#!/usr/bin/env python
-# Wrapper for Debian Security team
+""" Wrapper for Debian Security team """
# Copyright (C) 2006 Anthony Towns <ajt@debian.org>
# This program is free software; you can redistribute it and/or modify
################################################################################
-import daklib.queue as queue
-import daklib.logging as logging
-import daklib.utils as utils
-import daklib.database as database
-import apt_pkg, os, sys, pwd, time, re, commands
+import apt_pkg, os, sys, pwd, time, commands
-re_taint_free = re.compile(r"^['/;\-\+\.~\s\w]+$");
+from daklib import queue
+from daklib import daklog
+from daklib import utils
+from daklib import database
+from daklib.regexes import re_taint_free
Cnf = None
Options = None
Options = Cnf.SubTree("Security-Install::Options")
- whoami = os.getuid()
- whoamifull = pwd.getpwuid(whoami)
- username = whoamifull[0]
+ username = utils.getusername()
if username != "dak":
print "Non-dak user: %s" % username
Options["Sudo"] = "y"
if Options["No-Action"]:
Options["Sudo"] = ""
if not Options["Sudo"] and not Options["No-Action"]:
- Logger = Upload.Logger = logging.Logger(Cnf, "new-security-install")
+ Logger = Upload.Logger = daklog.Logger(Cnf, "new-security-install")
return arguments
files = Upload.pkg.files
changes = Upload.pkg.changes
dsc = Upload.pkg.dsc
- # We have the changes, now return if its amd64, to not upload them to ftp-master
- if changes["distribution"].has_key("oldstable-security") and changes["architecture"].has_key("amd64"):
- print "Not uploading amd64 oldstable-security changes to ftp-master\n"
- continue
# Build the file list for this .changes file
for file in files.keys():
poolname = os.path.join(Cnf["Dir::Root"], Cnf["Dir::PoolRoot"],
for uri in uploads.keys():
uploads[uri].extend(changesfiles[uri])
(host, path) = uri.split(":")
- file_list = " ".join(uploads[uri])
- print "Uploading files to %s..." % (host)
- spawn("lftp -c 'open %s; cd %s; put %s'" % (host, path, file_list))
+ # file_list = " ".join(uploads[uri])
+ print "Moving files to UploadQueue"
+ for filename in uploads[uri]:
+ utils.copy(filename, Cnf["Dir::Upload"])
+ # .changes files have already been moved to queue/done by p-a
+ if not filename.endswith('.changes'):
+ remove_from_buildd(suites, filename)
+ #spawn("lftp -c 'open %s; cd %s; put %s'" % (host, path, file_list))
if not Options["No-Action"]:
filename = "%s/testing-processed" % (Cnf["Dir::Log"])
file.write(" ".join([source, version])+'\n')
file.close()
+def remove_from_buildd(suites, filename):
+ """Check the buildd dir for each suite and remove the file if needed"""
+ builddbase = Cnf["Dir::QueueBuild"]
+ filebase = os.path.basename(filename)
+ for s in suites:
+ try:
+ os.unlink(os.path.join(builddbase, s, filebase))
+ except OSError, e:
+ pass
+ # About no value printing this warning - it only confuses the security team,
+ # yet makes no difference otherwise.
+ #utils.warn("Problem removing %s from buildd queue %s [%s]" % (filebase, s, str(e)))
+
+
def generate_advisory(template):
global changes, advisory
ver, suite)
adv += "%s\n%s\n\n" % (suite_header, "-"*len(suite_header))
- arches = Cnf.ValueList("Suite::%s::Architectures" % suite)
+ arches = database.get_suite_architectures(suite)
if "source" in arches:
arches.remove("source")
if "all" in arches:
print "Updating file lists for apt-ftparchive..."
spawn("dak make-suite-file-list")
print "Updating Packages and Sources files..."
+ spawn("/org/security.debian.org/dak/config/debian-security/map.sh")
spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
print "Updating Release files..."
spawn("dak generate-releases")
print "Triggering security mirrors..."
- spawn("sudo -u archvsync /home/archvsync/signal_security")
+ spawn("sudo -u archvsync -H /home/archvsync/signal_security")
# 4. chdir to done - do upload
if not Options["No-Action"]: