config/debian-security/dak.conf

   1 Dinstall
   2 {
   3    // was non-us.d.o path before
   4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
   5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
   6    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
   7    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
   8    MyAdminAddress "ftpmaster@debian.org";
   9    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
  10    MyDistribution "Debian"; // Used in emails
  11    BugServer "bugs.debian.org";
  12    PackagesServer "packages.debian.org";
  13    Bcc "archive@ftp-master.debian.org";
  14    // GroupOverrideFilename "override.group-maint";
  15    SkipTime 300;
  16    CloseBugs "false";
  17    OverrideDisparityCheck "false";
  18    BXANotify "false";
  19    DefaultSuite "stable";
  20    SuiteSuffix "updates/";
  21    OverrideMaintainer "dak@security.debian.org";
  22    LegacyStableHasNoSections "false";
  23    AllowSourceOnlyUploads "true";
  24 };
  25
  26 Process-New
  27 {
  28   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
  29   LockDir "/srv/security-master.debian.org/lock/new/";
  30 };
  31
  32 Process-Policy
  33 {
  34   CopyDir "/srv/security-master.debian.org/queue/accepted";
  35 };
  36
  37 Import-Users-From-Passwd
  38 {
  39   ValidGID "800";
  40   // Comma separated list of users who are in Postgres but not the passwd file
  41   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
  42 };
  43
  44 Queue-Report
  45 {
  46   Directories
  47   {
  48     byhand;
  49     new;
  50     unembargoed;
  51     embargoed;
  52   };
  53 };
  54
  55 Import-LDAP-Fingerprints
  56 {
  57   LDAPDn "ou=users,dc=debian,dc=org";
  58   LDAPServer "db.debian.org";
  59   ExtraKeyrings
  60   {
  61     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
  62     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
  63     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
  64   };
  65   KeyServer "wwwkeys.eu.pgp.net";
  66 };
  67
  68 Check-Overrides
  69 {
  70   OverrideSuites
  71   {
  72     Stable
  73     {
  74       Process "0";
  75     };
  76
  77     Testing
  78     {
  79       Process "0";
  80     };
  81
  82   };
  83 };
  84
  85 Clean-Queues
  86 {
  87   Options
  88   {
  89     Days 14;
  90   };
  91  MorgueSubDir "queue";
  92 };
  93
  94 Rm
  95 {
  96   Options
  97   {
  98     Suite "unstable";
  99   };
 100
 101   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
 102   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 103 };
 104
 105 Clean-Suites
 106 {
 107   // How long (in seconds) dead packages are left before being killed
 108   StayOfExecution 129600; // 1.5 days
 109   MorgueSubDir "pool";
 110   OverrideFilename "override.source-only";
 111 };
 112
 113 Security-Install
 114 {
 115   ComponentMappings
 116   {
 117     main "ftp-master.debian.org:/pub/UploadQueue";
 118     contrib "ftp-master.debian.org:/pub/UploadQueue";
 119     non-free "ftp-master.debian.org:/pub/UploadQueue";
 120     non-US/main "non-us.debian.org:/pub/UploadQueue";
 121     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
 122     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
 123   };
 124 };
 125
 126 Suite
 127 {
 128   // Priority determines which suite is used for the Maintainers file
 129   // as generated by 'dak make-maintainers' (highest wins).
 130
 131   Stable
 132   {
 133         Components
 134         {
 135           updates/main;
 136           updates/contrib;
 137           updates/non-free;
 138         };
 139         Announce "dak@security.debian.org";
 140         Version "";
 141         Origin "Debian";
 142         Label "Debian-Security";
 143         Description "Debian 6.0 Security Updates";
 144         ValidTime 864000; // 10 days
 145         CodeName "squeeze";
 146         OverrideCodeName "squeeze";
 147         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 148   };
 149
 150   Testing
 151   {
 152         Components
 153         {
 154           updates/main;
 155           updates/contrib;
 156           updates/non-free;
 157         };
 158         Announce "dak@security.debian.org";
 159         Version "";
 160         Origin "Debian";
 161         Label "Debian-Security";
 162         Description "Debian testing Security Updates";
 163         ValidTime 864000; // 10 days
 164         CodeName "wheezy";
 165         OverrideCodeName "wheezy";
 166         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 167   };
 168 };
 169
 170 SuiteMappings
 171 {
 172  "silent-map stable-security stable";
 173  "silent-map oldstable-security oldstable";
 174   "silent-map etch-secure oldstable";
 175   "silent-map testing-security testing";
 176   "silent-map squeeze-security oldstable";
 177   "silent-map wheezy-security stable";
 178   "silent-map jessie-security testing";
 179 };
 180
 181 Dir
 182 {
 183   Base "/srv/security-master.debian.org/";
 184   Root "/srv/security-master.debian.org/ftp/";
 185   Pool "/srv/security-master.debian.org/ftp/pool/";
 186   Export "/srv/security-master.debian.org/export/";
 187   Dak "/srv/security-master.debian.org/dak/";
 188   Templates "/srv/security-master.debian.org/dak/templates/";
 189   Override "/srv/security-master.debian.org/override/";
 190   Lock "/srv/security-master.debian.org/lock/";
 191   Cache "/srv/security-master.debian.org/database/";
 192   Lists "/srv/security-master.debian.org/dak-database/dists/";
 193   Log "/srv/security-master.debian.org/dak-log/";
 194   Morgue "/srv/security-master.debian.org/morgue/";
 195   Override "/srv/security-master.debian.org/scripts/override/";
 196   Upload "/srv/queued/ftpmaster/";
 197   TempPath "/srv/security-master.debian.org/tmp";
 198   Holding "/srv/security-master.debian.org/queue/holding/";
 199   Done "/srv/security-master.debian.org/queue/done/";
 200   Reject "/srv/security-master.debian.org/queue/reject/";
 201
 202   Queue
 203   {
 204     Byhand "/srv/security-master.debian.org/queue/byhand/";
 205     New "/srv/security-master.debian.org/queue/new/";
 206     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
 207     Newstage "/srv/security-master.debian.org/queue/newstage/";
 208
 209     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 210     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 211
 212     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
 213     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
 214     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
 215   };
 216 };
 217
 218 DB
 219 {
 220   Service "obscurity";
 221   // PoolSize should be at least ThreadCount + 1
 222   PoolSize 5;
 223   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
 224   MaxOverflow 13;
 225   // should be false for encoding == SQL_ASCII
 226   Unicode "false"
 227 };
 228
 229 Architectures
 230 {
 231
 232   source "Source";
 233   all "Architecture Independent";
 234   alpha "DEC Alpha";
 235   hppa "HP PA RISC";
 236   arm "ARM";
 237   armel "ARM EABI";
 238   i386 "Intel ia32";
 239   ia64 "Intel ia64";
 240   mips "MIPS (Big Endian)";
 241   mipsel "MIPS (Little Endian)";
 242   powerpc "PowerPC";
 243   s390 "IBM S/390";
 244   sparc "Sun SPARC/UltraSPARC";
 245   amd64 "AMD x86_64 (AMD64)";
 246   kfreebsd-i386 "GNU/kFreeBSD i386";
 247   kfreebsd-amd64 "GNU/kFreeBSD amd64";
 248
 249 };
 250
 251 Archive
 252 {
 253
 254   security
 255   {
 256     OriginServer "security.debian.org";
 257     PrimaryMirror "security.debian.org";
 258     Description "Security Updates for the Debian project";
 259   };
 260
 261 };
 262
 263 ComponentMappings
 264 {
 265  "main updates/main";
 266  "contrib updates/contrib";
 267  "non-free updates/non-free";
 268  "non-US/main updates/main";
 269  "non-US/contrib updates/contrib";
 270  "non-US/non-free updates/non-free";
 271 };
 272
 273 Section
 274 {
 275   admin;
 276   cli-mono;
 277   comm;
 278   database;
 279   debian-installer;
 280   debug;
 281   devel;
 282   doc;
 283   editors;
 284   embedded;
 285   electronics;
 286   fonts;
 287   games;
 288   gnome;
 289   graphics;
 290   gnu-r;
 291   gnustep;
 292   hamradio;
 293   haskell;
 294   httpd;
 295   interpreters;
 296   java;
 297   kde;
 298   kernel;
 299   libdevel;
 300   libs;
 301   lisp;
 302   localization;
 303   mail;
 304   math;
 305   misc;
 306   net;
 307   news;
 308   ocaml;
 309   oldlibs;
 310   otherosfs;
 311   perl;
 312   php;
 313   python;
 314   ruby;
 315   science;
 316   shells;
 317   sound;
 318   tex;
 319   text;
 320   utils;
 321   web;
 322   vcs;
 323   video;
 324   x11;
 325   xfce;
 326   zope;
 327 };
 328
 329 Priority
 330 {
 331   required 1;
 332   important 2;
 333   standard 3;
 334   optional 4;
 335   extra 5;
 336   source 0; // i.e. unused
 337 };
 338
 339 Urgency
 340 {
 341   Default "low";
 342   Valid
 343   {
 344     low;
 345     medium;
 346     high;
 347     emergency;
 348     critical;
 349   };
 350 };
 351
 352 Generate-Releases
 353 {
 354   MD5Sum
 355   {
 356     oldstable;
 357     stable;
 358     testing;
 359   };
 360   SHA1
 361   {
 362     oldstable;
 363     stable;
 364     testing;
 365   };
 366   SHA256
 367   {
 368     oldstable;
 369     stable;
 370     testing;
 371   };
 372 }