Bug#1092625: RFS: xchpst/0.2.1-1 [ITP] -- eXtended CHange Process STate

Andrew Bower andrew at bower.uk
Fri Jan 10 01:32:49 GMT 2025 

Package: sponsorship-requests
Severity: wishlist
X-Debbugs-CC: debian-init-diversity at chiark.greenend.org.uk

Dear mentors,

I am looking for a sponsor for my package "xchpst".

xchpst unlocks modern hardening options for system services supervised
by runit. This new tool is backwards compatible with runit's chpst,
adding options to set up Linux namespaces, control capabilities
and various other process control options, in a single invocation.

 * Package name     : xchpst
   Version          : 0.2.1-1
   Upstream contact : Andrew Bower <andrew at bower.uk>
 * URL              : https://gitlab.com/abower/xchpst
 * License          : Expat
 * Vcs              : https://salsa.debian.org/abower/xchpst
   Section          : admin

The source builds the following binary packages:

  xchpst - eXtended CHange Process STate

The proposed package is available on mentors:

  https://mentors.debian.net/package/xchpst/
  dget -x https://mentors.debian.net/debian/pool/main/x/xchpst/xchpst_0.2.1-1.dsc

Changes for the initial release:

 xchpst (0.2.1-1) unstable; urgency=medium
 .
   * Initial release (Closes: #1092288)

There is plenty of scope to expand the range of hardening options
upstream. Uploading this version will enable service runscripts to
benefit now and close the feedback loop to help direct priorities.

For an example of how xchpst could be applied, please see the head commit
on this proof-of-concept branch:

https://salsa.debian.org/abower/runit-services/-/commits/xchpst-poc

This feature is developed separately from the runit package to avoid
bloating lean runit. In order to allow runscripts to benefit without
introducing avoidable dependencies and be able to fallback to just the
options supported by chpst, I will suggest the addition of a simple
script and man page there that xchpst will divert away:

https://salsa.debian.org/abower/runit/-/commits/xchpst-compat

Thanks,

-- 
  Andrew Bower
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.chiark.greenend.org.uk/pipermail/debian-init-diversity/attachments/20250110/1fd2cdb9/attachment.sig>

More information about the Debian-init-diversity mailing list