Source: dgit Version: 9.10 Severity: serious User: debian...@lists.debian.org Usertags: needs-update Affects: rsync
Hi. Hello in particular to the rsync maintainers. src:dgit contains a wrapper script which is intended for use in an ssh restricted command invoked by rsync, as part of a mirroring setup. Unfortunately there didn't seem to be better way of doing this than having the wrapper script know what arguments the invoking rsync likes to pass through ssh, and check that they are expected: https://browse.dgit.debian.org/dgit.git/tree/infra/dgit-mirror-ssh-wrap This means that when rsync changes, this script breaks. Most recently (c&p from ci.debian.net logs): unexpected command rsync --server -lHtre.iLsfxCIv --timeout=900 --delete --safe-links . /tmp/autopkgtest-lxc.osslg7ck/downtmp/autopkgtest_tmp/git-mirror/example.git It was expecting something that matched this perl regexp: m{^rsync --server -lHtre\.iLsfxC --timeout=\d+ --delete --safe-links \. $d$} This situation is currently blocking migration of the new rsync (as is to be expected, given that this wrapper is covered by the src:dgit's autopkgtests). This whole situation is not very good but it seemed the least bad option to me. If the rsync maintainers have better suggestions I'm all ears! (Whatever better solution is adopted would have to be reviewed by DSA since it is part of the defence of a DSA-managed machine.) But for now, I am going to add this new set of options to the script as a permitted pattern. I hope to make that upload today and that should minimise the delay to rsync's migration. Sorry for the inconvenience. I have filed this bug as RC against dgit because that seems appropriate under the circumstances. I doubt this will have any practical effect because it is easy to fix and we (the dgit maintainers) will fix it promptly. But it seems the proper conduct to me. Regards, Ian. -- Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own. Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
