I am one Debian developer now, this is my the first time to archive one big goal in Open Source world. But DD is not final, just another start.
I have to admit I still have many things to learn on Debian, and I hope I can take on greater responsibilities in the next journey. Thanks for all people who help me on this process, thanks to my team and lab.
About ten years ago until 2022 Mar.
2022 Mar - 2023 Sep
2023 Sep - 2025 Jan
I have to learn some usage about lvm on linux, so this is my notice about this. But this is not complete.
sudo lvdisplay
[sudo] password for debian-buildd:
Sorry, try again.
[sudo] password for debian-buildd:
--- Logical volume ---
LV Path /dev/vg0/swap
LV Name swap
VG Name vg0
LV UUID hmY5Dt-S0GH-wxrN-fE9M-BwU9-bFMP-j2e05Z
LV Write Access read/write
LV Creation host, time unmatched05, 2022-08-10 21:43:43 +0800
LV Status available
# open 2
LV Size 100.00 GiB
Current LE 25600
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 254:0
--- Logical volume ---
LV Path /dev/vg0/srv
LV Name srv
VG Name vg0
LV UUID T8nIYl-WdwX-hfYr-Yg3N-FiD1-7M1j-R54cGN
LV Write Access read/write
LV Creation host, time unmatched05, 2022-08-10 21:43:43 +0800
LV Status available
# open 1
LV Size 40.00 GiB
Current LE 10240
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 254:1
This is to check lv (logical volume) for existing lv.
sudo vgdisplay
--- Volume group ---
VG Name vg0
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 2
Max PV 0
Cur PV 1
Act PV 1
VG Size 1.80 TiB
PE Size 4.00 MiB
Total PE 472163
Alloc PE / Size 35840 / 140.00 GiB
Free PE / Size 436323 / 1.66 TiB
VG UUID VCkz6D-Di19-Oh0a-GtaN-d9Th-sAqQ-ODNswr
This is vg (volume group) info. I think it can give you a picture of whole disk from lvm’s view.
From above info, you will get the information about lv with its path.
sudo lvextend -L +200G /dev/vg0/srv
Size of logical volume vg0/srv changed from 40.00 GiB (10240 extents) to 240.00 GiB (61440 extents).
Logical volume vg0/srv successfully resized.
The command is to extend lv with path.
debian-buildd@unmatched05:~$ sudo resize2fs /dev/vg0/srv
resize2fs 1.46.6-rc1 (12-Sep-2022)
Filesystem at /dev/vg0/srv is mounted on /srv; on-line resizing required
old_desc_blocks = 5, new_desc_blocks = 30
The filesystem on /dev/vg0/srv is now 62914560 (4k) blocks long.
Using resize2fs to resize fs.
Verity again:
debian-buildd@unmatched05:~$ df -h /srv
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg0-srv 236G 479M 226G 1% /srv
Now I have one package which needs systemd unit, so this is a basic wiki collected.
https://bunn.cc/2017/debian-packaging-with-systemd/ [not right]
[refer to here] https://askubuntu.com/questions/746094/how-to-package-a-systemd-service
[2] https://people.debian.org/~stapelberg/debconf13-making-your-package-work-with-systemd.pdf
[thinkfan] https://salsa.debian.org/debian/thinkfan/-/blob/debian/latest/debian/rules?ref_type=heads#L24
testing
To send the keys. You can refer to the wiki
TODO: The encryption for the password does not work now.
To config MAILER_SENDER with msmtp.
$ENV{'PERL_MAILERS'} = 'sendmail:/usr/bin/msmtp';
.caffrc:
vimer@debian:~$ cat ~/.caffrc
# .caffrc -- vim:ft=perl:
# This file is in perl(1) format - see caff(1) for details.
$CONFIG{'owner'} = 'xx';
$CONFIG{'email'} = 'xx@xx';
#$CONFIG{'reply-to'} = '[email protected]';
# You can get your long keyid from
# gpg --keyid-format long --list-key <yourkeyid|name|emailaddress..>
#
# If you have a v4 key, it will simply be the last 16 digits of
# your fingerprint.
#
# Example:
$CONFIG{'keyid'} = [ qw{12345678} ];
# or, if you have more than one key:
# $CONFIG{'keyid'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ];
#$CONFIG{'keyid'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ];
# Select this/these keys to sign with
#$CONFIG{'local-user'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ];
# Additionally encrypt messages for these keyids
#$CONFIG{'also-encrypt-to'} = [ qw{0123456789ABCDEF 89ABCDEF76543210} ];
$ENV{'PERL_MAILERS'} = 'sendmail:/usr/bin/msmtp';
#$CONFIG{'mail-cmd'} = [ 'mutt', '-e', "set from='$CONFIG{owner} <$CONFIG{email}>" pgp_autoencrypt'
# , '-s', "Your signed PGP key 0x$recipient{keyid}"
# , '-i', $recipient{'template-file'}
# , '-a', $recipient{'signature-file'}
# , '--'
# , $recipient{address} ]
# Mail template to use for the encrypted part
$CONFIG{'mail-template'} = << 'EOM';
Hi,
please find attached the user id{(scalar @uids >= 2 ? 's' : '')}
{foreach $uid (@uids) {
$OUT .= "\t".$uid."\n";
};}of your key {$key} signed by me.
If you have multiple user ids, I sent the signature for each user id
separately to that user id's associated email address. You can import
the signatures by running each through `gpg --import`.
Note that I did not upload your key to any keyservers. If you want this
new signature to be available to others, please upload it yourself.
With GnuPG this can be done using
gpg --keyserver hkp://pool.sks-keyservers.net --send-key {$key}
If you have any questions, don't hesitate to ask.
Regards,
--
{$owner}
EOM
See the detail
Source: commons-daemon
Version: 1.0.15-8
Severity: normal
Tags: ftbfs patch
User: [email protected]
Usertags: riscv64
X-Debbugs-Cc: [email protected]
see #1010381
Source: ironseed
Version: 0.4.0-5
Severity: important
User: [email protected]
Usertags: flaky
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:libsdl2
See #1077847
官方wiki
没想到 debian 的backports有这么多的内容, 暂时先记录在这里:
https://backports.debian.org/changes/
具体的用法是:
https://wiki.debian.org/Backports
See here
go-jose 是我维护的一个简单的golang包,然后在2025 年初的时候, 上游被报一个 CVE issue, 按照正常流程, maintainer 需要先把新版本引入到 sid/unstable 然后进入到 testing. 等到 testing 更新后最后需要 backports.
...
Backporting a package is very similar to preparing a package for
upload to unstable. There are only a few differences:
* You can only backport the version of a package that is in testing.
This ensures a clean upgrade path to the next version of Debian.
* The distribution in the changelog should be "<release>-backports",
ie "bookworm-backports", instead of unstable.
* Make only minimal changes to the package and don't worry too much
about lintian errors or warnings.
* Be sure to build in a schroot/container/VM that matches the
backport distribution you are targeting. This is especially important
if the package compiles any code that might link to or depend on newer
versions of libraries that have been updated in testing.
My general workflow for backporting a package consists of the
following steps:
* Clone out the repo from salsa
* Checkout out or create a "debian/bookworm-backports" branch from
the main development branch
* Modify debian/gbp.conf to point to the new branch
* Run `dch --bpo` which will automatically create the appropriate
changelog entry for you
* Build and test the package to make sure everything works as
expected
* Upload the package to the archive, create a tag for the release and
push changes up to salsa
As a Debian Maintainer, you can be granted permissions to upload
backported versions of a package, but just like unstable a Debian
Developer must perform the first upload of the backported package.
Also, if you haven't seen there's a nice page with further
information about performing backports at
https://backports.debian.org/Contribute/.
# thanks to: gibmat from Debian
基本上 gibmat 的流程就是一个标准的流程, 但是被卡在了 build 了。
在我的想法中, 依旧可以使用sbuild-createchroot here 创建 stable-backports 的 chroot.
sudo sbuild-createchroot --chroot-prefix=bookworm-backports
--extra-repository='deb http://deb.debian.org/debian
bookworm-backports main' --include=eatmydata,ccache bookworm
/srv/chroot/bookworm-backports-amd64-sbuild
http://ftp.fr.debian.org/debian
但是:
...
The following packages have unmet dependencies:
sbuild-build-depends-main-dummy : Depends: golang-any (>= 2:1.21~)
but 2:1.19~1 is to be installed
E: Unable to correct problems, you have held broken packages.
apt-get failed.
E: Package installation failed
Not removing build depends:
cloned chroot in use
...
From introduction, there is only pbuilder or cowbuilder support stable-backports.
gbp buildpackage --git-upstream-tree=upstream --git-upstream-branch=upstream --git-sign-tags --git-builder=sbuild -d bookworm-backports -c bookworm-backports-amd64-sbuild --no-clean-source --source --git-debian-branch=debian/main --git-export-dir=../build-area/ --git-ignore-new --verbose
注意: -d bookworm-backports 必须使用, 否则会报:
golang-github-go-jose-go-jose changes: lintian output: 'distribution-and-changes-mismatch unstable bookworm-backports', automatically rejected package.
然后使用 pbuilder 验证即可:
sudo DIST=bookworm gbp buildpackage --git-upstream-tree=upstream --git-upstream-branch=upstream --git-builder=pbuilder build --git-pbuilder-options="--basetgz=/var/cache/pbuilder/base.tgz" ../build-area/golang-github-go-jose-go-jose_4.0.5-1~bpo12+1.dsc
然后产生附带 *.changes文件的build后的文件。再正常上传即可。
备注: 必须确保 stable-backports 的依赖都满足。