Re: timezone data packaged separately and in volatile?
-----BEGIN PGP SIGNED MESSAGE-----
On 02/03/2006 12:35 AM, Henrique de Moraes Holschuh wrote:
> On Thu, 02 Feb 2006, Lionel Elie Mamane wrote:
>>I just realised that the timezone data in glibc is taken from an
>>upstream database (namely ftp://elsie.nci.nih.gov/pub/). This data
>>sometimes changes, more rapidly than our release cycle (and than any
>>release cycle we can reasonable have).
> See the tz-brasil package for the current solution we have for the problem
> of widely variable timezones. Brazil's tz gets updated in unpredictable
> ways, sometimes more than twice a year and with little prior notice.
> That package is far from perfect (I personally don't agree with a lot of
> what it does), but it might give you a few ideas.
> Bottom line: you do not need to package the timezones in volatile. You can
> also have the timezones available from download, and a normal, stable
> package that downloads that data, validates it, and applies it.
We raise that question in #debian-volatile (OFTC) another day...
Brasil and Cuba are countries that are directly affected by this kind
of situations, the governments does no use a "fixed" schedule for
DayLight Savings... Brasil has even another problem that is related
with the TimeZones names, pzn (Pedro Zorzenon Neto) the maintainer of
tz-brasil has sent a RFC to try to define these names, but looks like
it has expired.
If we split timezones from libc, volatile looks like a very
good approach to handle that updates, since we can have to update it
a couple of times until the next release. I'm not sure but a timezone
update does not fit in "security update" category (could be possible),
but a package update throught a repository looks much more interesting
than having a package pulling data files from people.d.o like tz-brasil
In fact, if you consider offline situations and conditions
without access to people.d.o or another site with the data files,
having a pre-downloades package (like a CD with updates) is pretty
handy and easier to administer.
And Volatile Team takes very good care of packages that are
in volatile, considering that, you can also have a normal, stable
package that updates that data without need extra downloads. "Above
all, do no harm". :-)
Felipe Augusto van de Wiel (faw)
"Debian. Freedom to code. Code to freedom!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----