X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=pkgs.dbk;h=70b1cd132fb00555ab758fafe18e784b8850a829;hb=d3e25882f666bac7db86f4114b5d00c5a187150a;hp=e9b058a3e2486f6fa535671aedb3705c08bfad3c;hpb=7f2b8064fcbddda5c452be1a1be04723ebd42e1a;p=developers-reference.git
diff --git a/pkgs.dbk b/pkgs.dbk
index e9b058a..70b1cd1 100644
--- a/pkgs.dbk
+++ b/pkgs.dbk
@@ -48,6 +48,12 @@ new package in order for the bug report to be automatically closed once the new
package is installed in the archive (see ).
+If you think your package needs some explanations for the administrators of the
+NEW package queue, include them in your changelog, send to ftpmaster@debian.org
+a reply to the email you receive as a maintainer after your upload, or reply to
+the rejection email in case you are already re-uploading.
+
+
When closing security bugs include CVE numbers as well as the Closes: #nnnnn.
This is useful for the security team to track vulnerabilities. If an upload is
made to fix the bug before the advisory ID is known, it is encouraged to modify
@@ -217,23 +223,25 @@ distinction between the original sources and the patches applied for Debian
the (more common) packages where there's an original source tarball file
-accompanied by another file that contains the patches applied for Debian
+accompanied by another file that contains the changes made by Debian
For the native packages, the source package includes a Debian source control
file (.dsc) and the source tarball
-(.tar.gz). A source package of a non-native package
+(.tar.{gz,bz2,lzma}). A source package of a non-native package
includes a Debian source control file, the original source tarball
-(.orig.tar.gz) and the Debian patches
-(.diff.gz).
+(.orig.tar.{gz,bz2,lzma}) and the Debian changes
+(.diff.gz for the source format â1.0â or
+.debian.tar.{gz,bz2,lzma} for the source format â3.0 (quilt)â).
-Whether a package is native or not is determined when it is built by
- dpkg-buildpackage
-1 . The rest of this section relates
-only to non-native packages.
+With source format â1.0â, whether a package is native or not was determined
+by dpkg-source at build time. Nowadays it is recommended
+to be explicit about the desired source format by putting either â3.0 (quilt)â
+or â3.0 (native)â in debian/source/format.
+The rest of this section relates only to non-native packages.
The first time a version is uploaded which corresponds to a particular upstream
@@ -245,8 +253,8 @@ will not need to be re-uploaded.
By default, dpkg-genchanges and
dpkg-buildpackage will include the original source tar file
-if and only if the Debian revision part of the source version number is 0 or 1,
-indicating a new upstream version. This behavior may be modified by using
+if and only if the current changelog entry has a different upstream version
+from the preceding entry. This behavior may be modified by using
-sa to always include it or -sd to always
leave it out.
@@ -259,8 +267,10 @@ the archive.
Please notice that, in non-native packages, permissions on files that are not
-present in the .orig.tar.gz will not be preserved, as diff does not store file
-permissions in the patch.
+present in the .orig.tar.{gz,bz2} will not be preserved, as diff does not store file
+permissions in the patch. However when using source format â3.0 (quilt)â,
+permissions of files inside the debian directory are
+preserved since they are stored in a tar archive.
@@ -291,7 +301,7 @@ time.
Special case: uploads to the stable and
oldstable distributions
-Uploading to stable means that the package will transfered
+Uploading to stable means that the package will transferred
to the proposed-updates-new queue for review by the stable
release managers, and if approved will be installed in
stable-proposed-updates directory of the Debian archive.
@@ -376,9 +386,9 @@ section for details.
Uploading to ftp-master
To upload a package, you should upload the files (including the signed changes
-and dsc-file) with anonymous ftp to &ftp-master-host; in
+and dsc-file) with anonymous ftp to &ftp-upload-host; in
the directory &upload-queue;.
+url="ftp://&ftp-upload-host;&upload-queue;">&upload-queue;.
To get the files processed there, they need to be signed with a key in the
Debian Developers keyring or the Debian Maintainers keyring
(see ).
@@ -394,7 +404,8 @@ linkend="dput"/> useful when uploading packages. These handy programs help
automate the process of uploading packages into Debian.
-For removing packages, please see the README file in that ftp directory, and
+For removing packages, please see
+ and
the Debian package .
@@ -416,9 +427,9 @@ the deferred uploads queue".
When the specified waiting time is over, the package is moved into
the regular incoming directory for processing.
This is done through automatic uploading to
-&ftp-master-host; in upload-directory
+&ftp-upload-host; in upload-directory
DELAYED/[012345678]-day. 0-day is uploaded
-multiple times per day to &ftp-master-host;.
+multiple times per day to &ftp-upload-host;.
With dput, you can use the --delayed DELAY
@@ -441,19 +452,16 @@ see section .
Other upload queues
-The scp queues on &ftp-master-host;, and
-security.debian.org are mostly unusable due to the login restrictions
-on those hosts.
-
-
-The anonymous queues on ftp.uni-erlangen.de and ftp.uk.debian.org are currently
-down. Work is underway to resurrect them.
+There is an alternative upload queue in Europe at . It operates in
+the same way as &ftp-upload-host;, but should be faster
+for European developers.
-The queues on master.debian.org, samosa.debian.org, master.debian.or.jp, and
-ftp.chiark.greenend.org.uk are down permanently, and will not be resurrected.
-The queue in Japan will be replaced with a new queue on hp.debian.or.jp some
-day.
+Packages can also be uploaded via ssh to
+&ssh-upload-host;; files should be put
+/srv/upload.debian.org/UploadQueue. This queue does
+not support delayed uploads.
@@ -511,10 +519,13 @@ file.
To alter the actual section that a package is put in, you need to first make
sure that the debian/control file in your package is
-accurate. Next, send an email &email-override; or submit a
+accurate. Next, submit a
bug against ftp.debian.org requesting
that the section or priority for your package be changed from the old section
-or priority to the new one. Be sure to explain your reasoning.
+or priority to the new one. Use a Subject like
+override: PACKAGE1:section/priority, [...],
+ PACKAGEX:section/priority, and include the justification for the
+change in the body of the bug report.
For more information about override files, see
@@ -1151,7 +1162,7 @@ upload without upstream source ( dpkg-buildpackage -sd).
Be sure to use the exact same
-*.orig.tar.gz as used in the
+*.orig.tar.{gz,bz2} as used in the
normal archive, otherwise it is not possible to move the security fix into the
main archives later.
@@ -1237,7 +1248,7 @@ control information to place the package in the desired section, and re-upload
the package (see the Debian Policy Manual for
details). You must ensure that you include the
-.orig.tar.gz in your upload (even if you are not uploading
+.orig.tar.{gz,bz2} in your upload (even if you are not uploading
a new upstream version), or it will not appear in the new section together with
the rest of the package. If your new section is valid, it will be moved
automatically. If it does not, then contact the ftpmasters in order to
@@ -1338,6 +1349,10 @@ should either be reassigned to another package in the case where the actual
code has evolved into another package (e.g. libfoo12 was
removed because libfoo13 supersedes it) or closed if the
software is simply no longer part of Debian.
+When closing the bugs,
+to avoid marking the bugs as fixed in versions of the packages
+in previous Debian releases, they should be marked as fixed
+in the version <most-recent-version-ever-in-Debian>+rm.
Removing packages from Incoming
@@ -1382,9 +1397,10 @@ Note that this applies to each part of your package, including the sources: if
you wish to replace the upstream source tarball of your package, you will need
to upload it with a different version. An easy possibility is to replace
foo_1.00.orig.tar.gz with
-foo_1.00+0.orig.tar.gz. This restriction gives each file
-on the ftp site a unique name, which helps to ensure consistency across the
-mirror network.
+foo_1.00+0.orig.tar.gz or
+foo_1.00.orig.tar.bz2. This restriction gives each
+file on the ftp site a unique name, which helps to ensure consistency
+across the mirror network.
@@ -1781,9 +1797,17 @@ flavor of Debian built with gcc bounds checking). It will
also enable Debian to recompile entire distributions quickly.
-The buildds admins of each arch can be contacted at the mail address
-arch@buildd.debian.org.
+The wanna-build team, in charge of the buildds,
+can be reached at debian-wb-team@lists.debian.org.
+To determine who (wanna-build team, release team) and how (mail, BTS)
+to contact, refer to .
+
+
+When requesting binNMUs or give-backs (retries after a failed build),
+please use the format described at .
+
+
@@ -1983,18 +2007,33 @@ upload. The first line of this entry must explicitely mention that this upload
-The version must be the version of the last maintainer upload, plus
+The way to version NMUs differs for native and non-native packages.
+
+
+If the package is a native package (without a debian revision in the version number),
+the version must be the version of the last maintainer upload, plus
+nmuX, where
-X is a counter starting at 1. If
+X is a counter starting at 1.
+If
the last upload was also an NMU, the counter should be increased. For example,
-if the current version is 1.5-1, then an NMU would get
-version 1.5-1+nmu1. If the current version is
-1.5+nmu3 (a native package which has already been NMUed), the
-NMU would get version 1.5+nmu4. If a new upstream version
+if the current version is 1.5, then an NMU would get
+version 1.5+nmu1.
+
+
+If the package is a not a native package, you should add a minor version number
+to the debian revision part of the version number (the portion after the last
+hyphen). This extra number must start at 1. For example,
+if the current version is 1.5-2, then an NMU would get
+version 1.5-2.1. If a new upstream version
is packaged in the NMU, the debian revision is set to 0, for
-example 1.6-0+nmu1.
+example 1.6-0.1.
+
+
+In both cases, if the last upload was also an NMU, the counter should
+be increased. For example, if the current version is
+1.5+nmu3 (a native package which has already been
+NMUed), the NMU would get version 1.5+nmu4. .
-
A special versioning scheme is needed to avoid disrupting the maintainer's
work, since using an integer for the Debian revision will potentially