[maemo-community] to all who has root access on garage

From: Jeremiah Foster jeremiah at jeremiahfoster.com
Date: Sat Jul 25 16:56:28 EEST 2009
On Jul 25, 2009, at 13:19, Ferenc Szekely wrote:

> Hello,
> I would like to ask all users who have root access to garage.maemo.org
> that in the future please let all the other admins know _in advance_  
> if
> you plan to do some installation.

By installation you mean using aptitude?
> The best way is probably to post a message to this list.

So an email to this list _anytime_ anyone uses aptitude?

> None of us could possibly know all dependencies of the various  
> services
> we have on the machine. If we are all aware of an upcoming  
> installation,
> or upgrade then we can ensure that it will go smoothly without causing
> disturbance in other services.

That is what the apt system is for, managing dependencies. Apt is  
built and designed for smooth installation of software without  
disturbing other services.

Currently garage is running etch. This is going to cause continued  
conflict with packages which are being built on lenny. Etch does not  
receive updates to software the way lenny does - this is a problem, it  
means the software is quickly getting out of date and is potentially  
buggy. (Yes, old-stable does receive bug patches, but that is just for  
known bugs.)

Also, etch is not up-to-date on garage itself, there are lots of  
packages being held back since no one has taken the time to upgrade  

"The following packages have been kept back:  apache2 apache2-mpm- 
prefork apache2-utils apache2.2-common apt apt-utils bzr curl dbus  
debconf debconf-i18n dpkg-dev dpkg-sig dselect enscript git-core git- 
doc initscripts ldap-utils libaprutil1 libc6 libc6-dev libc6-xen  
libcurl3 libcurl3-gnutls libdbus-1-3 libfreetype6 libgd2-xpm  
libglib2.0-0 libgnutls13 libkadm55 libkrb5-dev libkrb53 liblcms1  
libldap-2.3-0 libpam-modules libpam-runtime libpam0g libpam0g-dev  
libpcre3 libpng12-0 libpq-dev libpq4 libsasl2 libsasl2-2 libssl-dev  
libssl0.9.7 libssl0.9.8 libtiff4 libxml2 locales login ntpdate openssh- 
client openssh-server openssl passwd php-pear postfix postgresql-7.4  
postgresql-client-7.4 python2.4 python2.4-minimal slapd sysv-rc  
sysvinit sysvinit-utils tzdata vim vim-common vim-runtime"

No server should be left in this state, you could have an serious  
exploit in openssh-client for example, but it is not going to get  
fixed since the server is not updated.

Furthermore, there are packages which cause dependencies conflicts,  
making any software un-installable. Please do not install software  
that is not properly packaged or designed to work with apt. If you  
have to do that, do so in a chroot, which is trivially easy to create  
with schroot or other tools. Also, please test your package before  
uploading to garage so that you know it works - packages have been  
breaking apt.

The solution to the problems with garage are not for more  
notification, but rather for following "best practices" when it comes  
to administration of debian servers.

More information about the maemo-community mailing list