X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;ds=sidebyside;f=policy.sgml;h=b67339b1343d6dd657871859475f80e627515a95;hb=e738b933f968c86780bb4af9aced8057e4e54bdd;hp=0726795861e7c2459d38241d7758520c80175836;hpb=1388520299b8b8619f371d1fe4f7990757076983;p=debian%2Fdebian-policy.git
diff --git a/policy.sgml b/policy.sgml
index 0726795..b67339b 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -24,6 +24,13 @@
Copyright © 1996,1997,1998 Ian Jackson
and Christian Schwarz.
+
+ These are the copyright dates of the original Policy manual.
+ Since then, this manual has been updated by many others. No
+ comprehensive collection of copyright notices for subsequent
+ work exists.
+
+
This manual is free software; you may redistribute it and/or
modify it under the terms of the GNU General Public License
@@ -318,13 +325,11 @@
system, but not every package we want to make accessible is
free in our sense (see the Debian Free Software
Guidelines, below), or may be imported/exported without
- restrictions. Thus, the archive is split into the distribution
- areas or components
+ restrictions. Thus, the archive is split into areas
The Debian archive software uses the term "component" internally
and in the Release file format to refer to the division of an
- archive. The Debian Social Contract refers to distribution
- areas. This document uses the same terminology as the Social
- Contract.
+ archive. The Debian Social Contract simply refers to "areas."
+ This document uses terminology similar to the Social Contract.
based on their licenses and other restrictions.
@@ -342,12 +347,12 @@
- The main distribution area forms the Debian GNU/Linux
+ The main archive area forms the Debian GNU/Linux
distribution.
- Packages in the other distribution areas (contrib,
+ Packages in the other archive areas (contrib,
non-free) are not considered to be part of the Debian
distribution, although we support their use and provide
infrastructure for them (such as our bug-tracking system and
@@ -454,10 +459,10 @@
- Distribution areas
+ Archive areas
- The main distribution area
+ The main archive area
Every package in main must comply with the DFSG
@@ -488,7 +493,7 @@
- The contrib distribution area
+ The contrib archive area
Every package in contrib must comply with the DFSG.
@@ -528,7 +533,7 @@
- The non-free distribution area
+ The non-free archive area
Packages must be placed in non-free if they are
@@ -644,27 +649,27 @@
Sections
- The packages in the distribution areas main,
- contrib and non-free are grouped further
- into sections to simplify handling.
+ The packages in the archive areas main,
+ contrib and non-free are grouped further into
+ sections to simplify handling.
- The distribution area and section for each package should be
- specified in the package's Section control record
- (see [). However, the maintainer of the
- Debian archive may override this selection to ensure the
- consistency of the Debian distribution. The
- Section field should be of the form:
+ The archive area and section for each package should be
+ specified in the package's Section control record (see
+ ][). However, the maintainer of the Debian
+ archive may override this selection to ensure the consistency of
+ the Debian distribution. The Section field should be
+ of the form:
]
-
section if the package is in the
- main distribution area,
+ main archive area,
-
area/section if the package is in
the contrib or non-free
- distribution areas.
+ archive areas.
@@ -672,18 +677,20 @@
The Debian archive maintainers provide the authoritative
list of sections. At present, they are:
- admin, comm,
- devel, doc,
- editors, electronics, embedded,
- games, gnome, graphics,
- hamradio, interpreters, kde,
- libs, libdevel, mail,
- math, misc, net, news,
- oldlibs,
- otherosfs, perl, python,
- science, shells,
- sound, tex, text,
- utils, web, x11.
+ admin, cli-mono, comm, database,
+ devel, debug, doc, editors,
+ electronics, embedded, fonts,
+ games, gnome, graphics, gnu-r,
+ gnustep, hamradio, haskell,
+ httpd, interpreters, java, kde,
+ kernel, libs, libdevel, lisp,
+ localization, mail, math, misc,
+ net, news, ocaml, oldlibs,
+ otherosfs, perl, php, python,
+ ruby, science, shells, sound,
+ tex, text, utils, vcs,
+ video, web, x11, xfce,
+ zope.
@@ -1220,17 +1227,16 @@
Prompting in maintainer scripts
Package maintainer scripts may prompt the user if
- necessary. Prompting should be done by communicating
+ necessary. Prompting must be done by communicating
through a program, such as debconf, which
conforms to the Debian Configuration Management
- Specification, version 2 or higher. Prompting the user by
- other means, such as by hand
- From the Jargon file: by hand 2. By extension,
- writing code which does something in an explicit or
- low-level way for which a presupplied library
- (debconf, in this instance) routine ought
- to have been available.
- , is now deprecated.
+ Specification, version 2 or higher.
+
+
+
+ Packages which are essential, or which are dependencies of
+ essential packages, may fall back on another prompting method
+ if no such interface is available when they are executed.
@@ -1986,6 +1992,12 @@
-
DEB_*_ARCH (the Debian architecture)
+ -
+ DEB_*_ARCH_CPU (the Debian CPU name)
+
+ -
+ DEB_*_ARCH_OS (the Debian System name)
+
-
DEB_*_GNU_TYPE (the GNU style architecture
specification string)
@@ -2014,8 +2026,10 @@
It is important to understand that the DEB_*_ARCH
string only determines which Debian architecture we are
building on or for. It should not be used to get the CPU
- or system information; the GNU style variables should be
- used for that.
+ or system information; the DEB_*_ARCH_CPU and
+ DEB_*_ARCH_OS variables should be used for that.
+ GNU style variables should generally only be used with upstream
+ build systems.
@@ -2452,6 +2466,15 @@ Package: libc6
See [ for details.
+ ]
+ In addition to the control file syntax described above, this file may also contain
+ comment lines starting with # without any preceding
+ whitespace. All such lines are ignored, even in the middle of
+ continuation lines for a multiline field, and do not end a
+ multiline field.
+
+
@@ -2580,6 +2603,14 @@ Package: libc6
package control file when the source package has the same
name and version as the binary package.
+
+
+ Package names must consist only of lower case letters
+ (a-z), digits (0-9), plus (+)
+ and minus (-) signs, and periods (.).
+ They must be at least two characters long and must start
+ with an alphanumeric character.
+
@@ -2694,7 +2725,7 @@ Package: libc6
values:
- A unique single word identifying a Debian machine
- architecture, see
[.
+ architecture as described in ][.
]- all, which indicates an
architecture-independent package.
- any, which indicates a package available
@@ -2705,31 +2736,53 @@ Package: libc6
In the main debian/control file in the source
- package, or in the source package control file
- .dsc, one may specify a list of architectures
- separated by spaces, or the special values any or
- all.
+ package, this field may contain the special value
+ any, the special value all, or a list of
+ architectures separated by spaces. If any or
+ all appear, they must be the entire contents of the
+ field. Most packages will use either any or
+ all. Specifying a specific list of architectures is
+ for the minority of cases where a program is not portable or
+ is not useful on some architectures, and where possible the
+ program should be made portable instead.
+
+
+
+ In the source package control file .dsc, this
+ field may contain either the special value any or a
+ list of architectures separated by spaces. If a list is given,
+ it may include (or consist solely of) the special value
+ all. In other words, in .dsc files
+ unlike the debian/control, all may occur
+ in combination with specific architectures. The
+ Architecture field in the source package control file
+ .dsc is generally constructed from the
+ Architecture fields in the
+ debian/control in the source package.
Specifying any indicates that the source package
isn't dependent on any particular architecture and should
compile fine on any one. The produced binary package(s)
- will be specific to whatever the current build architecture
- is.
- This is the most often used setting, and is recommended
- for new packages that aren't Architecture: all.
-
+ will either be specific to whatever the current build
+ architecture is or will be architecture-independent.
+
+
+
+ Specifying only all indicates that the source package
+ will only build architecture-independent packages. If this is
+ the case, all must be used rather than any;
+ any implies that the source package will build at
+ least one architecture-dependent package.
Specifying a list of architectures indicates that the source
will build an architecture-dependent package, and will only
- work correctly on the listed architectures.
- This is a setting used for a minority of cases where the
- program is not portable. Generally, it should not be used
- for new packages.
-
+ work correctly on the listed architectures. If the source
+ package also builds at least one architecture-independent
+ package, all will also be included in the list.
@@ -2737,7 +2790,11 @@ Package: libc6
field lists the architecture(s) of the package(s)
currently being uploaded. This will be a list; if the
source for the package is also being uploaded, the special
- entry source is also present.
+ entry source is also present. all will be
+ present if any architecture-independent packages are being
+ uploaded. any may never occur in the
+ Architecture field in the .changes
+ file.
@@ -3068,76 +3125,39 @@ Package: libc6
distribution(s) where this version of the package should
be installed. Valid distributions are determined by the
archive maintainers.
- Current distribution names are:
+ Example distribution names in the Debian archive used in
+ .changes files are:
- stable
- -
- This is the current "released" version of Debian
- GNU/Linux. Once the distribution is
- stable only security fixes and other
- major bug fixes are allowed. When changes are
- made to this distribution, the release number is
- increased (for example: 2.2r1 becomes 2.2r2 then
- 2.2r3, etc).
-
-
unstable
-
- This distribution value refers to the
- developmental part of the Debian
- distribution tree. New packages, new upstream
- versions of packages and bug fixes go into the
- unstable directory tree. Download from
- this distribution at your own risk.
-
-
- testing
- -
- This distribution value refers to the
- testing part of the Debian distribution
- tree. It receives its packages from the
- unstable distribution after a short time lag to
- ensure that there are no major issues with the
- unstable packages. It is less prone to breakage
- than unstable, but still risky. It is not
- possible to upload packages directly to
- testing.
-
-
- frozen
- -
- From time to time, the testing
- distribution enters a state of "code-freeze" in
- anticipation of release as a stable
- version. During this period of testing only
- fixes for existing or newly-discovered bugs will
- be allowed. The exact details of this stage are
- determined by the Release Manager.
+ This distribution value refers to the
+ developmental part of the Debian distribution
+ tree. Most new packages, new upstream versions of
+ packages and bug fixes go into the unstable
+ directory tree.
experimental
-
- The packages with this distribution value are
- deemed by their maintainers to be high
- risk. Oftentimes they represent early beta or
- developmental packages from various sources that
- the maintainers want people to try, but are not
- ready to be a part of the other parts of the
- Debian distribution tree. Download at your own
- risk.
+ The packages with this distribution value are deemed
+ by their maintainers to be high risk. Oftentimes they
+ represent early beta or developmental packages from
+ various sources that the maintainers want people to
+ try, but are not ready to be a part of the other parts
+ of the Debian distribution tree.
- You should list all distributions that the
- package should be installed into.
-
-
-
- More information is available in the Debian Developer's
- Reference, section "The Debian archive".
+ Others are used for updating stable releases or for
+ security uploads. More information is available in the
+ Debian Developer's Reference, section "The Debian
+ archive".
+ The Debian archive software only supports listing a single
+ distribution. Migration of packages to other distributions is
+ handled outside of the upload process.
@@ -3271,15 +3291,17 @@ Package: libc6
Installed-Size
- This field appears in the control files of binary
- packages, and in the Packages files. It gives
- the total amount of disk space required to install the
- named package.
+ This field appears in the control files of binary packages,
+ and in the Packages files. It gives an
+ estimation the total amount of disk space required to install
+ the named package. Actual installed size may vary based on
+ block size, file system properties, or actions taken by
+ package maintainer scripts.
- The disk space is represented in kilobytes as a simple
- decimal number.
+ The disk space is given as the integer value of the estimated
+ installed size in bytes, divided by 1024 and rounded up.
@@ -3442,8 +3464,7 @@ Package: libc6
scripts this means that you almost always need to
use set -e (this is usually true when writing shell
scripts, in fact). It is also important, of course, that
- they don't exit with a non-zero status if everything went
- well.
+ they exit with a zero status if everything went well.
@@ -4195,6 +4216,22 @@ Build-Depends-Indep: texinfo
Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
hurd-dev [hurd-i386], gnumach-dev [hurd-i386]
+ requires kernel-headers-2.2.10 on all architectures
+ other than hurd-i386 and requires hurd-dev and
+ gnumach-dev only on hurd-i386.
+
+
+
+ If the architecture-restricted dependency is part of a set of
+ alternatives using |, that alternative is ignored
+ completely on architectures that do not match the restriction.
+ For example:
+
+Build-Depends: foo [!i386] | bar [!amd64]
+
+ is equivalent to bar on the i386 architecture, to
+ foo on the amd64 architecture, and to foo |
+ bar on all other architectures.
@@ -4224,6 +4261,9 @@ Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
This is done using the Depends, Pre-Depends,
Recommends, Suggests, Enhances,
Breaks and Conflicts control file fields.
+ Breaks is described in [, and
+ Conflicts is described in ][. The
+ rest are described below.
]
@@ -4411,12 +4451,6 @@ Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
Packages which break other packages - Breaks
-
- Using Breaks may cause problems for upgrades from older
- versions of Debian and should not be used until the stable
- release of Debian supports Breaks.
-
-
When one binary package declares that it breaks another,
dpkg will refuse to allow the package which
@@ -4501,8 +4535,7 @@ Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
dpkg from upgrading or installing the package
which declared such a conflict until the upgrade or removal
of the conflicted-with package had been completed. Instead,
- Breaks may be used (once Breaks is supported
- by the stable release of Debian).
+ Breaks may be used.
@@ -5503,23 +5536,16 @@ libbar 1 bar1 (>= 1.0-1)
- File system Structure
+ File System Structure
The location of all installed files and directories must
- comply with the File system Hierarchy Standard (FHS),
+ comply with the Filesystem Hierarchy Standard (FHS),
version 2.3, with the exceptions noted below, and except
where doing so would violate other terms of Debian
Policy. The following exceptions to the FHS apply:
- -
-
- Legacy XFree86 servers are permitted to retain the
- configuration file location
- /etc/X11/XF86Config-4.
-
-
-
The optional rules related to user specific
@@ -5681,12 +5707,6 @@ rmdir /usr/local/share/emacs 2>/dev/null || true
by any particular mail agents. The use of the old
location /var/spool/mail is deprecated, even
though the spool may still be physically located there.
- To maintain partial upgrade compatibility for systems
- which have /var/spool/mail as their physical mail
- spool, packages using /var/mail must depend on
- either libc6 (>= 2.1.3-13), or on
- base-files (>= 2.2.0), or on later
- versions of either one of these packages.
@@ -5926,13 +5946,6 @@ rmdir /usr/local/share/emacs 2>/dev/null || true
K prefix, but they too are called with the single
argument stop.
-
-
- Also, if the script name ends in .sh, the script
- will be sourced in runlevel S rather than being
- run in a forked subprocess, but will be explicitly run by
- sh in all other runlevels.
-
@@ -6056,6 +6069,18 @@ test -f program-executed-later-in-script || exit 0
script must behave sensibly and not fail if the
/etc/default file is deleted.
+
+
+ /var/run and /var/lock may be mounted
+ as temporary filesystems
+ For example, using the RAMRUN and RAMLOCK
+ options in /etc/default/rcS.
+ , so the init.d scripts must handle this
+ correctly. This will typically amount to creating any required
+ subdirectories dynamically when the init.d script
+ is run, rather than including them in the package and relying on
+ dpkg to create them.
+
@@ -6957,17 +6982,6 @@ strip --strip-unneeded your-lib
-
- Packages containing shared libraries that may be linked to
- by other packages' binaries, but which for some
- compelling reason can not be installed in
- /usr/lib directory, may install the shared library
- files in subdirectories of the /usr/lib directory,
- in which case they should arrange to add that directory in
- /etc/ld.so.conf in the package's post-installation
- script, and remove it in the package's post-removal script.
-
-
An ever increasing number of packages are using
libtool to do their linking. The latest GNU
@@ -8079,12 +8093,27 @@ http://localhost/doc/package/filename
- Mailboxes are generally mode 660
- user:mail unless the system
- administrator has chosen otherwise. A MUA may remove a
- mailbox (unless it has nonstandard permissions) in which
- case the MTA or another MUA must recreate it if needed.
- Mailboxes must be writable by group mail.
+ Mailboxes are generally either mode 600 and owned by
+ user or mode 660 and owned by
+ user:mail
+ There are two traditional permission schemes for mail spools:
+ mode 600 with all mail delivery done by processes running as
+ the destination user, or mode 660 and owned by group mail with
+ mail delivery done by a process running as a system user in
+ group mail. Historically, Debian required mode 660 mail
+ spools to enable the latter model, but that model has become
+ increasingly uncommon and the principle of least privilege
+ indicates that mail systems that use the first model should
+ use permissions of 600. If delivery to programs is permitted,
+ it's easier to keep the mail system secure if the delivery
+ agent runs as the destination user. Debian Policy therefore
+ permits either scheme.
+ . The local system administrator may choose a
+ different permission scheme; packages should not make
+ assumptions about the permission and ownership of mailboxes
+ unless required (such as when creating a new mailbox). A MUA
+ may remove a mailbox (unless it has nonstandard permissions) in
+ which case the MTA or another MUA must recreate it if needed.
@@ -8383,11 +8412,6 @@ name ["syshostname"]:
- -
- Speedo fonts must be placed in
- /usr/share/fonts/X11/Speedo/.
-
-
-
Type 1 fonts must be placed in
/usr/share/fonts/X11/Type1/. If font
@@ -8399,9 +8423,9 @@ name ["syshostname"]:
Subdirectories of /usr/share/fonts/X11/
other than those listed above must be neither
created nor used. (The PEX, CID,
- and cyrillic directories are excepted for
- historical reasons, but installation of files into
- these directories remains discouraged.)
+ Speedo, and cyrillic directories
+ are excepted for historical reasons, but installation of
+ files into these directories remains discouraged.)
-
@@ -8543,54 +8567,35 @@ name ["syshostname"]:
Installation directory issues
- Packages using the X Window System should not be
- configured to install files under the
- /usr/X11R6/ directory. The
- /usr/X11R6/ directory hierarchy should be
+ Historically, packages using the X Window System used a
+ separate set of installation directories from other packages.
+ This practice has been discontinued and packages using the X
+ Window System should now generally be installed in the same
+ directories as any other package. Specifically, packages must
+ not install files under the /usr/X11R6/ directory
+ and the /usr/X11R6/ directory hierarchy should be
regarded as obsolete.
- Programs that use GNU autoconf and
- automake are usually easily configured at
- compile time to use /usr/ instead of
- /usr/X11R6/, and this should be done whenever
- possible. Configuration files for window managers and
- display managers should be placed in a subdirectory of
- /etc/X11/ corresponding to the package name due
- to these programs' tight integration with the mechanisms
- of the X Window System. Application-level programs should
- use the /etc/ directory unless otherwise mandated
- by policy.
-
-
-
- The installation of files into subdirectories
- of /usr/X11R6/include/X11/ and
- /usr/X11R6/lib/X11/ is now prohibited;
- package maintainers should determine if subdirectories of
- /usr/lib/ and /usr/share/ can be used
- instead.
+ Include files previously installed under
+ /usr/X11R6/include/X11/ should be installed into
+ /usr/include/X11/. For files previously
+ installed into subdirectories of
+ /usr/X11R6/lib/X11/, package maintainers should
+ determine if subdirectories of /usr/lib/ and
+ /usr/share/ can be used. If not, a subdirectory
+ of /usr/lib/X11/ should be used.
- Packages should install any relevant files into the
- directories /usr/include/X11/ and
- /usr/lib/X11/, but if they do so, they must
- pre-depend on x11-common (>=
- 1:7.0.0)
-
- These libraries used to be all symbolic
- links. However, with X11R7,
- /usr/include/X11 and /usr/lib/X11
- are now real directories, and packages
- should ship their files here instead
- of in /usr/X11R6/{include,lib}/X11.
- x11-common (>= 1:7.0.0) is the package
- responsible for converting these symlinks into
- directories.
-
-
+ Configuration files for window, display, or session managers
+ or other applications that are tightly integrated with the X
+ Window System may be placed in a subdirectory
+ of /etc/X11/ corresponding to the package name.
+ Other X Window System applications should use
+ the /etc/ directory unless otherwise mandated by
+ policy (such as for [).
]
@@ -8982,10 +8987,10 @@ install-info --quiet --remove /usr/share/info/foobar.info
- Packages in the contrib or non-free
- distribution areas should state in the copyright file that the
- package is not part of the Debian GNU/Linux distribution and
- briefly explain why.
+ Packages in the contrib or non-free archive
+ areas should state in the copyright file that the package is not
+ part of the Debian GNU/Linux distribution and briefly explain
+ why.
@@ -9006,8 +9011,8 @@ install-info --quiet --remove /usr/share/info/foobar.info
Packages distributed under the UCB BSD license, the Apache
license (version 2.0), the Artistic license, the GNU GPL
- (version 2 or 3), the GNU LGPL (versions 2, 2.1, or 3), and
- the GNU FDL (version 1.2) should refer to the corresponding
+ (version 2 or 3), the GNU LGPL (versions 2, 2.1, or 3), and the
+ GNU FDL (versions 1.2 or 1.3) should refer to the corresponding
files under /usr/share/common-licenses,
In particular,
@@ -9018,8 +9023,9 @@ install-info --quiet --remove /usr/share/info/foobar.info
/usr/share/common-licenses/GPL-3,
/usr/share/common-licenses/LGPL-2,
/usr/share/common-licenses/LGPL-2.1,
- /usr/share/common-licenses/LGPL-3, and
- /usr/share/common-licenses/GFDL-1.2
+ /usr/share/common-licenses/LGPL-3,
+ /usr/share/common-licenses/GFDL-1.2, and
+ /usr/share/common-licenses/GFDL-1.3
respectively.
rather than quoting them in the copyright
@@ -9304,7 +9310,7 @@ install-info --quiet --remove /usr/share/info/foobar.info
To view the copyright file for a package you could use this command:
- dpkg --fsys-tarfile filename.deb | tar xOf - \*/copyright | pager
+ dpkg --fsys-tarfile filename.deb | tar xOf - --wildcards \*/copyright | pager