apt-get install debian-wizard

Insider infos, master your Debian/Ubuntu distribution

You are here: Home / Archives for Debian Handbook

My Free Software Activities in October 2015

by

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Debian LTS

This month I have been paid to work 13.25 hours on Debian LTS. During this time I worked on the following things:

  • I prepared and released DLA 330-1 fixing two CVE on unzip.
  • I prepared a bouncycastle update fixing CVE-2015-7940 (after having requested that CVE assignment since nobody had done it yet) but I have not yet released the corresponding DLA yet since I’m waiting for a review by the upstream author. This is hairy cryptographic Java code that was non-trivial to backport and I’d rather make sure that I do not mess anything. The patches are available in the bug report #802671 that I opened.
  • I tested the update to MySQL 5.5 with multiple packages and sent back my findings to the debian-lts mailing list.

I also started a conversation about what paid contributors could work on if they have some spare cycle as the current funding level might allow us to invest some time on work outside of just plain security updates.

The Debian Administrator’s Handbook

I spent quite some time finalizing the Jessie book update, both for the content and for the layout of the printed book.

Debian Handbook: cover of the jessie edition

Misc Debian work

GNOME 3.18. I uploaded a new gnome-shell-timer working with GNOME Shell 3.18 and I filed bugs #800660 and #802480 about an annoying gnome-keyring regression… I did multiple test rounds with the Debian maintainers (Dmitry Shachnev, kudos to him!) and the upstream developers (see here and here). Apart from those regressions, I like GNOME 3.18!

Python-modules team migration to Git. After the Git migration, and since the team policy now imposes usage of git-dpm on all members, I made some tries with it on the python-django package while pushing version 1.8.5 to experimental. And the least I can say is that I’m not pleased with the result. I thus filed 3 bugs summarizing the problems I have with git-dpm: #801666 (no way to set the upstream branch names from within the repository), #801667 (no clean way to merge between packaging branches), #801668 (does not create upstream tag immediately on tarball import). That is on top of other randomly stupid bugs that were already reported like #801548 (does not work with perfectly valid pre-existing upstream tags).

Django packaging. I filed bugs on all packages build-depending on python-django that fail to build with Django 1.8 and informed them that I would upload Django 1.8 to unstable in early November (it’s done already). Then I fixed python-django-jsonfield myself since Distro Tracker relies on this package.

Following this small mass-bug filing, I filed a wishlist bug on devscripts to improve the “mass-bug” helper script (see #801926). And since I used “ratt” to rebuild the packages, I filed a wishlist issue on this new tool as well.

Tryton 3.6 upgrade. I upgraded my own Tryton installation to version 3.6 and filed bug #803066 because the SysV init script was not working properly. That also reminded me that the DD process of Matthias Behrle (the tryton package maintainer) was stalled due to a bug in the NM infrastructure so I pinged the NM team and we sorted out a way for me to advocate him and get his process going…

Distro Tracker. I continued my work to refactor the way we handle incoming mail processing (branch people/hertzog/mailprocessing). It’s now mostly finished and I need to deploy it in a test environment before being able to roll it out on tracker.debian.org.

Thanks

See you next month for a new summary of my activities.

The Debian Administrator’s Handbook Updated for Debian 8 “Jessie”

by

Debian Handbook: cover of the jessie editionLater than what I hoped, I’m still pleased to be able to announce the availability of the Jessie version of the Debian Administrator’s Handbook.

Check out the official announce with its special launch offer (a 15% discount on the paperback until Sunday!).

The book’s preface is co-signed by the last three Debian Project Leaders and it has been available through debian.org for a few months now. We are glad to have so much recognition for the hard work we have put in the book over the years.

Thank you all and I hope you will enjoy this new edition!

The work is not yet entirely over us for Roland and I, since we’re now busy updating the French translation of the book. It should be available in the upcoming weeks. Keep posted!

My Free Software Activities in September 2015

by

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Debian LTS

This month I have been paid to work 8 hours on Debian LTS. In that time, I mostly did CVE triaging (in the last 3 days since I’m of LTS frontdesk duty this week). I pushed 14 commits to the security tracker. There were multiple CVE without any initial investigation so I checked the status of the CVE not only in squeeze but also in wheezy/jessie.

On unpaid time, I wrote and sent the summary of the work session held during DebConf. And I tried to initiate a discussion about offering mysql-5.5 in squeeze-lts. We also have setup lts-security@debian.org so that we can better handle embargoed security updates.

The Debian Administrator’s Handbook

Debian Handbook: cover of the jessie editionI spent a lot of time on my book, the content update has been done but now we’re reviewing it before preparing the paperback. I also started updating its French translation. You can help review it too.

While working on the book I noticed that snort got removed from jessie and the SE linux reference policy as well. I mailed their maintainers to recommend that they provide them in jessie-backports at least… those packages are relatively important/popular and it’s a pity that they are missing in jessie.

I hope to finish the book update in the next two weeks!

Distro Tracker

I spent a lot of time to revamp the mail part of Distro Tracker. But as it’s not finished yet, I don’t have anything to show yet. That said I pushed an important fix concerning the mail subscriptions (see #798555), basically all subscriptions of packages containing a dash were broken. It just shows that the new tracker is not yet widely used for mail subscription…

I also merged a patch from Andrew Starr-Bochicchio (#797633) to improve the description of the WNPP action items. And I reviewed another patch submitted by Orestis Ioannou to allow browsing of old news (see #756766).

And I filed #798011 against bugs.debian.org to request that a new X-Debian-PR-Severity header field be added to outgoing BTS mail so that Distro Tracker can filter mails by severity and offer people to subscribe to RC bugs only.

Misc Debian work

I filed many bugs this month and almost all of them are related to my Kali work:

  • 3 on debootstrap: #798560 (request for –suite-config option), #798562 (allow sharing bootstrap scripts), #7985604 (request to add kali related bootstrap scripts).
  • 3 requests of new upstream versions: for gpsd (#797899), for valgrind (#800013) and for puppet (#798636).
  • #797783: sbuild fails without any error message when /var/lib/sbuild is not writable in the chroot
  • #798181: gnuradio: Some files take way too long to compile (I had to request a give-back on another build daemon to ensure gnuradio migrated back to testing, and Julien Cristau suggested that it would be better to fix the package so that a single file doesn’t take more than 5 hours to build…)
  • #799550: libuhd003v5 lost its v5 suffix…

Thanks

See you next month for a new summary of my activities.

My Free Software Activities in June 2015

by

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Debian LTS

This month I have been paid to work 14.5 hours on Debian LTS. In that time I did the following:

  • CVE triage: I pushed 24 commits to the security tracker. I also setup a rotation with other paid contributors. That way this task doesn’t rely on me exclusively.
  • Reviewed a libapache-mod-jk update and sent DLA-240-1.
  • Prepared and released DLA-257-1 on libwmf fixing one CVE.
  • Reviewed a shibboleth-sp2 update and sent DLA-259-1. Lacking a proper test setup, the tests done were minimal.
  • Prepared and released DLA-260-1 on hostapd fixing one CVE.
  • Prepared and released DLA-261-1 on aptdaemon fixing one CVE.
  • I started to work on a wishlist bug for tracker.debian.org: displaying open security issues in stable releases is important to catch the attention of package maintainers. Right now it only displays something when security issues are open in unstable.

Other Debian work

Distro Tracker. I fixed a few issues that were affecting the tracker: SSL access to the BTS soap interface was not working due to changes in the way SSL certificates are managed on Debian machines (see #787410 for details of a similar problem), and the bugs panel disappeared for a while (see #787163). I also merged some minor changes from Christophe Siraut and James McCoy.

The Debian Administrator’s Handbook. After some exchanges with Osamu Osuaki of the debian-doc team, we agreed to host a copy of my (DFSG-free) book on debian.org so that it can be better promoted to newcomers who are discovering Debian. It’s over there. I made some changes to the official package (notably integrating all available translations) to make this possible.

Packaging. I uploaded two new release of publican to unstable (4.3.0 and 4.3.1), although I had to cheat by building them in stretch due to a build failure in unstable caused by a libxml2 regression (see #766884). I fixed two small bug reported against the package: a badly documented license (#787993) and a request to replace the dependency on perlmagick to libimage-magick-perl (#789223).

I uploaded zim 0.63 and a new gnome-shell-timer for GNOME 3.16 compatibility.
And I sponsored python-requirements-detector (#789497) as a prerequisite for prospector (a package that I requested some time ago in #781165). I also took care of a stable update of python-reportlab (#787806) at the request of a customer.

Kali related contributions. In Kali, we rely heavily on reprepro to manage our archive. It works rather well for us but over time we identified some annoying issues. I just reported some of them:

  • It should be able to keep unreferenced files for a few days before deleting theme (#788105).
  • It should be possible to clone a distribution in a single command (#788843).
  • It should be possible to rename a distribution in a single command (#788846).

live-build is another important tool for us and when we started using new codenames for our releases, we re-discovered some problems and this time we submitted a bug report with some suggestion to make it more generic (#789800) and committed a small fix to avoid a stupid failure when the release is unknown to live-build.

Misc stuff

Hardware support issue. I have some problems to get some USB disks detected during boot of my Intel NUC, so I sent a bug report to the linux USB developers. It’s a weird issue and rather annoying as it means that my private NAS stops working after each reboot (until I powercycle the external disk enclosure).

My websites. You might have noticed some changes on raphaelhertzog.com and raphaelhertzog.fr. I have deployed new themes that should be mobile-friendly and I also deployed proper https support with free certificates from wosign.com (until letsencrypt.org is ready for general usage). Same goes for the freexian.com webpage hosting our Debian LTS sponsorship offer.

Thanks

See you next month for a new summary of my activities.

Tags

3.0 (quilt) Activity summary APT aptitude Blog Book Cleanup conffile Contributing CUT d-i Debconf Debian Debian France Debian Handbook Debian Live Distro Tracker dpkg dpkg-source Flattr Flattr FOSS Freexian Funding Git GNOME GSOC HOWTO Interview LTS Me Multiarch nautilus-dropbox News Packaging pkg-security Programming PTS publican python-django Reference release rolling synaptic Ubuntu WordPress

Recent Posts