config/debian-security/dak.conf

   1 Dinstall
   2 {
   3    // was non-us.d.o path before
   4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
   5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
   6    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
   7    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
   8    MyAdminAddress "ftpmaster@debian.org";
   9    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
  10    MyDistribution "Debian"; // Used in emails
  11    BugServer "bugs.debian.org";
  12    PackagesServer "packages.debian.org";
  13    Bcc "archive@ftp-master.debian.org";
  14    // GroupOverrideFilename "override.group-maint";
  15    FutureTimeTravelGrace 28800; // 8 hours
  16    PastCutoffYear "1984";
  17    SkipTime 300;
  18    CloseBugs "false";
  19    OverrideDisparityCheck "false";
  20    BXANotify "false";
  21    DefaultSuite "stable";
  22    SuiteSuffix "updates/";
  23    OverrideMaintainer "dak@security.debian.org";
  24    LegacyStableHasNoSections "false";
  25    AllowSourceOnlyUploads "true";
  26 };
  27
  28 Process-New
  29 {
  30   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
  31   LockDir "/srv/security-master.debian.org/lock/new/";
  32 };
  33
  34 Process-Policy
  35 {
  36   CopyDir "/srv/security-master.debian.org/queue/accepted";
  37 };
  38
  39 Import-Users-From-Passwd
  40 {
  41   ValidGID "800";
  42   // Comma separated list of users who are in Postgres but not the passwd file
  43   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
  44 };
  45
  46 Queue-Report
  47 {
  48   Directories
  49   {
  50     byhand;
  51     new;
  52     unembargoed;
  53     embargoed;
  54   };
  55 };
  56
  57 Import-LDAP-Fingerprints
  58 {
  59   LDAPDn "ou=users,dc=debian,dc=org";
  60   LDAPServer "db.debian.org";
  61   ExtraKeyrings
  62   {
  63     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
  64     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
  65     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
  66   };
  67   KeyServer "wwwkeys.eu.pgp.net";
  68 };
  69
  70 Check-Overrides
  71 {
  72   OverrideSuites
  73   {
  74     Stable
  75     {
  76       Process "0";
  77     };
  78
  79     Testing
  80     {
  81       Process "0";
  82     };
  83
  84   };
  85 };
  86
  87 Clean-Queues
  88 {
  89   Options
  90   {
  91     Days 14;
  92   };
  93  MorgueSubDir "queue";
  94 };
  95
  96 Rm
  97 {
  98   Options
  99   {
 100     Suite "unstable";
 101   };
 102
 103   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
 104   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 105 };
 106
 107 Clean-Suites
 108 {
 109   // How long (in seconds) dead packages are left before being killed
 110   StayOfExecution 129600; // 1.5 days
 111   MorgueSubDir "pool";
 112   OverrideFilename "override.source-only";
 113 };
 114
 115 Security-Install
 116 {
 117   ComponentMappings
 118   {
 119     main "ftp-master.debian.org:/pub/UploadQueue";
 120     contrib "ftp-master.debian.org:/pub/UploadQueue";
 121     non-free "ftp-master.debian.org:/pub/UploadQueue";
 122     non-US/main "non-us.debian.org:/pub/UploadQueue";
 123     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
 124     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
 125   };
 126 };
 127
 128 Suite
 129 {
 130   // Priority determines which suite is used for the Maintainers file
 131   // as generated by 'dak make-maintainers' (highest wins).
 132
 133   Stable
 134   {
 135         Components
 136         {
 137           updates/main;
 138           updates/contrib;
 139           updates/non-free;
 140         };
 141         Announce "dak@security.debian.org";
 142         Version "";
 143         Origin "Debian";
 144         Label "Debian-Security";
 145         Description "Debian 6.0 Security Updates";
 146         ValidTime 864000; // 10 days
 147         CodeName "squeeze";
 148         OverrideCodeName "squeeze";
 149         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 150   };
 151
 152   Testing
 153   {
 154         Components
 155         {
 156           updates/main;
 157           updates/contrib;
 158           updates/non-free;
 159         };
 160         Announce "dak@security.debian.org";
 161         Version "";
 162         Origin "Debian";
 163         Label "Debian-Security";
 164         Description "Debian testing Security Updates";
 165         ValidTime 864000; // 10 days
 166         CodeName "wheezy";
 167         OverrideCodeName "wheezy";
 168         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 169   };
 170 };
 171
 172 SuiteMappings
 173 {
 174  "silent-map stable-security stable";
 175  "silent-map oldstable-security oldstable";
 176   "silent-map etch-secure oldstable";
 177   "silent-map testing-security testing";
 178   "silent-map squeeze-security oldstable";
 179   "silent-map wheezy-security stable";
 180   "silent-map jessie-security testing";
 181 };
 182
 183 Dir
 184 {
 185   Base "/srv/security-master.debian.org/";
 186   Root "/srv/security-master.debian.org/ftp/";
 187   Pool "/srv/security-master.debian.org/ftp/pool/";
 188   Export "/srv/security-master.debian.org/export/";
 189   Dak "/srv/security-master.debian.org/dak/";
 190   Templates "/srv/security-master.debian.org/dak/templates/";
 191   Override "/srv/security-master.debian.org/override/";
 192   Lock "/srv/security-master.debian.org/lock/";
 193   Cache "/srv/security-master.debian.org/database/";
 194   Lists "/srv/security-master.debian.org/dak-database/dists/";
 195   Log "/srv/security-master.debian.org/dak-log/";
 196   Morgue "/srv/security-master.debian.org/morgue/";
 197   Override "/srv/security-master.debian.org/scripts/override/";
 198   Upload "/srv/queued/ftpmaster/";
 199   TempPath "/srv/security-master.debian.org/tmp";
 200   Holding "/srv/security-master.debian.org/queue/holding/";
 201   Done "/srv/security-master.debian.org/queue/done/";
 202   Reject "/srv/security-master.debian.org/queue/reject/";
 203
 204   Queue
 205   {
 206     Byhand "/srv/security-master.debian.org/queue/byhand/";
 207     New "/srv/security-master.debian.org/queue/new/";
 208     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
 209     Newstage "/srv/security-master.debian.org/queue/newstage/";
 210
 211     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 212     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 213
 214     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
 215     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
 216     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
 217   };
 218 };
 219
 220 DB
 221 {
 222   Service "obscurity";
 223   // PoolSize should be at least ThreadCount + 1
 224   PoolSize 5;
 225   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
 226   MaxOverflow 13;
 227   // should be false for encoding == SQL_ASCII
 228   Unicode "false"
 229 };
 230
 231 Architectures
 232 {
 233
 234   source "Source";
 235   all "Architecture Independent";
 236   alpha "DEC Alpha";
 237   hppa "HP PA RISC";
 238   arm "ARM";
 239   armel "ARM EABI";
 240   i386 "Intel ia32";
 241   ia64 "Intel ia64";
 242   mips "MIPS (Big Endian)";
 243   mipsel "MIPS (Little Endian)";
 244   powerpc "PowerPC";
 245   s390 "IBM S/390";
 246   sparc "Sun SPARC/UltraSPARC";
 247   amd64 "AMD x86_64 (AMD64)";
 248   kfreebsd-i386 "GNU/kFreeBSD i386";
 249   kfreebsd-amd64 "GNU/kFreeBSD amd64";
 250
 251 };
 252
 253 Archive
 254 {
 255
 256   security
 257   {
 258     OriginServer "security.debian.org";
 259     PrimaryMirror "security.debian.org";
 260     Description "Security Updates for the Debian project";
 261   };
 262
 263 };
 264
 265 ComponentMappings
 266 {
 267  "main updates/main";
 268  "contrib updates/contrib";
 269  "non-free updates/non-free";
 270  "non-US/main updates/main";
 271  "non-US/contrib updates/contrib";
 272  "non-US/non-free updates/non-free";
 273 };
 274
 275 Section
 276 {
 277   admin;
 278   cli-mono;
 279   comm;
 280   database;
 281   debian-installer;
 282   debug;
 283   devel;
 284   doc;
 285   editors;
 286   embedded;
 287   electronics;
 288   fonts;
 289   games;
 290   gnome;
 291   graphics;
 292   gnu-r;
 293   gnustep;
 294   hamradio;
 295   haskell;
 296   httpd;
 297   interpreters;
 298   java;
 299   kde;
 300   kernel;
 301   libdevel;
 302   libs;
 303   lisp;
 304   localization;
 305   mail;
 306   math;
 307   misc;
 308   net;
 309   news;
 310   ocaml;
 311   oldlibs;
 312   otherosfs;
 313   perl;
 314   php;
 315   python;
 316   ruby;
 317   science;
 318   shells;
 319   sound;
 320   tex;
 321   text;
 322   utils;
 323   web;
 324   vcs;
 325   video;
 326   x11;
 327   xfce;
 328   zope;
 329 };
 330
 331 Priority
 332 {
 333   required 1;
 334   important 2;
 335   standard 3;
 336   optional 4;
 337   extra 5;
 338   source 0; // i.e. unused
 339 };
 340
 341 Urgency
 342 {
 343   Default "low";
 344   Valid
 345   {
 346     low;
 347     medium;
 348     high;
 349     emergency;
 350     critical;
 351   };
 352 };
 353
 354 Generate-Releases
 355 {
 356   MD5Sum
 357   {
 358     oldstable;
 359     stable;
 360     testing;
 361   };
 362   SHA1
 363   {
 364     oldstable;
 365     stable;
 366     testing;
 367   };
 368   SHA256
 369   {
 370     oldstable;
 371     stable;
 372     testing;
 373   };
 374 }