122 };
123
124 Suite
125 {
126   // Priority determines which suite is used for the Maintainers file
127   // as generated by 'dak make-maintainers' (highest wins).
128
129   Stable
130   {
131         Components
132         {
133           updates/main;
134           updates/contrib;
135           updates/non-free;
136         };
137         Announce "dak@security.debian.org";
138         Version "";
139         Origin "Debian";
140         Label "Debian-Security";
141         Description "Debian 6.0 Security Updates";
142         ValidTime 864000; // 10 days
143         CodeName "squeeze";
144         OverrideCodeName "squeeze";
145         CopyDotDak "/srv/security-master.debian.org/queue/done/";
146   };
147
148   Testing
149   {
150         Components
151         {
152           updates/main;
153           updates/contrib;
154           updates/non-free;
155         };
156         Announce "dak@security.debian.org";
157         Version "";
158         Origin "Debian";
159         Label "Debian-Security";
160         Description "Debian testing Security Updates";
161         ValidTime 864000; // 10 days
162         CodeName "wheezy";
163         OverrideCodeName "wheezy";
164         CopyDotDak "/srv/security-master.debian.org/queue/done/";
165   };
166 };
167
168 SuiteMappings
169 {
170  "silent-map stable-security stable";
171  "silent-map oldstable-security oldstable";
172   "silent-map etch-secure oldstable";
173   "silent-map testing-security testing";
174   "silent-map squeeze-security stable";
175   "silent-map wheezy-security testing";
176 };
177
178 Dir
179 {
180   Base "/srv/security-master.debian.org/";
181   Root "/srv/security-master.debian.org/ftp/";
182   Pool "/srv/security-master.debian.org/ftp/pool/";
183   Export "/srv/security-master.debian.org/export/";
184   Dak "/srv/security-master.debian.org/dak/";
185   Templates "/srv/security-master.debian.org/dak/templates/";
186   Override "/srv/security-master.debian.org/override/";
187   Lock "/srv/security-master.debian.org/lock/";
188   Cache "/srv/security-master.debian.org/database/";
189   Lists "/srv/security-master.debian.org/dak-database/dists/";
190   Log "/srv/security-master.debian.org/dak-log/";
191   Morgue "/srv/security-master.debian.org/morgue/";
192   Override "/srv/security-master.debian.org/scripts/override/";
193   Upload "/srv/queued/ftpmaster/";
194   TempPath "/srv/security-master.debian.org/tmp";
195   Holding "/srv/security-master.debian.org/queue/holding/";
196   Done "/srv/security-master.debian.org/queue/done/";
197   Reject "/srv/security-master.debian.org/queue/reject/";
198
199   Queue
200   {
201     Byhand "/srv/security-master.debian.org/queue/byhand/";
202     New "/srv/security-master.debian.org/queue/new/";
203     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
204     Newstage "/srv/security-master.debian.org/queue/newstage/";
205
206     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
207     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
208
209     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
210     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
211     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
212   };
213 };
214
215 DB
216 {
217   Service "obscurity";
218   // PoolSize should be at least ThreadCount + 1
219   PoolSize 5;
220   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
221   MaxOverflow 13;
222   // should be false for encoding == SQL_ASCII
223   Unicode "false"
224 };
225
226 Architectures
227 {
228
229   source "Source";
230   all "Architecture Independent";
231   alpha "DEC Alpha";
232   hppa "HP PA RISC";
233   arm "ARM";
234   armel "ARM EABI";
235   i386 "Intel ia32";
236   ia64 "Intel ia64";
237   mips "MIPS (Big Endian)";
238   mipsel "MIPS (Little Endian)";
239   powerpc "PowerPC";
240   s390 "IBM S/390";
241   sparc "Sun SPARC/UltraSPARC";
242   amd64 "AMD x86_64 (AMD64)";
243   kfreebsd-i386 "GNU/kFreeBSD i386";
244   kfreebsd-amd64 "GNU/kFreeBSD amd64";
245
246 };
247
248 Archive
249 {
250
251   security
252   {
253     OriginServer "security.debian.org";
254     PrimaryMirror "security.debian.org";
255     Description "Security Updates for the Debian project";
256   };
257
258 };
259
260 ComponentMappings
261 {
262  "main updates/main";
263  "contrib updates/contrib";
264  "non-free updates/non-free";
265  "non-US/main updates/main";
266  "non-US/contrib updates/contrib";
267  "non-US/non-free updates/non-free";
268 };
269
270 Section
271 {
272   admin;
273   cli-mono;
274   comm;
275   database;
276   debian-installer;
277   debug;
278   devel;
279   doc;
280   editors;
281   embedded;
282   electronics;
283   fonts;
284   games;
285   gnome;
286   graphics;
287   gnu-r;
288   gnustep;
289   hamradio;
290   haskell;
291   httpd;
292   interpreters;
293   java;
294   kde;
295   kernel;
296   libdevel;
297   libs;
298   lisp;
299   localization;
300   mail;
301   math;
302   misc;
303   net;
304   news;
305   ocaml;
306   oldlibs;
307   otherosfs;
308   perl;
309   php;
310   python;
311   ruby;
312   science;
313   shells;
314   sound;
315   tex;
316   text;
317   utils;
318   web;
319   vcs;
320   video;
321   x11;
322   xfce;
323   zope;
324 };
325
326 Priority
327 {
328   required 1;
329   important 2;
330   standard 3;
331   optional 4;
332   extra 5;
333   source 0; // i.e. unused
334 };
335
336 Urgency
337 {
338   Default "low";
339   Valid
340   {
341     low;
342     medium;
343     high;
344     emergency;
345     critical;
346   };
347 };
348
349 Changelogs
350 {
351   Export "/srv/security-master.debian.org/export/changelogs";
352 }
353
354 Generate-Releases
355 {
356   MD5Sum
357   {
358     oldstable;
359     stable;
360     testing;
361   };
362   SHA1
363   {
364     oldstable;
365     stable;
366     testing;
367   };
368   SHA256
369   {
370     oldstable;
371     stable;
372     testing;
373   };
374 }