system, but not every package we want to make accessible is
<em>free</em> in our sense (see the Debian Free Software
Guidelines, below), or may be imported/exported without
- restrictions. Thus, the archive is split into the distribution
- areas or components<footnote>
+ restrictions. Thus, the archive is split into areas<footnote>
The Debian archive software uses the term "component" internally
and in the Release file format to refer to the division of an
- archive. The Debian Social Contract refers to distribution
- areas. This document uses the same terminology as the Social
- Contract.
+ archive. The Debian Social Contract simply refers to "areas."
+ This document uses terminology similar to the Social Contract.
</footnote> based on their licenses and other restrictions.
</p>
</p>
<p>
- The <em>main</em> distribution area forms the <em>Debian GNU/Linux
+ The <em>main</em> archive area forms the <em>Debian GNU/Linux
distribution</em>.
</p>
<p>
- Packages in the other distribution areas (<tt>contrib</tt>,
+ Packages in the other archive areas (<tt>contrib</tt>,
<tt>non-free</tt>) are not considered to be part of the Debian
distribution, although we support their use and provide
infrastructure for them (such as our bug-tracking system and
</sect>
<sect id="sections">
- <heading>Distribution areas</heading>
+ <heading>Archive areas</heading>
<sect1 id="main">
- <heading>The main distribution area</heading>
+ <heading>The main archive area</heading>
<p>
Every package in <em>main</em> must comply with the DFSG
</sect1>
<sect1 id="contrib">
- <heading>The contrib distribution area</heading>
+ <heading>The contrib archive area</heading>
<p>
Every package in <em>contrib</em> must comply with the DFSG.
</sect1>
<sect1 id="non-free">
- <heading>The non-free distribution area</heading>
+ <heading>The non-free archive area</heading>
<p>
Packages must be placed in <em>non-free</em> if they are
<heading>Sections</heading>
<p>
- The packages in the distribution areas <em>main</em>,
- <em>contrib</em> and <em>non-free</em> are grouped further
- into <em>sections</em> to simplify handling.
+ The packages in the archive areas <em>main</em>,
+ <em>contrib</em> and <em>non-free</em> are grouped further into
+ <em>sections</em> to simplify handling.
</p>
<p>
- The distribution area and section for each package should be
- specified in the package's <tt>Section</tt> control record
- (see <ref id="f-Section">). However, the maintainer of the
- Debian archive may override this selection to ensure the
- consistency of the Debian distribution. The
- <tt>Section</tt> field should be of the form:
+ The archive area and section for each package should be
+ specified in the package's <tt>Section</tt> control record (see
+ <ref id="f-Section">). However, the maintainer of the Debian
+ archive may override this selection to ensure the consistency of
+ the Debian distribution. The <tt>Section</tt> field should be
+ of the form:
<list compact="compact">
<item>
<em>section</em> if the package is in the
- <em>main</em> distribution area,
+ <em>main</em> archive area,
</item>
<item>
<em>area/section</em> if the package is in
the <em>contrib</em> or <em>non-free</em>
- distribution areas.
+ archive areas.
</item>
</list>
</p>
<p>
The Debian archive maintainers provide the authoritative
list of sections. At present, they are:
- <em>admin</em>, <em>comm</em>,
- <em>devel</em>, <em>doc</em>,
- <em>editors</em>, <em>electronics</em>, <em>embedded</em>,
- <em>games</em>, <em>gnome</em>, <em>graphics</em>,
- <em>hamradio</em>, <em>interpreters</em>, <em>kde</em>,
- <em>libs</em>, <em>libdevel</em>, <em>mail</em>,
- <em>math</em>, <em>misc</em>, <em>net</em>, <em>news</em>,
- <em>oldlibs</em>,
- <em>otherosfs</em>, <em>perl</em>, <em>python</em>,
- <em>science</em>, <em>shells</em>,
- <em>sound</em>, <em>tex</em>, <em>text</em>,
- <em>utils</em>, <em>web</em>, <em>x11</em>.
+ <em>admin</em>, <em>cli-mono</em>, <em>comm</em>, <em>database</em>,
+ <em>devel</em>, <em>debug</em>, <em>doc</em>, <em>editors</em>,
+ <em>electronics</em>, <em>embedded</em>, <em>fonts</em>,
+ <em>games</em>, <em>gnome</em>, <em>graphics</em>, <em>gnu-r</em>,
+ <em>gnustep</em>, <em>hamradio</em>, <em>haskell</em>,
+ <em>httpd</em>, <em>interpreters</em>, <em>java</em>, <em>kde</em>,
+ <em>kernel</em>, <em>libs</em>, <em>libdevel</em>, <em>lisp</em>,
+ <em>localization</em>, <em>mail</em>, <em>math</em>, <em>misc</em>,
+ <em>net</em>, <em>news</em>, <em>ocaml</em>, <em>oldlibs</em>,
+ <em>otherosfs</em>, <em>perl</em>, <em>php</em>, <em>python</em>,
+ <em>ruby</em>, <em>science</em>, <em>shells</em>, <em>sound</em>,
+ <em>tex</em>, <em>text</em>, <em>utils</em>, <em>vcs</em>,
+ <em>video</em>, <em>web</em>, <em>x11</em>, <em>xfce</em>,
+ <em>zope</em>.
</p>
</sect>
(see below), and should not do so unless they depend on a
particular version of that package.<footnote>
<p>
- Essential is defined as the minimal set of functionality
- that must be available and usable on the system even
- when packages are in an unconfigured (but unpacked)
- state. This is needed to avoid unresolvable dependency
- loops on upgrade. If packages add unnecessary
- dependencies on packages in this set, the chances that
- there <strong>will</strong> be an unresolvable
- dependency loop caused by forcing these Essential
- packages to be configured first before they need to be
- is greatly increased. It also increases the chances
- that frontends will be unable to
- <strong>calculate</strong> an upgrade path, even if one
- exists.
+ Essential is needed in part to avoid unresolvable dependency
+ loops on upgrade. If packages add unnecessary dependencies
+ on packages in this set, the chances that there
+ <strong>will</strong> be an unresolvable dependency loop
+ caused by forcing these Essential packages to be configured
+ first before they need to be is greatly increased. It also
+ increases the chances that frontends will be unable to
+ <strong>calculate</strong> an upgrade path, even if one
+ exists.
</p>
<p>
- Also, it's pretty unlikely that functionality from
- Essential shall ever be removed (which is one reason why
- care must be taken before adding to the Essential
- packages set), but <em>packages</em> have been removed
- from the Essential set when the functionality moved to a
- different package. So depending on these packages
- <em>just in case</em> they stop being essential does way
- more harm than good.
+ Also, functionality is rarely ever removed from the
+ Essential set, but <em>packages</em> have been removed from
+ the Essential set when the functionality moved to a
+ different package. So depending on these packages <em>just
+ in case</em> they stop being essential does way more harm
+ than good.
</p>
</footnote>
</p>
<heading>Essential packages</heading>
<p>
- Some packages are tagged <tt>essential</tt> for a system
- using the <tt>Essential</tt> control file field.
- The format of the <tt>Essential</tt> control field is
- described in <ref id="f-Essential">.
+ Essential is defined as the minimal set of functionality that
+ must be available and usable on the system at all times, even
+ when packages are in an unconfigured (but unpacked) state.
+ Packages are tagged <tt>essential</tt> for a system using the
+ <tt>Essential</tt> control file field. The format of the
+ <tt>Essential</tt> control field is described in <ref
+ id="f-Essential">.
</p>
<p>
appropriate.
</p>
+ <p>
+ Maintainers should take great care in adding any programs,
+ interfaces, or functionality to <tt>essential</tt> packages.
+ Packages may assume that functionality provided by
+ <tt>essential</tt> packages is always available without
+ declaring explicit dependencies, which means that removing
+ functionality from the Essential set is very difficult and is
+ almost never done. Any capability added to an
+ <tt>essential</tt> package therefore creates an obligation to
+ support that capability as part of the Essential set in
+ perpetuity.
+ </p>
+
<p>
You must not tag any packages <tt>essential</tt> before
this has been discussed on the <tt>debian-devel</tt>
<heading>Prompting in maintainer scripts</heading>
<p>
Package maintainer scripts may prompt the user if
- necessary. Prompting should be done by communicating
+ necessary. Prompting must be done by communicating
through a program, such as <prgn>debconf</prgn>, which
conforms to the Debian Configuration Management
- Specification, version 2 or higher. Prompting the user by
- other means, such as by hand<footnote>
- From the Jargon file: by hand 2. By extension,
- writing code which does something in an explicit or
- low-level way for which a presupplied library
- (<em>debconf, in this instance</em>) routine ought
- to have been available.
- </footnote>, is now deprecated.
+ Specification, version 2 or higher.
+ </p>
+
+ <p>
+ Packages which are essential, or which are dependencies of
+ essential packages, may fall back on another prompting method
+ if no such interface is available when they are executed.
</p>
<p>
See <ref id="substvars"> for details.
</p>
+ <p>
+ In addition to the control file syntax described <qref
+ id="controlsyntax">above</qref>, this file may also contain
+ comment lines starting with <tt>#</tt> without any preceding
+ whitespace. All such lines are ignored, even in the middle of
+ continuation lines for a multiline field, and do not end a
+ multiline field.
+ </p>
+
</sect>
<sect id="binarycontrolfiles">
scripts this means that you <em>almost always</em> need to
use <tt>set -e</tt> (this is usually true when writing shell
scripts, in fact). It is also important, of course, that
- they don't exit with a non-zero status if everything went
- well.
+ they exit with a zero status if everything went well.
</p>
<p>
Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
hurd-dev [hurd-i386], gnumach-dev [hurd-i386]
</example>
+ requires <tt>kernel-headers-2.2.10</tt> on all architectures
+ other than hurd-i386 and requires <tt>hurd-dev</tt> and
+ <tt>gnumach-dev</tt> only on hurd-i386.
+ </p>
+
+ <p>
+ If the architecture-restricted dependency is part of a set of
+ alternatives using <tt>|</tt>, that alternative is ignored
+ completely on architectures that do not match the restriction.
+ For example:
+ <example compact="compact">
+Build-Depends: foo [!i386] | bar [!amd64]
+ </example>
+ is equivalent to <tt>bar</tt> on the i386 architecture, to
+ <tt>foo</tt> on the amd64 architecture, and to <tt>foo |
+ bar</tt> on all other architectures.
</p>
<p>
Policy. The following exceptions to the FHS apply:
<enumlist>
- <item>
- <p>
- Legacy XFree86 servers are permitted to retain the
- configuration file location
- <file>/etc/X11/XF86Config-4</file>.
- </p>
- </item>
<item>
<p>
The optional rules related to user specific
by any particular mail agents. The use of the old
location <file>/var/spool/mail</file> is deprecated, even
though the spool may still be physically located there.
- To maintain partial upgrade compatibility for systems
- which have <file>/var/spool/mail</file> as their physical mail
- spool, packages using <file>/var/mail</file> must depend on
- either <package>libc6</package> (>= 2.1.3-13), or on
- <package>base-files</package> (>= 2.2.0), or on later
- versions of either one of these packages.
</p>
</sect1>
</sect>
<tt>K</tt> prefix, but they too are called with the single
argument <tt>stop</tt>.
</p>
-
- <p>
- Also, if the script name ends in <tt>.sh</tt>, the script
- will be sourced in runlevel <tt>S</tt> rather than being
- run in a forked subprocess, but will be explicitly run by
- <prgn>sh</prgn> in all other runlevels.
- </p>
</sect1>
<sect1>
script must behave sensibly and not fail if the
<file>/etc/default</file> file is deleted.
</p>
+
+ <p>
+ <file>/var/run</file> and <file>/var/lock</file> may be mounted
+ as temporary filesystems<footnote>
+ For example, using the <tt>RAMRUN</tt> and <tt>RAMLOCK</tt>
+ options in <file>/etc/default/rcS</file>.
+ </footnote>, so the <file>init.d</file> scripts must handle this
+ correctly. This will typically amount to creating any required
+ subdirectories dynamically when the <file>init.d</file> script
+ is run, rather than including them in the package and relying on
+ <prgn>dpkg</prgn> to create them.
+ </p>
</sect1>
<sect1>
</p>
<p>
- Mailboxes are generally mode 660
- <tt><var>user</var>:mail</tt> unless the system
- administrator has chosen otherwise. A MUA may remove a
- mailbox (unless it has nonstandard permissions) in which
- case the MTA or another MUA must recreate it if needed.
- Mailboxes must be writable by group mail.
+ Mailboxes are generally either mode 600 and owned by
+ <var>user</var> or mode 660 and owned by
+ <tt><var>user</var>:mail</tt><footnote>
+ There are two traditional permission schemes for mail spools:
+ mode 600 with all mail delivery done by processes running as
+ the destination user, or mode 660 and owned by group mail with
+ mail delivery done by a process running as a system user in
+ group mail. Historically, Debian required mode 660 mail
+ spools to enable the latter model, but that model has become
+ increasingly uncommon and the principle of least privilege
+ indicates that mail systems that use the first model should
+ use permissions of 600. If delivery to programs is permitted,
+ it's easier to keep the mail system secure if the delivery
+ agent runs as the destination user. Debian Policy therefore
+ permits either scheme.
+ </footnote>. The local system administrator may choose a
+ different permission scheme; packages should not make
+ assumptions about the permission and ownership of mailboxes
+ unless required (such as when creating a new mailbox). A MUA
+ may remove a mailbox (unless it has nonstandard permissions) in
+ which case the MTA or another MUA must recreate it if needed.
</p>
<p>
</list>
</item>
- <item>
- Speedo fonts must be placed in
- <file>/usr/share/fonts/X11/Speedo/</file>.
- </item>
-
<item>
Type 1 fonts must be placed in
<file>/usr/share/fonts/X11/Type1/</file>. If font
Subdirectories of <file>/usr/share/fonts/X11/</file>
other than those listed above must be neither
created nor used. (The <file>PEX</file>, <file>CID</file>,
- and <file>cyrillic</file> directories are excepted for
- historical reasons, but installation of files into
- these directories remains discouraged.)
+ <file>Speedo</file>, and <file>cyrillic</file> directories
+ are excepted for historical reasons, but installation of
+ files into these directories remains discouraged.)
</item>
<item>
</p>
<p>
- Packages in the <em>contrib</em> or <em>non-free</em>
- distribution areas should state in the copyright file that the
- package is not part of the Debian GNU/Linux distribution and
- briefly explain why.
+ Packages in the <em>contrib</em> or <em>non-free</em> archive
+ areas should state in the copyright file that the package is not
+ part of the Debian GNU/Linux distribution and briefly explain
+ why.
</p>
<p>
<p>
Packages distributed under the UCB BSD license, the Apache
license (version 2.0), the Artistic license, the GNU GPL
- (version 2 or 3), the GNU LGPL (versions 2, 2.1, or 3), and
- the GNU FDL (version 1.2) should refer to the corresponding
+ (version 2 or 3), the GNU LGPL (versions 2, 2.1, or 3), and the
+ GNU FDL (versions 1.2 or 1.3) should refer to the corresponding
files under <file>/usr/share/common-licenses</file>,<footnote>
<p>
In particular,
<file>/usr/share/common-licenses/GPL-3</file>,
<file>/usr/share/common-licenses/LGPL-2</file>,
<file>/usr/share/common-licenses/LGPL-2.1</file>,
- <file>/usr/share/common-licenses/LGPL-3</file>, and
- <file>/usr/share/common-licenses/GFDL-1.2</file>
+ <file>/usr/share/common-licenses/LGPL-3</file>,
+ <file>/usr/share/common-licenses/GFDL-1.2</file>, and
+ <file>/usr/share/common-licenses/GFDL-1.3</file>
respectively.
</p>
</footnote> rather than quoting them in the copyright
</example>
To view the copyright file for a package you could use this command:
<example>
- dpkg --fsys-tarfile <var>filename</var>.deb | tar xOf - \*/copyright | pager
+ dpkg --fsys-tarfile <var>filename</var>.deb | tar xOf - --wildcards \*/copyright | pager
</example>
</p>
</sect>
projects / debian / debian-policy.git / blobdiff