From Mageia wiki
Jump to: navigation, search

This is a short version of what currently is done when pushing updates using Mgaadv.
I here use 3 terminal windows, one as myself on my local machine, one as root @ valstar and one as mga-advisories @ valstar.

Install advisories tool:

[root@laptop ~]# urpmi mga-advisories
  - installs mgaadv

Do initial config:

[tmb@laptop ~]$ mkdir ~/.mga-advisories
[tmb@laptop ~]$ mgaadv initqaconf
  - initializes config file (it opens text editor to show config)
  - initial download of advisories

Check that you have latest advisories:

[tmb@laptop ~]$ cd mageia-advisories/advisories
[tmb@laptop advisories]$ svn up

Check if there is potential problems (for perl advisory parser):

[tmb@laptop advisories]$ mgaadv mksite

If you get any perl warnings/errors here, fix them or the advisory mails wont get pushed and website wont be updated. You only need to do this once at the beginning of your session as adding an ID to an advisory will not break it any further, so provided no-one else introduces an error while you're working, it should be fine!

Usually the error is indentation issues or some special chars. For example indentation issues will show:

YAML Error: Invalid element in map
   Code: YAML_LOAD_ERR_BAD_MAP_ELEMENT
   Line: 13
   Document: 1
 at /usr/lib/perl5/vendor_perl/5.18.1/YAML/Loader.pm line 352.



Check at end of http://mageia.madb.org/tools/updates for advisories ready to be pushed.

Pushing updates (using samba update (bug 12999) as an example)

Assign advisory id (note: sometimes there can be split advisories in which case you would use mgaadv publish 12999.mga3 and mgaadv publish 12999.mga4):

[tmb@laptop advisories]$ mgaadv publish 12999
Found Bug:  samba new security issue CVE-2013-4496
Checking for QA validation keyword…   ✔
Checking dependent bugs…              ✔ (None found)
Assigning ID to advisory 12999…       ✔ MGASA-2014-0138
Do you want to publish now? [Y/n]:    ✔
Publishing advisory MGASA-2014-0138…  ✔


On valstar, use screen to make avoid breakages during package move if you lose network connection)

[root@valstar ~]# screen


Trigger package move, advisory mail, updating of http://advisories.mageia.org and closing of bugs:

[root@valstar ~]$ update_mga-advisories
Re-running as 'mga-advisories' user.
...

There will be a whole bunch of debug output and both a sysadmin-report and a qa-report mail will be sent afterwards.

And you are done and can exit all terminal windows on valstar.