Re: Please remove non-lts architectures from wheezy-security
On Wed, 2016-05-04 at 18:51 +0100, Ben Hutchings wrote: > As I understand it, packages are never moved directly from oldstable- > security to archive.debian.org. Normally they are copied to oldstable > in a final point release, and then moved to archive.debian.org. In > this case, there was a point release on 2nd April and none at the > transition to LTS. > > This is fine for the LTS architectures since wheezy-security still > exists on security.debian.org. But it seems no-one thought through > how the other architectures' recent security uploads would get > archived. And since all wheezy LTS uploads are also going into wheezy- > security, I think we're going to have the same issue at the end of LTS. > > So I think there needs to be some kind of pseudo-point-release for > wheezy to straighten out the non-LTS architectures now, and another one > at the end of LTS.. There'll be an actual point release for wheezy, as an EOL clean-up as usual. Regards, Adam
RE: Please remove non-lts architectures from wheezy-security
Hello Paul, This approach works fine, thanks for the suggestion: deb http://ftp.be.debian.org/debian wheezy main contrib non-free deb-src http://ftp.be.debian.org/debian wheezy main contrib non-free deb http://ftp.be.debian.org/debian wheezy-updates main contrib non-free deb-src http://ftp.be.debian.org/debian wheezy-updates main contrib non-free deb http://snapshot.debian.org/archive/debian-security/20160427T220235Z wheezy/updates main contrib non-free deb-src http://snapshot.debian.org/archive/debian-security/20160427T220235Z wheezy/updates main contrib non-free I'm simply surprised that these packages have disappeared from security.debian.org before having been properly archived (and without any pointer in that direction on the Security Team FAQ or the LTS wiki - which is otherwise very clear and informative on what to do on LTS-supported architectures). I'm also aware of the sparc situation and the sparc64 porting effort. But on production infrastructure I prefer to be limited to wheezy with some security patches or backported packages, even if we may have to compile them ourselves in the future, rather than be limited to sid on a currently unofficial port... Thanks for your help, Tom -Original Message- From: paul.is.w...@gmail.com [mailto:paul.is.w...@gmail.com] On Behalf Of Paul Wise Sent: Wednesday, May 04, 2016 5:37 AM To: Tom Turelinckx Cc: debian-lts@lists.debian.org Subject: Re: Please remove non-lts architectures from wheezy-security On Wed, May 4, 2016 at 12:23 AM, Tom Turelinckx wrote: > Jessie is not available for sparc. If you are actually using sparc I would recommend you look at migrating to and assisting the sparc64 porting efforts. Or reviving sparc if you need 32-bit SPARC. Or switch to another architecture. https://wiki.debian.org/Sparc64 https://lists.debian.org/debian-sparc/ > There is no wheezy directory in http://archive.debian.org/debian/dists/, nor > in http://archive.debian.org/debian-security/dists/. ... > Have these packages been archived somewhere? What is the recommended > sources.list entry to access them? Until the non-LTS wheezy architectures are properly archived, you can use the Debian wayback machine with a date before the LTS started. http://snapshot.debian.org/ Also keep in mind that you are going to have to recompile every LTS update from source for sparc or not get security updates. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Please remove non-lts architectures from wheezy-security
On Wed, May 4, 2016 at 12:23 AM, Tom Turelinckx wrote: > Jessie is not available for sparc. If you are actually using sparc I would recommend you look at migrating to and assisting the sparc64 porting efforts. Or reviving sparc if you need 32-bit SPARC. Or switch to another architecture. https://wiki.debian.org/Sparc64 https://lists.debian.org/debian-sparc/ > There is no wheezy directory in http://archive.debian.org/debian/dists/, nor > in http://archive.debian.org/debian-security/dists/. ... > Have these packages been archived somewhere? What is the recommended > sources.list entry to access them? Until the non-LTS wheezy architectures are properly archived, you can use the Debian wayback machine with a date before the LTS started. http://snapshot.debian.org/ Also keep in mind that you are going to have to recompile every LTS update from source for sparc or not get security updates. -- bye, pabs https://wiki.debian.org/PaulWise
RE: Please remove non-lts architectures from wheezy-security
Markus, If I do that, apt-get update can't find any of the Packages files. There is no wheezy nor wheezy-updates on archive.debian.org/debian... Tom -Original Message- From: Markus Koschany [mailto:a...@debian.org] Sent: Tuesday, May 03, 2016 6:35 PM To: Tom Turelinckx Cc: debian-lts@lists.debian.org Subject: Re: Please remove non-lts architectures from wheezy-security Hello Tom, Am 03.05.2016 um 18:23 schrieb Tom Turelinckx: > Hello Markus, > > Jessie is not available for sparc. True. sparc64 is the only non-official release architecture that comes somewhat close. > > My /etc/apt/sources.list looks like this: > > deb http://ftp.be.debian.org/debian wheezy main contrib non-free > deb-src http://ftp.be.debian.org/debian wheezy main contrib non-free > > deb http://ftp.be.debian.org/debian/ wheezy-updates main contrib > non-free deb-src http://ftp.be.debian.org/debian/ wheezy-updates main > contrib non-free > > deb http://security.debian.org/ wheezy/updates main contrib non-free > deb-src http://security.debian.org/ wheezy/updates main contrib > non-free > > This stopped working when the non-lts architectures were removed from > security.debian.org: [...] > Have these packages been archived somewhere? What is the recommended > sources.list entry to access them? Try to replace ftp.be.debian.org with archive.debian.org. That should do the trick. Regards, Markus
Re: Please remove non-lts architectures from wheezy-security
Hello Tom, Am 03.05.2016 um 18:23 schrieb Tom Turelinckx: > Hello Markus, > > Jessie is not available for sparc. True. sparc64 is the only non-official release architecture that comes somewhat close. > > My /etc/apt/sources.list looks like this: > > deb http://ftp.be.debian.org/debian wheezy main contrib non-free > deb-src http://ftp.be.debian.org/debian wheezy main contrib non-free > > deb http://ftp.be.debian.org/debian/ wheezy-updates main contrib non-free > deb-src http://ftp.be.debian.org/debian/ wheezy-updates main contrib non-free > > deb http://security.debian.org/ wheezy/updates main contrib non-free > deb-src http://security.debian.org/ wheezy/updates main contrib non-free > > This stopped working when the non-lts architectures were removed from > security.debian.org: [...] > Have these packages been archived somewhere? What is the recommended > sources.list entry to access them? Try to replace ftp.be.debian.org with archive.debian.org. That should do the trick. Regards, Markus signature.asc Description: OpenPGP digital signature
Re: Please remove non-lts architectures from wheezy-security
Hello Ansgar, thanks for your work! On Thu, 28 Apr 2016, Ansgar Burchardt wrote: > I'm not quite sure if uploading new packages will trigger a mirror > push. I think that only happens when uploads to policy queues are > processed and might need to be adapted. I guess that if you are not able to do it quickly, you will be able to put it in some cron task in the mean time? > I also still need to look at the patches to have the dak installation on > security-master also send mail to the person that signed the upload. Can you also make sure that Accepted mails are sent to debian-lts-chan...@lists.debian.org and to the package tracker (dispatch _AT_ tracker.debian.org)? > > It would be nice if in the future we can have the suites from the > > security archive called -security by dak. > > This I hope to change for stretch. Having */updates and *-updates is > too confusing... Yeah \o/ Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Re: Please remove non-lts architectures from wheezy-security
Hi, Aurelien Jarno writes: > On 2016-04-26 23:52, Ansgar Burchardt wrote: >> please remove the non-lts architectures for wheezy-security from >> wanna-build and the buildds. Only amd64, armel, armhf and i386 are >> still supported. >> >> It would also be nice if build logs for wheezy-security would be visible >> on buildd.d.o for future uploads. (As far as I know, LTS doesn't handle >> embargoed issues so public logs should be fine.) > > That should have been done by now. A bit complicated because > wheezy-security is a virtual suite, which now has different > architectures than the real suite wheezy. Thanks. I removed the non-lts architectures from the wheezy suite on security-master and disabled the policy queues. So uploads should now be accepted. I'm not quite sure if uploading new packages will trigger a mirror push. I think that only happens when uploads to policy queues are processed and might need to be adapted. I also still need to look at the patches to have the dak installation on security-master also send mail to the person that signed the upload. > It would be nice if in the future we can have the suites from the > security archive called -security by dak. This I hope to change for stretch. Having */updates and *-updates is too confusing... Ansgar
Re: Please remove non-lts architectures from wheezy-security
On 2016-04-26 23:52, Ansgar Burchardt wrote: > Hi, > > please remove the non-lts architectures for wheezy-security from > wanna-build and the buildds. Only amd64, armel, armhf and i386 are > still supported. > > It would also be nice if build logs for wheezy-security would be visible > on buildd.d.o for future uploads. (As far as I know, LTS doesn't handle > embargoed issues so public logs should be fine.) That should have been done by now. A bit complicated because wheezy-security is a virtual suite, which now has different architectures than the real suite wheezy. It would be nice if in the future we can have the suites from the security archive called -security by dak. Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net