Debian Quality Assurance

debian-edu-config (2.10.67) [PTS] [DDPO]

OK: VCS matches the version in the archive

• Git: https://salsa.debian.org/debian-edu/debian-edu-config
• 
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: master
• Path: debian/changelog
• Browser: https://salsa.debian.org/debian-edu/debian-edu-config
• Last scan: 2019-08-16 21:56:48+00
• Next scan: 2019-08-23 22:31:00+00
• Debian changelog in Git:

  debian-edu-config (2.10.67) unstable; urgency=medium
  
    [ Wolfgang Schweer ]
    * Adjust debian/debian-edu-config.fetch-ldap-cert. (Closes: #934380)
      - Use independent conditions to make sure that the LDAP server certificate
        is only downloaded once for both host and LTSP chroot.
      - Add code to validate the LDAP server certificate in case the Debian Edu
        RootCA certificate is available for download.
  
    [ Mike Gabriel ]
    * Code review debian-edu-config.fetch-ldap-cert:
      - White-space-only change: Fix broken and inconsistent indentations.
      - Fully inline-document fetch-ldap-cert script.
      - Add "-f" option to all curl calls that don't have it set so far.
        This assures that curl bails out with a non-zero exit code, if anything
        goes wrong while retrieving certificate files.
      - Also report a successful certificate verification if we verified the
        LDAP server certificate using the Debian Edu RootCA.
      - Really check that the LDAP server uses a certificate issued by the
        "Debian Edu RootCA", not just by (some) "RootCA".
      - Add 2x FIXME about BUNDLECRT file removal from host and from LTSP chroots.
      - LTSP chroot certificate copying: only log those actions, if they are
        actually about to happen..
      - Silence curl stderr and gnutls-cli stdout+stderr.
      - Certificate retrieval: Fix upgrade path for RootCA deployment. Re-run
        CERTFILE (and ROOTCACRT retrieval) until we have both on the client.
        This will lead to repetitive downloads of the CERTFILE on system boot.
        To get rid of this, people must upgrade their TJENERs from Debian Edu
        10.0 to 10.1. Then it will stop. This hack is necessary to assure
        distribution of the RootCA to all clients that don't have it, yet.
      - Detach dependency of ROOTCACRT chroot copying and BUNDLECRT chroot
        copying from chroot copying of the CERTFILE. The chroot may have the
        CERTFILE, but not the ROOTCACRT, yet. This assures a smooth upgrade
        path from Debian Edu 10.0 to Debian Edu 10.1.
      - Do a simple validity check if a directory under /opt/ltsp really is
        a chroot (and e.g. not the SquashFS images' directory).
  
   -- Holger Levsen <holger@debian.org>  Thu, 15 Aug 2019 16:20:50 +0200

• This branch is even with tag 2.10.67

Package: [Main page]

---

Back to the Debian Project homepage.

---