1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) 2007 Free Software Foundation, Inc.
9 "Project-Id-Version: PACKAGE VERSION\n"
10 "Report-Msgid-Bugs-To: \n"
11 "POT-Creation-Date: 2009-06-25 22:00+0300\n"
12 "PO-Revision-Date: 2007-07-01 23:15+0000\n"
13 "Last-Translator: <>\n"
16 "Content-Type: text/plain; charset=UTF-8\n"
17 "Content-Transfer-Encoding: \n"
19 # type: Content of: <chapter><title>
20 #. type: Content of: <chapter><title>
22 msgid "Managing Packages"
23 msgstr "Gestion des paquets"
25 # type: Content of: <chapter><para>
26 #. type: Content of: <chapter><para>
29 "This chapter contains information related to creating, uploading, "
30 "maintaining, and porting packages."
32 "Ce chapitre contient des informations relatives à la création, l'envoi,la "
33 "maintenance et le portage des paquets."
35 # type: Content of: <chapter><section><title>
36 #. type: Content of: <chapter><section><title>
39 msgstr "Nouveaux paquets"
41 # type: Content of: <chapter><section><para>
42 #. type: Content of: <chapter><section><para>
45 "If you want to create a new package for the Debian distribution, you should "
46 "first check the <ulink url=\"&url-wnpp;\">Work-Needing and Prospective "
47 "Packages (WNPP)</ulink> list. Checking the WNPP list ensures that no one is "
48 "already working on packaging that software, and that effort is not "
49 "duplicated. Read the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink> for "
53 # type: Content of: <chapter><section><para>
54 #. type: Content of: <chapter><section><para>
57 "Assuming no one else is already working on your prospective package, you "
58 "must then submit a bug report (<xref linkend=\"submit-bug\"/> ) against the "
59 "pseudo-package <systemitem role=\"package\">wnpp</systemitem> describing "
60 "your plan to create a new package, including, but not limiting yourself to, "
61 "a description of the package, the license of the prospective package, and "
62 "the current URL where it can be downloaded from."
65 # type: Content of: <chapter><section><para>
66 #. type: Content of: <chapter><section><para>
69 "You should set the subject of the bug to <literal>ITP: <replaceable>foo</"
70 "replaceable> -- <replaceable>short description</replaceable></literal>, "
71 "substituting the name of the new package for <replaceable>foo</"
72 "replaceable>. The severity of the bug report must be set to "
73 "<literal>wishlist</literal>. Please send a copy to &email-debian-devel; by "
74 "using the X-Debbugs-CC header (don't use CC:, because that way the message's "
75 "subject won't indicate the bug number). If you are packaging so many new "
76 "packages (>10) that notifying the mailing list in seperate messages is too "
77 "disruptive, do send a summary after filing the bugs to the debian-devel list "
78 "instead. This will inform the other developers about upcoming packages and "
79 "will allow a review of your description and package name."
82 # type: Content of: <chapter><section><para>
83 #. type: Content of: <chapter><section><para>
86 "Please include a <literal>Closes: bug#<replaceable>nnnnn</replaceable></"
87 "literal> entry in the changelog of the new package in order for the bug "
88 "report to be automatically closed once the new package is installed in the "
89 "archive (see <xref linkend=\"upload-bugfix\"/> )."
92 #. type: Content of: <chapter><section><para>
95 "If you think your package needs some explanations for the administrators of "
96 "the NEW package queue, include them in your changelog, send to "
97 "ftpmaster@debian.org a reply to the email you receive as a maintainer after "
98 "your upload, or reply to the rejection email in case you are already re-"
102 # type: Content of: <chapter><section><para>
103 #. type: Content of: <chapter><section><para>
106 "When closing security bugs include CVE numbers as well as the Closes: "
107 "#nnnnn. This is useful for the security team to track vulnerabilities. If "
108 "an upload is made to fix the bug before the advisory ID is known, it is "
109 "encouraged to modify the historical changelog entry with the next upload. "
110 "Even in this case, please include all available pointers to background "
111 "information in the original changelog entry."
114 # type: Content of: <chapter><section><para>
115 #. type: Content of: <chapter><section><para>
118 "There are a number of reasons why we ask maintainers to announce their "
122 # type: Content of: <chapter><section><itemizedlist><listitem><para>
123 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
126 "It helps the (potentially new) maintainer to tap into the experience of "
127 "people on the list, and lets them know if anyone else is working on it "
131 # type: Content of: <chapter><section><itemizedlist><listitem><para>
132 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
135 "It lets other people thinking about working on the package know that there "
136 "already is a volunteer, so efforts may be shared."
139 # type: Content of: <chapter><section><itemizedlist><listitem><para>
140 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
143 "It lets the rest of the maintainers know more about the package than the one "
144 "line description and the usual changelog entry ``Initial release'' that gets "
145 "posted to &email-debian-devel-changes;."
148 # type: Content of: <chapter><section><itemizedlist><listitem><para>
149 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
152 "It is helpful to the people who live off <literal>unstable</literal> (and "
153 "form our first line of testers). We should encourage these people."
156 # type: Content of: <chapter><section><itemizedlist><listitem><para>
157 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
160 "The announcements give maintainers and other interested parties a better "
161 "feel of what is going on, and what is new, in the project."
164 # type: Content of: <chapter><section><para>
165 #. type: Content of: <chapter><section><para>
168 "Please see <ulink url=\"http://&ftp-master-host;/REJECT-FAQ.html\"></ulink> "
169 "for common rejection reasons for a new package."
172 # type: Content of: <chapter><section><title>
173 #. type: Content of: <chapter><section><title>
175 msgid "Recording changes in the package"
178 # type: Content of: <chapter><section><para>
179 #. type: Content of: <chapter><section><para>
182 "Changes that you make to the package need to be recorded in the "
183 "<filename>debian/changelog</filename>. These changes should provide a "
184 "concise description of what was changed, why (if it's in doubt), and note if "
185 "any bugs were closed. They also record when the package was completed. "
186 "This file will be installed in <filename>/usr/share/doc/"
187 "<replaceable>package</replaceable>/changelog.Debian.gz</filename>, or "
188 "<filename>/usr/share/doc/<replaceable>package</replaceable>/changelog.gz</"
189 "filename> for native packages."
192 # type: Content of: <chapter><section><para>
193 #. type: Content of: <chapter><section><para>
196 "The <filename>debian/changelog</filename> file conforms to a certain "
197 "structure, with a number of different fields. One field of note, the "
198 "<literal>distribution</literal>, is described in <xref linkend=\"distribution"
199 "\"/> . More information about the structure of this file can be found in "
200 "the Debian Policy section titled <filename>debian/changelog</filename>."
203 # type: Content of: <chapter><section><para>
204 #. type: Content of: <chapter><section><para>
207 "Changelog entries can be used to automatically close Debian bugs when the "
208 "package is installed into the archive. See <xref linkend=\"upload-bugfix\"/"
212 # type: Content of: <chapter><section><para>
213 #. type: Content of: <chapter><section><para>
216 "It is conventional that the changelog entry of a package that contains a new "
217 "upstream version of the software looks like this:"
220 #. type: Content of: <chapter><section><screen>
223 msgid " * new upstream version\n"
226 # type: Content of: <chapter><section><para>
227 #. type: Content of: <chapter><section><para>
230 "There are tools to help you create entries and finalize the "
231 "<filename>changelog</filename> for release — see <xref linkend=\"devscripts"
232 "\"/> and <xref linkend=\"dpkg-dev-el\"/> ."
235 # type: Content of: <chapter><section><para>
236 #. type: Content of: <chapter><section><para>
238 msgid "See also <xref linkend=\"bpp-debian-changelog\"/> ."
241 # type: Content of: <chapter><section><title>
242 #. type: Content of: <chapter><section><title>
244 msgid "Testing the package"
247 # type: Content of: <chapter><section><para>
248 #. type: Content of: <chapter><section><para>
251 "Before you upload your package, you should do basic testing on it. At a "
252 "minimum, you should try the following activities (you'll need to have an "
253 "older version of the same Debian package around):"
256 # type: Content of: <chapter><section><itemizedlist><listitem><para>
257 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
260 "Install the package and make sure the software works, or upgrade the package "
261 "from an older version to your new version if a Debian package for it already "
265 # type: Content of: <chapter><section><itemizedlist><listitem><para>
266 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
269 "Run <command>lintian</command> over the package. You can run "
270 "<command>lintian</command> as follows: <literal>lintian -v "
271 "<replaceable>package-version</replaceable>.changes</literal>. This will "
272 "check the source package as well as the binary package. If you don't "
273 "understand the output that <command>lintian</command> generates, try adding "
274 "the <literal>-i</literal> switch, which will cause <command>lintian</"
275 "command> to output a very verbose description of the problem."
278 # type: Content of: <chapter><section><itemizedlist><listitem><para>
279 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
282 "Normally, a package should <emphasis>not</emphasis> be uploaded if it causes "
283 "lintian to emit errors (they will start with <literal>E</literal>)."
286 # type: Content of: <chapter><section><itemizedlist><listitem><para>
287 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
290 "For more information on <command>lintian</command>, see <xref linkend="
294 # type: Content of: <chapter><section><itemizedlist><listitem><para>
295 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
298 "Optionally run <xref linkend=\"debdiff\"/> to analyze changes from an older "
299 "version, if one exists."
302 # type: Content of: <chapter><section><itemizedlist><listitem><para>
303 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
306 "Downgrade the package to the previous version (if one exists) — this tests "
307 "the <filename>postrm</filename> and <filename>prerm</filename> scripts."
310 # type: Content of: <chapter><section><itemizedlist><listitem><para>
311 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
313 msgid "Remove the package, then reinstall it."
316 # type: Content of: <chapter><section><itemizedlist><listitem><para>
317 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
320 "Copy the source package in a different directory and try unpacking it and "
321 "rebuilding it. This tests if the package relies on existing files outside "
322 "of it, or if it relies on permissions being preserved on the files shipped "
323 "inside the .diff.gz file."
326 # type: Content of: <chapter><section><title>
327 #. type: Content of: <chapter><section><title>
329 msgid "Layout of the source package"
332 # type: Content of: <chapter><section><para>
333 #. type: Content of: <chapter><section><para>
335 msgid "There are two types of Debian source packages:"
338 # type: Content of: <chapter><section><itemizedlist><listitem><para>
339 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
342 "the so-called <literal>native</literal> packages, where there is no "
343 "distinction between the original sources and the patches applied for Debian"
346 # type: Content of: <chapter><section><itemizedlist><listitem><para>
347 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
350 "the (more common) packages where there's an original source tarball file "
351 "accompanied by another file that contains the patches applied for Debian"
354 # type: Content of: <chapter><section><para>
355 #. type: Content of: <chapter><section><para>
358 "For the native packages, the source package includes a Debian source control "
359 "file (<literal>.dsc</literal>) and the source tarball (<literal>.tar.gz</"
360 "literal>). A source package of a non-native package includes a Debian "
361 "source control file, the original source tarball (<literal>.orig.tar.gz</"
362 "literal>) and the Debian patches (<literal>.diff.gz</literal>)."
365 # type: Content of: <chapter><section><para>
366 #. type: Content of: <chapter><section><para>
369 "Whether a package is native or not is determined when it is built by "
370 "<citerefentry> <refentrytitle>dpkg-buildpackage</refentrytitle> "
371 "<manvolnum>1</manvolnum> </citerefentry>. The rest of this section relates "
372 "only to non-native packages."
375 # type: Content of: <chapter><section><para>
376 #. type: Content of: <chapter><section><para>
379 "The first time a version is uploaded which corresponds to a particular "
380 "upstream version, the original source tar file should be uploaded and "
381 "included in the <filename>.changes</filename> file. Subsequently, this very "
382 "same tar file should be used to build the new diffs and <filename>.dsc</"
383 "filename> files, and will not need to be re-uploaded."
386 # type: Content of: <chapter><section><para>
387 #. type: Content of: <chapter><section><para>
390 "By default, <command>dpkg-genchanges</command> and <command>dpkg-"
391 "buildpackage</command> will include the original source tar file if and only "
392 "if the Debian revision part of the source version number is 0 or 1, "
393 "indicating a new upstream version. This behavior may be modified by using "
394 "<literal>-sa</literal> to always include it or <literal>-sd</literal> to "
395 "always leave it out."
398 # type: Content of: <chapter><section><para>
399 #. type: Content of: <chapter><section><para>
402 "If no original source is included in the upload, the original source tar-"
403 "file used by <command>dpkg-source</command> when constructing the <filename>."
404 "dsc</filename> file and diff to be uploaded <emphasis>must</emphasis> be "
405 "byte-for-byte identical with the one already in the archive."
408 # type: Content of: <chapter><section><para>
409 #. type: Content of: <chapter><section><para>
412 "Please notice that, in non-native packages, permissions on files that are "
413 "not present in the .orig.tar.gz will not be preserved, as diff does not "
414 "store file permissions in the patch."
417 # type: Content of: <chapter><section><title>
418 #. type: Content of: <chapter><section><title>
420 msgid "Picking a distribution"
423 # type: Content of: <chapter><section><para>
424 #. type: Content of: <chapter><section><para>
427 "Each upload needs to specify which distribution the package is intended "
428 "for. The package build process extracts this information from the first "
429 "line of the <filename>debian/changelog</filename> file and places it in the "
430 "<literal>Distribution</literal> field of the <literal>.changes</literal> "
434 # type: Content of: <chapter><section><para>
435 #. type: Content of: <chapter><section><para>
438 "There are several possible values for this field: <literal>stable</literal>, "
439 "<literal>unstable</literal>, <literal>testing-proposed-updates</literal> and "
440 "<literal>experimental</literal>. Normally, packages are uploaded into "
441 "<literal>unstable</literal>."
444 # type: Content of: <chapter><section><para>
445 #. type: Content of: <chapter><section><para>
448 "Actually, there are two other possible distributions: <literal>stable-"
449 "security </literal> and <literal>testing-security</literal>, but read <xref "
450 "linkend=\"bug-security\"/> for more information on those."
453 # type: Content of: <chapter><section><para>
454 #. type: Content of: <chapter><section><para>
457 "It is not possible to upload a package into several distributions at the "
461 # type: Content of: <chapter><section><section><title>
462 #. type: Content of: <chapter><section><section><title>
465 "Special case: uploads to the <literal>stable</literal> and "
466 "<literal>oldstable</literal> distributions"
469 # type: Content of: <chapter><section><section><para>
470 #. type: Content of: <chapter><section><section><para>
473 "Uploading to <literal>stable</literal> means that the package will "
474 "transfered to the <literal>proposed-updates-new</literal> queue for review "
475 "by the stable release managers, and if approved will be installed in "
476 "<filename>stable-proposed-updates</filename> directory of the Debian "
477 "archive. From there, it will be included in <literal>stable</literal> with "
478 "the next point release."
481 # type: Content of: <chapter><section><section><para>
482 #. type: Content of: <chapter><section><section><para>
485 "To ensure that your upload will be accepted, you should discuss the changes "
486 "with the stable release team before you upload. For that, send a mail to the "
487 "&email-debian-release; mailing list, including the patch you want to apply "
488 "to the package version currently in <literal>stable</literal>. Always be "
489 "verbose and detailed in your changelog entries for uploads to the "
490 "<literal>stable</literal> distribution."
493 # type: Content of: <chapter><section><section><para>
494 #. type: Content of: <chapter><section><section><para>
497 "Extra care should be taken when uploading to <literal>stable</literal>. "
498 "Basically, a package should only be uploaded to <literal>stable</literal> if "
499 "one of the following happens:"
502 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
503 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
505 msgid "a truly critical functionality problem"
508 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
509 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
511 msgid "the package becomes uninstallable"
514 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
515 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
517 msgid "a released architecture lacks the package"
520 # type: Content of: <chapter><section><section><para>
521 #. type: Content of: <chapter><section><section><para>
524 "In the past, uploads to <literal>stable</literal> were used to address "
525 "security problems as well. However, this practice is deprecated, as uploads "
526 "used for Debian security advisories are automatically copied to the "
527 "appropriate <filename>proposed-updates</filename> archive when the advisory "
528 "is released. See <xref linkend=\"bug-security\"/> for detailed information "
529 "on handling security problems. If the security teams deems the problem to be "
530 "too benign to be fixed through a <literal>DSA</literal>, the stable release "
531 "managers are usually willing to include your fix nonetheless in a regular "
532 "upload to <literal>stable</literal>."
535 # type: Content of: <chapter><section><section><para>
536 #. type: Content of: <chapter><section><section><para>
539 "Changing anything else in the package that isn't important is discouraged, "
540 "because even trivial fixes can cause bugs later on."
543 # type: Content of: <chapter><section><section><para>
544 #. type: Content of: <chapter><section><section><para>
547 "Packages uploaded to <literal>stable</literal> need to be compiled on "
548 "systems running <literal>stable</literal>, so that their dependencies are "
549 "limited to the libraries (and other packages) available in <literal>stable</"
550 "literal>; for example, a package uploaded to <literal>stable</literal> that "
551 "depends on a library package that only exists in <literal>unstable</literal> "
552 "will be rejected. Making changes to dependencies of other packages (by "
553 "messing with <literal>Provides</literal> or <literal>shlibs</literal> "
554 "files), possibly making those other packages uninstallable, is strongly "
558 # type: Content of: <chapter><section><section><para>
559 #. type: Content of: <chapter><section><section><para>
562 "Uploads to the <literal>oldstable</literal> distributions are possible as "
563 "long as it hasn't been archived. The same rules as for <literal>stable </"
567 # type: Content of: <chapter><section><section><title>
568 #. type: Content of: <chapter><section><section><title>
571 "Special case: uploads to <literal>testing/testing-proposed-updates</literal>"
574 # type: Content of: <chapter><section><section><para>
575 #. type: Content of: <chapter><section><section><para>
578 "Please see the information in the <link linkend=\"t-p-u\">testing section</"
582 # type: Content of: <chapter><section><title>
583 #. type: Content of: <chapter><section><title>
585 msgid "Uploading a package"
588 # type: Content of: <chapter><section><section><title>
589 #. type: Content of: <chapter><section><section><title>
591 msgid "Uploading to <literal>ftp-master</literal>"
594 # type: Content of: <chapter><section><section><para>
595 #. type: Content of: <chapter><section><section><para>
598 "To upload a package, you should upload the files (including the signed "
599 "changes and dsc-file) with anonymous ftp to <literal>&ftp-master-host;</"
600 "literal> in the directory <ulink url=\"ftp://&ftp-master-host;&upload-queue;"
601 "\">&upload-queue;</ulink>. To get the files processed there, they need to "
602 "be signed with a key in the Debian Developers keyring or the Debian "
603 "Maintainers keyring (see <ulink url=\"&url-wiki-dm;\"></ulink>)."
606 # type: Content of: <chapter><section><section><para>
607 #. type: Content of: <chapter><section><section><para>
610 "Please note that you should transfer the changes file last. Otherwise, your "
611 "upload may be rejected because the archive maintenance software will parse "
612 "the changes file and see that not all files have been uploaded."
615 # type: Content of: <chapter><section><section><para>
616 #. type: Content of: <chapter><section><section><para>
619 "You may also find the Debian packages <xref linkend=\"dupload\"/> or <xref "
620 "linkend=\"dput\"/> useful when uploading packages. These handy programs "
621 "help automate the process of uploading packages into Debian."
624 # type: Content of: <chapter><section><section><para>
625 #. type: Content of: <chapter><section><section><para>
628 "For removing packages, please see the README file in that ftp directory, and "
629 "the Debian package <xref linkend=\"dcut\"/> ."
632 # type: Content of: <chapter><section><section><title>
633 #. type: Content of: <chapter><section><section><title>
635 msgid "Delayed uploads"
638 # type: Content of: <chapter><section><section><para>
639 #. type: Content of: <chapter><section><section><para>
642 "It is sometimes useful to upload a package immediately, but to want this "
643 "package to arrive in the archive only a few days later. For example, when "
644 "preparing a <link linkend=\"nmu\">Non-maintainer Upload</link>, you might "
645 "want to give the maintainer a few days to react."
648 # type: Content of: <chapter><section><section><para>
649 #. type: Content of: <chapter><section><section><para>
652 "An upload to the delayed directory keeps the package in <ulink url=\"http://"
653 "ftp-master.debian.org/deferred.html\"> the deferred uploads queue\"</"
654 "ulink>. When the specified waiting time is over, the package is moved into "
655 "the regular incoming directory for processing. This is done through "
656 "automatic uploading to <literal>&ftp-master-host;</literal> in upload-"
657 "directory <literal>DELAYED/[012345678]-day</literal>. 0-day is uploaded "
658 "multiple times per day to <literal>&ftp-master-host;</literal>."
661 # type: Content of: <chapter><section><section><para>
662 #. type: Content of: <chapter><section><section><para>
665 "With dput, you can use the <literal>--delayed <replaceable>DELAY</"
666 "replaceable></literal> parameter to put the package into one of the queues."
669 # type: Content of: <chapter><section><section><title>
670 #. type: Content of: <chapter><section><section><title>
672 msgid "Security uploads"
675 # type: Content of: <chapter><section><section><para>
676 #. type: Content of: <chapter><section><section><para>
679 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
680 "upload queue (<literal>oldstable-security</literal>, <literal>stable-"
681 "security </literal>, etc.) without prior authorization from the security "
682 "team. If the package does not exactly meet the team's requirements, it will "
683 "cause many problems and delays in dealing with the unwanted upload. For "
684 "details, please see section <xref linkend=\"bug-security\"/> ."
687 # type: Content of: <chapter><section><section><title>
688 #. type: Content of: <chapter><section><section><title>
690 msgid "Other upload queues"
693 # type: Content of: <chapter><section><section><para>
694 #. type: Content of: <chapter><section><section><para>
697 "The scp queues on <literal>&ftp-master-host;</literal>, and <literal> "
698 "security.debian.org</literal> are mostly unusable due to the login "
699 "restrictions on those hosts."
702 # type: Content of: <chapter><section><section><para>
703 #. type: Content of: <chapter><section><section><para>
706 "The anonymous queues on ftp.uni-erlangen.de and ftp.uk.debian.org are "
707 "currently down. Work is underway to resurrect them."
710 # type: Content of: <chapter><section><section><para>
711 #. type: Content of: <chapter><section><section><para>
714 "The queues on master.debian.org, samosa.debian.org, master.debian.or.jp, and "
715 "ftp.chiark.greenend.org.uk are down permanently, and will not be "
716 "resurrected. The queue in Japan will be replaced with a new queue on hp."
717 "debian.or.jp some day."
720 # type: Content of: <chapter><section><section><title>
721 #. type: Content of: <chapter><section><section><title>
723 msgid "Notification that a new package has been installed"
726 # type: Content of: <chapter><section><section><para>
727 #. type: Content of: <chapter><section><section><para>
730 "The Debian archive maintainers are responsible for handling package "
731 "uploads. For the most part, uploads are automatically handled on a daily "
732 "basis by the archive maintenance tools, <command>katie</command>. "
733 "Specifically, updates to existing packages to the <literal>unstable</"
734 "literal> distribution are handled automatically. In other cases, notably "
735 "new packages, placing the uploaded package into the distribution is handled "
736 "manually. When uploads are handled manually, the change to the archive may "
737 "take up to a month to occur. Please be patient."
740 # type: Content of: <chapter><section><section><para>
741 #. type: Content of: <chapter><section><section><para>
744 "In any case, you will receive an email notification indicating that the "
745 "package has been added to the archive, which also indicates which bugs will "
746 "be closed by the upload. Please examine this notification carefully, "
747 "checking if any bugs you meant to close didn't get triggered."
750 # type: Content of: <chapter><section><section><para>
751 #. type: Content of: <chapter><section><section><para>
754 "The installation notification also includes information on what section the "
755 "package was inserted into. If there is a disparity, you will receive a "
756 "separate email notifying you of that. Read on below."
759 # type: Content of: <chapter><section><section><para>
760 #. type: Content of: <chapter><section><section><para>
763 "Note that if you upload via queues, the queue daemon software will also send "
764 "you a notification by email."
767 # type: Content of: <chapter><section><title>
768 #. type: Content of: <chapter><section><title>
770 msgid "Specifying the package section, subsection and priority"
773 # type: Content of: <chapter><section><para>
774 #. type: Content of: <chapter><section><para>
777 "The <filename>debian/control</filename> file's <literal>Section</literal> "
778 "and <literal>Priority</literal> fields do not actually specify where the "
779 "file will be placed in the archive, nor its priority. In order to retain "
780 "the overall integrity of the archive, it is the archive maintainers who have "
781 "control over these fields. The values in the <filename>debian/control</"
782 "filename> file are actually just hints."
785 # type: Content of: <chapter><section><para>
786 #. type: Content of: <chapter><section><para>
789 "The archive maintainers keep track of the canonical sections and priorities "
790 "for packages in the <literal>override file</literal>. If there is a "
791 "disparity between the <literal>override file</literal> and the package's "
792 "fields as indicated in <filename>debian/control</filename>, then you will "
793 "receive an email noting the divergence when the package is installed into "
794 "the archive. You can either correct your <filename>debian/control</"
795 "filename> file for your next upload, or else you may wish to make a change "
796 "in the <literal>override file</literal>."
799 # type: Content of: <chapter><section><para>
800 #. type: Content of: <chapter><section><para>
803 "To alter the actual section that a package is put in, you need to first make "
804 "sure that the <filename>debian/control</filename> file in your package is "
805 "accurate. Next, send an email &email-override; or submit a bug against "
806 "<systemitem role=\"package\">ftp.debian.org</systemitem> requesting that the "
807 "section or priority for your package be changed from the old section or "
808 "priority to the new one. Be sure to explain your reasoning."
811 # type: Content of: <chapter><section><para>
812 #. type: Content of: <chapter><section><para>
815 "For more information about <literal>override files</literal>, see "
816 "<citerefentry> <refentrytitle>dpkg-scanpackages</refentrytitle> "
817 "<manvolnum>1</manvolnum> </citerefentry> and <ulink url=\"&url-bts-devel;"
818 "#maintincorrect\"></ulink>."
821 # type: Content of: <chapter><section><para>
822 #. type: Content of: <chapter><section><para>
825 "Note that the <literal>Section</literal> field describes both the section as "
826 "well as the subsection, which are described in <xref linkend=\"archive-"
827 "sections\"/> . If the section is main, it should be omitted. The list of "
828 "allowable subsections can be found in <ulink url=\"&url-debian-policy;ch-"
829 "archive.html#s-subsections\"></ulink>."
832 # type: Content of: <chapter><section><title>
833 #. type: Content of: <chapter><section><title>
835 msgid "Handling bugs"
838 # type: Content of: <chapter><section><para>
839 #. type: Content of: <chapter><section><para>
842 "Every developer has to be able to work with the Debian <ulink url=\"&url-bts;"
843 "\">bug tracking system</ulink>. This includes knowing how to file bug "
844 "reports properly (see <xref linkend=\"submit-bug\"/> ), how to update them "
845 "and reorder them, and how to process and close them."
848 # type: Content of: <chapter><section><para>
849 #. type: Content of: <chapter><section><para>
852 "The bug tracking system's features are described in the <ulink url=\"&url-"
853 "bts-devel;\">BTS documentation for developers</ulink>. This includes "
854 "closing bugs, sending followup messages, assigning severities and tags, "
855 "marking bugs as forwarded, and other issues."
858 # type: Content of: <chapter><section><para>
859 #. type: Content of: <chapter><section><para>
862 "Operations such as reassigning bugs to other packages, merging separate bug "
863 "reports about the same issue, or reopening bugs when they are prematurely "
864 "closed, are handled using the so-called control mail server. All of the "
865 "commands available on this server are described in the <ulink url=\"&url-bts-"
866 "control;\">BTS control server documentation</ulink>."
869 # type: Content of: <chapter><section><section><title>
870 #. type: Content of: <chapter><section><section><title>
872 msgid "Monitoring bugs"
875 # type: Content of: <chapter><section><section><para>
876 #. type: Content of: <chapter><section><section><para>
879 "If you want to be a good maintainer, you should periodically check the "
880 "<ulink url=\"&url-bts;\">Debian bug tracking system (BTS)</ulink> for your "
881 "packages. The BTS contains all the open bugs against your packages. You "
882 "can check them by browsing this page: <literal>http://&bugs-host;/"
883 "<replaceable>yourlogin</replaceable>@debian.org</literal>."
886 # type: Content of: <chapter><section><section><para>
887 #. type: Content of: <chapter><section><section><para>
890 "Maintainers interact with the BTS via email addresses at <literal>&bugs-host;"
891 "</literal>. Documentation on available commands can be found at <ulink url="
892 "\"&url-bts;\"></ulink>, or, if you have installed the <systemitem role="
893 "\"package\">doc-debian</systemitem> package, you can look at the local files "
897 # type: Content of: <chapter><section><section><para>
898 #. type: Content of: <chapter><section><section><para>
901 "Some find it useful to get periodic reports on open bugs. You can add a "
902 "cron job such as the following if you want to get a weekly email outlining "
903 "all the open bugs against your packages:"
906 #. type: Content of: <chapter><section><section><screen>
910 "# ask for weekly reports of bugs in my packages\n"
911 "&cron-bug-report;\n"
914 # type: Content of: <chapter><section><section><para>
915 #. type: Content of: <chapter><section><section><para>
918 "Replace <replaceable>address</replaceable> with your official Debian "
919 "maintainer address."
922 # type: Content of: <chapter><section><section><title>
923 #. type: Content of: <chapter><section><section><title>
925 msgid "Responding to bugs"
928 # type: Content of: <chapter><section><section><para>
929 #. type: Content of: <chapter><section><section><para>
932 "When responding to bugs, make sure that any discussion you have about bugs "
933 "is sent both to the original submitter of the bug, and to the bug itself (e."
934 "g., <email>123@&bugs-host;</email>). If you're writing a new mail and you "
935 "don't remember the submitter email address, you can use the <email>123-"
936 "submitter@&bugs-host;</email> email to contact the submitter <emphasis>and</"
937 "emphasis> to record your mail within the bug log (that means you don't need "
938 "to send a copy of the mail to <email>123@&bugs-host;</email>)."
941 # type: Content of: <chapter><section><section><para>
942 #. type: Content of: <chapter><section><section><para>
945 "If you get a bug which mentions FTBFS, this means Fails to build from "
946 "source. Porters frequently use this acronym."
949 # type: Content of: <chapter><section><section><para>
950 #. type: Content of: <chapter><section><section><para>
953 "Once you've dealt with a bug report (e.g. fixed it), mark it as "
954 "<literal>done</literal> (close it) by sending an explanation message to "
955 "<email>123-done@&bugs-host;</email>. If you're fixing a bug by changing and "
956 "uploading the package, you can automate bug closing as described in <xref "
957 "linkend=\"upload-bugfix\"/> ."
960 # type: Content of: <chapter><section><section><para>
961 #. type: Content of: <chapter><section><section><para>
964 "You should <emphasis>never</emphasis> close bugs via the bug server "
965 "<literal>close</literal> command sent to &email-bts-control;. If you do so, "
966 "the original submitter will not receive any information about why the bug "
970 # type: Content of: <chapter><section><section><title>
971 #. type: Content of: <chapter><section><section><title>
973 msgid "Bug housekeeping"
976 # type: Content of: <chapter><section><section><para>
977 #. type: Content of: <chapter><section><section><para>
980 "As a package maintainer, you will often find bugs in other packages or have "
981 "bugs reported against your packages which are actually bugs in other "
982 "packages. The bug tracking system's features are described in the <ulink "
983 "url=\"&url-bts-devel;\">BTS documentation for Debian developers</ulink>. "
984 "Operations such as reassigning, merging, and tagging bug reports are "
985 "described in the <ulink url=\"&url-bts-control;\">BTS control server "
986 "documentation</ulink>. This section contains some guidelines for managing "
987 "your own bugs, based on the collective Debian developer experience."
990 # type: Content of: <chapter><section><section><para>
991 #. type: Content of: <chapter><section><section><para>
994 "Filing bugs for problems that you find in other packages is one of the civic "
995 "obligations of maintainership, see <xref linkend=\"submit-bug\"/> for "
996 "details. However, handling the bugs in your own packages is even more "
1000 # type: Content of: <chapter><section><section><para>
1001 #. type: Content of: <chapter><section><section><para>
1003 msgid "Here's a list of steps that you may follow to handle a bug report:"
1006 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1007 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1010 "Decide whether the report corresponds to a real bug or not. Sometimes users "
1011 "are just calling a program in the wrong way because they haven't read the "
1012 "documentation. If you diagnose this, just close the bug with enough "
1013 "information to let the user correct their problem (give pointers to the good "
1014 "documentation and so on). If the same report comes up again and again you "
1015 "may ask yourself if the documentation is good enough or if the program "
1016 "shouldn't detect its misuse in order to give an informative error message. "
1017 "This is an issue that may need to be brought up with the upstream author."
1020 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1021 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1024 "If the bug submitter disagrees with your decision to close the bug, they may "
1025 "reopen it until you find an agreement on how to handle it. If you don't "
1026 "find any, you may want to tag the bug <literal>wontfix</literal> to let "
1027 "people know that the bug exists but that it won't be corrected. If this "
1028 "situation is unacceptable, you (or the submitter) may want to require a "
1029 "decision of the technical committee by reassigning the bug to <systemitem "
1030 "role=\"package\">tech-ctte</systemitem> (you may use the clone command of "
1031 "the BTS if you wish to keep it reported against your package). Before doing "
1032 "so, please read the <ulink url=\"&url-tech-ctte;\">recommended procedure</"
1036 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1037 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1040 "If the bug is real but it's caused by another package, just reassign the bug "
1041 "to the right package. If you don't know which package it should be "
1042 "reassigned to, you should ask for help on <link linkend=\"irc-channels"
1043 "\">IRC</link> or on &email-debian-devel;. Please inform the maintainer(s) "
1044 "of the package you reassign the bug to, for example by Cc:ing the message "
1045 "that does the reassign to <email>packagename@packages.debian.org</email> and "
1046 "explaining your reasons in that mail. Please note that a simple reassignment "
1047 "is <emphasis>not</emphasis> e-mailed to the maintainers of the package being "
1048 "reassigned to, so they won't know about it until they look at a bug overview "
1049 "for their packages."
1052 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1053 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1056 "If the bug affects the operation of your package, please consider cloning "
1057 "the bug and reassigning the clone to the package that really causes the "
1058 "behavior. Otherwise, the bug will not be shown in your package's bug list, "
1059 "possibly causing users to report the same bug over and over again. You "
1060 "should block \"your\" bug with the reassigned, cloned bug to document the "
1064 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1065 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1068 "Sometimes you also have to adjust the severity of the bug so that it matches "
1069 "our definition of the severity. That's because people tend to inflate the "
1070 "severity of bugs to make sure their bugs are fixed quickly. Some bugs may "
1071 "even be dropped to wishlist severity when the requested change is just "
1075 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1076 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1079 "If the bug is real but the same problem has already been reported by someone "
1080 "else, then the two relevant bug reports should be merged into one using the "
1081 "merge command of the BTS. In this way, when the bug is fixed, all of the "
1082 "submitters will be informed of this. (Note, however, that emails sent to "
1083 "one bug report's submitter won't automatically be sent to the other report's "
1084 "submitter.) For more details on the technicalities of the merge command and "
1085 "its relative, the unmerge command, see the BTS control server documentation."
1088 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1089 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1092 "The bug submitter may have forgotten to provide some information, in which "
1093 "case you have to ask them for the required information. You may use the "
1094 "<literal>moreinfo</literal> tag to mark the bug as such. Moreover if you "
1095 "can't reproduce the bug, you tag it <literal>unreproducible</literal>. "
1096 "Anyone who can reproduce the bug is then invited to provide more information "
1097 "on how to reproduce it. After a few months, if this information has not "
1098 "been sent by someone, the bug may be closed."
1101 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1102 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1105 "If the bug is related to the packaging, you just fix it. If you are not "
1106 "able to fix it yourself, then tag the bug as <literal>help</literal>. You "
1107 "can also ask for help on &email-debian-devel; or &email-debian-qa;. If it's "
1108 "an upstream problem, you have to forward it to the upstream author. "
1109 "Forwarding a bug is not enough, you have to check at each release if the bug "
1110 "has been fixed or not. If it has, you just close it, otherwise you have to "
1111 "remind the author about it. If you have the required skills you can prepare "
1112 "a patch that fixes the bug and send it to the author at the same time. Make "
1113 "sure to send the patch to the BTS and to tag the bug as <literal>patch</"
1117 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1118 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1121 "If you have fixed a bug in your local copy, or if a fix has been committed "
1122 "to the CVS repository, you may tag the bug as <literal>pending</literal> to "
1123 "let people know that the bug is corrected and that it will be closed with "
1124 "the next upload (add the <literal>closes:</literal> in the "
1125 "<filename>changelog</filename>). This is particularly useful if you are "
1126 "several developers working on the same package."
1129 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
1130 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
1133 "Once a corrected package is available in the archive, the bug should be "
1134 "closed indicating the version in which it was fixed. This can be done "
1135 "automatically, read <xref linkend=\"upload-bugfix\"/>."
1138 # type: Content of: <chapter><section><section><title>
1139 #. type: Content of: <chapter><section><section><title>
1141 msgid "When bugs are closed by new uploads"
1144 # type: Content of: <chapter><section><section><para>
1145 #. type: Content of: <chapter><section><section><para>
1148 "As bugs and problems are fixed in your packages, it is your responsibility "
1149 "as the package maintainer to close these bugs. However, you should not "
1150 "close a bug until the package which fixes the bug has been accepted into the "
1151 "Debian archive. Therefore, once you get notification that your updated "
1152 "package has been installed into the archive, you can and should close the "
1153 "bug in the BTS. Also, the bug should be closed with the correct version."
1156 # type: Content of: <chapter><section><section><para>
1157 #. type: Content of: <chapter><section><section><para>
1160 "However, it's possible to avoid having to manually close bugs after the "
1161 "upload — just list the fixed bugs in your <filename>debian/changelog</"
1162 "filename> file, following a certain syntax, and the archive maintenance "
1163 "software will close the bugs for you. For example:"
1166 #. type: Content of: <chapter><section><section><screen>
1170 "acme-cannon (3.1415) unstable; urgency=low\n"
1172 " * Frobbed with options (closes: Bug#98339)\n"
1173 " * Added safety to prevent operator dismemberment, closes: bug#98765,\n"
1174 " bug#98713, #98714.\n"
1175 " * Added man page. Closes: #98725.\n"
1178 # type: Content of: <chapter><section><section><para>
1179 #. type: Content of: <chapter><section><section><para>
1182 "Technically speaking, the following Perl regular expression describes how "
1183 "bug closing changelogs are identified:"
1186 #. type: Content of: <chapter><section><section><screen>
1189 msgid " /closes:\\s*(?:bug)?\\#\\s*\\d+(?:,\\s*(?:bug)?\\#\\s*\\d+)*/ig\n"
1192 # type: Content of: <chapter><section><section><para>
1193 #. type: Content of: <chapter><section><section><para>
1196 "We prefer the <literal>closes: #<replaceable>XXX</replaceable></literal> "
1197 "syntax, as it is the most concise entry and the easiest to integrate with "
1198 "the text of the <filename>changelog</filename>. Unless specified different "
1199 "by the <replaceable>-v</replaceable>-switch to <command>dpkg-buildpackage</"
1200 "command>, only the bugs closed in the most recent changelog entry are closed "
1201 "(basically, exactly the bugs mentioned in the changelog-part in the "
1202 "<filename>.changes</filename> file are closed)."
1205 # type: Content of: <chapter><section><section><para>
1206 #. type: Content of: <chapter><section><section><para>
1209 "Historically, uploads identified as <link linkend=\"nmu\">Non-maintainer "
1210 "upload (NMU)</link> were tagged <literal>fixed</literal> instead of being "
1211 "closed, but that practice was ceased with the advent of version-tracking. "
1212 "The same applied to the tag <literal>fixed-in-experimental</literal>."
1215 # type: Content of: <chapter><section><section><para>
1216 #. type: Content of: <chapter><section><section><para>
1219 "If you happen to mistype a bug number or forget a bug in the changelog "
1220 "entries, don't hesitate to undo any damage the error caused. To reopen "
1221 "wrongly closed bugs, send a <literal>reopen <replaceable>XXX</replaceable></"
1222 "literal> command to the bug tracking system's control address, &email-bts-"
1223 "control;. To close any remaining bugs that were fixed by your upload, email "
1224 "the <filename>.changes</filename> file to <email>XXX-done@&bugs-host;</"
1225 "email>, where <replaceable>XXX</replaceable> is the bug number, and put "
1226 "Version: YYY and an empty line as the first two lines of the body of the "
1227 "email, where <replaceable>YYY</replaceable> is the first version where the "
1228 "bug has been fixed."
1231 # type: Content of: <chapter><section><section><para>
1232 #. type: Content of: <chapter><section><section><para>
1235 "Bear in mind that it is not obligatory to close bugs using the changelog as "
1236 "described above. If you simply want to close bugs that don't have anything "
1237 "to do with an upload you made, do it by emailing an explanation to "
1238 "<email>XXX-done@&bugs-host;</email>. Do <emphasis role=\"strong\">not</"
1239 "emphasis> close bugs in the changelog entry of a version if the changes in "
1240 "that version of the package don't have any bearing on the bug."
1243 # type: Content of: <chapter><section><section><para>
1244 #. type: Content of: <chapter><section><section><para>
1247 "For general information on how to write your changelog entries, see <xref "
1248 "linkend=\"bpp-debian-changelog\"/> ."
1251 # type: Content of: <chapter><section><section><title>
1252 #. type: Content of: <chapter><section><section><title>
1254 msgid "Handling security-related bugs"
1257 # type: Content of: <chapter><section><section><para>
1258 #. type: Content of: <chapter><section><section><para>
1261 "Due to their sensitive nature, security-related bugs must be handled "
1262 "carefully. The Debian Security Team exists to coordinate this activity, "
1263 "keeping track of outstanding security problems, helping maintainers with "
1264 "security problems or fixing them themselves, sending security advisories, "
1265 "and maintaining <literal>security.debian.org</literal>."
1268 # type: Content of: <chapter><section><section><para>
1269 #. type: Content of: <chapter><section><section><para>
1272 "When you become aware of a security-related bug in a Debian package, whether "
1273 "or not you are the maintainer, collect pertinent information about the "
1274 "problem, and promptly contact the security team at &email-security-team; as "
1275 "soon as possible. <emphasis role=\"strong\">DO NOT UPLOAD</emphasis> any "
1276 "packages for <literal>stable</literal> without contacting the team. Useful "
1277 "information includes, for example:"
1280 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1281 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1284 "Which versions of the package are known to be affected by the bug. Check "
1285 "each version that is present in a supported Debian release, as well as "
1286 "<literal>testing</literal> and <literal>unstable</literal>."
1289 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1290 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1293 "The nature of the fix, if any is available (patches are especially helpful)"
1296 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1297 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1300 "Any fixed packages that you have prepared yourself (send only the <literal>."
1301 "diff.gz</literal> and <literal>.dsc</literal> files and read <xref linkend="
1302 "\"bug-security-building\"/> first)"
1305 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1306 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1309 "Any assistance you can provide to help with testing (exploits, regression "
1313 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1314 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
1317 "Any information needed for the advisory (see <xref linkend=\"bug-security-"
1321 # type: Content of: <chapter><section><section><para>
1322 #. type: Content of: <chapter><section><section><para>
1325 "As the maintainer of the package, you have the responsibility to maintain "
1326 "it, even in the stable release. You are in the best position to evaluate "
1327 "patches and test updated packages, so please see the sections below on how "
1328 "to prepare packages for the Security Team to handle."
1331 # type: Content of: <chapter><section><section><section><title>
1332 #. type: Content of: <chapter><section><section><section><title>
1334 msgid "The Security Tracker"
1337 # type: Content of: <chapter><section><section><section><para>
1338 #. type: Content of: <chapter><section><section><section><para>
1341 "The security team maintains a central database, the <ulink url=\"http://"
1342 "security-tracker.debian.net/\">Debian Security Tracker</ulink>. This "
1343 "contains all public information that is known about security issues: which "
1344 "packages and versions are affected or fixed, and thus whether stable, "
1345 "testing and/or unstable are vulnerable. Information that is still "
1346 "confidential is not added to the tracker."
1349 # type: Content of: <chapter><section><section><section><para>
1350 #. type: Content of: <chapter><section><section><section><para>
1353 "You can search it for a specific issue, but also on package name. Look for "
1354 "your package to see which issues are still open. If you can, please provide "
1355 "more information about those issues, or help to address them in your "
1356 "package. Instructions are on the tracker web pages."
1359 # type: Content of: <chapter><section><section><section><title>
1360 #. type: Content of: <chapter><section><section><section><title>
1362 msgid "Confidentiality"
1365 # type: Content of: <chapter><section><section><section><para>
1366 #. type: Content of: <chapter><section><section><section><para>
1369 "Unlike most other activities within Debian, information about security "
1370 "issues must sometimes be kept private for a time. This allows software "
1371 "distributors to coordinate their disclosure in order to minimize their "
1372 "users' exposure. Whether this is the case depends on the nature of the "
1373 "problem and corresponding fix, and whether it is already a matter of public "
1377 # type: Content of: <chapter><section><section><section><para>
1378 #. type: Content of: <chapter><section><section><section><para>
1380 msgid "There are several ways developers can learn of a security problem:"
1383 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1384 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1386 msgid "they notice it on a public forum (mailing list, web site, etc.)"
1389 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1390 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1392 msgid "someone files a bug report"
1395 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1396 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1398 msgid "someone informs them via private email"
1401 # type: Content of: <chapter><section><section><section><para>
1402 #. type: Content of: <chapter><section><section><section><para>
1405 "In the first two cases, the information is public and it is important to "
1406 "have a fix as soon as possible. In the last case, however, it might not be "
1407 "public information. In that case there are a few possible options for "
1408 "dealing with the problem:"
1411 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1412 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1415 "If the security exposure is minor, there is sometimes no need to keep the "
1416 "problem a secret and a fix should be made and released."
1419 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1420 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1423 "If the problem is severe, it is preferable to share the information with "
1424 "other vendors and coordinate a release. The security team keeps in contact "
1425 "with the various organizations and individuals and can take care of that."
1428 # type: Content of: <chapter><section><section><section><para>
1429 #. type: Content of: <chapter><section><section><section><para>
1432 "In all cases if the person who reports the problem asks that it not be "
1433 "disclosed, such requests should be honored, with the obvious exception of "
1434 "informing the security team in order that a fix may be produced for a stable "
1435 "release of Debian. When sending confidential information to the security "
1436 "team, be sure to mention this fact."
1439 # type: Content of: <chapter><section><section><section><para>
1440 #. type: Content of: <chapter><section><section><section><para>
1443 "Please note that if secrecy is needed you may not upload a fix to "
1444 "<literal>unstable</literal> (or anywhere else, such as a public CVS "
1445 "repository). It is not sufficient to obfuscate the details of the change, "
1446 "as the code itself is public, and can (and will) be examined by the general "
1450 # type: Content of: <chapter><section><section><section><para>
1451 #. type: Content of: <chapter><section><section><section><para>
1454 "There are two reasons for releasing information even though secrecy is "
1455 "requested: the problem has been known for a while, or the problem or exploit "
1456 "has become public."
1459 # type: Content of: <chapter><section><section><section><para>
1460 #. type: Content of: <chapter><section><section><section><para>
1463 "The Security Team has a PGP-key to enable encrypted communication about "
1464 "sensitive issues. See the <ulink url=\"http://www.debian.org/security/faq.en."
1465 "html#contact\">Security Team FAQ</ulink> for details."
1468 # type: Content of: <chapter><section><section><section><title>
1469 #. type: Content of: <chapter><section><section><section><title>
1471 msgid "Security Advisories"
1474 # type: Content of: <chapter><section><section><section><para>
1475 #. type: Content of: <chapter><section><section><section><para>
1478 "Security advisories are only issued for the current, released stable "
1479 "distribution, and <emphasis>not</emphasis> for <literal>testing</literal> or "
1480 "<literal>unstable</literal>. When released, advisories are sent to the "
1481 "&email-debian-security-announce; mailing list and posted on <ulink url="
1482 "\"&url-debian-security-advisories;\">the security web page</ulink>. "
1483 "Security advisories are written and posted by the security team. However "
1484 "they certainly do not mind if a maintainer can supply some of the "
1485 "information for them, or write part of the text. Information that should be "
1486 "in an advisory includes:"
1489 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1490 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1492 msgid "A description of the problem and its scope, including:"
1495 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1496 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1498 msgid "The type of problem (privilege escalation, denial of service, etc.)"
1501 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1502 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1504 msgid "What privileges may be gained, and by whom (if any)"
1507 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1508 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1510 msgid "How it can be exploited"
1513 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1514 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1516 msgid "Whether it is remotely or locally exploitable"
1519 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1520 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><itemizedlist><listitem><para>
1522 msgid "How the problem was fixed"
1525 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1526 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1528 msgid "This information allows users to assess the threat to their systems."
1531 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1532 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1534 msgid "Version numbers of affected packages"
1537 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1538 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1540 msgid "Version numbers of fixed packages"
1543 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1544 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1547 "Information on where to obtain the updated packages (usually from the Debian "
1551 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1552 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1555 "References to upstream advisories, <ulink url=\"http://cve.mitre.org\">CVE</"
1556 "ulink> identifiers, and any other information useful in cross-referencing "
1560 # type: Content of: <chapter><section><section><section><title>
1561 #. type: Content of: <chapter><section><section><section><title>
1563 msgid "Preparing packages to address security issues"
1566 # type: Content of: <chapter><section><section><section><para>
1567 #. type: Content of: <chapter><section><section><section><para>
1570 "One way that you can assist the security team in their duties is to provide "
1571 "them with fixed packages suitable for a security advisory for the stable "
1575 # type: Content of: <chapter><section><section><section><para>
1576 #. type: Content of: <chapter><section><section><section><para>
1579 "When an update is made to the stable release, care must be taken to avoid "
1580 "changing system behavior or introducing new bugs. In order to do this, make "
1581 "as few changes as possible to fix the bug. Users and administrators rely on "
1582 "the exact behavior of a release once it is made, so any change that is made "
1583 "might break someone's system. This is especially true of libraries: make "
1584 "sure you never change the API or ABI, no matter how small the change."
1587 # type: Content of: <chapter><section><section><section><para>
1588 #. type: Content of: <chapter><section><section><section><para>
1591 "This means that moving to a new upstream version is not a good solution. "
1592 "Instead, the relevant changes should be back-ported to the version present "
1593 "in the current stable Debian release. Generally, upstream maintainers are "
1594 "willing to help if needed. If not, the Debian security team may be able to "
1598 # type: Content of: <chapter><section><section><section><para>
1599 #. type: Content of: <chapter><section><section><section><para>
1602 "In some cases, it is not possible to back-port a security fix, for example "
1603 "when large amounts of source code need to be modified or rewritten. If this "
1604 "happens, it may be necessary to move to a new upstream version. However, "
1605 "this is only done in extreme situations, and you must always coordinate that "
1606 "with the security team beforehand."
1609 # type: Content of: <chapter><section><section><section><para>
1610 #. type: Content of: <chapter><section><section><section><para>
1613 "Related to this is another important guideline: always test your changes. "
1614 "If you have an exploit available, try it and see if it indeed succeeds on "
1615 "the unpatched package and fails on the fixed package. Test other, normal "
1616 "actions as well, as sometimes a security fix can break seemingly unrelated "
1617 "features in subtle ways."
1620 # type: Content of: <chapter><section><section><section><para>
1621 #. type: Content of: <chapter><section><section><section><para>
1624 "Do <emphasis role=\"strong\">NOT</emphasis> include any changes in your "
1625 "package which are not directly related to fixing the vulnerability. These "
1626 "will only need to be reverted, and this wastes time. If there are other "
1627 "bugs in your package that you would like to fix, make an upload to proposed-"
1628 "updates in the usual way, after the security advisory is issued. The "
1629 "security update mechanism is not a means for introducing changes to your "
1630 "package which would otherwise be rejected from the stable release, so please "
1631 "do not attempt to do this."
1634 # type: Content of: <chapter><section><section><section><para>
1635 #. type: Content of: <chapter><section><section><section><para>
1638 "Review and test your changes as much as possible. Check the differences "
1639 "from the previous version repeatedly (<command>interdiff</command> from the "
1640 "<systemitem role=\"package\">patchutils</systemitem> package and "
1641 "<command>debdiff</command> from <systemitem role=\"package\">devscripts</"
1642 "systemitem> are useful tools for this, see <xref linkend=\"debdiff\"/> )."
1645 # type: Content of: <chapter><section><section><section><para>
1646 #. type: Content of: <chapter><section><section><section><para>
1648 msgid "Be sure to verify the following items:"
1651 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1652 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1655 "<emphasis role=\"strong\">Target the right distribution</emphasis> in your "
1656 "<filename>debian/changelog</filename>. For <literal>stable</literal> this "
1657 "is <literal>stable-security</literal> and for testing this is "
1658 "<literal>testing-security</literal>, and for the previous stable release, "
1659 "this is <literal>oldstable-security</literal>. Do not target "
1660 "<replaceable>distribution</replaceable><literal>-proposed-updates</literal> "
1661 "or <literal>stable</literal>!"
1664 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1665 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1668 "The upload should have <emphasis role=\"strong\">urgency=high</emphasis>."
1671 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1672 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1675 "Make descriptive, meaningful changelog entries. Others will rely on them to "
1676 "determine whether a particular bug was fixed. Add <literal>closes:</"
1677 "literal> statements for any <emphasis role=\"strong\">Debian bugs</emphasis> "
1678 "filed. Always include an external reference, preferably a <emphasis role="
1679 "\"strong\">CVE identifier</emphasis>, so that it can be cross-referenced. "
1680 "However, if a CVE identifier has not yet been assigned, do not wait for it "
1681 "but continue the process. The identifier can be cross-referenced later."
1684 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1685 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1688 "Make sure the <emphasis role=\"strong\">version number</emphasis> is "
1689 "proper. It must be greater than the current package, but less than package "
1690 "versions in later distributions. If in doubt, test it with <literal>dpkg --"
1691 "compare-versions</literal>. Be careful not to re-use a version number that "
1692 "you have already used for a previous upload, or one that conflicts with a "
1693 "binNMU. The convention is to append <literal>+</"
1694 "literal><replaceable>codename</replaceable><literal>1</literal>, e.g. "
1695 "<literal>1:2.4.3-4+etch1</literal>, of course increasing 1 for any "
1696 "subsequent uploads."
1699 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1700 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1703 "Unless the upstream source has been uploaded to <literal>security.debian.org "
1704 "</literal> before (by a previous security update), build the upload "
1705 "<emphasis role=\"strong\">with full upstream source</emphasis> "
1706 "(<literal>dpkg-buildpackage -sa</literal>). If there has been a previous "
1707 "upload to <literal>security.debian.org</literal> with the same upstream "
1708 "version, you may upload without upstream source (<literal> dpkg-buildpackage "
1712 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1713 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1716 "Be sure to use the <emphasis role=\"strong\">exact same <filename>*.orig.tar."
1717 "gz</filename></emphasis> as used in the normal archive, otherwise it is not "
1718 "possible to move the security fix into the main archives later."
1721 # type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1722 #. type: Content of: <chapter><section><section><section><itemizedlist><listitem><para>
1725 "Build the package on a <emphasis role=\"strong\">clean system</emphasis> "
1726 "which only has packages installed from the distribution you are building "
1727 "for. If you do not have such a system yourself, you can use a debian.org "
1728 "machine (see <xref linkend=\"server-machines\"/> ) or setup a chroot (see "
1729 "<xref linkend=\"pbuilder\"/> and <xref linkend=\"debootstrap\"/> )."
1732 # type: Content of: <chapter><section><section><section><title>
1733 #. type: Content of: <chapter><section><section><section><title>
1735 msgid "Uploading the fixed package"
1738 # type: Content of: <chapter><section><section><section><para>
1739 #. type: Content of: <chapter><section><section><section><para>
1742 "Do <emphasis role=\"strong\">NOT</emphasis> upload a package to the security "
1743 "upload queue (<literal>oldstable-security</literal>, <literal>stable-"
1744 "security </literal>, etc.) without prior authorization from the security "
1745 "team. If the package does not exactly meet the team's requirements, it will "
1746 "cause many problems and delays in dealing with the unwanted upload."
1749 # type: Content of: <chapter><section><section><section><para>
1750 #. type: Content of: <chapter><section><section><section><para>
1753 "Do <emphasis role=\"strong\">NOT</emphasis> upload your fix to <literal> "
1754 "proposed-updates</literal> without coordinating with the security team. "
1755 "Packages from <literal>security.debian.org</literal> will be copied into the "
1756 "<literal>proposed-updates</literal> directory automatically. If a package "
1757 "with the same or a higher version number is already installed into the "
1758 "archive, the security update will be rejected by the archive system. That "
1759 "way, the stable distribution will end up without a security update for this "
1763 # type: Content of: <chapter><section><section><section><para>
1764 #. type: Content of: <chapter><section><section><section><para>
1767 "Once you have created and tested the new package and it has been approved by "
1768 "the security team, it needs to be uploaded so that it can be installed in "
1769 "the archives. For security uploads, the place to upload to is "
1770 "<literal>ftp://security-master.debian.org/pub/SecurityUploadQueue/</"
1774 # type: Content of: <chapter><section><section><section><para>
1775 #. type: Content of: <chapter><section><section><section><para>
1778 "Once an upload to the security queue has been accepted, the package will "
1779 "automatically be built for all architectures and stored for verification by "
1780 "the security team."
1783 # type: Content of: <chapter><section><section><section><para>
1784 #. type: Content of: <chapter><section><section><section><para>
1787 "Uploads which are waiting for acceptance or verification are only accessible "
1788 "by the security team. This is necessary since there might be fixes for "
1789 "security problems that cannot be disclosed yet."
1792 # type: Content of: <chapter><section><section><section><para>
1793 #. type: Content of: <chapter><section><section><section><para>
1796 "If a member of the security team accepts a package, it will be installed on "
1797 "<literal>security.debian.org</literal> as well as proposed for the proper "
1798 "<replaceable>distribution</replaceable><literal>-proposed-updates</literal> "
1799 "on <literal>&ftp-master-host;</literal>."
1802 # type: Content of: <chapter><section><title>
1803 #. type: Content of: <chapter><section><title>
1805 msgid "Moving, removing, renaming, adopting, and orphaning packages"
1808 # type: Content of: <chapter><section><para>
1809 #. type: Content of: <chapter><section><para>
1812 "Some archive manipulation operations are not automated in the Debian upload "
1813 "process. These procedures should be manually followed by maintainers. This "
1814 "chapter gives guidelines on what to do in these cases."
1817 # type: Content of: <chapter><section><section><title>
1818 #. type: Content of: <chapter><section><section><title>
1820 msgid "Moving packages"
1823 # type: Content of: <chapter><section><section><para><footnote><para>
1824 #. type: Content of: <chapter><section><section><para><footnote><para>
1827 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
1828 "guidelines on what section a package belongs in."
1831 #. type: Content of: <chapter><section><section><para>
1834 "Sometimes a package will change its section. For instance, a package from "
1835 "the `non-free' section might be GPL'd in a later version, in which case the "
1836 "package should be moved to `main' or `contrib'.<placeholder type=\"footnote"
1840 # type: Content of: <chapter><section><section><para>
1841 #. type: Content of: <chapter><section><section><para>
1844 "If you need to change the section for one of your packages, change the "
1845 "package control information to place the package in the desired section, and "
1846 "re-upload the package (see the <ulink url=\"&url-debian-policy;\">Debian "
1847 "Policy Manual</ulink> for details). You must ensure that you include the "
1848 "<filename>.orig.tar.gz</filename> in your upload (even if you are not "
1849 "uploading a new upstream version), or it will not appear in the new section "
1850 "together with the rest of the package. If your new section is valid, it "
1851 "will be moved automatically. If it does not, then contact the ftpmasters in "
1852 "order to understand what happened."
1855 # type: Content of: <chapter><section><section><para>
1856 #. type: Content of: <chapter><section><section><para>
1859 "If, on the other hand, you need to change the <literal>subsection</literal> "
1860 "of one of your packages (e.g., ``devel'', ``admin''), the procedure is "
1861 "slightly different. Correct the subsection as found in the control file of "
1862 "the package, and re-upload that. Also, you'll need to get the override file "
1863 "updated, as described in <xref linkend=\"override-file\"/> ."
1866 # type: Content of: <chapter><section><section><title>
1867 #. type: Content of: <chapter><section><section><title>
1869 msgid "Removing packages"
1872 # type: Content of: <chapter><section><section><para>
1873 #. type: Content of: <chapter><section><section><para>
1876 "If for some reason you want to completely remove a package (say, if it is an "
1877 "old compatibility library which is no longer required), you need to file a "
1878 "bug against <literal>ftp.debian.org</literal> asking that the package be "
1879 "removed; as all bugs, this bug should normally have normal severity. The "
1880 "bug title should be in the form <literal>RM: <replaceable>package </"
1881 "replaceable> <replaceable>[architecture list]</replaceable> -- "
1882 "<replaceable>reason</replaceable></literal>, where <replaceable>package</"
1883 "replaceable> is the package to be removed and <replaceable>reason</"
1884 "replaceable> is a short summary of the reason for the removal request. "
1885 "<replaceable>[architecture list]</replaceable> is optional and only needed "
1886 "if the removal request only applies to some architectures, not all. Note "
1887 "that the <command>reportbug</command> will create a title conforming to "
1888 "these rules when you use it to report a bug against the <literal> ftp.debian."
1889 "org</literal> pseudo-package."
1892 # type: Content of: <chapter><section><section><para>
1893 #. type: Content of: <chapter><section><section><para>
1896 "If you want to remove a package you maintain, you should note this in the "
1897 "bug title by prepending <literal>ROM</literal> (Request Of Maintainer). "
1898 "There are several other standard acronyms used in the reasoning for a "
1899 "package removal, see <ulink url=\"http://&ftp-master-host;/removals.html\"></"
1900 "ulink> for a complete list. That page also provides a convenient overview of "
1901 "pending removal requests."
1904 # type: Content of: <chapter><section><section><para>
1905 #. type: Content of: <chapter><section><section><para>
1908 "Note that removals can only be done for the <literal>unstable </literal>, "
1909 "<literal>experimental</literal> and <literal>stable </literal> "
1910 "distribution. Packages are not removed from <literal>testing</literal> "
1911 "directly. Rather, they will be removed automatically after the package has "
1912 "been removed from <literal>unstable</literal> and no package in "
1913 "<literal>testing </literal> depends on it."
1916 # type: Content of: <chapter><section><section><para>
1917 #. type: Content of: <chapter><section><section><para>
1920 "There is one exception when an explicit removal request is not necessary: If "
1921 "a (source or binary) package is an orphan, it will be removed semi-"
1922 "automatically. For a binary-package, this means if there is no longer any "
1923 "source package producing this binary package; if the binary package is just "
1924 "no longer produced on some architectures, a removal request is still "
1925 "necessary. For a source-package, this means that all binary packages it "
1926 "refers to have been taken over by another source package."
1929 # type: Content of: <chapter><section><section><para>
1930 #. type: Content of: <chapter><section><section><para>
1933 "In your removal request, you have to detail the reasons justifying the "
1934 "request. This is to avoid unwanted removals and to keep a trace of why a "
1935 "package has been removed. For example, you can provide the name of the "
1936 "package that supersedes the one to be removed."
1939 # type: Content of: <chapter><section><section><para>
1940 #. type: Content of: <chapter><section><section><para>
1943 "Usually you only ask for the removal of a package maintained by yourself. "
1944 "If you want to remove another package, you have to get the approval of its "
1945 "maintainer. Should the package be orphaned and thus have no maintainer, you "
1946 "should first discuss the removal request on &email-debian-qa;. If there is a "
1947 "consensus that the package should be removed, you should reassign and "
1948 "retitle the <literal>O:</literal> bug filed against the <literal>wnpp</"
1949 "literal> package instead of filing a new bug as removal request."
1952 # type: Content of: <chapter><section><section><para>
1953 #. type: Content of: <chapter><section><section><para>
1956 "Further information relating to these and other package removal related "
1957 "topics may be found at <ulink url=\"http://wiki.debian.org/ftpmaster_Removals"
1958 "\"></ulink> and <ulink url=\"&url-debian-qa;howto-remove.html\"></ulink>."
1961 # type: Content of: <chapter><section><section><para>
1962 #. type: Content of: <chapter><section><section><para>
1965 "If in doubt concerning whether a package is disposable, email &email-debian-"
1966 "devel; asking for opinions. Also of interest is the <command>apt-cache</"
1967 "command> program from the <systemitem role=\"package\">apt</systemitem> "
1968 "package. When invoked as <literal>apt-cache showpkg <replaceable>package</"
1969 "replaceable></literal>, the program will show details for "
1970 "<replaceable>package</replaceable>, including reverse depends. Other useful "
1971 "programs include <literal>apt-cache rdepends</literal>, <command>apt-"
1972 "rdepends</command>, <command>build-rdeps</command> (in the <systemitem role="
1973 "\"package\">devscripts</systemitem> package) and <command>grep-dctrl</"
1974 "command>. Removal of orphaned packages is discussed on &email-debian-qa;."
1977 # type: Content of: <chapter><section><section><para>
1978 #. type: Content of: <chapter><section><section><para>
1981 "Once the package has been removed, the package's bugs should be handled. "
1982 "They should either be reassigned to another package in the case where the "
1983 "actual code has evolved into another package (e.g. <literal>libfoo12</"
1984 "literal> was removed because <literal>libfoo13</literal> supersedes it) or "
1985 "closed if the software is simply no longer part of Debian."
1988 # type: Content of: <chapter><section><section><section><title>
1989 #. type: Content of: <chapter><section><section><section><title>
1991 msgid "Removing packages from <filename>Incoming</filename>"
1994 # type: Content of: <chapter><section><section><section><para>
1995 #. type: Content of: <chapter><section><section><section><para>
1998 "In the past, it was possible to remove packages from <filename>incoming</"
1999 "filename>. However, with the introduction of the new incoming system, this "
2000 "is no longer possible. Instead, you have to upload a new revision of your "
2001 "package with a higher version than the package you want to replace. Both "
2002 "versions will be installed in the archive but only the higher version will "
2003 "actually be available in <literal>unstable</literal> since the previous "
2004 "version will immediately be replaced by the higher. However, if you do "
2005 "proper testing of your packages, the need to replace a package should not "
2006 "occur too often anyway."
2009 # type: Content of: <chapter><section><section><title>
2010 #. type: Content of: <chapter><section><section><title>
2012 msgid "Replacing or renaming packages"
2015 # type: Content of: <chapter><section><section><para>
2016 #. type: Content of: <chapter><section><section><para>
2019 "When the upstream maintainers for one of your packages chose to rename their "
2020 "software (or you made a mistake naming your package), you should follow a "
2021 "two-step process to rename it. In the first step, change the "
2022 "<filename>debian/control</filename> file to reflect the new name and to "
2023 "replace, provide and conflict with the obsolete package name (see the <ulink "
2024 "url=\"&url-debian-policy;\"> Debian Policy Manual</ulink> for details). "
2025 "Please note that you should only add a <literal>Provides</literal> relation "
2026 "if all packages depending on the obsolete package name continue to work "
2027 "after the renaming. Once you've uploaded the package and the package has "
2028 "moved into the archive, file a bug against <literal> ftp.debian.org</"
2029 "literal> asking to remove the package with the obsolete name (see <xref "
2030 "linkend=\"removing-pkgs\"/>). Do not forget to properly reassign the "
2031 "package's bugs at the same time."
2034 # type: Content of: <chapter><section><section><para>
2035 #. type: Content of: <chapter><section><section><para>
2038 "At other times, you may make a mistake in constructing your package and wish "
2039 "to replace it. The only way to do this is to increase the version number "
2040 "and upload a new version. The old version will be expired in the usual "
2041 "manner. Note that this applies to each part of your package, including the "
2042 "sources: if you wish to replace the upstream source tarball of your package, "
2043 "you will need to upload it with a different version. An easy possibility is "
2044 "to replace <filename>foo_1.00.orig.tar.gz</filename> with <filename>foo_1.00"
2045 "+0.orig.tar.gz</filename>. This restriction gives each file on the ftp site "
2046 "a unique name, which helps to ensure consistency across the mirror network."
2049 # type: Content of: <chapter><section><section><title>
2050 #. type: Content of: <chapter><section><section><title>
2052 msgid "Orphaning a package"
2055 # type: Content of: <chapter><section><section><para>
2056 #. type: Content of: <chapter><section><section><para>
2059 "If you can no longer maintain a package, you need to inform others, and see "
2060 "that the package is marked as orphaned. You should set the package "
2061 "maintainer to <literal>Debian QA Group &orphan-address;</literal> and submit "
2062 "a bug report against the pseudo package <systemitem role=\"package\">wnpp</"
2063 "systemitem>. The bug report should be titled <literal>O: "
2064 "<replaceable>package</replaceable> -- <replaceable>short description</"
2065 "replaceable></literal> indicating that the package is now orphaned. The "
2066 "severity of the bug should be set to <literal>normal</literal>; if the "
2067 "package has a priority of standard or higher, it should be set to "
2068 "important. If you feel it's necessary, send a copy to &email-debian-devel; "
2069 "by putting the address in the X-Debbugs-CC: header of the message (no, don't "
2070 "use CC:, because that way the message's subject won't indicate the bug "
2074 # type: Content of: <chapter><section><section><para>
2075 #. type: Content of: <chapter><section><section><para>
2078 "If you just intend to give the package away, but you can keep maintainership "
2079 "for the moment, then you should instead submit a bug against <systemitem "
2080 "role=\"package\">wnpp</systemitem> and title it <literal>RFA: "
2081 "<replaceable>package</replaceable> -- <replaceable>short description</"
2082 "replaceable></literal>. <literal>RFA</literal> stands for <literal>Request "
2083 "For Adoption</literal>."
2086 # type: Content of: <chapter><section><section><para>
2087 #. type: Content of: <chapter><section><section><para>
2090 "More information is on the <ulink url=\"&url-wnpp;\">WNPP web pages</ulink>."
2093 # type: Content of: <chapter><section><section><title>
2094 #. type: Content of: <chapter><section><section><title>
2096 msgid "Adopting a package"
2099 # type: Content of: <chapter><section><section><para>
2100 #. type: Content of: <chapter><section><section><para>
2103 "A list of packages in need of a new maintainer is available in the <ulink "
2104 "url=\"&url-wnpp;\">Work-Needing and Prospective Packages list (WNPP)</"
2105 "ulink>. If you wish to take over maintenance of any of the packages listed "
2106 "in the WNPP, please take a look at the aforementioned page for information "
2110 # type: Content of: <chapter><section><section><para>
2111 #. type: Content of: <chapter><section><section><para>
2114 "It is not OK to simply take over a package that you feel is neglected — that "
2115 "would be package hijacking. You can, of course, contact the current "
2116 "maintainer and ask them if you may take over the package. If you have "
2117 "reason to believe a maintainer has gone AWOL (absent without leave), see "
2118 "<xref linkend=\"mia-qa\"/> ."
2121 # type: Content of: <chapter><section><section><para>
2122 #. type: Content of: <chapter><section><section><para>
2125 "Generally, you may not take over the package without the assent of the "
2126 "current maintainer. Even if they ignore you, that is still not grounds to "
2127 "take over a package. Complaints about maintainers should be brought up on "
2128 "the developers' mailing list. If the discussion doesn't end with a positive "
2129 "conclusion, and the issue is of a technical nature, consider bringing it to "
2130 "the attention of the technical committee (see the <ulink url=\"&url-tech-"
2131 "ctte;\">technical committee web page</ulink> for more information)."
2134 # type: Content of: <chapter><section><section><para>
2135 #. type: Content of: <chapter><section><section><para>
2138 "If you take over an old package, you probably want to be listed as the "
2139 "package's official maintainer in the bug system. This will happen "
2140 "automatically once you upload a new version with an updated "
2141 "<literal>Maintainer:</literal> field, although it can take a few hours after "
2142 "the upload is done. If you do not expect to upload a new version for a "
2143 "while, you can use <xref linkend=\"pkg-tracking-system\"/> to get the bug "
2144 "reports. However, make sure that the old maintainer has no problem with the "
2145 "fact that they will continue to receive the bugs during that time."
2148 # type: Content of: <chapter><section><title>
2149 #. type: Content of: <chapter><section><title>
2151 msgid "Porting and being ported"
2154 # type: Content of: <chapter><section><para>
2155 #. type: Content of: <chapter><section><para>
2158 "Debian supports an ever-increasing number of architectures. Even if you are "
2159 "not a porter, and you don't use any architecture but one, it is part of your "
2160 "duty as a maintainer to be aware of issues of portability. Therefore, even "
2161 "if you are not a porter, you should read most of this chapter."
2164 # type: Content of: <chapter><section><para>
2165 #. type: Content of: <chapter><section><para>
2168 "Porting is the act of building Debian packages for architectures that are "
2169 "different from the original architecture of the package maintainer's binary "
2170 "package. It is a unique and essential activity. In fact, porters do most "
2171 "of the actual compiling of Debian packages. For instance, when a maintainer "
2172 "uploads a (portable) source packages with binaries for the <literal>i386 </"
2173 "literal> architecture, it will be built for each of the other architectures, "
2174 "amounting to &number-of-arches; more builds."
2177 # type: Content of: <chapter><section><section><title>
2178 #. type: Content of: <chapter><section><section><title>
2180 msgid "Being kind to porters"
2183 # type: Content of: <chapter><section><section><para>
2184 #. type: Content of: <chapter><section><section><para>
2187 "Porters have a difficult and unique task, since they are required to deal "
2188 "with a large volume of packages. Ideally, every source package should build "
2189 "right out of the box. Unfortunately, this is often not the case. This "
2190 "section contains a checklist of ``gotchas'' often committed by Debian "
2191 "maintainers — common problems which often stymie porters, and make their "
2192 "jobs unnecessarily difficult."
2195 # type: Content of: <chapter><section><section><para>
2196 #. type: Content of: <chapter><section><section><para>
2199 "The first and most important thing is to respond quickly to bug or issues "
2200 "raised by porters. Please treat porters with courtesy, as if they were in "
2201 "fact co-maintainers of your package (which, in a way, they are). Please be "
2202 "tolerant of succinct or even unclear bug reports; do your best to hunt down "
2203 "whatever the problem is."
2206 # type: Content of: <chapter><section><section><para>
2207 #. type: Content of: <chapter><section><section><para>
2210 "By far, most of the problems encountered by porters are caused by "
2211 "<emphasis>packaging bugs</emphasis> in the source packages. Here is a "
2212 "checklist of things you should check or be aware of."
2215 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2216 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2219 "Make sure that your <literal>Build-Depends</literal> and <literal>Build-"
2220 "Depends-Indep</literal> settings in <filename>debian/control</filename> are "
2221 "set properly. The best way to validate this is to use the <systemitem role="
2222 "\"package\">debootstrap</systemitem> package to create an <literal>unstable</"
2223 "literal> chroot environment (see <xref linkend=\"debootstrap\"/> ). Within "
2224 "that chrooted environment, install the <systemitem role=\"package\">build-"
2225 "essential</systemitem> package and any package dependencies mentioned in "
2226 "<literal>Build-Depends</literal> and/or <literal>Build-Depends-Indep</"
2227 "literal>. Finally, try building your package within that chrooted "
2228 "environment. These steps can be automated by the use of the "
2229 "<command>pbuilder</command> program which is provided by the package of the "
2230 "same name (see <xref linkend=\"pbuilder\"/> )."
2233 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2234 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2237 "If you can't set up a proper chroot, <command>dpkg-depcheck</command> may be "
2238 "of assistance (see <xref linkend=\"dpkg-depcheck\"/> )."
2241 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2242 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2245 "See the <ulink url=\"&url-debian-policy;\">Debian Policy Manual</ulink> for "
2246 "instructions on setting build dependencies."
2249 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2250 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2253 "Don't set architecture to a value other than <literal>all</literal> or "
2254 "<literal>any</literal> unless you really mean it. In too many cases, "
2255 "maintainers don't follow the instructions in the <ulink url=\"&url-debian-"
2256 "policy;\">Debian Policy Manual</ulink>. Setting your architecture to only "
2257 "one architecture (such as <literal>i386</literal> or <literal>amd64</"
2258 "literal>) is usually incorrect."
2261 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2262 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2265 "Make sure your source package is correct. Do <literal>dpkg-source -x "
2266 "<replaceable>package</replaceable>.dsc</literal> to make sure your source "
2267 "package unpacks properly. Then, in there, try building your package from "
2268 "scratch with <command>dpkg-buildpackage</command>."
2271 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2272 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2275 "Make sure you don't ship your source package with the <filename>debian/"
2276 "files</filename> or <filename>debian/substvars</filename> files. They "
2277 "should be removed by the <literal>clean</literal> target of <filename>debian/"
2281 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2282 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2285 "Make sure you don't rely on locally installed or hacked configurations or "
2286 "programs. For instance, you should never be calling programs in <filename>/"
2287 "usr/local/bin</filename> or the like. Try not to rely on programs being "
2288 "setup in a special way. Try building your package on another machine, even "
2289 "if it's the same architecture."
2292 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2293 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2296 "Don't depend on the package you're building being installed already (a sub-"
2297 "case of the above issue). There are, of course, exceptions to this rule, but "
2298 "be aware that any case like this needs manual bootstrapping and cannot be "
2299 "done by automated package builders."
2302 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2303 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2306 "Don't rely on the compiler being a certain version, if possible. If not, "
2307 "then make sure your build dependencies reflect the restrictions, although "
2308 "you are probably asking for trouble, since different architectures sometimes "
2309 "standardize on different compilers."
2312 # type: Content of: <chapter><section><section><orderedlist><listitem><para>
2313 #. type: Content of: <chapter><section><section><orderedlist><listitem><para>
2316 "Make sure your debian/rules contains separate <literal>binary-arch</literal> "
2317 "and <literal>binary-indep</literal> targets, as the Debian Policy Manual "
2318 "requires. Make sure that both targets work independently, that is, that you "
2319 "can call the target without having called the other before. To test this, "
2320 "try to run <command>dpkg-buildpackage -B</command>."
2323 # type: Content of: <chapter><section><section><title>
2324 #. type: Content of: <chapter><section><section><title>
2326 msgid "Guidelines for porter uploads"
2329 # type: Content of: <chapter><section><section><para>
2330 #. type: Content of: <chapter><section><section><para>
2333 "If the package builds out of the box for the architecture to be ported to, "
2334 "you are in luck and your job is easy. This section applies to that case; it "
2335 "describes how to build and upload your binary package so that it is properly "
2336 "installed into the archive. If you do have to patch the package in order to "
2337 "get it to compile for the other architecture, you are actually doing a "
2338 "source NMU, so consult <xref linkend=\"nmu-guidelines\"/> instead."
2341 # type: Content of: <chapter><section><section><para>
2342 #. type: Content of: <chapter><section><section><para>
2345 "For a porter upload, no changes are being made to the source. You do not "
2346 "need to touch any of the files in the source package. This includes "
2347 "<filename>debian/changelog</filename>."
2350 # type: Content of: <chapter><section><section><para>
2351 #. type: Content of: <chapter><section><section><para>
2354 "The way to invoke <command>dpkg-buildpackage</command> is as <literal>dpkg-"
2355 "buildpackage -B -m<replaceable>porter-email</replaceable></literal>. Of "
2356 "course, set <replaceable>porter-email</replaceable> to your email address. "
2357 "This will do a binary-only build of only the architecture-dependent portions "
2358 "of the package, using the <literal>binary-arch</literal> target in "
2359 "<filename>debian/rules </filename>."
2362 # type: Content of: <chapter><section><section><para>
2363 #. type: Content of: <chapter><section><section><para>
2366 "If you are working on a Debian machine for your porting efforts and you need "
2367 "to sign your upload locally for its acceptance in the archive, you can run "
2368 "<command>debsign</command> on your <filename>.changes</filename> file to "
2369 "have it signed conveniently, or use the remote signing mode of <command>dpkg-"
2373 # type: Content of: <chapter><section><section><section><title>
2374 #. type: Content of: <chapter><section><section><section><title>
2376 msgid "Recompilation or binary-only NMU"
2379 # type: Content of: <chapter><section><section><section><para>
2380 #. type: Content of: <chapter><section><section><section><para>
2383 "Sometimes the initial porter upload is problematic because the environment "
2384 "in which the package was built was not good enough (outdated or obsolete "
2385 "library, bad compiler, ...). Then you may just need to recompile it in an "
2386 "updated environment. However, you have to bump the version number in this "
2387 "case, so that the old bad package can be replaced in the Debian archive "
2388 "(<command>dak</command> refuses to install new packages if they don't have a "
2389 "version number greater than the currently available one)."
2392 # type: Content of: <chapter><section><section><section><para>
2393 #. type: Content of: <chapter><section><section><section><para>
2396 "You have to make sure that your binary-only NMU doesn't render the package "
2397 "uninstallable. This could happen when a source package generates arch-"
2398 "dependent and arch-independent packages that have inter-dependencies "
2399 "generated using dpkg's substitution variable <literal>$(Source-Version) </"
2403 # type: Content of: <chapter><section><section><section><para>
2404 #. type: Content of: <chapter><section><section><section><para>
2407 "Despite the required modification of the changelog, these are called binary-"
2408 "only NMUs — there is no need in this case to trigger all other architectures "
2409 "to consider themselves out of date or requiring recompilation."
2412 # type: Content of: <chapter><section><section><section><para>
2413 #. type: Content of: <chapter><section><section><section><para>
2416 "Such recompilations require special ``magic'' version numbering, so that the "
2417 "archive maintenance tools recognize that, even though there is a new Debian "
2418 "version, there is no corresponding source update. If you get this wrong, "
2419 "the archive maintainers will reject your upload (due to lack of "
2420 "corresponding source code)."
2423 # type: Content of: <chapter><section><section><section><para><footnote><para>
2424 #. type: Content of: <chapter><section><section><section><para><footnote><para>
2427 "In the past, such NMUs used the third-level number on the Debian part of the "
2428 "revision to denote their recompilation-only status; however, this syntax was "
2429 "ambiguous with native packages and did not allow proper ordering of "
2430 "recompile-only NMUs, source NMUs, and security NMUs on the same package, and "
2431 "has therefore been abandoned in favor of this new syntax."
2434 #. type: Content of: <chapter><section><section><section><para>
2437 "The ``magic'' for a recompilation-only NMU is triggered by using a suffix "
2438 "appended to the package version number, following the form <literal> "
2439 "b<replaceable>number</replaceable></literal>. For instance, if the latest "
2440 "version you are recompiling against was version <literal>2.9-3</literal>, "
2441 "your binary-only NMU should carry a version of <literal>2.9-3+b1</literal>. "
2442 "If the latest version was <literal>3.4+b1 </literal> (i.e, a native package "
2443 "with a previous recompilation NMU), your binary-only NMU should have a "
2444 "version number of <literal>3.4+b2</literal>. <placeholder type=\"footnote\" "
2448 # type: Content of: <chapter><section><section><section><para>
2449 #. type: Content of: <chapter><section><section><section><para>
2452 "Similar to initial porter uploads, the correct way of invoking <command>dpkg-"
2453 "buildpackage</command> is <literal>dpkg-buildpackage -B</literal> to only "
2454 "build the architecture-dependent parts of the package."
2457 # type: Content of: <chapter><section><section><section><title>
2458 #. type: Content of: <chapter><section><section><section><title>
2460 msgid "When to do a source NMU if you are a porter"
2463 # type: Content of: <chapter><section><section><section><para>
2464 #. type: Content of: <chapter><section><section><section><para>
2467 "Porters doing a source NMU generally follow the guidelines found in <xref "
2468 "linkend=\"nmu\"/> , just like non-porters. However, it is expected that the "
2469 "wait cycle for a porter's source NMU is smaller than for a non-porter, since "
2470 "porters have to cope with a large quantity of packages. Again, the "
2471 "situation varies depending on the distribution they are uploading to. It "
2472 "also varies whether the architecture is a candidate for inclusion into the "
2473 "next stable release; the release managers decide and announce which "
2474 "architectures are candidates."
2477 # type: Content of: <chapter><section><section><section><para>
2478 #. type: Content of: <chapter><section><section><section><para>
2481 "If you are a porter doing an NMU for <literal>unstable</literal>, the above "
2482 "guidelines for porting should be followed, with two variations. Firstly, "
2483 "the acceptable waiting period — the time between when the bug is submitted "
2484 "to the BTS and when it is OK to do an NMU — is seven days for porters "
2485 "working on the <literal>unstable</literal> distribution. This period can be "
2486 "shortened if the problem is critical and imposes hardship on the porting "
2487 "effort, at the discretion of the porter group. (Remember, none of this is "
2488 "Policy, just mutually agreed upon guidelines.) For uploads to "
2489 "<literal>stable</literal> or <literal>testing </literal>, please coordinate "
2490 "with the appropriate release team first."
2493 # type: Content of: <chapter><section><section><section><para>
2494 #. type: Content of: <chapter><section><section><section><para>
2497 "Secondly, porters doing source NMUs should make sure that the bug they "
2498 "submit to the BTS should be of severity <literal>serious</literal> or "
2499 "greater. This ensures that a single source package can be used to compile "
2500 "every supported Debian architecture by release time. It is very important "
2501 "that we have one version of the binary and source package for all "
2502 "architectures in order to comply with many licenses."
2505 # type: Content of: <chapter><section><section><section><para>
2506 #. type: Content of: <chapter><section><section><section><para>
2509 "Porters should try to avoid patches which simply kludge around bugs in the "
2510 "current version of the compile environment, kernel, or libc. Sometimes such "
2511 "kludges can't be helped. If you have to kludge around compiler bugs and the "
2512 "like, make sure you <literal>#ifdef</literal> your work properly; also, "
2513 "document your kludge so that people know to remove it once the external "
2514 "problems have been fixed."
2517 # type: Content of: <chapter><section><section><section><para>
2518 #. type: Content of: <chapter><section><section><section><para>
2521 "Porters may also have an unofficial location where they can put the results "
2522 "of their work during the waiting period. This helps others running the port "
2523 "have the benefit of the porter's work, even during the waiting period. Of "
2524 "course, such locations have no official blessing or status, so buyer beware."
2527 # type: Content of: <chapter><section><section><title>
2528 #. type: Content of: <chapter><section><section><title>
2530 msgid "Porting infrastructure and automation"
2533 # type: Content of: <chapter><section><section><para>
2534 #. type: Content of: <chapter><section><section><para>
2537 "There is infrastructure and several tools to help automate package porting. "
2538 "This section contains a brief overview of this automation and porting to "
2539 "these tools; see the package documentation or references for full "
2543 # type: Content of: <chapter><section><section><section><title>
2544 #. type: Content of: <chapter><section><section><section><title>
2546 msgid "Mailing lists and web pages"
2549 # type: Content of: <chapter><section><section><section><para>
2550 #. type: Content of: <chapter><section><section><section><para>
2553 "Web pages containing the status of each port can be found at <ulink url="
2554 "\"&url-debian-ports;\"></ulink>."
2557 # type: Content of: <chapter><section><section><section><para>
2558 #. type: Content of: <chapter><section><section><section><para>
2561 "Each port of Debian has a mailing list. The list of porting mailing lists "
2562 "can be found at <ulink url=\"&url-debian-port-lists;\"></ulink>. These "
2563 "lists are used to coordinate porters, and to connect the users of a given "
2564 "port with the porters."
2567 # type: Content of: <chapter><section><section><section><title>
2568 #. type: Content of: <chapter><section><section><section><title>
2570 msgid "Porter tools"
2573 # type: Content of: <chapter><section><section><section><para>
2574 #. type: Content of: <chapter><section><section><section><para>
2577 "Descriptions of several porting tools can be found in <xref linkend=\"tools-"
2581 # type: Content of: <chapter><section><section><section><title>
2582 #. type: Content of: <chapter><section><section><section><title>
2584 msgid "<systemitem role=\"package\">wanna-build</systemitem>"
2587 # type: Content of: <chapter><section><section><section><para>
2588 #. type: Content of: <chapter><section><section><section><para>
2591 "The <systemitem role=\"package\">wanna-build</systemitem> system is used as "
2592 "a distributed, client-server build distribution system. It is usually used "
2593 "in conjunction with build daemons running the <systemitem role=\"package"
2594 "\">buildd </systemitem> program. <literal>Build daemons</literal> are "
2595 "``slave'' hosts which contact the central <systemitem role=\"package\"> "
2596 "wanna-build</systemitem> system to receive a list of packages that need to "
2600 # type: Content of: <chapter><section><section><section><para>
2601 #. type: Content of: <chapter><section><section><section><para>
2604 "<systemitem role=\"package\">wanna-build</systemitem> is not yet available "
2605 "as a package; however, all Debian porting efforts are using it for automated "
2606 "package building. The tool used to do the actual package builds, "
2607 "<systemitem role=\"package\">sbuild</systemitem> is available as a package, "
2608 "see its description in <xref linkend=\"sbuild\"/> . Please note that the "
2609 "packaged version is not the same as the one used on build daemons, but it is "
2610 "close enough to reproduce problems."
2613 # type: Content of: <chapter><section><section><section><para>
2614 #. type: Content of: <chapter><section><section><section><para>
2617 "Most of the data produced by <systemitem role=\"package\">wanna-build </"
2618 "systemitem> which is generally useful to porters is available on the web at "
2619 "<ulink url=\"&url-buildd;\"></ulink>. This data includes nightly updated "
2620 "statistics, queueing information and logs for build attempts."
2623 # type: Content of: <chapter><section><section><section><para>
2624 #. type: Content of: <chapter><section><section><section><para>
2627 "We are quite proud of this system, since it has so many possible uses. "
2628 "Independent development groups can use the system for different sub-flavors "
2629 "of Debian, which may or may not really be of general interest (for instance, "
2630 "a flavor of Debian built with <command>gcc</command> bounds checking). It "
2631 "will also enable Debian to recompile entire distributions quickly."
2634 # type: Content of: <chapter><section><section><section><para>
2635 #. type: Content of: <chapter><section><section><section><para>
2638 "The buildds admins of each arch can be contacted at the mail address "
2639 "<literal><replaceable>arch</replaceable>@buildd.debian.org</literal>."
2642 # type: Content of: <chapter><section><section><title>
2643 #. type: Content of: <chapter><section><section><title>
2645 msgid "When your package is <emphasis>not</emphasis> portable"
2648 # type: Content of: <chapter><section><section><para>
2649 #. type: Content of: <chapter><section><section><para>
2652 "Some packages still have issues with building and/or working on some of the "
2653 "architectures supported by Debian, and cannot be ported at all, or not "
2654 "within a reasonable amount of time. An example is a package that is SVGA-"
2655 "specific (only available for <literal>i386</literal> and <literal>amd64</"
2656 "literal>), or uses other hardware-specific features not supported on all "
2660 # type: Content of: <chapter><section><section><para>
2661 #. type: Content of: <chapter><section><section><para>
2664 "In order to prevent broken packages from being uploaded to the archive, and "
2665 "wasting buildd time, you need to do a few things:"
2668 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2669 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2672 "First, make sure your package <emphasis>does</emphasis> fail to build on "
2673 "architectures that it cannot support. There are a few ways to achieve "
2674 "this. The preferred way is to have a small testsuite during build time that "
2675 "will test the functionality, and fail if it doesn't work. This is a good "
2676 "idea anyway, as this will prevent (some) broken uploads on all "
2677 "architectures, and also will allow the package to build as soon as the "
2678 "required functionality is available."
2681 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2682 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2685 "Additionally, if you believe the list of supported architectures is pretty "
2686 "constant, you should change <literal>any</literal> to a list of supported "
2687 "architectures in <filename>debian/control</filename>. This way, the build "
2688 "will fail also, and indicate this to a human reader without actually trying."
2691 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2692 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2695 "In order to prevent autobuilders from needlessly trying to build your "
2696 "package, it must be included in <filename>packages-arch-specific</filename>, "
2697 "a list used by the <command>wanna-build</command> script. The current "
2698 "version is available as <ulink url=\"&url-cvsweb;srcdep/Packages-arch-"
2699 "specific?cvsroot=dak\"></ulink>; please see the top of the file for whom to "
2700 "contact for changes."
2703 # type: Content of: <chapter><section><section><para>
2704 #. type: Content of: <chapter><section><section><para>
2707 "Please note that it is insufficient to only add your package to Packages-"
2708 "arch-specific without making it fail to build on unsupported architectures: "
2709 "A porter or any other person trying to build your package might accidently "
2710 "upload it without noticing it doesn't work. If in the past some binary "
2711 "packages were uploaded on unsupported architectures, request their removal "
2712 "by filing a bug against <systemitem role=\"package\">ftp.debian.org</"
2716 # type: Content of: <chapter><section><title>
2717 #. type: Content of: <chapter><section><title>
2719 msgid "Non-Maintainer Uploads (NMUs)"
2722 # type: Content of: <chapter><section><para>
2723 #. type: Content of: <chapter><section><para>
2726 "Every package has one or more maintainers. Normally, these are the people "
2727 "who work on and upload new versions of the package. In some situations, it "
2728 "is useful that other developers can upload a new version as well, for "
2729 "example if they want to fix a bug in a package they don't maintain, when the "
2730 "maintainer needs help to respond to issues. Such uploads are called "
2731 "<emphasis>Non-Maintainer Uploads (NMU)</emphasis>."
2734 # type: Content of: <chapter><section><section><title>
2735 #. type: Content of: <chapter><section><section><title>
2737 msgid "When and how to do an NMU"
2740 # type: Content of: <chapter><section><section><para>
2741 #. type: Content of: <chapter><section><section><para>
2743 msgid "Before doing an NMU, consider the following questions:"
2746 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2747 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2750 "Does your NMU really fix bugs? Fixing cosmetic issues or changing the "
2751 "packaging style in NMUs is discouraged."
2754 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2755 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2758 "Did you give enough time to the maintainer? When was the bug reported to the "
2759 "BTS? Being busy for a week or two isn't unusual. Is the bug so severe that "
2760 "it needs to be fixed right now, or can it wait a few more days?"
2763 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2764 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2767 "How confident are you about your changes? Please remember the Hippocratic "
2768 "Oath: \"Above all, do no harm.\" It is better to leave a package with an "
2769 "open grave bug than applying a non-functional patch, or one that hides the "
2770 "bug instead of resolving it. If you are not 100% sure of what you did, it "
2771 "might be a good idea to seek advice from others. Remember that if you break "
2772 "something in your NMU, many people will be very unhappy about it."
2775 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2776 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2779 "Have you clearly expressed your intention to NMU, at least in the BTS? It is "
2780 "also a good idea to try to contact the maintainer by other means (private "
2784 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2785 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2788 "If the maintainer is usually active and responsive, have you tried to "
2789 "contact him? In general it should be considered preferable that a maintainer "
2790 "takes care of an issue himself and that he is given the chance to review and "
2791 "correct your patch, because he can be expected to be more aware of potential "
2792 "issues which an NMUer might miss. It is often a better use of everyone's "
2793 "time if the maintainer is given an opportunity to upload a fix on their own."
2796 # type: Content of: <chapter><section><section><para>
2797 #. type: Content of: <chapter><section><section><para>
2800 "When doing an NMU, you must first make sure that your intention to NMU is "
2801 "clear. Then, you must send a patch with the differences between the current "
2802 "package and your proposed NMU to the BTS. The <literal>nmudiff</literal> "
2803 "script in the <literal>devscripts</literal> package might be helpful."
2806 # type: Content of: <chapter><section><section><para>
2807 #. type: Content of: <chapter><section><section><para>
2810 "While preparing the patch, you should better be aware of any package-"
2811 "specific practices that the maintainer might be using. Taking them into "
2812 "account reduces the burden of getting your changes integrated back in the "
2813 "normal package workflow and thus increases the possibilities that that will "
2814 "happen. A good place where to look for for possible package-specific "
2815 "practices is <ulink url=\"&url-debian-policy;ch-source.html#s-readmesource"
2816 "\"><literal>debian/README.source</literal></ulink>."
2819 # type: Content of: <chapter><section><section><para>
2820 #. type: Content of: <chapter><section><section><para>
2823 "Unless you have an excellent reason not to do so, you must then give some "
2824 "time to the maintainer to react (for example, by uploading to the "
2825 "<literal>DELAYED</literal> queue). Here are some recommended values to use "
2829 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2830 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2832 msgid "Upload fixing only release-critical bugs older than 7 days: 2 days"
2835 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2836 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2838 msgid "Upload fixing only release-critical and important bugs: 5 days"
2841 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2842 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
2844 msgid "Other NMUs: 10 days"
2847 # type: Content of: <chapter><section><section><para>
2848 #. type: Content of: <chapter><section><section><para>
2851 "Those delays are only examples. In some cases, such as uploads fixing "
2852 "security issues, or fixes for trivial bugs that blocking a transition, it is "
2853 "desirable that the fixed package reaches <literal>unstable</literal> sooner."
2856 # type: Content of: <chapter><section><section><para>
2857 #. type: Content of: <chapter><section><section><para>
2860 "Sometimes, release managers decide to allow NMUs with shorter delays for a "
2861 "subset of bugs (e.g release-critical bugs older than 7 days). Also, some "
2862 "maintainers list themselves in the <ulink url=\"&url-low-threshold-nmu;"
2863 "\">Low Threshold NMU list</ulink>, and accept that NMUs are uploaded without "
2864 "delay. But even in those cases, it's still a good idea to give the "
2865 "maintainer a few days to react before you upload, especially if the patch "
2866 "wasn't available in the BTS before, or if you know that the maintainer is "
2870 # type: Content of: <chapter><section><section><para>
2871 #. type: Content of: <chapter><section><section><para>
2874 "After you upload an NMU, you are responsible for the possible problems that "
2875 "you might have introduced. You must keep an eye on the package (subscribing "
2876 "to the package on the PTS is a good way to achieve this)."
2879 # type: Content of: <chapter><section><section><para>
2880 #. type: Content of: <chapter><section><section><para>
2883 "This is not a license to perform NMUs thoughtlessly. If you NMU when it is "
2884 "clear that the maintainers are active and would have acknowledged a patch in "
2885 "a timely manner, or if you ignore the recommendations of this document, your "
2886 "upload might be a cause of conflict with the maintainer. You should always "
2887 "be prepared to defend the wisdom of any NMU you perform on its own merits."
2890 # type: Content of: <chapter><section><section><title>
2891 #. type: Content of: <chapter><section><section><title>
2893 msgid "NMUs and debian/changelog"
2896 # type: Content of: <chapter><section><section><para>
2897 #. type: Content of: <chapter><section><section><para>
2900 "Just like any other (source) upload, NMUs must add an entry to "
2901 "<literal>debian/changelog</literal>, telling what has changed with this "
2902 "upload. The first line of this entry must explicitely mention that this "
2903 "upload is an NMU, e.g.:"
2906 #. type: Content of: <chapter><section><section><screen>
2909 msgid " * Non-maintainer upload.\n"
2912 # type: Content of: <chapter><section><section><para>
2913 #. type: Content of: <chapter><section><section><para>
2916 "The version must be the version of the last maintainer upload, plus <literal>"
2917 "+nmu<replaceable>X</replaceable></literal>, where <replaceable>X</"
2918 "replaceable> is a counter starting at <literal>1</literal>. If the last "
2919 "upload was also an NMU, the counter should be increased. For example, if "
2920 "the current version is <literal>1.5-1</literal>, then an NMU would get "
2921 "version <literal>1.5-1+nmu1</literal>. If the current version is "
2922 "<literal>1.5+nmu3</literal> (a native package which has already been NMUed), "
2923 "the NMU would get version <literal>1.5+nmu4</literal>. If a new upstream "
2924 "version is packaged in the NMU, the debian revision is set to <literal>0</"
2925 "literal>, for example <literal>1.6-0+nmu1</literal>."
2928 # type: Content of: <chapter><section><section><para>
2929 #. type: Content of: <chapter><section><section><para>
2932 "A special versioning scheme is needed to avoid disrupting the maintainer's "
2933 "work, since using an integer for the Debian revision will potentially "
2934 "conflict with a maintainer upload already in preparation at the time of an "
2935 "NMU, or even one sitting in the ftp NEW queue. It also has the benefit of "
2936 "making it visually clear that a package in the archive was not made by the "
2937 "official maintainer."
2940 # type: Content of: <chapter><section><section><para>
2941 #. type: Content of: <chapter><section><section><para>
2944 "If you upload a package to testing or stable, you sometimes need to \"fork\" "
2945 "the version number tree. This is the case for security uploads, for "
2946 "example. For this, a version of the form <literal>+deb<replaceable>XY</"
2947 "replaceable>u<replaceable>Z</replaceable></literal> should be used, where "
2948 "<replaceable>X</replaceable> and <replaceable>Y</replaceable> are the major "
2949 "and minor release numbers, and <replaceable>Z</replaceable> is a counter "
2950 "starting at <literal>1</literal>. When the release number is not yet known "
2951 "(often the case for <literal>testing</literal>, at the beginning of release "
2952 "cycles), the lowest release number higher than the last stable release "
2953 "number must be used. For example, while Etch (Debian 4.0) is stable, a "
2954 "security NMU to stable for a package at version <literal>1.5-3</literal> "
2955 "would have version <literal>1.5-3+deb40u1</literal>, whereas a security NMU "
2956 "to Lenny would get version <literal>1.5-3+deb50u1</literal>. After the "
2957 "release of Lenny, security uploads to the <literal>testing</literal> "
2958 "distribution will be versioned <literal>+deb51uZ</literal>, until it is "
2959 "known whether that release will be Debian 5.1 or Debian 6.0 (if that becomes "
2960 "the case, uploads will be versioned as <literal>+deb60uZ</literal>."
2963 # type: Content of: <chapter><section><section><title>
2964 #. type: Content of: <chapter><section><section><title>
2966 msgid "Using the <literal>DELAYED/</literal> queue"
2969 # type: Content of: <chapter><section><section><para>
2970 #. type: Content of: <chapter><section><section><para>
2973 "Having to wait for a response after you request permission to NMU is "
2974 "inefficient, because it costs the NMUer a context switch to come back to the "
2975 "issue. The <literal>DELAYED</literal> queue (see <xref linkend=\"delayed-"
2976 "incoming\"/>) allows the developer doing the NMU to perform all the "
2977 "necessary tasks at the same time. For instance, instead of telling the "
2978 "maintainer that you will upload the updated package in 7 days, you should "
2979 "upload the package to <literal>DELAYED/7</literal> and tell the maintainer "
2980 "that he has 7 days to react. During this time, the maintainer can ask you "
2981 "to delay the upload some more, or cancel your upload."
2984 # type: Content of: <chapter><section><section><para>
2985 #. type: Content of: <chapter><section><section><para>
2988 "The <literal>DELAYED</literal> queue should not be used to put additional "
2989 "pressure on the maintainer. In particular, it's important that you are "
2990 "available to cancel or delay the upload before the delay expires since the "
2991 "maintainer cannot cancel the upload himself."
2994 # type: Content of: <chapter><section><section><para>
2995 #. type: Content of: <chapter><section><section><para>
2998 "If you make an NMU to <literal>DELAYED</literal> and the maintainer updates "
2999 "his package before the delay expires, your upload will be rejected because a "
3000 "newer version is already available in the archive. Ideally, the maintainer "
3001 "will take care to include your proposed changes (or at least a solution for "
3002 "the problems they address) in that upload."
3005 # type: Content of: <chapter><section><section><title>
3006 #. type: Content of: <chapter><section><section><title>
3008 msgid "NMUs from the maintainer's point of view"
3011 # type: Content of: <chapter><section><section><para>
3012 #. type: Content of: <chapter><section><section><para>
3015 "When someone NMUs your package, this means they want to help you to keep it "
3016 "in good shape. This gives users fixed packages faster. You can consider "
3017 "asking the NMUer to become a co-maintainer of the package. Receiving an NMU "
3018 "on a package is not a bad thing; it just means that the package is "
3019 "interesting enough for other people to work on it."
3022 # type: Content of: <chapter><section><section><para>
3023 #. type: Content of: <chapter><section><section><para>
3026 "To acknowledge an NMU, include its changes and changelog entry in your next "
3027 "maintainer upload. If you do not acknowledge the NMU by including the NMU "
3028 "changelog entry in your changelog, the bugs will remain closed in the BTS "
3029 "but will be listed as affecting your maintainer version of the package."
3032 # type: Content of: <chapter><section><section><title>
3033 #. type: Content of: <chapter><section><section><title>
3035 msgid "Source NMUs vs Binary-only NMUs (binNMUs)"
3038 # type: Content of: <chapter><section><section><para>
3039 #. type: Content of: <chapter><section><section><para>
3042 "The full name of an NMU is <emphasis>source NMU</emphasis>. There is also "
3043 "another type, namely the <emphasis>binary-only NMU</emphasis>, or "
3044 "<emphasis>binNMU</emphasis>. A binNMU is also a package upload by someone "
3045 "other than the package's maintainer. However, it is a binary-only upload."
3048 # type: Content of: <chapter><section><section><para>
3049 #. type: Content of: <chapter><section><section><para>
3052 "When a library (or other dependency) is updated, the packages using it may "
3053 "need to be rebuilt. Since no changes to the source are needed, the same "
3054 "source package is used."
3057 # type: Content of: <chapter><section><section><para>
3058 #. type: Content of: <chapter><section><section><para>
3061 "BinNMUs are usually triggered on the buildds by wanna-build. An entry is "
3062 "added to debian/changelog, explaining why the upload was needed and "
3063 "increasing the version number as described in <xref linkend=\"binary-only-nmu"
3064 "\"/>. This entry should not be included in the next upload."
3067 # type: Content of: <chapter><section><section><para>
3068 #. type: Content of: <chapter><section><section><para>
3071 "Buildds upload packages for their architecture to the archive as binary-only "
3072 "uploads. Strictly speaking, these are binNMUs. However, they are not "
3073 "normally called NMU, and they don't add an entry to debian/changelog."
3076 # type: Content of: <chapter><section><section><title>
3077 #. type: Content of: <chapter><section><section><title>
3079 msgid "NMUs vs QA uploads"
3082 # type: Content of: <chapter><section><section><para>
3083 #. type: Content of: <chapter><section><section><para>
3086 "NMUs are uploads of packages by somebody else than their assigned "
3087 "maintainer. There is another type of upload where the uploaded package is "
3088 "not yours: QA uploads. QA uploads are uploads of orphaned packages."
3091 # type: Content of: <chapter><section><section><para>
3092 #. type: Content of: <chapter><section><section><para>
3095 "QA uploads are very much like normal maintainer uploads: they may fix "
3096 "anything, even minor issues; the version numbering is normal, and there is "
3097 "no need to use a delayed upload. The difference is that you are not listed "
3098 "as the Maintainer or Uploader for the package. Also, the changelog entry of "
3099 "a QA upload has a special first line:"
3102 #. type: Content of: <chapter><section><section><screen>
3105 msgid " * QA upload.\n"
3108 # type: Content of: <chapter><section><section><para>
3109 #. type: Content of: <chapter><section><section><para>
3112 "If you want to do an NMU, and it seems that the maintainer is not active, it "
3113 "is wise to check if the package is orphaned (this information is displayed "
3114 "on the package's Package Tracking System page). When doing the first QA "
3115 "upload to an orphaned package, the maintainer should be set to "
3116 "<literal>Debian QA Group <packages@qa.debian.org></literal>. Orphaned "
3117 "packages which did not yet have a QA upload still have their old maintainer "
3118 "set. There is a list of them at <ulink url=\"&url-orphaned-not-qa;\"/>."
3121 # type: Content of: <chapter><section><section><para>
3122 #. type: Content of: <chapter><section><section><para>
3125 "Instead of doing a QA upload, you can also consider adopting the package by "
3126 "making yourself the maintainer. You don't need permission from anybody to "
3127 "adopt an orphaned package, you can just set yourself as maintainer and "
3128 "upload the new version (see <xref linkend=\"adopting\"/>)."
3131 # type: Content of: <chapter><section><title>
3132 #. type: Content of: <chapter><section><title>
3134 msgid "Collaborative maintenance"
3137 # type: Content of: <chapter><section><para>
3138 #. type: Content of: <chapter><section><para>
3141 "Collaborative maintenance is a term describing the sharing of Debian package "
3142 "maintenance duties by several people. This collaboration is almost always a "
3143 "good idea, since it generally results in higher quality and faster bug fix "
3144 "turnaround times. It is strongly recommended that packages with a priority "
3145 "of <literal>Standard</literal> or which are part of the base set have co-"
3149 # type: Content of: <chapter><section><para>
3150 #. type: Content of: <chapter><section><para>
3153 "Generally there is a primary maintainer and one or more co-maintainers. The "
3154 "primary maintainer is the person whose name is listed in the "
3155 "<literal>Maintainer</literal> field of the <filename>debian/control</"
3156 "filename> file. Co-maintainers are all the other maintainers, usually "
3157 "listed in the <literal>Uploaders</literal> field of the <filename>debian/"
3158 "control</filename> file."
3161 # type: Content of: <chapter><section><para>
3162 #. type: Content of: <chapter><section><para>
3165 "In its most basic form, the process of adding a new co-maintainer is quite "
3169 # type: Content of: <chapter><section><itemizedlist><listitem><para>
3170 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3173 "Setup the co-maintainer with access to the sources you build the package "
3174 "from. Generally this implies you are using a network-capable version "
3175 "control system, such as <command>CVS</command> or <command>Subversion</"
3176 "command>. Alioth (see <xref linkend=\"alioth\"/> ) provides such tools, "
3180 # type: Content of: <chapter><section><itemizedlist><listitem><para>
3181 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3184 "Add the co-maintainer's correct maintainer name and address to the "
3185 "<literal>Uploaders</literal> field in the first paragraph of the "
3186 "<filename>debian/control</filename> file."
3189 #. type: Content of: <chapter><section><itemizedlist><listitem><screen>
3192 msgid "Uploaders: John Buzz <jbuzz@debian.org>, Adam Rex <arex@debian.org>\n"
3195 # type: Content of: <chapter><section><itemizedlist><listitem><para>
3196 #. type: Content of: <chapter><section><itemizedlist><listitem><para>
3199 "Using the PTS (<xref linkend=\"pkg-tracking-system\"/> ), the co-maintainers "
3200 "should subscribe themselves to the appropriate source package."
3203 # type: Content of: <chapter><section><para>
3204 #. type: Content of: <chapter><section><para>
3207 "Another form of collaborative maintenance is team maintenance, which is "
3208 "recommended if you maintain several packages with the same group of "
3209 "developers. In that case, the Maintainer and Uploaders field of each "
3210 "package must be managed with care. It is recommended to choose between one "
3211 "of the two following schemes:"
3214 # type: Content of: <chapter><section><orderedlist><listitem><para>
3215 #. type: Content of: <chapter><section><orderedlist><listitem><para>
3218 "Put the team member mainly responsible for the package in the Maintainer "
3219 "field. In the Uploaders, put the mailing list address, and the team members "
3220 "who care for the package."
3223 # type: Content of: <chapter><section><orderedlist><listitem><para>
3224 #. type: Content of: <chapter><section><orderedlist><listitem><para>
3227 "Put the mailing list address in the Maintainer field. In the Uploaders "
3228 "field, put the team members who care for the package. In this case, you "
3229 "must make sure the mailing list accept bug reports without any human "
3230 "interaction (like moderation for non-subscribers)."
3233 # type: Content of: <chapter><section><para>
3234 #. type: Content of: <chapter><section><para>
3237 "In any case, it is a bad idea to automatically put all team members in the "
3238 "Uploaders field. It clutters the Developer's Package Overview listing (see "
3239 "<xref linkend=\"ddpo\"/> ) with packages one doesn't really care for, and "
3240 "creates a false sense of good maintenance."
3243 # type: Content of: <chapter><section><title>
3244 #. type: Content of: <chapter><section><title>
3246 msgid "The testing distribution"
3249 # type: Content of: <chapter><section><section><title>
3250 #. type: Content of: <chapter><section><section><title>
3255 # type: Content of: <chapter><section><section><para>
3256 #. type: Content of: <chapter><section><section><para>
3259 "Packages are usually installed into the <literal>testing</literal> "
3260 "distribution after they have undergone some degree of <literal>testing</"
3261 "literal> in <literal>unstable</literal>."
3264 # type: Content of: <chapter><section><section><para>
3265 #. type: Content of: <chapter><section><section><para>
3268 "They must be in sync on all architectures and mustn't have dependencies that "
3269 "make them uninstallable; they also have to have generally no known release-"
3270 "critical bugs at the time they're installed into <literal>testing </"
3271 "literal>. This way, <literal>testing</literal> should always be close to "
3272 "being a release candidate. Please see below for details."
3275 # type: Content of: <chapter><section><section><title>
3276 #. type: Content of: <chapter><section><section><title>
3278 msgid "Updates from unstable"
3281 # type: Content of: <chapter><section><section><para>
3282 #. type: Content of: <chapter><section><section><para>
3285 "The scripts that update the <literal>testing</literal> distribution are run "
3286 "twice each day, right after the installation of the updated packages; these "
3287 "scripts are called <literal>britney</literal>. They generate the "
3288 "<filename>Packages</filename> files for the <literal>testing</literal> "
3289 "distribution, but they do so in an intelligent manner; they try to avoid any "
3290 "inconsistency and to use only non-buggy packages."
3293 # type: Content of: <chapter><section><section><para>
3294 #. type: Content of: <chapter><section><section><para>
3297 "The inclusion of a package from <literal>unstable</literal> is conditional "
3301 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3302 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3305 "The package must have been available in <literal>unstable</literal> for 2, 5 "
3306 "or 10 days, depending on the urgency (high, medium or low). Please note "
3307 "that the urgency is sticky, meaning that the highest urgency uploaded since "
3308 "the previous <literal>testing</literal> transition is taken into account. "
3309 "Those delays may be doubled during a freeze, or <literal>testing</literal> "
3310 "transitions may be switched off altogether;"
3313 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3314 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3317 "It must not have new release-critical bugs (RC bugs affecting the version "
3318 "available in <literal>unstable</literal>, but not affecting the version in "
3319 "<literal>testing</literal>);"
3322 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3323 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3326 "It must be available on all architectures on which it has previously been "
3327 "built in <literal>unstable</literal>. <xref linkend=\"dak-ls\"/> may be of "
3328 "interest to check that information;"
3331 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3332 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3335 "It must not break any dependency of a package which is already available in "
3336 "<literal>testing</literal>;"
3339 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3340 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3343 "The packages on which it depends must either be available in "
3344 "<literal>testing</literal> or they must be accepted into <literal>testing</"
3345 "literal> at the same time (and they will be if they fulfill all the "
3346 "necessary criteria);"
3349 # type: Content of: <chapter><section><section><para>
3350 #. type: Content of: <chapter><section><section><para>
3353 "To find out whether a package is progressing into <literal>testing</literal> "
3354 "or not, see the <literal>testing</literal> script output on the <ulink url="
3355 "\"&url-testing-maint;\">web page of the testing distribution</ulink>, or use "
3356 "the program <command>grep-excuses</command> which is in the <systemitem role="
3357 "\"package\">devscripts</systemitem> package. This utility can easily be "
3358 "used in a <citerefentry> <refentrytitle>crontab</refentrytitle> "
3359 "<manvolnum>5</manvolnum> </citerefentry> to keep yourself informed of the "
3360 "progression of your packages into <literal>testing</literal>."
3363 # type: Content of: <chapter><section><section><para>
3364 #. type: Content of: <chapter><section><section><para>
3367 "The <filename>update_excuses</filename> file does not always give the "
3368 "precise reason why the package is refused; you may have to find it on your "
3369 "own by looking for what would break with the inclusion of the package. The "
3370 "<ulink url=\"&url-testing-maint;\">testing web page</ulink> gives some more "
3371 "information about the usual problems which may be causing such troubles."
3374 # type: Content of: <chapter><section><section><para>
3375 #. type: Content of: <chapter><section><section><para>
3378 "Sometimes, some packages never enter <literal>testing</literal> because the "
3379 "set of inter-relationship is too complicated and cannot be sorted out by the "
3380 "scripts. See below for details."
3383 # type: Content of: <chapter><section><section><para>
3384 #. type: Content of: <chapter><section><section><para>
3387 "Some further dependency analysis is shown on <ulink url=\"http://release."
3388 "debian.org/migration/\"></ulink> — but be warned, this page also shows build "
3389 "dependencies which are not considered by britney."
3392 # type: Content of: <chapter><section><section><section><title>
3393 #. type: Content of: <chapter><section><section><section><title>
3398 # type: Content of: <chapter><section><section><section><para>
3399 #. FIXME: better rename this file than document rampant professionalism?
3400 #. type: Content of: <chapter><section><section><section><para>
3403 "For the <literal>testing</literal> migration script, outdated means: There "
3404 "are different versions in <literal>unstable</literal> for the release "
3405 "architectures (except for the architectures in fuckedarches; fuckedarches is "
3406 "a list of architectures that don't keep up (in <filename>update_out.py</"
3407 "filename>), but currently, it's empty). outdated has nothing whatsoever to "
3408 "do with the architectures this package has in <literal>testing</literal>."
3411 # type: Content of: <chapter><section><section><section><para>
3412 #. type: Content of: <chapter><section><section><section><para>
3414 msgid "Consider this example:"
3417 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3418 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3419 #: pkgs.dbk:2366 pkgs.dbk:2399
3423 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3424 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3425 #: pkgs.dbk:2367 pkgs.dbk:2400
3429 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3430 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3431 #: pkgs.dbk:2372 pkgs.dbk:2406 pkgs.dbk:2468
3435 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3436 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3437 #: pkgs.dbk:2373 pkgs.dbk:2378 pkgs.dbk:2407 pkgs.dbk:2408 pkgs.dbk:2415
3441 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3442 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3443 #: pkgs.dbk:2374 pkgs.dbk:2409 pkgs.dbk:2414
3447 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3448 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3449 #: pkgs.dbk:2377 pkgs.dbk:2412 pkgs.dbk:2469
3453 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3454 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3455 #: pkgs.dbk:2379 pkgs.dbk:2413
3459 # type: Content of: <chapter><section><section><section><para>
3460 #. type: Content of: <chapter><section><section><section><para>
3463 "The package is out of date on alpha in <literal>unstable</literal>, and will "
3464 "not go to <literal>testing</literal>. Removing the package would not help at "
3465 "all, the package is still out of date on <literal>alpha</literal>, and will "
3466 "not propagate to testing."
3469 # type: Content of: <chapter><section><section><section><para>
3470 #. type: Content of: <chapter><section><section><section><para>
3473 "However, if ftp-master removes a package in <literal>unstable</literal> "
3474 "(here on <literal>arm</literal>):"
3477 # type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3478 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><thead><row><entry>
3483 # type: Content of: <chapter><section><section><section><para>
3484 #. type: Content of: <chapter><section><section><section><para>
3487 "In this case, the package is up to date on all release architectures in "
3488 "<literal>unstable</literal> (and the extra <literal>hurd-i386</literal> "
3489 "doesn't matter, as it's not a release architecture)."
3492 # type: Content of: <chapter><section><section><section><para>
3493 #. type: Content of: <chapter><section><section><section><para>
3496 "Sometimes, the question is raised if it is possible to allow packages in "
3497 "that are not yet built on all architectures: No. Just plainly no. (Except "
3498 "if you maintain glibc or so.)"
3501 # type: Content of: <chapter><section><section><section><title>
3502 #. type: Content of: <chapter><section><section><section><title>
3504 msgid "Removals from testing"
3507 # type: Content of: <chapter><section><section><section><para>
3508 #. type: Content of: <chapter><section><section><section><para>
3511 "Sometimes, a package is removed to allow another package in: This happens "
3512 "only to allow <emphasis>another</emphasis> package to go in if it's ready in "
3513 "every other sense. Suppose e.g. that <literal>a</literal> cannot be "
3514 "installed with the new version of <literal>b</literal>; then <literal>a</"
3515 "literal> may be removed to allow <literal>b</literal> in."
3518 # type: Content of: <chapter><section><section><section><para>
3519 #. type: Content of: <chapter><section><section><section><para>
3522 "Of course, there is another reason to remove a package from <literal>testing "
3523 "</literal>: It's just too buggy (and having a single RC-bug is enough to be "
3527 # type: Content of: <chapter><section><section><section><para>
3528 #. type: Content of: <chapter><section><section><section><para>
3531 "Furthermore, if a package has been removed from <literal>unstable</literal>, "
3532 "and no package in <literal>testing</literal> depends on it any more, then it "
3533 "will automatically be removed."
3536 # type: Content of: <chapter><section><section><section><title>
3537 #. type: Content of: <chapter><section><section><section><title>
3539 msgid "circular dependencies"
3542 # type: Content of: <chapter><section><section><section><para>
3543 #. type: Content of: <chapter><section><section><section><para>
3546 "A situation which is not handled very well by britney is if package "
3547 "<literal>a</literal> depends on the new version of package <literal>b</"
3548 "literal>, and vice versa."
3551 # type: Content of: <chapter><section><section><section><para>
3552 #. type: Content of: <chapter><section><section><section><para>
3554 msgid "An example of this is:"
3557 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3558 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3563 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3564 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3566 msgid "1; depends: b=1"
3569 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3570 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3572 msgid "2; depends: b=2"
3575 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3576 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3581 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3582 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3584 msgid "1; depends: a=1"
3587 # type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3588 #. type: Content of: <chapter><section><section><section><informaltable><tgroup><tbody><row><entry>
3590 msgid "2; depends: a=2"
3593 # type: Content of: <chapter><section><section><section><para>
3594 #. type: Content of: <chapter><section><section><section><para>
3597 "Neither package <literal>a</literal> nor package <literal>b</literal> is "
3598 "considered for update."
3601 # type: Content of: <chapter><section><section><section><para>
3602 #. type: Content of: <chapter><section><section><section><para>
3605 "Currently, this requires some manual hinting from the release team. Please "
3606 "contact them by sending mail to &email-debian-release; if this happens to "
3607 "one of your packages."
3610 # type: Content of: <chapter><section><section><section><title>
3611 #. type: Content of: <chapter><section><section><section><title>
3613 msgid "influence of package in testing"
3616 # type: Content of: <chapter><section><section><section><para>
3617 #. type: Content of: <chapter><section><section><section><para>
3620 "Generally, there is nothing that the status of a package in <literal>testing "
3621 "</literal> means for transition of the next version from <literal>unstable </"
3622 "literal> to <literal>testing</literal>, with two exceptions: If the RC-"
3623 "bugginess of the package goes down, it may go in even if it is still RC-"
3624 "buggy. The second exception is if the version of the package in <literal> "
3625 "testing</literal> is out of sync on the different arches: Then any arch "
3626 "might just upgrade to the version of the source package; however, this can "
3627 "happen only if the package was previously forced through, the arch is in "
3628 "fuckedarches, or there was no binary package of that arch present in "
3629 "<literal>unstable </literal> at all during the <literal>testing</literal> "
3633 # type: Content of: <chapter><section><section><section><para>
3634 #. type: Content of: <chapter><section><section><section><para>
3637 "In summary this means: The only influence that a package being in <literal> "
3638 "testing</literal> has on a new version of the same package is that the new "
3639 "version might go in easier."
3642 # type: Content of: <chapter><section><section><section><title>
3643 #. type: Content of: <chapter><section><section><section><title>
3648 # type: Content of: <chapter><section><section><section><para>
3649 #. type: Content of: <chapter><section><section><section><para>
3651 msgid "If you are interested in details, this is how britney works:"
3654 # type: Content of: <chapter><section><section><section><para>
3655 #. type: Content of: <chapter><section><section><section><para>
3658 "The packages are looked at to determine whether they are valid candidates. "
3659 "This gives the update excuses. The most common reasons why a package is not "
3660 "considered are too young, RC-bugginess, and out of date on some arches. For "
3661 "this part of britney, the release managers have hammers of various sizes to "
3662 "force britney to consider a package. (Also, the base freeze is coded in "
3663 "that part of britney.) (There is a similar thing for binary-only updates, "
3664 "but this is not described here. If you're interested in that, please peruse "
3668 # type: Content of: <chapter><section><section><section><para>
3669 #. type: Content of: <chapter><section><section><section><para>
3672 "Now, the more complex part happens: Britney tries to update <literal>testing "
3673 "</literal> with the valid candidates. For that, britney tries to add each "
3674 "valid candidate to the testing distribution. If the number of uninstallable "
3675 "packages in <literal>testing</literal> doesn't increase, the package is "
3676 "accepted. From that point on, the accepted package is considered to be part "
3677 "of <literal>testing</literal>, such that all subsequent installability tests "
3678 "include this package. Hints from the release team are processed before or "
3679 "after this main run, depending on the exact type."
3682 # type: Content of: <chapter><section><section><section><para>
3683 #. type: Content of: <chapter><section><section><section><para>
3686 "If you want to see more details, you can look it up on <filename>merkel:/org/"
3687 "&ftp-debian-org;/testing/update_out/</filename> (or in <filename>merkel:~aba/"
3688 "testing/update_out</filename> to see a setup with a smaller packages file). "
3689 "Via web, it's at <ulink url=\"http://&ftp-master-host;/testing/"
3690 "update_out_code/\"></ulink>"
3693 # type: Content of: <chapter><section><section><section><para>
3694 #. type: Content of: <chapter><section><section><section><para>
3697 "The hints are available via <ulink url=\"http://&ftp-master-host;/testing/"
3698 "hints/\"></ulink>."
3701 # type: Content of: <chapter><section><section><title>
3702 #. type: Content of: <chapter><section><section><title>
3704 msgid "Direct updates to testing"
3707 # type: Content of: <chapter><section><section><para>
3708 #. type: Content of: <chapter><section><section><para>
3711 "The <literal>testing</literal> distribution is fed with packages from "
3712 "<literal>unstable</literal> according to the rules explained above. "
3713 "However, in some cases, it is necessary to upload packages built only for "
3714 "<literal> testing</literal>. For that, you may want to upload to <literal> "
3715 "testing-proposed-updates</literal>."
3718 # type: Content of: <chapter><section><section><para>
3719 #. type: Content of: <chapter><section><section><para>
3722 "Keep in mind that packages uploaded there are not automatically processed, "
3723 "they have to go through the hands of the release manager. So you'd better "
3724 "have a good reason to upload there. In order to know what a good reason is "
3725 "in the release managers' eyes, you should read the instructions that they "
3726 "regularly give on &email-debian-devel-announce;."
3729 # type: Content of: <chapter><section><section><para>
3730 #. type: Content of: <chapter><section><section><para>
3733 "You should not upload to <literal>testing-proposed-updates</literal> when "
3734 "you can update your packages through <literal>unstable</literal>. If you "
3735 "can't (for example because you have a newer development version in "
3736 "<literal>unstable </literal>), you may use this facility, but it is "
3737 "recommended that you ask for authorization from the release manager first. "
3738 "Even if a package is frozen, updates through <literal>unstable</literal> are "
3739 "possible, if the upload via <literal>unstable</literal> does not pull in any "
3743 # type: Content of: <chapter><section><section><para>
3744 #. type: Content of: <chapter><section><section><para>
3747 "Version numbers are usually selected by adding the codename of the "
3748 "<literal>testing</literal> distribution and a running number, like "
3749 "<literal>1.2sarge1</literal> for the first upload through <literal>testing-"
3750 "proposed-updates</literal> of package version <literal>1.2</literal>."
3753 # type: Content of: <chapter><section><section><para>
3754 #. type: Content of: <chapter><section><section><para>
3756 msgid "Please make sure you didn't miss any of these items in your upload:"
3759 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3760 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3763 "Make sure that your package really needs to go through <literal>testing-"
3764 "proposed-updates</literal>, and can't go through <literal> unstable</"
3768 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3769 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3771 msgid "Make sure that you included only the minimal amount of changes;"
3774 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3775 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3778 "Make sure that you included an appropriate explanation in the changelog;"
3781 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3782 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3785 "Make sure that you've written <literal>testing</literal> or <literal>testing-"
3786 "proposed-updates</literal> into your target distribution;"
3789 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3790 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3793 "Make sure that you've built and tested your package in <literal>testing</"
3794 "literal>, not in <literal>unstable</literal>;"
3797 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3798 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3801 "Make sure that your version number is higher than the version in "
3802 "<literal>testing</literal> and <literal>testing-proposed-updates</literal>, "
3803 "and lower than in <literal>unstable</literal>;"
3806 # type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3807 #. type: Content of: <chapter><section><section><itemizedlist><listitem><para>
3810 "After uploading and successful build on all platforms, contact the release "
3811 "team at &email-debian-release; and ask them to approve your upload."
3814 # type: Content of: <chapter><section><section><title>
3815 #. type: Content of: <chapter><section><section><title>
3817 msgid "Frequently asked questions"
3820 # type: Content of: <chapter><section><section><section><title>
3821 #. type: Content of: <chapter><section><section><section><title>
3823 msgid "What are release-critical bugs, and how do they get counted?"
3826 # type: Content of: <chapter><section><section><section><para>
3827 #. type: Content of: <chapter><section><section><section><para>
3830 "All bugs of some higher severities are by default considered release-"
3831 "critical; currently, these are <literal>critical</literal>, <literal>grave</"
3832 "literal> and <literal>serious</literal> bugs."
3835 # type: Content of: <chapter><section><section><section><para>
3836 #. type: Content of: <chapter><section><section><section><para>
3839 "Such bugs are presumed to have an impact on the chances that the package "
3840 "will be released with the <literal>stable</literal> release of Debian: in "
3841 "general, if a package has open release-critical bugs filed on it, it won't "
3842 "get into <literal>testing</literal>, and consequently won't be released in "
3843 "<literal> stable</literal>."
3846 # type: Content of: <chapter><section><section><section><para>
3847 #. type: Content of: <chapter><section><section><section><para>
3850 "The <literal>unstable</literal> bug count are all release-critical bugs "
3851 "which are marked to apply to <replaceable>package</replaceable>/"
3852 "<replaceable>version </replaceable> combinations that are available in "
3853 "unstable for a release architecture. The <literal>testing</literal> bug "
3854 "count is defined analogously."
3857 # type: Content of: <chapter><section><section><section><title>
3858 #. type: Content of: <chapter><section><section><section><title>
3861 "How could installing a package into <literal>testing</literal> possibly "
3862 "break other packages?"
3865 # type: Content of: <chapter><section><section><section><para>
3866 #. type: Content of: <chapter><section><section><section><para>
3869 "The structure of the distribution archives is such that they can only "
3870 "contain one version of a package; a package is defined by its name. So when "
3871 "the source package <literal>acmefoo</literal> is installed into "
3872 "<literal>testing</literal>, along with its binary packages <literal>acme-foo-"
3873 "bin</literal>, <literal> acme-bar-bin</literal>, <literal>libacme-foo1</"
3874 "literal> and <literal> libacme-foo-dev</literal>, the old version is removed."
3877 # type: Content of: <chapter><section><section><section><para>
3878 #. type: Content of: <chapter><section><section><section><para>
3881 "However, the old version may have provided a binary package with an old "
3882 "soname of a library, such as <literal>libacme-foo0</literal>. Removing the "
3883 "old <literal>acmefoo</literal> will remove <literal>libacme-foo0</literal>, "
3884 "which will break any packages which depend on it."
3887 # type: Content of: <chapter><section><section><section><para>
3888 #. type: Content of: <chapter><section><section><section><para>
3891 "Evidently, this mainly affects packages which provide changing sets of "
3892 "binary packages in different versions (in turn, mainly libraries). However, "
3893 "it will also affect packages upon which versioned dependencies have been "
3894 "declared of the ==, <=, or << varieties."
3897 # type: Content of: <chapter><section><section><section><para>
3898 #. type: Content of: <chapter><section><section><section><para>
3901 "When the set of binary packages provided by a source package change in this "
3902 "way, all the packages that depended on the old binaries will have to be "
3903 "updated to depend on the new binaries instead. Because installing such a "
3904 "source package into <literal>testing</literal> breaks all the packages that "
3905 "depended on it in <literal>testing</literal>, some care has to be taken now: "
3906 "all the depending packages must be updated and ready to be installed "
3907 "themselves so that they won't be broken, and, once everything is ready, "
3908 "manual intervention by the release manager or an assistant is normally "
3912 # type: Content of: <chapter><section><section><section><para>
3913 #. type: Content of: <chapter><section><section><section><para>
3916 "If you are having problems with complicated groups of packages like this, "
3917 "contact &email-debian-devel; or &email-debian-release; for help."