Debian Conference 2015 The annual Debian developer meeting

Speakers:
Important announcements and a raffle.

Speakers: Holger Levsen, Lunar
With free software, anyone can inspect the source code for malicious flaws. But Debian provide binary packages to its users. The idea of “deterministic” or “reproducible” builds is to empower anyone to verify that no flaws have been introduced during the build process by reproducing byte-for-byte identical binary packages from a given source. This talk will explain the current status of the Debian Reproducible Builds project, how this is relevant for the complete free software eco system and how you can contribute.

Speakers: Holger Levsen, Lunar
With free software, anyone can inspect the source code for malicious flaws. But Debian provide binary packages to its users. The idea of “deterministic” or “reproducible” builds is to empower anyone to verify that no flaws have been introduced during the build process by reproducing byte-for-byte identical binary packages from a given source. This talk will explain the current status of the Debian Reproducible Builds project, how this is relevant for the complete free software eco system and how you can contribute. see https://wiki.debian.org/ReproducibleBuilds and https://reproducible.debian.net URLs: https://wiki.debian.org/ReproducibleBuilds https://reproducible.debian.net

Speaker: Martín Ferrari
This talk will introduce a new tool for the discerning sysadmin: Prometheus. It will start with an overview of the challenges of packaging a Go application in Debian: the small number of packaged libraries, the very particular model of dependency management and compilation, etc. It will be followed with an overview of the system and a taste of what you can do with it. If time permits, I might even do a small demo. Most sysadmins face a similar problem: the state of FOSS monitoring tools is still stuck in the 90s. Nagios, Munin and friends get the job done, and you might think this is enough. But once you have a taste of what you can do with a tool like Prometheus, you will never want to come back! Prometheus is a very different system. Instead of checking good/bad states of services, or just nicely graphing values, it collects information. A lot of information! At its core, it is just a time-series database and data collector. What makes it powerful is the advanced calculations you can make on the fly with the collected data, from which you can derive nice graphs, fire alerts, or just store for future analysis.

Speaker: Paul Wise
A panel bringing together different representatives of Debian and our derivatives. We will introduce represented derivatives, discuss their relationships with Debian, what they need from Debian, what Debian needs from them and strategies for integration. People who are interested in joining the panel are explicitly invited to contact me.

Speaker: Holger Levsen
A roundtable with relevant Debian parties to discuss and plan what needs to be done, so that reproducible builds can become a official supported feature for (at least some packages in) Debian Stretch. We would like to see ftpmaster team members, dpkg maintainers, release team members, tech-ctte members and you at this event!

Speakers: Enrico Zini, Martin Zobel-Helas
Status on the setup of sso.debian.org DACS, OAUTH2

Speakers:
Debichem BoF

Speakers:
Debian emacs addons

Speaker: Asheesh Laroia
This talk introduces Sandstorm, a free software package manager for web applications with a focus on usability and security. The talk dives deep into how Sandstorm works and why. You'll see how Sandstorm is similar to and different from Debian, and you'll learn: * Why Sandstorm exists, and why I think it fits the web better than packaging the same apps in Debian directly * How people turn open source web apps into Sandstorm packages * How (and why) every Sandstorm app package is a Debian derivative * Why Debian should use this for Debian Developer-oriented infrastructure * Examples of web apps that Sandstorm is, and isn't, good for * How our community structure is different from Debian's -- with many lessons I've personally learned through my work on Debian * How Sandstorm adds security and access control to any web app You'll leave with a sense of the purpose of Sandstorm, an understanding of why we made it, and a desire to run it yourself.

Speaker: Alexander Wirt
This talk wants to give an overview about the current state of affairs about lists.debian.org. Where are we? - some statistics - problems - features not everyone is familiar with Where do we want to go to? - DMARC - Spamhandling - We need help - New search frontend - Other planned Improvements

Speaker: Antonio Terceiro
The anual gathering of the Ruby team, to discuss all things Ruby in Debian.

Speakers: Joerg Jaspert, Holger Levsen, Richard Hartmann
BoF about video.debian.net and the archive structure behind it.

Speaker: Paul Wise
During this session we will introduce Debian's derivatives related infrastructure, work on improving it and figure out plans for the future.

Speakers:
32 bit archs in Debian

Speaker: Margarita Manterola
* We will meet at the stones at the end of the venue * Debian Women is the project to bring more women to contribute to Debian. It was founded 11 years ago, during DebConf4. In the past we've done several different activities (mentoring, irc tutorials, mini-debconfs and others) and now we need new ideas for things to try that may help bring more women to participate in Debian. If you have experienced or witnessed obstacles preventing women from participating in Debian and/or you have ideas of things that we may do to make more interested women able to participate, please join us to discuss this. Mini agenda for the meeting: A) Brainstorm problems that women face when approaching Debian / trying to contribute. B) Brainstorm things that Debian Women could do to make the situation better. C) If we find some nice ideas and volunteers to do them, try to commit to making them a reality. Please note that everyone that shares the goal of helping more women participate in Debian is welcome, regardless of their gender.

Speakers: Martin Pitt, Michael Biebl
We look back at what challenges we faced with the SysVinit → systemd transition during the jessie release cycle and how we managed to survive it in the end. We will also introduce some planned and potential changes for stretch and how you can get involved.

Speaker: Wookey
ARM needs to test toolchain fixes, and 'all of debian' is a good way of finding whether your fix works 'everywhere', and how likely a particular code sequence is. This talk describes how we set the build system up to rebuild everything as quickly as possible, and shows the results we got. Feedback from others doing this sort of thing would be appreciated.

Speaker: Nattie Mayer-Hutchings
They're talks. They go like lightning.

Speaker: Christian Boltz
AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing even unknown application flaws from being exploited. AppArmor security policies, called profiles, completely define what system resources individual applications can access, and with what privileges. A number of default profiles are included with AppArmor, and using a combination of advanced static analysis and learning-based tools, AppArmor profiles for even very complex applications can be deployed successfully in a matter of hours. This talk gives an introduction to AppArmor. I'll show the AppArmor tools to create and update profiles and also explain the profile syntax so that you can understand and manually edit profiles. I'll also show some advanced usage - securing a typical webserver, setting up read-only root access to do backups and how to (ab)use AppArmor for debugging.

Speaker: Martin Zobel-Helas
What has DSA done for you and what you can do for DSA. The (nearly) yearly Q&A Session with your friendly DSA Team.

Speaker: Louis-Philippe Véronneau
Discussion and preparation of the bid presentation

Speakers:
AppStream Integration

Speakers:
Coffee & Snacks

Speakers:
Conference Dinner Transportation

Speakers:
DebConf social conference dinner

Speakers:
Conference Dinner Transportation