X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=policy.sgml;h=4adee0b00da29910a0008d6aa549655e4d3a6383;hb=a34ae3cf97b43e0d200ff4e25b10fd6fad9494ad;hp=cb1093fed776e0b89b0800b2ce793c00bdf41ed9;hpb=8864aef1c3a1a66c9bd6da01b96417441dbe849a;p=debian%2Fdebian-policy.git
diff --git a/policy.sgml b/policy.sgml
index cb1093f..4adee0b 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -229,9 +229,8 @@
- Russ Allbery
- Bill Allombert
- - Andrew McMillan
- - Manoj Srivastava
- - Colin Watson
+ - Andreas Barth
+ - Jonathan Nieder
@@ -1746,11 +1745,14 @@ zope.
The maintainer name and email address used in the changelog
- should be the details of the person uploading this
- version. They are not necessarily those of the
- usual package maintainer.
- If the developer uploading the package is not one of the usual
- maintainers of the package (as listed in
+ should be the details of the person who prepared this release of
+ the package. They are not necessarily those of the
+ uploader or usual package maintainer.
+ In the case of a sponsored upload, the uploader signs the
+ files, but the changelog maintainer name and address are those
+ of the person who prepared this release. If the preparer of
+ the release is not one of the usual maintainers of the package
+ (as listed in
the Maintainer
or Uploaders control
fields of the package), the first line of the changelog is
@@ -2367,8 +2369,7 @@ endif
This is an optional, recommended configuration file for the
uscan utility which defines how to automatically scan
ftp or http sites for newly available updates of the
- package. This is used
- by and other Debian QA
+ package. This is used Debian QA
tools to help with quality control and maintenance of the
distribution as a whole.
@@ -2542,7 +2543,7 @@ endif
composed of US-ASCII characters excluding control characters,
space, and colon (i.e., characters in the ranges 33-57 and
59-126, inclusive). Field names must not begin with the comment
- character, #.
+ character, #, nor with the hyphen character, -.
@@ -2557,7 +2558,9 @@ Package: libc6
the field name is Package and the field value
libc6.
-
+ Empty field values are only permitted in source package control files
+ (debian/control). Such fields are ignored.
+
A paragraph must not contain more than one instance of a
particular field name.
@@ -2700,6 +2703,7 @@ Package: libc6
file. These tools are responsible for removing the line
breaks from such fields when using fields from
debian/control to generate other control files.
+ They are also responsible for discarding empty fields.
@@ -2759,6 +2763,7 @@ Package: libc6
- Uploaders
- Homepage
- Vcs-Browser, Vcs-Git, et al.
+ - Dgit
- Standards-Version (recommended)
- Build-Depends et al
- Package-List (recommended)
@@ -3673,7 +3678,7 @@ Files:
The special value byhand for the section in a
.changes file indicates that the file in question
- is not an ordinary package file and must by installed by
+ is not an ordinary package file and must be installed by
hand by the distribution maintainers. If the section is
byhand the priority should be -.
@@ -3840,6 +3845,26 @@ Checksums-Sha256:
this value is assumed for paragraphs lacking this field.
+
+
+ Dgit
+
+
+ Folded field containing a single git commit hash, presented in
+ full, followed optionally by whitespace and other data to be
+ defined in future extensions.
+
+
+
+ Declares that the source package corresponds exactly to a
+ referenced commit in a Git repository available at the canonical
+ location called dgit-repos, used by dgit, a
+ bidirectional gateway between the Debian archive and Git. The
+ commit is reachable from at least one reference whose name matches
+ refs/dgit/*. See the manual page of dgit for
+ further details.
+
+
@@ -6897,6 +6922,20 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
exceptions to the FHS apply:
+ -
+
+ The FHS requirement that architecture-independent
+ application-specific static files be located in
+ /usr/share is relaxed to a suggestion.
+
+ In particular, a subdirectory of /usr/lib may
+ be used by a package (or a collection of packages) to hold a
+ mixture of architecture-independent and
+ architecture-dependent files. However, when a directory is
+ entirely composed of architecture-independent files, it
+ should be located in /usr/share.
+
+
-
The optional rules related to user specific
@@ -6938,8 +6977,18 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
This is necessary in order to reserve the directories for
use in cross-installation of library packages from other
- architectures, as part of the planned deployment of
- multiarch.
+ architectures, as part of multiarch.
+
+
+
+ The requirement for C and C++ headers files to be
+ accessible through the search path
+ /usr/include/ is amended, permitting files to
+ be accessible through the search path
+ /usr/include/triplet where
+ triplet is as above.
+ This is necessary for architecture-dependant headers
+ file to coexist in a multiarch setup.
@@ -7000,15 +7049,29 @@ Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
stable release of Debian supports /run.
- -
+
-
+
+ The /sys directory in the root filesystem is
+ additionally allowed. This directory is used as
+ mount point to mount virtual filesystems to get access to
+ kernel information.
+
+
+ -
- The following directories in the root filesystem are
- additionally allowed: /sys and
- /selinux. These directories
- are used as mount points to mount virtual filesystems
- to get access to kernel information.
+ The /var/www directory is additionally allowed.
-
+
+ -
+
+ The requirement for /usr/local/lib<qual>
+ to exist if /lib<qual> or
+ /usr/lib<qual> exists (where
+ lib<qual> is a variant of
+ lib such as lib32 or
+ lib64) is removed.
+
+
-
On GNU/Hurd systems, the following additional
@@ -7289,6 +7352,35 @@ rmdir /usr/local/share/emacs 2>/dev/null || true
65535:
+ -
+
+ This value must not be used, because it was
+ the error return sentinel value when uid_t
+ was 16 bits.
+
+
+
+ 65536-4294967293:
+ -
+
+ Dynamically allocated user accounts. By
+ default adduser will not allocate UIDs
+ and GIDs in this range, to ease compatibility with
+ legacy systems where uid_t is still 16
+ bits.
+
+
+
+ 4294967294:
+ -
+
+ (uid_t)(-2) == (gid_t)(-2) must not be
+ used, because it is used as the anonymous, unauthenticated
+ user by some NFS implementations.
+
+
+
+ 4294967295:
-
(uid_t)(-1) == (gid_t)(-1) must
@@ -8412,7 +8504,17 @@ fi
renamed. If a consensus cannot be reached, both
programs must be renamed.
-
+
+ Binary executables must not be statically linked with the GNU C
+ library, since this prevents the binary from benefiting from
+ fixes and improvements to the C library without being rebuilt
+ and complicates security updates. This requirement may be
+ relaxed for binary executables whose intended purpose is to
+ diagnose and fix the system in situations where the GNU C
+ library may not be usable (such as system recovery shells or
+ utilities like ldconfig) or for binary executables where the
+ security benefits of static linking outweigh the drawbacks.
+
By default, when a package is being built, any binaries
created should include debugging information, as well as
@@ -8821,6 +8923,7 @@ fname () {
would point to /srv/run rather than the intended
target.
+ Symbolic links must not traverse above the root directory.
@@ -8989,8 +9092,10 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
package is purged.
- Obsolete configuration files without local changes may be
- removed by the package during upgrade.
+ Obsolete configuration files without local changes should be
+ removed by the package during upgrade.
+ The dpkg-maintscript-helper tool, available from the
+ dpkg package, can help for this task.
@@ -9473,6 +9578,23 @@ done
+
+
+ File names
+
+
+ The name of the files installed by binary packages in the system PATH
+ (namely /bin, /sbin, /usr/bin,
+ /usr/sbin and /usr/games) must be encoded in
+ ASCII.
+
+
+
+ The name of the files and directories installed by binary packages
+ outside the system PATH must be encoded in UTF-8 and should be
+ restricted to ASCII when it is possible to do so.
+
+
@@ -9659,15 +9781,16 @@ done
Cgi-bin executable files are installed in the
directory
-/usr/lib/cgi-bin/cgi-bin-name
+/usr/lib/cgi-bin
+
+ or a subdirectory of that directory, and the script
+
+/usr/lib/cgi-bin/.../cgi-bin-name
- or a subdirectory of that directory, and should be
- referred to as
+ should be referred to as
-http://localhost/cgi-bin/cgi-bin-name
+http://localhost/cgi-bin/.../cgi-bin-name
- (possibly with a subdirectory name
- before cgi-bin-name).
-
@@ -9699,7 +9822,7 @@ http://localhost/cgi-bin/cgi-bin-name
doc-base package. If access to the
web document root is unavoidable then use
-/var/www
+/var/www/html
as the Document Root. This might be just a symbolic
link to the location where the system administrator