X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=config%2Fdebian-security%2Fdak.conf;h=96fb97f9fa7632bd4a5a54759ee806994544de7b;hb=efe39a90214db10e0a993a2aa2d236edcae46016;hp=5821a3fc6cf4d5046e7da9565ad9fbb25f617227;hpb=1cbc96df3d3188bbb31087fcdc53466c01eacf71;p=dak.git

diff --git a/config/debian-security/dak.conf b/config/debian-security/dak.conf
index 5821a3fc..96fb97f9 100644
--- a/config/debian-security/dak.conf
+++ b/config/debian-security/dak.conf
@@ -1,15 +1,11 @@
 Dinstall
 {
-   GPGKeyring {
-     "/srv/keyring.debian.org/keyrings/debian-keyring.gpg";
-     "/srv/keyring.debian.org/keyrings/debian-keyring.pgp";
-   };
    // was non-us.d.o path before
    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
    SigningKeyIds "55BE302B";
    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
-   MyEmailAddress "Debian Installer <installer@ftp-master.debian.org>";
+   MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
    MyAdminAddress "ftpmaster@debian.org";
    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
    MyDistribution "Debian"; // Used in emails
@@ -24,38 +20,64 @@ Dinstall
    CloseBugs "false";
    OverrideDisparityCheck "false";
    BXANotify "false";
-   QueueBuildSuites
-   {
-     stable;
-     testing;
-   };
-   SecurityQueueHandling "true";     
-   SecurityQueueBuild "true";     
    DefaultSuite "stable";
-   SuiteSuffix "updates";
+   SuiteSuffix "updates/";
    OverrideMaintainer "dak@security.debian.org";
    LegacyStableHasNoSections "false";
+   AllowSourceOnlyUploads "true";
 };
 
 Process-New
 {
-  AcceptedLockFile "/srv/security-master.debian.org/lock/unchecked.lock";
+  DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
+  LockDir "/srv/security-master.debian.org/lock/new/";
 };
 
 Import-Users-From-Passwd
 {
   ValidGID "800";
   // Comma separated list of users who are in Postgres but not the passwd file
-  KnownPostgres "postgres,dak,www-data,udmsearch";
+  KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
 };
 
 Queue-Report
 {
   Directories
   {
-    // byhand;
-    // new;
+    byhand;
+    new;
     unembargoed;
+    embargoed;
+  };
+};
+
+Import-LDAP-Fingerprints
+{
+  LDAPDn "ou=users,dc=debian,dc=org";
+  LDAPServer "db.debian.org";
+  ExtraKeyrings
+  {
+    "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
+    "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
+    "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
+  };
+  KeyServer "wwwkeys.eu.pgp.net";
+};
+
+Check-Overrides
+{
+  OverrideSuites
+  {
+    Stable
+    {
+      Process "0";
+    };
+
+    Testing
+    {
+      Process "0";
+    };
+
   };
 };
 
@@ -79,16 +101,10 @@ Rm
   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 };
 
-Init-Archive
-{
-  ExportDir "/srv/security-master.debian.org/dak/import-archive-files/";
-};
-
 Clean-Suites
 {
   // How long (in seconds) dead packages are left before being killed
   StayOfExecution 129600; // 1.5 days
-  QueueBuildStayOfExecution 86400; // 24 hours
   MorgueSubDir "pool";
   OverrideFilename "override.source-only";
 };
@@ -111,7 +127,7 @@ Suite
   // Priority determines which suite is used for the Maintainers file
   // as generated by 'dak make-maintainers' (highest wins).
 
-  Stable
+  OldStable
   {
 	Components 
 	{
@@ -130,7 +146,7 @@ Suite
 	CopyDotDak "/srv/security-master.debian.org/queue/done/";
   };
 
-  Testing
+  Stable
   {
 	Components
 	{
@@ -142,12 +158,31 @@ Suite
 	Version "";
 	Origin "Debian";
 	Label "Debian-Security";
-	Description "Debian testing Security Updates";
+	Description "Debian 6.0 Security Updates";
 	ValidTime 864000; // 10 days
 	CodeName "squeeze";
 	OverrideCodeName "squeeze";
 	CopyDotDak "/srv/security-master.debian.org/queue/done/";
   };
+
+  Testing
+  {
+	Components
+	{
+	  updates/main;
+	  updates/contrib;
+	  updates/non-free;
+	};
+	Announce "dak@security.debian.org";
+	Version "";
+	Origin "Debian";
+	Label "Debian-Security";
+	Description "Debian testing Security Updates";
+	ValidTime 864000; // 10 days
+	CodeName "wheezy";
+	OverrideCodeName "wheezy";
+	CopyDotDak "/srv/security-master.debian.org/queue/done/";
+  };
 };
 
 SuiteMappings
@@ -159,36 +194,40 @@ SuiteMappings
   "silent-map etch-secure oldstable";
   "silent-map lenny-secure stable";
   "silent-map testing-security testing";
+  "silent-map lenny-security oldstable";
+  "silent-map squeeze-security stable";
+  "silent-map wheezy-security testing";
 };
 
 Dir
 {
   Root "/srv/security-master.debian.org/ftp/";
   Pool "/srv/security-master.debian.org/ftp/pool/";
+  Export "/srv/security-master.debian.org/export/";
   Dak "/srv/security-master.debian.org/dak/";
   Templates "/srv/security-master.debian.org/dak/templates/";
-  PoolRoot "pool/";
   Override "/srv/security-master.debian.org/override/";
   Lock "/srv/security-master.debian.org/lock/";
+  Cache "/srv/security-master.debian.org/database/";
   Lists "/srv/security-master.debian.org/dak-database/dists/";
   Log "/srv/security-master.debian.org/dak-log/";
   Morgue "/srv/security-master.debian.org/morgue/";
-  MorgueReject "reject";
   Override "/srv/security-master.debian.org/scripts/override/";
-  QueueBuild "/srv/security-master.debian.org/buildd/";
   Upload "/srv/queued/ftpmaster/";
+  TempPath "/srv/security-master.debian.org/tmp";
+  Holding "/srv/security-master.debian.org/queue/holding/";
+  Done "/srv/security-master.debian.org/queue/done/";
+
   Queue
   {
     Byhand "/srv/security-master.debian.org/queue/byhand/";
-    Done "/srv/security-master.debian.org/queue/done/";
-    Holding "/srv/security-master.debian.org/queue/holding/";
     New "/srv/security-master.debian.org/queue/new/";
     Reject "/srv/security-master.debian.org/queue/reject/";
     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
     Newstage "/srv/security-master.debian.org/queue/newstage/";
 
-    ProposedUpdates "/does/not/exist/"; // XXX fixme
-    OldProposedUpdates "/does/not/exist/"; // XXX fixme
+    ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
+    OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 
     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
@@ -198,10 +237,13 @@ Dir
 
 DB
 {
-  Name "obscurity";
-  Host ""; 
-  Port -1;
-
+  Service "obscurity";
+  // PoolSize should be at least ThreadCount + 1
+  PoolSize 5;
+  // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
+  MaxOverflow 13;
+  // should be false for encoding == SQL_ASCII
+  Unicode "false"
 };
 
 Architectures
@@ -238,29 +280,6 @@ Archive
 
 };
 
-Component
-{
-
-  updates/main
-  {
-	Description "Main (updates)";
-	MeetsDFSG "true";
-  };
-
-  updates/contrib
-  {
-	Description "Contrib (updates)";
-	MeetsDFSG "true";
-  };
-
-  updates/non-free
-  {
-	Description "Software that fails to meet the DFSG";
-	MeetsDFSG "false";
-  };
-
-};
-
 ComponentMappings
 {
  "main updates/main";
@@ -337,28 +356,6 @@ Priority
   source 0; // i.e. unused
 };
 
-OverrideType
-{
-  deb;
-  udeb;
-  dsc;
-};
-
-Location
-{
-  /srv/security-master.debian.org/ftp/pool/
-    {
-      Archive "security";
-      Suites 
-	{
-	  OldStable;
-	  Stable;
-	  Testing;
-        };
-      Type "pool";
-    };
-};
-
 Urgency
 {
   Default "low";
@@ -371,3 +368,30 @@ Urgency
     critical;
   };
 };
+
+Changelogs
+{
+  Export "/srv/security-master.debian.org/export/changelogs";
+}
+
+Generate-Releases
+{
+  MD5Sum
+  {
+    oldstable;
+    stable;
+    testing;
+  };
+  SHA1
+  {
+    oldstable;
+    stable;
+    testing;
+  };
+  SHA256
+  {
+    oldstable;
+    stable;
+    testing;
+  };
+}