diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:19:41 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:19:41 +0000 |
| commit | a27c8b00ebf173659f22f53ce65679e94e7dfb1b (patch) | |
| tree | 02c68ec259348b63c6328896aa73265eb7b3d730 /dm-packaging/README | |
| parent | Initial commit. (diff) | |
| download | debian-keyring-upstream.tar.xz debian-keyring-upstream.zip | |
Adding upstream version 2022.12.24.upstream/2022.12.24upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dm-packaging/README')
| -rw-r--r-- | dm-packaging/README | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/dm-packaging/README b/dm-packaging/README new file mode 100644 index 0000000..eeade90 --- /dev/null +++ b/dm-packaging/README @@ -0,0 +1,42 @@ +The Debian project allows some people who are not Debian developers to +maintain packages in the distribution, This package contains a keyring +of GnuPG keys of these maintainers. + +If you wanted to add this keyring to gpg, you could add this line to your +~/.gnupg/gpg.conf file: + +keyring /usr/share/keyrings/debian-maintainers.gpg + +The intended use of the keyring is actually by dak on the Debian archive, +when checking if an uploaded package should be accepted. More details here: +http://www.debian.org/vote/2007/vote_003 + +keyring maintenance +------------------- + +The keyring is built and maintained by using jetring to manipulate +changesets. The source package actually contains two keyrings, an admins +keyring and the debian-maintainers keyring. Admins can add new people to +either keyring. + +To submit an applicant to be added to the debian-maintainers keyring, +someone (the applicant or their sponsor) should file a bug on the +debian-maintainers package, attaching a jetring changeset that adds the +applicant's key. A sample.changeset file is provided for your reference. + +The admins will check that: + +* The applicant acknowledges Debian's social contract and free software + guidelines (http://www.debian.org/social_contract), and machine usage + policies (http://www.debian.org/devel/dmup). The applicant should post + a gpg signed mail agreeing with them. +* That the applicant has a valid gpg key, signed by a Debian developer (and + preferably connected to the web of trust by multiple paths). +* That at least one Debian developer (preferably more) is willing to advocate + the applicant's inclusion, in particular that the applicant is technically + competent and good to work with. Advocacy messages should generally be sent + to a Debian mailing list such as debian-newmaint or a more specific team + list. + +To aid in these checks, please provide all the necessary data in the +changeset or in followup mails. |