[aur-general] TU Application: Thore Bödecker
Hey folks, My name is Thore Bödecker (a.k.a. foxxx0, or just foxxx depending on nick availability) and finally I have taken the time increase my involvement with Arch Linux. I'm 26 years old now and living in small town called Falkensee, near Berlin in Germany. First of all thanks to Florian Pritz (Bluewind) who is sponsoring my TU application. I heard you like stories so I'm happy to tell you about my way through the Linux world. I have been using Linux in various flavours for a long time, if memory serves correctly it all started with Ubuntu 6.10 somewhere in 2006 while I was still in school. At first it was merely some experimentation and exploring a whole new world but quickly I got really interested. Being a totally addicted gamer at that time it was not a real option for daily usage but I went ahead to build a small fileserver with it and continued to learn new stuff while doing so. After switching back and forth between Ubuntu and Debian for a couple of years and a bit of Gentoo in the middle I ended up renting a server to host some stuff with Debian. In October 2010 my bachelor studies in some sort of technical computer science started at HTW Berlin (for the German speaking people, the course of studies was called "Informationstechnik/Vernetzte Systeme"). This surely had quite some influence and not much later Arch Linux was the OS on my laptop. And oh it was good and enjoyable (even without systemd back then! :P). During my studies I had less and less time for gaming which eventually made me install Arch on my desktop at home. At that point it was already quite clear that there was no alternative for me. Having used Arch for some years on a daily basis made me more and more annoyed with my rented server, that was still running Debian. I got really upset with APT and the "Debian-way" of doing things, having seen how simply and enjoyable they were on Arch Linux. You can pretty much guess what happened, I ended up with Arch on my rented server as well. And a second one. And on my router at home. I even build a custom archiso for home PXE setup, doing which is really pleasing too. Please bear with me, I'll try to wrap things up :) Since October 2013 I am studying computer science at the TU Berlin which has been quite an adventure thus far and if everything works out I'm on track to start my master thesis near the end of this year. As I am also providing hosting services on that server to a small group of customers, the PHP 7 release was quite cumbersome. I had to find a way to provide support for two different PHP versions on my server. Gladly I found a fellow sufferer in Mickaël Thomas (mickael9 in the AUR) and we started working on the php56 AUR package [1]. It was a bit messy at first but in the end it worked out and I've been running php56 together with the upstream Arch Linux php packages for over a year now. I have been a co-maintainer of that package ever since and tried to push the security releases out as quickly as possible. In order to retain as much features of php56 as possible, I created some additional packages for that, which could co-exist with upstream Arch repo packages as well: [2] php56-apcu [3] php56-geoip [4] php56-memcache [5] php56-memcached [6] php56-xdebug So why am I doing this all? I love using Arch Linux, it has been a joyful journey most of the time and I'm looking forward to what might come. But why do I want to be a TU some of you might ask. As I am providing hosting services for customers I am also acting as an email service provider for my customers (and for myself too). Over the last few month there were some nasty spam mails glitching through my spamassassin setup. Naturally I investigated and found that I couldn't really do *anything* while using Arch Linux repo packages only (which I highly prefer for critical infrastructure). I have been in touch with Florian very, very much over the last few years and we shared the same desire: amavisd-new. So last week I did an experiment with a combination of opendkim + opendmarc + amavisd-new. When I discovered that there was no AUR package for amavisd-milter I went ahead and created one. But somehow when I tried to push my package to AUR it said "Permission denied". As it turned out, another fellow Arch Linux user has done the exact same thing and pushed to the AUR a couple of hours before me. So I got in contact with said Person, Karol Babioch (kbabioch) and he was happy to let me take ownership of amavisd-milter [7]. I countinued to experiment and it seemed the opendmarc internal SPF check wasn't really working in the Arch Linux repo version. This made me build opendmarc using libspf2 which did the trick and I've put that together in opendmarc-libspf2 [8]. To make all these parts easily and comfortably available to all Arch Linux users I would like to move these few packages to [community] (if Yardena Cohen a.k.a. yar agrees for amavisd-new). As you guys want to make sure that I am capable of writing high quality PKGBUILDs, Florian pointed out some AUR packages that were orphaned and could use some makeover. So I went ahead and tried my best to get them back into shape, feel free to give feedback: [9] awl [10] davical [11] webalizer You can find all packages that I currently maintain here: [12]. Last but not least I would like to throw in my own open source project, that I created to easy management of my hosting: [13] vhost-api It is currently undergoing a rewrite in order to improve the modularity, expandability and maintenance. Sadly my time for that is a bit scarce right now and it is not urgent as has been working quite well thus far. The packages that I would like to move to [community], if the current maintainers agree, are: - amavisd-new - amavisd-milter - perl-convert-tnef (required for amavisd-new) - perl-convert-uulib (required for amavisd-new) - libspf2 Additionally I would like to take maintainership of opendmarc if that is okay with Sergej, in order to build it against libspf2. Apart from maintaining the mentioned packages I am also quite capable regarding server and service hosting and happy to assist in maintaining and improving the Arch Linux infrastructure. :) The best ways to reach me are either through email: me [at] foxxx0 [dot] de Or over on split^Wfreenode: freenode/foxxx0 Thanks for taking the time to read all this and for considering my application. Cheers, Thore [1] https://aur.archlinux.org/cgit/aur.git/log/?h=php56 [2] https://aur.archlinux.org/packages/php56-apcu [3] https://aur.archlinux.org/packages/php56-geoip [4] https://aur.archlinux.org/packages/php56-memcache [5] https://aur.archlinux.org/packages/php56-memcached [6] https://aur.archlinux.org/packages/php56-xdebug [7] https://aur.archlinux.org/packages/amavisd-milter [8] https://aur.archlinux.org/packages/opendmarc-libspf2 [9] https://aur.archlinux.org/packages/awl [10] https://aur.archlinux.org/packages/davical [11] https://aur.archlinux.org/packages/webalizer [12] https://aur.archlinux.org/packages/?SeB=m&K=foxxx [13] https://github.com/vhost-api --
On 10.05.2017 13:49, Thore Boedecker via aur-general wrote:
My name is Thore Bödecker (a.k.a. foxxx0, or just foxxx depending on nick availability) and finally I have taken the time increase my involvement with Arch Linux. I'm 26 years old now and living in small town called Falkensee, near Berlin in Germany.
First of all thanks to Florian Pritz (Bluewind) who is sponsoring my TU application. I confirm my sponsorship. Let the discussion begin!
Florian
On 10.05.2017 13:51, Florian Pritz via aur-general wrote:
On 10.05.2017 13:49, Thore Boedecker via aur-general wrote:
My name is Thore Bödecker (a.k.a. foxxx0, or just foxxx depending on nick availability) and finally I have taken the time increase my involvement with Arch Linux. I'm 26 years old now and living in small town called Falkensee, near Berlin in Germany.
First of all thanks to Florian Pritz (Bluewind) who is sponsoring my TU application. I confirm my sponsorship. Let the discussion begin!
The discussion period is now over. You can vote here: https://aur.archlinux.org/tu/?id=92 Florian
On 15.05.2017 14:04, Florian Pritz via aur-general wrote:
The discussion period is now over. You can vote here:
Yes: 30 No: 3 Abstain: 9 Voted: 91.30% Result: Accepted Congrats and welcome to the team! Florian
On Mon, 2017-05-22 at 14:06 +0200, Florian Pritz via aur-general wrote:
On 15.05.2017 14:04, Florian Pritz via aur-general wrote:
The discussion period is now over. You can vote here:
Yes: 30 No: 3 Abstain: 9 Voted: 91.30%
Result: Accepted
Congrats and welcome to the team!
Florian
Welcome Thore. -- Sébastien "Seblu" Luttringer
On Wed, May 10, 2017 at 4:49 AM, Thore Boedecker via aur-general <aur-general@archlinux.org> wrote:
To make all these parts easily and comfortably available to all Arch Linux users I would like to move these few packages to [community] (if Yardena Cohen a.k.a. yar agrees for amavisd-new).
That's very polite of you, and once you're a TU you're welcome to take it over, but generally you don't need to ask permission. TUs have taken my packages before, and that's just how it is. :)
Hello Thore, nice to hear you want to join the ArchLinux TU Team. I took a quick look at your PKGBUILDs and found out that you are not using GPG signatures for your PKGBUILDs. Please always ask upstream for GPG signatures and request those if not available. See PHP: https://secure.php.net/downloads.php#gpg-5.6 See Opendmarc: https://sourceforge.net/projects/opendmarc/files/opendmarc-1.3.2.tar.gz.asc/... Also I suggest to use sha512sums, as they are more secure and future proof, even though sha256 is already considered secure at the moment. Also this source can be fetched via https: https://www.xdebug.org/files/xdebug-2.5.3.tgz I suggest to get in touch with the upstream projects and request them to sign their tarballs. You can also refer to GPGit with makes it easier for dev to get started with GPG source signing: https://github.com/NicoHood/gpgit Cheers Nico On 05/10/2017 01:49 PM, Thore Boedecker via aur-general wrote:
Hey folks,
My name is Thore Bödecker (a.k.a. foxxx0, or just foxxx depending on nick availability) and finally I have taken the time increase my involvement with Arch Linux. I'm 26 years old now and living in small town called Falkensee, near Berlin in Germany.
First of all thanks to Florian Pritz (Bluewind) who is sponsoring my TU application.
I heard you like stories so I'm happy to tell you about my way through the Linux world.
I have been using Linux in various flavours for a long time, if memory serves correctly it all started with Ubuntu 6.10 somewhere in 2006 while I was still in school. At first it was merely some experimentation and exploring a whole new world but quickly I got really interested. Being a totally addicted gamer at that time it was not a real option for daily usage but I went ahead to build a small fileserver with it and continued to learn new stuff while doing so.
After switching back and forth between Ubuntu and Debian for a couple of years and a bit of Gentoo in the middle I ended up renting a server to host some stuff with Debian.
In October 2010 my bachelor studies in some sort of technical computer science started at HTW Berlin (for the German speaking people, the course of studies was called "Informationstechnik/Vernetzte Systeme").
This surely had quite some influence and not much later Arch Linux was the OS on my laptop. And oh it was good and enjoyable (even without systemd back then! :P).
During my studies I had less and less time for gaming which eventually made me install Arch on my desktop at home. At that point it was already quite clear that there was no alternative for me.
Having used Arch for some years on a daily basis made me more and more annoyed with my rented server, that was still running Debian. I got really upset with APT and the "Debian-way" of doing things, having seen how simply and enjoyable they were on Arch Linux.
You can pretty much guess what happened, I ended up with Arch on my rented server as well. And a second one. And on my router at home. I even build a custom archiso for home PXE setup, doing which is really pleasing too.
Please bear with me, I'll try to wrap things up :)
Since October 2013 I am studying computer science at the TU Berlin which has been quite an adventure thus far and if everything works out I'm on track to start my master thesis near the end of this year.
As I am also providing hosting services on that server to a small group of customers, the PHP 7 release was quite cumbersome. I had to find a way to provide support for two different PHP versions on my server. Gladly I found a fellow sufferer in Mickaël Thomas (mickael9 in the AUR) and we started working on the php56 AUR package [1]. It was a bit messy at first but in the end it worked out and I've been running php56 together with the upstream Arch Linux php packages for over a year now. I have been a co-maintainer of that package ever since and tried to push the security releases out as quickly as possible.
In order to retain as much features of php56 as possible, I created some additional packages for that, which could co-exist with upstream Arch repo packages as well:
[2] php56-apcu [3] php56-geoip [4] php56-memcache [5] php56-memcached [6] php56-xdebug
So why am I doing this all?
I love using Arch Linux, it has been a joyful journey most of the time and I'm looking forward to what might come.
But why do I want to be a TU some of you might ask.
As I am providing hosting services for customers I am also acting as an email service provider for my customers (and for myself too). Over the last few month there were some nasty spam mails glitching through my spamassassin setup. Naturally I investigated and found that I couldn't really do *anything* while using Arch Linux repo packages only (which I highly prefer for critical infrastructure). I have been in touch with Florian very, very much over the last few years and we shared the same desire: amavisd-new.
So last week I did an experiment with a combination of opendkim + opendmarc + amavisd-new.
When I discovered that there was no AUR package for amavisd-milter I went ahead and created one. But somehow when I tried to push my package to AUR it said "Permission denied". As it turned out, another fellow Arch Linux user has done the exact same thing and pushed to the AUR a couple of hours before me. So I got in contact with said Person, Karol Babioch (kbabioch) and he was happy to let me take ownership of amavisd-milter [7].
I countinued to experiment and it seemed the opendmarc internal SPF check wasn't really working in the Arch Linux repo version. This made me build opendmarc using libspf2 which did the trick and I've put that together in opendmarc-libspf2 [8].
To make all these parts easily and comfortably available to all Arch Linux users I would like to move these few packages to [community] (if Yardena Cohen a.k.a. yar agrees for amavisd-new).
As you guys want to make sure that I am capable of writing high quality PKGBUILDs, Florian pointed out some AUR packages that were orphaned and could use some makeover. So I went ahead and tried my best to get them back into shape, feel free to give feedback:
[9] awl [10] davical [11] webalizer
You can find all packages that I currently maintain here: [12].
Last but not least I would like to throw in my own open source project, that I created to easy management of my hosting:
[13] vhost-api
It is currently undergoing a rewrite in order to improve the modularity, expandability and maintenance. Sadly my time for that is a bit scarce right now and it is not urgent as has been working quite well thus far.
The packages that I would like to move to [community], if the current maintainers agree, are: - amavisd-new - amavisd-milter - perl-convert-tnef (required for amavisd-new) - perl-convert-uulib (required for amavisd-new) - libspf2
Additionally I would like to take maintainership of opendmarc if that is okay with Sergej, in order to build it against libspf2.
Apart from maintaining the mentioned packages I am also quite capable regarding server and service hosting and happy to assist in maintaining and improving the Arch Linux infrastructure. :)
The best ways to reach me are either through email: me [at] foxxx0 [dot] de Or over on split^Wfreenode: freenode/foxxx0
Thanks for taking the time to read all this and for considering my application.
Cheers, Thore
[1] https://aur.archlinux.org/cgit/aur.git/log/?h=php56 [2] https://aur.archlinux.org/packages/php56-apcu [3] https://aur.archlinux.org/packages/php56-geoip [4] https://aur.archlinux.org/packages/php56-memcache [5] https://aur.archlinux.org/packages/php56-memcached [6] https://aur.archlinux.org/packages/php56-xdebug [7] https://aur.archlinux.org/packages/amavisd-milter [8] https://aur.archlinux.org/packages/opendmarc-libspf2 [9] https://aur.archlinux.org/packages/awl [10] https://aur.archlinux.org/packages/davical [11] https://aur.archlinux.org/packages/webalizer [12] https://aur.archlinux.org/packages/?SeB=m&K=foxxx [13] https://github.com/vhost-api
Hey, thanks for your feedback. On 10.05.17 - 14:26, NicoHood wrote:
Hello Thore, nice to hear you want to join the ArchLinux TU Team.
I took a quick look at your PKGBUILDs and found out that you are not using GPG signatures for your PKGBUILDs. Please always ask upstream for GPG signatures and request those if not available.
The php56 package already uses gpg signatures?!
See Opendmarc: https://sourceforge.net/projects/opendmarc/files/opendmarc-1.3.2.tar.gz.asc/...
Unfortunately the key for opendmarc is not public, that is probably the reason why it is also disabled in the repo package.
Also I suggest to use sha512sums, as they are more secure and future proof, even though sha256 is already considered secure at the moment.
As you mentioned sha256 should be pretty solid at the moment but I'm happy to oblige and switched to sha512 in all (co-)maintained packages.
Also this source can be fetched via https: https://www.xdebug.org/files/xdebug-2.5.3.tgz
Fixed.
I suggest to get in touch with the upstream projects and request them to sign their tarballs. You can also refer to GPGit with makes it easier for dev to get started with GPG source signing: https://github.com/NicoHood/gpgit
Thanks for this hint, I will contact the upstream projects and request that. I'll add comments to the PKGBUILDs with status updates of that progress.
Cheers Nico
On 05/10/2017 01:49 PM, Thore Boedecker via aur-general wrote:
Hey folks,
My name is Thore Bödecker (a.k.a. foxxx0, or just foxxx depending on nick availability) and finally I have taken the time increase my involvement with Arch Linux. I'm 26 years old now and living in small town called Falkensee, near Berlin in Germany.
First of all thanks to Florian Pritz (Bluewind) who is sponsoring my TU application.
I heard you like stories so I'm happy to tell you about my way through the Linux world.
I have been using Linux in various flavours for a long time, if memory serves correctly it all started with Ubuntu 6.10 somewhere in 2006 while I was still in school. At first it was merely some experimentation and exploring a whole new world but quickly I got really interested. Being a totally addicted gamer at that time it was not a real option for daily usage but I went ahead to build a small fileserver with it and continued to learn new stuff while doing so.
After switching back and forth between Ubuntu and Debian for a couple of years and a bit of Gentoo in the middle I ended up renting a server to host some stuff with Debian.
In October 2010 my bachelor studies in some sort of technical computer science started at HTW Berlin (for the German speaking people, the course of studies was called "Informationstechnik/Vernetzte Systeme").
This surely had quite some influence and not much later Arch Linux was the OS on my laptop. And oh it was good and enjoyable (even without systemd back then! :P).
During my studies I had less and less time for gaming which eventually made me install Arch on my desktop at home. At that point it was already quite clear that there was no alternative for me.
Having used Arch for some years on a daily basis made me more and more annoyed with my rented server, that was still running Debian. I got really upset with APT and the "Debian-way" of doing things, having seen how simply and enjoyable they were on Arch Linux.
You can pretty much guess what happened, I ended up with Arch on my rented server as well. And a second one. And on my router at home. I even build a custom archiso for home PXE setup, doing which is really pleasing too.
Please bear with me, I'll try to wrap things up :)
Since October 2013 I am studying computer science at the TU Berlin which has been quite an adventure thus far and if everything works out I'm on track to start my master thesis near the end of this year.
As I am also providing hosting services on that server to a small group of customers, the PHP 7 release was quite cumbersome. I had to find a way to provide support for two different PHP versions on my server. Gladly I found a fellow sufferer in Mickaël Thomas (mickael9 in the AUR) and we started working on the php56 AUR package [1]. It was a bit messy at first but in the end it worked out and I've been running php56 together with the upstream Arch Linux php packages for over a year now. I have been a co-maintainer of that package ever since and tried to push the security releases out as quickly as possible.
In order to retain as much features of php56 as possible, I created some additional packages for that, which could co-exist with upstream Arch repo packages as well:
[2] php56-apcu [3] php56-geoip [4] php56-memcache [5] php56-memcached [6] php56-xdebug
So why am I doing this all?
I love using Arch Linux, it has been a joyful journey most of the time and I'm looking forward to what might come.
But why do I want to be a TU some of you might ask.
As I am providing hosting services for customers I am also acting as an email service provider for my customers (and for myself too). Over the last few month there were some nasty spam mails glitching through my spamassassin setup. Naturally I investigated and found that I couldn't really do *anything* while using Arch Linux repo packages only (which I highly prefer for critical infrastructure). I have been in touch with Florian very, very much over the last few years and we shared the same desire: amavisd-new.
So last week I did an experiment with a combination of opendkim + opendmarc + amavisd-new.
When I discovered that there was no AUR package for amavisd-milter I went ahead and created one. But somehow when I tried to push my package to AUR it said "Permission denied". As it turned out, another fellow Arch Linux user has done the exact same thing and pushed to the AUR a couple of hours before me. So I got in contact with said Person, Karol Babioch (kbabioch) and he was happy to let me take ownership of amavisd-milter [7].
I countinued to experiment and it seemed the opendmarc internal SPF check wasn't really working in the Arch Linux repo version. This made me build opendmarc using libspf2 which did the trick and I've put that together in opendmarc-libspf2 [8].
To make all these parts easily and comfortably available to all Arch Linux users I would like to move these few packages to [community] (if Yardena Cohen a.k.a. yar agrees for amavisd-new).
As you guys want to make sure that I am capable of writing high quality PKGBUILDs, Florian pointed out some AUR packages that were orphaned and could use some makeover. So I went ahead and tried my best to get them back into shape, feel free to give feedback:
[9] awl [10] davical [11] webalizer
You can find all packages that I currently maintain here: [12].
Last but not least I would like to throw in my own open source project, that I created to easy management of my hosting:
[13] vhost-api
It is currently undergoing a rewrite in order to improve the modularity, expandability and maintenance. Sadly my time for that is a bit scarce right now and it is not urgent as has been working quite well thus far.
The packages that I would like to move to [community], if the current maintainers agree, are: - amavisd-new - amavisd-milter - perl-convert-tnef (required for amavisd-new) - perl-convert-uulib (required for amavisd-new) - libspf2
Additionally I would like to take maintainership of opendmarc if that is okay with Sergej, in order to build it against libspf2.
Apart from maintaining the mentioned packages I am also quite capable regarding server and service hosting and happy to assist in maintaining and improving the Arch Linux infrastructure. :)
The best ways to reach me are either through email: me [at] foxxx0 [dot] de Or over on split^Wfreenode: freenode/foxxx0
Thanks for taking the time to read all this and for considering my application.
Cheers, Thore
[1] https://aur.archlinux.org/cgit/aur.git/log/?h=php56 [2] https://aur.archlinux.org/packages/php56-apcu [3] https://aur.archlinux.org/packages/php56-geoip [4] https://aur.archlinux.org/packages/php56-memcache [5] https://aur.archlinux.org/packages/php56-memcached [6] https://aur.archlinux.org/packages/php56-xdebug [7] https://aur.archlinux.org/packages/amavisd-milter [8] https://aur.archlinux.org/packages/opendmarc-libspf2 [9] https://aur.archlinux.org/packages/awl [10] https://aur.archlinux.org/packages/davical [11] https://aur.archlinux.org/packages/webalizer [12] https://aur.archlinux.org/packages/?SeB=m&K=foxxx [13] https://github.com/vhost-api
--
On 05/10/2017 04:01 PM, Thore Boedecker via aur-general wrote:
The php56 package already uses gpg signatures?!
Sorry I think i looked at a different package then. Yeah it would be really nice to have signatures available anywhere. Thanks for your cooperation :) ~Nico
On 05/10/2017 07:49 AM, Thore Boedecker via aur-general wrote:
As I am also providing hosting services on that server to a small group of customers, the PHP 7 release was quite cumbersome. I had to find a way to provide support for two different PHP versions on my server. Gladly I found a fellow sufferer in Mickaël Thomas (mickael9 in the AUR) and we started working on the php56 AUR package [1]. It was a bit messy at first but in the end it worked out and I've been running php56 together with the upstream Arch Linux php packages for over a year now. I have been a co-maintainer of that package ever since and tried to push the security releases out as quickly as possible.
In order to retain as much features of php56 as possible, I created some additional packages for that, which could co-exist with upstream Arch repo packages as well:
[2] php56-apcu [3] php56-geoip [4] php56-memcache [5] php56-memcached [6] php56-xdebug
Just my $0.02, but those php56 packages have saved my ass with some php7-incompatible webapps and they were done in a clean way, so my kudos on that. -- brent saner http://www.square-r00t.net
And on my router at home.
Neat! What are you using for router hardware? I've done this as well. I used a desktop with ethernet and wifi expansion cards for several years, and then moved to a PC Engines apu2c2 <http://www.pcengines.ch/apu2c2.htm>. It seems like you have a good set of system administration skills, as indicated by at least these statements:
I ended up with Arch on my rented server as well. I am also providing hosting services on that server to a small group of customers I have been a co-maintainer of [php56] ever since and tried to push the security releases out as quickly as possible. I am providing hosting services for customers I am also acting as an email service provider for my customers (and for myself too). Apart from maintaining the mentioned packages I am also quite capable regarding server and service hosting and happy to assist in maintaining and improving the Arch Linux infrastructure. :)
Do you monitor PHP-related security issues? It sounds like you do, and if you're providing hosting services to customers, you probably should be. :-) Do you have any interest in sharing that knowledge by volunteering for the Arch CVE monitoring team <https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team>? Nobody is specifically monitoring PHP issues. —Jeremy
On 11.05.17 - 12:13, Jeremy Audet via aur-general wrote:
And on my router at home.
Neat! What are you using for router hardware? I've done this as well. I used a desktop with ethernet and wifi expansion cards for several years, and then moved to a PC Engines apu2c2 <http://www.pcengines.ch/apu2c2.htm>.
At first it was an Intel Atom ITX board, then replaced by a Core i3 Haswell and finally I ended up with an apu2c4. Storage is an internal 128gb mSATA SSD and WIFI is handled within 2 separate VLANs by a Unifi UAP-AC-Lite. It is running really smooth and without any issues. At the moment I even have two WAN uplinks and created some hooks for dhcpcd/pppd to dynamically manage my routing tables and iptables rulesets.
It seems like you have a good set of system administration skills, as indicated by at least these statements:
I ended up with Arch on my rented server as well. I am also providing hosting services on that server to a small group of customers I have been a co-maintainer of [php56] ever since and tried to push the security releases out as quickly as possible. I am providing hosting services for customers I am also acting as an email service provider for my customers (and for myself too). Apart from maintaining the mentioned packages I am also quite capable regarding server and service hosting and happy to assist in maintaining and improving the Arch Linux infrastructure. :)
Do you monitor PHP-related security issues? It sounds like you do, and if you're providing hosting services to customers, you probably should be. :-) Do you have any interest in sharing that knowledge by volunteering for the Arch CVE monitoring team <https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team>? Nobody is specifically monitoring PHP issues.
Mainly I'm just subscribed to the *-announce MLs for every important piece of software I use and oss-sec, bugtraq and fulldisclosure in addition. I like to keep an eye on vulnerabilities in general and make sure to take precations if necessary. I'll keep that idea in mind and think about it.
—Jeremy
Cheers, Thore --
Hey, just to be clear: I did not and do not want to move any php56 related packages to the Arch repo at any point. It seems there was some confusion on that topic, so I have quoted the important part from the original mail below: On 10.05.17 - 13:49, Thore Boedecker via aur-general wrote:
The packages that I would like to move to [community], if the current maintainers agree, are: - amavisd-new - amavisd-milter - perl-convert-tnef (required for amavisd-new) - perl-convert-uulib (required for amavisd-new) - libspf2
Cheers, Thore
participants (7)
-
brent s.
-
Florian Pritz
-
Jeremy Audet
-
NicoHood
-
Sébastien Luttringer
-
Thore Boedecker
-
Yardena Cohen