Roberto C. Sánchez wrote: > On Sun, Oct 07, 2007 at 11:32:23AM +1000, Paul Gear wrote: >> So one thing on my mind lately is to provide a deb/apt repository that >> people could use to supplement their Debian/Ubuntu system and override >> the Debian packages with more recent Shorewall packages. I have a few >> of my own packages that i maintain in a personal repository, and i don't >> think it would be too hard to extend my scripts to build Shorewall from >> release tarballs and SVN. These could then be mirrored onto the main >> web site and provided for public use. >> > I think that this could be dangerous. I'd much rather see the official > Debian package get "fixed". The reason is that Debian users expect > (well, at least most of them do) that packages will strictly adhere to > Debian policy. Now, in some cases, this creates a conflict between the > "Debian" way and what the upstream developers consider to be right. > > Personally, having nearly all of my systems installed with Debian, I am > more concerned with Debian packages being policy compliant and > consistent than I am with some other things.
Let's put aside the issue of whether the init script should do the same thing as the shorewall command. The thing i'm really concerned about is that Debian users don't have access to the latest stable versions of Shorewall in a native packaging format. At the moment, if i want to deploy Shorewall on a customer system, i recommend SUSE (openSUSE or SLES) because it's the platform that works the best with the RPMS. We are not going to "fix" Debian policy about application versions in this respect, because it's not "broken". Debian's policy on which versions to include is working as designed - the problem as i see it is that their release schedule doesn't match Tom's, and this creates support problems for Shorewall. I personally would prefer to be running the latest stable version of Shorewall on most of my systems (and probably the latest svn version on my home gateway), but because i don't want the hassle of maintaining tarball-based installs, i stick with the version in etch (3.2.6). (Sarge uses Shorewall 2.2.3!) That's why i think the best compromise would be to maintain a Debian repository for the project that keeps up to date with Shorewall's stable version, and ensure that this package is fully Debian-compliant, so that people can smoothly integrate the latest Shorewall versions into their Debian systems. (We should start with the packages that Lorenzo has created to ensure maximum compatibility.) -- Paul <http://paul.gear.dyndns.org>
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
