On 02/20/2015 06:25 AM, Harald Dunkel wrote:
Hi Daniel, On 02/20/15 13:09, Daniel Leidert wrote:Just to understand your problem: there is a package foo. Debian provides it with version 1:A-B and upstream provides some self-compiled packages with the same name under version C-D (and C-D < 1:A-B) and you want to force apt to install the package from the upstream developers site.Not exactly: I want to avoid that such a mess happens again. I think its obvious that a naming conflict should be avoided. Having 2 source or binary packages with identical names in 2 independent repositories is just asking or troubles.
I don't understand how policy can help in this case. Debian can only have policy for its own work. Upstream's is not Debian. My take is that it's more a matter of configuration (or some other technical aspect) than policy. I explain:
Debian could have package name X based on a software piece from upstream U. Some version problems happen and the maintainer decides to set version to 1:V. and then upstream U decides to also create its own .deb package X without using 1:. [*]
[*] Notice that I didn't say 'Debian package', I said '.deb package'All is well fr both *until* the user decides to add the repository for upstream.
The Debian repository should have higher priority than upstream's, mostly for security purposes, but I don't know if that's currently the way. Nevertheless it's the *user* that decided to manually add the third-party repo.
You and I can create a repo for any existing Debian package with any version number. If the user decides to add our repos there's nothing Debian can do to stop him. Our packages could even be malicious.
Then the question is not about policy. It's about how to best help the user handle the situation, and that is being allowed to locally raise or lower the priority of a package or repository for a particular set of packages or repositories.
IMHO there should be a policy for the special case, that there is a naming conflict between upstream's source or binary packages, and the packages included in Debian.
Ah, naming conflict can only be stated within Debian. Going on this would just be repeating myself. Maybe you want to have a way to define different "namespaces" for particular repos, so you can distinguish them.
Let me invent something on the fly: you want to distinguish "debian$package" vs "upstream$package", where 'debian$' and 'upstream$' are repo prefixes so apt-get handles them separately. Possibly 'debian$' is the one by default. This doesn't exist AFAIK.
Best regards.