[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[announcer] Welcome, our next talk will\Nbe about the Debian Long Term support
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,team and the speaker is\NRaphaël Hertzog.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Raphaël Hertzog] Hello.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Today I will speak a bit about Debian\Nlong term support.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I guess most of you already know about\Nit.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Are there some people who have no\Nidea what this is about?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,No, good.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I will make my talk in 3 parts.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,First I will present the team, how it\Nworks
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I will give some facts about how it\Nevolved over the first years.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I took some time to collect statistics\Nand believe they are rather interesting
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I will also speak about the future
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but there will be a separate discussion\Nabout this in a BoF later this week.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I will show you how to help because, like\Nany other team in Debian it is open
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to anyone. We welcome help.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,At the end I will answer your questions.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,What is LTS about?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The idea is really simple.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We wanted to extend the support period\Nof all Debian releases.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Currently it is basically for 1 year after\Nthe next stable release comes out.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We wanted to extend this to 5 years to\Nmatch, at least, Ubuntu's offering.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is not our competitor, but for the\Ncompanies that are making choices
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it is one of the important criteria.\NSo we wanted to do as well.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Since we publish new stable releases\Nevery 2 years it is roughly 3 years.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,A nice side benefit is that the user can\Nskip a full release.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We don't officially support dist-upgrade\Nover going from Debian 6 to 8
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but you can do 2 dist-upgrades at\Nthe same time, limiting the downtime
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to once every 5 years.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,By the way, in practice, in simple server\Nconfigurations, dist-upgrades tend to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,work rather well even across 2 releases.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Keeping a distribution secure for 5 years\Nis a real challenge.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It is hard work that not everybody is\Nwilling to do.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In Debian all the work is done by\Nvolunteers who do the work they enjoy.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Generally we enjoy working on new\Nfeatures on top of latest releases
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and not really on backporting patches to\Ncrud that was written 5 years ago.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The security team has limited resources\Nso we could not just ask the security
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,team to now do twice the work.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But they were still really interested in\Nthe project and wanted to support the idea
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and really helped to get it bootstrapped.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The security team has a slightly larger\Nscope.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,They support all architectures, which\Nmeans you have lots of problems of
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,coordination when security updates do\Nnot compile and stuff like that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,What did we do?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We restricted the scope by picking\Nthe 2 most popular architectures
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that most users care about.\N
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We have had some demand for ARM\Narchitectures but up to now we only
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,support amd64 and i386.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We also excluded some packages from\Nsecurity support.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Either because they are taking too much\Ntime, like a security issue every 2 weeks
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or that upstream is not cooperative\Nenough to be able to support it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,This list was basically made by the\Ncurrent security team based on their
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,experience of doing security support.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,If you look at the list there are some\Nimportant restrictions.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There's no xen, no kvm, no rails,\Nno browser. It sucks a bit.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But it's a way to get it started.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think we can do better for wheezy.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Basically there is no virtualization\Nsupport on the host, only on the guest.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The security team helped to bootstrap\Nthe LTS team but it is not the same team.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Obviously there are members of the\Nsecurity team who also work on the LTS
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,team. They work in close collaboration.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We have regular contact and they watch our\Nmailing lists etc.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But the policies are different and the\Ninfrastructure is separate,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is a problem but I will talk about\Nthat later.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We have a dedicated mailing list
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and a dedicated IRC channel as well.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,You are welcome to subscribe and to\Njoin.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's a new team which means new people\Nand new members.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Where do they come from?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The first idea was to get help from\Npeople in various companies
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,who are already doing such in-house\Nsupport.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We had contact with EDF, and still have,\Nbut they were one of the first
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,companies who were pushing for this\Nbecause they basically said
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we are doing this already and we can\Nshare with other companies.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The idea was to pool security support of\Nmultiple companies.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We sent a press release asking\Ncompanies to join.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We had a few responses.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But I'll come back later to how it evolved\NIt's not really satisfying.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The other thing that we did is that we\Noffered companies the option to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,fund the project to bring money and use\Nthis to pay the work of
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,actual Debian contributors to do the\Nsecurity updates that we need.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We have wiki pages listing all the ways\Nthat companies can help with money.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In practice, most of the (wanting to be)\Npaid contributors joined together
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,under a single offer managed by\NFreexian SARL which is my own company.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'll quickly explain how this works.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Most companies don't want to bother\Nbringing human resources ??? (08:25)
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,They buy long term support contracts\Nfrom Freexian.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We have a rate. When you give €85 you\Nfund 1 hour of LTS work.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,This is the current list of sponsors.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Top level gold sponsors sponsoring\Nmore than 1 day of work per month.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,On the other side we have Debian \Ncontributors that are doing the work
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and Freexian is paying them. There is a\Nsmall difference between the rate
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to cover administration costs because I\Nhave to handle the invoices
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and some customers are using Paypal\Nwhich is taking a cut.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We ask contributors to follow some rules.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There is a requirement to publish a\Nmonthly report on work done
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,on paid time. So they won't get paid until\Nthey have published a report.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So everybody can know how the money\Nhas been spent.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Currently we have 7 Debian contributors\Nand about 30 sponsors.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Some figures.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Who uploaded packages?\NHow has it evolved since June last year?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,How is the funding evolving?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I just updated those figures a few\Ndays ago.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I used this talk before at the mini\NDebConf in Lyon in March,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but I updated it again.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The number of uploads is roughly over\None year since we started last year.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Over 300 uploads so it is not so much\Nbut it is almost 1 per day.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So it is significant work.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I have given a state here of who paid\Nfor the work and who did it on the left
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The sponsors of Freexian are paying for\Nmost of the uploads. ???
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,None is a separate category grouping all\NDebian maintainers.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There are maintainers who are taking\Ncare of their own packages in LTS.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Security team is members of the security\Nteam who also work within the LTS team.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,EDF is Électricité de France
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Individuals are Debian developers that\Nhave listed themselves as members of
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the LTS team and did uploads for packages\Nof other maintainers not their own.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Credativ is a German company that you\Nprobably know.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,They have a booth here if you want a\Njob.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Toshiba, Univention, Catalyst etc\Nare other lower ???
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,On the right are people. The top 5 people\Nare paid by Freexian.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Raphaël Geissert is working for EDF.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Thijs is a member of the security team.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Kurt is openssl maintainer ???
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Mike Gabriel is also paid by Freexian.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Christoph Bieldl is mainly maintaining\Nthe debian-security-support in Squeeze LTS
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Nguyen Cong is employed by Toshiba.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Christoph Berg is employed by creditv\Ndoing postgresql maintainence.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,How did it evolve over the year?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,(13:04)