Bug#816683: RFS: cloudabi-utils/0.8-1 [ITP]

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#816683: RFS: cloudabi-utils/0.8-1 [ITP]
From: Ed Schouten <ed@nuxi.nl>
Date: Thu, 03 Mar 2016 22:36:26 +0100
Message-id: <[🔎] 145704098647.32509.14096566662143194082.reportbug@d-debian-vm.nuxi.nl>
Reply-to: Ed Schouten <ed@nuxi.nl>, 816683@bugs.debian.org

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "cloudabi-utils"
 Package name    : cloudabi-utils
 Version         : 0.8-1
 Upstream Author : Ed Schouten <ed@nuxi.nl>
 URL             : https://nuxi.nl/
 License         : 2-clause BSD license
 Section         : misc

It builds those binary packages:
 cloudabi-utils - Utilities for spawning CloudABI processes
 libcloudabi-dev - Native ports of CloudABI functions (development files)
 libcloudabi0 - Native ports of CloudABI functions (shared library)

To access further information about this package, please visit the following URL:
 http://mentors.debian.net/package/cloudabi-utils

Alternatively, one can download the package with dget using this command:
 dget -x http://mentors.debian.net/debian/pool/main/c/cloudabi-utils/cloudabi-utils_0.8-1.dsc

----- End of boilerplate ;-) -----

To summarize, cloudabi-utils is a package that provides a utility called
cloudabi-run that you can use to start CloudABI programs. CloudABI is a secure
POSIX-like runtime built around the concept of capability-based security.

In order to make the startup process secure, cloudabi-run cannot start the
requested program directly. It first has to jump through a tiny 'proxy' program
called cloudabi-reexec to ensure it has already entered CloudABI's sandbox.
cloudabi-reexec itself is a CloudABI program. This tool has to be built with a
cross compiler for CloudABI and linked against CloudABI's C library. All of
these components are fully BSD and MIT licensed:

- Toolchain: Clang, LLVM, LLD, Binutils
- C runtime library: LLVM's compiler-rt
- C library: https://github.com/NuxiNL/cloudlibc
- cloudabi-reexec: https://github.com/NuxiNL/cloudabi-ports/blob/master/packages/cloudabi-reexec/cloudabi-reexec.c

Now the problem is as follows: I don't think it's realistic that we'll be able
to build cloudabi-reexec as part of this Debian package. I don't have any
intent on including packages for CloudABI's C library in Debian, for example.
For this reason I've including a precompiled binary. The README explicitly
states where this binary came from. A package that I wrote for FreeBSD also
uses these precompiled binaries:

https://www.freshports.org/sysutils/cloudabi-utils

My question is, is this all right according to Debian's project guidelines? If
not, is there anything I can do to address this?

Thanks,
 Ed Schouten

Reply to:

Follow-Ups:
- Bug#816683: RFS: cloudabi-utils/0.8-1 [ITP]
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Bug#806572: RFS: multimail/0.50~20150922-1 [ITA]
Next by Date: Processed: your mail
Previous by thread: Bug#816652: RFS: compiz/1:0.9.12.2 [ITP:722451]
Next by thread: Bug#816683: RFS: cloudabi-utils/0.8-1 [ITP]
Index(es):
- Date
- Thread