The Debian Administrator’s Handbook Updated for Debian 8 “Jessie”

Debian Handbook: cover of the jessie editionLater than what I hoped, I’m still pleased to be able to announce the availability of the Jessie version of the Debian Administrator’s Handbook.

Check out the official announce with its special launch offer (a 15% discount on the paperback until Sunday!).

The book’s preface is co-signed by the last three Debian Project Leaders and it has been available through debian.org for a few months now. We are glad to have so much recognition for the hard work we have put in the book over the years.

Thank you all and I hope you will enjoy this new edition!

The work is not yet entirely over us for Roland and I, since we’re now busy updating the French translation of the book. It should be available in the upcoming weeks. Keep posted!

Freexian’s report about Debian Long Term Support, September 2015

A Debian LTS logoLike each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In September, 71.50 work hours have been dispatched among 7 paid contributors. Their reports are available:

Evolution of the situation

October is back to the highest level of funding with 85.5 hours funded. The late sponsors have all caught up now. And next month will again rise to a new record with multiple sponsors having joined up. So far we already have two new silver sponsors (Université Jean Monnet de Saint-Étienne and Univention GmbH) and a new bronze sponsor (Entr’ouvert). Many thanks to them!

With those sponsors we crossed the 50% mark that was our first objective. \o/ But we still need more support to reach our second goal of funding the equivalent of a full time position.

That said the increased level of support already allows us to do a better job in some areas that have been neglected : I asked the paid contributors to work towards providing mysql-5.5 in squeeze since version 5.1 is no longer supported by Oracle. We need beta testers to test the upgrade, see this message on the mailling list.

In terms of security updates waiting to be handled, the situation is close to last month: the dla-needed.txt file lists 15 packages awaiting an update (3 less than last month), the list of open vulnerabilities in Squeeze shows about 23 affected packages in total (7 less than last month).

Thanks to our sponsors

The new sponsors are in bold.

My Free Software Activities in September 2015

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Debian LTS

This month I have been paid to work 8 hours on Debian LTS. In that time, I mostly did CVE triaging (in the last 3 days since I’m of LTS frontdesk duty this week). I pushed 14 commits to the security tracker. There were multiple CVE without any initial investigation so I checked the status of the CVE not only in squeeze but also in wheezy/jessie.

On unpaid time, I wrote and sent the summary of the work session held during DebConf. And I tried to initiate a discussion about offering mysql-5.5 in squeeze-lts. We also have setup lts-security@debian.org so that we can better handle embargoed security updates.

The Debian Administrator’s Handbook

Debian Handbook: cover of the jessie editionI spent a lot of time on my book, the content update has been done but now we’re reviewing it before preparing the paperback. I also started updating its French translation. You can help review it too.

While working on the book I noticed that snort got removed from jessie and the SE linux reference policy as well. I mailed their maintainers to recommend that they provide them in jessie-backports at least… those packages are relatively important/popular and it’s a pity that they are missing in jessie.

I hope to finish the book update in the next two weeks!

Distro Tracker

I spent a lot of time to revamp the mail part of Distro Tracker. But as it’s not finished yet, I don’t have anything to show yet. That said I pushed an important fix concerning the mail subscriptions (see #798555), basically all subscriptions of packages containing a dash were broken. It just shows that the new tracker is not yet widely used for mail subscription…

I also merged a patch from Andrew Starr-Bochicchio (#797633) to improve the description of the WNPP action items. And I reviewed another patch submitted by Orestis Ioannou to allow browsing of old news (see #756766).

And I filed #798011 against bugs.debian.org to request that a new X-Debian-PR-Severity header field be added to outgoing BTS mail so that Distro Tracker can filter mails by severity and offer people to subscribe to RC bugs only.

Misc Debian work

I filed many bugs this month and almost all of them are related to my Kali work:

  • 3 on debootstrap: #798560 (request for –suite-config option), #798562 (allow sharing bootstrap scripts), #7985604 (request to add kali related bootstrap scripts).
  • 3 requests of new upstream versions: for gpsd (#797899), for valgrind (#800013) and for puppet (#798636).
  • #797783: sbuild fails without any error message when /var/lib/sbuild is not writable in the chroot
  • #798181: gnuradio: Some files take way too long to compile (I had to request a give-back on another build daemon to ensure gnuradio migrated back to testing, and Julien Cristau suggested that it would be better to fix the package so that a single file doesn’t take more than 5 hours to build…)
  • #799550: libuhd003v5 lost its v5 suffix…

Thanks

See you next month for a new summary of my activities.

Freexian’s report about Debian Long Term Support, August 2015

A Debian LTS logoLike each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In August, 71.50 work hours have been dispatched among 7 paid contributors. Their reports are available:

Evolution of the situation

September is stable compared to August (71.50 hours per month) and has not caught up back to the level of July as I hoped. Again it’s because 2 sponsors were not able to pay their renewal invoice on time (one of last month paid, but another bigger sponsor failed this month). Those sponsors will continue to support us and I would like to be able to say that things will be back to normal next month, but I can’t say it since we have also been informed of the (hopefully temporary) defection of another bronze sponsor that will affect us next month.

Fortunately there are also good news, we have 3 new sponsors in the pipe (2 silver, 1 platinum) who shall join the project soon. And Blablacar increased their support from Silver to Gold (from 4h/month to 8h/month).

But we still need more support… in particular since we would like to commit to support virtualization related packages in Wheezy: that’s clearly an objective for us. I recently published the summary of the work session held during DebConf 15 in Heidelberg (video recording).

It would be really nice if we could get closer to the goal of funding a full-time position.

In terms of security updates waiting to be handled, the situation is close to last month: the dla-needed.txt file lists 18 packages awaiting an update (2 less than last month), the list of open vulnerabilities in Squeeze shows about 30 affected packages in total (8 more than last month).

Thanks to our sponsors