Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo

To: Russ Allbery <rra@debian.org>, 1068192@bugs.debian.org
Cc: Tobias Frost <tobi@debian.org>, Aurelien Jarno <aurel32@debian.org>, Philipp Kern <pkern@debian.org>, Sean Whitton <spwhitton@spwhitton.name>
Subject: Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo
From: Bill Allombert <ballombe@debian.org>
Date: Thu, 4 Apr 2024 20:51:04 +0200
Message-id: <Zg72mKscrke/LqQs@seventeen>
Reply-to: Bill Allombert <ballombe@debian.org>, 1068192@bugs.debian.org
In-reply-to: <[🔎] 87le5tezqd.fsf@hope.eyrie.org>
References: <[🔎] 875xx0r24h.fsf@melete.silentflame.com> <[🔎] 171198539477.3458990.18076405111856874367.reportbug@ohm.local> <[🔎] ZguQe9SswHMsKF27@aurel32.net> <[🔎] Zg1NpwNDTrWHouco@master.debian.org> <[🔎] 171198539477.3458990.18076405111856874367.reportbug@ohm.local> <[🔎] Zg3C_f7ash2zRlUZ@aurel32.net> <[🔎] 171198539477.3458990.18076405111856874367.reportbug@ohm.local> <[🔎] Zg7smwt_xI4Lp9Qi@isildor2.loewenhoehle.ip> <[🔎] 171198539477.3458990.18076405111856874367.reportbug@ohm.local> <[🔎] 87le5tezqd.fsf@hope.eyrie.org> <[🔎] 171198539477.3458990.18076405111856874367.reportbug@ohm.local>

On Thu, Apr 04, 2024 at 11:42:34AM -0700, Russ Allbery wrote:
> Tobias Frost <tobi@debian.org> writes:
> > On Wed, Apr 03, 2024 at 10:58:37PM +0200, Aurelien Jarno wrote:
> 
> >> Thanks Philipp. Following that result, please find a patch proposal: 
> >> 
> >> --- a/policy/ch-source.rst
> >> +++ b/policy/ch-source.rst
> >> @@ -338,9 +338,9 @@
> >>  For example, the build target should pass ``--disable-silent-rules``
> >>  to any configure scripts.  See also :ref:`s-binaries`.
> >>  
> >> -For packages in the main archive, required targets must not attempt
> >> -network access, except, via the loopback interface, to services on the
> >> -build host that have been started by the build.
> >> +Required targets must not attempt network access, except, via the
> >> +loopback interface, to services on the build host that have been started
> >> +by the build.
> >>  
> >>  Required targets must not attempt to write outside of the unpacked
> >>  source package tree.  There are two exceptions.  Firstly, the binary
> 
> > LGTM, Seconded.
> 
> Also looks good to me.  Seconded.

I still think we should allow Autobuild: no as an escape hatch.
If we want to require non-free package to be autobuildable, we should
be more explicit about it (and probably require more feedback from
debian-devel).

Cheers,
-- 
Bill. <ballombe@debian.org>

Imagine a large red swirl here.

Reply to:

Follow-Ups:
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo
  - From: Philipp Kern <pkern@debian.org>

References:
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Philipp Kern <pkern@debian.org>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Aurelien Jarno <aurel32@debian.org>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Tobias Frost <tobi@debian.org>
- Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
Next by Date: Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo
Previous by thread: Bug#1068192: debian-policy: extended forbidden network access to contrib and non-free
Next by thread: Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo
Index(es):
- Date
- Thread