Re: Proposal: Fixing non-free content issues via installer packages

To: debian-devel-games@lists.debian.org
Subject: Re: Proposal: Fixing non-free content issues via installer packages
From: Jon Dowland <lists@alcopop.org>
Date: Mon, 14 Aug 2006 11:10:38 +0100
Message-id: <[🔎] 20060814101038.GC11015@alcopop.org>
Mail-followup-to: debian-devel-games@lists.debian.org
In-reply-to: <[🔎] 60381eeb0608040345i3e8ec99cvdaad061910b90593@mail.gmail.com>
References: <60381eeb0607260746i1faf63a7h483e3cc314af3c71@mail.gmail.com> <20060726145908.76806.qmail@web25303.mail.ukl.yahoo.com> <20060727085350.GA13079@alcopop.org> <25038.81.255.27.251.1153991167.squirrel@81.255.27.251> <20060727103106.GB13079@alcopop.org> <33419.81.255.27.251.1154001471.squirrel@81.255.27.251> <20060727120217.GD13079@alcopop.org> <3874.81.255.27.251.1154003940.squirrel@81.255.27.251> <[🔎] 60381eeb0608040345i3e8ec99cvdaad061910b90593@mail.gmail.com>

At 1154699141 past the epoch, Eddy Petrişor wrote:
> I don't think is too hard to make meta packages without
> using those, *but* I think it would be hard to catch every
> file in a tarball *and* place them in the proper places if
> splitting is needed.

Take a look at doom-package
(http://debian.halfcoded.net/source/doom-package_11.tar.gz),
in particular the make-wad-package script, for some examples
of doing this.

> Maybe we should implement some abstract retriever which
> would take the files from the local file system, a CD or a
> site ... you name it. The user would choose where from to
> get the file 

Sounds good. I'd like such a framework to support displaying
a licence to the user and requiring it to be accepted, for
some things.

> (via a debconf question, maybe)

I don't think this should be done via debconf. It's too much
work with too many failure cases to do in the
{pre,post}{inst,rm} stages imho, and is a bit of an abuse of
what debconf is designed for. It also means running all of
these stages as root.

> and then the metapackager would create the assiciated
> metapackage which, when uninstalled would remove the files
> added.

This is what doom-package does.

The tricky bit is the fine line between having lots of hacky
code that builds and adjusts packages, or just depending on
the proper tool packages and having lots of dependencies :(

> >Yep why not. With some md5/sha1 checks to prevent invalid
> >installation.
> 
> This is risky, we would have to whitelist *every* data
> file set which ever existed, including mods for new
> things, new transaltions, expasions, whatever. If the test
> results only in a warning that the md5sum did not check,
> that would be fine. 

I was considering md5sum checks for doom-package, too. We
have a list of different sums for different versions of
doom2 IWAD files at <http://doom.wikia.com/wiki/Doom2.wad>.
There are some subtle bugs due to the differences in
versions (demo desyncs for example). It would just be to
inform the user, however, it would not be relied upon for
security.

-- 
Jon Dowland
http://alcopop.org/

Reply to:

Follow-Ups:
- Re: Proposal: Fixing non-free content issues via installer packages
  - From: "Eddy Petrişor" <eddy.petrisor@gmail.com>

References:
- Re: Proposal: Fixing non-free content issues via installer packages
  - From: "Eddy Petrişor" <eddy.petrisor@gmail.com>

Prev by Date: Re: tarballs - why in SVN?
Next by Date: Re: Proposal: Fixing non-free content issues via installer packages
Previous by thread: Re: Proposal: Fixing non-free content issues via installer packages
Next by thread: Re: Proposal: Fixing non-free content issues via installer packages
Index(es):
- Date
- Thread