[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Architecture independent binaries and building from source

Shaun Jackman wrote:

>If a package includes source as well as a platform independent binary
>(any byte-code for example), is it *required* (i.e. policy MUST) that
>the binary be rebuilt from source? To be DFSG free it certainly must
>be possible to rebuild it from source.
>My inclination is not to rebuild the binary. If possible I'd prefer to
>redistribute a binary that is byte-for-byte identical with upstream's.
>This, for example, allows a simple md5sum to show that two hosts have
>identical versions of this software.
>If rebuilding a platform independent binary from source is a policy
>requirement, I'd appreciate a pointer to the relevant text.

The point of building from sources is to make sure that the binary is
the result of building the given source. Anyway, I don't think your
argument holds too much water. Anyone can just use `debsums` to check
the entire system, including your package, with md5 hash.

- Adam

Building your applications one byte at a time

Reply to: