On Tue, Nov 18, 2014 at 03:03:07PM +0600, Andrey Rahmatullin wrote:
> Package: debian-policy
> Severity: wishlist
>
> 2.2.1 says "the packages in main
>
> must not require or recommend a package outside of main for compilation or
> execution (thus, the package must not declare a "Pre-Depends", "Depends",
> "Recommends", "Build-Depends", or "Build-Depends-Indep" relationship on a non-
> main package),"
>
> In practice there is a consensus that this also means "packages must not
> access
> external network servers" which conforms to the spirit but not to the letter
> of
> this section.
I offer the attached patch, which target section
4.9 Main building script: debian/rules
This only address the issue in the bug title, namely
'Clarify network access for building packages in main'.
Cheers,
--
Bill. <ballo...@debian.org>
Imagine a large red swirl here.
diff --git a/policy.sgml b/policy.sgml
index 7bb703b..107ee44 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -1928,12 +1928,16 @@ zope.
impossible to auto-compile that package and also makes it hard
for other people to reproduce the same binary package, all
required targets must be non-interactive. It also follows that
any target that these targets depend on must also be
non-interactive.
</p>
+ <p>
+ For packages in the main archive, no required targets
+ may attempt network access.
+ </p>
<p>
The targets are as follows:
<taglist>
<tag><tt>build</tt> (required)</tag>
<item>
