apt-get install debian-wizard

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Distro Tracker

Since we switched to salsa, and with the arrival of prospective GSOC students interested to work on distro-tracker this summer, I have been rather active on this project as can be seen in the project’s activity summary. Among the most important changes we can note:

• The documentation and code coverage analysis is updated on each push.
• Unit tests, functional tests and style checks (flake8) are run on each push but also on merge requests, allowing contributors to have quick feedback on their code. Implemented with this Gitlab CI configuration.
• Multiple bug fixes (more of it). Update code to use python3-gpg instead of deprecated python3-gpgme (I had to coordinate with DSA to get the new package installed).
• More unit tests for team related code. Still a work in progress but I made multiple reviews already.

Debian Live

I created the live-team on salsa.debian.org to prepare for the move of the various Debian live repositories. The move itself has been done by Steve McIntyre. In the discussion, we also concluded that the live-images source package can go away. I thus filed its removal request.

Then I spent a whole day reviewing all the pending patches. I merged most of them and left comments on the remaining ones:

• Merged #885453 cleaning up double slashes in some paths.
• Merged #885466 allowing to set upperdir tmpfs mount point size.
• Merged #885455 switching back the live-boot initrd to use busybox’s wget as it supports https now.
• Merged #886328 simplifying the mount points handling by using /run/live instead of /lib/live/mount.
• Merged #886337 adding options to build smaller initrd by disabling some features.
• Merged #866009 fixing a race condition between live-config and systemd-tmpfiles-setup.
• Reviewed #884355 implementing new hooks in live-boot’s initrd. Not ready for merge yet.
• Reviewed #884553 implementing cross-architecture linux flavour selection. Not ready for merge yet.
• Merged #891206 fixing a regression with local mirrors.
• Merged #867539 lowering the process priority of mksquasfs to avoid rendering the machine completely unresponsive during this step.
• Merged #885692 adding UEFI support for ARM64.
• Merged #847919 simplifying the bootstrap of foreign architectures.
• Merged #868559 fixing fuse mounts by switching back to klibc’s mount.
• Wrote a patch to fix verify-checksums option in live-boot (see #856482).

I released a new version of live-config but wanted some external testing before releasing the new live-boot. This did not happen yet unfortunately.

Debian LTS

I started a discussion on debian-devel about how we could handle the extension of the LTS program that some LTS sponsors are asking us to do.

The response have been rather mixed so far. It is unlikely that wheezy will be kept on the official mirror after its official EOL date but it’s not clear whether it would be possible to host the wheezy updates on some other debian.org server for longer.

Debian Handbook

I moved the git repository of the book to salsa and released a new version in unstable to fix two recent bugs: #888575 asking us to implement some parallel building to speed the build and #888578 informing us that a recent debhelper update broke the build process due to the presence of a build directory in the source package.

Debian Packaging

I moved all my remaining packages to salsa.debian.org and used the opportunity to clean them up:

• dh-linktree, ftplib, gnome-shell-timer (fixed #891305 later), logidee-tools, publican, publican-debian, vboot-utils, rozofs
• Some also got a new upstream release for the same price: tcpdf, lpctools, elastalert, notmuch-addrlookup.
• I orphaned tcpdf in #889731 and I asked for the removal of feed2omb in #742601.
• I updated django-modeltranslation to 0.12.2 to fix FTBFS bug #834667 (I submitted an upstream pull request at the same time).

Dolibarr. As a sponsor of dolibarr I filed its removal request and then I started a debian-devel discussion because we should be able to provide such applications to our users even though its development practice does not conform to some of our policies.

Bash. I uploaded a bash NMU (4.4.18-1.1) to fix a regression introduced by the PIE-enabled build (see #889869). I filed an upstream bug against bash but it turns out it’s actually a bug in qemu-user that really ought to be fixed. I reported the bug to qemu upstream but it hasn’t gotten much traction.

pkg-security team. I sponsored many updates over the month: rhash 1.3.5-1, medusa 2.2-5, hashcat, dnsrecon, btscanner, wfuzz 2.2.9, pixiewps 1.4.2-1, inetsim (new from kali). I also made a new upload of sslsniff with the OpenSSL 1.1 patch contributed by Hilko Bengen.

Debian bug reports

I filed a few bug reports:

• #889814: lintian: Improve long description of epoch-change-without-comment
• #889816: lintian: Complain when epoch has been bumped but upstream version did not go backwards
• #890594: devscripts: Implement a salsa-configure script to configure salsa.debian.org project repositories
• #890700 and #890701 about missing Vcs-Git fields to siridb-server and libcleri
• #891301: lintian: privacy-breach-generic should not complain about <link rel=”generator”> and others

Misc contributions

Saltstack formulas. I pushed misc fixes to the munin-formula, the samba-formula and the openssh-formula. I submitted two other pull requests: on samba-formula and on users-formula.

QA’s carnivore database. I fixed a bug in a carnivore script that was spewing error messages about duplicate uids. This database links together multiple identifiers (emails, GPG key ids, LDAP entry, etc.) for the same Debian contributor.

Thanks

See you next month for a new summary of my activities.