[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#845715: debian-policy: Please document that packages are not allowed to write outside their source directories

On Sat, 26 Nov 2016 03:34:22 +0000 Johannes Schauer <josch@debian.org> wrote:
> Package: debian-policy
> Severity: wishlist
> Tags: patch
> 
> Hi,
> 
> source packages are forced to not write into $HOME by sbuild and
> pbuilder, so any package attempting to do so currently FTBFS. It would
> be nice to have this requirement be documented in policy. I propose the
> following patch:
> 
> 
> diff --git a/policy.sgml b/policy.sgml
> index 9cd182b..42efd18 100644
> --- a/policy.sgml
> +++ b/policy.sgml
> @@ -1944,6 +1944,16 @@ zope.
>            For packages in the main archive, no required targets
>            may attempt network access.
>         </p>
> +       <p>
> +         None of the required targets must attempt to write outside of the
> +         source package package directory tree. An exception to this rule is
> +         the use of <file>/tmp</file> which is permitted as long as temporary

Instead of hardcoding /tmp, this should recommend using $TMPDIR, with
fallback to /tmp if and only if $TMPDIR not set.

- Josh Triplett
Reply to: