[ adjusting recipients - implementation detail] * Philipp Kern ([email protected]) [100405 12:18]: > On Mon, Apr 05, 2010 at 11:31:02AM +0200, Stefan Fritsch wrote: > > is the correct setup for the buildd chroots documented somewhere? I > > frequently have to have the same discussions with buildd admins again > > and again to have them fix the configuration of the stable-security > > chroots. It would be easier if I could just point them to the > > documentation. And maybe, if there was some documentation, the > > configuration wouldn't be broken that often. > > They should use the script we provide: create-chroot.sh. It should take > care of those details. However... > > > TTBOMK, the correct setup currently is: > > > > sources.list: > > - include source *and* binary lines for the security-master/buildd/ > > dir (don't know what the dir is called exactly) > > - do not include incoming.debian.org > > - do not include s-p-u > > We are currently using the base suite as the base for the security settings. > This means incoming.debian.org as the second mirror and s-p-u included.
What I think about is that we just write sources.list on every chroot cloning / entrying, except if we use the source chroot: 1. sources.list: We have (currently only on some systems) the prefered mirrors in /etc/schroot/conf.buildd. This file needs to be created where it doesn't exist yet. As long as it doesn't exist, I'd just not do anything for sources.list. If we do security, proposed-updates, and in case of snapshots also any other, we write the appropriate entries to sources.list: security: $nearestmirror if set ftp.d.o $securitymirror if set security-master public and private (using https for private ones) p-u: $nearestmirror stable and p-u if set ftp.d.o stable and p-u incoming p-u only (?) volatile / backports: $nearestmirror stable and p-u if set $nearestvol / $nearestbpo stable and p-u if set ftp.d.o stable and p-u volatile-master p-u / backports-master p-u unstable: $nearestmirror unstable ftp.d.o unstable incoming unstable and buildd-unstable 2. apt.conf: We automatically write to /etc/apt/apt.conf.d/99builddauto entries with no pdiffs, no recommends, and - in case of security chroots only - no authentication. (Only for >= lenny, etch doesn't do apt.conf.d) 3. dpkg.cfg: For >= squeeze we automatically write "force-confnew" to /etc/dpkg/dpkg.conf.d/force-confnew on each entering of the chroot. Comments? Too ugly? Andi -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
