Hi, (Disclaimer: I use and maintain some non-free packages. So please do not shoot the messenger.) As we all know non-free in the Debian archive is a friction point between Debian and FSF. On Thu, Sep 11, 2014 at 06:08:28PM +0200, Thijs Kinkhorst wrote: > On Wed, September 10, 2014 22:27, Yves-Alexis Perez wrote: > >> > I'm adding debian-www (contact point for all web pages) to CC: so they > >> > can get a look. > >> > >> This section is handled by the security team (people in the team have > >> commit access), but if they feel the need to let someone else fix stuff > >> on their behalf, theyâ??re welcome to provide explicit guidance of what > >> is > >> to fix, and how. > > > > Is there anything else than CVS available in order to provide a patch? I > > think removing the "contrib non-free" part would be ok (and maybe add > > them to the security FAQ so people actually interested by those suites > > can add the information themselves, although I'm unsure what does the > > installer do right now). > > > > Team, what do you think? > > I think the original claim that this "recommends" or advocates non-free is > firmly overstating things. Suggesting to add contrib/non-free archive even with fair warning causes tension with folks aligned with FSF, historically. I have a first hand experience doing so in my "Debian reference". https://bugs.debian.org/686481 In order to avoid the wrong impression of Debian distribution to contain non-free in it, with zak's assistance, I came up with extra section addressing this topic in /etc/apt/sources.list https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_debian_is_100_free_software zak as then-DPL accepted this as our best effort, as I understood. But the person complaining "Debian to support non-free from FSF view point" did not give us a clean "good job" response. So bug is still open. > The line just documents how you can use > security updates and shows the suites that are available. If you don't > want some of those suites it's trivial to leave them off. Please note d-i does not put "contrib non-free" as default to /etc/apt/sources.list. > Seems like a non-issue to me. Has this actually caused a problem for someone? Based on the above observation, unfortunately "YES, it causes problem". Some words of caution for adding non-free and contrib there maybe prudent thing to do for the better collaboration with FSF. (Although that may not be enough...). Regards, Osamu
Attachment:
signature.asc
Description: Digital signature