Discussion:
Motion to elect Samuli to be the official maintainer of OpenVPN at Debian
Add Reply
Samuli Seppänen
2017-06-20 16:08:56 UTC
Reply
Permalink
Raw Message
Hi,

Thanks for nominating me :).
June 20, 2017
Hi guys,
Our friend, Samuli, has been creating .deb files of the latest version of OpenVPN (Community Edition) for quite some time.
1. updates are available on the same day that the Windows version is posted for download. There is a significant time gap between the version created by Samuli and the one that is available on Debian's backport-repository. As an example look at the time when Samuli made the latest version of OpenVPN available and compare it with the time that the backported version of Debian Jessie is made available by its official maintainer.
Our OpenVPN packages don't have to conform to Debian's packaging
policies. That is part of the reason why we can publish new Debian
packages at OpenVPN release time. Having Debian "in the middle" would in
all likelihood make OpenVPN releases more time-consuming and tricky to
organize.
2. there is no need to fetch updates from a separate repository outside of Debian ones. Users can just install backported version from Debian backport-repository.
The Debian backports repository brings with it lots of "other stuff"
besides OpenVPN. People would need to set the "Pin-Priority" correctly
to avoid accidentally upgrading more than what they want. Further
details on pinning (also applicable to Debian):

<https://help.ubuntu.com/community/PinningHowto>

When people add our (=OpenVPN project's) apt repository they get just
what they want: up-to-date OpenVPN packages. Moreover, they can choose
which version they want to have:

- stable
- testing (includes alpha/beta/rc releases)
- release/2.3
- release/2.4

These repositories serve different use-cases. So having a completely
separate repository actually makes sense.
Kindly reply to this email if you support this motion.
Thanks.
Javier
--
Samuli SeppÀnen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock
Bernhard Schmidt
2017-06-22 20:08:31 UTC
Reply
Permalink
Raw Message
On 20.06.2017 18:08, Samuli Seppänen wrote:

Hi,

I haven't seen the original mail, no idea why
Post by Samuli Seppänen
Thanks for nominating me :).
June 20, 2017
Hi guys,
Our friend, Samuli, has been creating .deb files of the latest
version of OpenVPN (Community Edition) for quite some time.
I proposed that Samuli be the official maintainer of said software
1. updates are available on the same day that the Windows version
is posted for download. There is a significant time gap between the
version created by Samuli and the one that is available on Debian's
backport-repository. As an example look at the time when Samuli
made the latest version of OpenVPN available and compare it with
the time that the backported version of Debian Jessie is made
available by its official maintainer.
Our OpenVPN packages don't have to conform to Debian's packaging
policies. That is part of the reason why we can publish new Debian
packages at OpenVPN release time. Having Debian "in the middle" would
in all likelihood make OpenVPN releases more time-consuming and
tricky to organize.
To explain this a bit more, it is quite impossible to release new
OpenVPN upstream versions within Debian stable. Debian policy is that as
soon as the development of a Debian release is frozen no new upstream
releases are introduced. Only security fixes and important crash fixes
are allowed to be (selectively) backported while retaining the version
number. So that's why Debian Stretch has 2.4.0 plus security patches up
to 2.4.2 (2.4.3 is probably pending the security team right now).

Note that Debian unstable does not suffer from this, except during
freeze. 2.4.3 has been uploaded today, see
https://tracker.debian.org/news/850579

Also note that the maintainer is looking for someone to take over
maintainership, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865555 .
Post by Samuli Seppänen
2. there is no need to fetch updates from a separate repository
outside of Debian ones. Users can just install backported version
from Debian backport-repository.
The Debian backports repository brings with it lots of "other stuff"
besides OpenVPN. People would need to set the "Pin-Priority"
correctly to avoid accidentally upgrading more than what they want.#
Not quite, the backports repo is marked "NotAutomatic", so it should not
pull in new versions unconditionally.

Bernhard
Samuli Seppänen
2017-06-23 17:30:19 UTC
Reply
Permalink
Raw Message
Hi,
Post by Bernhard Schmidt
Post by Samuli Seppänen
2. there is no need to fetch updates from a separate repository
outside of Debian ones. Users can just install backported version
from Debian backport-repository.
The Debian backports repository brings with it lots of "other stuff"
besides OpenVPN. People would need to set the "Pin-Priority"
correctly to avoid accidentally upgrading more than what they want.#
Not quite, the backports repo is marked "NotAutomatic", so it should not
pull in new versions unconditionally.
Bernhard
Hi Bernhard,

I stand corrected. In the distant past when I used backports last I
recall pinning was required.

Samuli

Loading...