[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: duplicate library code in a package



On 28 September 2005 14:07, Justin Pryzby wrote:

When I make a new upstream package for Erlang, I need to extract the upstream 
tar.gz file, which is named otp_src_[version].tar.gz, rename the created 
directory to a Debian friendly name and then make the .orig.tar.gz.

Does that count as repackaging? If so I'm clueless as to what I should do to 
avoid that.

> On Wed, Sep 28, 2005 at 01:36:02PM -0400, Roberto C. Sanchez wrote:
> > On Wed, Sep 28, 2005 at 12:07:08PM -0500, Carlo Segre wrote:
> > > On Wed, 28 Sep 2005, Roberto C. Sanchez wrote:
> > > >On Wed, Sep 28, 2005 at 06:15:12PM +0200, Tommaso Moroni wrote:
> > > >>Hi!
> > > >>
> > > >>I'm packaging kchmviewer, which uses a version of chmlib bundled
> > > >>in the upstream tarball.
> > > >>
> > > >>Is it a Bad Thing to use that library instead of depending on the
> > > >>official packaged one?
> > > >
> > > >Yes(TM), it is a Bad Thing(TM).
> > > >
> > > >If the official library is suitable, then use it.  It will:
> > > >
> > > >- absolve you of providing security support for the duplicate code
> > > >- make the resulting binary packages fewer or smaller
> > > >- save space on end user systems and repository mirror sites
> > >
> > > Don't delete it form the upstream tarball though or your diffs will be
> > > huge. Just disable the compilation in the makefiles.
> > >
> > > Carlo
> >
> > An excellent point.  I imagine that it would also be permissible to
> > repackage the .orig.tar.gz file so that it is gone from there as well.
>
> Usually only 3 reasons are sufficient justification for repackaging.
>
>  1) non DFSG material included;
>  2) large binaries included;
>  3) multiple "dependent" upstream source tarballs required for
>     building a single binary package
>
> Bill lists some other ones here:
>   http://lists.debian.org/debian-policy/2003/09/msg00123.html
>
> My comments within:
>   --- Files have stupid permissions.
> This is probably not a valid reason, in itself; just run
> chmod -R u=Xg=o= or whatever in ./debian/rules.
>
>   --- tarball contains files at the root.
>  As Joerg notes in the New Queue Reject Faq, this is not a valid
>  reason; dpkg-source deals with this just fine.
>
>   --- Some files are not DFSG free.
> Correct.
>
>   --- You can't add binary files (e.g. icons) in a diff. Using uuencode
>       is not optimal.  Sometimes it is better to sneak them in the
>       source tarball.
> That's one way; Theodore Ts'o does it by putting them in the .diff.gz.
>
>   --- tarball include large stuff that we don't want to package.
> I think this is only sufficient justification if its very large, like
> over 50% of the source package size, and tens of megabytes.
>
> The other 3 things listed are also okay..
>
> --
> Clear skies,
> Justin

Attachment: pgpWnlRspj6DY.pgp
Description: PGP signature


Reply to: