SlideShare a Scribd company logo

Distro Recipes 2013 : Debian and quality assurance

Anne Nicolas
Anne Nicolas

The document discusses Debian's quality assurance processes. It describes how Debian is known for its long release cycles and high quality. It then outlines several factors that contribute to Debian's quality, including its release-when-ready culture, package ownership model, and focus on fixing release-critical bugs. The remainder of the document details Debian's quality assurance team and their tasks, such as performing archive-wide checks, rebuilds, and static analysis to find bugs. It also discusses the infrastructure developed to support these quality assurance activities.

1 of 39
Download to read offline
Debian Quality Assurance Lucas Nussbaum lucas@debian.org lucas@debian.org Debian Quality Assurance 1 / 31
Me Assistant professor (Maître de conférences) at Univ. de Lorraine Teach Free Software in a system administration curriculum (Licence Professionnelle Administration Système, Réseaux et Applications à base de Logiciel Libre) Debian involvement: Collaboration between Debian and Ubuntu Ruby packaging Archive rebuilds Ultimate Debian Database lucas@debian.org Debian Quality Assurance 2 / 31
Debian Well known and respected for: lucas@debian.org Debian Quality Assurance 3 / 31
Debian Well known and respected for: Its long and bumpy release cycles lucas@debian.org Debian Quality Assurance 3 / 31
Debian Well known and respected for: Its long and bumpy release cycles Its quality But it was not a given: > 1000 Debian Developers Mostly volunteers, with their own agendas > 2000 Package maintainers 18117 software packages Some very popular packages A lot of niche packages lucas@debian.org Debian Quality Assurance 3 / 31
Quality factors lucas@debian.org Debian Quality Assurance 4 / 31
Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this lucas@debian.org Debian Quality Assurance 4 / 31
Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages lucas@debian.org Debian Quality Assurance 4 / 31
Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages Release Critical (RC) bugs Prevent packages from being part of a release Everybody is welcomed to fix them Non-Maintainer Uploads lucas@debian.org Debian Quality Assurance 4 / 31
Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages Release Critical (RC) bugs Prevent packages from being part of a release Everybody is welcomed to fix them Non-Maintainer Uploads Debian Quality Assurance team lucas@debian.org Debian Quality Assurance 4 / 31
Debian QA team Goal: Improve the quality of Debian as a whole Not really a team (no strict membership), more like a central place to discuss and work on QA IRC: #debian-qa@irc.debian.org Mailing list: debian-qa@lists.debian.org lucas@debian.org Debian Quality Assurance 5 / 31
Debian QA team: Tasks Run archive-wide checks and mass bug filings Maintain QA infrastructure Take care of the dirty areas of Debian lucas@debian.org Debian Quality Assurance 6 / 31
Archive-wide checks and Mass bug filings lucas@debian.org Debian Quality Assurance 7 / 31
Archive-wide checks and MBF Developers are volunteers: Focus on interesting things Manual testing is boring → not done Need automated tests Other advantage: treats all packages equally Niche packages are very important to some users lucas@debian.org Debian Quality Assurance 8 / 31
Archive rebuilds Rebuild all packages from source 7 hours on 40 build nodes (using Amazon EC2) Detect packages that Fail To Build From Source (FTBFS) Bugs in packages Toolchain bugs Failures caused by changes in other packages Ran every 2-3 weeks Scripts to analyze failures and file bugs semi-automatically (about 200 bugs filed per hour) Also used for test rebuilds with new compilers, linkers, . . . → Valuable information for upstream lucas@debian.org Debian Quality Assurance 9 / 31
Debcheck Check (statically) that dependencies can be satisfied Not trivial: versioned dependencies, alternate depends, conflicts 2 versions: "Simple one", in PHP http://qa.debian.org/debcheck.php Better one: edos-debcheck (EDOS project) Can also work with RPMs http://edos.debian.net/ lucas@debian.org Debian Quality Assurance 10 / 31
Piuparts Testing package installation, upgrade and removal Find bugs in maintainer scripts (Shell) scripts executed during package installation/removal Developers don’t run it on their systems → Archive-wide setup http://piuparts.debian.org lucas@debian.org Debian Quality Assurance 11 / 31
Lintian Static analysis of packages Usually run locally by the developer, before uploading Archive-wide setup for continuous testing Packages now rejected at upload time for some errors Some example findings: Use of deprecated packaging features Common packaging mistakes Embedded copies of libraries Spelling errors in binaries usefull visiters treshold targetted superseeded dependancies splitted maintainance explicitely equiped informations mispelled http://lintian.debian.org lucas@debian.org Debian Quality Assurance 12 / 31
DEHS - Debian External Health Status Monitor upstream version of packages Detect when the Debian package is outdated HTML scraping + regular expressions Configured in debian/watch lucas@debian.org Debian Quality Assurance 13 / 31
And more . . . Scan build logs for dangerous warnings Track security issues Track popularity of packages ... lucas@debian.org Debian Quality Assurance 14 / 31
Maintaining infrastructure lucas@debian.org Debian Quality Assurance 15 / 31
Infrastructure: mitigating the data hell Debian: aggregation of loosely-connected services No Launchpad! Everyone can start their own service Data everywhere A dozen of places to get interesting data Tools required to gather data in a central place and expose it to the maintainers lucas@debian.org Debian Quality Assurance 16 / 31
Package Tracking System (PTS) Source package-centric view http://packages.qa.debian.org/package lucas@debian.org Debian Quality Assurance 17 / 31
Developer Packages Overview (DDPO) Developer-centric view http://qa.debian.org/developer.php lucas@debian.org Debian Quality Assurance 18 / 31
Ultimate Debian Database (UDD) Gather everything into a single SQL DB Perfect tool for data-mining Debian Currently imported in UDD: Debian Sources and Packages, bugs, popcon, testing migrations, upload history, orphaned packages, carnivore, lintian, debtags, translations, NEW queue, screenshots, DEHS, ldap, wanna-build, removals, Ubuntu Sources and Packages, Ubuntu bugs, Ubuntu popcon Possible questions you can answer with UDD: RC buggy packages in testing, sorted by popcon? Packages for which the last 4 uploads were NMUs? Packages not maintained by official DDs? http://udd.debian.org/ lucas@debian.org Debian Quality Assurance 19 / 31
Some UDD queries Packages with the highest number of different lintian errors or warnings select package, count(distinct tag) as cnt from lintian where tag_type in(’error’,’warning’) group by package order by cnt desc limit 15; lucas@debian.org Debian Quality Assurance 20 / 31
Some UDD queries Packages with the highest number of different lintian errors or warnings select package, count(distinct tag) as cnt from lintian where tag_type in(’error’,’warning’) group by package order by cnt desc limit 15; package count tsocks 18 pygopherd 18 cyclades-serial-client 17 muddleftpd 17 elib 17 lucas@debian.org Debian Quality Assurance 20 / 31
Some UDD queries Who uploaded wheezy’s packages? select changed_by, count(*) from sources s, upload_history uh where s.source = uh.source and s.version = uh.version and s.distribution=’debian’ and s.release = ’wheezy’ group by changed_by order by count desc limit 8; lucas@debian.org Debian Quality Assurance 21 / 31
Some UDD queries Who uploaded wheezy’s packages? select changed_by, count(*) from sources s, upload_history uh where s.source = uh.source and s.version = uh.version and s.distribution=’debian’ and s.release = ’wheezy’ group by changed_by order by count desc limit 8; changed_by count gregor herrmann <gregoa@debian.org> 790 Joachim Breitner <nomeata@debian.org> 237 Christian Perrier <bubulle@debian.org> 229 Alessio Treglia <alessio@debian.org> 222 Salvatore Bonaccorso <carnil@debian.org> 207 Clint Adams <clint@debian.org> 206 Jonas Smedegaard <dr@jones.dk> 195 lucas@debian.org Debian Quality Assurance 21 / 31
Taking care of the dirty areas of Debian lucas@debian.org Debian Quality Assurance 22 / 31
Taking care of the dirty areas of Debian Two complementary approaches: Focus on packages neglected by their maintainers Focus on maintainers neglecting their packages lucas@debian.org Debian Quality Assurance 23 / 31
Neglected packages Already orphaned: Do minimalistic maintenance Problem: > 700 orphaned packages Not (yet) orphaned: Find them, orphan or remove them Goal: Put maintenance in the hands of people with time lucas@debian.org Debian Quality Assurance 24 / 31
Bapase: finding neglected packages Multi-criteria search for neglected packages Based on Ultimate Debian Database http://udd.debian.org/bapase.cgi lucas@debian.org Debian Quality Assurance 25 / 31
Inactive maintainers Missing In Action (MIA) team Find them, track them, orphan their packages Mostly based on reporting by users or fellow developers Echelon: records activity of DDs ; Carnivore: tracks identities Collaboration with the Account Managers: possible removal of their account (Unused accounts → possible security problems) lucas@debian.org Debian Quality Assurance 26 / 31
Open challenges: following Debian evolutions lucas@debian.org Debian Quality Assurance 27 / 31
Co-maintenance lucas@debian.org Debian Quality Assurance 28 / 31
Use of VCSes lucas@debian.org Debian Quality Assurance 29 / 31
Following Debian evolutions Need to improve QA infrastructure Team-aware VCS-aware Abstraction layer? If I’ve learned anything, it’s that OSS projects can’t make a choice. And when you can’t make a choice, what do you do? You support all options! Yay! How do we support all options? An abstraction layer! Yay! Abstraction layers are fun to write! Yay! – – Linux Hater’s Blog Standard workflows? Keep track of sponsorship requests http://mentors.debian.org + sponsorship-requests Track state of packages in VCS Partial solution: PET (http://pet.debian.net/) lucas@debian.org Debian Quality Assurance 30 / 31
Conclusions Debian: A large-scale volunteer-based distribution A continuous effort to organize development and improve quality lucas@debian.org Debian Quality Assurance 31 / 31

Recommended

Distro Recipes 2013 : Make Debian and compiler agnostic
Distro Recipes 2013 : Make Debian and compiler agnostic Distro Recipes 2013 : Make Debian and compiler agnostic
Distro Recipes 2013 : Make Debian and compiler agnostic
Anne Nicolas
 
Distro Recipes 2013 : Upstream management and consequences on the distributi...
Distro Recipes 2013 : Upstream management and consequences on the distributi...Distro Recipes 2013 : Upstream management and consequences on the distributi...
Distro Recipes 2013 : Upstream management and consequences on the distributi...
Anne Nicolas
 
Kernel Recipes 2013 - Kernel for your device
Kernel Recipes 2013 - Kernel for your deviceKernel Recipes 2013 - Kernel for your device
Kernel Recipes 2013 - Kernel for your device
Anne Nicolas
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux Distro
All Things Open
 
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwaveKernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Anne Nicolas
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Jérôme Petazzoni
 
Techtalks: taking docker to production
Techtalks: taking docker to productionTechtalks: taking docker to production
Techtalks: taking docker to production
muayyad alsadi
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and security
Jérôme Petazzoni
 

Recommended

Distro Recipes 2013 : Make Debian and compiler agnostic
Distro Recipes 2013 : Make Debian and compiler agnostic Distro Recipes 2013 : Make Debian and compiler agnostic
Distro Recipes 2013 : Make Debian and compiler agnostic
Anne Nicolas
 
Distro Recipes 2013 : Upstream management and consequences on the distributi...
Distro Recipes 2013 : Upstream management and consequences on the distributi...Distro Recipes 2013 : Upstream management and consequences on the distributi...
Distro Recipes 2013 : Upstream management and consequences on the distributi...
Anne Nicolas
 
Kernel Recipes 2013 - Kernel for your device
Kernel Recipes 2013 - Kernel for your deviceKernel Recipes 2013 - Kernel for your device
Kernel Recipes 2013 - Kernel for your device
Anne Nicolas
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux Distro
All Things Open
 
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwaveKernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Kernel Recipes 2013 - Viewing real time ltt trace using gtkwave
Anne Nicolas
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Jérôme Petazzoni
 
Techtalks: taking docker to production
Techtalks: taking docker to productionTechtalks: taking docker to production
Techtalks: taking docker to production
muayyad alsadi
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and security
Jérôme Petazzoni
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
Jérôme Petazzoni
 
App container rkt
App container rktApp container rkt
App container rkt
Xiaofeng Guo
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
dotCloud
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
Imesh Gunaratne
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
Fast boot
Fast bootFast boot
Fast boot
SZ Lin
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302
Boden Russell
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
Docker, Inc.
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Phil Estes
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-toMacpaul Lin
 
Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)
Boden Russell
 
How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016
Phil Estes
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
Sim Janghoon
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
Joe Brockmeier
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Jérôme Petazzoni
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
Dobrica Pavlinušić
 
Distributed Compiler Icecc
Distributed Compiler IceccDistributed Compiler Icecc
Distributed Compiler Icecc
SZ Lin
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Boden Russell
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container Platform
All Things Open
 
Automotive Grade Linux and systemd
Automotive Grade Linux and systemdAutomotive Grade Linux and systemd
Automotive Grade Linux and systemd
Alison Chaiken
 
The Gory Details of Debian packages
The Gory Details of Debian packagesThe Gory Details of Debian packages
The Gory Details of Debian packages
Jeremiah Foster
 
Advanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging SystemAdvanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging System
Adam Gonnerman
 

More Related Content

What's hot

Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
Jérôme Petazzoni
 
App container rkt
App container rktApp container rkt
App container rkt
Xiaofeng Guo
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
dotCloud
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
Imesh Gunaratne
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
Fast boot
Fast bootFast boot
Fast boot
SZ Lin
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302
Boden Russell
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
Docker, Inc.
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Phil Estes
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-toMacpaul Lin
 
Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)
Boden Russell
 
How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016
Phil Estes
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
Sim Janghoon
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
Joe Brockmeier
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Jérôme Petazzoni
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
Dobrica Pavlinušić
 
Distributed Compiler Icecc
Distributed Compiler IceccDistributed Compiler Icecc
Distributed Compiler Icecc
SZ Lin
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Boden Russell
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container Platform
All Things Open
 
Automotive Grade Linux and systemd
Automotive Grade Linux and systemdAutomotive Grade Linux and systemd
Automotive Grade Linux and systemd
Alison Chaiken
 

What's hot (20)

Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
 
App container rkt
App container rktApp container rkt
App container rkt
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
 
Fast boot
Fast bootFast boot
Fast boot
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-to
 
Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)
 
How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
 
Thinking inside the box (shared)
Thinking inside the box (shared)Thinking inside the box (shared)
Thinking inside the box (shared)
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Distributed Compiler Icecc
Distributed Compiler IceccDistributed Compiler Icecc
Distributed Compiler Icecc
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container Platform
 
Automotive Grade Linux and systemd
Automotive Grade Linux and systemdAutomotive Grade Linux and systemd
Automotive Grade Linux and systemd
 

Similar to Distro Recipes 2013 : Debian and quality assurance

The Gory Details of Debian packages
The Gory Details of Debian packagesThe Gory Details of Debian packages
The Gory Details of Debian packages
Jeremiah Foster
 
Advanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging SystemAdvanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging System
Adam Gonnerman
 
Debian Packaging tutorial
Debian Packaging tutorialDebian Packaging tutorial
Debian Packaging tutorial
nussbauml
 
The Ultimate Debian Database
The Ultimate Debian DatabaseThe Ultimate Debian Database
The Ultimate Debian Database
Israel Herraiz
 
How to Build Package in Linux Based Systems.
How to Build Package in Linux Based Systems.How to Build Package in Linux Based Systems.
How to Build Package in Linux Based Systems.
İbrahim UÇAR
 
Moeller Debian Bosc2009
Moeller Debian Bosc2009Moeller Debian Bosc2009
Moeller Debian Bosc2009bosc
 
Distributions and package management in the containers era
Distributions and package management in the containers eraDistributions and package management in the containers era
Distributions and package management in the containers era
nussbauml
 
Linuxconcepts
LinuxconceptsLinuxconcepts
Linuxconcepts
Santosh Khadsare
 
Evolution of Technical Lag in DockerHub images - Benevol20
Evolution of Technical Lag in DockerHub images - Benevol20Evolution of Technical Lag in DockerHub images - Benevol20
Evolution of Technical Lag in DockerHub images - Benevol20
Ahmed Zerouali
 
Kernel maintainance in Linux distributions: Debian
Kernel maintainance in Linux distributions: DebianKernel maintainance in Linux distributions: Debian
Kernel maintainance in Linux distributions: DebianAnne Nicolas
 
FOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
FOSDEM2021: MariaDB post-release quality assurance in Debian and UbuntuFOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
FOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
Otto Kekäläinen
 
Effectively using Open Source with conda
Effectively using Open Source with condaEffectively using Open Source with conda
Effectively using Open Source with conda
Travis Oliphant
 
S.zacchiroli 20121205-fossa
S.zacchiroli 20121205-fossaS.zacchiroli 20121205-fossa
S.zacchiroli 20121205-fossahere_and_there
 
MariaDB quality assurance in Debian and Ubuntu
MariaDB quality assurance in Debian and UbuntuMariaDB quality assurance in Debian and Ubuntu
MariaDB quality assurance in Debian and Ubuntu
Otto Kekäläinen
 
Continuous Delivery With Containers
Continuous Delivery With ContainersContinuous Delivery With Containers
Continuous Delivery With Containers
All Things Open
 
How to build Debian packages
How to build Debian packages How to build Debian packages
How to build Debian packages
Priyank Kapadia
 
Debian general presentation
Debian general presentationDebian general presentation
Debian general presentationDing Zhou
 
"MagicBox" 16 - Codename Horn
"MagicBox" 16 - Codename Horn"MagicBox" 16 - Codename Horn
"MagicBox" 16 - Codename Horn
Flávio Moringa
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
Docker, Inc.
 
oS KDE Repos & MM
oS KDE Repos & MMoS KDE Repos & MM
oS KDE Repos & MM
SUSE Labs Taipei
 

Similar to Distro Recipes 2013 : Debian and quality assurance (20)

The Gory Details of Debian packages
The Gory Details of Debian packagesThe Gory Details of Debian packages
The Gory Details of Debian packages
 
Advanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging SystemAdvanced Usage of the Debian Packaging System
Advanced Usage of the Debian Packaging System
 
Debian Packaging tutorial
Debian Packaging tutorialDebian Packaging tutorial
Debian Packaging tutorial
 
The Ultimate Debian Database
The Ultimate Debian DatabaseThe Ultimate Debian Database
The Ultimate Debian Database
 
How to Build Package in Linux Based Systems.
How to Build Package in Linux Based Systems.How to Build Package in Linux Based Systems.
How to Build Package in Linux Based Systems.
 
Moeller Debian Bosc2009
Moeller Debian Bosc2009Moeller Debian Bosc2009
Moeller Debian Bosc2009
 
Distributions and package management in the containers era
Distributions and package management in the containers eraDistributions and package management in the containers era
Distributions and package management in the containers era
 
Linuxconcepts
LinuxconceptsLinuxconcepts
Linuxconcepts
 
Evolution of Technical Lag in DockerHub images - Benevol20
Evolution of Technical Lag in DockerHub images - Benevol20Evolution of Technical Lag in DockerHub images - Benevol20
Evolution of Technical Lag in DockerHub images - Benevol20
 
Kernel maintainance in Linux distributions: Debian
Kernel maintainance in Linux distributions: DebianKernel maintainance in Linux distributions: Debian
Kernel maintainance in Linux distributions: Debian
 
FOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
FOSDEM2021: MariaDB post-release quality assurance in Debian and UbuntuFOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
FOSDEM2021: MariaDB post-release quality assurance in Debian and Ubuntu
 
Effectively using Open Source with conda
Effectively using Open Source with condaEffectively using Open Source with conda
Effectively using Open Source with conda
 
S.zacchiroli 20121205-fossa
S.zacchiroli 20121205-fossaS.zacchiroli 20121205-fossa
S.zacchiroli 20121205-fossa
 
MariaDB quality assurance in Debian and Ubuntu
MariaDB quality assurance in Debian and UbuntuMariaDB quality assurance in Debian and Ubuntu
MariaDB quality assurance in Debian and Ubuntu
 
Continuous Delivery With Containers
Continuous Delivery With ContainersContinuous Delivery With Containers
Continuous Delivery With Containers
 
How to build Debian packages
How to build Debian packages How to build Debian packages
How to build Debian packages
 
Debian general presentation
Debian general presentationDebian general presentation
Debian general presentation
 
"MagicBox" 16 - Codename Horn
"MagicBox" 16 - Codename Horn"MagicBox" 16 - Codename Horn
"MagicBox" 16 - Codename Horn
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
 
oS KDE Repos & MM
oS KDE Repos & MMoS KDE Repos & MM
oS KDE Repos & MM
 

More from Anne Nicolas

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream first
Anne Nicolas
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Anne Nicolas
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Anne Nicolas
 
Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are money
Anne Nicolas
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Anne Nicolas
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Anne Nicolas
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Anne Nicolas
 
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Anne Nicolas
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Anne Nicolas
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less special
Anne Nicolas
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Anne Nicolas
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Anne Nicolas
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops way
Anne Nicolas
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmaker
Anne Nicolas
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integration
Anne Nicolas
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
Anne Nicolas
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Anne Nicolas
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Anne Nicolas
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDP
Anne Nicolas
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Anne Nicolas
 

More from Anne Nicolas (20)

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream first
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
 
Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are money
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and future
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
 
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less special
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops way
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmaker
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integration
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDP
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
 

Recently uploaded

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 

Recently uploaded (20)

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 

Distro Recipes 2013 : Debian and quality assurance

  • 1. Debian Quality Assurance Lucas Nussbaum lucas@debian.org lucas@debian.org Debian Quality Assurance 1 / 31
  • 2. Me Assistant professor (Maître de conférences) at Univ. de Lorraine Teach Free Software in a system administration curriculum (Licence Professionnelle Administration Système, Réseaux et Applications à base de Logiciel Libre) Debian involvement: Collaboration between Debian and Ubuntu Ruby packaging Archive rebuilds Ultimate Debian Database lucas@debian.org Debian Quality Assurance 2 / 31
  • 3. Debian Well known and respected for: lucas@debian.org Debian Quality Assurance 3 / 31
  • 4. Debian Well known and respected for: Its long and bumpy release cycles lucas@debian.org Debian Quality Assurance 3 / 31
  • 5. Debian Well known and respected for: Its long and bumpy release cycles Its quality But it was not a given: > 1000 Debian Developers Mostly volunteers, with their own agendas > 2000 Package maintainers 18117 software packages Some very popular packages A lot of niche packages lucas@debian.org Debian Quality Assurance 3 / 31
  • 6. Quality factors lucas@debian.org Debian Quality Assurance 4 / 31
  • 7. Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this lucas@debian.org Debian Quality Assurance 4 / 31
  • 8. Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages lucas@debian.org Debian Quality Assurance 4 / 31
  • 9. Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages Release Critical (RC) bugs Prevent packages from being part of a release Everybody is welcomed to fix them Non-Maintainer Uploads lucas@debian.org Debian Quality Assurance 4 / 31
  • 10. Quality factors Culture: "We release when it’s ready " Many DDs won’t compromise on this Packages ownership: individuals or small teams Many of the maintainers are experts of their packages Release Critical (RC) bugs Prevent packages from being part of a release Everybody is welcomed to fix them Non-Maintainer Uploads Debian Quality Assurance team lucas@debian.org Debian Quality Assurance 4 / 31
  • 11. Debian QA team Goal: Improve the quality of Debian as a whole Not really a team (no strict membership), more like a central place to discuss and work on QA IRC: #debian-qa@irc.debian.org Mailing list: debian-qa@lists.debian.org lucas@debian.org Debian Quality Assurance 5 / 31
  • 12. Debian QA team: Tasks Run archive-wide checks and mass bug filings Maintain QA infrastructure Take care of the dirty areas of Debian lucas@debian.org Debian Quality Assurance 6 / 31
  • 13. Archive-wide checks and Mass bug filings lucas@debian.org Debian Quality Assurance 7 / 31
  • 14. Archive-wide checks and MBF Developers are volunteers: Focus on interesting things Manual testing is boring → not done Need automated tests Other advantage: treats all packages equally Niche packages are very important to some users lucas@debian.org Debian Quality Assurance 8 / 31
  • 15. Archive rebuilds Rebuild all packages from source 7 hours on 40 build nodes (using Amazon EC2) Detect packages that Fail To Build From Source (FTBFS) Bugs in packages Toolchain bugs Failures caused by changes in other packages Ran every 2-3 weeks Scripts to analyze failures and file bugs semi-automatically (about 200 bugs filed per hour) Also used for test rebuilds with new compilers, linkers, . . . → Valuable information for upstream lucas@debian.org Debian Quality Assurance 9 / 31
  • 16. Debcheck Check (statically) that dependencies can be satisfied Not trivial: versioned dependencies, alternate depends, conflicts 2 versions: "Simple one", in PHP http://qa.debian.org/debcheck.php Better one: edos-debcheck (EDOS project) Can also work with RPMs http://edos.debian.net/ lucas@debian.org Debian Quality Assurance 10 / 31
  • 17. Piuparts Testing package installation, upgrade and removal Find bugs in maintainer scripts (Shell) scripts executed during package installation/removal Developers don’t run it on their systems → Archive-wide setup http://piuparts.debian.org lucas@debian.org Debian Quality Assurance 11 / 31
  • 18. Lintian Static analysis of packages Usually run locally by the developer, before uploading Archive-wide setup for continuous testing Packages now rejected at upload time for some errors Some example findings: Use of deprecated packaging features Common packaging mistakes Embedded copies of libraries Spelling errors in binaries usefull visiters treshold targetted superseeded dependancies splitted maintainance explicitely equiped informations mispelled http://lintian.debian.org lucas@debian.org Debian Quality Assurance 12 / 31
  • 19. DEHS - Debian External Health Status Monitor upstream version of packages Detect when the Debian package is outdated HTML scraping + regular expressions Configured in debian/watch lucas@debian.org Debian Quality Assurance 13 / 31
  • 20. And more . . . Scan build logs for dangerous warnings Track security issues Track popularity of packages ... lucas@debian.org Debian Quality Assurance 14 / 31
  • 21. Maintaining infrastructure lucas@debian.org Debian Quality Assurance 15 / 31
  • 22. Infrastructure: mitigating the data hell Debian: aggregation of loosely-connected services No Launchpad! Everyone can start their own service Data everywhere A dozen of places to get interesting data Tools required to gather data in a central place and expose it to the maintainers lucas@debian.org Debian Quality Assurance 16 / 31
  • 23. Package Tracking System (PTS) Source package-centric view http://packages.qa.debian.org/package lucas@debian.org Debian Quality Assurance 17 / 31
  • 24. Developer Packages Overview (DDPO) Developer-centric view http://qa.debian.org/developer.php lucas@debian.org Debian Quality Assurance 18 / 31
  • 25. Ultimate Debian Database (UDD) Gather everything into a single SQL DB Perfect tool for data-mining Debian Currently imported in UDD: Debian Sources and Packages, bugs, popcon, testing migrations, upload history, orphaned packages, carnivore, lintian, debtags, translations, NEW queue, screenshots, DEHS, ldap, wanna-build, removals, Ubuntu Sources and Packages, Ubuntu bugs, Ubuntu popcon Possible questions you can answer with UDD: RC buggy packages in testing, sorted by popcon? Packages for which the last 4 uploads were NMUs? Packages not maintained by official DDs? http://udd.debian.org/ lucas@debian.org Debian Quality Assurance 19 / 31
  • 26. Some UDD queries Packages with the highest number of different lintian errors or warnings select package, count(distinct tag) as cnt from lintian where tag_type in(’error’,’warning’) group by package order by cnt desc limit 15; lucas@debian.org Debian Quality Assurance 20 / 31
  • 27. Some UDD queries Packages with the highest number of different lintian errors or warnings select package, count(distinct tag) as cnt from lintian where tag_type in(’error’,’warning’) group by package order by cnt desc limit 15; package count tsocks 18 pygopherd 18 cyclades-serial-client 17 muddleftpd 17 elib 17 lucas@debian.org Debian Quality Assurance 20 / 31
  • 28. Some UDD queries Who uploaded wheezy’s packages? select changed_by, count(*) from sources s, upload_history uh where s.source = uh.source and s.version = uh.version and s.distribution=’debian’ and s.release = ’wheezy’ group by changed_by order by count desc limit 8; lucas@debian.org Debian Quality Assurance 21 / 31
  • 29. Some UDD queries Who uploaded wheezy’s packages? select changed_by, count(*) from sources s, upload_history uh where s.source = uh.source and s.version = uh.version and s.distribution=’debian’ and s.release = ’wheezy’ group by changed_by order by count desc limit 8; changed_by count gregor herrmann <gregoa@debian.org> 790 Joachim Breitner <nomeata@debian.org> 237 Christian Perrier <bubulle@debian.org> 229 Alessio Treglia <alessio@debian.org> 222 Salvatore Bonaccorso <carnil@debian.org> 207 Clint Adams <clint@debian.org> 206 Jonas Smedegaard <dr@jones.dk> 195 lucas@debian.org Debian Quality Assurance 21 / 31
  • 30. Taking care of the dirty areas of Debian lucas@debian.org Debian Quality Assurance 22 / 31
  • 31. Taking care of the dirty areas of Debian Two complementary approaches: Focus on packages neglected by their maintainers Focus on maintainers neglecting their packages lucas@debian.org Debian Quality Assurance 23 / 31
  • 32. Neglected packages Already orphaned: Do minimalistic maintenance Problem: > 700 orphaned packages Not (yet) orphaned: Find them, orphan or remove them Goal: Put maintenance in the hands of people with time lucas@debian.org Debian Quality Assurance 24 / 31
  • 33. Bapase: finding neglected packages Multi-criteria search for neglected packages Based on Ultimate Debian Database http://udd.debian.org/bapase.cgi lucas@debian.org Debian Quality Assurance 25 / 31
  • 34. Inactive maintainers Missing In Action (MIA) team Find them, track them, orphan their packages Mostly based on reporting by users or fellow developers Echelon: records activity of DDs ; Carnivore: tracks identities Collaboration with the Account Managers: possible removal of their account (Unused accounts → possible security problems) lucas@debian.org Debian Quality Assurance 26 / 31
  • 35. Open challenges: following Debian evolutions lucas@debian.org Debian Quality Assurance 27 / 31
  • 36. Co-maintenance lucas@debian.org Debian Quality Assurance 28 / 31
  • 37. Use of VCSes lucas@debian.org Debian Quality Assurance 29 / 31
  • 38. Following Debian evolutions Need to improve QA infrastructure Team-aware VCS-aware Abstraction layer? If I’ve learned anything, it’s that OSS projects can’t make a choice. And when you can’t make a choice, what do you do? You support all options! Yay! How do we support all options? An abstraction layer! Yay! Abstraction layers are fun to write! Yay! – – Linux Hater’s Blog Standard workflows? Keep track of sponsorship requests http://mentors.debian.org + sponsorship-requests Track state of packages in VCS Partial solution: PET (http://pet.debian.net/) lucas@debian.org Debian Quality Assurance 30 / 31
  • 39. Conclusions Debian: A large-scale volunteer-based distribution A continuous effort to organize development and improve quality lucas@debian.org Debian Quality Assurance 31 / 31