// was non-us.d.o path before
SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
- SigningKeyIds "55BE302B";
SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
MyEmailAddress "Debian FTP Masters <ftpmaster@ftp-master.debian.org>";
MyAdminAddress "ftpmaster@debian.org";
MyDistribution "Debian"; // Used in emails
BugServer "bugs.debian.org";
PackagesServer "packages.debian.org";
- LockFile "/org/security-master.debian.org/dak/lock";
Bcc "archive@ftp-master.debian.org";
// GroupOverrideFilename "override.group-maint";
- FutureTimeTravelGrace 28800; // 8 hours
- PastCutoffYear "1984";
SkipTime 300;
CloseBugs "false";
OverrideDisparityCheck "false";
LockDir "/srv/security-master.debian.org/lock/new/";
};
+Process-Policy
+{
+ CopyDir "/srv/security-master.debian.org/queue/accepted";
+};
+
Import-Users-From-Passwd
{
- ValidGID "800";
+ ValidGID "Debian";
// Comma separated list of users who are in Postgres but not the passwd file
- KnownPostgres "postgres,dak,www-data,udmsearch,repuser";
+ KnownPostgres "postgres,dak,www-data,udmsearch,repuser,debian-backup";
};
Queue-Report
{
LDAPDn "ou=users,dc=debian,dc=org";
LDAPServer "db.debian.org";
+ CACertFile "/etc/ssl/ca-debian/ca-certificates.crt";
ExtraKeyrings
{
"/srv/keyring.debian.org/keyrings/removed-keys.pgp";
Clean-Suites
{
- // How long (in seconds) dead packages are left before being killed
- StayOfExecution 129600; // 1.5 days
MorgueSubDir "pool";
- OverrideFilename "override.source-only";
-};
-
-Security-Install
-{
- ComponentMappings
- {
- main "ftp-master.debian.org:/pub/UploadQueue";
- contrib "ftp-master.debian.org:/pub/UploadQueue";
- non-free "ftp-master.debian.org:/pub/UploadQueue";
- non-US/main "non-us.debian.org:/pub/UploadQueue";
- non-US/contrib "non-us.debian.org:/pub/UploadQueue";
- non-US/non-free "non-us.debian.org:/pub/UploadQueue";
- };
-};
-
-Suite
-{
- // Priority determines which suite is used for the Maintainers file
- // as generated by 'dak make-maintainers' (highest wins).
-
- OldStable
- {
- Components
- {
- updates/main;
- updates/contrib;
- updates/non-free;
- };
- Announce "dak@security.debian.org";
- Version "";
- Origin "Debian";
- Label "Debian-Security";
- Description "Debian 5.0 Security Updates";
- ValidTime 864000; // 10 days
- CodeName "lenny";
- OverrideCodeName "lenny";
- CopyDotDak "/srv/security-master.debian.org/queue/done/";
- };
-
- Stable
- {
- Components
- {
- updates/main;
- updates/contrib;
- updates/non-free;
- };
- Announce "dak@security.debian.org";
- Version "";
- Origin "Debian";
- Label "Debian-Security";
- Description "Debian 6.0 Security Updates";
- ValidTime 864000; // 10 days
- CodeName "squeeze";
- OverrideCodeName "squeeze";
- CopyDotDak "/srv/security-master.debian.org/queue/done/";
- };
-
- Testing
- {
- Components
- {
- updates/main;
- updates/contrib;
- updates/non-free;
- };
- Announce "dak@security.debian.org";
- Version "";
- Origin "Debian";
- Label "Debian-Security";
- Description "Debian testing Security Updates";
- ValidTime 864000; // 10 days
- CodeName "wheezy";
- OverrideCodeName "wheezy";
- CopyDotDak "/srv/security-master.debian.org/queue/done/";
- };
};
SuiteMappings
{
"silent-map stable-security stable";
+ "silent-map stable-kfreebsd-security stable-kfreebsd";
"silent-map oldstable-security oldstable";
- // JT - FIXME, hackorama
- // "silent-map testing-security stable";
- "silent-map etch-secure oldstable";
- "silent-map lenny-secure stable";
+ "silent-map oldoldstable-security oldoldstable";
"silent-map testing-security testing";
- "silent-map lenny-security oldstable";
- "silent-map squeeze-security stable";
- "silent-map wheezy-security testing";
+ "silent-map squeeze-security oldoldstable";
+ "silent-map wheezy-security oldstable";
+ "silent-map jessie-security stable";
+ "silent-map jessie-kfreebsd-security stable-kfreebsd";
+ "silent-map stretch-security testing";
+
+ "reject oldoldstable";
+};
+
+AutomaticByHandPackages
+{
+ "linux-code-sign" {
+ Source "linux";
+ Section "byhand";
+ Extension "tar.xz";
+ Script "/srv/security-master.debian.org/dak/scripts/debian/byhand-code-sign";
+ };
};
Dir
{
+ Base "/srv/security-master.debian.org/";
Root "/srv/security-master.debian.org/ftp/";
Pool "/srv/security-master.debian.org/ftp/pool/";
Export "/srv/security-master.debian.org/export/";
Override "/srv/security-master.debian.org/scripts/override/";
Upload "/srv/queued/ftpmaster/";
TempPath "/srv/security-master.debian.org/tmp";
- Holding "/srv/security-master.debian.org/queue/holding/";
Done "/srv/security-master.debian.org/queue/done/";
Reject "/srv/security-master.debian.org/queue/reject/";
Queue
{
- Byhand "/srv/security-master.debian.org/queue/byhand/";
- New "/srv/security-master.debian.org/queue/new/";
- Unchecked "/srv/security-master.debian.org/queue/unchecked/";
- Newstage "/srv/security-master.debian.org/queue/newstage/";
-
- ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
- OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme
-
Embargoed "/srv/security-master.debian.org/queue/embargoed/";
Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
Unicode "false"
};
-Architectures
-{
-
- source "Source";
- all "Architecture Independent";
- alpha "DEC Alpha";
- hppa "HP PA RISC";
- arm "ARM";
- armel "ARM EABI";
- i386 "Intel ia32";
- ia64 "Intel ia64";
- mips "MIPS (Big Endian)";
- mipsel "MIPS (Little Endian)";
- powerpc "PowerPC";
- s390 "IBM S/390";
- sparc "Sun SPARC/UltraSPARC";
- amd64 "AMD x86_64 (AMD64)";
- kfreebsd-i386 "GNU/kFreeBSD i386";
- kfreebsd-amd64 "GNU/kFreeBSD amd64";
-
-};
-
-Archive
-{
-
- security
- {
- OriginServer "security.debian.org";
- PrimaryMirror "security.debian.org";
- Description "Security Updates for the Debian project";
- };
-
-};
-
ComponentMappings
{
"main updates/main";
"contrib updates/contrib";
"non-free updates/non-free";
- "non-US/main updates/main";
- "non-US/contrib updates/contrib";
- "non-US/non-free updates/non-free";
-};
-
-Section
-{
- admin;
- cli-mono;
- comm;
- database;
- debian-installer;
- debug;
- devel;
- doc;
- editors;
- embedded;
- electronics;
- fonts;
- games;
- gnome;
- graphics;
- gnu-r;
- gnustep;
- hamradio;
- haskell;
- httpd;
- interpreters;
- java;
- kde;
- kernel;
- libdevel;
- libs;
- lisp;
- localization;
- mail;
- math;
- misc;
- net;
- news;
- ocaml;
- oldlibs;
- otherosfs;
- perl;
- php;
- python;
- ruby;
- science;
- shells;
- sound;
- tex;
- text;
- utils;
- web;
- vcs;
- video;
- x11;
- xfce;
- zope;
-};
-
-Priority
-{
- required 1;
- important 2;
- standard 3;
- optional 4;
- extra 5;
- source 0; // i.e. unused
};
Urgency
critical;
};
};
-
-Changelogs
-{
- Export "/srv/security-master.debian.org/export/changelogs";
-}
-
-Generate-Releases
-{
- MD5Sum
- {
- oldstable;
- stable;
- testing;
- };
- SHA1
- {
- oldstable;
- stable;
- testing;
- };
- SHA256
- {
- oldstable;
- stable;
- testing;
- };
-}
projects / dak.git / blobdiff