[Pkg-xen-devel] Xen packaging in Debian

Fri Dec 22 01:01:56 UTC 2017

To: Debian xen and kernel team list, Ian Jackson
Cc: Stefan Bader, maintainer of xen packages in Ubuntu

Hi all,

Short version: Hi! I'd like to help with the Xen packaging in Debian.

Long version:

Q: Who are you? How are you related to Debian an the Xen project?
A: Hi, I'm Hans van Kranenburg, nickname Knorrie, I live in the
Netherlands. I'm a Debian user since 2002, and have been using Debian
and Xen at work (Mendix) since 2006, which has grown from a handful
dom0s with 4GiB memory each to a bunch of clusters with let's say
somewhere between 10TiB and 20TiB of physical memory in the dom0s
together, running a production environment for customer application hosting.

My general interests are filesystems and networking and I like
programming in Python. At work, we've been maintaining our own debian
repository for many years, with our own packages, changed Debian
packages and custom backports, which caused me to pick up some Debian
packaging skills along the way.

Q: And why the sudden interest?
A: Some problems we ran into in the last year+ caused me to have a
better look at the Xen releases and the packages in Debian.

The situation I ran into is best described as: "Wait... I'm running a
Xen version from Debian Stable (at the time of realizing that's Jessie)
that was released before the type of hardware I have here was invented
and manufactured, it's out of support and out of security support
upstream and I'm surprised weird things are going on?" Maybe we should
reverse this a bit and see if we can keep up to date with Xen stable
releases that know about certain quirks of the hardware.

The sad part is that I quickly discovered the xen packages aren't really
actively maintained in Debian. Luckily we got a newer version in Stretch
just before the freeze and currently Ian Jackson is keeping everything
on life support (thanks!!). Current packaging is not tracked in version
control (well, not on a level of granularity that I would deem
acceptable) and the contents are being changed based on unpacking the
previous upload and changing old generated files in place, disregarding
the way how the package was set up in the past (which is quite similar
to how the linux kernel packaging for Debian works).

Q: So, let's sit in a corner and cry?
A: No, we can do better. A few days ago I started reaching out to see if
I could find members of the Xen team and ended up talking to Ian Jackson
in #debian-kernel. He encouraged me to take a further look and was
immediately available to help and answer any questions I would have.

What I did in the last few days is basically clean up the packaging to
get it back to a state where it's usable again. So, move the packaging
back to git, import the latest release and then fix enough things to be
able to at least produce new security updates for Stretch and get a
newer package into unstable.

I uploaded the work it to github [0] for now. It can be moved anywhere
else later. I tend to write things in commit messages, so please have a
look.

Besides preparing a new version for stretch-security as an example, I
moved the packaging forward to Xen 4.9, by taking the relevant changes
done by Stefan Bader in Ubuntu (thanks!!) and merge them back into the
packaging.

I (smoke)tested the resulting packages in my test environment at work.
To be able to properly test I put them in a repository at [1].

Note that I'm not a Debian Maintainer (yet). I do have packages in
Debian with my work on btrfs, the uploads are sponsored by Adam
Borowski. [2]

I guess that it'd be good to finally take the step to apply for Debian
Maintainer status when starting to work on low level security sensitive
packages like this. Luckily, we have a Debian keysigning party in the
next days in The Netherlands, so I have a quick opportinity to get
things in order. :]

I have already identified quite a few topics I'd like to discuss next,
but, let's take it one step at a time, I typed enough already here. :)

Regards,
Hans van Kranenburg

[0] https://github.com/knorrie/debian-xen/
[1] https://packages.knorrie.org/xen/debian/pool/main/x/xen/
[2] https://qa.debian.org/developer.php?login=hans%40knorrie.org