Your message dated Fri, 17 Mar 2023 21:32:18 +0000
with message-id <e1pdhgq-00h08f...@respighi.debian.org>
and subject line unblock libcamera
has caused the Debian Bug report #1033118,
regarding unblock: libcamera/0.0.3-6
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1033118: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033118
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: unblock
Severity: normal
Dear Release Team,
Could you please unblock the key package libcamera/0.0.3-6?
[ Reason ]
Open source IPA (Image Processing Algorithms) modules are signed at build time
allowing them to be trusted. However, IPA binaries are modified by dh_strip
invalidating the signatures. Thus IPA modules provided in the package are not
trusted anymore and need to be re-signed after the dh_strip step. This fix is
applied in 0.0.3-5 and improved in 0.0.3-6.
[ Impact ]
Not resigning IPA modules will make them untrusted, they will be isolated
inside a Sandbox environment with restricted access to the system (like any
closed-source module). Provided IPA modules won't work as expected.
[ Tests ]
The test requires supported hardware but it was tested in a Apertis (a Debian
derivative distrib). Some superficial tests have been added at the same time in
0.0.3-5 to detect early crashes as seen in a previous version.
[ Risks ]
The risk is low since we only regenerate signatures after dh_strip, i.e.
/usr/lib/*/libcamera/ipa_.so.sign files.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
unblock libcamera/0.0.3-6
Best,
Dylan
diff -Nru libcamera-0.0.3/debian/changelog libcamera-0.0.3/debian/changelog
--- libcamera-0.0.3/debian/changelog 2023-01-24 21:36:29.000000000 +0100
+++ libcamera-0.0.3/debian/changelog 2023-03-06 10:40:47.000000000 +0100
@@ -1,3 +1,20 @@
+libcamera (0.0.3-6) unstable; urgency=medium
+
+ * Use the DEB_HOST_GNU_TYPE for the build directory.
+
+ -- Andrej Shadura <andrewsh@debian.org> Mon, 06 Mar 2023 10:40:47 +0100
+
+libcamera (0.0.3-5) unstable; urgency=medium
+
+ [ Dylan Aïssi ]
+ * Add superficial tests.
+ * Add allow-stderr for tests.
+
+ [ George Kiagiadakis ]
+ * Add rule to re-sign the IPA modules after dh_strip.
+
+ -- Andrej Shadura <andrewsh@debian.org> Mon, 06 Mar 2023 09:45:00 +0100
+
libcamera (0.0.3-4) unstable; urgency=medium
* Add doxygen-latex in Build-Deps
diff -Nru libcamera-0.0.3/debian/.gitignore libcamera-0.0.3/debian/.gitignore
--- libcamera-0.0.3/debian/.gitignore 1970-01-01 01:00:00.000000000 +0100
+++ libcamera-0.0.3/debian/.gitignore 2023-03-06 10:40:47.000000000 +0100
@@ -0,0 +1,2 @@
+!patches/
+!*.patch
diff -Nru libcamera-0.0.3/debian/rules libcamera-0.0.3/debian/rules
--- libcamera-0.0.3/debian/rules 2023-01-24 21:36:29.000000000 +0100
+++ libcamera-0.0.3/debian/rules 2023-03-06 10:40:47.000000000 +0100
@@ -25,6 +25,12 @@
# For now, testsuite failures are ignored
-dh_auto_test
+override_dh_strip:
+ dh_strip -a
+ MESON_INSTALL_DESTDIR_PREFIX=. ./src/ipa/ipa-sign-install.sh \
+ ./obj-${DEB_HOST_GNU_TYPE}/src/ipa-priv-key.pem \
+ debian/libcamera-ipa/usr/lib/${DEB_HOST_MULTIARCH}/libcamera/ipa_*.so
+
.PHONY: licensecheck
licensecheck:
licensecheck --deb-machine -r * \
diff -Nru libcamera-0.0.3/debian/tests/control libcamera-0.0.3/debian/tests/control
--- libcamera-0.0.3/debian/tests/control 1970-01-01 01:00:00.000000000 +0100
+++ libcamera-0.0.3/debian/tests/control 2023-03-06 10:40:47.000000000 +0100
@@ -0,0 +1,3 @@
+Tests: run-tools
+Depends: @
+Restrictions: superficial, allow-stderr
diff -Nru libcamera-0.0.3/debian/tests/run-tools libcamera-0.0.3/debian/tests/run-tools
--- libcamera-0.0.3/debian/tests/run-tools 1970-01-01 01:00:00.000000000 +0100
+++ libcamera-0.0.3/debian/tests/run-tools 2023-03-06 10:40:47.000000000 +0100
@@ -0,0 +1,7 @@
+#!/bin/sh -e
+# autopkgtest check: Run cam and lc-compliance both with the --list option.
+
+cam --list
+
+lc-compliance --list
+
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---