Dir
{
- ArchiveDir "/org/security.debian.org/ftp/";
- OverrideDir "/org/security.debian.org/override/";
- CacheDir "/org/security.debian.org/dak-database/";
+ ArchiveDir "/srv/security-master.debian.org/ftp/";
+ OverrideDir "/srv/security-master.debian.org/override/";
+ CacheDir "/srv/security-master.debian.org/dak-database/";
};
Default
tree "dists/oldstable/updates"
{
- FileList "/org/security.debian.org/dak-database/dists/oldstable_updates/$(SECTION)_binary-$(ARCH).list";
- SourceFileList "/org/security.debian.org/dak-database/dists/oldstable_updates/$(SECTION)_source.list";
+ FileList "/srv/security-master.debian.org/dak-database/dists/oldstable_updates/$(SECTION)_binary-$(ARCH).list";
+ SourceFileList "/srv/security-master.debian.org/dak-database/dists/oldstable_updates/$(SECTION)_source.list";
Sections "main contrib non-free";
Architectures "alpha amd64 arm hppa i386 ia64 mips mipsel powerpc s390 sparc source";
BinOverride "override.etch.$(SECTION)";
tree "dists/stable/updates"
{
- FileList "/org/security.debian.org/dak-database/dists/stable_updates/$(SECTION)_binary-$(ARCH).list";
- SourceFileList "/org/security.debian.org/dak-database/dists/stable_updates/$(SECTION)_source.list";
+ FileList "/srv/security-master.debian.org/dak-database/dists/stable_updates/$(SECTION)_binary-$(ARCH).list";
+ SourceFileList "/srv/security-master.debian.org/dak-database/dists/stable_updates/$(SECTION)_source.list";
Sections "main contrib non-free";
Architectures "alpha amd64 arm armel hppa i386 ia64 mips mipsel powerpc s390 sparc source";
BinOverride "override.lenny.$(SECTION)";
tree "dists/testing/updates"
{
- FileList "/org/security.debian.org/dak-database/dists/testing_updates/$(SECTION)_binary-$(ARCH).list";
- SourceFileList "/org/security.debian.org/dak-database/dists/testing_updates/$(SECTION)_source.list";
+ FileList "/srv/security-master.debian.org/dak-database/dists/testing_updates/$(SECTION)_binary-$(ARCH).list";
+ SourceFileList "/srv/security-master.debian.org/dak-database/dists/testing_updates/$(SECTION)_source.list";
Sections "main contrib non-free";
- Architectures "alpha amd64 armel hppa i386 ia64 mips mipsel powerpc s390 sparc source";
+ Architectures "alpha amd64 armel hppa i386 ia64 kfreebsd-i386 kfreebsd-amd64 mips mipsel powerpc s390 sparc source";
BinOverride "override.squeeze.$(SECTION)";
ExtraOverride "override.squeeze.extra.$(SECTION)";
SrcOverride "override.squeeze.$(SECTION).src";
Dir
{
- ArchiveDir "/srv/security.debian.org/buildd/";
- OverrideDir "/srv/security.debian.org/override/";
- CacheDir "/srv/security.debian.org/dak-database/";
+ ArchiveDir "/srv/security-master.debian.org/buildd/";
+ OverrideDir "/srv/security-master.debian.org/override/";
+ CacheDir "/srv/security-master.debian.org/dak-database/";
};
Default
ARCHS_oldstable="alpha amd64 arm hppa i386 ia64 mips mipsel powerpc sparc s390"
ARCHS_stable="alpha amd64 arm armel hppa i386 ia64 mips mipsel powerpc sparc s390"
-ARCHS_testing="alpha amd64 armel hppa i386 ia64 mips mipsel powerpc sparc s390"
+ARCHS_testing="alpha amd64 armel hppa i386 ia64 kfreebsd-i386 kfreebsd-amd64 mips mipsel powerpc sparc s390"
DISTS="oldstable stable testing"
SSH_SOCKET=~/.ssh/buildd.debian.org.socket
set -e
-export SCRIPTVARS=/org/security.debian.org/dak/config/debian-security/vars
+export SCRIPTVARS=/org/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
if [ -e $ftpdir/Archive_Maintenance_In_Progress ]; then
# Executed daily via cron, out of dak's crontab.
set -e
-export SCRIPTVARS=/org/security.debian.org/dak/config/debian-security/vars
+export SCRIPTVARS=/org/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
################################################################################
# Fix overrides
-rsync --delete -r --include=override\* --exclude=\* --password-file /srv/non-us.debian.org/s3kr1t/rsync-password -ql security-master@ftp-master::indices/ $overridedir
+rsync --delete -r --include=override\* --exclude=\* --password-file /srv/security-master.debian.org/s3kr1t/rsync-password -ql security-master@ftp-master::indices/ $overridedir
cd $overridedir
for file in override*.gz; do
symlinks -d -r $ftpdir
-pg_dump obscurity > /org/security.debian.org/dak-backup/dump_$(date +%Y.%m.%d-%H:%M:%S)
+pg_dump obscurity > /org/security-master.debian.org/dak-backup/dump_$(date +%Y.%m.%d-%H:%M:%S)
# Vacuum the database
set +e
#! /bin/sh
set -e
-export SCRIPTVARS=/org/security.debian.org/dak/config/debian-security/vars
+export SCRIPTVARS=/org/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
report=$queuedir/REPORT
# Executed weekly via cron, out of dak's crontab.
set -e
-export SCRIPTVARS=/org/security.debian.org/dak/config/debian-security/vars
+export SCRIPTVARS=/org/security-master.debian.org/dak/config/debian-security/vars
. $SCRIPTVARS
################################################################################
# we dont have a security update in that time...
cd $masterdir
dak generate-releases
+/org/security-master.debian.org/dak/config/debian-security/make-mirror.sh
sudo -u archvsync -H /home/archvsync/signal_security
Dinstall
{
GPGKeyring {
- "/org/keyring.debian.org/keyrings/debian-keyring.gpg";
+ "/srv/keyring.debian.org/keyrings/debian-keyring.gpg";
};
- SigningKeyring "/org/non-us.debian.org/s3kr1t/dot-gnupg/secring.gpg";
- SigningPubKeyring "/org/non-us.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
+ // was non-us.d.o path before
+ SigningKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/secring.gpg";
+ SigningPubKeyring "/srv/security-master.debian.org/s3kr1t/dot-gnupg/pubring.gpg";
SigningKeyIds "55BE302B";
SendmailCommand "/usr/sbin/sendmail -odq -oi -t";
MyEmailAddress "Debian Installer <installer@ftp-master.debian.org>";
MyDistribution "Debian"; // Used in emails
BugServer "bugs.debian.org";
PackagesServer "packages.debian.org";
- LockFile "/org/security.debian.org/dak/lock";
+ LockFile "/org/security-master.debian.org/dak/lock";
Bcc "archive@ftp-master.debian.org";
// GroupOverrideFilename "override.group-maint";
FutureTimeTravelGrace 28800; // 8 hours
BXANotify "false";
QueueBuildSuites
{
- oldstable;
stable;
testing;
};
Process-New
{
- AcceptedLockFile "/org/security.debian.org/lock/unchecked.lock";
+ AcceptedLockFile "/srv/security-master.debian.org/lock/unchecked.lock";
};
Import-Users-From-Passwd
};
};
+Import-Keyring
+{
+ /srv/keyring.debian.org/keyrings/debian-maintainers.gpg
+ {
+ Debian-Maintainer "true";
+ };
+};
+
+Import-LDAP-Fingerprints
+{
+ LDAPDn "ou=users,dc=debian,dc=org";
+ LDAPServer "db.debian.org";
+ ExtraKeyrings
+ {
+ "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
+ "/srv/keyring.debian.org/keyrings/removed-keys.gpg";
+ "/srv/keyring.debian.org/keyrings/extra-keys.pgp";
+ };
+ KeyServer "wwwkeys.eu.pgp.net";
+};
+
+Check-Overrides
+{
+ OverrideSuites
+ {
+ Stable
+ {
+ Process "0";
+ };
+
+ Testing
+ {
+ Process "0";
+ };
+
+ };
+};
+
Clean-Queues
{
Options
};
MyEmailAddress "Debian Archive Maintenance <ftpmaster@ftp-master.debian.org>";
- LogFile "/org/security.debian.org/dak-log/removals.txt";
+ LogFile "/srv/security-master.debian.org/dak-log/removals.txt";
};
Init-Archive
{
- ExportDir "/org/security.debian.org/dak/import-archive-files/";
+ ExportDir "/srv/security-master.debian.org/dak/import-archive-files/";
};
Clean-Suites
// Priority determines which suite is used for the Maintainers file
// as generated by 'dak make-maintainers' (highest wins).
- OldStable
- {
- Components
- {
- updates/main;
- updates/contrib;
- updates/non-free;
- };
- Announce "dak@security.debian.org";
- Version "";
- Origin "Debian";
- Label "Debian-Security";
- Description "Debian 4.0 Security Updates";
- ValidTime 864000; // 10 days
- CodeName "etch";
- OverrideCodeName "etch";
- CopyDotDak "/org/security.debian.org/queue/done/";
- };
-
Stable
{
Components
ValidTime 864000; // 10 days
CodeName "lenny";
OverrideCodeName "lenny";
- CopyDotDak "/org/security.debian.org/queue/done/";
+ CopyDotDak "/srv/security-master.debian.org/queue/done/";
};
Testing
ValidTime 864000; // 10 days
CodeName "squeeze";
OverrideCodeName "squeeze";
- CopyDotDak "/org/security.debian.org/queue/done/";
+ CopyDotDak "/srv/security-master.debian.org/queue/done/";
};
};
Dir
{
- Root "/org/security.debian.org/ftp/";
- Pool "/org/security.debian.org/ftp/pool/";
- Dak "/org/security.debian.org/dak/";
- Templates "/org/security.debian.org/dak/templates/";
+ Root "/srv/security-master.debian.org/ftp/";
+ Pool "/srv/security-master.debian.org/ftp/pool/";
+ Dak "/srv/security-master.debian.org/dak/";
+ Templates "/srv/security-master.debian.org/dak/templates/";
PoolRoot "pool/";
- Override "/org/security.debian.org/override/";
- Lock "/org/security.debian.org/lock/";
- Lists "/org/security.debian.org/dak-database/dists/";
- Log "/org/security.debian.org/dak-log/";
- Morgue "/org/security.debian.org/morgue/";
+ Override "/srv/security-master.debian.org/override/";
+ Lock "/srv/security-master.debian.org/lock/";
+ Cache "/srv/security-master.debian.org/database/";
+ Lists "/srv/security-master.debian.org/dak-database/dists/";
+ Log "/srv/security-master.debian.org/dak-log/";
+ Morgue "/srv/security-master.debian.org/morgue/";
MorgueReject "reject";
- Override "/org/security.debian.org/scripts/override/";
- QueueBuild "/org/security.debian.org/buildd/";
- Upload "/srv/queued/UploadQueue/";
+ Override "/srv/security-master.debian.org/scripts/override/";
+ QueueBuild "/srv/security-master.debian.org/buildd/";
+ Upload "/srv/queued/ftpmaster/";
Queue
{
- Accepted "/org/security.debian.org/queue/accepted/";
- Byhand "/org/security.debian.org/queue/byhand/";
- Done "/org/security.debian.org/queue/done/";
- Holding "/org/security.debian.org/queue/holding/";
- New "/org/security.debian.org/queue/new/";
- Reject "/org/security.debian.org/queue/reject/";
- Unchecked "/org/security.debian.org/queue/unchecked/";
+ Byhand "/srv/security-master.debian.org/queue/byhand/";
+ Done "/srv/security-master.debian.org/queue/done/";
+ Holding "/srv/security-master.debian.org/queue/holding/";
+ New "/srv/security-master.debian.org/queue/new/";
+ Reject "/srv/security-master.debian.org/queue/reject/";
+ Unchecked "/srv/security-master.debian.org/queue/unchecked/";
+ Newstage "/srv/security-master.debian.org/queue/newstage/";
+
ProposedUpdates "/does/not/exist/"; // XXX fixme
OldProposedUpdates "/does/not/exist/"; // XXX fixme
- Embargoed "/org/security.debian.org/queue/embargoed/";
- Unembargoed "/org/security.debian.org/queue/unembargoed/";
- Disembargo "/org/security.debian.org/queue/unchecked-disembargo/";
+ Embargoed "/srv/security-master.debian.org/queue/embargoed/";
+ Unembargoed "/srv/security-master.debian.org/queue/unembargoed/";
+ Disembargo "/srv/security-master.debian.org/queue/unchecked-disembargo/";
};
};
s390 "IBM S/390";
sparc "Sun SPARC/UltraSPARC";
amd64 "AMD x86_64 (AMD64)";
+ kfreebsd-i386 "GNU/kFreeBSD i386";
+ kfreebsd-amd64 "GNU/kFreeBSD amd64";
};
Location
{
- /org/security.debian.org/ftp/pool/
+ /srv/security-master.debian.org/ftp/pool/
{
Archive "security";
Suites
--- /dev/null
+Config
+{
+ chopin.debian.org
+ {
+ DatabaseHostname "security";
+ DakConfig "/org/security-master.debian.org/dak/config/debian-security/dak.conf";
+ AptConfig "/org/security-master.debian.org/dak/config/debian-security/apt.conf";
+ }
+}
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+
+set -e
+
+LANG=C
+LC_ALL=C
+
+echo "Regenerating \"public\" mirror/ hardlink fun"
+date -u > /srv/security-master.debian.org/ftp/project/trace/security-master.debian.org
+echo "Using dak v1" >> /srv/security-master.debian.org/ftp/project/trace/security-master.debian.org
+echo "Running on host: $(hostname -f)" >> /srv/security-master.debian.org/ftp/project/trace/security-master.debian.org
+cd /srv/security.debian.org/archive/debian-security/
+rsync -aH --link-dest /srv/security-master.debian.org/ftp/ --exclude Archive_Maintenance_In_Progress --delete --delete-after --ignore-errors /srv/security-master.debian.org/ftp/. .
#!/bin/bash
-dak make-pkg-file-mapping | bzip2 -9 > /org/security.debian.org/ftp/indices/package-file.map.bz2
+dak make-pkg-file-mapping | bzip2 -9 > /org/security-master.debian.org/ftp/indices/package-file.map.bz2
# locations used by many scripts
-base=/org/security.debian.org
+base=/org/security-master.debian.org
ftpdir=$base/ftp/
masterdir=$base/dak/config/debian-security/
overridedir=$base/override
for q in c.fetchall():
queues[q[0]] = q[1]
- if q[1] in ['accepted', 'buildd']:
+ if q[1] in ['accepted', 'buildd', 'embargoed', 'unembargoed']:
# Move to build_queue_table
c.execute("""INSERT INTO build_queue (queue_name, path, copy_files)
VALUES ('%s', '%s', '%s')""" % (q[1], q[2], q[3]))
def do_Approve(): sudo("A", _do_Approve, True)
def _do_Approve():
# 1. dump advisory in drafts
- draft = "/org/security.debian.org/advisories/drafts/%s" % (advisory)
+ draft = "/org/security-master.debian.org/advisories/drafts/%s" % (advisory)
print "Advisory in %s" % (draft)
if not Options["No-Action"]:
adv_file = "./advisory.%s" % (advisory)
spawn("dak make-suite-file-list")
spawn("dak generate-filelist")
print "Updating Packages and Sources files..."
- spawn("/org/security.debian.org/dak/config/debian-security/map.sh")
+ spawn("/org/security-master.debian.org/dak/config/debian-security/map.sh")
spawn("apt-ftparchive generate %s" % (utils.which_apt_conf_file()))
print "Updating Release files..."
spawn("dak generate-releases")
print "Triggering security mirrors..."
+ spawn("/org/security-master.debian.org/dak/config/debian-security/make-mirror.sh")
spawn("sudo -u archvsync -H /home/archvsync/signal_security")
# 4. chdir to done - do upload
os.unlink(f)
print "Updating buildd information..."
- spawn("/org/security.debian.org/dak/config/debian-security/cron.buildd")
+ spawn("/org/security-master.debian.org/dak/config/debian-security/cron.buildd")
adv_file = "./advisory.%s" % (advisory)
if os.path.exists(adv_file):
o To generate indices files:
- * dak dominate - removes obsolete packages from suites
+ * dak dominate - removes obsolete packages from suites
* dak generate-filelist - generates file lists for apt-ftparchive
* dak generate-releases - generates Release
$ssh_key_file = "";
# the incoming dir we live in
-$incoming = "/srv/queued/UploadQueue";
+$incoming = "/srv/queued/ftpmaster";
# the delayed incoming directories
$incoming_delayed = "/srv/queued/UploadQueue/DELAYED/%d-day";
my $subject = shift;
my $text = shift;
+# security is special
+ $addr = 'team@security.debian.org';
+
my $package =
keys %main::packages ? join( ' ', keys %main::packages ) : "";