X-Git-Url: https://git.decadent.org.uk/gitweb/?p=dak.git;a=blobdiff_plain;f=config%2Fdebian-security%2Fdak.conf;h=c4a932a0cd1ac23255f5e18756c925e7ae0ad53f;hp=b1f8c4b8acf1936aaa8b8d45ec7b3f4ed7bc8670;hb=356f4f93a9d0b29c0878111f7c3eee194f6571e5;hpb=99475d30981c1952e61c5390cd243afff7888388 diff --git a/config/debian-security/dak.conf b/config/debian-security/dak.conf index b1f8c4b8..c4a932a0 100644 --- a/config/debian-security/dak.conf +++ b/config/debian-security/dak.conf @@ -36,9 +36,9 @@ Process-Policy Import-Users-From-Passwd { - ValidGID "800"; + ValidGID "Debian"; // Comma separated list of users who are in Postgres but not the passwd file - KnownPostgres "postgres,dak,www-data,udmsearch,repuser"; + KnownPostgres "postgres,dak,www-data,udmsearch,repuser,debian-backup"; }; Queue-Report @@ -56,7 +56,7 @@ Import-LDAP-Fingerprints { LDAPDn "ou=users,dc=debian,dc=org"; LDAPServer "db.debian.org"; - CACertFile "/etc/ssl/certs/spi-cacert-2008.pem"; + CACertFile "/etc/ssl/ca-debian/ca-certificates.crt"; ExtraKeyrings { "/srv/keyring.debian.org/keyrings/removed-keys.pgp"; @@ -105,78 +105,33 @@ Rm Clean-Suites { - // How long (in seconds) dead packages are left before being killed - StayOfExecution 129600; // 1.5 days MorgueSubDir "pool"; - OverrideFilename "override.source-only"; -}; - -Security-Install -{ - ComponentMappings - { - main "ftp-master.debian.org:/pub/UploadQueue"; - contrib "ftp-master.debian.org:/pub/UploadQueue"; - non-free "ftp-master.debian.org:/pub/UploadQueue"; - non-US/main "non-us.debian.org:/pub/UploadQueue"; - non-US/contrib "non-us.debian.org:/pub/UploadQueue"; - non-US/non-free "non-us.debian.org:/pub/UploadQueue"; - }; -}; - -Suite -{ - // Priority determines which suite is used for the Maintainers file - // as generated by 'dak make-maintainers' (highest wins). - - Stable - { - Components - { - updates/main; - updates/contrib; - updates/non-free; - }; - Announce "dak@security.debian.org"; - Version ""; - Origin "Debian"; - Label "Debian-Security"; - Description "Debian 6.0 Security Updates"; - ValidTime 864000; // 10 days - CodeName "squeeze"; - OverrideCodeName "squeeze"; - CopyDotDak "/srv/security-master.debian.org/queue/done/"; - }; - - Testing - { - Components - { - updates/main; - updates/contrib; - updates/non-free; - }; - Announce "dak@security.debian.org"; - Version ""; - Origin "Debian"; - Label "Debian-Security"; - Description "Debian testing Security Updates"; - ValidTime 864000; // 10 days - CodeName "wheezy"; - OverrideCodeName "wheezy"; - CopyDotDak "/srv/security-master.debian.org/queue/done/"; - }; }; SuiteMappings { "silent-map stable-security stable"; + "silent-map stable-kfreebsd-security stable-kfreebsd"; "silent-map oldstable-security oldstable"; - "silent-map etch-secure oldstable"; + "silent-map oldoldstable-security oldoldstable"; "silent-map testing-security testing"; - "silent-map squeeze-security oldstable"; - "silent-map wheezy-security stable"; - "silent-map jessie-security testing"; + "silent-map squeeze-security oldoldstable"; + "silent-map wheezy-security oldstable"; + "silent-map jessie-security stable"; + "silent-map jessie-kfreebsd-security stable-kfreebsd"; + "silent-map stretch-security testing"; + + "reject oldoldstable"; +}; + +AutomaticByHandPackages +{ + "linux-code-sign" { + Source "linux"; + Section "byhand"; + Extension "tar.xz"; + Script "/srv/security-master.debian.org/dak/scripts/debian/byhand-code-sign"; + }; }; Dir @@ -196,20 +151,11 @@ Dir Override "/srv/security-master.debian.org/scripts/override/"; Upload "/srv/queued/ftpmaster/"; TempPath "/srv/security-master.debian.org/tmp"; - Holding "/srv/security-master.debian.org/queue/holding/"; Done "/srv/security-master.debian.org/queue/done/"; Reject "/srv/security-master.debian.org/queue/reject/"; Queue { - Byhand "/srv/security-master.debian.org/queue/byhand/"; - New "/srv/security-master.debian.org/queue/new/"; - Unchecked "/srv/security-master.debian.org/queue/unchecked/"; - Newstage "/srv/security-master.debian.org/queue/newstage/"; - - ProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme - OldProposedUpdates "/srv/security-master.debian.org/does/not/exist/"; // XXX fixme - Embargoed "/srv/security-master.debian.org/queue/embargoed/"; Unembargoed "/srv/security-master.debian.org/queue/unembargoed/"; Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/"; @@ -227,114 +173,11 @@ DB Unicode "false" }; -Architectures -{ - - source "Source"; - all "Architecture Independent"; - alpha "DEC Alpha"; - hppa "HP PA RISC"; - arm "ARM"; - armel "ARM EABI"; - i386 "Intel ia32"; - ia64 "Intel ia64"; - mips "MIPS (Big Endian)"; - mipsel "MIPS (Little Endian)"; - powerpc "PowerPC"; - s390 "IBM S/390"; - sparc "Sun SPARC/UltraSPARC"; - amd64 "AMD x86_64 (AMD64)"; - kfreebsd-i386 "GNU/kFreeBSD i386"; - kfreebsd-amd64 "GNU/kFreeBSD amd64"; - -}; - -Archive -{ - - security - { - OriginServer "security.debian.org"; - PrimaryMirror "security.debian.org"; - Description "Security Updates for the Debian project"; - }; - -}; - ComponentMappings { "main updates/main"; "contrib updates/contrib"; "non-free updates/non-free"; - "non-US/main updates/main"; - "non-US/contrib updates/contrib"; - "non-US/non-free updates/non-free"; -}; - -Section -{ - admin; - cli-mono; - comm; - database; - debian-installer; - debug; - devel; - doc; - editors; - embedded; - electronics; - fonts; - games; - gnome; - graphics; - gnu-r; - gnustep; - hamradio; - haskell; - httpd; - interpreters; - java; - kde; - kernel; - libdevel; - libs; - lisp; - localization; - mail; - math; - misc; - net; - news; - ocaml; - oldlibs; - otherosfs; - perl; - php; - python; - ruby; - science; - shells; - sound; - tex; - text; - utils; - web; - vcs; - video; - x11; - xfce; - zope; -}; - -Priority -{ - required 1; - important 2; - standard 3; - optional 4; - extra 5; - source 0; // i.e. unused }; Urgency @@ -349,25 +192,3 @@ Urgency critical; }; }; - -Generate-Releases -{ - MD5Sum - { - oldstable; - stable; - testing; - }; - SHA1 - { - oldstable; - stable; - testing; - }; - SHA256 - { - oldstable; - stable; - testing; - }; -}