<!--
TODO:
- bugs in upstream versions should be reported upstream!
- - fill in ftp and www server discussion
- - porter instructions - - volunteers needed for this x86-centric maintainer!
+ - porter instructions - - volunteers needed for this x86-centric
+ maintainer!
+ - add information on how to get accounts on different architectures
- talk about CVS access
-->
<author>Adam P. Harris, current maintainer <email/aph@debian.org/
<author>Christian Schwarz <email/schwarz@debian.org/
<author>Ian Jackson <email/ijackson@gnu.ai.mit.edu/
- <version>version &version;, &date;
+ <version>ver. &version;, &date;
<copyright>
+ <copyrightsummary><p>
Copyright ©1998 Adam P. Harris. Copyright ©1997,1998
Christian Schwarz.
<p>
the Debian package or how to generate Debian packages; that is
discussed in the <url
id="http://www.debian.org/doc/packaging-manuals/packaging.html/"
-name="Debian Packaging Manual">. Nor is this reference intended to
-give details on standards for how Debian software must behave, which
-is documented in the <url
-id="http://www.debian.org/doc/debian-policy/" name="Debian Policy
-Manual">.
+name="Debian Packaging Manual">. Neither does this reference detail
+the standards to which Debian software must comply; that information
+can be found in the <url id="http://www.debian.org/doc/debian-policy/"
+name="Debian Policy Manual">.
<chapt id="new-maintainer">Applying to Become a Maintainer
<sect>Getting started
<p>
So, you've read all the documentation, you understand what everything
-in the <prgn/hello/ example package is for, and you're about to
+in the <package/hello/ example package is for, and you're about to
Debianize your favourite piece of software. How do you actually
become a Debian developer so that your work can be incorporated into
the Project?
<p>
Firstly, subscribe to <email/debian-devel@lists.debian.org/ if you
haven't already. Send the word <tt/subscribe/ in the <em/Subject/ of
-a mail to <email/debian-devel-REQUEST@lists.debian.org/. In case of
+an email to <email/debian-devel-REQUEST@lists.debian.org/. In case of
problems, contact the list administrator at
<email/listmaster@lists.debian.org/. More information on available
mailing lists can be found in <ref id="mailing-lists">.
Your name.
<item>
Your preferred login name on <tt/master/ (seven characters or
-less<footnote>Can anyone clarify for me why logins on <tt>master</tt>
-cannot be eight characters?</footnote> ), as well as the email address
-at which you'd prefer to be subscribed to
+less<footnote>It is not clear to the author why logins on
+<tt>master</tt> cannot be eight characters or greater. If anyone can
+clarify why, I would appreciate it.</footnote>), as well as the email
+address at which you'd prefer to be subscribed to
<email/debian-private@lists.debian.org/ (typically this will be either
your primary mail address or your new <tt>debian.org</tt> address).
<item>
-A phone number where we can call you.
+A phone number where we can call you. Remember that the new
+maintainer team usually calls during evening hours to save on long
+distance tolls. Please do not give a work number, unless you are
+generally there in the evening.
<item>
A statement of intention, that is, what package(s) you intend to work
on, which Debian port you will be assisting, or how you intend to
If emailed, please sign the mail with your PGP key.
</list>
</list>
+ <p>
If you do not have a PGP key yet, generate one. Every developer needs
a PGP key in order to sign and verify package uploads. You should read
the PGP manual, since it has much important information which is
critical to its security. Many more security failures are due to
human error than to software failure or high-powered spy techniques.
<p>
+Our standard is to use <prgn>pgp</prgn> version 2.x. You can use
+<prgn/pgp/ version 5, if and only if you make an RSA key. Note that
+we are also working with the <prgn/gpg/ team so that we can have a
+free alternative to PGP; however, this may take a little bit of time.
+ <p>
Your PGP key must be at least 1024 bits long. There is no reason to
use a smaller key, and doing so would be much less secure. Your key
must be signed with at least your own user ID. This prevents user ID
-tampering. You can do it by executing `<tt>pgp -ks
-<var/your_userid/</tt>'.
+tampering. You can do it by executing <tt>pgp -ks
+<var/your_userid/</tt>.
<p>
If your PGP key isn't on public PGP key servers such as
<tt>pgp.net</tt>, please read the documentation available locally
<tt>/usr/doc/pgp/keyserv.doc</tt>. That document contains
-instructions on how to put your key on the public keyservers.
+instructions on how to put your key on the public key servers.
<p>
Due to export restrictions by the United States government some Debian
packages, including PGP, have been moved to an ftp site outside of the
Some countries restrict the use of cryptographic software by their
citizens. This need not impede one's activities as a Debian package
maintainer however, as it may be perfectly legal to use cryptographic
-products for authenication, rather than encryption purposes (as is
+products for authentication, rather than encryption purposes (as is
the case in France). The Debian Project does not require the use of
cryptography <em/qua/ cryptography in any manner. If you live in a
country where use of cryptography even for authentication is forbidden
available on public key servers, send a message to
<email/new-maintainer@debian.org/ to register as an offical Debian
developer so that you will be able to upload your packages. This
-message must all the information discussed above. The message must
-also contain your PGP or RSA public key (extracted using <tt>pgp
--kxa</tt> in the case of PGP; note that <tt/gpg/ integration is
-underway) for the database of keys which is distributed from
-<ftpsite/ftp.debian.org/ in
+message must contain all the information discussed above. The message
+must also contain your PGP or RSA public key (extracted using <tt>pgp
+-kxa</tt> in the case of PGP) for the database of keys which is
+distributed from <ftpsite/ftp.debian.org/ in
<ftppath>/pub/debian/doc/debian-keyring.tar.gz</ftppath>, or the
-<prgn>debian-keyring</prgn> package). Please be sure to sign your
+<package/debian-keyring/ package. Please be sure to sign your
request message with your chosen PGP or RSA key.
<p>
Once this information is received and processed, you should be
contacted with information about your new Debian maintainer account.
-If you don't hear anything within 7-14 days, please re-send your
-original message--the new-maintainer volunteers are typically
-overworked, and mistakes do occasionally happen.
+If you don't hear anything within 7-14 days, please send a followup
+message asking if your original application was received. Do not
+re-send your original application, that will just confuse the
+new-maintainer team. Please be patient, especially near release
+points; mistakes do occasionally happen, and people do sometimes run
+out of volunteer time.
<sect id="mentors">Debian Mentors
<p>
-There is a mailing list called <email/debian-mentors@lists.debian.org/
-which has been set up for novice maintainers who seek help with
-initial packaging and other developer-related issues. Every new
-developer is invited to subscribe to that list (see <ref
-id="mailing-lists"> for details).
+A mailing list called <email/debian-mentors@lists.debian.org/ which
+has been set up for novice maintainers who seek help with initial
+packaging and other developer-related issues. Every new developer is
+invited to subscribe to that list (see <ref id="mailing-lists"> for
+details).
<p>
-Those who prefer one-on-one help (e.g., via private emails) should
+Those who prefer one-on-one help (e.g., via private email) should
also post to that list and an experienced developer will volunteer to
help.
id="http://www.debian.org/MailingLists/subscribe">, <url
id="ftp://ftp.debian.org/debian/doc/mailing-lists.txt"> or locally in
<tt>/usr/doc/debian/mailing-lists.txt</tt> if you have the
-<prgn>doc-debian</prgn> package installed.
+<package>doc-debian</package> package installed.
<p>
When replying to messages on the mailing list, please do not send
a carbon copy (<tt/CC/--this does not mean `courtesy copy') to
id="http://www.debian.org/Lists-Archives/">.
- <sect>The master server
+ <sect id="servers-master">The master server
+ <p>
+The master server, <tt/master.debian.org/, holds the canonical copy
+of the Debian archive (excluding the non-U.S. packages). Generally,
+package uploads go to this server; see <ref id="upload">.
+ <p>
+<tt/master.debian.org/ is the canonical location for the Bug Tracking
+System (BTS). If you plan on doing some statistical analysis or
+processing of Debian bugs, this would be the place to do it. Please
+describe your plans on <email/debian-devel@lists.debian.org/ before
+implementing anything, however, to reduce unnecessary duplication of
+effort or wasted processing time.
<p>
-The master server, <tt/master.debian.org/, holds the cannonical copy
-of the Debian archive (excluding the non-U.S. packages). Generally,
-package uploads go to this server; cf. <ref id="upload">. All Debian
-developers have accounts on this machine.
+All Debian developers have accounts on <tt/master.debian.org/. Please
+take care to protect your password to this machine. Try to avoid
+login or upload methods which send passwords over the Internet in the
+clear.
+ <p>
+If you find a problem with <tt/master.debian.org/ such as disk full,
+suspicious activity, or whatever, send an email to
+<email>debian-admin@debian.org</email>.
- <sect>The FTP servers
+ <sect id="servers-ftp">The FTP servers
<p>
- <sect>The WWW servers
+ <sect id="servers-www">The WWW servers
+ <p>
+The main web server, <tt/www.debian.org/, is also known as
+<tt/va.debian.org/. All developers are given accounts on this
+machine.
<p>
+If you have some Debian-specific information which you want to serve
+up on the web, you can do do this by putting material in the
+<tt>public_html</tt> directory under your home directory. You can do
+this on either <tt/va.debian.org/ or <tt/master.debian.org/. Any
+material you put in those areas are accessible via the URLs
+<tt>http://www.debian.org/~<var>user-id</var>/</tt> and
+<tt>http://master.debian.org/~<var>user-id</var>/</tt>, respectively.
+Please do <em>not</em> put any materials on Debian servers which do
+not relate to Debian.
+ <p>
+If you find a problem with the Debian web server, you should generally
+submit a bug against the pseudo-package,
+<package>www.debian.org</package>. First check whether or not someone
+else has already reported the problem on the <url
+id="http://www.debian.org/Bugs/db/pa/lwww.debian.org.html" name="Bug
+Tracking System">.
+
+ <sect id="servers-cvs">The CVS server
+ <p>
+<tt/cvs.debian.org/ is also known as <tt/va.debian.org/, discussed
+above. If you need the use of a publically accessible CVS server, for
+instance, to help coordinate work on a package between many different
+developers, you can request a CVS area on the server. Generally,
+<tt/cvs.debian.org/ offers a combination of local CVS access,
+anonymous client-server read-only access, and full client-server
+access through <prgn>ssh</prgn>.
+ <p>
+To request a CVS area, send a request via email to
+<email>debian-admin@debian.org</email>.
+
+
+ <sect id="servers-mirrors">Mirrors of Debian servers
+ <p>
+The web and FTP servers have several mirrors available. Please do not
+put heavy load on the canonical FTP or web servers. Ideally, the
+canonical servers only mirror out to a first tier of mirrors, and all
+user access is to the mirrors. This allows Debian to better spread
+our bandwidth requirements over several servers and networks. Note
+that newer push mirroring techniques ensure that mirrors are as
+up-to-date as they can be.
+ <p>
+The main web page listing the available public FTP (and, usually,
+HTTP) servers can be found at <url
+id="http://www.debian.org/distrib/ftplist">. More information
+concerning mirrors can be found at <url
+id="http://www.debian.org/devel/mirror/">. This useful page includes
+information and tools which can be helpful if you are interested in
+setting up your own mirror, either for internal or public access.
+ <p>
+Note that mirrors are generally run by third-parties who are
+interested in helping Debian. As such, developers generally do not
+have accounts on these machines.
<chapt id="archive">The Debian Archive
main/binary-i386/admin/
main/binary-i386/base/
...
-main/binary-m86k
-main/binary-m86k/admin/
-main/binary-m86k/base/
+main/binary-m68k
+main/binary-m68k/admin/
+main/binary-m68k/base/
...
main/source/
main/source/admin/
contrib/
contrib/binary-all/
contrib/binary-i386/
-contrib/binary-m86k/
+contrib/binary-m68k/
...
contrib/source/
non-free/
non-free/binary-all/
non-free/binary-i386/
-non-free/binary-m86k/
+non-free/binary-m68k/
...
non-free/source/
</example>
<p>
As you can see, the top-level directory of the distribution contains
three directories, namely <em>main</>, <em>contrib</>, and
-<em>non-free</>. These directories are called <em>sections</>.
+p<em>non-free</>. These directories are called <em>sections</>.
<p>
In each section, there is a directory with the source packages
(source), a directory for each supported architecture (binary-i386,
-binary-m86k, etc.), and a directory for architecture independent
+binary-m68k, etc.), and a directory for architecture independent
packages (binary-all).
<p>
The <em/main/ section contains additional directories which holds the
fail other requirements. For instance, they might depend on non-free
packages.
<p>
-(The <url id="http://www.debian.org/doc/debian-policy/" name="Debian
+The <url id="http://www.debian.org/doc/debian-policy/" name="Debian
Policy Manual"> contains a more exact definition of the three
-sections. The above discussion is just an introduction.)
+sections. The above discussion is just an introduction.
<p>
The separation of the three sections at the top-level of the archive
is important for all people who want to distribute Debian, either via
could do grave damage to a system, it might be better to put it into
<em/experimental/.
<p>
-For instance, an experimental encrypted filesystem should probably go
+For instance, an experimental encrypted file system should probably go
into experimental. A new, beta, version of some software which uses
completely different configuration might go into experimental at the
maintainer's discretion. New software which isn't likely to damage
testing, before it is actually included in <em/stable/. Also note
that it never makes sense to combine the <em/experimental/
distribution with anything else.
-
<p>
The first time a version is uploaded which corresponds to a particular
upstream version the original source tar file should be uploaded and
Make sure you try the following activities (you'll need to have an
older version of the Debian package around).
<list>
- <item> install the package and make sure the software
- works, or upgrade the package from an older version to
- your new version if a Debian package for it already
- exists
-
- <item> downgrade the package to the previous version
- (if one exists) -- this tests the <tt/postrm/ and
- <tt/prerm/ scripts
-
- <item> remove the package
-
- <item> run <prgn/lintian/ over the package. You can run
- <prgn/lintian/ as follows: <tt>lintian -v
- <var>package-NN</var>.changes</tt>. This will check the
- source package as well as the binary package. If you
- don't understand the output that <prgn/lintian/
- generates, try adding the <tt/-i/ switch, which will
- cause <prgn/lintian/ to output a very verbose
- description of the problem.
+ <item>
+Install the package and make sure the software works, or upgrade the
+package from an older version to your new version if a Debian package
+for it already exists.
+
+ <item>
+Run <prgn/lintian/ over the package. You can run <prgn/lintian/ as
+follows: <tt>lintian -v <var>package-NN</var>.changes</tt>. This will
+check the source package as well as the binary package. If you don't
+understand the output that <prgn/lintian/ generates, try adding the
+<tt/-i/ switch, which will cause <prgn/lintian/ to output a very
+verbose description of the problem.
+ <p>
+Normally, a package should <em/not/ be uploaded if it causes lintian
+to emit errors (they will start with <tt/E/).
+ <p>
+For more information on <prgn/lintian/, see <ref id="lintian">.
+ <item>
+Downgrade the package to the previous version (if one exists) -- this
+tests the <tt/postrm/ and <tt/prerm/ scripts.
+
+ <item>
+Remove the package, then reinstall it.
</list>
not sure whether U.S. export controls apply to your package, post a
message to <email/debian-devel@lists.debian.org/ and ask.
<p>
-You may also find the Debian package <prgn/dupload/ useful when
+You may also find the Debian package <package/dupload/ useful when
uploading packages. This handy program is distributed with defaults
for uploading via <prgn/ftp/ to <tt/master/, <tt/chiark/, and
<tt/erlangen/. It can also be configured to use <prgn/ssh/. See
transfer the files via anonymous ftp to <url
id="ftp://non-us.debian.org/pub/debian-non-US/Incoming">. Note, that
the <tt>.changes</tt> file must have a valid PGP signature from one of
-the keys of the developers keyring.
+the keys of the developers key-ring.
<sect>Announcing package uploads
should be posted to <email/debian-devel-changes@lists.debian.org/
instead.
<p>
-On occassion, it is necessary to upload a package to both the <tt/stable/
+On occasion, it is necessary to upload a package to both the <tt/stable/
and <tt/unstable/ distributions; this is done by putting both distributions
in the <tt/Distribution:/ line. In such a case the upload announcement
should go to both of the above mailing lists.
set the severity of the bugs fixed in the NMU to "fixed". This
ensures that everyone knows that the bug was fixed in an NMU; however
the bug is left open until the changes in the NMU are incorporated
-"officially" into the package by the offical package maintainer.
+"officially" into the package by the official package maintainer.
<p>
The normal maintainer should do at least one of the following:
<list compact>
details). Carefully examine the installation log sent to you when the
package is installed into the archive. If for some reason the old
location of the package remains, file a bug against
-<prgn/ftp.debian.org/ asking that the old location be removed. Give
+<tt/ftp.debian.org/ asking that the old location be removed. Give
details on what you did, since it might be a <prgn/dinstall/ bug.
<sect>Removing packages
<p>
If for some reason you want to completely remove a package (say, if it
-is an old compatability library which is not longer required), you
-need to file a bug against <prgn/ftp.debian.org/ asking that the
+is an old compatibility library which is not longer required), you
+need to file a bug against <tt/ftp.debian.org/ asking that the
package be removed. Make sure you indicate which distribution the
package should be removed from.
<p>
id="http://www.debian.org/doc/packaging-manuals/packaging.html/"
name="Debian Packaging Manual"> for details). Once you've uploaded
that package, and the package has moved into the archive, file a bug
-against <prgn/ftp.debian.org/ asking to remove the package with the
+against <tt/ftp.debian.org/ asking to remove the package with the
obsolete name.
Maintainers interact with the BTS via email addresses at
<tt/bugs.debian.org/. Documentation on available commands can be
found at <url id="http://www.debian.org/Bugs/">, or, if you have
-installed the <prgn/debian-doc/ package, you can look at the local
+installed the <package/debian-doc/ package, you can look at the local
files <tt>/usr/doc/debian/bug-*</tt>.
<p>
Often as a package maintainer, you find bugs in other packages or else
<sect id="lintian-reports">Lintian reports
<p>
-You should periodically get the new <prgn/lintian/ from `unstable' and
+You should periodically get the new <package/lintian/ from `unstable' and
check over all your packages. Alternatively you can check for your
maintainer email address at the <url
id="http://www.debian.org/lintian/" name="online lintian report">.
That report, which is updated automatically, contains <prgn/lintian/
reports against the latest version of the distribution (usually from
-'unstable') using the latest <prgn/lintian/.
+'unstable') using the latest <package/lintian/.
<sect>Reporting lots of bugs at once
bug report is not forwarded to the bug distribution mailing list.
- <chapt id="tools">Whirlwind Tour of Debian Maintainer Tools
+ <chapt id="tools">Overview of Debian Maintainer Tools
<p>
This section contains a rough overview of the tools available to
maintainers. These tools are meant to help convenience developers and
free their time for critical tasks.
<p>
Some people prefer to use high-level package maintenance tools and
-some do not. Debian is officially agnostic on this issue, other than
-making the attempt to accomodate the reasonable wishes of developers.
-Therefore, this section is not meant to stipulate to anyone which
-tools they should use or how they should go about with their duties of
-maintainership. Nor is it meant to endorse any particular tool to the
-exclusion of a competing tool.
+some do not. Debian is officially agnostic on this issue; any tool
+which gets the job done is fine. Therefore, this section is not meant
+to stipulate to anyone which tools they should use or how they should
+go about with their duties of maintainership. Nor is it meant to
+endorse any particular tool to the exclusion of a competing tool.
<p>
Most of the descriptions of these packages come from the actual
package descriptions themselves.
<sect id="dpkg-dev">
- <heading><prgn>dpkg-dev</prgn>
+ <heading><package/dpkg-dev/
<p>
-<prgn>dpkg-dev</prgn> contains the tools (including
+<package/dpkg-dev/ contains the tools (including
<prgn/dpkg-source/) required to unpack, build and upload Debian source
packages. These utilities contain the fundamental, low-level
functionality required to create and manipulated packages; as such,
they are required for any Debian maintainer.
<sect id="lintian">
- <heading><prgn>lintian</prgn>
+ <heading><package/lintian/
<p>
-<prgn>Lintian</prgn> dissects Debian packages and reports bugs and
+<package/Lintian/ dissects Debian packages and reports bugs and
policy violations. It contains automated checks for many aspects of
Debian policy as well as some checks for common errors. The use of
-<prgn>lintian</prgn> has already been discussed in <ref
+<package/lintian/ has already been discussed in <ref
id="upload-checking"> and <ref id="lintian-reports">.
<sect id="debhelper">
- <heading><prgn>debhelper</prgn>
+ <heading><package/debhelper/
<p>
-<prgn>debhelper</prgn> is a collection of programs that can be used in
+<package/debhelper/ is a collection of programs that can be used in
<tt>debian/rules</tt> to automate common tasks related to building
binary Debian packages. Programs are included to install various files
into your package, compress files, fix file permissions, integrate
your package with the Debian menu system.
<p>
-Unlike <prgn>debmake</prgn>, <prgn>debhelper</prgn> is broken into
+Unlike <package/debmake/, <package/debhelper/ is broken into
several small, granular commands which act in a consistent manner. As
such, it allows a greater granularity of control than
-<prgn>debmake</prgn>.
+<package/debmake/.
<sect id="debmake">
- <heading><prgn>debmake</prgn>
+ <heading><package/debmake/
<p>
-<prgn>debmake</prgn>, a pre-cursor to <prgn>debhelper</prgn>, is a
+<package/debmake/, a pre-cursor to <package/debhelper/, is a
less granular <tt>debian/rules</tt> assistant. It includes two main
programs: <prgn>deb-make</prgn>, which can be used to help a
maintainer convert a regular (non-Debian) source archive into a Debian
source package; and <prgn>debstd</prgn>, which incorporates in one big
shot the same sort of automated functions that one finds in
-<prgn>debhelper</prgn>.
+<package/debhelper/.
<sect id="cvs-buildpackage">
- <heading><prgn>cvs-buildpackage</prgn>
+ <heading><package/cvs-buildpackage/
<p>
-<prgn>cvs-buildpackage</prgn> provides the capability to inject or
+<package/cvs-buildpackage/ provides the capability to inject or
import Debian source packages into a CVS repository, build a Debian
package from the CVS repository, and helps in integrating upstream
changes into the repository.
version control system.
<sect id="dupload">
- <heading><prgn>dupload</prgn>
+ <heading><package/dupload/
<p>
-<prgn>dupload</prgn> is a package and a script to automagically upload
+<package/dupload/ is a package and a script to automagically upload
Debian packages to the Debian archive, to log the upload, and to send
mail about the upload of a package. You can configure it for new
upload locations or methods.
~ianmdlvl / developers-reference.git / blobdiff