Re: New perl package
Ian Jackson, in an immanent manifestation of deity, wrote:
>Firstly: a few months ago we decided to phase out `_' in package
>names. Many of the schemes being proposed for parseable filenames
>[...]
>1.1.6). So, could you please change from `_' to `-'.
Sorry, I got confused and thought it was changing the '-' to '_' in a
package name. I've changed it to '-'.
>Secondly: I don't particularly like the way you've split the packages.
>(a) We need a `perl binary only' (and perhaps the more essential
>library files) package for the base disks. That has to be marked
>Essential &c. (b) Can't we then make the rest of the installation a
>little less granular - have only one or perhaps two other packages ?
Can you and Bruce and who ever else decide which libraries are
essential and I'll make this package? Shall I call it perl-base?
As for having a the 3 (now 4) packages, I configured it that way since
some people aren't going to want suid or debug perl versions. I figured
that installing or not installing a package was the simplist way to do
this. I'm open for suggestions as to other methods. I don't really
like "ask a question in postinst" method. Anyway, debug perl is *big*
(1.1 Meg for the files + copyright).
>(c) You say ...
>> * Added the dosuid define to Configure so that perl would once
>> again create a suidperl. It was dropped from the upstream
>> release. There is a question in the postinst that asks if you
>> want it or not.
>Does the answer to this question get kept anywhere ? In any case,
>(i) isn't a separate package the right thing here but (ii) can't we
>review the code to make sure it's secure - surely that can't be too
>hard ? We just need to make sure that suidperl can't be used if there
>are no suid perl scripts.
My changelog entries are in reverse order. My third (from the top)
entries says that I changed it from a question to a package.
It's about as secure as suid programs get. i.e. there can always be
hidden gotchas and the safest route is not to have it.
suidperl will not run a script if it isn't suid or sgid.
>Thirdly:
>> * Added tcsh as well as c-shell to the dependency list. I'll
>> remove the tcsh once c-shell is provided by it.
>
>Please don't do this ! Configure it to think that csh isn't
>available. You can't make an vital package like Perl depend on an
>optional one like csh ...
How about Recommends? This is a known problem in perl. It's not been
fixed. I don't have enough tuits to set this up right now. I'm
catching up on being away on travel to client sites.
Darren
Reply to: