On 7 Jan 2001, Goswin Brederlow wrote: > The orig.tar.gz file should be pristine (does someone have the pointer > to the policiy about this?). Basically NEVER rebuild it. > > It should be the original file downloaded from the upstream author > without any changes so that the md5sum compares to any md5sum the > author made public.
This is neither pragmatic, nor could I find anything in policy or the packaging manual that states this. The reason this is not a useful guideline is that *many* upstream tarballs are not a ./$package-$version/code format. Some aren't gzipped, and some aren't even tarballs. Yet others are broken in other special ways. For example, I just sponsored an upload a fortunes package where the upstream tarball contained a full copy of the source for wget (?!?) - naturally, we cut that out and saved about 450kB of cruft from occupying every Debian mirror in the world. As for Debian policy, the packaging manual (section 3.3) has this to say: Original source archive - package_upstream-version.orig.tar.gz This is a compressed (with gzip -9) tar file containing the source code from the upstream authors of the program. The tarfile unpacks into a directory package-upstream-version.orig, and does not contain files anywhere other than in there or in its subdirectories. Of course, you should make every effort to maintain the integrity of the upstream source, but that doesn't mean that you can't repack it if need be. After all, that's why we insist on licenses that allow redistribution. tony [EMAIL PROTECTED] | Der Graf sehnt sich so sehr nach dem Blut einer http://www.debian.org | Jungfrau. Doch der Graf hat Angst... | Angst vor HIV. (die Aerzte)
