config/debian-security/dak.conf

   1 Dinstall
   2 {
   3    // was non-us.d.o path before
   4    SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
   5    SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
   6    SigningKeyIds "55BE302B";
   7    SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
   8    MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
   9    MyAdminAddress "ftpmaster@debian.org";
  10    MyHost "debian.org";  // used for generating user@my_host addresses in e.g. manual_reject()
  11    MyDistribution "Debian"; // Used in emails
  12    BugServer "bugs.debian.org";
  13    PackagesServer "packages.debian.org";
  14    Bcc "archive@ftp-master.debian.org";
  15    // GroupOverrideFilename "override.group-maint";
  16    FutureTimeTravelGrace 28800; // 8 hours
  17    PastCutoffYear "1984";
  18    SkipTime 300;
  19    CloseBugs "false";
  20    OverrideDisparityCheck "false";
  21    BXANotify "false";
  22    DefaultSuite "stable";
  23    SuiteSuffix "updates/";
  24    OverrideMaintainer "dak@security.debian.org";
  25    LegacyStableHasNoSections "false";
  26    AllowSourceOnlyUploads "true";
  27 };
  28
  29 Process-New
  30 {
  31   DinstallLockFile "/srv/security-master.debian.org/lock/processnew.lock";
  32   LockDir "/srv/security-master.debian.org/lock/new/";
  33 };
  34
  35 Process-Policy
  36 {
  37   CopyDir "/srv/security-master.debian.org/queue/accepted";
  38 };
  39
  40 Import-Users-From-Passwd
  41 {
  42   ValidGID "800";
  43   // Comma separated list of users who are in Postgres but not the passwd file
  44   KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
  45 };
  46
  47 Queue-Report
  48 {
  49   Directories
  50   {
  51     byhand;
  52     new;
  53     unembargoed;
  54     embargoed;
  55   };
  56 };
  57
  58 Import-LDAP-Fingerprints
  59 {
  60   LDAPDn "ou=users,dc=debian,dc=org";
  61   LDAPServer "db.debian.org";
  62   ExtraKeyrings
  63   {
  64     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
  65     "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
  66     "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
  67   };
  68   KeyServer "wwwkeys.eu.pgp.net";
  69 };
  70
  71 Check-Overrides
  72 {
  73   OverrideSuites
  74   {
  75     Stable
  76     {
  77       Process "0";
  78     };
  79
  80     Testing
  81     {
  82       Process "0";
  83     };
  84
  85   };
  86 };
  87
  88 Clean-Queues
  89 {
  90   Options
  91   {
  92     Days 14;
  93   };
  94  MorgueSubDir "queue";
  95 };
  96
  97 Rm
  98 {
  99   Options
 100   {
 101     Suite "unstable";
 102   };
 103
 104   MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
 105   LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
 106 };
 107
 108 Clean-Suites
 109 {
 110   // How long (in seconds) dead packages are left before being killed
 111   StayOfExecution 129600; // 1.5 days
 112   MorgueSubDir "pool";
 113   OverrideFilename "override.source-only";
 114 };
 115
 116 Security-Install
 117 {
 118   ComponentMappings
 119   {
 120     main "ftp-master.debian.org:/pub/UploadQueue";
 121     contrib "ftp-master.debian.org:/pub/UploadQueue";
 122     non-free "ftp-master.debian.org:/pub/UploadQueue";
 123     non-US/main "non-us.debian.org:/pub/UploadQueue";
 124     non-US/contrib "non-us.debian.org:/pub/UploadQueue";
 125     non-US/non-free "non-us.debian.org:/pub/UploadQueue";
 126   };
 127 };
 128
 129 Suite
 130 {
 131   // Priority determines which suite is used for the Maintainers file
 132   // as generated by 'dak make-maintainers' (highest wins).
 133
 134   Stable
 135   {
 136         Components
 137         {
 138           updates/main;
 139           updates/contrib;
 140           updates/non-free;
 141         };
 142         Announce "dak@security.debian.org";
 143         Version "";
 144         Origin "Debian";
 145         Label "Debian-Security";
 146         Description "Debian 6.0 Security Updates";
 147         ValidTime 864000; // 10 days
 148         CodeName "squeeze";
 149         OverrideCodeName "squeeze";
 150         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 151   };
 152
 153   Testing
 154   {
 155         Components
 156         {
 157           updates/main;
 158           updates/contrib;
 159           updates/non-free;
 160         };
 161         Announce "dak@security.debian.org";
 162         Version "";
 163         Origin "Debian";
 164         Label "Debian-Security";
 165         Description "Debian testing Security Updates";
 166         ValidTime 864000; // 10 days
 167         CodeName "wheezy";
 168         OverrideCodeName "wheezy";
 169         CopyDotDak "/srv/security-master.debian.org/queue/done/";
 170   };
 171 };
 172
 173 SuiteMappings
 174 {
 175  "silent-map stable-security stable";
 176  "silent-map oldstable-security oldstable";
 177   "silent-map etch-secure oldstable";
 178   "silent-map testing-security testing";
 179   "silent-map squeeze-security stable";
 180   "silent-map wheezy-security testing";
 181 };
 182
 183 Dir
 184 {
 185   Base "/srv/security-master.debian.org/";
 186   Root "/srv/security-master.debian.org/ftp/";
 187   Pool "/srv/security-master.debian.org/ftp/pool/";
 188   Export "/srv/security-master.debian.org/export/";
 189   Dak "/srv/security-master.debian.org/dak/";
 190   Templates "/srv/security-master.debian.org/dak/templates/";
 191   Override "/srv/security-master.debian.org/override/";
 192   Lock "/srv/security-master.debian.org/lock/";
 193   Cache "/srv/security-master.debian.org/database/";
 194   Lists "/srv/security-master.debian.org/dak-database/dists/";
 195   Log "/srv/security-master.debian.org/dak-log/";
 196   Morgue "/srv/security-master.debian.org/morgue/";
 197   Override "/srv/security-master.debian.org/scripts/override/";
 198   Upload "/srv/queued/ftpmaster/";
 199   TempPath "/srv/security-master.debian.org/tmp";
 200   Holding "/srv/security-master.debian.org/queue/holding/";
 201   Done "/srv/security-master.debian.org/queue/done/";
 202   Reject "/srv/security-master.debian.org/queue/reject/";
 203
 204   Queue
 205   {
 206     Byhand "/srv/security-master.debian.org/queue/byhand/";
 207     New "/srv/security-master.debian.org/queue/new/";
 208     Unchecked "/srv/security-master.debian.org/queue/unchecked/";
 209     Newstage "/srv/security-master.debian.org/queue/newstage/";
 210
 211     ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 212     OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
 213
 214     Embargoed "/srv/security-master.debian.org/queue/embargoed/";
 215     Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
 216     Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
 217   };
 218 };
 219
 220 DB
 221 {
 222   Service "obscurity";
 223   // PoolSize should be at least ThreadCount + 1
 224   PoolSize 5;
 225   // MaxOverflow shouldn't exceed postgresql.conf's max_connections - PoolSize
 226   MaxOverflow 13;
 227   // should be false for encoding == SQL_ASCII
 228   Unicode "false"
 229 };
 230
 231 Architectures
 232 {
 233
 234   source "Source";
 235   all "Architecture Independent";
 236   alpha "DEC Alpha";
 237   hppa "HP PA RISC";
 238   arm "ARM";
 239   armel "ARM EABI";
 240   i386 "Intel ia32";
 241   ia64 "Intel ia64";
 242   mips "MIPS (Big Endian)";
 243   mipsel "MIPS (Little Endian)";
 244   powerpc "PowerPC";
 245   s390 "IBM S/390";
 246   sparc "Sun SPARC/UltraSPARC";
 247   amd64 "AMD x86_64 (AMD64)";
 248   kfreebsd-i386 "GNU/kFreeBSD i386";
 249   kfreebsd-amd64 "GNU/kFreeBSD amd64";
 250
 251 };
 252
 253 Archive
 254 {
 255
 256   security
 257   {
 258     OriginServer "security.debian.org";
 259     PrimaryMirror "security.debian.org";
 260     Description "Security Updates for the Debian project";
 261   };
 262
 263 };
 264
 265 ComponentMappings
 266 {
 267  "main updates/main";
 268  "contrib updates/contrib";
 269  "non-free updates/non-free";
 270  "non-US/main updates/main";
 271  "non-US/contrib updates/contrib";
 272  "non-US/non-free updates/non-free";
 273 };
 274
 275 Section
 276 {
 277   admin;
 278   cli-mono;
 279   comm;
 280   database;
 281   debian-installer;
 282   debug;
 283   devel;
 284   doc;
 285   editors;
 286   embedded;
 287   electronics;
 288   fonts;
 289   games;
 290   gnome;
 291   graphics;
 292   gnu-r;
 293   gnustep;
 294   hamradio;
 295   haskell;
 296   httpd;
 297   interpreters;
 298   java;
 299   kde;
 300   kernel;
 301   libdevel;
 302   libs;
 303   lisp;
 304   localization;
 305   mail;
 306   math;
 307   misc;
 308   net;
 309   news;
 310   ocaml;
 311   oldlibs;
 312   otherosfs;
 313   perl;
 314   php;
 315   python;
 316   ruby;
 317   science;
 318   shells;
 319   sound;
 320   tex;
 321   text;
 322   utils;
 323   web;
 324   vcs;
 325   video;
 326   x11;
 327   xfce;
 328   zope;
 329 };
 330
 331 Priority
 332 {
 333   required 1;
 334   important 2;
 335   standard 3;
 336   optional 4;
 337   extra 5;
 338   source 0; // i.e. unused
 339 };
 340
 341 Urgency
 342 {
 343   Default "low";
 344   Valid
 345   {
 346     low;
 347     medium;
 348     high;
 349     emergency;
 350     critical;
 351   };
 352 };
 353
 354 Changelogs
 355 {
 356   Export "/srv/security-master.debian.org/export/changelogs";
 357 }
 358
 359 Generate-Releases
 360 {
 361   MD5Sum
 362   {
 363     oldstable;
 364     stable;
 365     testing;
 366   };
 367   SHA1
 368   {
 369     oldstable;
 370     stable;
 371     testing;
 372   };
 373   SHA256
 374   {
 375     oldstable;
 376     stable;
 377     testing;
 378   };
 379 }