X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;ds=sidebyside;f=policy.sgml;h=4855506e6105556bc6db756e712ed4f849dcbc68;hb=3c725b9d2af39ac3a7e24b7d9eb374a48c5b6893;hp=1390cf41c5e0d69d6de6135e806776c1c181c73d;hpb=f812bda88f43e6af288b21d37a5a6e34d675190d;p=debian%2Fdebian-policy.git
diff --git a/policy.sgml b/policy.sgml
index 1390cf4..4855506 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -1274,7 +1274,7 @@ zope.
Essential is defined as the minimal set of functionality that
must be available and usable on the system at all times, even
- when packages are in an unconfigured (but unpacked) state.
+ when packages are in the "Unpacked" state.
Packages are tagged essential for a system using the
Essential control field. The format of the
Essential control field is described in [update-alternatives
is not used, then each package must use
Conflicts to ensure that other packages are
- de-installed. (In this case, it may be appropriate to
+ removed. (In this case, it may be appropriate to
specify a conflict against earlier versions of something
that previously did not use
update-alternatives; this is an exception to
@@ -1916,7 +1916,8 @@ zope.
]
The following targets are required and must be implemented
by debian/rules: clean, binary,
- binary-arch, binary-indep, and build.
+ binary-arch, binary-indep, build,
+ build-arch and build-indep.
These are the targets called by dpkg-buildpackage.
@@ -2366,8 +2367,7 @@ endif
This is an optional, recommended configuration file for the
uscan utility which defines how to automatically scan
ftp or http sites for newly available updates of the
- package. This is used
- by and other Debian QA
+ package. This is used Debian QA
tools to help with quality control and maintenance of the
distribution as a whole.
@@ -2541,7 +2541,7 @@ endif
composed of US-ASCII characters excluding control characters,
space, and colon (i.e., characters in the ranges 33-57 and
59-126, inclusive). Field names must not begin with the comment
- character, #.
+ character, #, nor with the hyphen character, -.
@@ -2758,6 +2758,7 @@ Package: libc6
- Uploaders
- Homepage
- Vcs-Browser, Vcs-Git, et al.
+ - Dgit
- Standards-Version (recommended)
- Build-Depends et al
- Package-List (recommended)
@@ -3672,7 +3673,7 @@ Files:
The special value byhand for the section in a
.changes file indicates that the file in question
- is not an ordinary package file and must by installed by
+ is not an ordinary package file and must be installed by
hand by the distribution maintainers. If the section is
byhand the priority should be -.
@@ -3839,6 +3840,26 @@ Checksums-Sha256:
this value is assumed for paragraphs lacking this field.
+
+
+ Dgit
+
+
+ Folded field containing a single git commit hash, presented in
+ full, followed optionally by whitespace and other data to be
+ defined in future extensions.
+
+
+
+ Declares that the source package corresponds exactly to a
+ referenced commit in a Git repository available at the canonical
+ location called dgit-repos, used by dgit, a
+ bidirectional gateway between the Debian archive and Git. The
+ commit is reachable from at least one reference whose name matches
+ refs/dgit/*. See the manual page of dgit for
+ further details.
+
+
@@ -4068,7 +4089,7 @@ Checksums-Sha256:
pre-dependencies (Pre-Depends) may be assumed to be
available. Pre-dependencies will have been configured at
least once, but at the time the preinst is
- called they may only be in an unpacked or "Half-Configured"
+ called they may only be in an "Unpacked" or "Half-Configured"
state if a previous version of the pre-dependency was
completely configured and has not been removed since then.
@@ -4082,7 +4103,7 @@ Checksums-Sha256:
partly from the new version or partly missing, so the script
cannot rely on files included in the package. Package
dependencies may not be available. Pre-dependencies will be
- at least unpacked following the same rules as above, except
+ at least "Unpacked" following the same rules as above, except
they may be only "Half-Installed" if an upgrade of the
pre-dependency failed.
This can happen if the new version of the package no
@@ -4101,7 +4122,7 @@ Checksums-Sha256:
most-recently-configured-version
-
The files contained in the package will be unpacked. All
- package dependencies will at least be unpacked. If there
+ package dependencies will at least be "Unpacked". If there
are no circular dependencies involved, all package
dependencies will be configured. For behavior in the case
of circular dependencies, see the discussion
@@ -4125,7 +4146,7 @@ Checksums-Sha256:
will have previously been configured and not removed.
However, dependencies may not be configured or even fully
unpacked in some error situations.
- For example, suppose packages foo and bar are installed
+ For example, suppose packages foo and bar are "Installed"
with foo depending on bar. If an upgrade of bar were
started and then aborted, and then an attempt to remove
foo failed because its prerm script failed,
@@ -4162,7 +4183,7 @@ Checksums-Sha256:
at least "Half-Installed". All package dependencies will at
least be "Half-Installed" and will have previously been
configured and not removed. If there was no error, all
- dependencies will at least be unpacked, but these actions
+ dependencies will at least be "Unpacked", but these actions
may be called in various error states where dependencies are
only "Half-Installed" due to a partial upgrade.
@@ -4191,7 +4212,7 @@ Checksums-Sha256:
The postrm script is called after the package's
files have been removed or replaced. The package
whose postrm is being called may have
- previously been deconfigured and only be unpacked, at which
+ previously been deconfigured and only be "Unpacked", at which
point subsequent package changes do not consider its
dependencies. Therefore, all postrm actions
may only rely on essential packages and must gracefully skip
@@ -4254,7 +4275,7 @@ fi
-
-
- If a version of the package is already installed, call
+ If a version of the package is already "Installed", call
old-prerm upgrade new-version
@@ -4369,7 +4390,7 @@ fi
-
Otherwise, if the package had some configuration
files from a previous version installed (i.e., it
- is in the "configuration files only" state):
+ is in the "Config-Files" state):
new-preinst install old-version
@@ -4394,7 +4415,7 @@ fi
If the error-unwind fails, the package is in a
"Half-Installed" phase, and requires a
reinstall. If the error unwind works, the
- package is in a not installed state.
+ package is in the "Not-Installed" state.
@@ -4532,7 +4553,7 @@ fi
-
It is noted in the status database as being in a
- sane state, namely not installed (any conffiles
+ sane state, namely "Not-Installed" (any conffiles
it may have are ignored, rather than being
removed by dpkg). Note that
disappearing packages do not have their prerm
@@ -4558,7 +4579,7 @@ fi
-
The new package's status is now sane, and recorded as
- "unpacked".
+ "Unpacked".
@@ -4595,7 +4616,7 @@ fi
No attempt is made to unwind after errors during
configuration. If the configuration fails, the package is in
- a "Failed Config" state, and an error message is generated.
+ a "Half-Configured" state, and an error message is generated.
@@ -4715,8 +4736,8 @@ fi
dependencies on other packages, the package names listed may
also include lists of alternative package names, separated
by vertical bar (pipe) symbols |. In such a case,
- if any one of the alternative packages is installed, that
- part of the dependency is considered to be satisfied.
+ that part of the dependency can be satisfied by any one of
+ the alternative packages.
@@ -5047,11 +5068,11 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]
be unpacked the pre-dependency can be
satisfied if the depended-on package is either fully
configured, or even if the depended-on
- package(s) are only unpacked or in the "Half-Configured"
+ package(s) are only in the "Unpacked" or the "Half-Configured"
state, provided that they have been configured
correctly at some point in the past (and not removed
or partially removed since). In this case, both the
- previously-configured and currently unpacked or
+ previously-configured and currently "Unpacked" or
"Half-Configured" versions must satisfy any version
clause in the Pre-Depends field.
@@ -5406,7 +5427,7 @@ Depends: foo-data (>= 1.2-3)
dpkg does not know of any files it still
contains, it is considered to have "disappeared". It will
be marked as not wanted on the system (selected for
- removal) and not installed. Any conffiles
+ removal) and "Not-Installed". Any conffiles
details noted for the package will be ignored, as they
will have been taken over by the overwriting package. The
package's postrm script will be run with a
@@ -6896,6 +6917,20 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
exceptions to the FHS apply:
+ -
+
+ The FHS requirement that architecture-independent
+ application-specific static files be located in
+ /usr/share is relaxed to a suggestion.
+
+ In particular, a subdirectory of /usr/lib may
+ be used by a package (or a collection of packages) to hold a
+ mixture of architecture-independent and
+ architecture-dependent files. However, when a directory is
+ entirely composed of architecture-independent files, it
+ should be located in /usr/share.
+
+
-
The optional rules related to user specific
@@ -6941,6 +6976,17 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
multiarch.
+
+ The requirement for C and C++ headers files to be
+ accessible through the search path
+ /usr/include/ is amended, permitting files to
+ be accessible through the search path
+ /usr/include/triplet where
+ triplet is as above.
+ This is necessary for architecture-dependant headers
+ file to coexist in a multiarch setup.
+
+
Applications may also use a single subdirectory under
/usr/lib/triplet.
@@ -6999,15 +7045,24 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
stable release of Debian supports /run.
- -
-
- The following directories in the root filesystem are
- additionally allowed: /sys and
- /selinux. These directories
- are used as mount points to mount virtual filesystems
- to get access to kernel information.
-
-
+ -
+
+ The /sys directory in the root filesystem is
+ additionally allowed. This directory is used as
+ mount point to mount virtual filesystems to get access to
+ kernel information.
+
+
+ -
+
+ The requirement for /usr/local/lib<qual>
+ to exist if /lib<qual> or
+ /usr/lib<qual> exists (where
+ lib<qual> is a variant of
+ lib such as lib32 or
+ lib64) is removed.
+
+
-
On GNU/Hurd systems, the following additional
@@ -8411,7 +8466,17 @@ fi
renamed. If a consensus cannot be reached, both
programs must be renamed.
-
+
+ Binary executables must not be statically linked with the GNU C
+ library, since this prevents the binary from benefiting from
+ fixes and improvements to the C library without being rebuilt
+ and complicates security updates. This requirement may be
+ relaxed for binary executables whose intended purpose is to
+ diagnose and fix the system in situations where the GNU C
+ library may not be usable (such as system recovery shells or
+ utilities like ldconfig) or for binary executables where the
+ security benefits of static linking outweigh the drawbacks.
+
By default, when a package is being built, any binaries
created should include debugging information, as well as
@@ -8852,7 +8917,9 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
- A symbolic link pointing to a compressed file should always
+ A symbolic link pointing to a compressed file (in the sense
+ that it is meant to be uncompressed with unzip
+ or zless etc.) should always
have the same file extension as the referenced file. (For
example, if a file foo.gz is referenced by a
symbolic link, the filename of the link has to end with
@@ -8986,8 +9053,10 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
package is purged.
- Obsolete configuration files without local changes may be
- removed by the package during upgrade.
+ Obsolete configuration files without local changes should be
+ removed by the package during upgrade.
+ The dpkg-maintscript-helper tool, available from the
+ dpkg package, can help for this task.
@@ -9470,6 +9539,23 @@ done
+
+
+ File names
+
+
+ The name of the files installed by binary packages in the system PATH
+ (namely /bin, /sbin, /usr/bin,
+ /usr/sbin and /usr/games) must be encoded in
+ ASCII.
+
+
+
+ The name of the files and directories installed by binary packages
+ outside the system PATH must be encoded in UTF-8 and should be
+ restricted to ASCII when it is possible to do so.
+
+
@@ -9656,36 +9742,20 @@ done
Cgi-bin executable files are installed in the
directory
-/usr/lib/cgi-bin/cgi-bin-name
+/usr/lib/cgi-bin
- or a subdirectory of that directory, and should be
- referred to as
+ or a subdirectory of that directory, and the script
-http://localhost/cgi-bin/cgi-bin-name
+/usr/lib/cgi-bin/.../cgi-bin-name
- (possibly with a subdirectory name
- before cgi-bin-name).
-
-
- -
-
Access to HTML documents
-
-
- HTML documents for a package are stored in
- /usr/share/doc/package
- and can be referred to as
+ should be referred to as
-http://localhost/doc/package/filename
+http://localhost/cgi-bin/.../cgi-bin-name
-
+
-
- The web server should restrict access to the document
- tree so that only clients on the same host can read
- the documents. If the web server does not support such
- access controls, then it should not provide access at
- all, or ask about providing access during installation.
-
+ -
+
(Deleted)
-
@@ -12047,6 +12117,11 @@ END-INFO-DIR-ENTRY
there is a time, after it has been diverted but before
dpkg has installed the new version, when the file
does not exist.
+
+
+ Do not attempt to divert a conffile, as dpkg does not
+ handle it well.
+