1 <!doctype debiandoc system>
5 <title> Policy checklist for upgrading your packages </title>
6 <author> Bill Allombert <email/ballombe@debian.org/ </author>
7 <author> Josip Rodin </author>
8 <author> Julian Gilbey </author>
9 <author> Russ Allbery <email/rra@debian.org/ </author>
10 <author> Manoj Srivastava <email/srivasta@debian.org/
12 <chapt> About the checklist
14 The checklist below has been created to simplify the upgrading process
15 of old packages. Note that this list is not "official"; it simply
16 gives an indication of what has changed and whether you are likely to
17 need to make changes to your package in light of this. If you have
18 doubts about a certain topic, if you need more details, or if you
19 think some other package does not comply with policy, please refer to
20 the Policy Manual itself. All of the changes from version 3.0.0
21 onwards indicate which section of the Policy Manual discusses the
22 issue: [3.4] means section 3.4. The section numbering changed when
23 the packaging manual was incorporated into policy; the section numbers
24 used below refer to the current version.
26 Here is how the check list works: Check which policy version your
27 package was checked against last (indicated in the "Standards-Version"
28 field of the source package). Then move upwards until the top and
29 check which of the items on the list might concern your package. Note
30 which sections of policy discuss this, and then check out the Policy
31 Manual for details. If you are upgrading from Policy version < 2.5.0,
32 it may be easier to check through the whole of policy instead of
33 picking your way through this list.
37 <sect id="3.9.7.0"> Version 3.9.7.0
40 Released February, 2016.
44 <item> Symbolic links must not traverse above the root directory.
47 <item> 32bit UIDs in the range 65536-4294967293 are reserved for dynamically
48 allocated user accounts.
51 <item> Empty field values in control files are only permitted in the
52 <file>debian/control</file> file of a source package.
55 <item> <file>debian/rules</file>: required targets must not attempt
59 <item> recommend to ship additional documentation for package
60 <prgn>pkg</prgn> in a separate package <prgn>pkg-doc</prgn> and install it
61 into <file>/usr/share/doc/pkg</file>.
62 </item> </taglist></p>
64 <sect id="3.9.6.0"> Version 3.9.6.0
67 Released September, 2014.
71 <item> The FHS is relaxed to allow a subdirectory of <file>/usr/lib</file>
72 to hold a mixture of architecture-independent and architecture-dependent
73 files, though directories entirely composed of architecture-independent files
74 should be located in <file>/usr/share</file>.
77 <item>The FHS requirement for <file>/usr/local/lib64</file> to exist
78 if <file>/lib64</file> or <file>/usr/lib64</file> exists is removed.
81 <item> An FHS exception has been granted for multiarch include files,
82 permitting header files to instead be installed to
83 <file>/usr/include/triplet</file>.
86 <item> Binaries must not be statically linked with the GNU C library,
87 see policy for exceptions.
90 <item> It is clarified that signature appearing in debian/changelog should be
91 the details of the person who prepared this release of the package.
94 <item> The default web document root is now <file>/var/www/html</file>
97 <item><tt>java1-runtime</tt> and <tt>java2-runtime</tt> are removed,
98 <tt>javaN-runtime</tt> and <tt>javaN-runtime-headless</tt> are added
99 for all N between 5 and 9.
102 <item>Added <tt>httpd-wsgi</tt> for WSGI capable HTTP servers.
105 <item> Perl packages should use the <tt>%Config</tt> hash to locate module
106 paths instead of hardcoding paths in <tt>@INC</tt>.
109 <item> Perl binary modules and any modules installed into
110 <tt>$Config{vendorarch}</tt> must depend on the relevant
111 <package>perlapi-*</package> package.
112 </item> </taglist></p>
114 <sect id="3.9.5.0"> Version 3.9.5.0
117 Released October, 2013.
121 <item>Control data fields must not start with the hyphen character
122 (<tt>-</tt>), to avoid potential confusions when parsing clearsigned control
123 data files that were not properly unescaped.
125 <tag>5.4, 5.6.24</tag>
126 <item><tt>Checksums-Sha1</tt> and <tt>Checksums-Sha256</tt> are now
127 mandatory in <file>.dsc</file> files.
129 <tag>5.6.25, 5.8.1</tag>
130 <item>The <tt>DM-Upload-Allowed</tt> field is obsolete. Permissions
131 are now granted via <em>dak-commands</em> files.
133 <item>New section documenting the <tt>Package-List</tt> field in Debian
134 source control files.
137 <item>New section documenting the <tt>Package-Type</tt> field in source
138 package control files.
141 <item>New section documenting the <tt>Dgit</tt> field in Debian
142 source control files.
145 <item>The exception to the FHS for the <file>/selinux</file> was removed.
148 <item>Packages should remove all obsolete configuration files without
149 local changes during upgrades. The <prgn>dpkg-maintscript-helper</prgn>
150 tool, available from the <package>dpkg</package> package since
151 <em>Wheezy</em>, can help with this.
154 <item>The name of the files and directories installed by binary packages
155 must be encoded in UTF-8 and should be restricted to ASCII when possible.
156 In the system PATH, they must be restricted to ASCII.
159 <item>Stop recommending to serve HTML documents from
160 <file>/usr/share/doc/<var>package</var></file>.
163 <item>Packages distributing Info documents should use
164 <package>install-info</package>'s trigger, and do not need anymore
165 to depend on <tt>dpkg (>= 1.15.4) | install-info</tt>.
168 <item>The <tt>escape</tt> capability is now documented.
171 <item><tt>mp3-decoder</tt> and <tt>mp3-encoder</tt> are removed.</item>
174 <sect id="3.9.4.0"> Version 3.9.4.0
177 Released August, 2012.
181 <item>New <em>tasks</em> archive section.
184 <item><tt>build-arch</tt> and <tt>build-indep</tt> are now mandatory
185 targets in <file>debian/rules</file>.
188 <item>New section documenting the <tt>Vcs-*</tt> fields, which are
189 already in widespread use. Note the mechanism for specifying the Git
190 branch used for packaging in the Vcs-Git field.
193 <item>The deprecated relations < and > now must not be used.
196 <item>New <tt>Built-Using</tt> field, which must be used to document the
197 source packages for any binaries that are incorporated into this package
198 at build time. This is used to ensure that the archive meets license
199 requirements for providing source for all binaries.
202 <item>Policy for dependencies between shared libraries and other
203 packages has been largely rewritten to document the <tt>symbols</tt>
204 system and more clearly document handling of shared library ABI
205 changes. <file>symbols</file> files are now recommended
206 over <file>shlibs</file> files in most situations. All maintainers of
207 shared library packages should review the entirety of this section.
210 <item>Packages must not assume the <file>/run</file> directory exists or
211 is usable without a dependency on <tt>initscripts (>= 2.88dsf-13.3)</tt>
212 until the stable release of Debian supports <file>/run</file>.
215 <item>Packages including MIME configuration can now rely on triggers and
216 do not need to call update-mime.</item>
218 <item>New section documenting general requirements for alternate init
219 systems and specific requirements for integrating with upstart.
222 <item>All copyright files must be encoded in UTF-8.
226 <sect id="3.9.3.0"> Version 3.9.3.0
229 Released February, 2012.
233 <item>New archive sections <em>education</em>, <em>introspection</em>,
234 and <em>metapackages</em> added.
237 <item>The <tt>Architecture</tt> field in <file>*.dsc</file> files may
238 now contain the value <tt>any all</tt> for source packages building both
239 architecture-independent and architecture-dependent packages.
242 <item>If a dependency is restricted to particular architectures, the
243 list of architectures must be non-empty.
246 <item><file>/run</file> is allowed as an exception to the FHS and
247 replaces <file>/var/run</file>. <file>/run/lock</file>
248 replaces <file>/var/lock</file>. The FHS requirements for the older
249 directories apply to these directories as well. Backward compatibility
250 links will be maintained and packages need not switch to
251 referencing <file>/run</file> directly yet. Files in <file>/run</file>
252 should be stored in a temporary file system.
255 <item>New section spelling out the requirements for packages that use
256 files in <file>/run</file>, <file>/var/run</file>,
257 or <file>/var/lock</file>. This generalizes information previously only
261 <item>Cron job file names must not contain <tt>.</tt> or <tt>+</tt> or
262 they will be ignored by cron. They should replace those characters
263 with <tt>_</tt>. If a package provides multiple cron job files in the
264 same directory, they should each start with the package name (possibly
265 modified as above), <tt>-</tt>, and then some suitable suffix.
268 <item>Packages using doc-base do not need to call install-docs anymore.
271 <item>Packages that declare the same <tt>conffile</tt> may see left-over
272 configuration files from each other even if they conflict.
275 <item>The Policy rules around Motif libraries were just a special case
276 of normal rules for non-free dependencies and were largely obsolete, so
277 they have been removed.
280 <item><file>debian/copyright</file> is no longer required to list the
281 Debian maintainers involved in the creation of the package (although
282 note that the requirement to list copyright information is unchanged).
284 <tag>copyright-format</tag>
285 <item>Version 1.0 of the "Machine-readable <file>debian/copyright</file>
286 file" specification is included.
289 <item>This separate document has been retired and and its (short)
290 contents merged into Policy section 9.7. There are no changes to the
294 <item>Packages may declare an interest in the <var>perl-major-upgrade</var>
295 trigger to be notified of major upgrades of perl.
298 <item><tt>ttf-japanese-{mincho, gothic}</tt> is renamed to
299 <tt>fonts-japanese-{mincho, gothic}</tt>.
303 <sect id="3.9.2.0"> Version 3.9.2.0
306 Released April, 2011.
310 <item>Multiple clarifications throughout Policy where "installed" was
311 used and the more precise terms "unpacked" or "configured" were
315 <item>The maintainer address must accept mail from Debian role accounts
316 and the BTS. At least one human must be listed with their personal
317 email address in <tt>Uploaders</tt> if the maintainer is a shared email
318 address. The duties of a maintainer are also clearer.
321 <item>All control fields are now classified as simple, folded, or
322 multiline, which governs whether their values must be a single line or
323 may be continued across multiple lines and whether line breaks are
327 <item>Parsers are allowed to accept paragraph separation lines
328 containing whitespace, but control files should use completely empty
329 lines. Ordering of paragraphs is significant. Field names must be
330 composed of printable ASCII characters except colon and must not begin
334 <item>The <tt>DM-Upload-Allowed</tt> field is now documented.
337 <item>The system state maintainer scripts can rely upon during each
338 possible invocation is now documented. In several less-common cases,
339 this is stricter than Policy had previously documented. Packages with
340 complex maintainer scripts should be reviewed in light of this new
344 <item>The impact on system state when maintainer scripts that are part
345 of a circular dependency are run is now documented. Circular
346 dependencies are now a should not.
349 <item>The system state when <prgn>postinst</prgn> and <prgn>prerm</prgn>
350 scripts are run is now documented, and the documentation of the special
351 case of dependency state for <prgn>postrm</prgn> scripts has been
352 improved. <prgn>postrm</prgn> scripts are required to gracefully skip
353 actions if their dependencies are not available.
356 <item>GNU/Hurd systems are allowed <file>/hurd</file>
357 and <file>/servers</file> directories in the root filesystem.
360 <item>Packages installing to architecture-specific subdirectories of
361 <file>/usr/lib</file> must use the value returned by
362 <prgn>dpkg-architecture -qDEB_HOST_MULTIARCH</prgn>, not by
363 <prgn>dpkg-architecture -qDEB_HOST_GNU_TYPE</prgn>; this is a path change
364 on i386 architectures and a no-op for other architectures.
367 <item><tt>mailx</tt> is now a virtual package provided by packages that
368 install <prgn>/usr/bin/mailx</prgn> and implement at least the
369 POSIX-required interface.
373 <sect id="3.9.1.0"> Version 3.9.1.0
380 <item>Date-based version components should be given as the four-digit
381 year, two-digit month, and then two-digit day, but may have embedded
385 <item>Maintainer scripts must pass <tt>--package</tt>
386 to <prgn>dpkg-divert</prgn> when creating or removing diversions and
387 must not use <tt>--local</tt>.
390 <item>Only <prgn>dpkg-gencontrol</prgn> supports variable substitution.
391 <prgn>dpkg-genchanges</prgn> (for <file>*.changes</file>)
392 and <prgn>dpkg-source</prgn> (for <file>*.dsc</file>) do not.
395 <item>Architecture restrictions and wildcards are also allowed in binary
396 package relationships provided that the binary package is not
397 architecture-independent.
400 <item><tt>Conflicts</tt> and <tt>Breaks</tt> should only be used when
401 there are file conflicts or one package breaks the other, not just
402 because two packages provide similar functionality but don't interfere.
405 <item>The SONAME of a library should change whenever the ABI of the
406 library changes in a way that isn't backward-compatible. It should not
407 change if the library ABI changes are backward-compatible. Discourage
408 bundling shared libraries together in one package.
411 <item>Ada Library Information (<file>*.ali</file>) files must be
414 <tag>8.6.1, 8.6.2, 8.6.5</tag>
415 <item>Packages should normally not include a <file>shlibs.local</file>
416 file since we now have complete <file>shlibs</file> coverage.
419 <item>The SONAME of a library may instead be of the
420 form <tt><var>name</var>-<var>major-version</var>.so</tt>.
423 <item>Libtool <file>.la</file> files should not be installed for public
424 libraries. If they're required (for <tt>libltdl</tt>, for instance),
425 the <tt>dependency_libs</tt> setting should be emptied. Library
426 packages historically including <file>.la</file> files must continue to
427 include them (with <tt>dependency_libs</tt> emptied) until all libraries
428 that depend on that library have removed or emptied
429 their <file>.la</file> files.
432 <item>Libraries no longer need to be built with <tt>-D_REENTRANT</tt>,
433 which was an obsolete LinuxThreads requirement. Instead, say explicitly
434 that libraries should be built with threading support and to be
435 thread-safe if the library supports this.
438 <item><file>/bin/sh</file> scripts may assume that <prgn>kill</prgn>
439 supports an argument of <tt>-<var>signal</var></tt>,
440 that <prgn>kill</prgn> and <prgn>trap</prgn> support the numeric signals
441 listed in the XSI extension, and that signal 13 (SIGPIPE) can be trapped
442 with <prgn>trap</prgn>.
445 <item>Use of <file>/etc/logrotate.d/<var>package</var></file> for
446 logrotate rules is now recommended.
449 <item>Control information files should be owned by <tt>root:root</tt>
450 and either mode 644 or mode 755.
452 <tag>11.4, 11.8.3, 11.8.4</tag>
453 <item>Packages providing alternatives for <prgn>editor</prgn>,
454 <prgn>pager</prgn>, <prgn>x-terminal-emulator</prgn>, or
455 <prgn>x-window-manager</prgn> should also provide a slave alternative
456 for the corresponding manual page.
459 <item>Cgi-bin executable files may be installed in subdirectories
460 of <file>/usr/lib/cgi-bin</file> and web servers should serve out
461 executables in those subdirectories.
464 <item>The GPL version 1 is now included in common-licenses and should be
465 referenced from there instead of included in the <file>copyright</file>
470 <sect id="3.9.0.0"> Version 3.9.0.0
476 <tag>4.4, 5.6.15</tag>
477 <item>The required format for the date in a changelog entry and in the
478 Date control field is now precisely specified.
481 <item>A control paragraph must not contain more than one instance of a
482 particular field name.
484 <tag>5.4, 5.5, 5.6.24</tag>
485 <item>The <tt>Checksums-Sha1</tt> and <tt>Checksums-Sha256</tt> fields
486 in <file>*.dsc</file> and <file>*.changes</file> files are now
487 documented and recommended.
489 <tag>5.5, 5.6.16</tag>
490 <item>The <tt>Format</tt> field of <file>.changes</file> files is now
491 1.8. The <tt>Format</tt> field syntax for source
492 package <file>.dsc</file> files allows a subtype in parentheses, and it
493 is used for a different purpose than the <tt>Format</tt> field
494 for <file>.changes</file> files.
497 <item>The syntax of the <tt>Maintainer</tt> field is now must rather
501 <item>The comma separating entries in <tt>Uploaders</tt> is now must
504 <tag>5.6.8, 7.1, 11.1.1</tag>
505 <item>Architecture wildcards may be used in addition to specific
506 architectures in <file>debian/control</file> and <file>*.dsc</file>
507 Architecture fields, and in architecture restrictions in build
511 <item>Maintainer scripts are no longer guaranteed to run with a
512 controlling terminal and must be able to fall back to noninteractive
513 behavior (debconf handles this). Maintainer scripts may abort if there
514 is no controlling terminal and no reasonable default for a high-priority
515 question, but should avoid this if possible.
517 <tag>7.3, 7.6.1</tag>
518 <item><tt>Breaks</tt> should be used with <tt>Replaces</tt> for moving
519 files between packages.
522 <item><tt>Breaks</tt> should normally be used instead
523 of <tt>Conflicts</tt> for transient issues and moving files between
524 packages. New documentation of when each should be used.
527 <item>Use <tt>Conflicts</tt> with <tt>Provides</tt> if only one provider
528 of a virtual facility can be installed at a time.
531 <item>All shared library development files are no longer required to be
532 in the <tt>-dev</tt> package, only be available when the <tt>-dev</tt>
533 package is installed. This allows the <tt>-dev</tt> package to be split
534 as long as it depends on the additional packages.
537 <item>The UID range of user accounts is extended to 1000-59999.
539 <tag>9.3.2, 10.4</tag>
540 <item><file>init.d</file> scripts are a possible exception from the
541 normal requirement to use <tt>set -e</tt> in each shell script.
544 <item>The UCB BSD license was removed from the list of licenses that
545 should be referenced from <file>/usr/share/common-licenses/BSD</file>.
546 It should instead be included directly
547 in <file>debian/copyright</file>, although it will still be in
548 common-licenses for the time being.
551 <item><tt>SETTITLE</tt> is now documented (it has been supported for
552 some time). <tt>SETTITLE</tt> is like <tt>TITLE</tt> but takes a
553 template instead of a string to allow translation.
556 <item><package>perl-base</package> now
557 provides <package>perlapi-<var>abiname</var></package> instead of a
558 package based solely on the Perl version. Perl packages must now depend
559 on <package>perlapi-$Config{debian_abi}</package>, falling back
560 on <tt>$Config{version}</tt> if <tt>$Config{debian_abi}</tt> is not set.
563 <item>Packages using <file>Makefile.PL</file> should use
564 <tt>DESTDIR</tt> rather than <tt>PREFIX</tt> to install into the package
565 staging area. <tt>PREFIX</tt> only worked due to a Debian-local patch.
569 <sect id="3.8.4.0"> Version 3.8.4.0
576 <item> An FHS exception has been granted for multiarch libraries.
577 Permitting files to instead be installed to <file>/lib/triplet</file> and
578 <file>/usr/lib/triplet</file> directories.
581 <item>Packages may not contain named pipes and should instead create
582 them in postinst and remove them in prerm or postrm.
585 <item><file>/sys</file> and <file>/selinux</file> directories are explicitly
586 allowed as an exception to the FHS.
590 <sect id="3.8.3.0"> Version 3.8.3.0
596 <item>DEB_*_ARCH_CPU and DEB_*_ARCH_OS variables are now documented and
597 recommended over GNU-style variables for that information.
600 <item>Source package Architecture fields may contain <em/all/ in
601 combination with other architectures. Clarify when <em/all/ and <em/any/
602 may be used in different versions of the field.
605 <item>The Debian archive software does not support uploading
606 to multiple distributions with one <file>*.changes</file> file.
609 <item>The Binary field may span multiple lines.
612 <item>Shared library packages are no longer allowed to install libraries
613 in a non-standard location and modify <file/ld.so.conf/. Packages
614 should either be installed in a standard library directory or packages
615 using them should be built with RPATH.
618 <item>Installation directories for X programs have been clarified.
619 Packages are no longer required to pre-depend on x11-common before
620 installing into <file>/usr/include/X11</file>
621 and <file>/usr/lib/X11</file>.
624 <item>Manual pages are no longer required to contain only characters
625 representable in the legacy encoding for that language.
628 <item>Localized man pages should either be kept up-to-date with
629 the original version or warn that they're not up-to-date, either
630 with warning text or by showing missing or changed portions in the
634 <item>install-info is now handled via triggers so packages no
635 longer need to invoke it in maintainer scripts. Info documents
636 should now have directory sections and entries in the document.
637 Packages containing info documents should add a dependency to
638 support partial upgrades.
641 <item>The requirement for Perl modules to have a versioned
642 Depend and Build-Depend on <tt>perl >= 5.6.0-16</tt> has been removed.
646 <sect id="3.8.2.0"> Version 3.8.2.0
653 <item>The list of archive sections has been significantly expanded. See
654 <url id="http://lists.debian.org/debian-devel-announce/2009/03/msg00010.html"
655 name="this debian-devel-announce message">
656 for the list of new sections and rules for how to categorize
660 <item>All packages must use debconf or equivalent for user prompting,
661 though essential packages or their dependencies may also fall
662 back on other methods.
665 <item>The requirements for source package names are now explicitly
669 <item>Legacy XFree86 servers no longer get a special exception from the
670 FHS permitting <file>/etc/X11/XF86Config-4</file>.
673 <item>Removed obsolete dependency requirements for packages that use
674 <file>/var/mail</file>.
677 <item>Speedo fonts are now deprecated. The X backend was disabled
681 <item>The GNU Free Documentation License version 1.3 is included in
682 common-licenses and should be referenced from there.
686 <sect id="3.8.1.0"> Version 3.8.1.0
693 <item>Care should be taken when adding functionality to essential and
694 such additions create an obligation to support that functionality
695 in essential forever unless significant work is done.
698 <item>Changelog files must be encoded in UTF-8.
701 <item>Some format requirements for changelog files are now "must"
705 <item>Alternative changelog formats have been removed. Debian only
706 supports one changelog format for the Debian Archive.
709 <item>New nocheck option for DEB_BUILD_OPTIONS indicating any build-time
710 test suite provided by the package should not be run.
713 <item>All control files must be encoded in UTF-8.
716 <item><file>debian/control</file> allows comment lines starting with #
717 with no preceding whitespace.
720 <item>Init scripts ending in .sh are not handled specially. They are not
721 sourced and are not guaranteed to be run by <prgn>/bin/sh</prgn> regardless
722 of the #! line. This brings Policy in line with the long-standing
723 behavior of the init system in Debian.
726 <item>The start action of an init script must exit successfully and not
727 start the daemon again if it's already running.
730 <item><file>/var/run</file> and <file>/var/lock</file> may be mounted as
731 temporary filesystems, and init scripts must therefore create any necessary
732 subdirectories dynamically.
735 <item> <file>/bin/sh</file> scripts may assume that local can take multiple
736 variable arguments and supports assignment.
739 <item>User mailboxes may be mode 600 and owned by the user rather than
740 mode 660, owned by user, and group mail.
744 <sect id="3.8.0.0"> Version 3.8.0.0
751 <item>The base section has been removed. contrib and non-free have been
752 removed from the section list; they are only categories. The base
753 system is now defined by priority.
755 <item>If <prgn>dpkg-source -x</prgn> doesn't provide the source that will be
756 compiled, a debian/rules patch target is recommended and should do whatever
758 <tag>4.9.1, 10.1</tag>
759 <item>Standardized the format of DEB_BUILD_OPTIONS. Specified permitted
760 characters for tags, required that tags be whitespace-separated,
761 allowed packages to assume non-conflicting tags, and required
762 unknown flags be ignored.
764 <item>Added parallel=n to the standardized DEB_BUILD_OPTIONS tags,
765 indicating that a package should be built using up to n parallel
766 processes if the package supports it
768 <item>Debian packages should not use convenience copies of code from other
769 packages unless the included package is explicitly intended to be
772 <item>If dpkg-source -x doesn't produce source ready for editing and
773 building with dpkg-buildpackage, packages should include a
774 <file>debian/README.source</file> file explaining how to generate
775 the patched source, add a new modification, and remove an existing
776 modification. This file may also be used to document packaging a
777 new upstream release and any other complexity of the Debian build
780 <item>The Uploaders field in debian/control may be wrapped.
782 <item>An empty Debian revision is equivalent to a Debian revision of 0 in
785 <item>New Homepage field for upstream web sites.
786 <tag>6.5, 6.6, 7</tag>
787 <item>The Breaks field declares that this package breaks another and
788 prevents installation of the breaking package unless the package
789 named in Breaks is deconfigured first. This field should not be
790 used until the dpkg in Debian stable supports it.
792 <item>Clarify which files should go into a shared library package, into a
793 separate package, or into the -dev package. Suggest -tools instead
794 of -runtime for runtime support programs, since that naming is more
797 <item>Files in <file>/etc/cron.{hourly,daily,weekly,monthly}</file> must be
798 configuration files (upgraded from should). Mention the hourly
801 <item>Packages providing <file>/etc/X11/Xresources</file> files need not
802 conflict with <tt> xbase (<< 3.3.2.3a-2)</tt>, which is
805 <item>Manual pages in locale-specific directories should use either the
806 legacy encoding for that directory or UTF-8. Country names should
807 not be included in locale-specific manual page directories unless
808 indicating a significant difference in the language. All
809 characters in the manual page source should be representable in the
810 legacy encoding for a locale even if the man page is encoded in
813 <item>The Apache 2.0 license is now in common-licenses and should be
814 referenced rather than quoted in <file>debian/copyright</file>.
816 <item>Packages in contrib and non-free should state in the copyright file
817 that the package is not part of Debian GNU/Linux and briefly
820 <item>Underscore (_) is allowed in debconf template names.
823 <sect id="3.7.3.0"> Version 3.7.3.0
830 <item>Package version numbers may contain tildes, which sort before
831 anything, even the end of a part.
833 <item>Scripts may assume that <file>/bin/sh</file> supports local (at a basic
834 level) and that its test builtin (if any) supports -a and -o binary
837 <item>The substitution variable ${binary:Version} should be used in place
838 of ${Source-Version} for dependencies between packages of the same
840 <tag>menu policy</tag>
841 <item>Substantial reorganization and renaming of sections in the Debian
842 menu structure. Packages with menu entries should be reviewed to
843 see if the menu section has been renamed or if one of the new
844 sections would be more appropriate.
846 <item>The Source field in a .changes file may contain a version number
849 <item>The acceptable values for the Urgency field are low, medium, high,
850 critical, or emergency.
852 <item>The shlibs file now allows an optional type field, indicating the
853 type of package for which the line is valid. The only currently
854 supported type is udeb, used with packages for the Debian
857 <item>Packages following the Debian Configuration management
858 specification must allow for translation of their messages by using
859 a gettext-based system such as po-debconf.
861 <item>GFDL 1.2, GPL 3, and LGPL 3 are now in common-licenses and should
862 be referenced rather than quoted in debian/copyright.
865 <sect id="3.7.2.2"> Version 3.7.2.2
871 <tag>6.1</tag> <item>Maintainer scripts must not be world writeable (up from a
872 should to a must)</item>
875 <sect id="3.7.2.0"> Version 3.7.2.0
881 <tag>11.5</tag> <item>Revert the cgi-lib change. </item>
884 <sect id="3.7.1.0"> Version 3.7.1.0
891 <item>It is now possible to create shared libraries without
892 relocatable code (using -fPIC) in certain exceptional cases,
893 provided some procedures are followed, and for creating static
894 libraries with relocatable code (again, using -fPIC).
895 Discussion on debian-devel@lists.debian.org, getting a rough
896 consensus, and documenting it in README.Debian constitute most
899 <item>Packages should install any relevant files into the directories
900 <file>/usr/include/X11/</file> and <file>/usr/lib/X11/</file>, but if
901 they do so, they must pre-depend on <tt>x11-common (>= 1:7.0.0)</tt>
904 <sect id="3.7.0.0"> Version 3.7.0.0
911 <item>Packages shipping web server CGI files are expected to install
912 them in <file>/usr/lib/cgi-lib/</file> directories. This location change
913 perhaps should be documented in NEWS
915 <item>Web server packages should include a standard scriptAlias of
916 cgi-lib to <file>/usr/lib/cgi-lib</file>.
918 <item>The version of FHS mandated by policy has been upped to
919 2.3. There should be no changes required for most packages,
920 though new top level directories <file>/media</file>, <file>/srv</file>,
921 etc. may be of interest.
922 <tag>5.1, 5.6.3</tag>
923 <item>All fields, apart from the Uploaders field, in the control file
924 are supposed to be a single logical line, which may be spread
925 over multiple physical lines (newline followed by space is
926 elided). However, any parser for the control file must allow
927 the Uploaders field to be spread over multiple physical lines
928 as well, to prepare for future changes.
930 <item>When scripts are installed into a directory in the system
931 PATH, the script name should not include an extension that
932 denotes the scripting language currently used to implement it.
935 <item>packages that invoke initscripts now must use invoke-rc.d to do
936 so since it also pays attention to run levels and other local
938 <tag>11.8.5.2, 11.8.7, etc</tag>
939 <item>We no longer use <file>/usr/X11R6</file>, since we have
940 migrated away to using Xorg paths. This means, for one thing, fonts
941 live in <file>/usr/share/fonts/X11/</file> now, and <file>/usr/X11R6</file>
945 <sect id="3.6.2.0"> Version 3.6.2.0
952 <item>Recommend. doc-base, and not menu, for registering package documentation.
955 <item>Run time support programs should live in subdirectories of
956 <file>/usr/lib/</file> or <file>/usr/share</file>, and preferably the shared
957 lib is named the same as the package name (to avoid name collisions).
960 <item>It is recommended that HTTP servers provide an alias /images to
961 allow packages to share image files with the web server
965 <sect id="3.6.1.0"> Version 3.6.1.0
972 <item>Prompting the user should be done using debconf. Non debconf
973 user prompts are now deprecated.
976 <sect id="3.6.0.0"> Version 3.6.0
983 <item>Restructuring causing shifts in section numbers and bumping of
984 the minor version number:
986 <item>Many packaging manual appendices that were integrated into policy
987 sections are now empty, and replaced with links to the Policy.
988 In particular, the appendices that included the list of control
989 fields were updated (new fields like Closes, Changed-By were added)
990 and the list of fields for each of control, .changes and .dsc files
991 is now in Policy, and they're marked mandatory, recommended or
992 optional based on the current practice and the behavior of the
993 deb-building tool-chain.
995 <item>Elimination of needlessly deep section levels, primarily in the
996 chapter Debian Archive, from which two new chapters were split out,
997 Binary packages and Source packages. What remained was reordered
998 properly, that is, some sects became sects etc.
1000 <item>Several sections that were redundant, crufty or simply not designed
1001 with any sort of vision, were rearranged according to the formula that
1002 everything should be either in the same place or properly interlinked.
1003 Some things remained split up between different chapters when they
1004 talked about different aspects of files: their content, their syntax,
1005 and their placement in the file system. In particular, see the new
1006 sections about changelog files.
1007 <tag>menu policy</tag>
1008 <item>Added Games/Simulation and Apps/Education to menu
1011 <item>Debian changelogs should be UTF-8 encoded.
1013 <item>shared libraries must be linked against all libraries that they
1014 use symbols from in the same way that binaries are.
1016 <item>build-depends-indep need not be satisfied during clean
1020 <sect id="3.5.10.0"> Version 3.5.10
1027 <item>packages providing the x-terminal-emulator virtual package
1028 ought to ensure that they interpret the command line exactly
1031 <item>Window managers compliant with the Window Manager Specification
1032 Project may add 40 points for ranking in the alternatives
1035 <sect id="3.5.9.0"> Version 3.5.9.0
1042 <item>The section describing the Description: package field once again has
1043 full details of the long description format.
1045 <item>Clarified that if a package has non-build-essential
1046 build-dependencies, it should have them listed in the Build-Depends
1047 and related fields (i.e. it's not merely optional).
1049 <item>When asked to restart a service that isn't already running,
1050 the init script should start the service.
1052 <item>If the purpose of a package is to provide examples, then the
1053 example files can be installed into <file>/usr/share/doc/package</file>
1054 (rather than <file>/usr/share/doc/package/examples</file>).
1057 <sect id="3.5.8.0"> Version 3.5.8.0
1064 <item>It is no longer necessary to keep a log of changes to the upstream
1065 sources in the copyright file. Instead, all such changes should be
1066 documented in the changelog file.
1068 <item><var/Build-Depends/, <var/Build-Conflicts/, <var/Build-Depends-Indep/,
1069 and <var/Build-Conflicts-Indep/ must also be satisfied when the clean
1071 <tag>menu policy</tag>
1072 <item>A new Apps/Science menu section is available
1073 <tag>debconf policy</tag>
1074 <item>debconf specification cleared up, various changes.
1076 <item>It is no longer recommended to create symlinks from nonexistent
1077 manual pages to undocumented(7). Missing manual pages for programs
1081 <sect id="3.5.7.0"> Version 3.5.7.0
1088 <item>Packages no longer have to ask permission to call MAKEDEV in
1089 postinst, merely notifying the user ought to be enough.
1091 <item>cryptographic software may now be included in the main
1094 <item>task packages are no longer permitted; tasks are now created by a
1095 special Tasks: field in the control file.
1097 <item>window managers that support netwm can now add 20 points when
1098 they add themselves as an alternative for
1099 <file>/usr/bin/x-window-manager</file>
1101 <item>The default compilation options have now changed, one should
1102 provide debugging symbols in all cases, and optionally step
1103 back optimization to -O0, depending on the DEB_BUILD_OPTIONS
1104 environment variable.
1106 <item>Added mention of build-arch, build-indep, etc, in describing
1107 the relationships with `Build-Depends', `Build-Conflicts',
1108 `Build-Depends-Indep', and `Build-Conflicts-Indep'. May need to
1109 review the new rules.
1111 <item>Changed rules on how, and when, to invoke ldconfig in maintainer
1112 scripts. Long rationale.
1116 Added the last note in 3.5.6 upgrading checklist item regarding build
1117 rules, please see below
1120 <sect id="3.5.6.0"> Version 3.5.6.0
1127 <item>Emacs and TeX are no longer mandated by policy to be priority
1130 <item>Programs that access docs need to do so via <file>/usr/share/doc</file>,
1131 and not via <file>/usr/doc/</file> as was the policy previously
1133 <item>Putting documentation in <file>/usr/doc</file> versus
1134 <file>/usr/share/doc</file> is now a ``serious'' policy violation.
1136 <item>For web servers, one should not provide non-local access to the
1137 <file>/usr/share/doc</file> hierarchy. If one can't provide access
1138 controls for the http://localhost/doc/ directory, then it is preferred
1139 that one ask permission to expose that information during the install.
1141 <item>There are new rules for build-indep/build-arch targets and
1142 there is a new Build-Depend-Indep semantic.
1145 <sect id="3.5.5.0"> Version 3.5.5.0
1152 <item>Manpages should not rely on header information to have
1153 alternative manpage names available; it should only use
1154 symlinks or .so pages to do this
1157 <item><em> Clarified note in 3.5.3.0 upgrading checklist regarding
1158 examples and templates: this refers only to those examples used
1159 by scripts; see section 10.7.3 for the whole story</em>
1162 <item>Included a new section 10.9.1 describing the use of
1163 dpkg-statoverride; this does not have the weight of policy
1166 <item>Clarify Standards-Version: you don't need to rebuild your
1167 packages just to change the Standards-Version!
1170 <item>Plugins are no longer bound by all the rules of shared
1173 <tag>X Windows related things:</tag>
1176 <item>Clarification of priority levels of X Window System related
1180 <item>Rules for defining x-terminal-emulator improved </item>
1182 <item>X Font policy rewritten: you must read this if you provide
1183 fonts for the X Window System
1186 <item>Packages must not ship <file>/usr/X11R6/lib/X11/app-defaults/</file>
1189 <item>X-related packages should usually use the regular FHS
1190 locations; imake-using packages are exempted from this
1193 <item>OpenMotif linked binaries have the same rules as
1194 OSF/Motif-linked ones
1199 <sect id="3.5.4.0"> Version 3.5.4.0
1200 <p> Released Apr 2001.
1204 <item>The system-wide mail directory is now /var/mail, no longer
1205 /var/spool/mail. Any packages accessing the mail spool should
1206 access it via /var/mail and include a suitable Depends field;
1208 <tag>11.9; perl-policy</tag>
1209 <item>The perl policy is now part of Debian policy
1210 proper. Perl programs and modules should follow the current Perl
1215 <sect id="3.5.3.0"> Version 3.5.3.0
1216 <p> Released Apr 2001
1220 <item>Build-Depends arch syntax has been changed to be less
1221 ambiguous. This should not affect any current packages
1224 <item>Examples and templates files for use by scripts should now live
1225 in <file>/usr/share/<package></file> or
1226 <file>/usr/lib/<package></file>, with symbolic links from
1227 <file>/usr/share/doc/<package>/examples</file> as needed
1231 <sect id="3.5.2.0"> Version 3.5.2.0
1233 <p> Released Feb 2001.
1237 <item>X app-defaults directory has moved from
1238 <file>/usr/X11R6/lib/X11/app-defaults</file> to
1239 <file>/etc/X11/app-defaults</file>
1243 <sect id="3.5.1.0"> Version 3.5.1.0
1245 <p> Released Feb 2001.
1249 <item>dpkg-shlibdeps now uses objdump, so shared libraries have to be
1250 run through dpkg-shlibdeps as well as executables
1254 <sect id="3.5.0.0"> Version 3.5.0.0
1256 <p> Released Jan 2001.
1260 <item>Font packages for the X Window System must now declare a
1261 dependency on xutils (>= 4.0.2)
1265 <sect id="3.2.1.1"> Version 3.2.1.1
1267 <p> Released Jan 2001.
1271 <item>Daemon startup scripts in <file>/etc/init.d/</file> should not contain
1272 modifiable parameters; these should be moved to a file in
1273 <file>/etc/default/</file>
1276 <item>Files in <file>/usr/share/doc</file> must not be referenced by any
1277 program. If such files are needed, they must be placed in
1278 <file>/usr/share/<package>/</file>, and symbolic links
1279 created as required in <file>/usr/share/doc/<package>/</file>
1282 <item>Much of the packaging manual has now been imported into the
1287 <sect id="3.2.1.0"> Version 3.2.1.0
1289 <p> Released Aug 00.
1293 <item>A package of priority standard or higher may provide two
1294 binaries, one compiled with support for the X Window System,
1295 and the other without
1299 <sect id="3.2.0.0"> Version 3.2.0.0
1301 <p> Released Aug 00.
1305 <item>By default executables should not be built with the debugging
1306 option -g. Instead, it is recommended to support building the
1307 package with debugging information optionally.
1310 <item>Policy for packages where the upstream uses HTML changelog
1311 files has been expanded. In short, a plain text changelog file
1312 should always be generated for the upstream changes
1315 <item>Please note that the new release of the X window system (3.2)
1316 shall probably need sweeping changes in policy
1319 <item>Policy for packages providing the following X-based features
1323 <item>X server (virtual package xserver) </item>
1325 <item>X terminal emulator (virtual package x-terminal-emulator) </item>
1327 <item>X window manager (virtual package x-window-manager, and
1328 <file>/usr/bin/x-window-manager</file> alternative, with priority
1329 calculation guidelines)
1332 <item>X fonts (this section has been written from scratch) </item>
1334 <item>X application defaults </item>
1338 <item>Policy for packages using the X Window System and FHS issues
1342 <item>No package may contain or make hard links to conffiles </item>
1344 <item>Noted that newer dpkg versions do not require extreme care in
1345 always creating the shared lib before the symlink, so the unpack
1350 <sect id="3.1.1.0"> Version 3.1.1.0
1352 <p> Released Nov 1999.
1356 <item>Correction to semantics of architecture lists in Build-Depends
1357 etc. Should not affect many packages
1361 <sect id="3.1.0.0"> Version 3.1.0.0
1363 <p> Released Oct 1999.
1367 <item><file>/usr/doc/<package></file> has to be a symlink pointing to
1368 <file>/usr/share/doc/<package></file>, to be maintained by postinst
1372 <item>Introduced source dependencies (Build-Depends, etc.) </item>
1374 <item><file>/etc/rc.boot</file> has been deprecated in favour of
1375 <file>/etc/rcS.d</file>. (Packages should not be touching this directory,
1376 but should use update-rc.d instead)
1379 <item>update-rc.d is now the <em>only</em> allowable way of accessing the
1380 <file>/etc/rc?.d/[SK]??*</file> links. Any scripts which manipulate them
1381 directly must be changed to use update-rc.d instead. (This is
1382 because the file-rc package handles this information in an
1386 <item>Architecture-specific examples go in
1387 <file>/usr/lib/<package>/examples</file>
1388 with symlinks from <file>/usr/share/doc/<package>/examples/*</file>
1389 or from <file>/usr/share/doc/<package>/examples</file> itself
1392 <item>Updated FHS to a 2.1 draft; this reverts <file>/var/state</file> to
1393 <file>/var/lib</file>
1395 <tag>9.7; mime-policy</tag>
1396 <item>Added MIME sub-policy document </item>
1398 <item>VISUAL is allowed as a (higher priority) alternative to EDITOR
1401 <item>Modified liblockfile description, which affects
1402 mailbox-accessing programs. Please see the policy document for
1406 <item>If a package provides a changelog in HTML format, a text-only
1407 version should also be included. (Such a version may be prepared
1408 using <prgn>lynx -dump -nolist</prgn>.)
1411 <item>Description of how to handle version numbers based on dates
1416 <sect id="3.0.1.0"> Version 3.0.1.0
1418 <p> Released Jul 1999.
1422 <item>Added the clarification that the .la files are essential for
1423 the packages using libtool's libltdl library, in which case the .la
1424 files must go in the run-time library package
1428 <sect id="3.0.0.0"> Version 3.0.0.0
1430 <p> Released Jun 1999.
1434 <item>Debian formally moves from the FSSTND to the FHS. This is a
1435 major change, and the implications of this move are probably
1439 <item>Only 3 digits of the Standards version need be included in
1440 control files, though all four digits are still permitted.
1443 <item>The location of the GPL has changed to
1444 <file>/usr/share/common-licenses</file>. This may require changing the
1445 copyright files to point to the correct location of the GPL and
1446 other major licenses
1449 <item>Packages that use libtool to create shared libraries must
1450 include the .la files in the -dev packages
1453 <item>Use logrotate to rotate log files
1456 <item>section 5.8 has been rewritten (Programs for the X Window
1459 <tag>9.6; menu-policy</tag>
1460 <item>There is now an associated menu policy, in a separate document,
1461 that carries the full weight of Debian policy
1464 <item>Programs which need to modify the files <file>/var/run/utmp</file>,
1465 <file>/var/log/wtmp</file> and <file>/var/log/lastlog</file> must be
1466 installed setgid utmp
1470 Please note that section numbers below this point may not be up to date
1473 <sect id="2.5.0.0"> Version 2.5.0.0
1475 <p> Released Oct 1998.
1479 <item>Rearranged the manual to create a new Section 4, Files
1481 <item>Section 3.3 ("Files") was moved to Section 4. The Sections
1482 that were Section 4 and Section 5 were moved down to become
1483 Section 5 and Section 6.
1485 <item>What was Section 5.5 ("Log files") is now a subsection of the
1486 new Section 4 ("Files"), becoming section 4.8, placed after
1487 "Configuration files", moving the Section 4.8 ("Permissions
1488 and owners") to Section 4.9. All subsections of the old
1489 Section 5 after 5.5 were moved down to fill in the number
1493 <item>Modified the section about changelog files to accommodate
1494 upstream changelogs which were formatted as HTML. These
1495 upstream changelog files should now be accessible as
1496 <file>/usr/doc/package/changelog.html.gz</file>
1498 <item>Symlinks are permissible to link the real, or upstream,
1499 changelog name to the Debian mandated name.
1501 <item>Clarified that HTML documentation should be present in some
1502 package, though not necessarily the main binary package.
1504 <item>Corrected all references to the location of the copyright
1505 files. The correct location is <file>/usr/doc/package/copyright</file>
1507 <item>Ratified the architecture specification strings to cater to the
1512 <sect id="2.4.1.0"> Version 2.4.1.0
1514 <p> Released Apr 1998.
1516 <sect1> Policy Manual:
1518 <tag>Updated section 3.3.5 Symbolic links:</tag>
1519 <item>symbolic links within a toplevel directory should be relative,
1520 symbolic links between toplevel directories should be absolute
1521 (cf., Policy Weekly Issue#6, topic 2)
1524 <tag>Updated section 4.9 Games:</tag>
1525 <item>manpages for games should be installed in <file>/usr/man/man6</file>
1526 (cf., Policy Weekly Issue#6, topic 3)
1530 <sect1> Packaging Manual:
1532 <item>Updated prefix of chapter 12, Shared Libraries:
1533 ldconfig must be called in the postinst script if the package
1534 installs shared libraries
1535 (cf., Policy Weekly Issue #6, fixes:bug#20515)
1539 <sect id="2.4.0.0"> Version 2.4.0.0
1541 <p> Released Jan 1998
1544 <tag>Updated section 3.3.4 Scripts:</tag>
1546 <item>/bin/sh may be any POSIX compatible shell
1547 <item>scripts including bashisms have to specify <file>/bin/bash</file>
1549 <item>scripts which create files in world-writable directories
1550 (e.g., in <file>/tmp</file>) should use tempfile or mktemp for creating
1554 <tag>Updated section 3.3.5 Symbolic Links:</tag>
1555 <item>symbolic links referencing compressed files must have the same
1556 file extension as the referenced file
1559 <tag>Updated section 3.3.6 Device files:</tag>
1560 <item><file>/dev/tty*</file> serial devices should be used instead of
1561 <file>/dev/cu*</file>
1564 <tag>Updated section 3.4.2 Writing the scripts in <file>/etc/init.d</file>:
1566 <item>all <file>/etc/init.d</file> scripts have to provide the following
1567 options: start, stop, restart, force-reload
1568 <item>the reload option is optional and must never stop and restart
1572 <tag>Updated section 3.5 Cron jobs:
1573 <item>cron jobs that need to be executed more often than daily should
1574 be installed into <file>/etc/cron.d</file>
1577 <tag>Updated section 3.7 Menus:
1578 <item>removed section about how to register HTML docs to `menu'
1579 (the corresponding section in 4.4, Web servers and applications,
1580 has been removed in policy 2.2.0.0 already, so this one was
1584 <tag>New section 3.8 Keyboard configuration:
1585 <item>details about how the backspace and delete keys should be
1589 <tag>New section 3.9 Environment variables:
1590 <item>no program must depend on environment variables to get a
1591 reasonable default configuration
1594 <tag>New section 4.6 News system configuration:
1595 <item><file>/etc/news/organization</file> and <file>/etc/news/server</file>
1596 should be supported by all news servers and clients
1599 <tag>Updated section 4.7 Programs for the X Window System:
1601 <item>programs requiring a non-free Motif library should be provided
1602 as foo-smotif and foo-dmotif package
1604 <item>if lesstif works reliably for such program, it should be linked
1605 against lesstif and not against a non-free Motif library
1609 <tag>Updated section 4.9 Games:
1610 <item>games for X Windows have to be installed in <file>/usr/games</file>,
1615 <sect id="2.3.0.0"> Version 2.3.0.1, 2.3.0.0
1617 <p> Released Sep 1997.
1620 <item>new section `4.2 Daemons' including rules for
1621 <file>/etc/services</file>, <file>/etc/protocols</file>,
1622 <file>/etc/rpc</file>, and <file>/etc/inetd.conf</file>
1625 <item>updated section about `Configuration files':
1626 packages may not touch other packages' configuration files
1629 <item>MUAs and MTAs have to use liblockfile</item>
1632 <sect id="2.2.0.0"> Version 2.2.0.0
1634 <p> Released July 1997.
1637 <item>added section 4.1 `Architecture specification strings':
1640 where <arch> is one of the following:
1641 i386, alpha, arm, m68k, powerpc, sparc.
1644 <item>detailed rules for <file>/usr/local</file></item>
1646 <item>user ID's</item>
1648 <item>editor/pager policy</item>
1650 <item>cron jobs</item>
1652 <item>device files</item>
1654 <item>don't install shared libraries as executable</item>
1656 <item>app-defaults files may not be conffiles</item>
1659 <sect id="2.1.3.0"> Version 2.1.3.2, 2.1.3.1, 2.1.3.0
1661 <p> Released Mar 1997.
1664 <item>two programs with different functionality must not have the
1667 <item>"Webstandard 3.0"</item>
1669 <item>"Standard for Console Messages"</item>
1671 <item>Libraries should be compiled with `-D_REENTRANT'</item>
1673 <item>Libraries should be stripped with <prgn>strip --strip-unneeded</prgn>
1677 <sect id="2.1.2.0"> Version 2.1.2.2, 2.1.2.1, 2.1.2.0
1679 <p> Released Nov 1996.
1682 <item>Some changes WRT shared libraries
1685 <sect id="2.1.1.0"> Version 2.1.1.0
1687 <p> Released Sep 1996.
1690 <item>No hard links in source packages</item>
1692 <item>Do not use <prgn>dpkg-divert</prgn> or <prgn>update-alternatives</prgn>
1693 without consultation </item>
1695 <item>Shared libraries must be installed stripped </item>
1698 <sect id="2.1.0.0"> Version 2.1.0.0
1700 <p> Released Aug 1996.
1703 <item>Upstream changelog must be installed too </item>