Re: Debian built from non-Debian sources

To: debian-devel@lists.debian.org
Subject: Re: Debian built from non-Debian sources
From: Jonas Smedegaard <jonas@jones.dk>
Date: Sun, 16 Jul 2017 23:12:11 +0200
Message-id: <[🔎] 150023953107.6357.14317255048993881925@auryn.jones.dk>
In-reply-to: <[🔎] E1dWpvx-00073m-KR@mail.einval.com>
References: <[🔎] 150022471012.6357.9386072546587078002@auryn.jones.dk> <[🔎] 20170716172806.tbezsre2zfhyzudl@belkar.wrar.name> <[🔎] 20170716172806.tbezsre2zfhyzudl@belkar.wrar.name> <[🔎] E1dWpvx-00073m-KR@mail.einval.com>

Quoting Steve McIntyre (2017-07-16 22:14:29)
> Jonas wrote:
> >Quoting Andrey Rahmatullin (2017-07-16 19:28:06)
> >> On Sun, Jul 16, 2017 at 07:05:10PM +0200, Jonas Smedegaard wrote:
> >> > Is our install images excepmt from our Policy that all dependencies must 
> >> > be in Debian, or am I mistaken that we have such Policy?
> >> Do we?  The Debian Policy covers only debs.
> >> Also, dak isn't in the archive either.
> >
> >I thought Policy covered what we distribute - which excludes dak but 
> >includes libisofs code embedded in installer images.
> 
> Can you identify any code at all from libisofs which is embedded in
> the images? I'm honestly not aware of any.

I believe the embedded MBR is part of the libisofs project.

> I've been using upstream versions of xorriso on-and-off over the last 
> few years, accepting assistance from the (very helpful!) upstream 
> author Thomas Schmitt when trying to debug thorny issues like hybrid 
> BIOS/UEFI booting.
> 
> The exact behaviour that we've worked out in some cases has needed 
> upstream tweaks, and we've needed those tweaks from time to time in 
> what we've released.

No doubt the particular version of libisofs was used for good reasons.

My concern is the ability to replicate and derive the least possible 
from Debian resources like the install images.

Concretely The Debian derivative PureOS is having trouble booting their 
homemade live image on some hardware, but boots fine on both Debian 
netinst image and Debian live image.  Looking at the properly working 
images I noticed that the live image for stable was produced using 
newer-than-stable libisofs, and that the stable netinst image was 
produced using a never-in-Debian release of libisofs.

A related issue is bug#807168.

> >Do we have any Policy on installer images?  If e.g. our netinst or 
> >live images contain non-DFSG-but-free-to-distribute code would that 
> >be only a wishlist bug, not a Policy violation?
> 
> That would be a serious bug IMHO - please raise any as you find them.

Thanks for clarifying the severity of such theoretic bug specifically.

It was just an example, however, and my real question was generally what 
governs code we distribute outside packages - i.e. our install images, 
if Debian Policy covers only packages.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Attachment: signature.asc
Description: signature

Reply to:

Follow-Ups:
- Re: Debian built from non-Debian sources
  - From: Christian Seiler <christian@iwakd.de>
- Re: Debian built from non-Debian sources
  - From: Steve McIntyre <steve@einval.com>

References:
- Debian built from non-Debian sources
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Debian built from non-Debian sources
  - From: Andrey Rahmatullin <wrar@debian.org>
- Re: Debian built from non-Debian sources
  - From: Steve McIntyre <steve@einval.com>

Prev by Date: Re: Debian built from non-Debian sources
Next by Date: Re: Debian built from non-Debian sources
Previous by thread: Re: Debian built from non-Debian sources
Next by thread: Re: Debian built from non-Debian sources
Index(es):
- Date
- Thread