X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=config%2Fdebian-security%2Fdak.conf;h=c5ad1ca1ca4bcb2cb36a3096a353c10e831a6ce6;hb=e13fd3c48245d48b0335649d294aacaee666bab5;hp=5821a3fc6cf4d5046e7da9565ad9fbb25f617227;hpb=883c05418a2987751597e906ec2c63b1f5425df6;p=dak.git diff --git a/config/debian-security/dak.conf b/config/debian-security/dak.conf index 5821a3fc..c5ad1ca1 100644 --- a/config/debian-security/dak.conf +++ b/config/debian-security/dak.conf @@ -1,21 +1,16 @@ Dinstall { - GPGKeyring { - "/srv/keyring.debian.org/keyrings/debian-keyring.gpg"; - "/srv/keyring.debian.org/keyrings/debian-keyring.pgp"; - }; // was non-us.d.o path before SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg"; SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg"; SigningKeyIds "55BE302B"; SendmailCommand "/usr/sbin/sendmail -odq -oi -t"; - MyEmailAddress "Debian Installer "; + MyEmailAddress "Debian FTP Masters "; MyAdminAddress "ftpmaster@debian.org"; MyHost "debian.org"; // used for generating user@my_host addresses in e.g. manual_reject() MyDistribution "Debian"; // Used in emails BugServer "bugs.debian.org"; PackagesServer "packages.debian.org"; - LockFile "/org/security-master.debian.org/dak/lock"; Bcc "archive@ftp-master.debian.org"; // GroupOverrideFilename "override.group-maint"; FutureTimeTravelGrace 28800; // 8 hours @@ -24,38 +19,64 @@ Dinstall CloseBugs "false"; OverrideDisparityCheck "false"; BXANotify "false"; - QueueBuildSuites - { - stable; - testing; - }; - SecurityQueueHandling "true"; - SecurityQueueBuild "true"; DefaultSuite "stable"; - SuiteSuffix "updates"; + SuiteSuffix "updates/"; OverrideMaintainer "dak@security.debian.org"; LegacyStableHasNoSections "false"; + AllowSourceOnlyUploads "true"; }; Process-New { - AcceptedLockFile "/srv/security-master.debian.org/lock/unchecked.lock"; + DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock"; + LockDir "/srv/security-master.debian.org/lock/new/"; }; Import-Users-From-Passwd { ValidGID "800"; // Comma separated list of users who are in Postgres but not the passwd file - KnownPostgres "postgres,dak,www-data,udmsearch"; + KnownPostgres "postgres,dak,www-data,udmsearch,repuser"; }; Queue-Report { Directories { - // byhand; - // new; + byhand; + new; unembargoed; + embargoed; + }; +}; + +Import-LDAP-Fingerprints +{ + LDAPDn "ou=users,dc=debian,dc=org"; + LDAPServer "db.debian.org"; + ExtraKeyrings + { + "/srv/keyring.debian.org/keyrings/removed-keys.pgp"; + "/srv/keyring.debian.org/keyrings/removed-keys.gpg"; + "/srv/keyring.debian.org/keyrings/extra-keys.pgp"; + }; + KeyServer "wwwkeys.eu.pgp.net"; +}; + +Check-Overrides +{ + OverrideSuites + { + Stable + { + Process "0"; + }; + + Testing + { + Process "0"; + }; + }; }; @@ -79,16 +100,10 @@ Rm LogFile "/srv/security-master.debian.org/dak-log/removals.txt"; }; -Init-Archive -{ - ExportDir "/srv/security-master.debian.org/dak/import-archive-files/"; -}; - Clean-Suites { // How long (in seconds) dead packages are left before being killed StayOfExecution 129600; // 1.5 days - QueueBuildStayOfExecution 86400; // 24 hours MorgueSubDir "pool"; OverrideFilename "override.source-only"; }; @@ -113,7 +128,7 @@ Suite Stable { - Components + Components { updates/main; updates/contrib; @@ -123,10 +138,10 @@ Suite Version ""; Origin "Debian"; Label "Debian-Security"; - Description "Debian 5.0 Security Updates"; + Description "Debian 6.0 Security Updates"; ValidTime 864000; // 10 days - CodeName "lenny"; - OverrideCodeName "lenny"; + CodeName "squeeze"; + OverrideCodeName "squeeze"; CopyDotDak "/srv/security-master.debian.org/queue/done/"; }; @@ -144,8 +159,8 @@ Suite Label "Debian-Security"; Description "Debian testing Security Updates"; ValidTime 864000; // 10 days - CodeName "squeeze"; - OverrideCodeName "squeeze"; + CodeName "wheezy"; + OverrideCodeName "wheezy"; CopyDotDak "/srv/security-master.debian.org/queue/done/"; }; }; @@ -154,41 +169,41 @@ SuiteMappings { "silent-map stable-security stable"; "silent-map oldstable-security oldstable"; - // JT - FIXME, hackorama - // "silent-map testing-security stable"; "silent-map etch-secure oldstable"; - "silent-map lenny-secure stable"; "silent-map testing-security testing"; + "silent-map squeeze-security stable"; + "silent-map wheezy-security testing"; }; Dir { Root "/srv/security-master.debian.org/ftp/"; Pool "/srv/security-master.debian.org/ftp/pool/"; + Export "/srv/security-master.debian.org/export/"; Dak "/srv/security-master.debian.org/dak/"; Templates "/srv/security-master.debian.org/dak/templates/"; - PoolRoot "pool/"; Override "/srv/security-master.debian.org/override/"; Lock "/srv/security-master.debian.org/lock/"; + Cache "/srv/security-master.debian.org/database/"; Lists "/srv/security-master.debian.org/dak-database/dists/"; Log "/srv/security-master.debian.org/dak-log/"; Morgue "/srv/security-master.debian.org/morgue/"; - MorgueReject "reject"; Override "/srv/security-master.debian.org/scripts/override/"; - QueueBuild "/srv/security-master.debian.org/buildd/"; Upload "/srv/queued/ftpmaster/"; + TempPath "/srv/security-master.debian.org/tmp"; + Holding "/srv/security-master.debian.org/queue/holding/"; + Done "/srv/security-master.debian.org/queue/done/"; + Reject "/srv/security-master.debian.org/queue/reject/"; + Queue { Byhand "/srv/security-master.debian.org/queue/byhand/"; - Done "/srv/security-master.debian.org/queue/done/"; - Holding "/srv/security-master.debian.org/queue/holding/"; New "/srv/security-master.debian.org/queue/new/"; - Reject "/srv/security-master.debian.org/queue/reject/"; Unchecked "/srv/security-master.debian.org/queue/unchecked/"; Newstage "/srv/security-master.debian.org/queue/newstage/"; - ProposedUpdates "/does/not/exist/"; // XXX fixme - OldProposedUpdates "/does/not/exist/"; // XXX fixme + ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme + OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme Embargoed "/srv/security-master.debian.org/queue/embargoed/"; Unembargoed "/srv/security-master.debian.org/queue/unembargoed/"; @@ -198,10 +213,13 @@ Dir DB { - Name "obscurity"; - Host ""; - Port -1; - + Service "obscurity"; + // PoolSize should be at least ThreadCount + 1 + PoolSize 5; + // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize + MaxOverflow 13; + // should be false for encoding == SQL_ASCII + Unicode "false" }; Architectures @@ -238,29 +256,6 @@ Archive }; -Component -{ - - updates/main - { - Description "Main (updates)"; - MeetsDFSG "true"; - }; - - updates/contrib - { - Description "Contrib (updates)"; - MeetsDFSG "true"; - }; - - updates/non-free - { - Description "Software that fails to meet the DFSG"; - MeetsDFSG "false"; - }; - -}; - ComponentMappings { "main updates/main"; @@ -337,28 +332,6 @@ Priority source 0; // i.e. unused }; -OverrideType -{ - deb; - udeb; - dsc; -}; - -Location -{ - /srv/security-master.debian.org/ftp/pool/ - { - Archive "security"; - Suites - { - OldStable; - Stable; - Testing; - }; - Type "pool"; - }; -}; - Urgency { Default "low"; @@ -371,3 +344,30 @@ Urgency critical; }; }; + +Changelogs +{ + Export "/srv/security-master.debian.org/export/changelogs"; +} + +Generate-Releases +{ + MD5Sum + { + oldstable; + stable; + testing; + }; + SHA1 + { + oldstable; + stable; + testing; + }; + SHA256 + { + oldstable; + stable; + testing; + }; +}