retitle 825820 ITP: goopg -- GPG for Gmail in Chrome and Chromium
owner 825820 !
Thanks

The most recent stable release is now 0.3.1.

The packages make use of the Chromium "native messaging hosts" capability to 
use the locally-installed gpg and gpg-agent to perform signing and 
verification. The key material and passphrase are never held by the browser or 
server.

This source creates three binary packages; goopg-common, goopg-chromium, and 
goopg-chrome. The chrome package is flagged for 'contrib'.

The upstream author prepared the bulk of the debian packaging information, and 
wishes to remain Maintainer. I intend to assist him. 


Regarding a lintian complaint for this package:

The Chrome version of this package installs a config file in a Google-required 
location under /etc/opt/chrome. That matches the convention of the 3rd-party 
Chrome package itself, installed in /opt/google/chrome.

The "dir-or-file-in-etc-opt" lintian test flags this as a 'serious' condition, 
saying "Debian packages should not install into /etc/opt, because it is 
reserved for add-on software". Lintian-overrides is not respected for this flag.

Debian Policy Section 9.1.1 states that packages must follow FHS v2.3. There 
are additional words strictly prohibiting installing files under /usr/local in 
9.1.2. There is no specific detail on /opt in Chapter 9.

The FHS is more precise, saying that "The directories /opt/bin, /opt/doc, 
/opt/include, /opt/info, /opt/lib, and /opt/man are reserved for local system 
administrator use", "No structure is imposed on the internal arrangement of 
/etc/opt/<subdir>" and "Distributions may install software in /opt, but must 
not modify or delete software installed by the local system administrator 
without the assent of the local system administrator".

In short, the Policy does not support the level of concern shown by lintian. 
Also, the package does not violate the Policy.

Attachment: signature.asc
Description: GooPG digital signature

Reply via email to