Ok, welcome back to the second session
of the day.
It's going to be Alexander Wirt talking
about salsa.debian.org.
[Applause]
Thank you, good morning.
I usually don't give talks in english,
so please be nice to me.
However, I'm here.
I want to talk today about our journey
for Alioth
which is still running, but not for long
anymore,
to our new service, salsa.
I want to get a little bit into the history
of old things
and what we have already achieved,
what we still need to achieve
and what are our plans for the future.
Let's start with the basic things,
who am I.
I am the guy who rejects the mails
on lists.debian.org,
I am a listmaster.
I am the guy that rejects your backports.
I am the backports ftp master.
And I am the guy that will destroy
alioth.debian.org.
For the last ten years
[Applause]
I was an admin by accident of
alioth.debian.org.
This is another story I will tell you
in a few minutes.
Beside from that, I work as an OpenSource
consultant at credativ,
which is a small company in Germany
which is specialized in OpenSource,
we only do OpenSource consulting
in Germany.
We do what today is called DevOps,
we do every kind of consulting.
If you do something with OpenSource,
we are probably the ones you can talk with.
I am a father of two wonderful girls,
they're not here unfortunately,
but otherwise I wouldn't be able
to work.
And in my little bit spare time, I do
role playing games and Tabletop games.
In theory there should be a picture now.
There's a picture missing,
I don't know why,
which should tell "We need you".
A little bit of advertisement, if you
want to do OpenSource work in Germany,
paid,
and you need a job, please talk to me.
We are always looking for good people,
especially in C development,
kernel development, but also of course
consulting.
So please talk to me.
Some steps in history.
Some years ago, ???
2008, 2009,
I told the alioth channel
"Hey, if you need help, I can help with
system administration,
not the GForge stuff which is running
above,
but if you need help, tell me."
[Audience] Big mistake
Yeah.
One or two years went by,
and step by step
all alioth admins left.
We were alone in the channel.
And around that time, I detected
"Hey, I have sudo permissions
and I'm admin"
Somebody made me an admin.
So, I had to decide that I will be
the person that is the future alioth admin
and I stepped in.
So it was the beginning of our alioth
journey.
Then, in DebConf15, we had a long
'Birds of a Feather'
where we talked about several security
problems in collab-maint,
some of you are maybe not aware of it,
but since we use git at filesystem level
on alioth,
we are introducing a number of interesting
security problems
like if someone writes a hook, that hook
gets executed every time someone pushes.
So you have basically shell access.
And of course you execute it as
your own uid.