[lubuntu-users] Lubuntu's repository

Joe Smith justman111111 at gmail.com
Sun Nov 12 02:01:24 UTC 2017

Hi y'all,

Yes I was the one at IRC and asked this question. Thanks for letting me
know :) Are there other repositories that are free as in freedom that allow
any users to upload content directly to it, even if it contained illegal
stuff (such as connecting users to blackmarkets (such as drugs and
ammunition stores etc)), not that I plan to off course download such
content but was rather curious if such a repository exists?


On Sun, Nov 12, 2017 at 12:50 PM, Israel <israeldahl at gmail.com> wrote:

> Hi (inline below)
> On 11/11/2017 12:43 PM, Simon Quigley wrote:
> > Hello,
> >
> > A couple corrections here.
> >
> > On 11/11/2017 12:23 PM, Israel wrote:
> > ....
> > We have some differences, for example, Ubuntu extends Debian's Britney
> > tool to provide extra verification such as running autopkgtests and
> > installability tests before releasing for general installability. This
> > is done via use of a -proposed partial suite, and then when ready, it
> > migrates for people to install. Debian is different in that once
> > something is uploaded to Unstable, binaries become available as soon as
> > they are done building, so stability is not guaranteed.
> I did not realize this, thanks for the extra information here.  That is
> even more robust than I initially realized!
> >> They use lintian for the Debian package lint checks,and
> >> pbuilber to compile it
> > Actually, this is incorrect. Launchpad uses sbuild to build the
> > packages, then once that is done, the binaries get published to the
> > -proposed pocket. Then from there, in this order, package suitability
> > for general installation is determined:
> >  1. If the package has autopkgtests, run them. If any of the package's
> > binaries have reverse dependencies with autopkgtests, run those too
> > against the new binaries. All tests must either pass or be "hinted"
> > (failures are OK) by a member of the release team.
> >  2. Run installation tests with the binaries into the release pocket. If
> > the package isn't installable, it doesn't migrate. This avoids broken
> > systems on major library transitions.
> >  3. Make sure there are no bugs filed against the package with the
> > "block-proposed" tag.
> >
> > More documentation is available here:
> > https://wiki.ubuntu.com/ProposedMigration
> >
> Ahh good to know this, I was just (incorrectly apparently) assuming this
> is how the servers worked, based on the prescribed way you build them
> locally to test them prior to uploading them to Launchpad (at least for
> a PPA).  This is much more robust than I realized, thanks so much for
> the clarification here.
> >> and make the packages which does some pretty
> >> strict checking of the the packaging.  This is all validated via APT.
> > Well, not directly by apt. Checksumming of the binaries is done on
> > Launchpad and after apt downloads the packages, it verifies the
> > integrity of the binaries.
> Thanks for making this more clear here, I meant to reference the gpg key
> of the repository being imported into apt (in this case the Ubuntu keys)
> so that apt will know the source is trusted when communicating with it,
> at least this is how I understand the process.
> >> ....there may be a GTK app written in Vala for something, but I
> >> may be mistaken.
> > Right, gilir might know more about that but for right now we don't have
> > any programs we wrote ourself.
> Yeah, I think gilir wrote the program used for configuring the session,
> that is what I was remembering.
> > ...
> >
> > I hope this clears up any confusion.
> >
> Yes, thanks for bringing the extra information here it is very
> educational, and I really appreciate you taking the time to expand and
> also to correct my misconceptions.
> --
> Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/lubuntu-users/attachments/20171112/12d9a604/attachment.html>

More information about the Lubuntu-users mailing list