X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=policy.sgml;h=25a5fe644f09f3cfd7760b8f926bf2ccc0e1daa5;hb=5eb11167b9c5ac35771a875512fce02ade760d31;hp=e357b547e3692f51ae725dc9602478cef79966df;hpb=0724ec902c6f5bc40ef8c0ef9ef0a649c97ed3ad;p=debian%2Fdebian-policy.git diff --git a/policy.sgml b/policy.sgml index e357b54..25a5fe6 100644 --- a/policy.sgml +++ b/policy.sgml @@ -907,23 +907,40 @@ - + The maintainer of a package

- Every package must have a Debian maintainer (the - maintainer may be one person or a group of people - reachable from a common email address, such as a mailing - list). The maintainer is responsible for ensuring that - the package is placed in the appropriate distributions. -

- -

- The maintainer must be specified in the - Maintainer control field with their correct name - and a working email address. If one person maintains - several packages, they should try to avoid having - different forms of their name and email address in + Every package must have a maintainer, except for orphaned + packages as described below. The maintainer may be one person + or a group of people reachable from a common email address, such + as a mailing list. The maintainer is responsible for + maintaining the Debian packaging files, evaluating and + responding appropriately to reported bugs, uploading new + versions of the package (either directly or through a sponsor), + ensuring that the package is placed in the appropriate archive + area and included in Debian releases as appropriate for the + stability and utility of the package, and requesting removal of + the package from the Debian distribution if it is no longer + useful or maintainable. +

+ +

+ The maintainer must be specified in the Maintainer + control field with their correct name and a working email + address. The email address given in the Maintainer + control field must accept mail from those role accounts in + Debian used to send automated mails regarding the package. This + includes non-spam mail from the bug-tracking system, all mail + from the Debian archive maintenance software, and other role + accounts or automated processes that are commonly agreed on by + the project. + A sample implementation of such a whitelist written for the + Mailman mailing list management software is used for mailing + lists hosted by alioth.debian.org. + + If one person or team maintains several packages, they should + use the same form of their name and email address in the Maintainer fields of those packages.

@@ -933,15 +950,23 @@

- If the maintainer of a package quits from the Debian - project, "Debian QA Group" - packages@qa.debian.org takes over the - maintainer-ship of the package until someone else - volunteers for that task. These packages are called - orphaned packages. - The detailed procedure for doing this gracefully can - be found in the Debian Developer's Reference, - see . + If the maintainer of the package is a team of people with a + shared email address, the Uploaders control field must + be present and must contain at least one human with their + personal email address. See for the + syntax of that field. +

+ +

+ An orphaned package is one with no current maintainer. Orphaned + packages should have their Maintainer control field set + to Debian QA Group <packages@qa.debian.org>. + These packages are considered maintained by the Debian project + as a whole until someone else volunteers to take over + maintenance. + The detailed procedure for gracefully orphaning a package can + be found in the Debian Developer's Reference + (see ).

@@ -1079,10 +1104,10 @@

- Sometimes, a package requires another package to be installed - and configured before it can be installed. In this - case, you must specify a Pre-Depends entry for - the package. + Sometimes, unpacking one package requires that another package + be first unpacked and configured. In this case, the + depending package must specify this dependency in + the Pre-Depends control field.

@@ -1636,11 +1661,20 @@ The maintainer name and email address used in the changelog should be the details of the person uploading this version. They are not necessarily those of the - usual package maintainer. The information here will be - copied to the Changed-By field in the - .changes file (see ), - and then later used to send an acknowledgement when the - upload has been installed. + usual package maintainer. + If the developer uploading the package is not one of the usual + maintainers of the package (as listed in + the Maintainer + or Uploaders control + fields of the package), the first line of the changelog is + conventionally used to explain why a non-maintainer is + uploading the package. The Debian Developer's Reference + (see ) documents the conventions + used. + The information here will be copied to the Changed-By + field in the .changes file + (see ), and then later used to send an + acknowledgement when the upload has been installed.

@@ -1792,23 +1826,26 @@ identical behavior.

+

+ The following targets are required and must be implemented + by debian/rules: clean, binary, + binary-arch, binary-indep, and build. + These are the targets called by dpkg-buildpackage. +

+

Since an interactive debian/rules script makes it - impossible to auto-compile that package and also makes it - hard for other people to reproduce the same binary - package, all required targets must be - non-interactive. At a minimum, required targets are the - ones called by dpkg-buildpackage, namely, - clean, binary, binary-arch, - binary-indep, and build. It also follows - that any target that these targets depend on must also be + impossible to auto-compile that package and also makes it hard + for other people to reproduce the same binary package, all + required targets must be non-interactive. It also follows that + any target that these targets depend on must also be non-interactive.

- The targets are as follows (required unless stated otherwise): + The targets are as follows: - build + build (required)

The build target should perform all the @@ -1919,8 +1956,8 @@

- binary, binary-arch, - binary-indep + binary (required), binary-arch + (required), binary-indep (required)

@@ -1968,7 +2005,7 @@

- clean + clean (required)

This must undo any effects that the build @@ -2050,14 +2087,21 @@

The architectures we build on and build for are determined - by make variables using the utility - dpkg-architecture. - You can determine the - Debian architecture and the GNU style architecture - specification string for the build machine (the machine type - we are building on) as well as for the host machine (the - machine type we are building for). Here is a list of - supported make variables: + by make variables using the + utility dpkg-architecture. + You can determine the Debian architecture and the GNU style + architecture specification string for the build architecture as + well as for the host architecture. The build architecture is + the architecture on which debian/rules is run and + the package build is performed. The host architecture is the + architecture on which the resulting package will be installed + and run. These are normally the same, but may be different in + the case of cross-compilation (building packages for one + architecture on machines of a different architecture). +

+ +

+ Here is a list of supported make variables: DEB_*_ARCH (the Debian architecture) @@ -2081,8 +2125,8 @@ DEB_*_GNU_TYPE) where * is either BUILD for specification of - the build machine or HOST for specification of the - host machine. + the build architecture or HOST for specification of the + host architecture.

@@ -2718,20 +2762,32 @@ Package: libc6 putting the name in round brackets and moving it to the end, and bringing the email address forward).

+ +

+ See for additional requirements and + information about package maintainers. +

Uploaders

- List of the names and email addresses of co-maintainers of - the package, if any. If the package has other maintainers - beside the one named in the - Maintainer field, their names - and email addresses should be listed here. The format of each - entry is the same as that of the Maintainer field, and - multiple entries must be comma separated. This is an optional - field. + List of the names and email addresses of co-maintainers of the + package, if any. If the package has other maintainers besides + the one named in the Maintainer + field, their names and email addresses should be listed + here. The format of each entry is the same as that of the + Maintainer field, and multiple entries must be comma + separated. +

+ +

+ This is normally an optional field, but if + the Maintainer control field names a group of people + and a shared email address, the Uploaders field must + be present and must contain at least one human with their + personal email address.

@@ -3674,7 +3730,7 @@ Checksums-Sha256:

Broadly speaking the preinst is called before - (a particular version of) a package is installed, and the + (a particular version of) a package is unpacked, and the postinst afterwards; the prerm before (a version of) a package is removed and the postrm afterwards. @@ -3758,111 +3814,200 @@ Checksums-Sha256:

- - - new-preinst install - - - new-preinst install old-version - - - new-preinst upgrade old-version - - - old-preinst abort-upgrade - new-version - - + What follows is a summary of all the ways in which maintainer + scripts may be called along with what facilities those scripts + may rely on being available at that time. Script names preceded + by new- are the scripts from the new version of a + package being installed, upgraded to, or downgraded to. Script + names preceded by old- are the scripts from the old + version of a package that is being upgraded from or downgraded + from. +

- - - postinst configure - most-recently-configured-version - - - old-postinst abort-upgrade - new-version - - - conflictor's-postinst abort-remove - in-favour package - new-version - + The preinst script may be called in the following + ways: + + new-preinst install + new-preinst install + old-version + new-preinst upgrade + old-version - postinst abort-remove + The package will not yet be unpacked, so + the preinst script cannot rely on any files + included in its package. Only essential packages and + pre-dependencies (Pre-Depends) may be assumed to be + available. Pre-dependencies will have been configured at + least once, but at the time the preinst is + called they may only be in an unpacked or "Half-Configured" + state if a previous version of the pre-dependency was + completely configured and has not been removed since then. + + old-preinst abort-upgrade + new-version - deconfigured's-postinst - abort-deconfigure in-favour - failed-install-package version - [removing conflicting-package - version] + Called during error handling of an upgrade that failed after + unpacking the new package because the postrm + upgrade action failed. The unpacked files may be + partly from the new version or partly missing, so the script + cannot rely on files included in the package. Package + dependencies may not be available. Pre-dependencies will be + at least unpacked following the same rules as above, except + they may be only "Half-Installed" if an upgrade of the + pre-dependency failed. + This can happen if the new version of the package no + longer pre-depends on a package that had been partially + upgraded. + - + +

- - - prerm remove - - - old-prerm upgrade - new-version - - - new-prerm failed-upgrade - old-version - + The postinst script may be called in the following + ways: + + postinst configure + most-recently-configured-version - conflictor's-prerm remove - in-favour package - new-version + The files contained in the package will be unpacked. All + package dependencies will at least be unpacked. If there + are no circular dependencies involved, all package + dependencies will be configured. For behavior in the case + of circular dependencies, see the discussion + in . + + old-postinst abort-upgrade + new-version + conflictor's-postinst abort-remove + in-favour package + new-version + postinst abort-remove + deconfigured's-postinst + abort-deconfigure in-favour + failed-install-package version + [removing conflicting-package + version] - deconfigured's-prerm deconfigure - in-favour package-being-installed - version [removing - conflicting-package - version] + The files contained in the package will be unpacked. All + package dependencies will at least be "Half-Installed" and + will have previously been configured and not removed. + However, dependencies may not be configured or even fully + unpacked in some error situations. + For example, suppose packages foo and bar are installed + with foo depending on bar. If an upgrade of bar were + started and then aborted, and then an attempt to remove + foo failed because its prerm script failed, + foo's postinst abort-remove would be called with + bar only "Half-Installed". + + The postinst should still attempt any actions + for which its dependencies are required, since they will + normally be available, but consider the correct error + handling approach if those actions fail. Aborting + the postinst action if commands or facilities + from the package dependencies are not available is often the + best approach. - + +

- - - postrm remove - - - postrm purge - - - old-postrm upgrade - new-version - + The prerm script may be called in the following + ways: + + prerm remove + old-prerm + upgradenew-version + conflictor's-prerm remove + in-favour package + new-version + deconfigured's-prerm deconfigure + in-favour package-being-installed + version [removing + conflicting-package version] - new-postrm failed-upgrade - old-version + The package whose prerm is being called will be + at least "Half-Installed". All package dependencies will at + least be "Half-Installed" and will have previously been + configured and not removed. If there was no error, all + dependencies will at least be unpacked, but these actions + may be called in various error states where dependencies are + only "Half-Installed" due to a partial upgrade. + + new-prerm failed-upgrade + old-version - new-postrm abort-install + Called during error handling when prerm upgrade + fails. The new package will not yet be unpacked, and all + the same constraints as for preinst upgrade apply. + +

+ +

+ The postrm script may be called in the following + ways: + + postrm remove + postrm purge + old-postrm upgrade + new-version + disappearer's-postrm disappear + overwriter overwriter-version - new-postrm abort-install - old-version + The postrm script is called after the package's + files have been removed or replaced. The package + whose postrm is being called may have + previously been deconfigured and only be unpacked, at which + point subsequent package changes do not consider its + dependencies. Therefore, all postrm actions + may only rely on essential packages and must gracefully skip + any actions that require the package's dependencies if those + dependencies are unavailable. + This is often done by checking whether the command or + facility the postrm intends to call is + available before calling it. For example: + +if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + db_purge +fi + + in postrm purges the debconf + configuration for the package + if debconf is installed. + + + new-postrm failed-upgrade + old-version - new-postrm abort-upgrade - old-version + Called when the old postrm upgrade action fails. + The new package will be unpacked, but only essential + packages and pre-dependencies can be relied on. + Pre-dependencies will either be configured or will be + "Unpacked" or "Half-Configured" but previously had been + configured and was never removed. + + new-postrm abort-install + new-postrm abort-install + old-version + new-postrm abort-upgrade + old-version - disappearer's-postrm disappear - overwriter - overwriter-version + Called before unpacking the new package as part of the + error handling of preinst failures. May assume + the same state as preinst can assume. - +

- + Details of unpack phase of installation or upgrade @@ -4064,7 +4209,7 @@ Checksums-Sha256: behavior which, though deterministic, is hard for the system administrator to understand. It can easily lead to "missing" programs if, for example, a package - is installed which overwrites a file from another + is unpacked which overwrites a file from another package, and is then removed again. Part of the problem is due to what is arguably a bug in dpkg. @@ -4200,7 +4345,7 @@ Checksums-Sha256: If there was a conflicting package we go and do the removal actions (described below), starting with the removal of the conflicting package's files (any that - are also in the package being installed have already + are also in the package being unpacked have already been removed from the conflicting package's file list, and so do not get removed now). @@ -4540,31 +4685,40 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]

- For this reason packages in an installation run are usually - all unpacked first and all configured later; this gives - later versions of packages with dependencies on later - versions of other packages the opportunity to have their - dependencies satisfied. + Since Depends only places requirements on the order in + which packages are configured, packages in an installation run + are usually all unpacked first and all configured later. + + This approach makes dependency resolution easier. If two + packages A and B are being upgraded, the installed package A + depends on exactly the installed package B, and the new + package A depends on exactly the new package B (a common + situation when upgrading shared libraries and their + corresponding development packages), satisfying the + dependencies at every stage of the upgrade would be + impossible. This relaxed restriction means that both new + packages can be unpacked together and then configured in their + dependency order. +

-

- In case of circular dependencies, since installation or - removal order honoring the dependency order can't be - established, dependency loops are broken at some point - (based on rules below), and some packages may not be able to - rely on their dependencies being present when being - installed or removed, depending on which side of the break - of the circular dependency loop they happen to be on. If one - of the packages in the loop has no postinst script, then the - cycle will be broken at that package, so as to ensure that - all postinst scripts run with the dependencies properly - configured if this is possible. Otherwise the breaking point - is arbitrary. -

-

- The Depends field thus allows package maintainers - to impose an order in which packages should be configured. + If there is a circular dependency among packages being installed + or removed, installation or removal order honoring the + dependency order is impossible, requiring the dependency loop be + broken at some point and the dependency requirements violated + for at least one package. Packages involved in circular + dependencies may not be able to rely on their dependencies being + configured before they themselves are configured, depending on + which side of the break of the circular dependency loop they + happen to be on. If one of the packages in the loop has + no postinst script, then the cycle will be broken + at that package; this ensures that all postinst + scripts are run with their dependencies properly configured if + this is possible. Otherwise the breaking point is arbitrary. + Packages should therefore avoid circular dependencies where + possible, particularly if they have postinst + scripts.

@@ -4576,7 +4730,8 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] This declares an absolute dependency. A package will not be configured unless all of the packages listed in its Depends field have been correctly - configured. + configured (unless there is a circular dependency as + described above).

@@ -4588,12 +4743,31 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]

The Depends field should also be used if the - postinst, prerm or - postrm scripts require the package to be - present in order to run. Note, however, that the - postrm cannot rely on any non-essential - packages to be present during the purge - phase. + postinst or prerm scripts + require the depended-on package to be unpacked or + configured in order to run. In the case of postinst + configure, the depended-on packages will be unpacked + and configured first. (If both packages are involved in a + dependency loop, this might not work as expected; see the + explanation a few paragraphs back.) In the case + of prerm or other postinst + actions, the package dependencies will normally be at + least unpacked, but they may be only "Half-Installed" if a + previous upgrade of the dependency failed. +

+ +

+ Finally, the Depends field should be used if the + depended-on package is needed by the postrm + script to fully clean up after the package removal. There + is no guarantee that package dependencies will be + available when postrm is run, but the + depended-on package is more likely to be available if the + package declares a dependency (particularly in the case + of postrm remove). The postrm + script must gracefully skip actions that require a + dependency if that dependency isn't available. +

Recommends @@ -4652,11 +4826,21 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]

- When the package declaring a pre-dependency is about - to be configured, the pre-dependency will be - treated as a normal Depends, that is, it will - be considered satisfied only if the depended-on - package has been correctly configured. + When the package declaring a pre-dependency is about to + be configured, the pre-dependency will be treated + as a normal Depends. It will be considered + satisfied only if the depended-on package has been + correctly configured. However, unlike + with Depends, Pre-Depends does not + permit circular dependencies to be broken. If a circular + dependency is encountered while attempting to honor + Pre-Depends, the installation will be aborted. +

+ +

+ Pre-Depends are also required if the + preinst script depends on the named package. + It is best to avoid this situation if possible.

@@ -4665,13 +4849,6 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] installation would hamper the ability of the system to continue with any upgrade that might be in progress.

- -

- Pre-Depends are also required if the - preinst script depends on the named - package. It is best to avoid this situation if - possible. -

@@ -4696,7 +4873,7 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]

When one binary package declares that it breaks another, dpkg will refuse to allow the package which - declares Breaks be installed unless the broken + declares Breaks to be unpacked unless the broken package is deconfigured first, and it will refuse to allow the broken package to be reconfigured.

@@ -4747,18 +4924,18 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] Conflicting binary packages - Conflicts

- When one binary package declares a conflict with another - using a Conflicts field, dpkg will - refuse to allow them to be installed on the system at the - same time. This is a stronger restriction than Breaks, - which just prevents both packages from being configured at the - same time. Conflicting packages cannot be unpacked on the - system at the same time. + When one binary package declares a conflict with another using + a Conflicts field, dpkg will refuse to + allow them to be unpacked on the system at the same time. This + is a stronger restriction than Breaks, which prevents + the broken package from being configured while the breaking + package is in the "Unpacked" state but allows both packages to + be unpacked at the same time.

- If one package is to be installed, the other must be removed - first. If the package being installed is marked as replacing + If one package is to be unpacked, the other must be removed + first. If the package being unpacked is marked as replacing (see , but note that Breaks should normally be used in this case) the one on the system, or the one on the system is marked as deselected, or both packages are @@ -4807,7 +4984,7 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] when two packages provide the same file and will continue to do so, in conjunction with Provides when only one - package providing a given virtual facility may be installed + package providing a given virtual facility may be unpacked at a time (see ), in other cases where one must prevent simultaneous installation of two packages for reasons that are ongoing @@ -5039,7 +5216,7 @@ Provides: mail-transport-agent Conflicts: mail-transport-agent Replaces: mail-transport-agent - ensuring that only one MTA can be installed at any one + ensuring that only one MTA can be unpacked at any one time. See for more information about this example. @@ -5338,7 +5515,7 @@ Replaces: mail-transport-agent

During install or upgrade, the preinst is called before - the new files are installed, so calling "ldconfig" is + the new files are unpacked, so calling "ldconfig" is pointless. The preinst of an existing package can also be called if an upgrade fails. However, this happens during the critical time when a shared libs may exist on-disk @@ -5483,7 +5660,7 @@ Replaces: mail-transport-agent ) to ensure that the user only installs one development version at a time (as different development versions are likely to have the same header files in them, which would cause a - filename clash if both were installed). + filename clash if both were unpacked).

@@ -7580,7 +7757,7 @@ fname () { The XSI extension to trap allowing numeric signals must be supported. In addition to the signal numbers listed in the extension, which are the same as for - kill above, 13 (SIGPIPE) must be allowed. + kill above, 13 (SIGPIPE) must be allowed. If a shell script requires non-SUSv3 features from the shell @@ -9805,7 +9982,7 @@ END-INFO-DIR-ENTRY

The DEBIAN directory will not appear in the file system archive of the package, and so won't be installed - by dpkg when the package is installed. + by dpkg when the package is unpacked.