]> git.decadent.org.uk Git - dak.git/blob - config/debian-security/dak.conf
8eb2b98e6d221b5256f68550d1f95617c9b4c81d
[dak.git] / config / debian-security / dak.conf
1 Dinstall
2 {
3    // was non-us.d.o path before
4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
6    SigningKeyIds "55BE302B";
7    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
8    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
9    MyAdminAddress "ftpmaster@debian.org";
10    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
11    MyDistribution "Debian"; // Used in emails
12    BugServer "bugs.debian.org";
13    PackagesServer "packages.debian.org";
14    LockFile "/org/security-master.debian.org/dak/lock";
15    Bcc "archive@ftp-master.debian.org";
16    // GroupOverrideFilename "override.group-maint";
17    FutureTimeTravelGrace 28800; // 8 hours
18    PastCutoffYear "1984";
19    SkipTime 300;
20    CloseBugs "false";
21    OverrideDisparityCheck "false";
22    BXANotify "false";
23    QueueBuildSuites
24    {
25      stable;
26      testing;
27    };
28    SecurityQueueHandling "true";     
29    SecurityQueueBuild "true";     
30    DefaultSuite "stable";
31    SuiteSuffix "updates/";
32    OverrideMaintainer "dak@security.debian.org";
33    LegacyStableHasNoSections "false";
34    AllowSourceOnlyUploads "true";
35 };
36
37 Process-New
38 {
39   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
40   LockDir "/srv/security-master.debian.org/lock/new/";
41 };
42
43 Import-Users-From-Passwd
44 {
45   ValidGID "800";
46   // Comma separated list of users who are in Postgres but not the passwd file
47   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
48 };
49
50 Queue-Report
51 {
52   Directories
53   {
54     byhand;
55     new;
56     unembargoed;
57     embargoed;
58   };
59 };
60
61 Import-Keyring
62 {
63   /srv/keyring.debian.org/keyrings/debian-maintainers.gpg
64     {
65       Debian-Maintainer "true";
66     };
67 };
68
69 Import-LDAP-Fingerprints
70 {
71   LDAPDn "ou=users,dc=debian,dc=org";
72   LDAPServer "db.debian.org";
73   ExtraKeyrings
74   {
75     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
76     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
77     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
78   };
79   KeyServer "wwwkeys.eu.pgp.net";
80 };
81
82 Check-Overrides
83 {
84   OverrideSuites
85   {
86     Stable
87     {
88       Process "0";
89     };
90
91     Testing
92     {
93       Process "0";
94     };
95
96   };
97 };
98
99 Clean-Queues
100 {
101   Options
102   {
103     Days 14;
104   };
105  MorgueSubDir "queue";
106 };
107
108 Rm
109 {
110   Options
111   {
112     Suite "unstable";
113   };
114
115   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
116   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
117 };
118
119 Init-Archive
120 {
121   ExportDir "/srv/security-master.debian.org/dak/import-archive-files/";
122 };
123
124 Clean-Suites
125 {
126   // How long (in seconds) dead packages are left before being killed
127   StayOfExecution 129600; // 1.5 days
128   QueueBuildStayOfExecution 86400; // 24 hours
129   MorgueSubDir "pool";
130   OverrideFilename "override.source-only";
131 };
132
133 Security-Install
134 {
135   ComponentMappings
136   {
137     main "ftp-master.debian.org:/pub/UploadQueue";
138     contrib "ftp-master.debian.org:/pub/UploadQueue";
139     non-free "ftp-master.debian.org:/pub/UploadQueue";
140     non-US/main "non-us.debian.org:/pub/UploadQueue";
141     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
142     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
143   };
144 };
145
146 Suite
147 {
148   // Priority determines which suite is used for the Maintainers file
149   // as generated by 'dak make-maintainers' (highest wins).
150
151   OldStable
152   {
153         Components 
154         {
155           updates/main;
156           updates/contrib;
157           updates/non-free;
158         };
159         Announce "dak@security.debian.org";
160         Version "";
161         Origin "Debian";
162         Label "Debian-Security";
163         Description "Debian 5.0 Security Updates";
164         ValidTime 864000; // 10 days
165         CodeName "lenny";
166         OverrideCodeName "lenny";
167         CopyDotDak "/srv/security-master.debian.org/queue/done/";
168   };
169
170   Stable
171   {
172         Components
173         {
174           updates/main;
175           updates/contrib;
176           updates/non-free;
177         };
178         Announce "dak@security.debian.org";
179         Version "";
180         Origin "Debian";
181         Label "Debian-Security";
182         Description "Debian 6.0 Security Updates";
183         ValidTime 864000; // 10 days
184         CodeName "squeeze";
185         OverrideCodeName "squeeze";
186         CopyDotDak "/srv/security-master.debian.org/queue/done/";
187   };
188
189   Testing
190   {
191         Components
192         {
193           updates/main;
194           updates/contrib;
195           updates/non-free;
196         };
197         Announce "dak@security.debian.org";
198         Version "";
199         Origin "Debian";
200         Label "Debian-Security";
201         Description "Debian testing Security Updates";
202         ValidTime 864000; // 10 days
203         CodeName "wheezy";
204         OverrideCodeName "wheezy";
205         CopyDotDak "/srv/security-master.debian.org/queue/done/";
206   };
207 };
208
209 SuiteMappings
210 {
211  "silent-map stable-security stable";
212  "silent-map oldstable-security oldstable";
213  // JT - FIXME, hackorama
214  // "silent-map testing-security stable";
215   "silent-map etch-secure oldstable";
216   "silent-map lenny-secure stable";
217   "silent-map testing-security testing";
218   "silent-map lenny-security oldstable";
219   "silent-map squeeze-security stable";
220   "silent-map wheezy-security testing";
221 };
222
223 Dir
224 {
225   Root "/srv/security-master.debian.org/ftp/";
226   Pool "/srv/security-master.debian.org/ftp/pool/";
227   Export "/srv/security-master.debian.org/export/";
228   Dak "/srv/security-master.debian.org/dak/";
229   Templates "/srv/security-master.debian.org/dak/templates/";
230   PoolRoot "pool/";
231   Override "/srv/security-master.debian.org/override/";
232   Lock "/srv/security-master.debian.org/lock/";
233   Cache "/srv/security-master.debian.org/database/";
234   Lists "/srv/security-master.debian.org/dak-database/dists/";
235   Log "/srv/security-master.debian.org/dak-log/";
236   Morgue "/srv/security-master.debian.org/morgue/";
237   Override "/srv/security-master.debian.org/scripts/override/";
238   QueueBuild "/srv/security-master.debian.org/buildd/";
239   Upload "/srv/queued/ftpmaster/";
240   TempPath "/srv/security-master.debian.org/tmp";
241   Queue
242   {
243     Byhand "/srv/security-master.debian.org/queue/byhand/";
244     Done "/srv/security-master.debian.org/queue/done/";
245     Holding "/srv/security-master.debian.org/queue/holding/";
246     New "/srv/security-master.debian.org/queue/new/";
247     Reject "/srv/security-master.debian.org/queue/reject/";
248     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
249     Newstage "/srv/security-master.debian.org/queue/newstage/";
250
251     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
252     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
253
254     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
255     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
256     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
257   };
258 };
259
260 DB
261 {
262   Service "obscurity";
263   // PoolSize should be at least ThreadCount + 1
264   PoolSize 5;
265   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
266   MaxOverflow 13;
267   // should be false for encoding == SQL_ASCII
268   Unicode "false"
269 };
270
271 Architectures
272 {
273
274   source "Source";
275   all "Architecture Independent";
276   alpha "DEC Alpha";
277   hppa "HP PA RISC";
278   arm "ARM";
279   armel "ARM EABI";
280   i386 "Intel ia32";
281   ia64 "Intel ia64";
282   mips "MIPS (Big Endian)";
283   mipsel "MIPS (Little Endian)";
284   powerpc "PowerPC";
285   s390 "IBM S/390";
286   sparc "Sun SPARC/UltraSPARC";
287   amd64 "AMD x86_64 (AMD64)";
288   kfreebsd-i386 "GNU/kFreeBSD i386";
289   kfreebsd-amd64 "GNU/kFreeBSD amd64";
290
291 };
292
293 Archive
294 {
295
296   security
297   {
298     OriginServer "security.debian.org";
299     PrimaryMirror "security.debian.org";
300     Description "Security Updates for the Debian project";
301   };
302
303 };
304
305 ComponentMappings
306 {
307  "main updates/main";
308  "contrib updates/contrib";
309  "non-free updates/non-free";
310  "non-US/main updates/main";
311  "non-US/contrib updates/contrib";
312  "non-US/non-free updates/non-free";
313 };
314
315 Section
316 {
317   admin;
318   cli-mono;
319   comm;
320   database;
321   debian-installer;
322   debug;
323   devel;
324   doc;
325   editors;
326   embedded;
327   electronics;
328   fonts;
329   games;
330   gnome;
331   graphics;
332   gnu-r;
333   gnustep;
334   hamradio;
335   haskell;
336   httpd;
337   interpreters;
338   java;
339   kde;
340   kernel;
341   libdevel;
342   libs;
343   lisp;
344   localization;
345   mail;
346   math;
347   misc;
348   net;
349   news;
350   ocaml;
351   oldlibs;
352   otherosfs;
353   perl;
354   php;
355   python;
356   ruby;
357   science;
358   shells;
359   sound;
360   tex;
361   text;
362   utils;
363   web;
364   vcs;
365   video;
366   x11;
367   xfce;
368   zope;
369 };
370
371 Priority
372 {
373   required 1;
374   important 2;
375   standard 3;
376   optional 4;
377   extra 5;
378   source 0; // i.e. unused
379 };
380
381 Urgency
382 {
383   Default "low";
384   Valid
385   {
386     low;
387     medium;
388     high;
389     emergency;
390     critical;
391   };
392 };
393
394 Changelogs
395 {
396   Export "/srv/security-master.debian.org/export/changelogs";
397 }
398
399 Generate-Releases
400 {
401   MD5Sum
402   {
403     oldstable;
404     stable;
405     testing;
406   };
407   SHA1
408   {
409     oldstable;
410     stable;
411     testing;
412   };
413   SHA256
414   {
415     oldstable;
416     stable;
417     testing;
418   };
419 }