Package: reprepro Version: 3.5.2-6 Severity: normal Emdebian has a need for a truly stable distribution - where nothing I do in the other distributions can modify the Release file for dists/stable and each binary-* directory in each component of stable unless *specifically* re-enabled. This is so that these Release files can be signed by the Debian Release Team and updates for Emdebian Grip stable are completely tied to the Debian updates for stable.
(This closes a security gap when installing Emdebian Grip using the Debian Installer images. Any modification of the Release files loses the Release Team signature on the Release file(s) and exposes users to the security gap once more.) I think I can work around this issue, for now, but with a fair bit of unnecessary duplication and various symlinks. I'm thinking of an option in conf/distributions that says: StableIsFrozen: true or similar - that prohibits any alteration of anything in the distribution described by that stanza, until that line is removed. No overrides on the command line, no --ignore option, no option but commenting out that line which, hopefully, makes it clear that the change is only made when a new stable release is being prepared. Once frozen, reprepro would allow no reprepro operation that could possibly invalidate any existing signature on the Release file(s) - including not changing the timestamp on the Release file(s) by reprepro. 'include*' and 'delete' would be impossible for stable, 'update' would be disabled, 'pull' as well, even --export=force would ignore stable (and probably complain noisily that stable is frozen and cannot be forced). This should not be permissions based because the repository still needs to be maintained by a team. Yet reprepro should still be able to query stable using 'list stable' and should still use the same pool/, conf/ and db/ directories to avoid data duplication. Is this achievable? -- System Information: Debian Release: 5.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages reprepro depends on: ii libarchive1 2.4.17-2 Single library to read/write tar, ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co ii libc6 2.7-18 GNU C Library: Shared libraries ii libdb4.6 4.6.21-13 Berkeley v4.6 Database Libraries [ ii libgpg-error0 1.4-2 library for common error values an ii libgpgme11 1.1.8-2 GPGME - GnuPG Made Easy ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages reprepro recommends: ii apt 0.7.20.2 Advanced front-end for dpkg Versions of packages reprepro suggests: ii gnupg-agent 2.0.9-3.1 GNU privacy guard - password agent pn inoticoming <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
