Re: qmail and related packages in NEW
* Gerrit Pape:
> On Mon, Dec 01, 2008 at 03:33:43PM +0100, Florian Weimer wrote:
>> * Joerg Jaspert:
>> > First - the packaging is nowhere near the standard Debian aspires to in the
>> > archive:
>> > Qmail is an MTA and as such should follow Debian Policy (for example Section
>> > 11.6). It's therefore not a very good start that an MTA package needs
>> > additional packages (qmail-run) installed to perform the minimal tasks
>> > required of mail-transport-agent, and yet another package (fastforward) to
>> > support /etc/aliases.
>> Yuck. I wasn't aware of that. So the security discussion was kind of
>> a red herring, after all.
> Hi, how exactly is that a policy violation?
If the MTA package is qmail-run, it must depend on fastforward, in
order to comply with Policy 11.6 (a Recommends: is not sufficient,
IMHO). Using a homegrown init system by default seems in conflict
with Policy 9.3, in particular 9.3.2.
> I still think this is a good thing, providing valuable flexibility to
> the users. What problem do you see? Is it that the packages are
> modularised, and not a single monolithic qmail package? Is it the
> name?, should the 'qmail-run' MTA package named 'qmail', and the current
> 'qmail' package 'qmail-core' or so?
I guess qmail-run is fine for a package which does not integrate well
with the standard Debian init system.
However, my comment in response to Jörg's email was mainly intended to
put the security team's response into perspective (given that
arguments based on software security concerns are often used to back
quite different goals). I did not want to focus on specific rejection
reasons per se.