config/debian-security/dak.conf

   1 Dinstall
   2 {
   3    // was non-us.d.o path before
   4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
   5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
   6    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
   7    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
   8    MyAdminAddress "ftpmaster@debian.org";
   9    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
  10    MyDistribution "Debian"; // Used in emails
  11    BugServer "bugs.debian.org";
  12    PackagesServer "packages.debian.org";
  13    Bcc "archive@ftp-master.debian.org";
  14    // GroupOverrideFilename "override.group-maint";
  15    SkipTime 300;
  16    CloseBugs "false";
  17    OverrideDisparityCheck "false";
  18    BXANotify "false";
  19    DefaultSuite "stable";
  20    SuiteSuffix "updates/";
  21    OverrideMaintainer "dak@security.debian.org";
  22    LegacyStableHasNoSections "false";
  23    AllowSourceOnlyUploads "true";
  24 };
  25
  26 Process-New
  27 {
  28   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
  29   LockDir "/srv/security-master.debian.org/lock/new/";
  30 };
  31
  32 Process-Policy
  33 {
  34   CopyDir "/srv/security-master.debian.org/queue/accepted";
  35 };
  36
  37 Import-Users-From-Passwd
  38 {
  39   ValidGID "800";
  40   // Comma separated list of users who are in Postgres but not the passwd file
  41   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
  42 };
  43
  44 Queue-Report
  45 {
  46   Directories
  47   {
  48     byhand;
  49     new;
  50     unembargoed;
  51     embargoed;
  52   };
  53 };
  54
  55 Import-LDAP-Fingerprints
  56 {
  57   LDAPDn "ou=users,dc=debian,dc=org";
  58   LDAPServer "db.debian.org";
  59   CACertFile "/etc/ssl/certs/spi-cacert-2008.pem";
  60   ExtraKeyrings
  61   {
  62     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
  63     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
  64     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
  65   };
  66   KeyServer "wwwkeys.eu.pgp.net";
  67 };
  68
  69 Check-Overrides
  70 {
  71   OverrideSuites
  72   {
  73     Stable
  74     {
  75       Process "0";
  76     };
  77
  78     Testing
  79     {
  80       Process "0";
  81     };
  82
  83   };
  84 };
  85
  86 Clean-Queues
  87 {
  88   Options
  89   {
  90     Days 14;
  91   };
  92  MorgueSubDir "queue";
  93 };
  94
  95 Rm
  96 {
  97   Options
  98   {
  99     Suite "unstable";
 100   };
 101
 102   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
 103   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 104 };
 105
 106 Clean-Suites
 107 {
 108   // How long (in seconds) dead packages are left before being killed
 109   StayOfExecution 129600; // 1.5 days
 110   MorgueSubDir "pool";
 111   OverrideFilename "override.source-only";
 112 };
 113
 114 Security-Install
 115 {
 116   ComponentMappings
 117   {
 118     main "ftp-master.debian.org:/pub/UploadQueue";
 119     contrib "ftp-master.debian.org:/pub/UploadQueue";
 120     non-free "ftp-master.debian.org:/pub/UploadQueue";
 121     non-US/main "non-us.debian.org:/pub/UploadQueue";
 122     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
 123     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
 124   };
 125 };
 126
 127 Suite
 128 {
 129   // Priority determines which suite is used for the Maintainers file
 130   // as generated by 'dak make-maintainers' (highest wins).
 131
 132   Stable
 133   {
 134         Components
 135         {
 136           updates/main;
 137           updates/contrib;
 138           updates/non-free;
 139         };
 140         Announce "dak@security.debian.org";
 141         Version "";
 142         Origin "Debian";
 143         Label "Debian-Security";
 144         Description "Debian 6.0 Security Updates";
 145         ValidTime 864000; // 10 days
 146         CodeName "squeeze";
 147         OverrideCodeName "squeeze";
 148         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 149   };
 150
 151   Testing
 152   {
 153         Components
 154         {
 155           updates/main;
 156           updates/contrib;
 157           updates/non-free;
 158         };
 159         Announce "dak@security.debian.org";
 160         Version "";
 161         Origin "Debian";
 162         Label "Debian-Security";
 163         Description "Debian testing Security Updates";
 164         ValidTime 864000; // 10 days
 165         CodeName "wheezy";
 166         OverrideCodeName "wheezy";
 167         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 168   };
 169 };
 170
 171 SuiteMappings
 172 {
 173  "silent-map stable-security stable";
 174  "silent-map oldstable-security oldstable";
 175   "silent-map etch-secure oldstable";
 176   "silent-map testing-security testing";
 177   "silent-map squeeze-security oldstable";
 178   "silent-map wheezy-security stable";
 179   "silent-map jessie-security testing";
 180 };
 181
 182 Dir
 183 {
 184   Base "/srv/security-master.debian.org/";
 185   Root "/srv/security-master.debian.org/ftp/";
 186   Pool "/srv/security-master.debian.org/ftp/pool/";
 187   Export "/srv/security-master.debian.org/export/";
 188   Dak "/srv/security-master.debian.org/dak/";
 189   Templates "/srv/security-master.debian.org/dak/templates/";
 190   Override "/srv/security-master.debian.org/override/";
 191   Lock "/srv/security-master.debian.org/lock/";
 192   Cache "/srv/security-master.debian.org/database/";
 193   Lists "/srv/security-master.debian.org/dak-database/dists/";
 194   Log "/srv/security-master.debian.org/dak-log/";
 195   Morgue "/srv/security-master.debian.org/morgue/";
 196   Override "/srv/security-master.debian.org/scripts/override/";
 197   Upload "/srv/queued/ftpmaster/";
 198   TempPath "/srv/security-master.debian.org/tmp";
 199   Holding "/srv/security-master.debian.org/queue/holding/";
 200   Done "/srv/security-master.debian.org/queue/done/";
 201   Reject "/srv/security-master.debian.org/queue/reject/";
 202
 203   Queue
 204   {
 205     Byhand "/srv/security-master.debian.org/queue/byhand/";
 206     New "/srv/security-master.debian.org/queue/new/";
 207     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
 208     Newstage "/srv/security-master.debian.org/queue/newstage/";
 209
 210     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 211     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 212
 213     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
 214     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
 215     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
 216   };
 217 };
 218
 219 DB
 220 {
 221   Service "obscurity";
 222   // PoolSize should be at least ThreadCount + 1
 223   PoolSize 5;
 224   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
 225   MaxOverflow 13;
 226   // should be false for encoding == SQL_ASCII
 227   Unicode "false"
 228 };
 229
 230 Architectures
 231 {
 232
 233   source "Source";
 234   all "Architecture Independent";
 235   alpha "DEC Alpha";
 236   hppa "HP PA RISC";
 237   arm "ARM";
 238   armel "ARM EABI";
 239   i386 "Intel ia32";
 240   ia64 "Intel ia64";
 241   mips "MIPS (Big Endian)";
 242   mipsel "MIPS (Little Endian)";
 243   powerpc "PowerPC";
 244   s390 "IBM S/390";
 245   sparc "Sun SPARC/UltraSPARC";
 246   amd64 "AMD x86_64 (AMD64)";
 247   kfreebsd-i386 "GNU/kFreeBSD i386";
 248   kfreebsd-amd64 "GNU/kFreeBSD amd64";
 249
 250 };
 251
 252 Archive
 253 {
 254
 255   security
 256   {
 257     OriginServer "security.debian.org";
 258     PrimaryMirror "security.debian.org";
 259     Description "Security Updates for the Debian project";
 260   };
 261
 262 };
 263
 264 ComponentMappings
 265 {
 266  "main updates/main";
 267  "contrib updates/contrib";
 268  "non-free updates/non-free";
 269  "non-US/main updates/main";
 270  "non-US/contrib updates/contrib";
 271  "non-US/non-free updates/non-free";
 272 };
 273
 274 Section
 275 {
 276   admin;
 277   cli-mono;
 278   comm;
 279   database;
 280   debian-installer;
 281   debug;
 282   devel;
 283   doc;
 284   editors;
 285   embedded;
 286   electronics;
 287   fonts;
 288   games;
 289   gnome;
 290   graphics;
 291   gnu-r;
 292   gnustep;
 293   hamradio;
 294   haskell;
 295   httpd;
 296   interpreters;
 297   java;
 298   kde;
 299   kernel;
 300   libdevel;
 301   libs;
 302   lisp;
 303   localization;
 304   mail;
 305   math;
 306   misc;
 307   net;
 308   news;
 309   ocaml;
 310   oldlibs;
 311   otherosfs;
 312   perl;
 313   php;
 314   python;
 315   ruby;
 316   science;
 317   shells;
 318   sound;
 319   tex;
 320   text;
 321   utils;
 322   web;
 323   vcs;
 324   video;
 325   x11;
 326   xfce;
 327   zope;
 328 };
 329
 330 Priority
 331 {
 332   required 1;
 333   important 2;
 334   standard 3;
 335   optional 4;
 336   extra 5;
 337   source 0; // i.e. unused
 338 };
 339
 340 Urgency
 341 {
 342   Default "low";
 343   Valid
 344   {
 345     low;
 346     medium;
 347     high;
 348     emergency;
 349     critical;
 350   };
 351 };
 352
 353 Generate-Releases
 354 {
 355   MD5Sum
 356   {
 357     oldstable;
 358     stable;
 359     testing;
 360   };
 361   SHA1
 362   {
 363     oldstable;
 364     stable;
 365     testing;
 366   };
 367   SHA256
 368   {
 369     oldstable;
 370     stable;
 371     testing;
 372   };
 373 }