New SoC proposal
|Deletions are marked like this.||Additions are marked like this.|
|Line 68:||Line 68:|
| * Develop a new, robust (i.e. not shell script based), security checking tool based on the experience derived from [http://packages.debian.org/checksecurity Checksecurity] and [http://packages.debian.org/tiger Tiger] implementing common host-level security checks, providing better alert mechanisms, and, optionally, integrating with OSS information management systems such as [http://www.prelude-ids.org/ Prelude] (through [http://packages.debian.org/libprelude2 libprelude] and
[http://www.ossim.net/ Ossim] (JavierFernandezSanguino)
|* Develop a new, robust (i.e. not shell script based), security checking tool based on the experience derived from [http://packages.debian.org/checksecurity Checksecurity] and [http://packages.debian.org/tiger Tiger] implementing common host-level security checks, providing better alert mechanisms, and, optionally, integrating with OSS information management systems such as [http://www.prelude-ids.org/ Prelude] (through [http://packages.debian.org/libprelude2 libprelude] and [http://www.ossim.net/ Ossim] (JavierFernandezSanguino)|
|Line 72:||Line 71:|
|* Help integrate a coherent SELinux security policy into Etch||* Help integrate a coherent SELinux security policy into Etch, see SELinuxStatus|
This is a draft, and need a lot of work before it leave the draft state.
This wiki page is created to make it easier to plan and coordinate Debian's involvement in the [http://code.google.com/soc/ Google Summer of Code 2006].
[http://google-code-updates.blogspot.com/2006/04/summer-of-code-2006.html Request for mentoring organizations] has gone out, and Debian need to move quickly to make it before the May 1st deadline. Mentoring organisations should read the [http://code.google.com/soc/mentorfaq.html mentor FAQ].
- Formulate projects
- Organise mentors
- Bring this content once it's not a draft anymore into www.debian.org?
To be decided. Currently the Admin is Baruch Even, Anthony Towns will be an admin as well once he signs up, he can then distribute admin rights as needed.
Information on how to register to be a mentor was posted to debian-private, contact baruch (email@example.com) if you need more info. Please note that you should not register as a mentor if you intend to participate as a student.
Possible Projects (in () possible mentors)
(also see [http://www.debian.org/devel/todo/ the general TODO list] and the EtchTODOList)
Improve the boot system: speed up and make it dependency based. See discussions on [http://lists.alioth.debian.org/pipermail/initscripts-ng-devel/ the initscripts-ng list] and [http://wiki.debian.org/LSBInitScripts LSB init script page]. (pere)
- Make Debian more suitable for embedded systems, e.g. by removing Perl from the base system
Improve/unify the QA websites: packages.qa.d.o, qa.d.o/developer, dehs, etc
- Create a better environment for regression/unit tests (tbm)
Improve the system to handle WNPP: including expiry of ITPs, checking that orphaned packages have correct maintainer fields, etc. (DavidMorenoGarza)
Create a collaborative repository of meta-informations about sources packages (including upstream URL, URL of upstream VCS, URL of upstream BTS, debian/watch file, etc.) (RaphaelHertzog)
Help [http://dehs.alioth.debian.org Dehs project] to accept watch submitting and maintaining in an external framework instead of the single deb packages. Improve the Dehs postgres Db structure to optimizing query speed. Create rss feed with useful information from Dehs data. Collaborate with devscript maintainer to specify in a standar way the upstream news/changelog file in watch file and write with devscript package maintainer an official policy about watch file. (Stefano Fabri)
Add improvements to the BTS LDAP gateway like last-change-dates, last-mail, full-content, etc. (DavidMorenoGarza)
A program to sanity-check Debian CD and DVD images, like lintian/linda do for packages. (SteveMcIntyre)
- BTS interface in kmail: on display of a bts related mail (headers!), add buttons like 'view this bug', 'close/reopen this bug' (would ask for version first), 'edit bug tags', 'set severity', 'retitle', ... to the toolbar (cmot, just a funky idea...)
Web frontend for QA applications (linda, lintian, piuparts) and other packaging utilities (like pbuilder) Some work has been done in that topic, and it could be useful for CollaborativeMaintenance too
Release/Testing transition related
Improve Britney (aba)
Create a "Migration Tracking System" which can be used to track the various migrations that are happening. It should have a web interface as well as a mail interface. It should transparently make use of debbug's usertags to keep track of the bugs related to a specific transition. (RaphaelHertzog)
Unify apt, dpkg, etc (aba)
Introduce real perl shlibs (aba)
Improve shlibs: to caclulate the used shlibs, rather than the theorically required ones (aba)
Build [http://www.r-project.org R] / [http://cran.r-project.org CRAN] package generator system for [http://cran.r-project.org CRAN] to extend the current approx. 50 packages to the full 800 or so. All of these packages actually build automagically thanks to existing cdbs rules. We need a simple stateful system to keep track of what has been added to [http://cran.r-project.org CRAN], what has been updated etc pp. There is a somewhat dormant [http://alioth.debian.org/projects/pkg-bioc/ Alioth Project] with some info. R knowledge helpful, Perl/Python/Ruby/... to implement. (DirkEddelbuettel)
?Anchor(dh_ocaml) Automate computation of [http://caml.inria.fr OCaml] library dependencies (re-)writing dh_ocaml. See: [http://lists.debian.org/debian-ocaml-maint/2005/04/msg00046.html idea description], [http://bugs.debian.org/328422 proof of concept implementation (#328422)]
Add IPv6 support to vserver (aba)
Improve support of pinning in apt ["real" dependency resolver, better docs, graphical interface (?), allow matching in Packages, etc] (aba)
Make reportbug enhancements: graphical and/or webbased, so its easier for user to report
Improve wpasupplicant: Split out the roaming functionality from wpasupplicant and associate based on what is known to the system from /etc/network/interfaces. (?KyleMcMartin)
Fix and enhance apt-listbugs: There are quite a few seemingly simple bugs and wishes in the BTS, but it's seen no updates for 10 months. A few small changes would make it much more useful. (RaphaelHertzog: probably too limited in scope to be a good project).
Create a Python/GTK/QT app to manage Debian BTS: would queue actions and then send an e-mail to the BTS to commit changes, make it easier to browse bugs, cross-reference, tag/update/close, etc
(StefanoZacchiroli: this overlaps with the make reportbug enhancements point above. What about splitting the above one in two: (1) provide a gui for reportbug, (2) provide a web ui for reportbug? If, besides interfaces, more features for reportbug are requested they should be described separately as well)
Create a user-friendly security-update notifier/installer
Package and integrate [http://www.networkmultimedia.org NMM - Network Multimedia-Middleware]. As NMM becomes (one of) the new KDE 4 multimedia backends (see this [http://www.linuxtag.org/2006/de/besucher/programm/freies-vortragsprogramm/samstag.html?talkid=319 presentation at the Linuxtag2006]) this would be initial work to support KDEs new multimedia framework Phonon.
Package and integrate of [http://www.nomachine.com NX] and [http://freenx.berlios.de FreeNX]. See also [http://lists.alioth.debian.org/pipermail/pkg-nx-group/2006-April/000135.html this mail].
Help implement ["CDDT"] -- Custom Debian Distributions Toolkit. The toolkit is partially functional, but there are a lot of things to do, for the current status look at the following [http://lists.debian.org/debian-custom/2006/02/msg00074.html message].
Develop a new, robust (i.e. not shell script based), security checking tool based on the experience derived from [http://packages.debian.org/checksecurity Checksecurity] and [http://packages.debian.org/tiger Tiger] implementing common host-level security checks, providing better alert mechanisms, and, optionally, integrating with OSS information management systems such as [http://www.prelude-ids.org/ Prelude] (through [http://packages.debian.org/libprelude2 libprelude] and [http://www.ossim.net/ Ossim] (JavierFernandezSanguino)
- Help integrate a coherent SELinux security policy into Etch, see SELinuxStatus
- Create various variants of the reference policy for specific audiences (server, single user, desktop)
- Create policy modules for specific packages, or contribute additions back to reference policy
Develop an [http://oval.mitre.org OVAL] agent for Debian. Define a mechanism to automaticaly generate OVAL queries from DSAs so that admins can set a central monitoring network (through an OVAL server and distribute OVAL agents) that can determine which systems need security updates. Optionally rate the urgency of the update using [http://www.first.org/cvss/ CVSS] (by CVE-linking with the [http://nvd.nist.gov/ National Vulnerability Database]) (JavierFernandezSanguino)
Develop a lintian-like system (i.e. both local tools and a lintian.debian.org service) to do automatic security review of packages source code and, through a metric, attempt to spot packages with possible security vulnerabilities that need to be reviewed before being released with the testing/stable release (JavierFernandezSanguino)
Develop a central translation coordination system (or enhance existing systems, such as [http://translate.sourceforge.net/ Pootle] or [http://sourceforge.net/projects/wordforge Wordforge] that would be used by translation teams to manage (coordinate), commit and review statistics for all the different l10n components in Debian, from program message translations to package description translations including the website, documentation, debconf notes, etc. For more information on the current state of affairs read [http://people.debian.org/~jfs/debconf6/html/ Internationalisation and localisation in Debian] (JavierFernandezSanguino)
Mentors for other projects
Check the mails in -private on how to register to be a mentor, to speed things up also email baruch at firstname.lastname@example.org to notify me of your request so I can accept it.
?AigarsMahinovs - I am a DD and was a participant in SOC 2005, I can mentor students willing to do Debian projects
- aba (Andi Barth) - projects related to release management, QA, project management
- Martin Michlmayr (tbm) - projects related to QA, release and project management; possibly also projects related to embedded systems.
DirkEddelbuettel - would be glad to mentor and help on R / CRAN related integration
StefanoZacchiroli - automated handling of OCaml dependencies (dh_ocaml)
DavidMorenoGarza - willing to work on the projects I'm offering to mentor even if they don't get into SOC; if so, please contact me.
SergioTalensOliag - will be happy to mentor anyone interested in working on the ["CDDT"].
JavierFernandezSanguino - willing to mentor security enhancement or security audit related projects.