[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#466487: libauthen-smb-perl: should this package be orphaned or removed?



On 09:59 Wed 20 Feb     , Gunnar Wolf wrote:
> Ugh...
> 
> Xavier Oswald dijo [Thu, Feb 21, 2008 at 02:34:59PM +0100]:
> > > I don't have a compelling reason to jump and adopt this package;
> > > however, I know many modules in the Authen::* namespace were recently
> > > grabbed by Xavier Oswald. Xavier, or anybody in the group: Are you
> > > interested? :)
> > 
> > I just had a look and it's not that easy.
> > It seems that libapache2-authenntlm-perl includes all smb files of
> > libauthen-sbm-perl. That's why #432809!
> > 
> > libapache2-authenntlm-perl should depends on libauthen-smb-perl.
> > What do you think ?
> > 
> > I don't know why libapache2-authenntlm-perl includes smb files :/

I got some info from libapache2-authenntlm-perl maintainer. It seems that he
want orphan or even remove his package from debian.

> There is a reason - From libapache2-authenntlm-perl-0.02/smb/README:
> 
> This is a slightly modified version of Authen::Smb for use with
> Apache::AuthenNTLM
> 
> Authen::Smb allows you to authenticate users against an NT server. See
> Smb.pm POD documentation for details.
> 
> And, no, differences are not _that_ trivial (see the attached file for
> a simple "diff -ru libauthen-smb-perl-0.91/ libapache2-authenntlm-perl-0.02/smb/"
> - "only" 524 lines!).

Yes, I already see it.

> It seems to me (I might be wrong) that Gerald Richter got tired of not
> getting feedback from the Authen::Smb and decided to hijack
> it... inside this package :-/

I think so too !

> Even the version number has been
> bumped (0.91 -> 0.96). At a quick glance, the additions look like
> perfectly legitimate bug fixes and enhancements for upstream, and in
> any case, any NTLM-specific content AFAICT is in smbval/valid.c,
> with a nice comment preceding it:
> 
> /* the following addtions are taken from mod_ntlm, see http://sourceforge.net/projects/modntlm/ */
> 
> So... With the situation as it stands:
> 
> - Tests should be performed. AFAICT, libapache2-authenntlm-perl could
>   provide: and conflict: libauthen-smb-perl.
> - libauthen-smb-perl does not really hold any value over
>   libapache2-authenntlm-perl, as it is just an older version. In any
>   case, newer Authen::Smb should be decoupled from the (upstream)
>   Apache2::AuthenNTLM package.
> 
> Should we mark this as upstream and forward the hot potato to the CPAN
> RT? :-/ It does not make me too happy anyway...

Upstream seems "dead" for these two packages.. so I don't know how to handle
this situation...

If libapache2-authenntlm-perl is orphaned we could take it and conflict on
libauthen-smb-perl and the same for libauthen-smb-perl against
libapache2-authenntlm-perl. But I don't like this idea...

Greetings,
-- 
  ,''`.  Xavier Oswald <x.oswald@free.fr>                   
 : :' :  GNU/LINUX Debian Maintainer                        
 `. `'   GnuPG Key ID 0x88BBB51E                            
   `-    938D D715 6915 8860 9679  4A0C A430 C6AA 88BB B51E 

Attachment: signature.asc
Description: Digital signature


Reply to: