I finally got around to book my (train) trip back from Zagreb. The hotline of Deutsche Bahn was interesting. The booking system crashed and I was called back. But in the end it worked and I can print it the next time I get near a vending machine.
I just posted a call for testing to the not yet well-known debian-stable-announce mailing list. Please test the packages in squeeze-proposed-updates on some stable machines if possible, so that we don't screw up your production machines with bad updates in a week. The point release is scheduled for June 25th, i.e. next Saturday. Don't forget to copy the debian-release mailing list when you encounter regressions. Thanks for your efforts.
So Christian likes to give out awards for the best bug reporting estimates and also does statistics about developers per capita. I've got at least one area where he's on top:
Philipp is a Debian developer since 2005 and a member of the release team since 2008. Since he took the responsibility of Stable Release Manager, the process has evolved for the best. I asked him to explain how the release team decides what s fit for stable or not.
His work on the buildd infrastructure is also admirable but I ll let him describe that. My questions are in bold, the rest is by Philipp.
Who are you?
I m a 24 year old Computer Science student, living in Karlsruhe,
Germany. As a student assistant I m currently in two jobs:
one is taking care of getting our university IPv6 network in shape,
or rather generally getting fringe technologies into the network. The
second is taking care of a s390x machine in the basement which my
faculty got sponsored recently. In my spare time I tend my Debian
duties and I m active in the student council (Fachschaft) as a
sys-admin, software developer and until recently as treasurer.
I got accepted as a Debian Developer in 2005. I m only really active
since I was invited to join the Release Team in early 2008 after I
contributed rewrites of some scripts that got lost in a disk crash of
ftp-master. In late 2008 I also took on wanna-build/buildd duties.
What s your notable achievement within Debian?
For one I worked on the deployment of a single buildd/sbuild
combination over all of our buildds and I rebased it on the sbuild
in the archive several times already. All buildds basically look
the same on all architectures, with only few variations. The
chroots are now also created in a mostly predictable manner.
Then we finally got build autosigning after years of constant poking.
However the policy decision to allow it was made by the ftp-masters
anyway, for which I m grateful, as it eases the workload of the
buildd maintainers, the Security Team and the Release Team quite
a bit.
On the release side there s the integration of volatile into
the proper structures of Debian. But there I m guilty for choosing
the bad name squeeze-updates is, in comparision with security s
squeeze/updates. Let s see if we can improve that for wheezy.
The policy for stable updates have changed over time. Can you summarize what kind of updates are allowed nowadays?
All the changes that were made to the policy were driven by the
aim to keep stable (and to some lesser degree oldstable) usable
throughout its lifetime.
I have to admit that we got slightly more liberal in what we accept
since I took over. The previous stable update policy included the
fixes of critical bugs that break the system in interesting ways and
security fixes. We also opened up the possibility of including
important fixes for annoying bugs on a case-by-case basis.
The whole don t update that much part of the stable release
management is rooted in let s don t change the behaviour of a
running system and let s have as few regressions as possible .
We currently try to counter that with a review process that only
allows self-contained fixes that were tested in unstable first,
if applicable.
In the future I d also like to have a feedback process
that includes the users of the packages to report problems more early.
In fact that s also why we now send calls for testing to
debian-stable-announce one week in advance (see this
mail as an example).
So stable is updated through point releases that happen roughly
every two months for stable and roughly every four for oldstable.
They are accompanied by announcements and new CD/DVD sets.
To be able to push some updates with less delay to our users
and to avoid that they have to pick them from proposed-updates,
there is stable-updates. The current policy for this
suite is available in this
post on debian-devel-announce. It boils down to everything urgent
like tzdata, regression fixes and volatile packages. We noticed that
some packages in stable just weren t useful anymore when they got
updated through volatile. Hence those are folded into stable, too.
We also relaxed the rules a bit so that leaf packages like clive,
that rely on external websites not to change their URLs, can
be updated too.
If somebody wonders what happened to the and a half releases Those
were intended to mark the inclusion of new hardware support (mostly by
including a co-installable new kernel version). This kind of flag
point release is thankfully no longer needed because our marvellous
kernel team now backports certain hardware drivers to the kernel
version in stable. They have some trouble soliciting test feedback
for them, though. It would be cool if more people using stable
could respond to their calls for testing.
What are your plans for Debian Wheezy?
Luckily the wanna-build/buildd side isn t much dependent on release
cycles. The stable release management also just takes care
of what gets dumped on them by the testing RMs. 
The near-term goals are certainly:
3 comments Liked this article? Click here. My blog is Flattr-enabled.
Proposals for autosigning were floating around for quite some time. The most controversial parts were how we secure the machines that do the building (and in turn: how do we secure the key) and who's going to manage the keyring (because there are multiple teams involved; such discussions can indeed take quite a bit time).
Picture of Mehdi taken by Antoine Madet
I ve been mostly active in the OCaml team where we designed a tool to compute automatically the dependencies between OCaml packages, called dh-ocaml. This was a joint work with St phane Glondu, Sylvain Le Gall and Stefano Zacchiroli. I really appreciated the time spent with them while developing dh-ocaml. Some of the bits included in dh-ocaml have been included upstream in their latest release.
I ve also tried to give a second life to the Buildd Status Pages because they were (kind of) abandoned. I intend to keep them alive and add new features to them.
If you had a wand and could change one thing in Debian, what would that be?
Make OCaml part of a default Debian installation 
But, since I m not a magician yet, I d stick to more realistic plans:
During our last meeting in Paris last October, the Release Team agreed to organize a meeting after Squeeze s release to discuss (among other questions) Wheezy s cycle. But the details of the meeting are not fixed yet (we still have plenty of time to organize it and other more important tasks to care about). We would like to be able to announce a clear roadmap for Wheezy and enhance our communication with the rest of the project. We certainly want to avoid what happened for Squeeze. Making things a bit more predictable for developers is one of our goals.
Do you think the Constantly Usable Testing project will help?
The original idea by Joey Hess is great because it allows d-i developers to work with a stable version of the archive. It allows them to focus on the new features they want to implement or the parts they want to fix (AIUI). It also allows to have constantly available and working installation images.
Then, there is the idea of having a constantly usable Testing for users. The idea seems nice. People tend to like the idea behind CUT because they miss some software disappearing from Testing and because of the long delays for security fixes to reach Testing.
If the Release Team has decided to remove a package from Testing, I think that there must be a reason for that. It either means that the software is broken, has unfixed security holes or was asked for the removal by its maintainer. I think that we should better try to spend some time to fix those packages, instead of throwing a broken version in a new suite. It could be argued that one could add experimental s version in CUT (or sid s) but every user is free to cherry-pick packages from the relevant suite when needed while still following Testing as a default branch.
Besides, it s quite easy to see what was removed recently by checking the archive of debian-testing-changes or by querying UDD. IMO, It would be more useful to provide a better interface of that archive for our users. We could even imagine a program that alerts the user about installed software that got recently removed from Testing, to keep the user constantly aware any issue that could affect his machine. About the security or important updates, one has to recall the existence of Testing-security and testing-proposed-updates that are used specifically to let fixes reach Testing as soon as possible when it s not possible to go through Unstable. I m sure that the security team would appreciate some help to deal with security updates for Testing. We also have ways to speed migrate packages from Unstable to Testing.
I have to admit that I m not convinced yet by the benefits brought by CUT for our users.
2 comments Liked this article? Click here. My blog is Flattr-enabled.
Gobby 0.5 (or to be more precise 0.4.92) just hit the Karmic Koala. Below you
can see a screenshot of the new version (just click on it to get a large version).
It is sadly not protocol compatible to the old version but it features local
undo and redo! Furthermore it's not yet stable on-the-wire wise. The software
itself is fairly stable but it could be a bit bumpy if the server protocol
version goes out of date.
If you want to try it out on earlier versions, I offer backports in the
Infinote PPA for Intrepid and up. I hope to get to Hardy soon, sadly it
needs some more backports.
There is a public server available on gobby.0x539.de if you want to try
it out (connections are encrypted, but all contents are public and can be
deleted by everybody, wiki-like; so please be considerate and non-destructive).
On local networks Gobby will look for servers through Avahi. That said Gobby
is not yet able to host servers by itself, like the old version did. You have
to install the infinoted server. You can do this on any computer, even on
the local network and take advantage of Avahi. If you want encrypted
connections you need to create certificates but if an unencrypted session is
acceptable you can get an ad-hoc server by invoking infinoted
--security-policy=no-tls without further configuration. It will persist
content across invocations, too.
Thanks to Greg Heynes, there will also be a KDE client for Gobby, called...
Kobby! The first time someone actually uses the fact that the software
uses a library for interoperability. Interesting that it's done now
when the library's C instead of C++ (which obby was written in), with Qt
being C++ anyway. I'm not yet aware of packages but I really hope that
we can release with both.
If you encounter problems, please report them to our Trac (preferred)
or Launchpad.
Lenny got released yesterday and after having to push another update to
Etch through volatile to fix an annoying warning when Lenny is in
the sources.list, my work is now almost done too. (Yes, the autobuilding
infrastructure is still offline, but we will get that reactivated shortly.)
Anyway: if you live in or around Karlsruhe and did not get a mail by nomeata
and me and if you would enjoy meeting tomorrow (Monday) evening, please speak
up by mailing us. Let us celebrate the latest and greatest release. ;-)
The plan is to meet up at the Vogelbr u at 19:30.
It is a shame that the bug count for Lenny is only rising since the beginning of Debcamp (about 2008-08-02). Fellow developers, do you really want to release? Is the Release Team expected to fix all the bugs you file?
Another point release for Etch has been done; now it's the time for the CD
team to roll out new images after the next mirror pulse. The official
announcements (prepared by Alexander Reichle-Schmehl, thanks!) will follow
shortly afterwards. FTP master of the day was Joerg Jaspert, who
did his first point release since Woody, as he told us on IRC. We
appreciate your work and you spending your time that shortly before
going to Argentina.
This point release includes the etchnhalf update introducing a new kernel
image (based on 2.6.24) and some driver updates. Additionally the
infamous openssl hole will be fixed for good, even for new installs.
Again I want to present you a list of people who contributed to this
release. It cannot be complete as I got the information out of the
Changed-by fields of the uploads.
Dear Lufthansa, please do not mess with my flights! (Link Germany-only, sorry; title says it all, anyway...)
I got my Freerunner on Saturday and my first impressions are somewhat divided. It works, basically, sometimes. It suspends correctly, but when I leave the phone on over night, it won't wake up again. It is still logged into GSM, but neither USB networking nor the buttons on the side work. Problem no. 2 is that pulseaudio goes into lock-up mode (i.e. wasting a load of CPU cycles, doing nothing), which basically means that you cannot call anymore (and of course, you don't get a ringtone neither, but it still vibrates).
At least you can get to this point flashing newer software images. It is shipped with a very minimalistic software set, and even with the newest daily openmoko-devel image (less of the two evils, with qtopia being half-baked) one misses a utility to set (basic) preferences. Well, but SSH works and some things could just be hacked around.
If you don't want to invest time into getting your phone to work get something else. ;-)
I think I'm ready to go to Debconf 8 now. Just got the last missing
vaccination of ones recommended for visitors of Argentina (link German,
sorry). Also signed up for an insurance in case I get sick. Now
I just need to prepare my stuff properly and restock some of the
drugs I occassionally use, just in case.
I still feel a bit inert, but I guess that it will be a nice trip and
experience. Thanks to those who made it possible!
Some months ago I didn't think that I would stick to an English TV series,
not in any way dubbed or subtitled. But my girlfriend got me totally
hooked up with both House, M.D. (Hugh Laurie is just hilarious) and 24.
I got my own pick, too: Futurama.
At least watching those American series improves my listening comprehension,
although I still miss quite a lot of puns and jokes due to the missing
subtitles and due to my missing knowledge of English sayings. But it works
out somehow, she's explaining some of them to me, and I still enjoy it and
have fun.
Because I found it a tad non-obvious here a little tutorial. First we enable serial access to grub. For this add the following to your /boot/grub/menu.lst (tested with Grub legacy):
serial --unit=0 --speed=19200 terminal --timeout=5 serial consoleI chose such a low baud rate because it worked and I didn't want to spend more time on it and because the highest baud rate (115200) had some timing problems with that specific configuration. Then we need to adjust Xen to send the hypervisor output to the serial console as well (again in /boot/grub/menu.lst, this probably applies this way to Debian only):
## Xen hypervisor options to use with the default Xen boot option # xenhopt=com1=19200,8n1 console=com1,vga sync_consoleDebian's update-grub uses the comments in the file to generate appropriate menu entries, even if the kernel and hypervisor versions change. Thus editing a comment works, but you must remember to call update-grub after your changes, otherwise they won't be active! The last thing to change is the kernel's console. You might specify multiple consoles on the kernel's command line but only the last one will be the primary where the boot messages from init and the boot scripts are sent to. Kernel messages will end up on both, however. The edited comment looks like this (without Xen you would change kopt instead):
## Xen Linux kernel options to use with the default Xen boot option # xenkopt=console=tty0 console=ttyS0,19200n8The key change which enabled me to use the serial console was passing sync_console to Xen. Sadly it complains now on boot that this option should not be used on production systems because it ensures that all messages reach the serial console and wait if necessary. But in my humble opinion it should only hurt on output and there should not be that much kernel and hypervisor output anyway, except if there is something wrong with the machine. Serial output from Linux only was also messed up when Xen hadn't this option activated. To access the serial console just invoke GNU screen as a user in group dialout or as root like this to get the serial console as screen's first window:
# screen /dev/ttyS0 19200Now the only thing that's missing is an affordable remotely controllable power line to trigger power cycles... Update: Liberie Cunha-Neto kindly pointed me to the Xen hypervisor command line, from which one could reboot the machine. It is invoked by pressing Ctrl-a three times on the serial console (it does not work on the real one I told). In screen you need Ctrl-a, a instead, as Ctrl-a is its command prefix. Then you can get help by pressing h and reboot the machine by pressing R.
This will be my first DebConf ever and I'm excited. I just booked my
flights together with nomeata:
2008-08-03: Frankfurt (10:20) -> Buenos Aires (19:05) [LH510] 2008-08-03/04: Buenos Aires (21:30) -> Mar del Plata (3:20) [Bus] 2008-08-17: Mar del Plata (12:00) -> Buenos Aires (18:00) [Bus] 2008-08-18: Buenos Aires (20:55) -> Frankfurt (15:00) [LH511]
Yesterday I got a note from the Debconf organizers about my place in the
sponsorship queue (15 of 58). The drawback, however: there is no money to be
given out, yet. At least that's what I heared on IRC. The mail sounds a tad
different. Considering that I applied for 2300 USD (~1300 EUR) there is no way
that I pay this alone, being a job-less full-time student spending the other
time with volunteer work.
It would be nice to meet up all the other people driving Debian (apart from
those I already met at FOSDEM), but considering that I wouldn't even see
much of Argentina, well: no. Flights aren't getting cheaper, too. Back then
when I searched (February I guess) Lufthansa return flights were offered for
1000 EUR flying non-stop from Frankfurt.
I don't might paying a few hundred dollars on this myself, but how are other
non-company-sponsored individuals dealing with this notice? (Comments
are enabled, but need OpenID. Comments mailed in will be converted
if allowed to do so.)
We escorted Sarge to its last home. 3.1r8 is done, thanks to all the
people who made it possible. A big thanks goes to James Troup, our
ftpmaster of the day doing all the grunt work of getting a new point
release out of the door.
To bring in a more personal feeling of who makes this all possible,
here is a list of people contributing uploads to 3.1r8 (mostly
people from our fabulous Security Team):
Next.