Ubuntu AppUpdate

Soren Hansen soren at ubuntu.com
Thu Jul 8 23:11:44 UTC 2010


On Thu, Jul 08, 2010 at 06:59:19PM -0400, Ryan Oram wrote:
>> Our packages use sbuild (I believe the official archive also uses
>> it), I am not aware of safety checks applied at PPAs, can you
>> ellaborate ?
> Ubuntu, Debian, and all Launchpad PPAs use pbuilder to create their
> packages.

No, they use sbuild.

> The packages are built on a virtual server to ensure integrity and
> consistency.

No. PPA builds are built on virtual servers for security purposes.
Builds are run as root and anyone can set up and upload to a PPA, so
they must be appropriately contained.

Builds for Ubuntu proper are not built on virtual servers, but in a
simple chroot. I'd be surprised if Debian was different, but I don't
know for sure.

> debuild is not nearly as robust. pbuilder, as it builds packages in a
> chroot environment, forces developers to check that their build
> scripts are not static and forces them to verify that all the package
> dependencies are listed in the package. It also runs lintian, to
> verify that the packages follow Debian/Ubuntu policy to the "t".

debuild also runs lintian. sbuild does not.

-- 
Soren Hansen
Ubuntu Developer
http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20100709/f2477495/attachment.pgp>


More information about the Ubuntu-devel-discuss mailing list