home of the madduck/ blog/
Counting developers

For my research I wanted to know how to obtain the exact number of Debian developers. Thanks to help from Andreas Barth and Manoj Srivastava, I can now document the procedure:

$ ldapsearch -xLLLH ldap://db.debian.org -b ou=users,dc=debian,dc=org \
  gidNumber=800 keyFingerPrint \
  | sed -rne ':s;/^dn:/bl;n;bs;:l;n;/^keyFingerPrint:/{p;bs}' \
  | wc -l

This actually seems enough as I do not recall any new maintainers being added since the last call for votes, which gives 1049 as well.

Andreas told me to count the number of entries in LDAP with GID 800 and an associated key in the Debian keyring. Manoj's dvt-quorum script also takes the Debian keyrings (GPG and PGP) into account, so I did the same:

$ ldapsearch -xLLLH ldap://db.debian.org -b ou=users,dc=debian,dc=org \
  gidNumber=800 keyFingerPrint \
  | sed -rne ':s;/^dn:/bl;n;bs;
              :l;n;/^keyFingerPrint:/{s,keyFingerPrint: ,,p;bs}' \
  | sort -u > ldapfprs

$ rsync -az --progress \
  keyring.debian.org::keyrings/keyrings/debian-keyring.gpg \

$ gpg --homedir . --no-default-keyring --keyring debian-keyring.gpg \
  --no-options --always-trust --no-permission-warning \
  --no-auto-check-trustdb --armor --rfc1991 --fingerprint \
  --fast-list-mode --fixed-list-mode --with-colons --list-keys \
  | sed -rne 's,^fpr:::::::::([[:xdigit:]]+):,\1,p' \
  | sort -u > gpgfprs

$ rsync -az --progress \
  keyring.debian.org::keyrings/keyrings/debian-keyring.pgp \

$ gpg --homedir . --no-default-keyring --keyring debian-keyring.pgp \
  --no-options --always-trust --no-permission-warning \
  --no-auto-check-trustdb --armor --rfc1991 --fingerprint \
  --fast-list-mode --fixed-list-mode --list-keys \
  | sed -rne 's,^[[:space:]]+Key fingerprint = ,,;T;s,[[:space:]]+,,gp' \
  | sort -u > pgpfprs

$ sort ldapfprs pgpfprs gpgfprs | uniq -c \
  | egrep -c '^[[:space:]]+2[[:space:]]'

MAN OVER BOARD! Who's the black sheep?

Update: In the initial post, I forgot the option --fixed-list-mode and hit a minor bug in gnupg. I have since updated the above commands. Thus, there is no more black sheep and the rest of this post only lingers here for posterity.

while read i; do
  grep "^${i}$" pgpfprs gpgfprs || echo $i >&2
done < ldapfprs >/dev/null

which returns 9BF093BC475BABF8B6AEA5F6D7C3F131AB2A91F5

$ gpg --list-keys 9BF093BC475BABF8B6AEA5F6D7C3F131AB2A91F5
pub   4096R/AB2A91F5 2004-08-20
uid                  James Troup <james@nocrew.org>

… our very own keyring master James Troup.

So has James subverted the project? Is he actually not a Debian developer? Given the position(s) he holds, does that mean that the project is doomed?

Ha! I am so tempted to end right here, but since my readers are used to getting all the facts, here's the deal:

James is so special that he gets to be the only one to have a key in our GPG keyring which can be used for encryption, or so I found out as I was researching this. Now this bug in gnupg actually causes his fingerprint not to be printed. Until this is fixed (if ever), simply leave out --fast-list-mode in the above commands.

NP: Oceansize: Effloresce