Re: Proposal: Fixing non-free content issues via installer packages

["Eddy Petrişor" <eddy.petrisor@gmail.com>]

On 14/08/06, Jon Dowland <lists@alcopop.org> wrote:
> At 1154699141 past the epoch, Eddy Petrişor wrote:
> > I don't think is too hard to make meta packages without
> > using those, *but* I think it would be hard to catch every
> > file in a tarball *and* place them in the proper places if
> > splitting is needed.
>
> Take a look at doom-package
> (http://debian.halfcoded.net/source/doom-package_11.tar.gz),
> in particular the make-wad-package script, for some examples
> of doing this.

I will. I suppose you are willing to work on such a project, I am
willing, too, is there anybody else willing to get involved in
implementing this?

Maybe we should start a wiki page under Games/DataFilesRetriever or
something like that to gather all ideas, goals and whatnot?!

> > Maybe we should implement some abstract retriever which
> > would take the files from the local file system, a CD or a
> > site ... you name it. The user would choose where from to
> > get the file
>
> Sounds good. I'd like such a framework to support displaying
> a licence to the user and requiring it to be accepted, for
> some things.

Yes, that is an important point in some cases, we could also use it as
warning displayer in early development stages ;-)

> > (via a debconf question, maybe)
>
> I don't think this should be done via debconf. It's too much
> work with too many failure cases to do in the
> {pre,post}{inst,rm} stages imho, and is a bit of an abuse of
> what debconf is designed for. It also means running all of
> these stages as root.

Indeed, good point.

> > and then the metapackager would create the assiciated
> > metapackage which, when uninstalled would remove the files
> > added.
>
> This is what doom-package does.

I just read recently, while translating on the Debian Installer manual
about being able to tell the package management that a certain
application installed from source is providing a functionality (well,
package name). I wonder if this is by hacking some files or if there
is a dedicated application which can do this...

> The tricky bit is the fine line between having lots of hacky
> code that builds and adjusts packages, or just depending on
> the proper tool packages and having lots of dependencies :(

Frankly, I don't have a clear picture about in which case the second
scenario would apply and how is supposed to work.. I would appreciate
more details.

> > >Yep why not. With some md5/sha1 checks to prevent invalid
> > >installation.
> >
> > This is risky, we would have to whitelist *every* data
> > file set which ever existed, including mods for new
> > things, new transaltions, expasions, whatever. If the test
> > results only in a warning that the md5sum did not check,
> > that would be fine.
>
> I was considering md5sum checks for doom-package, too. We
> have a list of different sums for different versions of
> doom2 IWAD files at <http://doom.wikia.com/wiki/Doom2.wad>.
> There are some subtle bugs due to the differences in
> versions (demo desyncs for example). It would just be to
> inform the user, however, it would not be relied upon for
> security.

In that case is fine with me.

--
Regards,
EddyP
=============================================
"Imagination is more important than knowledge" A.Einstein