Bug#770016: Clarify network access for building packages in main
On 23/11/14 at 21:13 +0100, Bill Allombert wrote:
> On Sun, Nov 23, 2014 at 08:15:33PM +0100, Lucas Nussbaum wrote:
> > On 23/11/14 at 20:03 +0100, Bill Allombert wrote:
> > > On Sun, Nov 23, 2014 at 04:47:00PM -0200, Henrique de Moraes Holschuh wrote:
> > > > On Sun, 23 Nov 2014, Bill Allombert wrote:
> > > > > --- a/policy.sgml
> > > > > +++ b/policy.sgml
> > > > > @@ -1928,12 +1928,16 @@ zope.
> > > > > impossible to auto-compile that package and also makes it hard
> > > > > for other people to reproduce the same binary package, all
> > > > > required targets must be non-interactive. It also follows that
> > > > > any target that these targets depend on must also be
> > > > > non-interactive.
> > > > > </p>
> > > > > + <p>
> > > > > + For packages in the main archive, no required targets
> > > > > + may attempt network access.
> > > > > + </p>
> > > > >
> > > > > <p>
> > > > > The targets are as follows:
> > > > > <taglist>
> > > > > <tag><tt>build</tt> (required)</tag>
> > > > > <item>
> > > >
> > > > This is something we want for multiple reasons, but have we already fixed
> > > > all instances of, e.g., validating sgml/xml parsers trying to fetch DTDs or
> > > > schemas during documentation build ? Or other network access attempts that
> > > > don't fail a build (and helpfully don't modify it either)?
> > >
> > > Lucas, can you confirm that the main archive ca be rebuild without external
> > > network access ?
> >
> > No: that's something I used to check (by building on machines with
> > specific firewall rules to forbid external network access), but that I
> > haven't been testing recently.
>
> Was there a lot of failure ?
No
> What severity did you use for the bug report ?
serious
> Are you in favor of the patch above ?
In general, yes.
I wonder if it should be turned into "the package must not rely on
external access network to build correctly". A package that checks if
network access is available, and run more tests if it's the case, could
be fine.
Lucas
Reply to: