[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ A ] [ next ]
Debian is about a lot more than just packaging software and maintaining those packages. This chapter contains information about ways, often really critical ways, to contribute to Debian beyond simply creating and maintaining packages.
As a volunteer organization, Debian relies on the discretion of its members in choosing what they want to work on and in choosing the most critical thing to spend their time on.
We encourage you to file bugs as you find them in Debian packages. In fact, Debian developers are often the first line testers. Finding and reporting bugs in other developers' packages improves the quality of Debian.
reporting bugs in the Debian
bug tracking system.
Try to submit the bug from a normal user account at which you are likely to receive mail, so that people can reach you if they need further information about the bug. Do not submit bugs as root.
You can use a tool like
reportbug(1) to submit bugs. It can
automate and generally ease the process.
Make sure the bug is not already filed against a package. Each package has a
bug list easily reachable at
http://bugs.debian.org/packagename Utilities like
querybts(1) can also provide you with this information (and
reportbug will usually invoke
Try to direct your bugs to the proper location. When for example your bug is about a package which overwrites files from another package, check the bug lists for both of those packages in order to avoid filing duplicate bug reports.
For extra credit, you can go through other packages, merging bugs which are reported more than once, or tagging bugs `fixed' when they have already been fixed. Note that when you are neither the bug submitter nor the package maintainer, you should not actually close the bug (unless you secure permission from the maintainer).
From time to time you may want to check what has been going on with the bug reports that you submitted. Take this opportunity to close those that you can't reproduce anymore. To find out all the bugs you submitted, you just have to visit http://bugs.debian.org/from:<your-email-addr>.
Reporting a great number of bugs for the same problem on a great number of
different packages — i.e., more than 10 — is a deprecated practice.
Take all possible steps to avoid submitting bulk bugs at all. For instance, if
checking for the problem can be automated, add a new check to
lintian so that an error or warning is emitted.
If you report more than 10 bugs on the same topic at once, it is recommended
that you send a message to
describing your intention before submitting the report, and mentioning the fact
in the subject of your mail. This will allow other developers to verify that
the bug is a real problem. In addition, it will help prevent a situation in
which several maintainers start filing the same bug report simultaneously.
Please use the programms
dd-list and if appropriate
whodepends (from the package devscripts) to generate a list of all
affected packages, and include the output in your mail to
Note that when sending lots of bugs on the same subject, you should send the
bug report to
that the bug report is not forwarded to the bug distribution mailing list.
Even though there is a dedicated group of people for Quality Assurance, QA
duties are not reserved solely for them. You can participate in this effort by
keeping your packages as bug-free as possible, and as lintian-clean (see
lintian, Section A.2.1) as
possible. If you do not find that possible, then you should consider orphaning
some of your packages (see Orphaning a
package, Section 5.9.4). Alternatively, you may ask the help of other
people in order to catch up with the backlog of bugs that you have (you can ask
for help on
At the same time, you can look for co-maintainers (see Collaborative maintenance, Section
From time to time the QA group organizes bug squashing parties to get rid of as
many problems as possible. They are announced on
and the announcement explains which area will be the focus of the party:
usually they focus on release critical bugs but it may happen that they decide
to help finish a major upgrade (like a new perl version which requires
recompilation of all the binary modules).
The rules for non-maintainer uploads differ during the parties because the announcement of the party is considered prior notice for NMU. If you have packages that may be affected by the party (because they have release critical bugs for example), you should send an update to each of the corresponding bug to explain their current status and what you expect from the party. If you don't want an NMU, or if you're only interested in a patch, or if you will deal yourself with the bug, please explain that in the BTS.
People participating in the party have special rules for NMU, they can NMU without prior notice if they upload their NMU to DELAYED/3-day at least. All other NMU rules apply as usually; they should send the patch of the NMU to the BTS (to one of the open bugs fixed by the NMU, or to a new bug, tagged fixed). They should also respect any particular wishes of the maintainer.
If you don't feel confident about doing an NMU, just send a patch to the BTS. It's far better than a broken NMU.
During your lifetime within Debian, you will have to contact other maintainers for various reasons. You may want to discuss a new way of cooperating between a set of related packages, or you may simply remind someone that a new upstream version is available and that you need it.
Looking up the email address of the maintainer for the package can be distracting. Fortunately, there is a simple email alias, <package>@packages.debian.org, which provides a way to email the maintainer, whatever their individual email address (or addresses) may be. Replace <package> with the name of a source or a binary package.
You may also be interested in contacting the persons who are subscribed to a given source package via The Package Tracking System, Section 4.10. You can do so by using the <package>@packages.qa.debian.org email address.
If you notice that a package is lacking maintenance, you should make sure that the maintainer is active and will continue to work on their packages. It is possible that they are not active any more, but haven't registered out of the system, so to speak. On the other hand, it is also possible that they just need a reminder.
There is a simple system (the MIA database) in which information about
maintainers who are deemed Missing In Action is recorded. When a member of the
QA group contacts an inactive maintainer or finds more information about one,
this is recorded in the MIA database. This system is available in
/org/qa.debian.org/mia on the host qa.debian.org, and can be queried with a
tool known as
to see how to query the database. If you find that no information has been recorded about an inactive maintainer yet, or that you can add more information, you should generally proceed as follows.
The first step is to politely contact the maintainer, and wait a reasonable time for a response. It is quite hard to define "reasonable time", but it is important to take into account that real life is sometimes very hectic. One way to handle this would be to send a reminder after two weeks.
If the maintainer doesn't reply within four weeks (a month), one can assume that a response will probably not happen. If that happens, you should investigate further, and try to gather as much useful information about the maintainer in question as possible. This includes:
The "echelon" information available through the
developers' LDAP database, which
indicates when the developer last posted to a Debian mailing list. (This
includes uploads via debian-*-changes lists.) Also, remember to check whether
the maintainer is marked as "on vacation" in the database.
The number of packages this maintainer is responsible for, and the condition of those packages. In particular, are there any RC bugs that have been open for ages? Furthermore, how many bugs are there in general? Another important piece of information is whether the packages have been NMUed, and if so, by whom.
Is there any activity of the maintainer outside of Debian? For example, they might have posted something recently to non-Debian mailing lists or news groups.
A bit of a problem are packages which were sponsored — the maintainer is not an official Debian developer. The echelon information is not available for sponsored people, for example, so you need to find and contact the Debian developer who has actually uploaded the package. Given that they signed the package, they're responsible for the upload anyhow, and are likely to know what happened to the person they sponsored.
It is also allowed to post a query to
asking if anyone is aware of the whereabouts of the missing maintainer. Please
Cc: the person in question.
Once you have gathered all of this, you can contact
firstname.lastname@example.org. People on this
alias will use the information you provide in order to decide how to proceed.
For example, they might orphan one or all of the packages of the maintainer.
If a package has been NMUed, they might prefer to contact the NMUer before
orphaning the package — perhaps the person who has done the NMU is
interested in the package.
One last word: please remember to be polite. We are all volunteers and cannot dedicate all of our time to Debian. Also, you are not aware of the circumstances of the person who is involved. Perhaps they might be seriously ill or might even have died — you do not know who may be on the receiving side. Imagine how a relative will feel if they read the e-mail of the deceased and find a very impolite, angry and accusing message!
On the other hand, although we are volunteers, we do have a responsibility. So you can stress the importance of the greater good — if a maintainer does not have the time or interest anymore, they should "let go" and give the package to someone with more time.
If you are interested in working in the MIA team, please have a look at the
README file in /org/qa.debian.org/mia on qa.debian.org where the technical
details and the MIA procedures are documented and contact
Debian's success depends on its ability to attract and retain new and talented volunteers. If you are an experienced developer, we recommend that you get involved with the process of bringing in new developers. This section describes how to help new prospective developers.
Sponsoring a package means uploading a package for a maintainer who is not able to do it on their own, a new maintainer applicant. Sponsoring a package also means accepting responsibility for it.
New maintainers usually have certain difficulties creating Debian packages — this is quite understandable. That is why the sponsor is there, to check the package and verify that it is good enough for inclusion in Debian. (Note that if the sponsored package is new, the ftpmasters will also have to inspect it before letting it in.)
Sponsoring merely by signing the upload or just recompiling is definitely not recommended. You need to build the source package just like you would build a package of your own. Remember that it doesn't matter that you left the prospective developer's name both in the changelog and the control file, the upload can still be traced to you.
If you are an application manager for a prospective developer, you can also be their sponsor. That way you can also verify how the applicant is handling the 'Tasks and Skills' part of their application.
By uploading a sponsored package to Debian, you are certifying that the package meets minimum Debian standards. That implies that you must build and test the package on your own system before uploading.
You cannot simply upload a binary
.deb from the sponsoree. In
theory, you should only ask for the diff file and the location of the original
source tarball, and then you should download the source and apply the diff
yourself. In practice, you may want to use the source package built by your
sponsoree. In that case, you have to check that they haven't altered the
upstream files in the
.orig.tar.gz file that they're providing.
Do not be afraid to write the sponsoree back and point out changes that need to be made. It often takes several rounds of back-and-forth email before the package is in acceptable shape. Being a sponsor means being a mentor.
Once the package meets Debian standards, build and sign it with
before uploading it to the incoming directory. Of course, you can also use any part of your KEY-ID, as long as it's unique in your secret keyring.
The Maintainer field of the
control file and the
changelog should list the person who did the packaging, i.e., the
sponsoree. The sponsoree will therefore get all the BTS mail about the
If you prefer to leave a more evident trace of your sponsorship job, you can add a line stating it in the most recent changelog entry.
You are encouraged to keep tabs on the package you sponsor using The Package Tracking System, Section 4.10.
See the page about
advocating a prospective
developer at the Debian web site.
Application Managers at the Debian web site.
[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ A ] [ next ]
Debian Developer's Reference