Re: [EMAIL PROTECTED] Package Submission
Zachary Palmer wrote: Hey, all. I *think* I have a working submission for the contrib section of Debian mainline; this is the [EMAIL PROTECTED] download-and-install wrapper that I was discussing a couple days ago. I'm rather new at this, so I don't know exactly how I should proceed. What is the process for screening my package? Is this the appropriate mailing list to discuss the matter? It'd probably be a good idea to have someone who knows what they're doing look over my package and make sure that it's not... well... insane. Thanks for the help. Cheers, Zach Take a look at the mentors.debian.net and the debian-mentors maillist. -- Start Yahoo! Auction now! Check out the cool campaign http://pr.mail.yahoo.co.jp/auction/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package Submission
Hi Zach, On Wednesday 27 June 2007 03:44:21 Zachary Palmer wrote: Hey, all. I *think* I have a working submission for the contrib section of Debian mainline; this is the [EMAIL PROTECTED] download-and-install wrapper that I was discussing a couple days ago. I'm rather new at this, so I don't know exactly how I should proceed. What is the process for screening my package? Is this the appropriate mailing list to discuss the matter? It'd probably be a good idea to have someone who knows what they're doing look over my package and make sure that it's not... well... insane. as it was mentioned in another email, mentors.debian.net would be a good place for a first or second version of your package. So is your home page. I would presume the Debian-Med community http://www.debian.org/devel/debian-med/ to be interested, too, and expect you to eventually find a sponsor, too. If you have not already, I think you are ready to prepare an ITP (interest to pack, http://www.debian.org/devel/wnpp/) for your package, which is commonly regarded as the entry point of every new package. Once the package is available for download somewhere, you should add this info to your ITP report. Something I would like to discuss is to what degree your package is in conflict with, say, boinc-client, another idle time scavenger. I do not think that both should be installed on a single machine, but is this something that should be stated as a conflict in the control file? Rather not, does it?. Best regards Steffen signature.asc Description: This is a digitally signed message part.
[EMAIL PROTECTED] Package Submission
Hey, all. I *think* I have a working submission for the contrib section of Debian mainline; this is the [EMAIL PROTECTED] download-and-install wrapper that I was discussing a couple days ago. I'm rather new at this, so I don't know exactly how I should proceed. What is the process for screening my package? Is this the appropriate mailing list to discuss the matter? It'd probably be a good idea to have someone who knows what they're doing look over my package and make sure that it's not... well... insane. Thanks for the help. Cheers, Zach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package Submission
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Zachary Palmer wrote: I'm rather new at this, so I don't know exactly how I should proceed. What is the process for screening my package? Is this the appropriate mailing list to discuss the matter? The debian-mentors list is probably a better place to discuss this package. The mentors project also has their own repository to which you can upload your package so others can test it. Have a look at: http://mentors.debian.net/cgi-bin/welcome http://mentors.debian.net/cgi-bin/maintainer-intro - -- GnuPG: 0x77A975AD -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGge4bRWRRA3epda0RAqm3AKCVd6YIZ38kjjga/sccSosgNglgWACfd+WO mKEKJq82fYAXBvUKcal8mzk= =LqSR -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Josselin Mouette [EMAIL PROTECTED] wrote: Le vendredi 22 juin 2007 à 14:20 -0400, Zachary Palmer a écrit : This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. This is probably one of the worst excuses I could find. The software being closed source doesn't prevent *AT ALL* any kind falsification. Relying on such a blatantly wrong security scheme is the best way to discover falsification too late. As I understood it, the idea was more to keep information *comparable*, which wouldn't be the case if someone improved the script by using a faster minimizer, linking against an improved libfoo or whatever. You simply cannot publish a work based on input which clients sent to us that are somehow more or less the same as what we describe in the methods section, it needs to match exactly what's in the methods section. It's not a means against evil attackers, but against goodwilling helpers. By the way, I seem to recall that I once interacted, as a potential sponsor, with someone who wanted to upload a package similar to that proposed by Zachary, and it was called fah. I would even tend to think that there was a version in the archive, but I'm not sure I ever uploaded something (I remember arguments with the sponsee about the maintainer scripts). I'm currently offline and therefore cannot verify it, it should be (partly) in the -mentors archive. Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX/TeXLive)
Re: [EMAIL PROTECTED] Package
On Sun, Jun 24, 2007 at 05:51:29PM +0200, Frank Küster wrote: As I understood it, the idea was more to keep information *comparable*, which wouldn't be the case if someone improved the script by using a faster minimizer, linking against an improved libfoo or whatever. You simply cannot publish a work based on input which clients sent to us that are somehow more or less the same as what we describe in the methods section, it needs to match exactly what's in the methods section. It's not a means against evil attackers, but against goodwilling helpers. Josselin is right here, being closed source does not protect against these kind of problems _AT ALL_. We're running a BOINC project that runs a closed source application, but that did not prevent a guy with some free time to dissassemble the code and produce a binary patch to speed up the program in order to gain more credits. There is ongoing research about how to make public distributed computing more reliable and tampering more detectable, but being closed source does not help at all. Gabor -- - MTA SZTAKI Computer and Automation Research Institute Hungarian Academy of Sciences - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charles Plessy wrote: Distribution of this software is prohibited. It may only be obtained by downloading from Stanford's web site (http://folding.stanford.edu and pages linked therein). I guess that in that case, there would be a link from the Stanford site to packages.debian.org for instance. There is a FreeBSD packages which installs the [EMAIL PROTECTED] client by downloading the FAH504-Linux.exe binary from the Stanford website. The Gentoo ebuild works very similar and has been around for a long time. All these installers have been silently approved by the project as they don't violate the EULA. Nick Lewycky wrote a Debian package to install the [EMAIL PROTECTED] client on Debian, fahclient-installer, see: http://bugs.debian.org/261257 http://lists.debian.org/debian-mentors/2004/07/msg00338.html That specific code is no longer available online AFAIK, but I still have a copy which I used to add support for multiple CPUs. I never finished this, due to lack of time, but I can give you the code if you (Zachary Palmer) like. Do they frequently upgrade ? How long can an old client connect ? In that case, packaging would be commiting yourself to follow the upgrades closely. I do not think that it would help our users if the Debian package would periodically provide a binary which is not allowed to connect. [EMAIL PROTECTED] doesn't update its client regularly. The release cycle is possibly slower than Debian Stable. There has been talk of v6 for several years now, and I think that version just recently went into alpha testing if it made it that far (I'm no longer a beta tester with early access to project info, so I can't verify that). The v4 [EMAIL PROTECTED] client still works eventhough v5 has been out for a long time. Its usefulness is somewhat reduced because there are no more deadlineless WUs handed out by the project, but it still works. I don't think this is a real problem. Maybe the Debian-Med packaging team could provide you a safety net by co-maintaining the package and hosting the /debian dir in our SVN repo, so that you can take holidays without coming back with an obsolete package and angry users. However, would the package not be actively followed by a dedicated person, it would be better removed (or not packaged at that point) I'm also willing to help co-maintain a Debian package for [EMAIL PROTECTED] I'm currently the upstream maintainer of qd since Dick Howell passed away, which Claudio Moratti packaged as part of kfolding. Maybe he's interested too? Lastly, I am not sure that closed-sourceness is the best strategy against cheating. I guess that the expertise area of [EMAIL PROTECTED] is structural biology, wheras the expertise of cheaters is... well... cheating. Guaranteeing the integrity of the research is indeed the primary reason to keep the [EMAIL PROTECTED] client and cores closed-source. Even though they are build with GPL components like Gromacs. But [EMAIL PROTECTED] has been granted a non-commercial, non-GPL license for Gromacs, so [they] are not required to release [the] source. http://folding.stanford.edu/gromacs.html Regards, Bas - -- GnuPG: 0x77A975AD -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGfOS1RWRRA3epda0RAh/SAJ9IbAPuNRXg7khljzERTPAPdOCxcACfVSRe cZe2zKnqrG+ZJACv4Qt3rII= =Rs4C -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Sebastiaan Couwenberg wrote: [EMAIL PROTECTED] doesn't update its client regularly. The release cycle is possibly slower than Debian Stable. There has been talk of v6 for several years now, and I think that version just recently went into alpha testing if it made it that far (I'm no longer a beta tester with early access to project info, so I can't verify that). The v4 [EMAIL PROTECTED] client still works eventhough v5 has been out for a long time. Its usefulness is somewhat reduced because there are no more deadlineless WUs handed out by the project, but it still works. I don't think this is a real problem. Has there been any talk about moving to the BOINC infrastructure? Lastly, I am not sure that closed-sourceness is the best strategy against cheating. I guess that the expertise area of [EMAIL PROTECTED] is structural biology, wheras the expertise of cheaters is... well... cheating. Guaranteeing the integrity of the research is indeed the primary reason to keep the [EMAIL PROTECTED] client and cores closed-source. Even though they are build with GPL components like Gromacs. But [EMAIL PROTECTED] has been granted a non-commercial, non-GPL license for Gromacs, so [they] are not required to release [the] source. http://folding.stanford.edu/gromacs.html But the only way to be sure that the individual users don't cheat would be to require Treacherous Computing. Instead, BOINC-powered projects rely on handing out several copies of each work unit and checking that the reported results match. Perhaps [EMAIL PROTECTED] does this as well. I don't think that all BOINC projects release source, but [EMAIL PROTECTED] code is free (as is the BOINC client itself), for example, and in that case it's possible to package an optimized version. Otherwise the BOINC client automatically downloads the right executable. -- Magnus Holmgren [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Em Sáb, 2007-06-23 às 12:59 +0100, Chris Lamb escreveu: Charles Plessy wrote: as said in another mail, [EMAIL PROTECTED] is definitely non-free. Hovever, if Debian would become an authorized distributor, the licence would be suitable for non-free. What about Debian derivatives? They would not, but that is not a problem for non-free. -- Guilherme de S. Pastore [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Charles Plessy wrote: as said in another mail, [EMAIL PROTECTED] is definitely non-free. Hovever, if Debian would become an authorized distributor, the licence would be suitable for non-free. What about Debian derivatives? /Lamby -- Chris Lamb, Leamington Spa, UK GPG: 0x634F9A20 signature.asc Description: PGP signature
Re: [EMAIL PROTECTED] Package
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Magnus Holmgren wrote: Sebastiaan Couwenberg wrote: Has there been any talk about moving to the BOINC infrastructure? There used to be work on a BOINC [EMAIL PROTECTED] client, but this work has stopped due to personnel turnover. See: http://fahwiki.net/index.php/Alternative_FAH_Platforms#BOINC http://folding.stanford.edu/FAQ-highperformance.html But the only way to be sure that the individual users don't cheat would be to require Treacherous Computing. Instead, BOINC-powered projects rely on handing out several copies of each work unit and checking that the reported results match. Perhaps [EMAIL PROTECTED] does this as well. [EMAIL PROTECTED] doesn't duplicate work, each WU is only assigned once by default. If a WU has not been returned when the Preferred Deadline is reached, then the WU is assigned to another client. Some newer WUs are duplicate work in a sense, they verify the results of the new SMP client core on single CPU/core machines. Each assigned WU is verified at upload, the information used in this verification is stored in the queue.dat (which you can dump with qd). See: http://linuxminded.xs4all.nl/software/qd-tools/documentation/queue.dat-layout/queue-assignment-info-present.html Regards, Bas - -- GnuPG: 0x77A975AD -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGfQybRWRRA3epda0RAnrJAJ9SehxyhwAlOK6uyCsWbuzqmFqPeACfXLjZ wP/yVr89HEKcthIt6nXNiBU= =m7cV -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Le vendredi 22 juin 2007 à 14:20 -0400, Zachary Palmer a écrit : This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. This is probably one of the worst excuses I could find. The software being closed source doesn't prevent *AT ALL* any kind falsification. Relying on such a blatantly wrong security scheme is the best way to discover falsification too late. (In fact, the reason why it works is that nobody really *wants* to falsify the results; at least not enough to take the time it requires to do it.) -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `-our own. Resistance is futile. signature.asc Description: Ceci est une partie de message numériquement signée
[EMAIL PROTECTED] Package
Hello, all. It has been my understanding that the reason that the [EMAIL PROTECTED] distributed computing software has not been made a Debian package is that the license under which it is released does not allow it to be free. This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. Of course, I understand that this means that we can't package up the [EMAIL PROTECTED] binary. But if I put together a Debian package that would use the preinst script to go fetch the software from Stanford in a way similar to how the flashplugin-nonfree package fetches Macrodobe Flash 9, would there be any interest? I'd really enjoy a quick, low-hassle way to fetch and install [EMAIL PROTECTED] on my various computers as a service. I see that there is a KDE applet, kfolding, that will handle [EMAIL PROTECTED], but it is dependent upon the existence of a KDE session (or at least a base KDE installation) and I'd like to install the software on my server as well as avoid messing with it if I somehow crash my GUI session. So, in summary, is there anything I should know before I set out on this task? And will people use it if I bother? Thanks! Zachary Palmer -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
On Fri, Jun 22, 2007 at 02:20:33PM -0400, Zachary Palmer wrote: Hello, all. It has been my understanding that the reason that the [EMAIL PROTECTED] distributed computing software has not been made a Debian package is that the license under which it is released does not allow it to be free. This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. snip Of course, I understand that this means that we can't package up the [EMAIL PROTECTED] binary. Debian focuses its resources on create DFSG-free software. Non-dfsg-free software is also produced by DD's and others. Also, most Debian users like all kinds of software but prefer DFSG software. In cases where DFSG software is not possible, Debian provides a non-free repo and some nice person, also a DD, makes debian-multimedia.org for most of the patent-encumbered files. There are also places where folks package debs for convienence, that are not in Debian, like debian-mentors.net and backports.org. So there are a few places where you can but deb packages for non-dfsg deb files. But if I put together a Debian package that would use the preinst script to go fetch the software from Stanford in a way similar to how the flashplugin-nonfree package fetches Macrodobe Flash 9, would there be any interest? sure. Although, asking on debian-user would get you a better answer. I'd really enjoy a quick, low-hassle way to fetch and install [EMAIL PROTECTED] on my various computers as a service. I see that there is a KDE applet, kfolding, that will handle [EMAIL PROTECTED], but it is dependent upon the existence of a KDE session (or at least a base KDE installation) and I'd like to install the software on my server as well as avoid messing with it if I somehow crash my GUI session. So, in summary, is there anything I should know before I set out on this task? And will people use it if I bother?And I'm I'm sure many folks would like a deb for [EMAIL PROTECTED] wether its a wrapper to get and install it (which may go in main (or contrib?)) or a deb that contains the actual program packaged to meet Debian's policy guidelines in non-free. -- | .''`. == Debian GNU/Linux == | my web site: | | : :' : The Universal |mysite.verizon.net/kevin.mark/| | `. `' Operating System| go to counter.li.org and | | `-http://www.debian.org/ |be counted! #238656 | | my keyserver: subkeys.pgp.net | my NPO: cfsg.org | |join the new debian-community.org to help Debian! | |___ Unless I ask to be CCd, assume I am subscribed ___| -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Package
Alle venerdì 22 giugno 2007, Zachary Palmer ha scritto: Hello, all. It has been my understanding that the reason that the [EMAIL PROTECTED] distributed computing software has not been made a Debian package is that the license under which it is released does not allow it to be free. No, it's that the license does not allow it to be re-distributed: Distribution of this software is prohibited. It may only be obtained by downloading from Stanford's web site (http://folding.stanford.edu and pages linked therein). while often other pieces of software that allow to be distributed (and thereon packaged) do enter the non-free section. This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. Anyway this might likely not be enough for their purpose. :-( Am I wrong, right? BTW, I would encourage them to (co-)maintain an unofficial Debian package with that software inside. And will people use it if I bother? Less than 0.02% seems to have kfolding installed [1]. But I think a lot more people have (and run) the [EMAIL PROTECTED] client, and even more would do if such a package were provided. Thanks! Thank you. [1] source: http://popcon.debian.org/ -- Luca
Re: [EMAIL PROTECTED] Package
Le Fri, Jun 22, 2007 at 02:20:33PM -0400, Zachary Palmer a écrit : Hello, all. It has been my understanding that the reason that the [EMAIL PROTECTED] distributed computing software has not been made a Debian package is that the license under which it is released does not allow it to be free. This software package has pretty much the best reason for being closed source that I've encountered; they want to prevent falsified results from damaging the research. Dear Zachary, as said in another mail, [EMAIL PROTECTED] is definitely non-free. Hovever, if Debian would become an authorized distributor, the licence would be suitable for non-free. You may only use unmodified versions of [EMAIL PROTECTED] obtained through authorized distributors to connect to the [EMAIL PROTECTED] servers. Use of other software to connect to the [EMAIL PROTECTED] servers is strictly prohibited. Distribution of this software is prohibited. It may only be obtained by downloading from Stanford's web site (http://folding.stanford.edu and pages linked therein). I guess that in that case, there would be a link from the Stanford site to packages.debian.org for instance. However, one thing that you should make clear when contacting upstream is that their software would eventually become released together with Debian stable, and therefore not be upgraded (unless the stable relase team would be OK, why not ?) This is also valid in the case of a wrapper: their binary could require some libraries which are too old in stable, hence breaking the wrapper. Do they frequently upgrade ? How long can an old client connect ? In that case, packaging would be commiting yourself to follow the upgrades closely. I do not think that it would help our users if the Debian package would periodically provide a binary which is not allowed to connect. Maybe the Debian-Med packaging team could provide you a safety net by co-maintaining the package and hosting the /debian dir in our SVN repo, so that you can take holidays without coming back with an obsolete package and angry users. However, would the package not be actively followed by a dedicated person, it would be better removed (or not packaged at that point) Lastly, I am not sure that closed-sourceness is the best strategy against cheating. I guess that the expertise area of [EMAIL PROTECTED] is structural biology, wheras the expertise of cheaters is... well... cheating. Have a nice day, -- Charles Plessy Debian-Med packaging team Wako, Saitama, Japan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]