[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#250202: Get this over with

* Marco d'Itri:

> On Oct 11, Florian Weimer <fw@deneb.enyo.de> wrote:
>
>> I thought that README.source is intended to help casual packages
>> maintainers (or people who are forced to do a maintainer's task
>> because of some emergency).  A way to obtain the real source code from
>> which the package is built is not sufficient.  Changes to these
>> sources might not survive a dpkg-buildpackage run in some cases (a big
>> oops if your critical but non-testable security fix is silently
>> discarded).

> I can't see how README.source would solve this problem. Is an user
> is stupid enough to not notice that changes made to source unpacked
> at build time will not be preserved then I'd say he has no business
> building debian package (or any other kind of software... this is
> not some arcane knowledge, just good old common sense).

Which part about "emergency maintenance" is so hard to understand?

The system administrators I know can compile Apache+OpenSSL+PHP from
scratch, but would have trouble to apply a PHP security patch to the
Debian package (even though most of them have basic experience with
the way Debian packages are created).
Reply to: