Added some more proposals
|Deletions are marked like this.||Additions are marked like this.|
|Line 58:||Line 58:|
| 1. [wiki:/ovalagent OVAL agent] to make it possible to control security update status for clusters of Debian systems
1. [wiki:/commonsecuritychecks Common security checks] tool, to provide host-level security checks for the default Debian systems.
1. [wiki:/autosecreview Automatic Security Review] lindian-like portal.
|Line 128:||Line 131:|
|* Develop a new, robust (i.e. not shell script based), security checking tool based on the experience derived from [http://packages.debian.org/checksecurity Checksecurity] and [http://packages.debian.org/tiger Tiger] implementing common host-level security checks, providing better alert mechanisms, and, optionally, integrating with OSS information management systems such as [http://www.prelude-ids.org/ Prelude] (through [http://packages.debian.org/libprelude2 libprelude] and [http://www.ossim.net/ Ossim] (JavierFernandezSanguino)|
|Line 144:||Line 146:|
| * Develop an [http://oval.mitre.org OVAL] agent for Debian. Define a mechanism to automaticaly generate OVAL queries from DSAs so that admins can set a central monitoring network (through an OVAL server and distribute OVAL agents) that can determine which systems need security updates. Optionally rate the urgency of the update using [http://www.first.org/cvss/ CVSS] (by CVE-linking with the [http://nvd.nist.gov/ National Vulnerability Database]) (JavierFernandezSanguino)
* Develop a lintian-like system (i.e. both local tools and a lintian.debian.org service) to do automatic security review of packages source code and, through a metric, attempt to spot packages with possible security vulnerabilities that need to be reviewed before being released with the testing/stable release (JavierFernandezSanguino)
Summer of Code 2007
This wiki page is created to make it easier to plan and coordinate Debian's involvement in the [http://code.google.com/soc/ Google Summer of Code 2007].
Current Status (2007/03/09)
We've applied with Google to take part in the Summer of Code 2007. Our two current admins are SteveMcIntyre and StefanoZacchiroli. If last year is anything to go by, we'll probably add more admins later once the programme is up and running.
- Now it's time to create a repository of proposals for the summer of code. To do so:
please add an entry to the list below with a brief summary of the proposal (one-liner ideally)
add to the entry a link pointint to a subpage of this page with a more detailed description of the proposal. For creating the new page you can start from the ?SummerOfCode2007/ProposalTemplate page; look for it in the left column when creating the new page
A note about last-year proposals. Down in this page you can found the proposal from the last year. If you're still interested in proposing one of them, please move it to the list of 'this' year proposal, better filling the relative subpage. This way we will avoid proposals remaining here just for inertia on which no one is really interested to take part.
(see [http://code.google.com/support/bin/answer.py?answer=60325 Google's FAQ])
March 5: Mentoring organizations can begin submitting applications to Google
March 12: Mentoring organization application deadline
March 13: Google program administrators review organization applications
March 14: List of accepted mentoring organizations published on code.google.com; student application period opens
March 24: Student application deadline
Interim Period: Mentoring organizations review and rank student proposals; where necessary, mentoring organizations may request further proposal detail from the student applicant
April 9: List of accepted student applications published on code.google.com
Interim Period: Students learn more about their project communities
May 28: Students begin coding for their GSoC projects; Google begins issuing initial student payments
Interim Period: Mentors give students a helping hand and guidance on their projects
July 9: Students upload code to code.google.com/hosting; mentors begin mid-term evaluations
July 16: Mid-term evaluation deadline; Google begins issuing mid-term student payments
August 20: Students upload code to code.google.com/hosting; mentors begin final evaluations; students begin final program evaluations
August 31: Final evaluation deadline; Google begins issuing student and mentoring organization payments
For information on how to register to be a mentor, contact Steve or Zack. Please note that you should not register as a mentor if you intend to participate as a student.
For students, if you have questions or want to discuss the project you want to do you can mail the admins, discuss it in the debian-project mailing list, or join the #debian-soc channel on irc.debian.org.
If you would like to work on one of the projects below, as a student participating in Google's summer of code, watch this space for details of how to register.
This Year (2007) GSoC Projects
summary of a sample entry (to be removed as soon as a real entry shows up here). [wiki:?/SampleProposal more info]
[wiki:/PiupartsImprovements Improvements to piuparts]
[wiki:/SystemUpgradeTesting Testing system upgrades automatically using QEMU]
- Create a collaborative repository of meta-informations (["CRMI"]) about sources packages (including upstream URL, URL of upstream VCS, URL of upstream BTS, debian/watch file, etc.) on top of ["Mole"]. [wiki:/MoleAndCRMI More info]
- [wiki:/udebSupport Full support of udebs]
- [wiki:/ovalagent OVAL agent] to make it possible to control security update status for clusters of Debian systems
- [wiki:/commonsecuritychecks Common security checks] tool, to provide host-level security checks for the default Debian systems.
- [wiki:/autosecreview Automatic Security Review] lindian-like portal.
Mentors for other projects
LukClaes - projects related to QA or release/testing migration
Last Year (2006) GSoC Projects
If you're interested in one of the project below please promote it to the list above, filling the corresponding subpage with additional info.
Possible Projects (in () possible mentors)
(also see [http://www.debian.org/devel/todo/ the general TODO list] and the EtchTODOList)
Improve the boot system: speed up and make it dependency based. See discussions on [http://lists.alioth.debian.org/pipermail/initscripts-ng-devel/ the initscripts-ng list] and [http://wiki.debian.org/LSBInitScripts LSB init script page]. Some [http://lists.alioth.debian.org/pipermail/pkg-sysvinit-devel/2006-January/000542.html project ideas] are already written. (pere) -- multiple proposals there, don't propose this also
- Make Debian more suitable for embedded systems, e.g. by removing Perl from the base system
Unload ftp.debian.org, with the RedirectProposal (aba/zobel)
FriendsOfDebian website, a debian community site that could also raise money for debian
Improve/unify the QA websites: packages.qa.d.o, qa.d.o/developer, dehs, etc
- Create a better environment for regression/unit tests (tbm)
Improve the system to handle WNPP: including expiry of ITPs, checking that orphaned packages have correct maintainer fields, etc. (DavidMorenoGarza)
Create a collaborative repository of meta-informations about sources packages (including upstream URL, URL of upstream VCS, URL of upstream BTS, debian/watch file, etc.) (RaphaelHertzog)
Help [http://dehs.alioth.debian.org Dehs project] to accept watch submitting and maintaining in an external framework instead of the single deb packages. Improve the Dehs postgres Db structure to optimizing query speed. Create rss feed with useful information from Dehs data. Collaborate with devscript maintainer to specify in a standar way the upstream news/changelog file in watch file and write with devscript package maintainer an official policy about watch file. Optimize, clean and standardize source code. (Stefano Fabri)
Add improvements to the BTS LDAP gateway like last-change-dates, last-mail, full-content, etc. (DavidMorenoGarza)
A program to sanity-check Debian CD and DVD images, like lintian/linda do for packages. (SteveMcIntyre)
- BTS interface in kmail: on display of a bts related mail (headers!), add buttons like 'view this bug', 'close/reopen this bug' (would ask for version first), 'edit bug tags', 'set severity', 'retitle', ... to the toolbar (cmot, just a funky idea...)
Web frontend for QA applications (linda, lintian, piuparts) and other packaging utilities (like pbuilder) Some work has been done in that topic, and it could be useful for CollaborativeMaintenance too
Release/Testing transition related
Improve Britney; britney is the name of the scripts used to update Debian's testing distribution: it automates some of the hard problems of Debian release management. See [http://azure.humbug.org.au/~aj/blog/debian/britney AJ's blog] and the [http://www.debian.org/releases/testing/ general info about Testing] (aba)
Create a "Migration Tracking System" which can be used to track the various migrations that are happening. It should have a web interface as well as a mail interface. It should transparently make use of debbug's usertags to keep track of the bugs related to a specific transition. (RaphaelHertzog)
add powerful tag-based search capabilites [http://debtags.alioth.debian.org/cgi-bin/search.cgi Debtags-Enhanced Search] to aptitude (check out the link!)
Unify apt, dpkg, etc (aba) but note that wajig is already a rather nice Python-based wrapper around apt, dpkg, apitude, ...
Introduce real perl shlibs (aba)
Improve shlibs: to caclulate the used shlibs, rather than the theorically required ones (aba)
Build a [http://www.r-project.org R] / [http://cran.r-project.org CRAN] package generator system for [http://cran.r-project.org CRAN] to extend the current approx. 50 packages to the full 800 or so. All of these packages actually build automagically thanks to existing cdbs rules. We need a simple stateful system to keep track of what has been added to [http://cran.r-project.org CRAN], what has been updated etc pp. There is a somewhat dormant [http://alioth.debian.org/projects/pkg-bioc/ Alioth Project] with some info. R knowledge helpful, Perl/Python/Ruby/... to implement. (DirkEddelbuettel)
?Anchor(dh_ocaml) Automate computation of [http://caml.inria.fr OCaml] library dependencies (re-)writing dh_ocaml. See: [http://lists.debian.org/debian-ocaml-maint/2005/04/msg00046.html idea description], [http://bugs.debian.org/328422 proof of concept implementation (#328422)]. (StefanoZacchiroli)
Revive the apt-checkpoint project [http://sourceforge.net/projects/apt-checkpoint/ sourceforge] for safer/better end-user experience when upgrading to testing
Rewrite [http://packages.qa.debian.org/debian-cd debian-cd], the scripts used to create CD images. The current debian-cd works but has many flaws/limitations. Check out old discussions on the subject:
- Many people used modified version of debian-cd (Ubuntu, Debian-Edu, ...) and the new design should suit them all.
Add IPv6 support to vserver (aba)
Improve support of pinning in apt ["real" dependency resolver, better docs, graphical interface (?), allow matching in Packages, etc] (aba)
Make reportbug enhancements: graphical and/or web-based, so it's easier for users to report bugs
Improve wpasupplicant: Split out the roaming functionality from wpasupplicant and associate based on what is known to the system from /etc/network/interfaces. (?KyleMcMartin) ([wiki:madduck madduck]: also see [wiki:netconf netconf]).
Fix and enhance apt-listbugs: There are quite a few seemingly simple bugs and wishes in the BTS, but it's seen no updates for 10 months. A few small changes would make it much more useful. (RaphaelHertzog: probably too limited in scope to be a good project).
Create a Python/GTK/QT app to manage Debian BTS: would queue actions and then send an e-mail to the BTS to commit changes, make it easier to browse bugs, cross-reference, tag/update/close, etc -- proposed multiple times (meaning what?)
(StefanoZacchiroli: this overlaps with the make reportbug enhancements point above. What about splitting the above one in two: (1) provide a gui for reportbug, (2) provide a web ui for reportbug? If, besides interfaces, more features for reportbug are requested they should be described separately as well)
(PhilippKern: Managing bugs is likely to be separate from reporting bugs, it's rather a superset. It may be however implemented in the same application. But then it should only expose the bug management features to end-users if they want it to. I already volunteered to take this one, if it would be a valid project request, in private to aba, as he's the creator of the bts2ldap gateway. Not reply yet, though.)
Create a user-friendly security-update notifier/installer (update-notifier/update-manager seems to be ok for this, no?)
Package and integrate [http://www.networkmultimedia.org NMM - Network Multimedia-Middleware]. As NMM becomes (one of) the new KDE 4 multimedia backends (see this [http://www.linuxtag.org/2006/de/besucher/programm/freies-vortragsprogramm/samstag.html?talkid=319 presentation at the Linuxtag2006]) this would be initial work to support KDEs new multimedia framework Phonon.(nmm provides already sarge package)
Package and integrate of [http://www.nomachine.com NX] and [http://freenx.berlios.de FreeNX]. See also [http://lists.alioth.debian.org/pipermail/pkg-nx-group/2006-April/000135.html this mail].
Help implement ["CDDT"] -- Custom Debian Distributions Toolkit. The toolkit is partially functional, but there are a lot of things to do, for the current status look at the following [http://lists.debian.org/debian-custom/2006/02/msg00074.html message].
Layered Subversion, [http://laysvn.alioth.debian.org/], which can be very useful to maintain the configuration files of an inhomogenous set of servers, needs to be rewritten for efficiency increases (working on single files is very slow with subversion because of locking, so the rewrite needs to plan ahead and then work on whole layers). Maybe this could be intergrated into svk, too, or even some functionality into upstream subversion itself. (ErichSchubert)
- Implement a GUI frontend for live-package/live-helper to build Debian Live systems (["daniel"])
TCOS: Thin Client Operating System [http://soleup.eup.uva.es/mediawiki/index.php/TCOS/en TCOS wiki] (need mentor)
Package and integrate of the German and French user administration tool [:DebianEdu/CipUX:CipUX] for Debian-Edu into Debian (need mentor)
Write a replacement for the webmin based user administration frontent [:DebianEdu/CAT:CAT] for Debian-Edu (need mentor)
Implement the idea of non-master language documentation and translation system: [http://wiki.skolelinux.de/ChunkCMS ChunkCMS] (need mentor)
- Continue work on ["netconf"]: implement configuration parsers, a policy subsystem, an interface for GUIs, new methods, write integration files for other packages ([wiki:madduck Martin Krafft]).
Implement [http://wiki.logfilter.org/index.cgi/logfilter logfilter], the logcheck replacement ([wiki:madduck Martin Krafft]).
Package and integrate [http://www.zimbra.org/ Zimbra] (["daniel"])
- Help integrate a coherent SELinux security policy into Etch, see ["SELinuxStatus"]
- Create various variants of the reference policy for specific audiences (server, single user, desktop)
- Create policy modules for specific packages, or contribute additions back to reference policy
SELinux: Automatically select policy modules for installed Debian packages (with dependency handling!), user UI for customizing this list (ErichSchubert)
Integrate disk encryption in Debian-Installer. LUKS framework seems to be the way to go (several passwords, changing password allowed, ...) Already in d-i
Develop a central translation coordination system (or enhance existing systems, such as [http://translate.sourceforge.net/ Pootle] or [http://sourceforge.net/projects/wordforge Wordforge] that would be used by translation teams to manage (coordinate), commit and review statistics for all the different l10n components in Debian, from program message translations to package description translations including the website, documentation, debconf notes, etc. For more information on the current state of affairs read [http://people.debian.org/~jfs/debconf6/html/ Internationalisation and localisation in Debian] (JavierFernandezSanguino)
Implement a highly reliable, BGP-based load-balancing DNS system for accessing Debian mirrors (cf [http://www.supersparrow.org/ Super Sparrow]). Requires ability to provide assurance that code is extremely robust (through careful testing and thorough testing), and ability to work with ISP and mirror admins (AnthonyTowns, ?JamesTroup, RyanMurray)
Expand the BitTorrent protocol/application to work effectively with large, constantly updating collections of files such as the Debian archive. Requires a good understanding of P2P protocol design, significant reimplementation of the BitTorrent code, and an ability to think through new protocols. (AnthonyTowns)
Create a DistributedAdminTool, as a webmin replacement, usable for whole networks and domains.
- Port debian-installer to hurd-i386
Port debian-installer to interesting devices, such as Network Attached Storage or other embedded devices. (MartinMichlmayr)
Mentors for other projects
- Martin Michlmayr (tbm) - projects related to QA
[wiki:madduck Martin Krafft] - projects related to [http://wiki.logcheck.org/index.cgi/logfilter logfilter] and ["netconf"].
more to follow
Some information on what being a good mentor entails can be found here http://primates.ximian.com/~federico/docs/summer-of-code-mentoring-howto/index.html
Infrastructure Provided to Students
As development must happen in the open, students of Debian projects will either receive access to existing source control repositories or setup an Alioth project. Alioth is a ?SourceForge like resource provided by Debian with access to Subversion/Arch/CVS repositories and services like bug tracking and mailing lists. The student is also expected to maintain a webpage or a wiki page to keep everyone updates about his status.