def sudo(arg, fn, exit):
if Options["Sudo"]:
os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H",
- "/usr/local/bin/dak", "new-security-install", "-"+arg, "--", advisory)
+ "/usr/local/bin/dak", "new-security-install", "-"+arg)
else:
fn()
if exit:
def do_Approve(): sudo("A", _do_Approve, True)
def _do_Approve():
# 1. use process-policy to go through the COMMENTS dir
- spawn("dak process-policy embargo")
- spawn("dak process-policy disembargo")
+ spawn("dak process-policy embargoed")
+ spawn("dak process-policy unembargoed")
newstage=get_policy_queue('newstage')
# 2. sync the stuff to ftpmaster
# 4. Run all the steps that are needed to publish the changed archive
print "Domination"
spawn("dak dominate")
- print "Generating filelist for apt-ftparchive"
- spawn("dak generate-filelist")
+# print "Generating filelist for apt-ftparchive"
+# spawn("dak generate-filelist")
print "Updating Packages and Sources files... This may take a while, be patient"
spawn("/srv/security-master.debian.org/dak/config/debian-security/map.sh")
- spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
+# spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
+ spawn("dak generate-packages-sources2")
print "Updating Release files..."
spawn("dak generate-releases")
- print "Triggering security mirrors..."
+ print "Triggering security mirrors... (this may take a while)"
spawn("/srv/security-master.debian.org/dak/config/debian-security/make-mirror.sh")
spawn("sudo -u archvsync -H /home/archvsync/signal_security")
+ print "Triggering metadata export for packages.d.o and other consumers"
+ spawn("/srv/security-master.debian.org/dak/config/debian-security/export.sh")
########################################################################
########################################################################
global Options, Logger, Queue, changes
cnf = Config()
- Arguments = [('h', "help", "Security::Options::Help"),
- ('n', "no-action", "Security::Options::No-Action"),
- ('c', 'changesfile', "Security::Options::Changesfile"),
- ('s', "sudo", "Security-Install::Options::Sudo"),
- ('A', "approve", "Security-Install::Options::Approve")
+ Arguments = [('h', "Help", "Security::Options::Help"),
+ ('n', "No-Action", "Security::Options::No-Action"),
+ ('c', 'Changesfile', "Security::Options::Changesfile"),
+ ('s', "Sudo", "Security::Options::Sudo"),
+ ('A', "Approve", "Security::Options::Approve")
]
- for i in ["help", "no-action", "changesfile", "sudo", "approve"]:
+ for i in ["Help", "No-Action", "Changesfile", "Sudo", "Approve"]:
if not cnf.has_key("Security::Options::%s" % (i)):
cnf["Security::Options::%s" % (i)] = ""
Options["Sudo"] = ""
if not Options["Sudo"] and not Options["No-Action"]:
- Logger = daklog.Logger(cnf.Cnf, "security-install")
+ Logger = daklog.Logger("security-install")
session = DBConn().session()
# Yes, we could do this inside do_Approve too. But this way we see who exactly
# called it (ownership of the file)
- dbchange=get_dbchange(os.path.basename(changes[0]), session)
- acceptfilename="%s/COMMENTS/ACCEPT.%s_%s" % (os.path.dirname(changes[0]), dbchange.source, dbchange.version)
- accept_file = file(acceptfilename, "w")
- accept_file.write("OK\n")
- accept_file.close()
+
+ acceptfiles={}
+ for change in changes:
+ dbchange=get_dbchange(os.path.basename(change), session)
+ # strip epoch from version
+ version=dbchange.version
+ version=version[(version.find(':')+1):]
+ acceptfilename="%s/COMMENTS/ACCEPT.%s_%s" % (os.path.dirname(os.path.abspath(changes[0])), dbchange.source, version)
+ acceptfiles[acceptfilename]=1
+
+ if Options["No-Action"]:
+ print "Would create %s now and then go on to accept this package, but No-Action is set" % (acceptfiles.keys())
+ sys.exit(0)
+
+ for acceptfilename in acceptfiles.keys():
+ accept_file = file(acceptfilename, "w")
+ accept_file.write("OK\n")
+ accept_file.close()
+
do_Approve()
projects / dak.git / blobdiff