soren at ubuntu.com
Thu Jul 8 23:11:44 UTC 2010
On Thu, Jul 08, 2010 at 06:59:19PM -0400, Ryan Oram wrote:
>> Our packages use sbuild (I believe the official archive also uses
>> it), I am not aware of safety checks applied at PPAs, can you
>> ellaborate ?
> Ubuntu, Debian, and all Launchpad PPAs use pbuilder to create their
No, they use sbuild.
> The packages are built on a virtual server to ensure integrity and
No. PPA builds are built on virtual servers for security purposes.
Builds are run as root and anyone can set up and upload to a PPA, so
they must be appropriately contained.
Builds for Ubuntu proper are not built on virtual servers, but in a
simple chroot. I'd be surprised if Debian was different, but I don't
know for sure.
> debuild is not nearly as robust. pbuilder, as it builds packages in a
> chroot environment, forces developers to check that their build
> scripts are not static and forces them to verify that all the package
> dependencies are listed in the package. It also runs lintian, to
> verify that the packages follow Debian/Ubuntu policy to the "t".
debuild also runs lintian. sbuild does not.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: Digital signature
More information about the Ubuntu-devel-discuss