New Debian Maintainer Tutorial
Contents
Key Changes
The debian-maintainers keyring is updated with a new version of the debian-keyring package.
Its keys are not kept in sync with the keyservers. All changes to the debian-maintainers keyring are done by the Debian keyring maintainers in their working tree.
Simple updates to keys (new UIDs, updated expiry dates) should be sent via HKP to keyring.debian.org:
gpg --keyserver keyring.debian.org --send-key <mykeyid>
The update will then be folded into the active DM keyring on the next keyring promote (usually at least once a month).
Note that the keyring maintainers are not the appropriate people to contact about getting your initial key into the DM keyring.
The DM team makes the decisions about adding new keys and will then request the addition by the keyring maintainers.
Annual ping
Debian Maintainers must reconfirm their interest annually to keep their keys in the debian-maintainers keyring by filing a signed bug report against the debian-maintainers pseudo package.
Key replacement/removal
For general information regarding key management, please read the Debian Keyring. For more detailed information, please read the Rules for key replacement in the Debian Keyring.
Uploading packages
Once you have your key in the debian-maintainers keyring, you will be able to upload packages, where the following conditions hold:
the package does not have to pass through the NEW queue
the sponsor has sent a dak command allowing you to upload as described in http://lists.debian.org/debian-devel-announce/2012/09/msg00008.html
This tutorial explains how a DebianMaintainer (DM) would upload to Debian, it assumes that one is already familiar with tools like debsign & dput.
- Can you upload yet ?
Once dak has your key, it will send a mail to debian-project for announcing the keyring update
and you will be allowed to upload.
- When you build the package in a chroot environment,
for example using sbuild, remember to use the -s option (--source) in order to include the source;
if you use dpkg-buildpackage, make sure not to use -B option.
Once the <foo>.changes is created, sign it with debsign -k<yourUIDkey> <foo>.changes and check its contents:
it should refer to the .dsc, the .diff.gz or .debian.tar.gz., the .deb, and the .orig.tar.{bz2,gz} (for a -1 version).
Source Only Upload is recommended.
- Though, NEW uploads and uploads with NEW binaries currently cannot be source-only.
Upload to either ftp-master or ftp-eu:
the default dput configuration in /etc/dput.cf would upload to ftp-master.
The configuration sections for ftp-master and ftp-eu are included here for convenience:
[ftp-master] fqdn = ftp.upload.debian.org incoming = /pub/UploadQueue/ login = anonymous allow_dcut = 1 method = ftp # http://lists.debian.org/debian-project/2009/05/msg00036.html [ftp-eu] fqdn = ftp.eu.upload.debian.org method = ftp incoming = /pub/UploadQueue/ login = anonymous allow_dcut = 1
Once configured, you can start the upload using YOURPKG_VER.SION.changes.
Access to Porter Machines
Sometimes you would like to investigate something on one of the DebianMachines (i.e. a build failure on a specific hardware architecture). To request access to a porter machine, please refer to http://dsa.debian.org/doc/guest-account/.