Bug#736859: dput: Please set the default transport to use ssh-upload

2019-03-03 Thread Francesco Poli 
On Sun, 10 Feb 2019 18:35:09 +1100 Ben Finney  wrote:
[...]
>
> The Debian infrastructure support for SSH upload may not be good
> enough to be the default transport for this tool.
> 
> On 27-Nov-2018, Paride Legovini wrote:
> > While ssh-upload is clearly better than FTP and I would like to see
> > it as the default upload method too, it still has two important
> > shortcomings:
> > 
> > 1. Only Debian Developers can use it, as DM do not have an account;
> > 
> > 2. It does not support the DELAYED queue.

I have a question: which are the upload methods currently supported by
ftp.upload.debian.org (or by ftp.eu.upload.debian.org)?

Can https be used by DMs?
Can this be made as the new default?


It may look like a stupid question, but I honestly failed to find the
answer by searching myself (on the web and/or in Debian
documentation)...  :-(


-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgpFPg6hQApgM.pgp
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-14 Thread Daniel Kahn Gillmor 
Control: clone 736859 -2
Control: retitle -2 dput-ng: Please set the default transport to use ssh-upload

On Wed 2019-02-13 12:15:33 -0500, micah anderson wrote:
> Daniel Kahn Gillmor  writes:
>> So perhaps this bug report can be closed, since ssh.upload.debian.org
>> does appear to be the default target for dupload today?  i don't know
>> when that changed.
>
> That may be true about dupload, but dupload is a different package, and
> this was about dput.

Sorry for the distraction about dupload!  You're clearly right that dput
is a separate package, i don't know what i was thinking.

I note that dput-ng also appears to default to FTP-based upload, since
/etc/dput.d/profiles/ftp-master.json has: "default_host_main":
"ftp-master" (so i'm cloning this bug over there to recommend that
dput-ng also default to ssh.upload.d.o)

but the fact that dupload defaults to ssh.upload is promising, and
suggests that it's not the end of the world for a comparable tool to use
a sensible default.

Could the dput or dput-ng maintainers weigh in on what is needed to make
this change?

 --dkg


signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-13 Thread micah anderson 
Daniel Kahn Gillmor  writes:

> On Mon 2019-02-11 10:25:48 -0500, Daniel Kahn Gillmor wrote:
>> The default dupload target for debian is described this way in
>> /etc/dupload.conf:

If I install dput, I do not have an /etc/dupload.conf, and rather I see
this in /etc/dput.conf:

[DEFAULT]
login   = *
method  = ftp
hash= md5

...

[ftp-master]
fqdn= ftp.upload.debian.org
incoming= /pub/UploadQueue/
login   = anonymous
allow_dcut  = 1
method  = ftp

...

That seems like it is using ftp as default to me.

> So perhaps this bug report can be closed, since ssh.upload.debian.org
> does appear to be the default target for dupload today?  i don't know
> when that changed.

That may be true about dupload, but dupload is a different package, and
this was about dput.

-- 
micah

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-11 Thread Daniel Kahn Gillmor 
On Mon 2019-02-11 10:25:48 -0500, Daniel Kahn Gillmor wrote:
> The default dupload target for debian is described this way in
> /etc/dupload.conf:
>
> $cfg{'ftp-master'} = {
> fqdn => 'ssh.upload.debian.org',
> method => 'scpb',
> incoming => '/srv/upload.debian.org/UploadQueue/',
> distblacklist => qr/^(?:UNRELEASED|.*-security$)/,
> # Files pass on to dinstall on ftp-master which sends emails itself.
> dinstall_runs => 1,
> };

it also says:

# 
# Global variables
# 

# The host to use if no --to option is used.
our $default_host;

my $vendor = get_current_vendor();
if ($vendor eq 'Debian') {
$default_host = 'ftp-master';
} elsif ($vendor eq 'Ubuntu') {
$default_host = 'ubuntu';
}

So perhaps this bug report can be closed, since ssh.upload.debian.org
does appear to be the default target for dupload today?  i don't know
when that changed.

Micah, can you verify that the defaults are fixed properly?

   --dkg


signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-11 Thread Daniel Kahn Gillmor 
Control: clone 736859 -2
Control: retitle -2 ftp.debian.org
Control: severity -2 wishlist
Control: retitle -2 Please grant DMs sftp/scpb access to ssh.upload.debian.org

On Sun 2019-02-10 18:38:48 +1100, Ben Finney wrote:
> On 27-Nov-2018, Daniel Kahn Gillmor wrote:
>> On 2018-11-27, Paride Legovini wrote:
>>> On Mon, 27 Jan 2014 Micah Anderson  wrote:>
>>>
 It would be nice if ssh-upload were the default transport for
 uploading files in debian. Is there a particular reason why it isn't
 set as the default now?
>>>
>>>  While ssh-upload is clearly better than FTP and I would like to see it
>>> as the default upload method too, it still has two important shortcomings:
>>>
>>> 1. Only Debian Developers can use it, as DM do not have an account;
>
>> We surely have ssh keys for most DMs these days, via gitlab,
>> monkeysphere, or some other mechanism.  Maybe we could we grant those
>> DMs access?
>
> If I understand this suggestion, it seems out of scope for this bug
> report. Would you re-post that suggestion for discussion where it
> might result in action?

The default dupload target for debian is described this way in
/etc/dupload.conf:

$cfg{'ftp-master'} = {
fqdn => 'ssh.upload.debian.org',
method => 'scpb',
incoming => '/srv/upload.debian.org/UploadQueue/',
distblacklist => qr/^(?:UNRELEASED|.*-security$)/,
# Files pass on to dinstall on ftp-master which sends emails itself.
dinstall_runs => 1,
};

According to Paride above, DMs cannot use this useful queue because
debian doesn't know about their ssh keys.

Please enable scpb access to ssh.upload.debian.org for Debian
Maintainers based on ssh keys that we know about for them -- either by
pulling them from salsa, from monkeysphere, or some other mechanism.

Thanks for maintaining the debian upload queues!

--dkg


signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-09 Thread Ben Finney 
Control: tags -1 + moreinfo

On 27-Nov-2018, Daniel Kahn Gillmor wrote:

> We surely have ssh keys for most DMs these days, via gitlab,
> monkeysphere, or some other mechanism.  Maybe we could we grant those
> DMs access?

If I understand this suggestion, it seems out of scope for this bug
report. Would you re-post that suggestion for discussion where it
might result in action?

> > 2. It does not support the DELAYED queue.
> 
> If it doesn't support the DELAYED queue, that should be fixed. is
> there a reason that DELAYED isn't available via ssh-upload?

I don't know; Paride, is this problem already reported in some bug
report? Which one?

-- 
 \ “I must say that I find television very educational. The minute |
  `\   somebody turns it on, I go to the library and read a book.” |
_o__)—Groucho Marx |
Ben Finney 

signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2019-02-09 Thread Ben Finney 
Control: severity -1 wishlist
Control: outlook -1 0
Control: tags -1 + moreinfo

The Debian infrastructure support for SSH upload may not be good
enough to be the default transport for this tool.

On 27-Nov-2018, Paride Legovini wrote:
> While ssh-upload is clearly better than FTP and I would like to see
> it as the default upload method too, it still has two important
> shortcomings:
> 
> 1. Only Debian Developers can use it, as DM do not have an account;
> 
> 2. It does not support the DELAYED queue.

-- 
 \ “I was trying to daydream, but my mind kept wandering.” —Steven |
  `\Wright |
_o__)  |
Ben Finney 

signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2018-11-27 Thread Daniel Kahn Gillmor 
On Tue 2018-11-27 13:07:12 +0100, Paride Legovini wrote:
> On Mon, 27 Jan 2014 Micah Anderson  wrote:>
>> It would be nice if ssh-upload were the default transport for
>> uploading files in debian. Is there a particular reason why it isn't
>> set as the default now?
> While ssh-upload is clearly better than FTP and I would like to see it
> as the default upload method too, it still has two important shortcomings:
>
> 1. Only Debian Developers can use it, as DM do not have an account;

We surely have ssh keys for most DMs these days, via gitlab,
monkeysphere, or some other mechanism.  Maybe we could we grant those
DMs access?

Alternately, can we provide anonymous ssh access to ssh-upload and just
be done with the whole FTP mess once and for all?  it's 2018, and far
too much of the Internet is actively hostile to cleartext traffic.

Even OpenBSD's CVS server uses anonymous ssh for access these days:

https://www.openbsd.org/anoncvs.html

> 2. It does not support the DELAYED queue.

If it doesn't support the DELAYED queue, that should be fixed.  is there
a reason that DELAYED isn't available via ssh-upload?

  --dkg


signature.asc
Description: PGP signature

Bug#736859: dput: Please set the default transport to use ssh-upload

2018-11-27 Thread Paride Legovini 
On Mon, 27 Jan 2014 Micah Anderson  wrote:>
> It would be nice if ssh-upload were the default transport for
> uploading files in debian. Is there a particular reason why it isn't
> set as the default now?
While ssh-upload is clearly better than FTP and I would like to see it
as the default upload method too, it still has two important shortcomings:

1. Only Debian Developers can use it, as DM do not have an account;

2. It does not support the DELAYED queue.

Paride

Bug#736859: dput: Please set the default transport to use ssh-upload

2014-01-27 Thread Micah Anderson 
Package: dput
Version: 0.9.6.4
Severity: normal

It would be nice if ssh-upload were the default transport for uploading files 
in debian. Is there a particular reason why it isn't set as the default now?

thanks,
micah

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dput depends on:
ii  gnupg   1.4.16-1
ii  python  2.7.5-5

dput recommends no packages.

Versions of packages dput suggests:
ii  lintian 2.5.21
pn  mini-dinstall   none
ii  openssh-client  1:6.4p1-2
ii  rsync   3.1.0-2

-- Configuration Files:
/etc/dput.cf changed [not included]

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org