RFC: Additions to dpkg's Pre-Depends
Hi!
As per Debian policy §3.5, and given dpkg “Essential: yes” nature, I'm
bringing up the following potential additions to dpkg's Pre-Depends,
and whether there is consensus about each of them individually and
independently.
* libmd-dev
- Rationale:
src:dpkg currently has its embedded MD5 implementation. On non-Debian
(and derivatives) it will default to use the message digest function
from either the system libmd or libc. I'd eventually like to be able
to remove the embedded code, which is there mostly for Debian. And to
be able to rely on SHA variants, for fsys metadata tracking and
similar (and not have to embed those too). I'd rather not add
support nor link against a crypto library like libgcrypt which might
already be present on the pseudo-essential set (currently, but could
go away easily with the OpenSSL license change), as these functions
are currently used for data integrity rather than for security, and
would/could get broken with stuff like FIPS enabled.
- Essential/Build-Essential:
AFAIR it is already part of the cross bootstrap set? But not of the
pseudo-build-essential or pseudo-essential sets. Most systems have
it installed via libbsd. On minimal systems it would increase the
installed size by around 80 KiB.
- Disclosure:
I maintain this in Debian and I'm upstream.
* libaudit-dev
- Rationale:
This could allow to add Linux audit support to dpkg on package action
events. I've got a branch that might need minor polishing, but could
otherwise be merged.
- Essential/Build-Essential:
On Linux it is already part of the pseudo-essential set.
* libacl-dev
- Rationale:
This could allow in the future (either later in 1.21.x or 1.22.x) to
support ACLs as part of the fsys metadata tracking support that is
upcoming.
- Essential/Build-Essential:
It is already part of the pseudo-essential set.
- Disclosure:
I maintain this in Debian.
* libcap-dev
- Rationale:
This could allow to add support to start-stop-daemon (already code
available) to drop POSIX capabilities. And also in the future (either
later in 1.21.x or 1.22.x) to support fsys POSIX capabilities as part
of the fyss metadata tracking support that is upcoming.
- Essential/Build-Essential:
On Linux it is already part of the pseudo-essential set.
* libzstd-dev
- Rationale:
This could allow to add zstd support for .debs via the library. This
is mostly to leave the door open to that possibility, as I'm still
pondering whether to perhaps add the support in Debian via the CLI
and just add those via Recommends or similar. Also there are still
concerns about the library and I have to note I'm rather unhappy
with how Ubuntu pushed this, and diverged the .deb ecosystem,
forcing upstream's hand here. :(
More details at <https://bugs.debian.org/892664#114>.
- Essential/Build-Essential:
On Linux it is already part of the pseudo-essential set.
Thanks,
Guillem
Reply to: