Kernels built - copy to -proposed?
Martin Pitt
martin.pitt at ubuntu.com
Mon Dec 6 18:50:34 GMT 2010
Kees Cook [2010-12-05 11:28 -0800]:
> Hi,
> I disagree here -- the ABI-tracking packages may include things outside the
> kernel too. I'm significantly more comfortable with doing the builds where
> they cannot possibly hit an -updates vs -security skew problem.
I see. I don't see much of a potential problem here, but I understand
your concern and agree that it's technically cleaner to build them in
a non-proposed environment.
> I maybe do not understand what these tools are
We have a tool "queuediff" which automates the review process as much
as possible. See
https://wiki.ubuntu.com/StableReleaseUpdates#Reviewing%20procedure%20and%20tools
for the details. This would need to be changed to fetch the .changes
and debdiff from the PPA. I just checked, and fortunately it seems
that PPAs also generate debdiffs against the corresponding Ubuntu
release, so it shouldn't be too hard. Is this going to be a public
PPA? If not, then we need to rewrite queuediff from urllib to using
launchpadlib (there seems to be a method packageDiffUrl() which we can
use), and ~ubuntu-sru needs to be able to access the PPA.
> , but I thought the kernel was reviewed from -proposed before being
> promoted to -updates?
No, an upload gets reviewed before it gets accepted into -proposed.
The alternative approach would be to let the security team do the
review and copying, and run sru-accept.py by themselves, as I outlined
in
https://wiki.ubuntu.com/ArchiveAdministration#Copying%20PPA%20kernels%20to%20proposed%20(DRAFT)
I guess you already have your own methods/scripts to review package
deltas, so exercising the steps 1 and 2 might actually be easier for
you as well?
Thanks,
Martin
--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
More information about the technical-board
mailing list