| blob | 4f022407eaf6ce9253577ab8506cf1c2e6555fe3 |
1 <!doctype debiandoc system [
2 <!-- include version information so we don't have to hard code it
3 within the document -->
5 <!-- current Debian changes file format -->
7 ]>
8 <debiandoc>
10 <book>
11 <titlepag>
16 <abstract>
17 This manual describes the policy requirements for the Debian
18 distribution. This includes the structure and
19 contents of the Debian archive and several design issues of
20 the operating system, as well as technical requirements that
21 each package must satisfy to be included in the distribution.
22 </abstract>
24 <copyright>
25 <copyrightsummary>
27 and Christian Schwarz.
28 </copyrightsummary>
29 <p>
30 These are the copyright dates of the original Policy manual.
31 Since then, this manual has been updated by many others. No
32 comprehensive collection of copyright notices for subsequent
33 work exists.
34 </p>
36 <p>
37 This manual is free software; you may redistribute it and/or
38 modify it under the terms of the GNU General Public License
39 as published by the Free Software Foundation; either version
40 2, or (at your option) any later version.
41 </p>
43 <p>
44 This is distributed in the hope that it will be useful, but
46 warranty of merchantability or fitness for a particular
47 purpose. See the GNU General Public License for more
48 details.
49 </p>
51 <p>
52 A copy of the GNU General Public License is available as
54 distribution or on the World Wide Web at
57 obtain it by writing to the Free Software Foundation, Inc.,
59 </p>
60 </copyright>
61 </titlepag>
67 <sect>
69 <p>
70 This manual describes the policy requirements for the Debian
71 distribution. This includes the structure and
72 contents of the Debian archive and several design issues of the
73 operating system, as well as technical requirements that
74 each package must satisfy to be included in the
75 distribution.
76 </p>
78 <p>
79 This manual also describes Debian policy as it relates to
80 creating Debian packages. It is not a tutorial on how to build
81 packages, nor is it exhaustive where it comes to describing
82 the behavior of the packaging system. Instead, this manual
83 attempts to define the interface to the package management
84 system that the developers have to be conversant with.<footnote>
85 Informally, the criteria used for inclusion is that the
86 material meet one of the following requirements:
89 <item>
90 The material presented represents an interface to
91 the packaging system that is mandated for use, and
92 is used by, a significant number of packages, and
93 therefore should not be changed without peer
94 review. Package maintainers can then rely on this
95 interface not changing, and the package management
96 software authors need to ensure compatibility with
97 this interface definition. (Control file and
98 changelog file formats are examples.)
99 </item>
101 <item>
102 If there are a number of technically viable choices
103 that can be made, but one needs to select one of
104 these options for inter-operability. The version
105 number format is one example.
106 </item>
107 </taglist>
108 Please note that these are not mutually exclusive;
109 selected conventions often become parts of standard
110 interfaces.
111 </footnote>
112 </p>
114 <p>
115 The footnotes present in this manual are
116 merely informative, and are not part of Debian policy itself.
117 </p>
119 <p>
120 The appendices to this manual are not necessarily normative,
122 </p>
124 <p>
125 In the normative part of this manual,
129 distinguish the significance of the various guidelines in
130 this policy document. Packages that do not conform to the
132 will generally not be considered acceptable for the Debian
133 distribution. Non-conformance with guidelines denoted by
135 considered a bug, but will not necessarily render a package
136 unsuitable for distribution. Guidelines denoted by
138 adherence is left to the maintainer's discretion.
139 </p>
141 <p>
142 These classifications are roughly equivalent to the bug
148 items).
149 <footnote>
150 Compare RFC 2119. Note, however, that these words are
151 used in a different way in this document.
152 </footnote>
153 </p>
155 <p>
156 Much of the information presented in this manual will be
157 useful even when building a package which is to be
158 distributed in some other way or is intended for local use
159 only.
160 </p>
162 <p>
163 udebs (stripped-down binary packages used by the Debian Installer) do
164 not comply with all of the requirements discussed here. See the
167 information about them.
168 </p>
169 </sect>
171 <sect>
174 <p>
175 This manual is distributed via the Debian package
180 </p>
182 <p>
183 The current version of this document is also available from
184 the Debian web mirrors at
187 (
190 Also available from the same directory are several other
197 </p>
199 <p>
202 changes between versions of this document.
203 </p>
204 </sect>
209 <p>
210 Originally called "Debian GNU/Linux Policy Manual", this
211 manual was initially written in 1996 by Ian Jackson.
214 and reworked/restructured it in April-July 1997.
215 Christoph Lameter contributed the "Web Standard".
216 Julian Gilbey largely restructured it in 2001.
217 </p>
219 <p>
220 Since September 1998, the responsibility for the contents of
223 are discussed there and inserted into policy after a certain
224 consensus is established.
227 The actual editing is done by a group of maintainers that have
228 no editorial powers. These are the current maintainers:
230 <enumlist>
235 </enumlist>
236 </p>
238 <p>
239 While the authors of this document have tried hard to avoid
240 typos and other errors, these do still occur. If you discover
241 an error in this manual or if you want to give any
242 comments, suggestions, or criticisms please send an email to
243 the Debian Policy List,
246 </p>
248 <p>
249 Please do not try to reach the individual authors or maintainers
250 of the Policy Manual regarding changes to the Policy.
251 </p>
252 </sect>
257 <p>
258 There are several other documents other than this Policy Manual
259 that are necessary to fully understand some Debian policies and
260 procedures.
261 </p>
263 <p>
264 The external "sub-policy" documents are referred to in:
272 </list>
273 </p>
275 <p>
276 In addition to those, which carry the weight of policy, there
277 is the Debian Developer's Reference. This document describes
278 procedures and resources for Debian developers, but it is
280 belong in the Policy, such as best practices for developers.
281 </p>
283 <p>
284 The Developer's Reference is available in the
286 It's also available from the Debian web mirrors at
289 </p>
291 <p>
293 machine-readable copyright files</qref> is maintained as part of
295 procedure as the other policy documents. Use of this format is
296 optional.
297 </p>
298 </sect>
303 <p>
304 The following terms are used in this Policy Manual:
305 <taglist>
307 <item>
308 The character encoding specified by ANSI X3.4-1986 and its
309 predecessor standards, referred to in MIME as US-ASCII, and
310 corresponding to an encoding in eight bits per character of
313 </item>
315 <item>
316 The transformation format (sometimes called encoding) of
320 ASCII as a subset, so any text encoded in ASCII is trivially
321 also valid UTF-8.
322 </item>
323 </taglist>
324 </p>
325 </sect>
326 </chapt>
332 <p>
333 The Debian system is maintained and distributed as a
335 them (currently well over 15000), they are split into
337 the handling of them.
338 </p>
340 <p>
341 The effort of the Debian project is to build a free operating
342 system, but not every package we want to make accessible is
344 Guidelines, below), or may be imported/exported without
345 restrictions. Thus, the archive is split into areas<footnote>
346 The Debian archive software uses the term "component" internally
347 and in the Release file format to refer to the division of an
348 archive. The Debian Social Contract simply refers to "areas."
349 This document uses terminology similar to the Social Contract.
350 </footnote> based on their licenses and other restrictions.
351 </p>
353 <p>
354 The aims of this are:
358 <item>to allow us to encourage everyone to write free software,
359 and</item>
360 <item>to allow us to make it easy for people to produce
361 CD-ROMs of our system without violating any licenses,
362 import/export restrictions, or any other laws.</item>
363 </list>
364 </p>
366 <p>
368 </p>
370 <p>
373 distribution, although we support their use and provide
374 infrastructure for them (such as our bug-tracking system and
375 mailing lists). This Debian Policy Manual applies to these
376 packages as well.
377 </p>
381 <p>
382 The Debian Free Software Guidelines (DFSG) form our
383 definition of "free software". These are:
384 <taglist>
386 </tag>
387 <item>
388 The license of a Debian component may not restrict any
389 party from selling or giving away the software as a
390 component of an aggregate software distribution
391 containing programs from several different
392 sources. The license may not require a royalty or
393 other fee for such sale.
394 </item>
396 </tag>
397 <item>
398 The program must include source code, and must allow
399 distribution in source code as well as compiled form.
400 </item>
402 </tag>
403 <item>
404 The license must allow modifications and derived
405 works, and must allow them to be distributed under the
406 same terms as the license of the original software.
407 </item>
409 </tag>
410 <item>
411 The license may restrict source-code from being
413 license allows the distribution of "patch files"
414 with the source code for the purpose of modifying the
415 program at build time. The license must explicitly
416 permit distribution of software built from modified
417 source code. The license may require derived works to
418 carry a different name or version number from the
419 original software. (This is a compromise. The Debian
420 Project encourages all authors to not restrict any
421 files, source or binary, from being modified.)
422 </item>
424 </tag>
425 <item>
426 The license must not discriminate against any person
427 or group of persons.
428 </item>
430 </tag>
431 <item>
432 The license must not restrict anyone from making use
433 of the program in a specific field of endeavor. For
434 example, it may not restrict the program from being
435 used in a business, or from being used for genetic
436 research.
437 </item>
439 </tag>
440 <item>
441 The rights attached to the program must apply to all
442 to whom the program is redistributed without the need
443 for execution of an additional license by those
444 parties.
445 </item>
447 </tag>
448 <item>
449 The rights attached to the program must not depend on
450 the program's being part of a Debian system. If the
451 program is extracted from Debian and used or
452 distributed without Debian but otherwise within the
453 terms of the program's license, all parties to whom
454 the program is redistributed must have the same
455 rights as those that are granted in conjunction with
456 the Debian system.
457 </item>
459 </tag>
460 <item>
461 The license must not place restrictions on other
462 software that is distributed along with the licensed
463 software. For example, the license must not insist
464 that all other programs distributed on the same medium
465 must be free software.
466 </item>
468 </tag>
469 <item>
472 </item>
473 </taglist>
474 </p>
475 </sect>
483 <p>
485 distribution. Only the packages in this area are considered
486 part of the distribution. None of the packages in
488 that area to function. Anyone may use, share, modify and
489 redistribute the packages in this archive area
490 freely<footnote>
493 more about what we mean by free software.
494 </footnote>.
495 </p>
497 <p>
499 (Debian Free Software Guidelines).
500 </p>
502 <p>
505 <item>
506 must not require or recommend a package outside
511 package),
512 </item>
513 <item>
514 must not be so buggy that we refuse to support them,
515 and
516 </item>
517 <item>
518 must meet all policy requirements presented in this
519 manual.
520 </item>
521 </list>
522 </p>
524 </sect1>
529 <p>
531 packages intended to work with the Debian distribution, but
532 which require software outside of the distribution to either
533 build or function.
534 </p>
536 <p>
538 </p>
540 <p>
543 <item>
544 must not be so buggy that we refuse to support them,
545 and
546 </item>
547 <item>
548 must meet all policy requirements presented in this
549 manual.
550 </item>
551 </list>
552 </p>
554 <p>
555 Examples of packages which would be included in
558 <item>
561 in our archive at all for compilation or execution,
562 and
563 </item>
564 <item>
565 wrapper packages or other sorts of free accessories for
566 non-free programs.
567 </item>
568 </list>
569 </p>
570 </sect1>
575 <p>
577 packages intended to work with the Debian distribution that do
578 not comply with the DFSG or have other problems that make
579 their distribution problematic. They may not comply with all
580 of the policy requirements in this manual due to restrictions
581 on modifications or other limitations.
582 </p>
584 <p>
586 not compliant with the DFSG or are encumbered by patents
587 or other legal issues that make their distribution
588 problematic.
589 </p>
591 <p>
594 <item>
595 must not be so buggy that we refuse to support them,
596 and
597 </item>
598 <item>
599 must meet all policy requirements presented in this
600 manual that it is possible for them to meet.
601 <footnote>
602 It is possible that there are policy
603 requirements which the package is unable to
604 meet, for example, if the source is
605 unavailable. These situations will need to be
606 handled on a case-by-case basis.
607 </footnote>
608 </item>
609 </list>
610 </p>
611 </sect1>
613 </sect>
618 <p>
619 Every package must be accompanied by a verbatim copy of its
620 copyright information and distribution license in the file
623 </p>
625 <p>
626 We reserve the right to restrict files from being included
627 anywhere in our archives if
629 <item>
630 their use or distribution would break a law,
631 </item>
632 <item>
633 there is an ethical conflict in their distribution or
634 use,
635 </item>
636 <item>
637 we would have to sign a license for them, or
638 </item>
639 <item>
640 their distribution would conflict with other project
641 policies.
642 </item>
643 </list>
644 </p>
646 <p>
647 Programs whose authors encourage the user to make
648 donations are fine for the main distribution, provided
649 that the authors do not claim that not donating is
650 immoral, unethical, illegal or something similar; in such
652 </p>
654 <p>
655 Packages whose copyright permission notices (or patent
656 problems) do not even allow redistribution of binaries
657 only, and where no special permission has been obtained,
658 must not be placed on the Debian FTP site and its mirrors
659 at all.
660 </p>
662 <p>
663 Note that under international copyright law (this applies
665 modification of a work is allowed without an explicit
666 notice saying so. Therefore a program without a copyright
668 to it without risking being sued! Likewise if a program
669 has a copyright notice but no statement saying what is
670 permitted then nothing is permitted.
671 </p>
673 <p>
674 Many authors are unaware of the problems that restrictive
675 copyrights (or lack of copyright notices) can cause for
676 the users of their supposedly-free software. It is often
677 worthwhile contacting such authors diplomatically to ask
678 them to modify their license terms. However, this can be a
679 politically difficult thing to do and you should ask for
681 explained below.
682 </p>
684 <p>
685 When in doubt about a copyright, send mail to
687 to provide us with the copyright statement. Software
688 covered by the GPL, public domain software and BSD-like
689 copyrights are safe; be wary of the phrases "commercial
691 </p>
692 </sect>
697 <p>
701 </p>
703 <p>
704 The archive area and section for each package should be
707 archive may override this selection to ensure the consistency of
709 of the form:
711 <item>
714 </item>
715 <item>
718 archive areas.
719 </item>
720 </list>
721 </p>
723 <p>
724 The Debian archive maintainers provide the authoritative
725 list of sections. At present, they are:
726 admin,
727 cli-mono,
728 comm,
729 database,
730 debug,
731 devel,
732 doc,
733 editors,
734 education,
735 electronics,
736 embedded,
737 fonts,
738 games,
739 gnome,
740 gnu-r,
741 gnustep,
742 graphics,
743 hamradio,
744 haskell,
745 httpd,
746 interpreters,
747 introspection,
748 java,
749 kde,
750 kernel,
751 libdevel,
752 libs,
753 lisp,
754 localization,
755 mail,
756 math,
757 metapackages,
758 misc,
759 net,
760 news,
761 ocaml,
762 oldlibs,
763 otherosfs,
764 perl,
765 php,
766 python,
767 ruby,
768 science,
769 shells,
770 sound,
771 tasks,
772 tex,
773 text,
774 utils,
775 vcs,
776 video,
777 web,
778 x11,
779 xfce,
780 zope.
782 contains special packages used by the installer and is not used
783 for normal Debian packages.
784 </p>
786 <p>
787 For more information about the sections and their definitions,
790 </p>
791 </sect>
796 <p>
800 This information is used by the Debian package management tools to
801 separate high-priority packages from less-important packages.
802 </p>
804 <p>
806 Debian package management tools.
807 <taglist>
809 <item>
810 Packages which are necessary for the proper
811 functioning of the system (usually, this means that
812 dpkg functionality depends on these packages).
814 system to become totally broken and you may not even
816 so only do so if you know what you are doing. Systems
818 unusable, but they do have enough functionality to
819 allow the sysadmin to boot and install more software.
820 </item>
822 <item>
823 Important programs, including those which one would
824 expect to find on any Unix-like system. If the
825 expectation is that an experienced Unix person who
826 found it missing would say "What on earth is going on,
827 where is <prgn>foo</prgn>?", it must be an
829 This is an important criterion because we are
830 trying to produce, amongst other things, a free
831 Unix.
832 </footnote>
833 Other packages without which the system will not run
834 well or be usable must also have priority
837 or any other large applications. The
839 commonly-expected and necessary tools.
840 </item>
842 <item>
843 These packages provide a reasonably small but not too
844 limited character-mode system. This is what will be
845 installed by default if the user doesn't select anything
846 else. It doesn't include many large applications.
847 </item>
849 <item>
850 (In a sense everything that isn't required is
851 optional, but that's not what is meant here.) This is
852 all the software that you might reasonably want to
853 install if you didn't know what it was and don't have
854 specialized requirements. This is a much larger system
855 and includes the X Window System, a full TeX
856 distribution, and many applications. Note that
857 optional packages should not conflict with each other.
858 </item>
860 <item>
861 This contains all packages that conflict with others
862 with required, important, standard or optional
863 priorities, or are only likely to be useful if you
864 already know what they are or have specialized
865 requirements (such as packages containing only detached
866 debugging symbols).
867 </item>
868 </taglist>
869 </p>
871 <p>
872 Packages must not depend on packages with lower priority
873 values (excluding build-time dependencies). In order to
874 ensure this, the priorities of one or more packages may need
875 to be adjusted.
876 </p>
877 </sect>
879 </chapt>
885 <p>
886 The Debian distribution is based on the Debian
888 all packages in the Debian distribution must be provided
890 </p>
892 <p>
894 to install on the system when the package is installed, and a set
895 of files that provide additional metadata about the package or
896 which are executed when the package is installed or removed. This
898 Among those files are the package maintainer scripts
900 package control file</qref> that contains the control fields for
901 the package. Other control information files include
904 used to store shared library dependency information and
907 </p>
909 <p>
910 There is unfortunately a collision of terminology here between
911 control information files and files in the Debian control file
913 to a file in the Debian control file format. These files are
916 included in the control information file member of
918 control information files are not in the Debian control file
919 format.
920 </p>
922 <sect>
925 <p>
926 Every package must have a name that's unique within the Debian
927 archive.
928 </p>
930 <p>
931 The package name is included in the control field
934 The package name is also included as a part of the file name
936 </p>
937 </sect>
942 <p>
943 Every package has a version number recorded in its
946 </p>
948 <p>
949 The package management system imposes an ordering on version
950 numbers, so that it can tell whether packages are being up- or
951 downgraded and so that package system front end applications
952 can tell whether a package it finds available is newer than
953 the one installed on the system. The version number format
954 has the most significant parts (as far as comparison is
955 concerned) at the beginning.
956 </p>
958 <p>
959 If an upstream package has problematic version numbers they
960 should be converted to a sane form for use in the
962 </p>
964 <sect1>
967 <p>
968 In general, Debian packages should use the same version
969 numbers as the upstream sources. However, upstream version
970 numbers based on some date formats (sometimes used for
971 development or "snapshot" releases) will not be ordered
972 correctly by the package management software. For
974 greater than "96Dec24".
975 </p>
977 <p>
978 To prevent having to use epochs for every new upstream
979 version, the date-based portion of any upstream version number
980 should be given in a way that sorts correctly: four-digit year
981 first, followed by a two-digit numeric month, followed by a
982 two-digit numeric date, possibly with punctuation between the
983 components.
984 </p>
986 <p>
987 Native Debian packages (i.e., packages which have been written
988 especially for Debian) whose version numbers include dates
989 should also follow these rules. If punctuation is desired
991 cannot be used in native package versions. Period
993 </p>
994 </sect1>
996 </sect>
1001 <p>
1002 Every package must have a maintainer, except for orphaned
1003 packages as described below. The maintainer may be one person
1004 or a group of people reachable from a common email address, such
1005 as a mailing list. The maintainer is responsible for
1006 maintaining the Debian packaging files, evaluating and
1007 responding appropriately to reported bugs, uploading new
1008 versions of the package (either directly or through a sponsor),
1009 ensuring that the package is placed in the appropriate archive
1010 area and included in Debian releases as appropriate for the
1011 stability and utility of the package, and requesting removal of
1012 the package from the Debian distribution if it is no longer
1013 useful or maintainable.
1014 </p>
1016 <p>
1018 control field with their correct name and a working email
1020 control field must accept mail from those role accounts in
1021 Debian used to send automated mails regarding the package. This
1022 includes non-spam mail from the bug-tracking system, all mail
1023 from the Debian archive maintenance software, and other role
1024 accounts or automated processes that are commonly agreed on by
1025 the project.<footnote>
1026 A sample implementation of such a whitelist written for the
1027 Mailman mailing list management software is used for mailing
1028 lists hosted by alioth.debian.org.
1029 </footnote>
1030 If one person or team maintains several packages, they should
1031 use the same form of their name and email address in
1033 </p>
1035 <p>
1038 </p>
1040 <p>
1041 If the maintainer of the package is a team of people with a
1043 be present and must contain at least one human with their
1045 syntax of that field.
1046 </p>
1048 <p>
1049 An orphaned package is one with no current maintainer. Orphaned
1052 These packages are considered maintained by the Debian project
1053 as a whole until someone else volunteers to take over
1054 maintenance.<footnote>
1055 The detailed procedure for gracefully orphaning a package can
1056 be found in the Debian Developer's Reference
1058 </footnote>
1059 </p>
1060 </sect>
1065 <p>
1067 field which contains a synopsis and extended description of the
1068 package. Technical information about the format of the
1070 </p>
1072 <p>
1073 The description should describe the package (the program) to a
1074 user (system administrator) who has never met it before so that
1075 they have enough information to decide whether they want to
1076 install it. This description should not just be copied verbatim
1077 from the program's documentation.
1078 </p>
1080 <p>
1081 Put important information first, both in the synopsis and
1082 extended description. Sometimes only the first part of the
1083 synopsis or of the description will be displayed. You can
1084 assume that there will usually be a way to see the whole
1085 extended description.
1086 </p>
1088 <p>
1089 The description should also give information about the
1090 significant dependencies and conflicts between this package
1091 and others, so that the user knows why these dependencies and
1092 conflicts have been declared.
1093 </p>
1095 <p>
1096 Instructions for configuring or using the package should
1097 not be included (that is what installation scripts,
1098 manual pages, info files, etc., are for). Copyright
1099 statements and other administrivia should not be included
1100 either (that is what the copyright file is for).
1101 </p>
1105 <p>
1106 The single line synopsis should be kept brief - certainly
1107 under 80 characters.
1108 </p>
1110 <p>
1111 Do not include the package name in the synopsis line. The
1112 display software knows how to display this already, and you
1113 do not need to state it. Remember that in many situations
1114 the user may only see the synopsis line - make it as
1115 informative as you can.
1116 </p>
1118 </sect1>
1122 <p>
1123 Do not try to continue the single line synopsis into the
1124 extended description. This will not work correctly when
1125 the full description is displayed, and makes no sense
1126 where only the summary (the single line synopsis) is
1127 available.
1128 </p>
1130 <p>
1131 The extended description should describe what the package
1132 does and how it relates to the rest of the system (in terms
1133 of, for example, which subsystem it is which part of).
1134 </p>
1136 <p>
1137 The description field needs to make sense to anyone, even
1138 people who have no idea about any of the things the
1139 package deals with.<footnote>
1140 The blurb that comes with a program in its
1142 rarely suitable for use in a description. It is
1143 usually aimed at people who are already in the
1144 community where the package is used.
1145 </footnote>
1146 </p>
1148 </sect1>
1150 </sect>
1155 <p>
1156 Every package must specify the dependency information
1157 about other packages that are required for the first to
1158 work correctly.
1159 </p>
1161 <p>
1162 For example, a dependency entry must be provided for any
1163 shared libraries required by a dynamically-linked executable
1164 binary in a package.
1165 </p>
1167 <p>
1168 Packages are not required to declare any dependencies they
1170 (see below), and should not do so unless they depend on a
1171 particular version of that package.<footnote>
1172 <p>
1173 Essential is needed in part to avoid unresolvable dependency
1174 loops on upgrade. If packages add unnecessary dependencies
1175 on packages in this set, the chances that there
1177 caused by forcing these Essential packages to be configured
1178 first before they need to be is greatly increased. It also
1179 increases the chances that frontends will be unable to
1181 exists.
1182 </p>
1183 <p>
1184 Also, functionality is rarely ever removed from the
1186 the Essential set when the functionality moved to a
1187 different package. So depending on these packages <em>just
1188 in case</em> they stop being essential does way more harm
1189 than good.
1190 </p>
1191 </footnote>
1192 </p>
1194 <p>
1195 Sometimes, unpacking one package requires that another package
1197 depending package must specify this dependency in
1199 </p>
1201 <p>
1203 package before this has been discussed on the
1205 doing that has been reached.
1206 </p>
1208 <p>
1209 The format of the package interrelationship control fields is
1211 </p>
1212 </sect>
1217 <p>
1218 Sometimes, there are several packages which offer
1219 more-or-less the same functionality. In this case, it's
1221 describes that common functionality. (The virtual
1222 packages only exist logically, not physically; that's why
1225 package. Thus, any other package requiring that function
1226 can simply depend on the virtual package without having to
1227 specify all possible packages individually.
1228 </p>
1230 <p>
1231 All packages should use virtual package names where
1232 appropriate, and arrange to create new ones if necessary.
1233 They should not use virtual package names (except privately,
1234 amongst a cooperating group of packages) unless they have
1235 been agreed upon and appear in the list of virtual package
1237 </p>
1239 <p>
1240 The latest version of the authoritative list of virtual
1242 It is also available from the Debian web mirrors at
1245 </p>
1247 <p>
1248 The procedure for updating the list is described in the preface
1249 to the list.
1250 </p>
1252 </sect>
1254 <sect>
1257 <p>
1259 system that is installed before everything else
1260 on a new system. Only very few packages are allowed to form
1261 part of the base system, in order to keep the required disk
1262 usage very small.
1263 </p>
1265 <p>
1266 The base system consists of all those packages with priority
1269 </p>
1270 </sect>
1272 <sect>
1275 <p>
1276 Essential is defined as the minimal set of functionality that
1277 must be available and usable on the system at all times, even
1278 when packages are in the "Unpacked" state.
1283 </p>
1285 <p>
1286 Since these packages cannot be easily removed (one has to
1289 unless absolutely necessary. A shared library package
1291 prevent its premature removal, and we need to be able to
1292 remove it when it has been superseded.
1293 </p>
1295 <p>
1296 Since dpkg will not prevent upgrading of other packages
1299 their core functionality even when unconfigured. If the
1300 package cannot satisfy this requirement it must not be
1301 tagged as essential, and any packages depending on this
1302 package must instead have explicit dependency fields as
1303 appropriate.
1304 </p>
1306 <p>
1307 Maintainers should take great care in adding any programs,
1309 Packages may assume that functionality provided by
1311 declaring explicit dependencies, which means that removing
1312 functionality from the Essential set is very difficult and is
1313 almost never done. Any capability added to an
1315 support that capability as part of the Essential set in
1316 perpetuity.
1317 </p>
1319 <p>
1322 mailing list and a consensus about doing that has been
1323 reached.
1324 </p>
1325 </sect>
1330 <p>
1331 The package installation scripts should avoid producing
1332 output which is unnecessary for the user to see and
1334 the part of a user installing many packages. This means,
1337 </p>
1339 <p>
1340 Errors which occur during the execution of an installation
1341 script must be checked and the installation must not
1342 continue after an error.
1343 </p>
1345 <p>
1347 maintainer scripts, too.
1348 </p>
1350 <p>
1352 to another package without consulting the maintainer of that
1353 package first. When adding or removing diversions, package
1356 </p>
1358 <p>
1359 All packages which supply an instance of a common command
1360 name (or, in general, filename) should generally use
1363 is not used, then each package must use
1365 removed. (In this case, it may be appropriate to
1366 specify a conflict against earlier versions of something
1367 that previously did not use
1369 the usual rule that versioned conflicts should be
1370 avoided.)
1371 </p>
1375 <p>
1376 Package maintainer scripts may prompt the user if
1377 necessary. Prompting must be done by communicating
1379 conforms to the Debian Configuration Management
1380 Specification, version 2 or higher.
1381 </p>
1383 <p>
1384 Packages which are essential, or which are dependencies of
1385 essential packages, may fall back on another prompting method
1386 if no such interface is available when they are executed.
1387 </p>
1389 <p>
1390 The Debian Configuration Management Specification is included
1393 It is also available from the Debian web mirrors at
1396 </p>
1398 <p>
1399 Packages which use the Debian Configuration Management
1400 Specification may contain the additional control information
1403 additional maintainer script used for package configuration,
1407 unpacked or any of its dependencies or pre-dependencies are
1408 satisfied. Therefore it must work using only the tools
1411 implements the Debian Configuration Management
1412 Specification will also be installed, and any
1413 versioned dependencies on it will be satisfied
1414 before preconfiguration begins.
1415 </footnote>
1416 </p>
1418 <p>
1419 Packages which use the Debian Configuration Management
1420 Specification must allow for translation of their user-visible
1421 messages by using a gettext-based system such as the one
1423 </p>
1425 <p>
1426 Packages should try to minimize the amount of prompting
1427 they need to do, and they should ensure that the user
1428 will only ever be asked each question once. This means
1429 that packages should try to use appropriate shared
1433 prompting for their own list of required pieces of
1434 information.
1435 </p>
1437 <p>
1438 It also means that an upgrade should not ask the same
1439 questions again, unless the user has used
1441 The answers to configuration questions should be stored in an
1443 modify them, and how this has been done should be
1444 documented.
1445 </p>
1447 <p>
1448 If a package has a vitally important piece of
1449 information to pass to the user (such as "don't run me
1450 as I am, you must edit the following configuration files
1451 first or you risk your system emitting badly-formatted
1452 messages"), it should display this in the
1454 prompt the user to hit return to acknowledge the
1455 message. Copyright messages do not count as vitally
1456 important (they belong in
1458 neither do instructions on how to use a program (these
1459 should be in on-line documentation, where all the users
1460 can see them).
1461 </p>
1463 <p>
1464 Any necessary prompting should almost always be confined
1467 should be protected with a conditional so that
1468 unnecessary prompting doesn't happen if a package's
1472 </p>
1473 </sect1>
1475 </sect>
1477 </chapt>
1486 <p>
1487 Source packages should specify the most recent version number
1488 of this policy document with which your package complied
1489 when it was last updated.
1490 </p>
1492 <p>
1493 This information may be used to file bug reports
1494 automatically if your package becomes too much out of date.
1495 </p>
1497 <p>
1499 control field.
1502 </p>
1504 <p>
1505 You should regularly, and especially if your package has
1506 become out of date, check for the newest Policy Manual
1507 available and update your package, if necessary. When your
1508 package complies with the new standards you should update the
1510 release it.<footnote>
1512 information about policy which has changed between
1513 different versions of this document.
1514 </footnote>
1515 </p>
1517 </sect>
1522 <p>
1523 Source packages should specify which binary packages they
1524 require to be installed or not to be installed in order to
1525 build correctly. For example, if building a package
1526 requires a certain compiler, then the compiler should be
1527 specified as a build-time dependency.
1528 </p>
1530 <p>
1531 It is not necessary to explicitly specify build-time
1532 relationships on a minimal set of packages that are always
1533 needed to compile, link and put in a Debian package a
1534 standard "Hello World!" program written in C or C++. The
1536 an informational list can be found in
1539 package).<footnote>
1540 Rationale:
1542 <item>
1543 This allows maintaining the list separately
1544 from the policy documents (the list does not
1545 need the kind of control that the policy
1546 documents do).
1547 </item>
1548 <item>
1549 Having a separate package allows one to install
1550 the build-essential packages on a machine, as
1551 well as allowing other packages such as tasks to
1552 require installation of the build-essential
1553 packages using the depends relation.
1554 </item>
1555 <item>
1556 The separate package allows bug reports against
1557 the list to be categorized separately from
1558 the policy management process in the BTS.
1559 </item>
1560 </list>
1561 </footnote>
1562 </p>
1564 <p>
1565 When specifying the set of build-time dependencies, one
1566 should list only those packages explicitly required by the
1567 build. It is not necessary to list packages which are
1568 required merely because some other package in the list of
1569 build-time dependencies depends on them.<footnote>
1570 The reason for this is that dependencies change, and
1573 others need is their business. For example, if you
1579 will automatically ensure that all of its run-time
1580 dependencies are satisfied.
1581 </footnote>
1582 </p>
1584 <p>
1585 If build-time dependencies are specified, it must be
1586 possible to build the package and produce working binaries
1587 on a system with only essential and build-essential
1588 packages installed and also those required to satisfy the
1589 build-time relationships (including any implied
1590 relationships). In particular, this means that version
1591 clauses should be used rigorously in build-time
1592 relationships so that one cannot produce bad or
1593 inconsistently configured packages when the relationships
1594 are properly satisfied.
1595 </p>
1597 <p>
1599 </p>
1600 </sect>
1602 <sect>
1605 <p>
1606 If changes to the source code are made that are not
1607 specific to the needs of the Debian system, they should be
1608 sent to the upstream authors in whatever form they prefer
1609 so as to be included in the upstream version of the
1610 package.
1611 </p>
1613 <p>
1614 If you need to configure the package differently for
1615 Debian or for Linux, and the upstream source doesn't
1616 provide a way to do so, you should add such configuration
1619 authors, with the default set to the way they originally
1620 had it. You can then easily override the default in your
1622 </p>
1624 <p>
1626 detects the correct architecture specification string
1628 </p>
1629 <p>
1634 details how to achieve that). This ensures that these files can
1635 be updated distribution-wide at build time when introducing
1636 new architectures.
1637 </p>
1639 <p>
1644 reconfigure the package if necessary. You should
1647 else to later reconfigure the package without losing the
1648 changes you made.
1649 </p>
1651 </sect>
1656 <p>
1657 Changes in the Debian version of the package should be
1658 briefly explained in the Debian changelog file
1660 <p>
1661 Mistakes in changelogs are usually best rectified by
1662 making a new changelog entry rather than "rewriting
1663 history" by editing old changelog entries.
1664 </p>
1665 </footnote>
1666 This includes modifications
1667 made in the Debian package compared to the upstream one
1668 as well as other changes and updates to the package.
1669 <footnote>
1670 Although there is nothing stopping an author who is also
1671 the Debian maintainer from using this changelog for all
1672 their changes, it will have to be renamed if the Debian
1673 and upstream maintainers become different people. In such
1674 a case, however, it might be better to maintain the package
1675 as a non-native package.
1676 </footnote>
1677 </p>
1679 <p>
1681 package building tools to discover which version of the package
1682 is being built and find out other release-specific information.
1683 </p>
1685 <p>
1686 That format is a series of entries like this:
1690 <var>
1691 [optional blank line(s), stripped]
1692 </var>
1695 <var>
1696 [blank line(s), included in output of dpkg-parsechangelog]
1697 </var>
1699 <var>
1700 [optional blank line(s), stripped]
1701 </var>
1702 -- <var>maintainer name</var> <<var>email address</var>><var>[two spaces]</var> <var>date</var>
1703 </example>
1704 </p>
1706 <p>
1708 package name and version number.
1709 </p>
1711 <p>
1713 this version should be installed when it is uploaded - it
1716 </p>
1718 <p>
1722 an urgency containing commas; commas are used to separate
1727 </p>
1729 <p>
1730 The change details may in fact be any series of lines
1731 starting with at least two spaces, but conventionally each
1732 change starts with an asterisk and a separating space and
1733 continuation lines are indented so as to bring them in
1734 line with the start of the text above. Blank lines may be
1735 used here to separate groups of changes, if desired.
1736 </p>
1738 <p>
1739 If this upload resolves bugs recorded in the Bug Tracking
1740 System (BTS), they may be automatically closed on the
1741 inclusion of this package into the Debian archive by
1743 in the change details.<footnote>
1744 To be precise, the string should match the following
1745 Perl regular expression:
1746 <example>
1747 /closes:\s*(?:bug)?\#?\s?\d+(?:,\s*(?:bug)?\#?\s?\d+)*/i
1748 </example>
1749 Then all of the bug numbers listed will be closed by the
1752 </footnote>
1755 </p>
1757 <p>
1758 The maintainer name and email address used in the changelog
1759 should be the details of the person who prepared this release of
1761 uploader or usual package maintainer.<footnote>
1762 In the case of a sponsored upload, the uploader signs the
1763 files, but the changelog maintainer name and address are those
1764 of the person who prepared this release. If the preparer of
1765 the release is not one of the usual maintainers of the package
1766 (as listed in
1769 fields of the package), the first line of the changelog is
1770 conventionally used to explain why a non-maintainer is
1771 uploading the package. The Debian Developer's Reference
1773 used.</footnote>
1777 acknowledgement when the upload has been installed.
1778 </p>
1780 <p>
1782 This is the same as the format generated by <tt>date
1783 -R</tt>.
1784 </footnote> (compatible and with the same semantics of
1787 where:
1789 <item>
1790 day-of week is one of: Mon, Tue, Wed, Thu, Fri, Sat, Sun
1791 </item>
1792 <item>
1794 </item>
1795 <item>
1796 month is one of: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug,
1797 Sep, Oct, Nov, Dec
1798 </item>
1803 <item>
1804 +zzzz or -zzzz is the time zone offset from Coordinated
1805 Universal Time (UTC). "+" indicates that the time is ahead
1806 of (i.e., east of) UTC and "-" indicates that the time is
1807 behind (i.e., west of) UTC. The first two digits indicate
1808 the hour difference from UTC and the last two digits
1809 indicate the number of additional minutes difference from
1811 </item>
1812 </list>
1813 </p>
1815 <p>
1816 The first "title" line with the package name must start
1817 at the left hand margin. The "trailer" line with the
1818 maintainer and date details must be preceded by exactly
1819 one space. The maintainer details and the date must be
1820 separated by exactly two spaces.
1821 </p>
1823 <p>
1824 The entire changelog must be encoded in UTF-8.
1825 </p>
1827 <p>
1828 For more information on placement of the changelog files
1830 </p>
1831 </sect>
1835 <p>
1836 Every package must be accompanied by a verbatim copy of its
1837 copyright information and distribution license in the file
1841 to copyrights for packages.
1842 </p>
1843 </sect>
1844 <sect>
1847 <p>
1849 (including your package's upstream makefiles and
1852 properties apply: if you include a miniature script as one
1853 of the commands in your makefile you'll find that if you
1854 don't do anything about it then errors are not detected
1856 problems.
1857 </p>
1859 <p>
1860 Every time you put more than one shell command (this
1861 includes using a loop) in a makefile command you
1862 must make sure that errors are trapped. For
1863 simple compound commands, such as changing directory and
1865 than semicolon as a command separator is sufficient. For
1866 more complex commands including most loops and
1868 command at the start of every makefile command that's
1869 actually one of these miniature shell scripts.
1870 </p>
1871 </sect>
1875 <p>
1876 Maintainers should preserve the modification times of the
1877 upstream source files in a package, as far as is reasonably
1878 possible.<footnote>
1879 The rationale is that there is some information conveyed
1880 by knowing the age of the file, for example, you could
1881 recognize that some documentation is very old by looking
1882 at the modification time, so it would be nice if the
1883 modification time of the upstream source would be
1884 preserved.
1885 </footnote>
1886 </p>
1887 </sect>
1892 <p>
1893 The source package may not contain any hard links<footnote>
1894 <p>
1895 This is not currently detected when building source
1896 packages, but only when extracting
1897 them.
1898 </p>
1899 <p>
1900 Hard links may be permitted at some point in the
1901 future, but would require a fair amount of
1902 work.
1903 </p>
1904 </footnote>, device special files, sockets or setuid or
1905 setgid files.<footnote>
1906 Setgid directories are allowed.
1907 </footnote>
1908 </p>
1909 </sect>
1914 <p>
1915 This file must be an executable makefile, and contains the
1916 package-specific recipes for compiling the package and
1917 building binary package(s) from the source.
1918 </p>
1920 <p>
1922 so that it can be invoked by saying its name rather than
1926 identical behavior.
1927 </p>
1929 <p>
1930 The following targets are required and must be implemented
1935 </p>
1937 <p>
1939 impossible to auto-compile that package and also makes it hard
1940 for other people to reproduce the same binary package, all
1941 required targets must be non-interactive. It also follows that
1942 any target that these targets depend on must also be
1943 non-interactive.
1944 </p>
1945 <p>
1946 For packages in the main archive, no required targets
1947 may attempt network access.
1948 </p>
1950 <p>
1951 The targets are as follows:
1952 <taglist>
1954 <item>
1955 <p>
1957 configuration and compilation of the package.
1958 If a package has an interactive pre-build
1959 configuration routine, the Debian source package
1960 must either be built after this has taken place (so
1961 that the binary package can be built without rerunning
1962 the configuration) or the configuration routine
1963 modified to become non-interactive. (The latter is
1964 preferable if there are architecture-specific features
1965 detected by the configuration routine.)
1966 </p>
1968 <p>
1969 For some packages, notably ones where the same
1970 source tree is compiled in different ways to produce
1972 does not make much sense. For these packages it is
1973 good enough to provide two (or more) targets
1975 for each of the ways of building the package, and a
1978 package in each of the possible ways and make the
1979 binary package out of each.
1980 </p>
1982 <p>
1984 that might require root privilege.
1985 </p>
1987 <p>
1990 </p>
1992 <p>
1993 When a package has a configuration and build routine
1994 which takes a long time, or when the makefiles are
1998 complete. This will ensure that if <tt>debian/rules
1999 build</tt> is run again it will not rebuild the whole
2000 program.<footnote>
2004 target to do the building and to <tt>touch
2005 build-stamp</tt> on completion. This is
2006 especially useful if the build routine creates a
2009 a phony target (i.e., as a dependency of the
2012 targets.
2013 </footnote>
2014 </p>
2015 </item>
2019 </tag>
2020 <item>
2021 <p>
2023 perform all the configuration and compilation required for
2024 producing all architecture-dependent binary packages
2025 (those packages for which the body of the
2028 target must perform all the configuration
2029 and compilation required for producing all
2030 architecture-independent binary packages (those packages
2034 should either depend on those targets or take the same
2035 actions as invoking those targets would perform.<footnote>
2036 This split allows binary-only builds to not install the
2038 target and skip any resource-intensive build tasks that
2039 are only required when building architecture-independent
2040 binary packages.
2041 </footnote>
2042 </p>
2044 <p>
2046 must not do anything that might require root privilege.
2047 </p>
2048 </item>
2052 </tag>
2053 <item>
2054 <p>
2056 necessary for the user to build the binary package(s)
2057 produced from this source package. It is
2059 the binary packages which are specific to a particular
2061 those which are not.
2062 </p>
2063 <p>
2065 no commands which simply depends on
2067 </p>
2068 <p>
2072 that the package is built if it has not been already. It
2073 should then create the relevant binary package(s),
2076 them in the parent of the top level directory.
2077 </p>
2079 <p>
2082 If one of them has nothing to do (which will always be
2083 the case if the source generates only a single binary
2084 package, whether architecture-dependent or not), it
2085 must still exist and must always succeed.
2086 </p>
2088 <p>
2090 root.<footnote>
2092 to build a package correctly even without being
2093 root.
2094 </footnote>
2095 </p>
2096 </item>
2099 <item>
2100 <p>
2103 that it should leave alone any output files created in
2105 target.
2106 </p>
2108 <p>
2111 should be removed as the first action that
2115 already done.
2116 </p>
2118 <p>
2124 example).
2125 </p>
2126 </item>
2129 <item>
2130 <p>
2131 This target fetches the most recent version of the
2132 original source package from a canonical archive site
2133 (via FTP or WWW, for example), does any necessary
2134 rearrangement to turn it into the original source
2135 tar file format described below, and leaves it in the
2136 current directory.
2137 </p>
2139 <p>
2140 This target may be invoked in any directory, and
2141 should take care to clean up any temporary files it
2142 may have left.
2143 </p>
2145 <p>
2146 This target is optional, but providing it if
2147 possible is a good idea.
2148 </p>
2149 </item>
2152 <item>
2153 <p>
2154 This target performs whatever additional actions are
2155 required to make the source ready for editing (unpacking
2156 additional upstream archives, applying patches, etc.).
2157 It is recommended to be implemented for any package where
2159 for additional modification. See
2161 </p>
2162 </item>
2163 </taglist>
2165 <p>
2168 directory being the package's top-level directory.
2169 </p>
2172 <p>
2174 either as published or undocumented interfaces or for the
2175 package's internal use.
2176 </p>
2178 <p>
2179 The architectures we build on and build for are determined
2182 You can determine the Debian architecture and the GNU style
2183 architecture specification string for the build architecture as
2184 well as for the host architecture. The build architecture is
2186 the package build is performed. The host architecture is the
2187 architecture on which the resulting package will be installed
2188 and run. The target architecture is the architecture of the
2189 packages that the compiler currently being built will generate.
2190 These are normally the same, but may be different in
2191 the case of cross-compilation (building packages for one
2192 architecture on machines of a different architecture), building a
2193 cross-compiler (a compiler package that will generate objects for
2194 one architecture, built on a machine of a different architecture)
2195 or a Canadian cross-compiler (a compiler that will generate
2196 objects for one architecture, built on a machine of a different
2197 architecture, that will run on yet a different architecture).
2198 </p>
2200 <p>
2203 <item>
2205 </item>
2206 <item>
2208 </item>
2209 <item>
2211 </item>
2212 <item>
2214 </item>
2215 <item>
2217 </item>
2218 <item>
2220 specification string)
2221 </item>
2222 <item>
2225 </item>
2226 <item>
2229 </list>
2233 target architecture.
2234 </p>
2236 <p>
2237 Backward compatibility can be provided in the rules file
2238 by setting the needed variables to suitable default
2239 values; please refer to the documentation of
2241 </p>
2243 <p>
2245 string only determines which Debian architecture we are
2246 building on or for. It should not be used to get the CPU
2249 GNU style variables should generally only be used with upstream
2250 build systems.
2251 </p>
2257 <p>
2258 Supporting the standardized environment variable
2260 contain several flags to change how a package is compiled and
2263 given, they must be separated by whitespace.<footnote>
2264 Some packages support any delimiter, but whitespace is the
2265 easiest to parse inside a makefile and avoids ambiguity with
2266 flag values that contain commas.
2267 </footnote>
2273 tag should not be given multiple times with conflicting
2274 values. Package maintainers may assume that
2276 </p>
2278 <p>
2279 The meaning of the following tags has been standardized:
2280 <taglist>
2282 <item>
2283 This tag says to not run any build-time test suite
2284 provided by the package.
2285 </item>
2287 <item>
2288 This tag says to skip any build steps that only generate
2289 package documentation. Files required by other sections
2290 of Debian Policy, such as copyright and changelog files,
2291 must still be generated and put in the package, but other
2292 generated documentation such as help2man-generated pages,
2293 Doxygen-generated API documentation, or info pages
2294 generated from Texinfo sources should be skipped if
2295 possible. This option does not change the set of binary
2296 packages generated by the source package, but
2297 documentation-only binary packages may be nearly empty
2298 when built with this option.
2299 </item>
2301 <item>
2302 The presence of this tag means that the package should
2303 be compiled with a minimum of optimization. For C
2306 Some programs might fail to build or run at this level
2307 of optimization; it may be necessary to use
2309 </item>
2311 <item>
2312 This tag means that the debugging symbols should not be
2313 stripped from the binary during installation, so that
2314 debugging information may be included in the package.
2315 </item>
2317 <item>
2318 This tag means that the package should be built using up
2320 system supports this.<footnote>
2324 </footnote>
2325 If the package build system does not support parallel
2326 builds, this string must be ignored. If the package
2327 build system only supports a lower level of concurrency
2329 many parallel processes as the package build system
2330 supports. It is up to the package maintainer to decide
2331 whether the package build times are long enough and the
2332 package build system is robust enough to make supporting
2333 parallel builds worthwhile.
2334 </item>
2335 </taglist>
2336 </p>
2338 <p>
2340 </p>
2342 <p>
2343 The following makefile snippet is an example of how one may
2344 implement the build options; you will probably have to
2345 massage this example in order to make it work for your
2346 package.
2348 CFLAGS = -Wall -g
2349 INSTALL = install
2350 INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644
2351 INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755
2352 INSTALL_SCRIPT = $(INSTALL) -p -o root -g root -m 755
2353 INSTALL_DIR = $(INSTALL) -p -d -o root -g root -m 755
2355 ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))
2356 CFLAGS += -O0
2357 else
2358 CFLAGS += -O2
2359 endif
2360 ifeq (,$(filter nostrip,$(DEB_BUILD_OPTIONS)))
2361 INSTALL_PROGRAM += -s
2362 endif
2363 ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
2364 NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
2365 MAKEFLAGS += -j$(NUMJOBS)
2366 endif
2368 build:
2369 # ...
2370 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
2371 # Code to run the package test suite.
2372 endif
2373 </example>
2374 </p>
2375 </sect1>
2376 </sect>
2381 <p>
2385 substitutions on its output just before writing it. Variable
2388 variable substitutions to be used; variables can also be set
2390 option to the source packaging commands, and certain predefined
2391 variables are also available.
2392 </p>
2394 <p>
2398 </p>
2400 <p>
2402 details about source variable substitutions, including the
2404 </sect>
2409 <p>
2410 This is an optional, recommended configuration file for the
2412 ftp or http sites for newly available updates of the
2413 package. This is used Debian QA
2414 tools to help with quality control and maintenance of the
2415 distribution as a whole.
2416 </p>
2418 </sect>
2423 <p>
2424 This file is not a permanent part of the source tree; it
2425 is used while building packages to record which files are
2428 </p>
2430 <p>
2431 It should not exist in a shipped source package, and so it
2432 (and any backup files or temporary files such as
2438 to avoid leaving a corrupted copy if an error
2439 occurs.
2440 </footnote>) should be removed by the
2442 ensure a fresh start by emptying or removing it at the
2444 </p>
2446 <p>
2450 --build</tt> is run for that binary package. So for most
2451 packages all that needs to be done with this file is to
2453 </p>
2455 <p>
2456 If a package upload includes files besides the source
2457 package and any binary packages whose control files were
2459 placed in the parent of the package's top-level directory
2462 </sect>
2467 <p>
2468 Some software packages include in their distribution convenience
2469 copies of code from other software packages, generally so that
2470 users compiling from source don't have to download multiple
2471 packages. Debian packages should not make use of these
2472 convenience copies unless the included package is explicitly
2473 intended to be used in this way.<footnote>
2474 For example, parts of the GNU build system work like this.
2475 </footnote>
2476 If the included code is already in the Debian archive in the
2477 form of a library, the Debian packaging should ensure that
2478 binary packages reference the libraries already in Debian and
2479 the convenience copy is not used. If the included code is not
2480 already in Debian, it should be packaged separately as a
2481 prerequisite if possible.
2482 <footnote>
2483 Having multiple copies of the same code in Debian is
2484 inefficient, often creates either static linking or shared
2485 library conflicts, and, most importantly, increases the
2486 difficulty of handling security vulnerabilities in the
2487 duplicated code.
2488 </footnote>
2489 </p>
2490 </sect>
2493 <heading>Source package handling:
2496 <p>
2498 doesn't produce the source of the package, ready for editing,
2499 and allow one to make changes and run
2501 without taking any additional steps, creating a
2503 recommended. This file should explain how to do all of the
2504 following:
2505 <enumlist>
2506 <item>Generate the fully patched source, in a form ready for
2507 editing, that would be built to create Debian
2511 <item>Modify the source and save those modifications so that
2512 they will be applied when building the package.</item>
2513 <item>Remove source modifications that are currently being
2514 applied when building the package.</item>
2515 <item>Optionally, document what steps are necessary to
2516 upgrade the Debian source package to a new upstream version,
2517 if applicable.</item>
2518 </enumlist>
2519 This explanation should include specific commands and mention
2520 any additional required Debian packages. It should not assume
2521 familiarity with any specific Debian packaging system or patch
2522 management tools.
2523 </p>
2525 <p>
2526 This explanation may refer to a documentation file installed by
2527 one of the package's build dependencies provided that the
2528 referenced documentation clearly explains these tasks and is not
2529 a general reference manual.
2530 </p>
2532 <p>
2534 information that would be helpful to someone modifying the
2535 source package. Even if the package doesn't fit the above
2536 description, maintainers are encouraged to document in a
2538 particularly complex or unintuitive source layout or build
2539 system (for example, a package that builds the same source
2540 multiple times to generate different binary packages).
2541 </p>
2542 </sect>
2543 </chapt>
2549 <p>
2550 The package management system manipulates data represented in
2553 Control files are used for source packages, binary packages and
2555 of uploaded files<footnote>
2557 format.
2558 </footnote>.
2559 </p>
2564 <p>
2565 A control file consists of one or more paragraphs of
2566 fields<footnote>
2567 The paragraphs are also sometimes referred to as stanzas.
2568 </footnote>.
2569 The paragraphs are separated by empty lines. Parsers may accept
2570 lines consisting solely of spaces and tabs as paragraph
2571 separators, but control files should use empty lines. Some control
2572 files allow only one paragraph; others allow several, in
2573 which case each paragraph usually refers to a different
2574 package. (For example, in source packages, the first
2575 paragraph refers to the source package, and later paragraphs
2576 refer to binary packages generated from the source.) The
2577 ordering of the paragraphs in control files is significant.
2578 </p>
2580 <p>
2581 Each paragraph consists of a series of data fields. Each field
2582 consists of the field name followed by a colon and then the
2583 data/value associated with that field. The field name is
2584 composed of US-ASCII characters excluding control characters,
2585 space, and colon (i.e., characters in the ranges U+0021
2588 names must not begin with the comment character
2591 </p>
2593 <p>
2594 The field ends at the end of the line or at the end of the last
2595 continuation line (see below). Horizontal whitespace (spaces
2596 and tabs) may occur immediately before or after the value and is
2597 ignored there; it is conventional to put a single space after
2598 the colon. For example, a field might be:
2600 Package: libc6
2601 </example>
2604 </p>
2605 <p> Empty field values are only permitted in source package control files
2607 </p>
2608 <p>
2609 A paragraph must not contain more than one instance of a
2610 particular field name.
2611 </p>
2613 <p>
2614 There are three types of fields:
2615 <taglist>
2617 <item>
2618 The field, including its value, must be a single line. Folding
2619 of the field is not permitted. This is the default field type
2620 if the definition of the field does not specify a different
2621 type.
2622 </item>
2624 <item>
2625 The value of a folded field is a logical line that may span
2626 several lines. The lines after the first are called
2627 continuation lines and must start with a space or a tab.
2628 Whitespace, including any newlines, is not significant in the
2629 field values of folded fields.<footnote>
2630 This folding method is similar to RFC 5322, allowing control
2631 files that contain only one paragraph and no multiline fields
2632 to be read by parsers written for RFC 5322.
2633 </footnote>
2634 </item>
2636 <item>
2637 The value of a multiline field may comprise multiple continuation
2638 lines. The first line of the value, the part on the same line as
2639 the field name, often has special significance or may have to be
2640 empty. Other lines are added following the same syntax as the
2641 continuation lines of the folded fields. Whitespace, including newlines,
2642 is significant in the values of multiline fields.
2643 </item>
2644 </taglist>
2645 </p>
2647 <p>
2648 Whitespace must not appear
2649 inside names (of packages, architectures, files or anything
2650 else) or version numbers, or between the characters of
2651 multi-character version relationships.
2652 </p>
2654 <p>
2655 The presence and purpose of a field, and the syntax of its
2656 value may differ between types of control files.
2657 </p>
2659 <p>
2660 Field names are not case-sensitive, but it is usual to
2661 capitalize the field names using mixed case as shown below.
2662 Field values are case-sensitive unless the description of the
2663 field says otherwise.
2664 </p>
2666 <p>
2667 Paragraph separators (empty lines), and lines consisting only of
2669 or between fields. Empty lines in field values are usually
2670 escaped by representing them by a U+0020 SPACE followed by a
2672 </p>
2674 <p>
2676 whitespace, are comment lines that are only permitted in source
2678 comment lines are ignored, even between two continuation
2679 lines. They do not end logical lines.
2680 </p>
2682 <p>
2683 All control files must be encoded in UTF-8.
2684 </p>
2685 </sect>
2690 <p>
2692 (and version-independent) information about the source package
2693 and about the binary packages it creates.
2694 </p>
2696 <p>
2697 The first paragraph of the control file contains information
2698 about the source package in general. The subsequent paragraphs
2699 each describe a binary package that the source tree builds.
2700 Each binary package built from this source package has a
2701 corresponding paragraph, except for any automatically-generated
2702 debug packages that do not require one.
2703 </p>
2705 <p>
2706 The fields in the general paragraph (the first one, for the source
2707 package) are:
2719 </list>
2720 </p>
2722 <p>
2723 The fields in the binary package paragraphs are:
2736 </list>
2737 </p>
2739 <p>
2740 The syntax and semantics of the fields are described below.
2741 </p>
2743 <p>
2745 generate control files for binary packages (see below), by
2751 but not in any other control
2752 file. These tools are responsible for removing the line
2753 breaks from such fields when using fields from
2755 They are also responsible for discarding empty fields.
2756 </p>
2758 <p>
2759 The fields here may contain variable references - their
2762 when they generate output control files.
2764 </p>
2765 </sect>
2770 <p>
2772 (and version-dependent) information about a binary package. It
2773 consists of a single paragraph.
2774 </p>
2776 <p>
2777 The fields in this file are:
2793 </list>
2794 </p>
2795 </sect>
2800 <p>
2801 This file consists of a single paragraph, possibly surrounded by
2802 a PGP signature. The fields of that paragraph are listed below.
2822 </list>
2823 </p>
2825 <p>
2826 The Debian source control file is generated by
2828 archive, from other files in the source package,
2829 described above. When unpacking, it is checked against
2830 the files and directories in the other parts of the
2831 source package.
2832 </p>
2834 </sect>
2839 <p>
2841 maintenance software to process updates to packages. They
2842 consist of a single paragraph, possibly surrounded by a PGP
2843 signature. That paragraph contains information from the
2847 </p>
2849 <p>
2851 incremented whenever the documented fields or their meaning
2852 change. This document describes format &changesversion;.
2853 </p>
2855 <p>
2856 The fields in this file are:
2875 </list>
2876 </p>
2877 </sect>
2885 <p>
2886 This field identifies the source package name.
2887 </p>
2889 <p>
2891 this field must contain only the name of the source package.
2892 </p>
2894 <p>
2896 file, the source package name may be followed by a version
2897 number in parentheses<footnote>
2898 It is customary to leave a space after the package name
2899 if a version number is specified.
2900 </footnote>.
2901 This version number may be omitted (and is, by
2904 question. The field itself may be omitted from a binary
2905 package control file when the source package has the same
2906 name and version as the binary package.
2907 </p>
2909 <p>
2910 Package names (both source and binary,
2915 must start with an alphanumeric character.
2916 </p>
2917 </sect1>
2922 <p>
2923 The package maintainer's name and email address. The name
2924 must come first, then the email address inside angle
2926 </p>
2928 <p>
2929 If the maintainer's name contains a full stop then the
2930 whole field will not work directly as an email address due
2931 to a misfeature in the syntax specified in RFC822; a
2932 program using this field as an address must check for this
2933 and correct the problem if necessary (for example by
2934 putting the name in round brackets and moving it to the
2935 end, and bringing the email address forward).
2936 </p>
2938 <p>
2940 information about package maintainers.
2941 </p>
2942 </sect1>
2947 <p>
2948 List of the names and email addresses of co-maintainers of the
2949 package, if any. If the package has other maintainers besides
2951 field</qref>, their names and email addresses should be listed
2952 here. The format of each entry is the same as that of the
2953 Maintainer field, and multiple entries must be comma
2954 separated.
2955 </p>
2957 <p>
2958 This is normally an optional field, but if
2961 be present and must contain at least one human with their
2962 personal email address.
2963 </p>
2965 <p>
2967 </p>
2968 </sect1>
2973 <p>
2974 The name and email address of the person who prepared this
2975 version of the package, usually a maintainer. The syntax is
2977 field</qref>.
2978 </p>
2979 </sect1>
2984 <p>
2985 This field specifies an application area into which the package
2987 </p>
2989 <p>
2991 it gives the value for the subfield of the same name in
2993 It also gives the default for the same field in the binary
2994 packages.
2995 </p>
2996 </sect1>
3001 <p>
3002 This field represents how important it is that the user
3004 </p>
3006 <p>
3008 it gives the value for the subfield of the same name in
3010 It also gives the default for the same field in the binary
3011 packages.
3012 </p>
3013 </sect1>
3018 <p>
3019 The name of the binary package.
3020 </p>
3022 <p>
3023 Binary package names must follow the same syntax and
3025 for the details.
3026 </p>
3027 </sect1>
3032 <p>
3033 Depending on context and the control file used, the
3035 values:
3036 <list>
3037 <item>
3038 A unique single word identifying a Debian machine
3040 </item>
3041 <item>
3042 An architecture wildcard identifying a set of Debian
3045 and is the most frequently used.
3046 </item>
3047 <item>
3049 architecture-independent package.
3050 </item>
3051 <item>
3053 </item>
3054 </list>
3055 </p>
3057 <p>
3059 package, this field may contain the special
3064 contents of the field. Most packages will use
3066 </p>
3068 <p>
3069 Specifying a specific list of architectures indicates that the
3070 source will build an architecture-dependent package only on
3071 architectures included in the list. Specifying a list of
3072 architecture wildcards indicates that the source will build an
3073 architecture-dependent package on only those architectures
3074 that match any of the specified architecture wildcards.
3075 Specifying a list of architectures or architecture wildcards
3077 program is not portable or is not useful on some
3078 architectures. Where possible, the program should be made
3079 portable instead.
3080 </p>
3082 <p>
3084 field contains a list of architectures and architecture
3085 wildcards separated by spaces. When the list contains the
3088 </p>
3090 <p>
3091 The list may include (or consist solely of) the special
3094 occur in combination with specific architectures.
3099 </p>
3101 <p>
3103 isn't dependent on any particular architecture and should
3104 compile fine on any one. The produced binary package(s)
3105 will be specific to whatever the current build architecture is.
3106 </p>
3108 <p>
3110 will only build architecture-independent packages.
3111 </p>
3113 <p>
3115 isn't dependent on any particular architecture. The set of
3116 produced binary packages will include at least one
3117 architecture-dependent package and one architecture-independent
3118 package.
3119 </p>
3121 <p>
3122 Specifying a list of architectures or architecture wildcards
3123 indicates that the source will build an architecture-dependent
3124 package, and will only work correctly on the listed or
3125 matching architectures. If the source package also builds at
3127 also be included in the list.
3128 </p>
3130 <p>
3132 field lists the architecture(s) of the package(s) currently
3133 being uploaded. This will be a list; if the source for the
3134 package is also being uploaded, the special
3136 present if any architecture-independent packages are being
3140 </p>
3142 <p>
3144 the architecture for the build process.
3145 </p>
3146 </sect1>
3151 <p>
3152 This is a boolean field which may occur only in the
3153 control file of a binary package or in a per-package fields
3154 paragraph of a source package control file.
3155 </p>
3157 <p>
3159 will refuse to remove the package (upgrading and replacing
3161 which is the same as not having the field at all.
3162 </p>
3163 </sect1>
3165 <sect1>
3166 <heading>Package interrelationship fields:
3171 </heading>
3173 <p>
3174 These fields describe the package's relationships with
3175 other packages. Their syntax and semantics are described
3177 </sect1>
3182 <p>
3183 The most recent version of the standards (the policy
3184 manual and associated texts) with which the package
3185 complies.
3186 </p>
3188 <p>
3189 The version number has four components: major and minor
3190 version number and major and minor patch level. When the
3191 standards change in a way that requires every package to
3192 change the major number will be changed. Significant
3193 changes that will require work in many packages will be
3194 signaled by a change to the minor number. The major patch
3195 level will be changed for any change to the meaning of the
3196 standards, however small; the minor patch level will be
3197 changed when only cosmetic, typographical or other edits
3198 are made which neither change the meaning of the document
3199 nor affect the contents of packages.
3200 </p>
3202 <p>
3203 Thus only the first three components of the policy version
3205 field, and so either these three components or all four
3206 components may be specified.<footnote>
3207 In the past, people specified the full version number
3208 in the Standards-Version field, for example "2.3.0.0".
3209 Since minor patch-level changes don't introduce new
3210 policy, it was thought it would be better to relax
3211 policy and only require the first 3 components to be
3212 specified, in this example "2.3.0". All four
3213 components may still be used if someone wishes to do so.
3214 </footnote>
3215 </p>
3217 </sect1>
3222 <p>
3223 The version number of a package. The format is:
3225 </p>
3227 <p>
3228 The three components here are:
3229 <taglist>
3231 <item>
3232 <p>
3233 This is a single (generally small) unsigned integer. It
3234 may be omitted, in which case zero is assumed. If it is
3236 contain any colons.
3237 </p>
3239 <p>
3240 It is provided to allow mistakes in the version numbers
3241 of older versions of a package, and also a package's
3242 previous version numbering schemes, to be left behind.
3243 </p>
3244 </item>
3247 <item>
3248 <p>
3249 This is the main part of the version number. It is
3250 usually the version number of the original ("upstream")
3252 if this is applicable. Usually this will be in the same
3253 format as that specified by the upstream author(s);
3254 however, it may need to be reformatted to fit into the
3255 package management system's format and comparison
3256 scheme.
3257 </p>
3259 <p>
3260 The comparison behavior of the package management system
3263 portion of the version number is mandatory.
3264 </p>
3266 <p>
3268 alphanumerics<footnote>
3270 </footnote>
3273 tilde) and should start with a digit. If there is no
3275 </p>
3276 </item>
3279 <item>
3280 <p>
3281 This part of the version number specifies the version of
3282 the Debian package based on the upstream version. It
3283 may contain only alphanumerics and the characters
3285 tilde) and is compared in the same way as the
3287 </p>
3289 <p>
3290 It is optional; if it isn't present then the
3292 This format represents the case where a piece of
3293 software was written specifically to be a Debian
3294 package, where the Debian package source must always
3295 be identical to the pristine source and therefore no
3296 revision indication is required.
3297 </p>
3299 <p>
3300 It is conventional to restart the
3303 </p>
3305 <p>
3306 The package management system will break the version
3307 number apart at the last hyphen in the string (if there
3312 </p>
3313 </item>
3314 </taglist>
3315 </p>
3317 <p>
3324 parts are compared by the package management system using the
3325 following algorithm:
3326 </p>
3328 <p>
3329 The strings are compared from left to right.
3330 </p>
3332 <p>
3333 First the initial part of each string consisting entirely of
3334 non-digit characters is determined. These two parts (one of
3335 which may be empty) are compared lexically. If a difference
3336 is found it is returned. The lexical comparison is a
3337 comparison of ASCII values modified so that all the letters
3338 sort earlier than all the non-letters and so that a tilde
3339 sorts before anything, even the end of a part. For example,
3340 the following parts are in sorted order from earliest to
3346 </footnote>
3347 </p>
3349 <p>
3350 Then the initial part of the remainder of each string which
3351 consists entirely of digit characters is determined. The
3352 numerical values of these two parts are compared, and any
3353 difference found is returned as the result of the comparison.
3354 For these purposes an empty string (which can only occur at
3355 the end of one or both version strings being compared) counts
3356 as zero.
3357 </p>
3359 <p>
3360 These two steps (comparing and removing initial non-digit
3361 strings and initial digit strings) are repeated until a
3362 difference is found or both strings are exhausted.
3363 </p>
3365 <p>
3366 Note that the purpose of epochs is to allow us to leave behind
3367 mistakes in version numbering, and to cope with situations
3368 where the version numbering scheme changes. It is
3370 strings of letters which the package management system cannot
3372 silly orderings.<footnote>
3373 The author of this manual has heard of a package whose
3376 forth.
3377 </footnote>
3378 </p>
3379 </sect1>
3384 <p>
3386 field contains a description of the binary package, consisting
3387 of two parts, the synopsis or the short description, and the
3388 long description. It is a multiline field with the following
3389 format:
3390 </p>
3392 <p>
3393 <example>
3396 </example>
3397 </p>
3399 <p>
3400 The lines in the extended description can have these formats:
3401 </p>
3403 <p><list>
3405 <item>
3406 Those starting with a single space are part of a paragraph.
3407 Successive lines of this form will be word-wrapped when
3408 displayed. The leading space will usually be stripped off.
3409 The line must contain at least one non-whitespace character.
3410 </item>
3412 <item>
3413 Those starting with two or more spaces. These will be
3414 displayed verbatim. If the display cannot be panned
3415 horizontally, the displaying program will line wrap them "hard"
3416 (i.e., without taking account of word breaks). If it can they
3417 will be allowed to trail off to the right. None, one or two
3418 initial spaces may be deleted, but the number of spaces
3419 deleted from each line will be the same (so that you can have
3420 indenting work correctly, for example). The line must
3421 contain at least one non-whitespace character.
3422 </item>
3424 <item>
3425 Those containing a single space followed by a single full stop
3426 character. These are rendered as blank lines. This is the
3428 Completely empty lines will not be rendered as blank lines.
3429 Instead, they will cause the parser to think you're starting
3430 a whole new record in the control file, and will therefore
3431 likely abort with an error.
3432 </footnote>.
3433 </item>
3435 <item>
3436 Those containing a space, a full stop and some more characters.
3437 These are for future expansion. Do not use them.
3438 </item>
3440 </list></p>
3442 <p>
3443 Do not use tab characters. Their effect is not predictable.
3444 </p>
3446 <p>
3448 </p>
3450 <p>
3452 field contains a summary of the descriptions for the packages
3453 being uploaded. For this case, the first line of the field
3455 always empty. It is a multiline field, with one
3456 line per package. Each line is
3457 indented by one space and contains the name of a binary
3459 short description line from that package.
3460 </p>
3461 </sect1>
3466 <p>
3468 this contains the (space-separated) name(s) of the
3469 distribution(s) where this version of the package should
3470 be installed. Valid distributions are determined by the
3471 archive maintainers.<footnote>
3472 Example distribution names in the Debian archive used in
3476 <item>
3477 This distribution value refers to the
3479 tree. Most new packages, new upstream versions of
3481 directory tree.
3482 </item>
3485 <item>
3486 The packages with this distribution value are deemed
3487 by their maintainers to be high risk. Oftentimes they
3488 represent early beta or developmental packages from
3489 various sources that the maintainers want people to
3490 try, but are not ready to be a part of the other parts
3491 of the Debian distribution tree.
3492 </item>
3493 </taglist>
3495 <p>
3496 Others are used for updating stable releases or for
3497 security uploads. More information is available in the
3498 Debian Developer's Reference, section "The Debian
3499 archive".
3500 </p>
3501 </footnote>
3502 The Debian archive software only supports listing a single
3503 distribution. Migration of packages to other distributions is
3504 handled outside of the upload process.
3505 </p>
3506 </sect1>
3511 <p>
3512 This field includes the date the package was built or last
3515 </p>
3517 <p>
3518 The value of this field is usually extracted from the
3521 </p>
3522 </sect1>
3527 <p>
3529 files, this field declares the format version of that file.
3530 The syntax of the field value is the same as that of
3532 that no epoch or Debian revision is allowed. The format
3534 </p>
3536 <p>
3538 Debian source control</qref> files, this field declares the
3539 format of the source package. The field value is used by
3540 programs acting on a source package to interpret the list of
3541 files in the source package and determine how to unpack it.
3542 The syntax of the field value is a numeric major revision, a
3543 period, a numeric minor revision, and then an optional subtype
3544 after whitespace, which if specified is an alphanumeric word
3545 in parentheses. The subtype is optional in the syntax but may
3546 be mandatory for particular source format revisions.
3547 <footnote>
3548 The source formats currently supported by the Debian archive
3551 </footnote>
3552 </p>
3553 </sect1>
3558 <p>
3559 This is a description of how important it is to upgrade to
3560 this version from previous ones. It consists of a single
3564 Other urgency values are supported with configuration
3565 changes in the archive software but are not used in Debian.
3566 The urgency affects how quickly a package will be considered
3568 gives an indication of the importance of any fixes included
3570 treated as synonymous.
3571 </footnote> (not case-sensitive) followed by an optional
3572 commentary (separated by a space) which is usually in
3573 parentheses. For example:
3575 <example>
3576 Urgency: low (HIGH for users of diversions)
3577 </example>
3579 </p>
3581 <p>
3582 The value of this field is usually extracted from the
3585 </p>
3586 </sect1>
3591 <p>
3592 This multiline field contains the human-readable changes data, describing
3593 the differences between the last version and the current one.
3594 </p>
3596 <p>
3597 The first line of the field value (the part on the same line
3599 field is expressed as continuation lines, with each line
3600 indented by at least one space. Blank lines must be
3601 represented by a line consisting only of a space and a full
3603 </p>
3605 <p>
3606 The value of this field is usually extracted from the
3609 </p>
3611 <p>
3612 Each version's change information should be preceded by a
3613 "title" line giving at least the version, distribution(s)
3614 and urgency, in a human-readable way.
3615 </p>
3617 <p>
3618 If data from several versions is being returned the entry
3619 for the most recent version should be returned first, and
3620 entries should be separated by the representation of a
3621 blank line (the "title" line may also be followed by the
3622 representation of a blank line).
3623 </p>
3624 </sect1>
3629 <p>
3630 This folded field is a list of binary packages. Its syntax and
3631 meaning varies depending on the control file in which it
3632 appears.
3633 </p>
3635 <p>
3637 packages which a source package can produce, separated by
3638 commas<footnote>
3639 A space after each comma is conventional.
3640 </footnote>. The source package
3641 does not necessarily produce all of these binary packages for
3642 every architecture. The source control file doesn't contain
3643 details of which architectures are appropriate for which of
3644 the binary packages.
3645 </p>
3647 <p>
3649 names of the binary packages being uploaded, separated by
3650 whitespace (not commas).
3651 </p>
3652 </sect1>
3657 <p>
3658 This field appears in the control files of binary packages,
3660 of the total amount of disk space required to install the
3661 named package. Actual installed size may vary based on block
3662 size, file system properties, or actions taken by package
3663 maintainer scripts.
3664 </p>
3666 <p>
3667 The disk space is given as the integer value of the estimated
3668 installed size in bytes, divided by 1024 and rounded up.
3669 </p>
3670 </sect1>
3675 <p>
3676 This field contains a list of files with information about
3677 each one. The exact information and syntax varies with
3678 the context.
3679 </p>
3681 <p>
3682 In all cases, Files is a multiline field. The first line of
3684 is always empty. The content of the field is expressed as
3685 continuation lines, one line per file. Each line must be
3686 indented by one space and contain a number of sub-fields,
3687 separated by spaces, as described below.
3688 </p>
3690 <p>
3692 checksum, size and filename of the tar file and (if
3693 applicable) diff file which make up the remainder of the
3694 source package<footnote>
3696 </footnote>. For example:
3697 <example>
3698 Files:
3699 c6f698f19f2a2aa07dbb9bbda90a2754 571925 example_1.2.orig.tar.gz
3701 </example>
3702 The exact forms of the filenames are described
3704 </p>
3706 <p>
3708 file being uploaded. Each line contains the MD5 checksum,
3709 size, section and priority and the filename. For example:
3710 <example>
3711 Files:
3713 c6f698f19f2a2aa07dbb9bbda90a2754 571925 text extra example_1.2.orig.tar.gz
3716 </example>
3719 the corresponding fields in the main source control file. If
3721 used, though section and priority values must be specified for
3722 new packages to be installed properly.
3723 </p>
3725 <p>
3728 is not an ordinary package file and must be installed by
3729 hand by the distribution maintainers. If the section is
3731 </p>
3733 <p>
3734 If a new Debian revision of a package is being shipped and
3735 no new original source archive is being distributed the
3737 entry for the original source archive
3740 this case the original source archive on the distribution
3741 site must match exactly, byte-for-byte, the original
3742 source archive which was used to generate the
3744 </sect1>
3749 <p>
3750 A space-separated list of bug report numbers that the upload
3751 governed by the .changes file closes.
3752 </p>
3753 </sect1>
3758 <p>
3759 The URL of the web site for this package, preferably (when
3760 applicable) the site from which the original source can be
3761 obtained and any additional upstream documentation or
3762 information may be found. The content of this field is a
3763 simple URL without any surrounding characters such as
3765 </p>
3766 </sect1>
3772 <p>
3773 These multiline fields contain a list of files with a checksum and size
3776 only in the checksum algorithm used: SHA-1
3779 </p>
3781 <p>
3783 multiline fields. The first line of the field value (the part
3786 of the field is expressed as continuation lines, one line per
3787 file. Each line consists of the checksum, a space, the file
3788 size, a space, and the file name. For example (from
3790 <example>
3791 Checksums-Sha1:
3793 a0ed1456fad61116f868b1855530dbe948e20f06 171602 example_1.0.orig.tar.gz
3796 Checksums-Sha256:
3798 0d123be7f51e61c4bf15e5c492b484054be7e90f3081608a5517007bfb1fd128 171602 example_1.0.orig.tar.gz
3799 f54ae966a5f580571ae7d9ef5e1df0bd42d63e27cb505b27957351a495bc6288 6137 example_1.0-1.debian.tar.gz
3801 </example>
3802 </p>
3804 <p>
3806 files that make up the source package. In
3808 files being uploaded. The list of files in these fields
3810 </p>
3811 </sect1>
3813 <sect1>
3816 <p>
3818 </p>
3819 </sect1>
3824 <p>
3825 Debian source packages are increasingly developed using VCSs. The
3826 purpose of the following fields is to indicate a publicly accessible
3827 repository where the Debian source package is developed.
3829 <taglist>
3831 <item>
3832 <p>
3833 URL of a web interface for browsing the repository.
3834 </p>
3835 </item>
3837 <tag>
3841 (Subversion)
3842 </tag>
3843 <item>
3844 <p>
3845 The field name identifies the VCS. The field's value uses the
3846 version control system's conventional syntax for describing
3847 repository locations and should be sufficient to locate the
3848 repository used for packaging. Ideally, it also locates the
3849 branch used for development of new versions of the Debian
3850 package.
3851 </p>
3852 <p>
3853 In the case of Git, the value consists of a URL, optionally
3855 the indicated repository, following the syntax of the
3857 packaging should be on the default branch.
3858 </p>
3859 <p>
3860 More than one different VCS may be specified for the same
3861 package.
3862 </p>
3863 </item>
3864 </taglist>
3865 </p>
3866 </sect1>
3871 <p>
3872 Multiline field listing all the packages that can be built from
3873 the source package, considering every architecture. The first line
3874 of the field value is empty. Each one of the next lines describes
3875 one binary package, by listing its name, type, section and priority
3876 separated by spaces. Fifth and subsequent space-separated items
3877 may be present and parsers must allow them. See the
3879 package types.
3880 </p>
3881 </sect1>
3886 <p>
3887 Simple field containing a word indicating the type of package:
3889 packages. Other types not defined here may be indicated. In
3892 this value is assumed for paragraphs lacking this field.
3893 </p>
3894 </sect1>
3899 <p>
3900 Folded field containing a single git commit hash, presented in
3901 full, followed optionally by whitespace and other data to be
3902 defined in future extensions.
3903 </p>
3905 <p>
3906 Declares that the source package corresponds exactly to a
3907 referenced commit in a Git repository available at the canonical
3909 bidirectional gateway between the Debian archive and Git. The
3910 commit is reachable from at least one reference whose name matches
3912 further details.
3913 </p>
3914 </sect1>
3915 </sect>
3917 <sect>
3920 <p>
3921 Additional user-defined fields may be added to the
3922 source package control file. Such fields will be
3923 ignored, and not copied to (for example) binary or
3924 Debian source control files or upload control files.
3925 </p>
3927 <p>
3928 If you wish to add additional unsupported fields to
3929 these output files you should use the mechanism
3930 described here.
3931 </p>
3933 <p>
3934 Fields in the main source control information file with
3937 be copied to the output files. Only the part of the
3938 field name after the hyphen will be used in the output
3940 will appear in binary package control files, where the
3944 </p>
3946 <p>
3947 For example, if the main source information control file
3948 contains the field
3949 <example>
3950 XBS-Comment: I stand between the candle and the star.
3951 </example>
3952 then the binary and Debian source control files will contain the
3953 field
3954 <example>
3955 Comment: I stand between the candle and the star.
3956 </example>
3957 </p>
3959 </sect>
3964 <p>
3965 The following fields have been obsoleted and may be found in packages
3966 conforming with previous versions of the Policy.
3967 </p>
3972 <p>
3973 Indicates that Debian Maintainers may upload this package to
3975 field was used to regulate uploads by Debian Maintainers, See the
3978 </p>
3979 </sect1>
3981 </sect>
3983 </chapt>
3989 <sect>
3992 <p>
3993 It is possible to supply scripts as part of a package which
3994 the package management system will run for you when your
3995 package is installed, upgraded or removed.
3996 </p>
3998 <p>
3999 These scripts are the control information
4002 if they are scripts (which is recommended), they must start with
4004 executable by anyone, and must not be world-writable.
4005 </p>
4007 <p>
4008 The package management system looks at the exit status from
4009 these scripts. It is important that they exit with a
4010 non-zero status if there is an error, so that the package
4011 management system can stop its processing. For shell
4014 scripts, in fact). It is also important, of course, that
4015 they exit with a zero status if everything went well.
4016 </p>
4018 <p>
4019 Additionally, packages interacting with users
4023 </p>
4025 <p>
4026 When a package is upgraded a combination of the scripts from
4027 the old and new packages is called during the upgrade
4028 procedure. If your scripts are going to be at all
4029 complicated you need to be aware of this, and may need to
4030 check the arguments to your scripts.
4031 </p>
4033 <p>
4035 (a particular version of) a package is unpacked, and the
4037 before (a version of) a package is removed and the
4039 </p>
4041 <p>
4042 Programs called from maintainer scripts should not normally
4043 have a path prepended to them. Before installation is
4044 started, the package management system checks to see if the
4048 other program that one would expect to be in the
4050 pathname. Maintainer scripts should also not reset the
4052 prepending or appending package-specific directories. These
4053 considerations really apply to all shell scripts.</p>
4054 </sect>
4059 <p>
4060 It is necessary for the error recovery procedures that the
4061 scripts be idempotent. This means that if it is run
4062 successfully, and then it is called again, it doesn't bomb
4063 out or cause any harm, but just ensures that everything is
4064 the way it ought to be. If the first call failed, or
4065 aborted half way through for some reason, the second call
4066 should merely do the things that were left undone the first
4067 time, if any, and exit with a success status if everything
4068 is OK.<footnote>
4069 This is so that if an error occurs, the user interrupts
4071 happens you don't leave the user with a badly-broken
4073 action.
4074 </footnote>
4075 </p>
4076 </sect>
4081 <p>
4082 Maintainer scripts are not guaranteed to run with a controlling
4083 terminal and may not be able to interact with the user. They
4084 must be able to fall back to noninteractive behavior if no
4085 controlling terminal is available. Maintainer scripts that
4086 prompt via a program conforming to the Debian Configuration
4088 assume that program will handle falling back to noninteractive
4089 behavior.
4090 </p>
4092 <p>
4093 For high-priority prompts without a reasonable default answer,
4094 maintainer scripts may abort if there is no controlling
4095 terminal. However, this situation should be avoided if at all
4096 possible, since it prevents automated or unattended installs.
4097 In most cases, users will consider this to be a bug in the
4098 package.
4099 </p>
4100 </sect>
4105 <p>
4106 Each script must return a zero exit status for
4107 success, or a nonzero one for failure, since the package
4108 management system looks for the exit status of these scripts
4109 and determines what action to take next based on that datum.
4110 </p>
4111 </sect>
4114 scripts are called
4115 </heading>
4117 <p>
4118 What follows is a summary of all the ways in which maintainer
4119 scripts may be called along with what facilities those scripts
4120 may rely on being available at that time. Script names preceded
4122 package being installed, upgraded to, or downgraded to. Script
4124 version of a package that is being upgraded from or downgraded
4125 from.
4126 </p>
4128 <p>
4130 ways:
4131 <taglist>
4137 <item>
4138 The package will not yet be unpacked, so
4140 included in its package. Only essential packages and
4142 available. Pre-dependencies will have been configured at
4145 state if a previous version of the pre-dependency was
4146 completely configured and has not been removed since then.
4147 </item>
4151 <item>
4152 Called during error handling of an upgrade that failed after
4153 unpacking the new package because the <tt>postrm
4154 upgrade</tt> action failed. The unpacked files may be
4155 partly from the new version or partly missing, so the script
4156 cannot rely on files included in the package. Package
4157 dependencies may not be available. Pre-dependencies will be
4158 at least "Unpacked" following the same rules as above, except
4159 they may be only "Half-Installed" if an upgrade of the
4160 pre-dependency failed.<footnote>
4161 This can happen if the new version of the package no
4162 longer pre-depends on a package that had been partially
4163 upgraded.
4164 </footnote>
4165 </item>
4166 </taglist>
4167 </p>
4169 <p>
4171 ways:
4172 <taglist>
4175 <item>
4176 The files contained in the package will be unpacked. All
4177 package dependencies will at least be "Unpacked". If there
4178 are no circular dependencies involved, all package
4179 dependencies will be configured. For behavior in the case
4180 of circular dependencies, see the discussion
4182 </item>
4195 <item>
4196 The files contained in the package will be unpacked. All
4197 package dependencies will at least be "Half-Installed" and
4198 will have previously been configured and not removed.
4199 However, dependencies may not be configured or even fully
4200 unpacked in some error situations.<footnote>
4201 For example, suppose packages foo and bar are "Installed"
4202 with foo depending on bar. If an upgrade of bar were
4203 started and then aborted, and then an attempt to remove
4206 bar only "Half-Installed".
4207 </footnote>
4209 for which its dependencies are required, since they will
4210 normally be available, but consider the correct error
4211 handling approach if those actions fail. Aborting
4213 from the package dependencies are not available is often the
4214 best approach.
4215 </item>
4216 </taglist>
4217 </p>
4219 <p>
4221 ways:
4222 <taglist>
4233 <item>
4235 at least "Half-Installed". All package dependencies will at
4236 least be "Half-Installed" and will have previously been
4237 configured and not removed. If there was no error, all
4238 dependencies will at least be "Unpacked", but these actions
4239 may be called in various error states where dependencies are
4240 only "Half-Installed" due to a partial upgrade.
4241 </item>
4245 <item>
4247 fails. The new package will not yet be unpacked, and all
4249 </item>
4250 </taglist>
4251 </p>
4253 <p>
4255 ways:
4256 <taglist>
4263 <item>
4265 files have been removed or replaced. The package
4267 previously been deconfigured and only be "Unpacked", at which
4268 point subsequent package changes do not consider its
4270 may only rely on essential packages and must gracefully skip
4271 any actions that require the package's dependencies if those
4272 dependencies are unavailable.<footnote>
4273 This is often done by checking whether the command or
4275 available before calling it. For example:
4276 <example>
4278 . /usr/share/debconf/confmodule
4279 db_purge
4280 fi
4281 </example>
4283 configuration for the package
4285 </footnote>
4286 </item>
4290 <item>
4292 The new package will be unpacked, but only essential
4293 packages and pre-dependencies can be relied on.
4294 Pre-dependencies will either be configured or will be
4296 configured and was never removed.
4297 </item>
4304 <item>
4305 Called before unpacking the new package as part of the
4308 </item>
4309 </taglist>
4310 </p>
4311 </sect>
4316 <p>
4317 The procedure on installation/upgrade/overwrite/disappear
4320 case, if a major error occurs (unless listed below) the
4321 actions are, in general, run backwards - this means that the
4322 maintainer scripts are run with different arguments in
4323 reverse order. These are the "error unwind" calls listed
4324 below.
4326 <enumlist>
4327 <item>
4328 <enumlist>
4329 <item>
4330 If a version of the package is already "Installed", call
4333 </example>
4334 </item>
4335 <item>
4336 If the script runs but exits with a non-zero
4340 </example>
4341 If this works, the upgrade continues. If this
4342 does not work, the error unwind:
4345 </example>
4346 If this works, then the old-version is
4347 "Installed", if not, the old version is in a
4348 "Half-Configured" state.
4349 </item>
4350 </enumlist>
4351 </item>
4353 <item>
4354 If a "conflicting" package is being removed at the same time,
4356 <enumlist>
4357 <item>
4359 specified, call, for each package to be deconfigured
4364 </example>
4365 Error unwind:
4369 </example>
4370 The deconfigured packages are marked as
4371 requiring configuration, so that if
4373 configured again if possible.
4374 </item>
4375 <item>
4376 If any packages depended on a conflicting
4378 specified, call, for each such package:
4383 </example>
4384 Error unwind:
4389 </example>
4390 The deconfigured packages are marked as
4391 requiring configuration, so that if
4393 configured again if possible.
4394 </item>
4395 <item>
4396 To prepare for removal of each conflicting package, call:
4400 </example>
4401 Error unwind:
4405 </example>
4406 </item>
4407 </enumlist>
4408 </item>
4410 <item>
4411 <enumlist>
4412 <item>
4413 If the package is being upgraded, call:
4416 </example>
4417 If this fails, we call:
4418 <example>
4420 </example>
4421 <enumlist>
4422 <item>
4423 <p>
4424 If that works, then
4425 <example>
4427 </example>
4428 is called. If this works, then the old version
4429 is in an "Installed" state, or else it is left
4430 in an "Unpacked" state.
4431 </p>
4432 </item>
4433 <item>
4434 <p>
4435 If it fails, then the old version is left
4436 in an "Half-Installed" state.
4437 </p>
4438 </item>
4439 </enumlist>
4441 </item>
4442 <item>
4443 Otherwise, if the package had some configuration
4444 files from a previous version installed (i.e., it
4445 is in the "Config-Files" state):
4448 </example>
4449 Error unwind:
4450 <example>
4452 </example>
4453 If this fails, the package is left in a
4454 "Half-Installed" state, which requires a
4455 reinstall. If it works, the packages is left in
4456 a "Config-Files" state.
4457 </item>
4458 <item>
4459 Otherwise (i.e., the package was completely purged):
4462 </example>
4463 Error unwind:
4466 </example>
4467 If the error-unwind fails, the package is in a
4468 "Half-Installed" phase, and requires a
4469 reinstall. If the error unwind works, the
4470 package is in the "Not-Installed" state.
4471 </item>
4472 </enumlist>
4473 </item>
4475 <item>
4476 <p>
4477 The new package's files are unpacked, overwriting any
4478 that may be on the system already, for example any
4479 from the old version of the same package or from
4480 another package. Backups of the old files are kept
4481 temporarily, and if anything goes wrong the package
4482 management system will attempt to put them back as
4483 part of the error unwind.
4484 </p>
4486 <p>
4487 It is an error for a package to contain files which
4488 are on the system in another package, unless
4490 </p>
4492 <p>
4493 It is a more serious error for a package to contain a
4494 plain file or other kind of non-directory where another
4495 package has a directory (again, unless
4497 overridden if desired using
4499 advisable.
4500 </p>
4502 <p>
4503 Packages which overwrite each other's files produce
4504 behavior which, though deterministic, is hard for the
4505 system administrator to understand. It can easily
4506 lead to "missing" programs if, for example, a package
4507 is unpacked which overwrites a file from another
4508 package, and is then removed again.<footnote>
4509 Part of the problem is due to what is arguably a
4511 </footnote>
4512 </p>
4514 <p>
4515 A directory will never be replaced by a symbolic link
4516 to a directory or vice versa; instead, the existing
4517 state (symlink or not) will be left alone and
4519 one.
4520 </p>
4521 </item>
4523 <item>
4524 <p>
4525 <enumlist>
4526 <item>
4527 If the package is being upgraded, call
4530 </example>
4531 </item>
4532 <item>
4536 </example>
4537 If this works, installation continues. If not,
4538 Error unwind:
4541 </example>
4542 If this fails, the old version is left in a
4543 "Half-Installed" state. If it works, dpkg now
4544 calls:
4547 </example>
4548 If this fails, the old version is left in a
4549 "Half-Installed" state. If it works, dpkg now
4550 calls:
4553 </example>
4554 If this fails, the old version is in an
4555 "Unpacked" state.
4556 </item>
4557 </enumlist>
4558 </p>
4560 <p>
4561 This is the point of no return - if
4563 past this point if an error occurs. This will
4564 leave the package in a fairly bad state, which
4565 will require a successful re-installation to clear
4567 things that are irreversible.
4568 </p>
4569 </item>
4571 <item>
4572 Any files which were in the old version of the package
4573 but not in the new are removed.
4574 </item>
4576 <item>
4577 The new file list replaces the old.
4578 </item>
4580 <item>
4581 The new maintainer scripts replace the old.
4582 </item>
4584 <item>
4585 Any packages all of whose files have been overwritten
4586 during the installation, and which aren't required for
4587 dependencies, are considered to have been removed.
4588 For each such package
4589 <enumlist>
4590 <item>
4595 </example>
4596 </item>
4597 <item>
4598 The package's maintainer scripts are removed.
4599 </item>
4600 <item>
4601 It is noted in the status database as being in a
4602 sane state, namely "Not-Installed" (any conffiles
4603 it may have are ignored, rather than being
4605 disappearing packages do not have their prerm
4607 in advance that the package is going to
4608 vanish.
4609 </item>
4610 </enumlist>
4611 </item>
4613 <item>
4614 Any files in the package we're unpacking that are also
4615 listed in the file lists of other packages are removed
4616 from those lists. (This will lobotomize the file list
4617 of the "conflicting" package if there is one.)
4618 </item>
4620 <item>
4621 The backup files made during installation, above, are
4622 deleted.
4623 </item>
4625 <item>
4626 <p>
4627 The new package's status is now sane, and recorded as
4628 "Unpacked".
4629 </p>
4631 <p>
4632 Here is another point of no return - if the
4633 conflicting package's removal fails we do not unwind
4634 the rest of the installation; the conflicting package
4635 is left in a half-removed limbo.
4636 </p>
4637 </item>
4639 <item>
4640 If there was a conflicting package we go and do the
4641 removal actions (described below), starting with the
4642 removal of the conflicting package's files (any that
4643 are also in the package being unpacked have already
4644 been removed from the conflicting package's file list,
4645 and so do not get removed now).
4646 </item>
4647 </enumlist>
4648 </p>
4649 </sect>
4653 <p>
4654 When we configure a package (this happens with <tt>dpkg
4659 </example>
4660 </p>
4662 <p>
4663 No attempt is made to unwind after errors during
4664 configuration. If the configuration fails, the package is in
4665 a "Half-Configured" state, and an error message is generated.
4666 </p>
4668 <p>
4669 If there is no most recently configured version
4671 <footnote>
4672 <p>
4673 Historical note: Truly ancient (pre-1997) versions of
4675 (including the angle brackets) in this case. Even older
4676 ones did not pass a second argument at all, under any
4677 circumstance. Note that upgrades using such an old dpkg
4678 version are unlikely to work for other reasons, even if
4679 this old argument behavior is handled by your postinst script.
4680 </p>
4681 </footnote>
4682 </p>
4683 </sect>
4686 configuration purging</heading>
4688 <p>
4689 <enumlist>
4690 <item>
4691 <p>
4694 </example>
4695 </p>
4696 <p>
4697 If prerm fails during replacement due to conflict
4698 <example>
4701 </example>
4702 Or else we call:
4703 <example>
4705 </example>
4706 </p>
4707 <p>
4708 If this fails, the package is in a "Half-Configured"
4709 state, or else it remains "Installed".
4710 </p>
4711 </item>
4712 <item>
4714 </item>
4715 <item>
4718 </example>
4720 <p>
4721 If it fails, there's no error unwind, and the package is in
4722 an "Half-Installed" state.
4723 </p>
4724 </item>
4725 <item>
4726 <p>
4728 are removed.
4729 </p>
4731 <p>
4732 If we aren't purging the package we stop here. Note
4735 removed, as there is no difference except for the
4737 </p>
4738 </item>
4739 <item>
4743 are removed.
4744 </item>
4745 <item>
4746 <p>
4749 </example>
4750 </p>
4751 <p>
4752 If this fails, the package remains in a "Config-Files"
4753 state.
4754 </p>
4755 </item>
4756 <item>
4757 The package's file list is removed.
4758 </item>
4759 </enumlist>
4761 </p>
4762 </sect>
4763 </chapt>
4772 <p>
4773 These fields all have a uniform syntax. They are a list of
4774 package names separated by commas.
4775 </p>
4777 <p>
4782 control fields of the package, which declare
4783 dependencies on other packages, the package names listed may
4784 also include lists of alternative package names, separated
4786 that part of the dependency can be satisfied by any one of
4787 the alternative packages.
4788 </p>
4790 <p>
4792 their applicability to particular versions of each named
4793 package. This is done in parentheses after each individual
4794 package name; the parentheses should contain a relation from
4795 the list below followed by a version number, in the format
4797 </p>
4799 <p>
4802 earlier, earlier or equal, exactly equal, later or equal and
4803 strictly later, respectively.<footnote>
4805 allowed, but they were confusingly defined to mean
4806 earlier/later or equal rather than strictly
4808 warning, but they are no longer allowed by Debian Policy.
4809 </footnote>
4810 </p>
4812 <p>
4813 Whitespace may appear at any point in the version
4814 specification subject to the rules in <ref
4816 disambiguate; it is not otherwise significant. All of the
4817 relationship fields can only be folded in source package control files. For
4818 consistency and in case of future changes to
4820 used after a version relationship and before a version
4821 number; it is also conventional to put a single space after
4822 each comma, on either side of each vertical bar, and before
4823 each open parenthesis. When opening a continuation line in a relationship field, it
4824 is conventional to do so after a comma and before the space
4825 following that comma.
4826 </p>
4828 <p>
4829 For example, a list of dependencies might appear as:
4831 Package: mutt
4834 </example>
4835 </p>
4837 <p>
4838 Relationships may be restricted to a certain set of
4839 architectures. This is indicated in brackets after each
4840 individual package name and the optional version specification.
4841 The brackets enclose a non-empty list of Debian architecture names
4843 separated by whitespace. Exclamation marks may be prepended to
4844 each of the names. (It is not permitted for some names to be
4845 prepended with exclamation marks while others aren't.)
4846 </p>
4848 <p>
4849 For build relationship fields
4853 the current Debian host architecture is not in this list and
4854 there are no exclamation marks in the list, or it is in the list
4855 with a prepended exclamation mark, the package name and the
4856 associated version specification are ignored completely for the
4857 purposes of defining the relationships.
4858 </p>
4860 <p>
4861 For example:
4863 Source: glibc
4864 Build-Depends-Indep: texinfo
4865 Build-Depends: kernel-headers-2.2.10 [!hurd-i386],
4866 hurd-dev [hurd-i386], gnumach-dev [hurd-i386]
4867 </example>
4871 showing multiple architectures separated by spaces:
4873 Build-Depends:
4874 libluajit5.1-dev [i386 amd64 kfreebsd-i386 armel armhf powerpc mips],
4875 liblua5.1-dev [hurd-i386 ia64 kfreebsd-amd64 s390x sparc],
4876 </example>
4877 </p>
4879 <p>
4881 field, the architecture restriction
4882 syntax is only supported in the source package control
4884 package control file is generated, the relationship will either
4885 be omitted or included without the architecture restriction
4886 based on the architecture of the binary package. This means
4887 that architecture restrictions must not be used in binary
4888 relationship fields for architecture-independent packages
4890 </p>
4892 <p>
4893 For example:
4895 Depends: foo [i386], bar [amd64]
4896 </example>
4900 entirely in binary packages built on all other architectures.
4901 </p>
4903 <p>
4904 If the architecture-restricted dependency is part of a set of
4906 completely on architectures that do not match the restriction.
4907 For example:
4909 Build-Depends: foo [!i386] | bar [!amd64]
4910 </example>
4913 bar</tt> on all other architectures.
4914 </p>
4916 <p>
4917 Relationships may also be restricted to a certain set of
4918 architectures using architecture wildcards in the format
4920 declaring such restrictions is the same as declaring
4921 restrictions using a certain set of architectures without
4922 architecture wildcards. For example:
4924 Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]
4925 </example>
4929 using a kernel other than Linux.
4930 </p>
4932 <p>
4933 Note that the binary package relationship fields such as
4935 sections of the control file, whereas the build-time
4937 source package section of the control file (which is the
4938 first section).
4939 </p>
4940 </sect>
4946 </heading>
4948 <p>
4949 Packages can declare in their control file that they have
4950 certain relationships to other packages - for example, that
4951 they may not be installed at the same time as certain other
4952 packages, and/or that they depend on the presence of others.
4953 </p>
4955 <p>
4961 rest are described below.
4962 </p>
4964 <p>
4965 These seven fields are used to declare a dependency
4966 relationship by one package on another. Except for
4968 depending (binary) package's control file.
4971 depended-on package which causes the named package to
4972 break).
4973 </p>
4975 <p>
4977 package is to be configured. It does not prevent a package
4978 being on the system in an unconfigured state while its
4979 dependencies are unsatisfied, and it is possible to replace
4980 a package whose dependencies are satisfied and which is
4981 properly installed with a different version whose
4982 dependencies are not and cannot be satisfied; when this is
4983 done the depending package will be left unconfigured (since
4984 attempts to configure it will give errors) and will not
4985 function properly. If it is necessary, a
4987 effect even when a package is being unpacked, as explained
4988 in detail below. (The other three dependency fields,
4993 </p>
4995 <p>
4997 which packages are configured, packages in an installation run
4998 are usually all unpacked first and all configured later.
4999 <footnote>
5000 This approach makes dependency resolution easier. If two
5001 packages A and B are being upgraded, the installed package A
5002 depends on exactly the installed package B, and the new
5003 package A depends on exactly the new package B (a common
5004 situation when upgrading shared libraries and their
5005 corresponding development packages), satisfying the
5006 dependencies at every stage of the upgrade would be
5007 impossible. This relaxed restriction means that both new
5008 packages can be unpacked together and then configured in their
5009 dependency order.
5010 </footnote>
5011 </p>
5013 <p>
5014 If there is a circular dependency among packages being installed
5015 or removed, installation or removal order honoring the
5016 dependency order is impossible, requiring the dependency loop be
5017 broken at some point and the dependency requirements violated
5018 for at least one package. Packages involved in circular
5019 dependencies may not be able to rely on their dependencies being
5020 configured before they themselves are configured, depending on
5021 which side of the break of the circular dependency loop they
5022 happen to be on. If one of the packages in the loop has
5025 scripts are run with their dependencies properly configured if
5026 this is possible. Otherwise the breaking point is arbitrary.
5027 Packages should therefore avoid circular dependencies where
5029 scripts.
5030 </p>
5032 <p>
5033 The meaning of the five dependency fields is as follows:
5034 <taglist>
5036 <item>
5037 <p>
5038 This declares an absolute dependency. A package will
5039 not be configured unless all of the packages listed in
5041 configured (unless there is a circular dependency as
5042 described above).
5043 </p>
5045 <p>
5047 depended-on package is required for the depending
5048 package to provide a significant amount of
5049 functionality.
5050 </p>
5052 <p>
5055 require the depended-on package to be unpacked or
5056 configured in order to run. In the case of <tt>postinst
5057 configure</tt>, the depended-on packages will be unpacked
5058 and configured first. (If both packages are involved in a
5059 dependency loop, this might not work as expected; see the
5060 explanation a few paragraphs back.) In the case
5062 actions, the package dependencies will normally be at
5063 least unpacked, but they may be only "Half-Installed" if a
5064 previous upgrade of the dependency failed.
5065 </p>
5067 <p>
5070 script to fully clean up after the package removal. There
5071 is no guarantee that package dependencies will be
5073 depended-on package is more likely to be available if the
5074 package declares a dependency (particularly in the case
5076 script must gracefully skip actions that require a
5077 dependency if that dependency isn't available.
5078 </p>
5079 </item>
5082 <item>
5083 <p>
5084 This declares a strong, but not absolute, dependency.
5085 </p>
5087 <p>
5089 that would be found together with this one in all but
5090 unusual installations.
5091 </p>
5092 </item>
5095 <item>
5096 This is used to declare that one package may be more
5097 useful with one or more others. Using this field
5098 tells the packaging system and the user that the
5099 listed packages are related to this one and can
5100 perhaps enhance its usefulness, but that installing
5101 this one without them is perfectly reasonable.
5102 </item>
5105 <item>
5106 This field is similar to Suggests but works in the
5107 opposite direction. It is used to declare that a
5108 package can enhance the functionality of another
5109 package.
5110 </item>
5113 <item>
5114 <p>
5117 of the packages named before even starting the
5118 installation of the package which declares the
5119 pre-dependency, as follows:
5120 </p>
5122 <p>
5123 When a package declaring a pre-dependency is about to
5125 satisfied if the depended-on package is either fully
5128 state, provided that they have been configured
5129 correctly at some point in the past (and not removed
5130 or partially removed since). In this case, both the
5131 previously-configured and currently "Unpacked" or
5132 "Half-Configured" versions must satisfy any version
5134 </p>
5136 <p>
5137 When the package declaring a pre-dependency is about to
5140 satisfied only if the depended-on package has been
5141 correctly configured. However, unlike
5143 permit circular dependencies to be broken. If a circular
5144 dependency is encountered while attempting to honor
5146 </p>
5148 <p>
5151 It is best to avoid this situation if possible.
5152 </p>
5154 <p>
5156 preferably only by packages whose premature upgrade or
5157 installation would hamper the ability of the system to
5158 continue with any upgrade that might be in progress.
5159 </p>
5161 <p>
5163 package before this has been discussed on the
5166 </p>
5167 </item>
5168 </taglist>
5169 </p>
5171 <p>
5172 When selecting which level of dependency to use you should
5173 consider how important the depended-on package is to the
5174 functionality of the one declaring the dependency. Some
5175 packages are composed of components of varying degrees of
5176 importance. Such a package should list using
5178 more important components. The other components'
5179 requirements may be mentioned as Suggestions or
5180 Recommendations, as appropriate to the components' relative
5181 importance.
5182 </p>
5183 </sect>
5188 <p>
5189 When one binary package declares that it breaks another,
5192 package is deconfigured first, and it will refuse to
5193 allow the broken package to be reconfigured.
5194 </p>
5196 <p>
5197 A package will not be regarded as causing breakage merely
5198 because its configuration files are still installed; it must
5199 be at least "Half-Installed".
5200 </p>
5202 <p>
5203 A special exception is made for packages which declare that
5204 they break their own package name or a virtual package which
5205 they provide (see below): this does not count as a real
5206 breakage.
5207 </p>
5209 <p>
5212 version of an (implicit or explicit) dependency which violates
5213 an assumption or reveals a bug in earlier versions of the broken
5214 package, or which takes over a file from earlier versions of the
5216 will inform higher-level package management tools that the
5217 broken package must be upgraded before the new one.
5218 </p>
5220 <p>
5221 If the breaking package also overwrites some files from the
5224 of taking over files from other packages, including how to
5226 </p>
5228 <p>
5234 differences.
5235 </p>
5236 </sect>
5241 <p>
5242 When one binary package declares a conflict with another using
5244 allow them to be unpacked on the system at the same time. This
5246 the broken package from being configured while the breaking
5247 package is in the "Unpacked" state but allows both packages to
5248 be unpacked at the same time.
5249 </p>
5251 <p>
5252 If one package is to be unpacked, the other must be removed
5253 first. If the package being unpacked is marked as replacing
5255 normally be used in this case) the one on the system, or the one
5256 on the system is marked as deselected, or both packages are
5258 automatically remove the package which is causing the conflict.
5259 Otherwise, it will halt the installation of the new package with
5260 an error. This mechanism is specifically designed to produce an
5262 new package is not.
5263 </p>
5265 <p>
5266 A package will not cause a conflict merely because its
5267 configuration files are still installed; it must be at least
5268 "Half-Installed".
5269 </p>
5271 <p>
5272 A special exception is made for packages which declare a
5273 conflict with their own package name, or with a virtual
5274 package which they provide (see below): this does not
5275 prevent their installation, and allows a package to conflict
5276 with others providing a replacement for it. You use this
5277 feature when you want the package in question to be the only
5278 package providing some feature.
5279 </p>
5281 <p>
5284 stronger restriction on the ordering of package installation or
5285 upgrade and can make it more difficult for the package manager
5286 to find a correct solution to an upgrade or installation
5288 <list>
5289 <item>when moving a file from one package to another (see
5291 <item>when splitting a package (a special case of the previous
5292 one), or</item>
5293 <item>when the breaking package exposes a bug in or interacts
5294 badly with particular versions of the broken
5295 package.</item>
5296 </list>
5298 <list>
5299 <item>when two packages provide the same file and will
5300 continue to do so,</item>
5302 package providing a given virtual facility may be unpacked
5304 <item>in other cases where one must prevent simultaneous
5305 installation of two packages for reasons that are ongoing
5306 (not fixed in a later version of one of the packages) or
5307 that must prevent both packages from being unpacked at the
5308 same time, not just configured.</item>
5309 </list>
5311 solution when two packages provide the same files. Depending on
5312 the reason for that conflict, using alternatives or renaming the
5313 files is often a better approach. See, for
5315 </p>
5317 <p>
5319 unless two packages cannot be installed at the same time or
5320 installing them both causes one of them to be broken or
5321 unusable. Having similar functionality or performing the same
5322 tasks as another package is not sufficient reason to
5324 </p>
5326 <p>
5328 clause if the reason for the conflict is corrected in a later
5329 version of one of the packages. However, normally the presence
5330 of an "earlier than" version clause is a sign
5334 package which declares such a conflict until the upgrade or
5335 removal of the conflicted-with package has been completed, which
5336 is a strong restriction.
5337 </p>
5338 </sect>
5341 </heading>
5343 <p>
5344 As well as the names of actual ("concrete") packages, the
5351 may mention "virtual packages".
5352 </p>
5354 <p>
5357 is as if the package(s) which provide a particular virtual
5358 package name had been listed by name everywhere the virtual
5360 </p>
5362 <p>
5363 If there are both concrete and virtual packages of the same
5364 name, then the dependency may be satisfied (or the conflict
5365 caused) by either the concrete package with the name in
5366 question or any other concrete package which provides the
5367 virtual package with the name in question. This is so that,
5368 for example, supposing we have
5370 Package: foo
5371 Depends: bar
5372 </example> and someone else releases an enhanced version of
5375 Package: bar-plus
5376 Provides: bar
5377 </example>
5380 </p>
5382 <p>
5383 If a relationship field has a version number attached, only real
5384 packages will be considered to see whether the relationship is
5385 satisfied (or the prohibition violated, for a conflict or
5386 breakage). In other words, if a version number is specified,
5388 package name and consider only real packages. The package
5389 manager will assume that a package providing that virtual
5391 field may not contain version numbers, and the version number of
5392 the concrete package which provides a particular virtual package
5393 will not be considered when considering a dependency on or
5394 conflict with the virtual package name.<footnote>
5396 add the ability to specify a version number for each virtual
5397 package it provides. This feature is not yet present,
5398 however, and is expected to be used only infrequently.
5399 </footnote>
5400 </p>
5402 <p>
5403 To specify which of a set of real packages should be the default
5404 to satisfy a particular dependency on a virtual package, list
5405 the real package as an alternative before the virtual one.
5406 </p>
5408 <p>
5409 If the virtual package represents a facility that can only be
5410 provided by one real package at a time, such as
5412 requires installation of a binary that would conflict with all
5413 other providers of that virtual package (see
5415 virtual package should also declare a conflict with it
5417 provider of that virtual package is unpacked or installed at a
5418 time.
5419 </p>
5420 </sect>
5425 <p>
5426 Packages can declare in their control file that they should
5427 overwrite files in certain other packages, or completely replace
5429 two distinct purposes.
5430 </p>
5434 <p>
5435 It is usually an error for a package to contain files which
5436 are on the system in another package. However, if the
5439 will replace the file from the old package with that from the
5440 new. The file will no longer be listed as "owned" by the old
5441 package and will be taken over by the new package.
5449 be installed and take over that file. However,
5452 version that knows it does not include that file and instead
5455 being installed and then removed, removing the file that it
5457 operation, the package manager would think the system was in
5459 would be missing one of its files.
5460 </footnote>
5461 </p>
5463 <p>
5467 have the fields
5471 </example>
5472 in its control file. The new version of the
5476 </example>
5479 required for normal operation).
5480 </p>
5482 <p>
5483 If a package is completely replaced in this way, so that
5485 contains, it is considered to have "disappeared". It will
5486 be marked as not wanted on the system (selected for
5488 details noted for the package will be ignored, as they
5489 will have been taken over by the overwriting package. The
5491 special argument to allow the package to do any final
5493 <footnote>
5494 Replaces is a one way relationship. You have to install
5495 the replacing package after the replaced package.
5496 </footnote>
5497 </p>
5499 <p>
5503 replaced must be mentioned by their real names.
5504 </p>
5506 <p>
5508 packages are at least partially on the system at once. It is
5509 not relevant if the packages conflict unless the conflict has
5510 been overridden.
5511 </p>
5512 </sect1>
5514 <sect1><heading>Replacing whole packages, forcing their
5515 removal</heading>
5517 <p>
5519 resolve which package should be removed when there is a
5522 two usages of this field do not interfere with each other.
5523 </p>
5525 <p>
5526 In this situation, the package declared as being replaced
5527 can be a virtual package, so for example, all mail
5528 transport agents (MTAs) would have the following fields in
5529 their control files:
5531 Provides: mail-transport-agent
5532 Conflicts: mail-transport-agent
5533 Replaces: mail-transport-agent
5534 </example>
5535 ensuring that only one MTA can be unpacked at any one
5537 example.
5538 </sect1>
5539 </sect>
5542 <heading>Relationships between source and binary packages -
5546 </heading>
5548 <p>
5549 Source packages that require certain binary packages to be
5550 installed or absent at the time of building the package
5551 can declare relationships to those binary packages.
5552 </p>
5554 <p>
5559 </p>
5561 <p>
5562 Build-dependencies on "build-essential" binary packages can be
5564 </p>
5566 <p>
5567 The dependencies and conflicts they define must be satisfied
5568 (as defined earlier for binary packages) in order to invoke
5570 <taglist>
5572 <item>
5574 fields must be satisfied when this target is invoked.
5575 </item>
5577 <item>
5580 fields must be satisfied when these targets are invoked.
5581 </item>
5583 <item>
5586 fields must be satisfied when these targets are invoked.
5587 </item>
5589 <item>
5593 fields must be satisfied when these targets are invoked.
5594 </item>
5595 </taglist>
5596 </p>
5597 </sect>
5600 <heading>Additional source packages used to build the binary
5602 </heading>
5604 <p>
5605 Some binary packages incorporate parts of other packages when built
5606 but do not have to depend on those packages. Examples include
5607 linking with static libraries or incorporating source code from
5608 another package during the build. In this case, the source packages
5609 of those other packages are a required part of the complete source
5610 (the binary package is not reproducible without them).
5611 </p>
5613 <p>
5615 package for any such binary package incorporated during the build
5616 <footnote>
5618 it (rightfully) does not document the exact version used in the
5619 build.
5620 </footnote>,
5622 that was used to build that binary package<footnote>
5623 The archive software might reject packages that refer to
5624 non-existent sources.
5625 </footnote>.
5626 </p>
5628 <p>
5629 A package using the source code from the gcc-4.6-source
5630 binary package built from the gcc-4.6 source package would
5631 have this field in its control file:
5634 </example>
5635 </p>
5637 <p>
5638 A package including binaries from grub2 and loadlin would
5639 have this field in its control file:
5642 </example>
5643 </p>
5644 </sect>
5645 </chapt>
5650 <p>
5651 Packages containing shared libraries must be constructed with
5652 a little care to make sure that the shared library is always
5653 available. This is especially important for packages whose
5654 shared libraries are vitally important, such as the C library
5656 </p>
5658 <p>
5659 This section deals only with public shared libraries: shared
5660 libraries that are placed in directories searched by the dynamic
5661 linker by default or which are intended to be linked against
5662 normally and possibly used by other, independent packages. Shared
5663 libraries that are internal to a particular package or that are
5664 only loaded as dynamic modules are not covered by this section and
5665 are not subject to its requirements.
5666 </p>
5668 <p>
5670 stored in its dynamic section. When a binary is linked against a
5673 dynamic linker knows that library must be loaded at runtime. The
5674 shared library file's full name (which usually contains additional
5676 therefore normally not referenced directly. Instead, the shared
5678 system as a symlink pointing to the full name of the shared
5679 library. This symlink must be provided by the
5681 <footnote>
5682 This is a convention of shared library versioning, but not a
5684 library file name instead and therefore do not need a symlink.
5685 Most, however, encode additional information about
5686 backwards-compatible revisions as a minor version number in the
5688 binaries linked with the earlier version of the shared library
5689 may no longer work, but the filename may change with each
5691 more information.
5692 </footnote>
5693 </p>
5695 <p>
5696 When linking a binary or another shared library against a shared
5698 known. Instead, the shared library is found by looking for a file
5700 exists on the file system as a symlink pointing to the shared
5701 library.
5702 </p>
5704 <p>
5705 Shared libraries are normally split into several binary packages.
5708 the development package since it's only used when linking binaries
5709 or shared libraries. However, there are some exceptions for
5710 unusual shared libraries or for shared libraries that are also
5711 loaded as dynamic modules by other programs.
5712 </p>
5714 <p>
5715 This section is primarily concerned with how the separation of
5716 shared libraries into multiple packages should be done and how
5717 dependencies on and between shared library binary packages are
5719 conjunction with this section and contains additional rules for
5720 the files contained in the shared library packages.
5721 </p>
5726 <p>
5727 The run-time shared library must be placed in a package
5729 library changes. This allows several versions of the shared
5730 library to be installed at the same time, allowing installation
5731 of the new version of the shared library without immediately
5732 breaking binaries that depend on the old version. Normally, the
5734 be placed in a package named
5741 should use
5743 instead.
5744 </p>
5746 <p>
5757 </p>
5759 <p>
5760 If you have several shared libraries built from the same source
5761 tree, you may lump them all together into a single shared
5763 always change together. Be aware that this is not normally the
5765 upgrading such a merged shared library package will be
5766 unnecessarily difficult because of file conflicts with the old
5767 version of the package. When in doubt, always split shared
5768 library packages so that each binary package installs a single
5769 shared library.
5770 </p>
5772 <p>
5773 Every time the shared library ABI changes in a way that may
5774 break binaries linked against older versions of the shared
5776 corresponding name for the binary package containing the runtime
5777 shared library should change. Normally, this means
5779 removed from the shared library or the signature of an interface
5780 (the number of parameters or the types of parameters that it
5781 takes, for example) is changed. This practice is vital to
5782 allowing clean upgrades from older versions of the package and
5783 clean transitions between the old ABI and new ABI without having
5784 to upgrade every affected package simultaneously.
5785 </p>
5787 <p>
5789 normally should not, change if new interfaces are added but none
5790 are removed or changed, since this will not break binaries
5791 linked against the old shared library. Correct versioning of
5792 dependencies on the newer shared library by binaries that use
5793 the new interfaces is handled via
5796 </p>
5798 <p>
5799 The package should install the shared libraries under
5805 of renaming things safely without affecting running programs,
5806 and attempts to interfere with this are likely to lead to
5807 problems.
5808 </p>
5810 <p>
5811 Shared libraries should not be installed executable, since
5812 the dynamic linker does not require this and trying to
5813 execute a shared library usually results in a core dump.
5814 </p>
5816 <p>
5817 The run-time library package should include the symbolic link for
5819 the shared libraries. For example,
5827 script.<footnote>
5828 The package management system requires the library to be
5829 placed before the symbolic link pointing to it in the
5832 (overwriting the previous symlink pointing at an older
5833 version of the library), the new shared library is already
5834 in place. In the past, this was achieved by creating the
5835 library in the temporary packaging directory before
5836 creating the symlink. Unfortunately, this was not always
5837 effective, since the building of the tar file in the
5839 file system. Some file systems (such as reiserfs) reorder
5840 the files so that the order of creation is forgotten.
5842 reorders the files itself as necessary when building a
5843 package. Thus it is no longer important to concern
5844 oneself with the order of file creation.
5845 </footnote>
5846 </p>
5851 <p>
5852 Any package installing shared libraries in one of the default
5853 library directories of the dynamic linker (which are currently
5858 matching the multiarch triplet for the system architecture.
5859 </footnote>
5861 system.
5862 </p>
5864 <p>
5865 The package maintainer scripts must only call
5872 </item>
5876 </item>
5877 </list>
5878 <footnote>
5879 <p>
5880 During install or upgrade, the preinst is called before
5881 the new files are unpacked, so calling "ldconfig" is
5882 pointless. The preinst of an existing package can also be
5883 called if an upgrade fails. However, this happens during
5884 the critical time when a shared libs may exist on-disk
5885 under a temporary name. Thus, it is dangerous and
5886 forbidden by current policy to call "ldconfig" at this
5887 time.
5888 </p>
5890 <p>
5891 When a package is installed or upgraded, "postinst
5892 configure" runs after the new files are safely on-disk.
5893 Since it is perfectly safe to invoke ldconfig
5894 unconditionally in a postinst, it is OK for a package to
5895 simply put ldconfig in its postinst without checking the
5896 argument. The postinst can also be called to recover from
5897 a failed upgrade. This happens before any new files are
5898 unpacked, so there is no reason to call "ldconfig" at this
5899 point.
5900 </p>
5902 <p>
5903 For a package that is being removed, prerm is
5904 called with all the files intact, so calling ldconfig is
5905 useless. The other calls to "prerm" happen in the case of
5906 upgrade at a time when all the files of the old package
5907 are on-disk, so again calling "ldconfig" is pointless.
5908 </p>
5910 <p>
5911 postrm, on the other hand, is called with the "remove"
5912 argument just after the files are removed, so this is
5913 the proper time to call "ldconfig" to notify the system
5914 of the fact that the shared libraries from the package
5915 are removed. The postrm can be called at several other
5918 "ldconfig" is useless because the shared lib files are
5919 not on-disk. However, when "postrm" is invoked with
5921 shared lib may exist on-disk under a temporary filename.
5922 </p>
5923 </footnote>
5924 </p>
5925 </sect1>
5927 </sect>
5932 <p>
5933 If your package contains files whose names do not change with
5934 each change in the library shared object version, you must not
5935 put them in the shared library package. Otherwise, several
5936 versions of the shared library cannot be installed at the same
5937 time without filename clashes, making upgrades and transitions
5938 unnecessarily difficult.
5939 </p>
5941 <p>
5942 It is recommended that supporting files and run-time support
5943 programs that do not need to be invoked manually by users, but
5944 are nevertheless required for the package to function, be placed
5947 If the program or file is architecture independent, the
5948 recommendation is for it to be placed in a subdirectory of
5952 names change when the shared object version changes.
5953 </p>
5955 <p>
5956 Run-time support programs that use the shared library but are
5957 not required for the library to function or files used by the
5958 shared library that can be used by any version of the shared
5959 library package should instead be put in a separate package.
5960 This package might typically be named
5963 </p>
5965 <p>
5966 Files and support programs only useful when compiling software
5967 against the library should be included in the development
5968 package for the library.<footnote>
5971 </footnote>
5972 </p>
5973 </sect>
5978 <p>
5980 is usually provided in addition to the shared version.
5981 It is placed into the development package (see below).
5982 </p>
5984 <p>
5985 In some cases, it is acceptable for a library to be
5986 available in static form only; these cases include:
5987 <list>
5988 <item>libraries for languages whose shared library support
5989 is immature or unstable</item>
5990 <item>libraries whose interfaces are in flux or under
5991 development (commonly the case when the library's
5992 major version number is zero, or where the ABI breaks
5993 across patchlevels)</item>
5994 <item>libraries which are explicitly intended to be
5995 available only in static form by their upstream
5996 author(s)</item>
5997 </list>
5998 </p>
6003 <p>
6004 If there are development files associated with a shared library,
6005 the source package needs to generate a binary development package
6007 need to support multiple development versions at a
6009 Installing the development package must result in installation of
6010 all the development files necessary for compiling programs against
6011 that shared library.<footnote>
6012 This wording allows the development files to be split into
6013 several packages, such as a separate architecture-independent
6015 the development package depends on all the required additional
6016 packages.
6017 </footnote>
6018 </p>
6020 <p>
6021 In case several development versions of a library exist, you may
6024 development version at a time (as different development versions are
6025 likely to have the same header files in them, which would cause a
6026 filename clash if both were unpacked).
6027 </p>
6029 <p>
6030 The development package should contain a symlink for the associated
6031 shared library without a version number. For example, the
6037 </p>
6039 <p>
6040 If the package provides Ada Library Information
6042 installed read-only (mode 0444) so that GNAT will not attempt to
6043 recompile them. This overrides the normal file mode requirements
6045 </p>
6046 </sect>
6051 <p>
6052 Typically the development version should have an exact
6053 version dependency on the runtime library, to make sure that
6054 compilation and linking happens correctly. The
6056 useful for this purpose.
6057 <footnote>
6059 was confusing and it has been deprecated since dpkg 1.13.19.
6060 </footnote>
6061 </p>
6062 </sect>
6065 <heading>Dependencies between the library and other
6066 packages</heading>
6068 <p>
6069 If a package contains a binary or library which links to a
6070 shared library, we must ensure that, when the package is
6071 installed on the system, all of the libraries needed are also
6072 installed. These dependencies must be added to the binary
6073 package when it is built, since they may change based on which
6074 version of a shared library the binary or library was linked
6075 with even if there are no changes to the source of the binary
6076 (for example, symbol versions change, macros become functions or
6077 vice versa, or the binary package may determine at compile-time
6078 whether new library interfaces are available and can be called).
6079 To allow these dependencies to be constructed, shared libraries
6082 package dependencies required to ensure the presence of
6083 interfaces provided by this library. Any package with binaries
6084 or libraries linking to a shared library must use these files to
6085 determine the required dependencies when it is built. Other
6086 packages which use a shared library (for example using
6088 using these files at build time as well.
6089 </p>
6091 <p>
6092 The two mechanisms differ in the degree of detail that they
6094 exported by a library, the minimal version of the package any
6095 binary using this symbol will need. This is typically the
6096 version of the package in which the symbol was introduced. This
6097 information permits detailed analysis of the symbols used by a
6098 particular package and construction of an accurate dependency,
6099 but it requires the package maintainer to track more information
6100 about the shared library.
6101 </p>
6103 <p>
6105 time the library ABI changed in any way. It only provides
6106 information about the library as a whole, not individual
6107 symbols. When a package is built using a shared library with
6109 require a version of the shared library equal to or newer than
6110 the version of the last ABI change. This generates
6111 unnecessarily restrictive dependencies compared
6113 package have changed. This, in turn, may make upgrades
6114 needlessly complex and unnecessarily restrict use of the package
6115 on systems with older versions of the shared libraries.
6116 </p>
6118 <p>
6121 files in some unusual corner cases.<footnote>
6124 instead of recording the actual SONAME. If the SONAME doesn't
6125 match one of the two expected formats
6127 cannot be represented.
6128 </footnote>
6129 </p>
6131 <p>
6133 shared library packages since they provide more accurate
6134 dependencies. For most C libraries, the additional detail
6136 maintain. However, maintaining exhaustive symbols information
6138 files may be more appropriate for most C++ libraries. Libraries
6139 with a corresponding udeb must also provide
6142 </p>
6147 <p>
6148 When a package that contains any shared libraries or compiled
6150 each shared library and compiled binary to determine the
6151 libraries used and hence the dependencies needed by the
6152 package.<footnote>
6155 the libraries and the symbols in those libraries directly
6156 needed by the binaries or shared libraries in the package.
6157 </footnote>
6160 List all of the compiled binaries, libraries, or loadable
6161 modules in your package.<footnote>
6163 correctly is to use a package helper framework such
6167 you. It will also correctly handle multi-binary packages.
6168 </footnote>
6171 to generate dependency information. The package must then
6172 provide a substitution variable into which the discovered
6173 dependency information can be placed.
6174 </p>
6176 <p>
6177 If you are creating a udeb for use in the Debian Installer,
6182 will automatically add this option if it knows it is
6183 processing a udeb.
6184 </footnote>. If there is no dependency line of
6187 regular dependency line.
6188 </p>
6190 <p>
6196 package built by this source package that contains compiled
6197 binaries, libraries, or loadable modules. If you have
6198 multiple binary packages, you will need to
6200 compiled libraries or binaries. For example, you could use
6203 binary package.<footnote>
6206 the addition of the variable to the control file for you if
6210 the appropriate flags.
6211 </footnote>
6212 </p>
6214 <p>
6217 </p>
6219 <p>
6222 library (that is, the library is listed in the
6224 to the link line when the binary is created). Other libraries
6227 linker will load them automatically when it
6229 libraries it directly uses, but not the libraries it only uses
6230 indirectly. The dependencies for the libraries used
6231 directly will automatically pull in the indirectly-used
6233 automatically, but package maintainers need to be aware of
6234 this distinction between directly and indirectly using a
6235 library if they have to override its results for some reason.
6236 <footnote>
6237 A good example of where this helps is the following. We
6239 supports a new revision of a graphics format called dgf (but
6240 retaining the same major version number) and depends on a
6244 directly or indirectly linked with a binary, every package
6248 Since dependencies are only added based on
6251 having the dependency on an appropriate version
6253 </footnote>
6254 </p>
6255 </sect1>
6260 <p>
6261 Maintaining a shared library package using
6263 requires being aware of the exposed ABI of the shared library
6268 the last change for the entire library.
6269 </p>
6271 <p>
6272 There are two types of ABI changes: ones that are
6273 backward-compatible and ones that are not. An ABI change is
6274 backward-compatible if any reasonable program or library that
6275 was linked with the previous version of the shared library
6276 will still work correctly with the new version of the shared
6277 library.<footnote>
6278 An example of an "unreasonable" program is one that uses
6279 library interfaces that are documented as internal and
6280 unsupported. If the only programs or libraries affected by
6281 a change are "unreasonable" ones, other techniques, such as
6283 packages or treating their usage of the library as bugs in
6284 those packages, may be appropriate instead of changing the
6285 SONAME. However, the default approach is to change the
6286 SONAME for any change to the ABI that could break a program.
6287 </footnote>
6288 Adding new symbols to the shared library is a
6289 backward-compatible change. Removing symbols from the shared
6290 library is not. Changing the behavior of a symbol may or may
6291 not be backward-compatible depending on the change; for
6292 example, changing a function to accept a new enum constant not
6293 previously used by the library is generally
6294 backward-compatible, but changing the members of a struct that
6295 is passed into library functions is generally not unless the
6296 library takes special precautions to accept old versions of
6297 the data structure.
6298 </p>
6300 <p>
6301 ABI changes that are not backward-compatible normally require
6303 shared library package name, which forces rebuilding all
6304 packages using that shared library to update their
6305 dependencies and allow them to use the new version of the
6306 shared library. For more information,
6308 section will deal with backward-compatible changes.
6309 </p>
6311 <p>
6312 Backward-compatible changes require either updating or
6316 more information on how to do this in the two formats, see
6318 rules that apply to both files.
6319 </p>
6321 <p>
6322 The easy case is when a public symbol is added. Simply add
6323 the version at which the symbol was introduced
6326 should be taken to update dependency versions when the
6327 behavior of a public symbol changes. This is easy to neglect,
6328 since there is no automated method of determining such
6329 changes, but failing to update versions in this case may
6330 result in binary packages with too-weak dependencies that will
6331 fail at runtime, possibly in ways that can cause security
6332 vulnerabilities. If the package maintainer believes that a
6333 symbol behavior change may have occurred but isn't sure, it's
6334 safer to update the version rather than leave it unmodified.
6335 This may result in unnecessarily strict dependencies, but it
6336 ensures that packages whose dependencies are satisfied will
6337 work properly.
6338 </p>
6340 <p>
6341 A common example of when a change to the dependency version
6342 is required is a function that takes an enum or struct
6343 argument that controls what the function does. For example:
6344 <example>
6345 enum library_op { OP_FOO, OP_BAR };
6346 int library_do_operation(enum library_op);
6347 </example>
6351 files) or the version in the dependency for the shared library
6354 binary built against the new version of the library (having
6355 detected at compile-time that the library
6359 function.
6360 </p>
6362 <p>
6365 Debian revision of the package, since the library behavior is
6366 normally fixed for a particular upstream version and any
6367 Debian packaging of that upstream version will have the same
6368 behavior. In the rare case that the library behavior was
6370 to the end of the version that includes the Debian revision is
6371 recommended, since this allows backports of the shared library
6372 package using the normal backport versioning convention to
6373 satisfy the dependency.
6374 </p>
6375 </sect1>
6380 <p>
6381 In the following sections, we will first describe where the
6385 shared library.
6386 </p>
6390 system</heading>
6392 <p>
6394 provided by the shared library package as a control file,
6395 but there are several override paths that are checked first
6396 in case that information is wrong or missing. The following
6397 list gives them in the order in which they are read
6399 the required information is used.
6400 <list>
6401 <item>
6404 <p>
6405 During the package build, if the package itself
6407 files, they will be generated in these staging
6410 files found in the build tree take precedence
6412 packages.
6413 </p>
6415 <p>
6416 These files must exist
6418 dependencies of binaries and libraries from a source
6419 package on other libraries from that same source
6420 package will not be correct. In practice, this means
6423 build.<footnote>
6424 An example may clarify. Suppose the source
6427 When building the binary packages, the contents of
6428 the packages are staged in the
6436 eventually to be included as a control file in that
6438 the
6440 it will examine
6443 dependencies are satisfied by any of the libraries
6445 were linked against the just-built shared library as
6450 the system.
6451 </footnote>
6452 </p>
6453 </item>
6455 <item>
6456 <p>
6459 </p>
6461 <p>
6462 Per-system overrides of shared library dependencies.
6463 These files normally do not exist. They are
6464 maintained by the local system administrator and must
6465 not be created by any Debian package.
6466 </p>
6467 </item>
6469 <item>
6471 installed on the system</p>
6473 <p>
6475 packages currently installed on the system are
6476 searched last. This will be the most common source of
6477 shared library dependency information. These files
6478 can be read with <tt>dpkg-query
6480 </p>
6481 </item>
6482 </list>
6483 </p>
6485 <p>
6487 in the source package, it will override
6492 </p>
6493 </sect2>
6498 <p>
6499 The following documents the format of
6501 packages. These files are built from
6505 do some of the tedious work involved in
6507 symbols or optional symbols that may not exist on particular
6509 a shared library package, refer
6511 richer syntax.
6512 </p>
6514 <p>
6516 for each shared library contained in the package
6518 the following format:
6519 </p>
6521 <p>
6522 <example>
6525 [...]
6527 [...]
6529 </example>
6530 </p>
6532 <p>
6534 package as an example, which (at the time of writing)
6535 installs the shared
6537 lines will be described first, followed by optional lines.
6538 </p>
6540 <p>
6544 This can be determined by using the command
6546 readelf -d /usr/lib/libz.so.1.2.3.4 | grep SONAME
6547 </example>
6548 </footnote>
6549 </p>
6551 <p>
6553 dependency field in a binary package control file, except
6556 nothing if an unversioned dependency is deemed sufficient.
6557 The version restriction will be based on which symbols from
6558 the shared library are referenced and the version at which
6559 they were introduced (see below). In nearly all
6563 containing the shared library. This adds a simple,
6564 possibly-versioned dependency on the shared library package.
6565 In some rare cases, such as when multiple packages provide
6566 the same shared library ABI, the dependency template may
6567 need to be more complex.
6568 </p>
6570 <p>
6571 In our example, the first line of
6574 libz.so.1 zlib1g #MINVER#
6575 </example>
6576 </p>
6578 <p>
6579 Each public symbol exported by the shared library must have
6580 a corresponding symbol line, indented by one
6585 recent version of the shared library that changed the
6586 behavior of that symbol, whether by adding it, changing its
6587 function signature (the parameters, their types, or the
6588 return type), or changing its behavior in a way that is
6589 visible to a caller.
6591 field that references
6593 a full description.
6594 </p>
6596 <p>
6600 version and last changed its behavior in upstream
6605 the lines:
6609 </example>
6614 </p>
6616 <p>
6618 may be provided. These are used in cases where some symbols
6619 in the shared library should use one dependency template
6620 while others should use a different template. The
6621 alternative dependency templates are used only if a symbol
6623 field. The first alternative dependency template is
6625 An example of where this may be needed is with a library
6626 that implements the libGL interface. All GL
6627 implementations provide the same set of base interfaces,
6628 and then may provide some additional interfaces only used
6629 by programs that require that specific GL implementation.
6630 So, for example, libgl1-mesa-glx may use the
6632 <example>
6633 libGL.so.1 libgl1
6634 | libgl1-mesa-glx #MINVER#
6636 [...]
6638 [...]
6639 </example>
6640 Binaries or shared libraries using
6643 packages), but ones
6646 </footnote>
6647 </p>
6649 <p>
6650 Finally, the entry for the library may contain one or more
6651 metadata fields. Currently, the only
6655 package</qref> on which packages using this shared library
6656 declare a build dependency. If this field is
6658 the resulting binary package dependency on the shared
6659 library is at least as strict as the source package
6660 dependency on the shared library development
6661 package.<footnote>
6662 This field should normally not be necessary, since if the
6663 behavior of any symbol has changed, the corresponding
6666 system more robust by tightening the dependency in cases
6667 where the package using the shared library specifically
6668 requires at least a particular version of the shared
6669 library development package for some reason.
6670 </footnote>
6672 file would contain:
6674 * Build-Depends-Package: zlib1g-dev
6675 </example>
6676 </p>
6678 <p>
6680 </p>
6681 </sect2>
6686 <p>
6687 If your package provides a shared library, you should
6689 following the format described above in that package. You
6692 </p>
6694 <p>
6696 the source package
6700 information varies by architecture. This file may use the
6703 part of the package build process. It will
6705 area based on the binaries and libraries in the package
6707 source package.<footnote>
6708 If you are
6712 </footnote>
6713 </p>
6715 <p>
6717 them up-to-date to ensure correct dependencies in packages
6718 that use the shared libraries. This means updating
6721 whenever a symbol changes behavior or signature in a
6728 provided by the library normally requires changing
6732 </p>
6733 </sect2>
6734 </sect1>
6739 <p>
6742 shared libraries. It may be more appropriate for C++
6743 libraries and other cases where tracking individual symbols is
6745 therefore frequently seen in older packages. It is also
6747 </p>
6749 <p>
6750 In the following sections, we will first describe where the
6754 </p>
6758 system</heading>
6760 <p>
6762 found. The following list gives them in the order in which
6764 one which gives the required information is used.)
6765 <list>
6766 <item>
6769 <p>
6770 This lists overrides for this package. This file
6771 should normally not be used, but may be needed
6772 temporarily in unusual situations to work around bugs
6773 in other packages, or in unusual cases where the
6774 normally declared dependency information in the
6776 cannot be used. This file overrides information
6777 obtained from any other source.
6778 </p>
6779 </item>
6781 <item>
6784 <p>
6785 This lists global overrides. This list is normally
6786 empty. It is maintained by the local system
6787 administrator.
6788 </p>
6789 </item>
6791 <item>
6795 <p>
6796 These files are generated as part of the package build
6797 process and staged for inclusion as control files in
6798 the binary packages being built. They provide details
6799 of any shared libraries included in the same package.
6800 </p>
6801 </item>
6803 <item>
6805 installed on the system</p>
6807 <p>
6809 packages currently installed on the system. These
6810 files can be read using <tt>dpkg-query
6812 </p>
6813 </item>
6815 <item>
6818 <p>
6819 This file lists any shared libraries whose packages
6822 was first introduced, but it is now normally empty.
6824 </p>
6825 </item>
6826 </list>
6827 </p>
6829 <p>
6835 </p>
6836 </sect2>
6841 <p>
6844 are ignored. Each line is of the form:
6846 [<var>type</var>: ]<var>library-name</var> <var>soname-version</var> <var>dependencies ...</var>
6847 </example>
6848 </p>
6850 <p>
6851 We will explain this by reference to the example of the
6853 installs the shared
6855 </p>
6857 <p>
6859 type of package for which the line is valid. The only type
6861 after the type are required.
6862 </p>
6864 <p>
6867 of the soname, see below.)
6868 </p>
6870 <p>
6874 recommended shared library package name is determined.
6876 </p>
6878 <p>
6880 field in a binary package control file. It should give
6881 details of which packages are required to satisfy a binary
6882 built against the version of the library contained in the
6885 to maintain the dependency version constraint.
6886 </p>
6888 <p>
6890 package that could change behavior for a client of that
6895 </example>
6896 This version restriction must be new enough that any binary
6897 built against the current version of the library will work
6898 with any version of the shared library that satisfies that
6899 dependency.
6900 </p>
6902 <p>
6903 As zlib1g also provides a udeb containing the shared
6904 library, there would also be a second line:
6907 </example>
6908 </p>
6909 </sect2>
6911 <sect2>
6914 <p>
6917 the format described above and place it in
6919 the build. It will then be included as a control file for
6920 that package<footnote>
6923 package also has a udeb that provides a shared
6927 </footnote>.
6928 </p>
6930 <p>
6933 packages being built from this source package, all of
6936 binary packages.
6937 </p>
6938 </sect2>
6939 </sect1>
6940 </sect>
6941 </chapt>
6946 <sect>
6953 <p>
6954 The location of all files and directories must comply with the
6955 Filesystem Hierarchy Standard (FHS), version 2.3, with the
6956 exceptions noted below, and except where doing so would
6957 violate other terms of Debian Policy. The following
6958 exceptions to the FHS apply:
6960 <enumlist>
6961 <item>
6962 <p>
6963 The FHS requirement that architecture-independent
6964 application-specific static files be located in
6968 be used by a package (or a collection of packages) to hold a
6969 mixture of architecture-independent and
6970 architecture-dependent files. However, when a directory is
6971 entirely composed of architecture-independent files, it
6973 </p>
6974 </item>
6975 <item>
6976 <p>
6977 The optional rules related to user specific
6978 configuration files for applications are stored in
6979 the user's home directory are relaxed. It is
6980 recommended that such files start with the
6982 application needs to create more than one dot file
6983 then the preferred placement is in a subdirectory
6984 with a name starting with a '.' character, (a "dot
6985 directory"). In this case it is recommended the
6986 configuration files not start with the '.'
6987 character.
6988 </p>
6989 </item>
6990 <item>
6991 <p>
6993 for 64 bit binaries is removed.
6994 </p>
6995 </item>
6996 <item>
6997 <p>
6998 The requirement for object files, internal binaries, and
7002 to instead be installed to
7009 than the one matching the architecture of that package;
7011 containing 32-bit x86 libraries may not install these
7013 <footnote>
7014 This is necessary in order to reserve the directories for
7015 use in cross-installation of library packages from other
7017 </footnote>
7018 </p>
7019 <p>
7020 The requirement for C and C++ headers files to be
7021 accessible through the search path
7023 be accessible through the search path
7026 This is necessary for architecture-dependent headers
7028 </footnote>
7029 </p>
7030 <p>
7031 Applications may also use a single subdirectory under
7033 </p>
7034 <p>
7035 The execution time linker/loader, ld*, must still be made
7036 available in the existing location under /lib or /lib64
7037 since this is part of the ELF ABI for the architecture.
7038 </p>
7039 </item>
7040 <item>
7041 <p>
7042 The requirement that
7045 recommendation</p>
7046 </item>
7047 <item>
7048 <p>
7049 The requirement that windowmanagers with a single
7051 is removed, as is the restriction that the window
7052 manager subdirectory be named identically to the
7053 window manager name itself.
7054 </p>
7055 </item>
7056 <item>
7057 <p>
7058 The requirement that boot manager configuration
7060 symlinked there, is relaxed to a recommendation.
7061 </p>
7062 </item>
7063 <item>
7064 <p>
7075 naming conventions, file format requirements, or the
7076 requirement that files be cleared during the boot
7077 process. Files and directories residing
7079 file system.
7080 </p>
7081 </item>
7082 <item>
7083 <p>
7085 additionally allowed. <footnote>This directory is used as
7086 mount point to mount virtual filesystems to get access to
7087 kernel information.</footnote>
7088 </p>
7089 </item>
7090 <item>
7091 <p>
7093 </p>
7094 </item>
7095 <item>
7096 <p>
7103 </p>
7104 </item>
7105 <item>
7106 <p>
7107 On GNU/Hurd systems, the following additional
7108 directories are allowed in the root
7111 These directories are used to store translators and as
7112 a set of standard names for mount points,
7113 respectively.
7114 </footnote>
7115 </p>
7116 </item>
7117 </enumlist>
7118 </p>
7120 <p>
7121 The version of this document referred here can be
7126 you can try <url
7129 latest version, which may be a more recent version, may
7130 be found on
7132 Specific questions about following the standard may be
7134 referred to the FHS mailing list (see the
7136 more information).
7137 </p>
7138 </sect1>
7140 <sect1>
7143 <p>
7144 As mandated by the FHS, packages must not place any
7147 or by manipulating them in their maintainer scripts.
7148 </p>
7150 <p>
7151 However, the package may create empty directories below
7153 where to place site-specific files. These are not
7157 should be removed on package removal if they are
7158 empty.
7159 </p>
7161 <p>
7162 Note that this applies only to
7165 not create sub-directories in the
7167 listed in FHS, section 4.5. However, you may create
7168 directories below them as you wish. You must not remove
7169 any of the directories listed in 4.5, even if you created
7170 them.
7171 </p>
7173 <p>
7175 remote server, these directories must be created and
7177 maintainer scripts and not be included in the
7179 either of these operations fail.
7180 </p>
7182 <p>
7184 contain something like
7186 if [ ! -e /usr/local/share/emacs ]; then
7188 if chown root:staff /usr/local/share/emacs; then
7189 chmod 2775 /usr/local/share/emacs || true
7190 fi
7191 fi
7192 fi
7193 </example>
7198 </example>
7200 used to ensure that if the script is interrupted, the
7202 removed.)
7203 </p>
7205 <p>
7207 local additions to a package, you should ensure that
7210 </p>
7212 <p>
7214 for exclusive use of the local administrator, a package
7215 must not rely on the presence or absence of files or
7217 </p>
7219 <p>
7221 subdirectories created by the package should (by default) have
7222 permissions 2775 (group-writable and set-group-id) and be
7224 </p>
7225 </sect1>
7227 <sect1>
7229 <p>
7230 The system-wide mail directory
7232 base system and should not be owned by any particular mail
7233 agents. The use of the old
7235 though the spool may still be physically located there.
7236 </p>
7237 </sect1>
7242 <p>
7244 by being a mount point for a temporary file system. Packages
7245 therefore must not assume that any files or directories
7247 exist unless the package has arranged to create those files or
7248 directories since the last reboot. Normally, this is done by
7250 for more information.
7251 </p>
7253 <p>
7254 Packages must not include files or directories
7257 The latter paths will normally be symlinks or other
7259 </p>
7260 </sect1>
7261 </sect>
7263 <sect>
7266 <sect1>
7268 <p>
7269 The Debian system can be configured to use either plain or
7270 shadow passwords.
7271 </p>
7273 <p>
7274 Some user ids (UIDs) and group ids (GIDs) are reserved
7275 globally for use by certain packages. Because some
7276 packages need to include files which are owned by these
7277 users or groups, or need the ids compiled into binaries,
7278 these ids must be used on any Debian system only for the
7279 purpose for which they are allocated. This is a serious
7280 restriction, and we should avoid getting in the way of
7281 local administration policies. In particular, many sites
7282 allocate users and/or local system groups starting at 100.
7283 </p>
7285 <p>
7286 Apart from this we should have dynamically allocated ids,
7287 which should by default be arranged in some sensible
7288 order, but the behavior should be configurable.
7289 </p>
7291 <p>
7295 </p>
7296 </sect1>
7298 <sect1>
7300 <p>
7301 The UID and GID numbers are divided into classes as
7302 follows:
7303 <taglist>
7305 <item>
7306 <p>
7307 Globally allocated by the Debian project, the same
7308 on every Debian system. These ids will appear in
7310 Debian systems, new ids in this range being added
7312 updated.
7313 </p>
7315 <p>
7316 Packages which need a single statically allocated
7317 uid or gid should use one of these; their
7319 maintainer for ids.
7320 </p>
7321 </item>
7324 <item>
7325 <p>
7326 Dynamically allocated system users and groups.
7327 Packages which need a user or group, but can have
7328 this user or group allocated dynamically and
7329 differently on each system, should use <tt>adduser
7330 --system</tt> to create the group and/or user.
7332 the user or group, and if necessary choose an unused
7333 id based on the ranges specified in
7335 </p>
7336 </item>
7339 <item>
7340 <p>
7341 Dynamically allocated user accounts. By default
7343 user accounts in this range, though
7345 behavior.
7346 </p>
7347 </item>
7350 <item>
7351 <p>
7352 Globally allocated by the Debian project, but only
7353 created on demand. The ids are allocated centrally
7354 and statically, but the actual accounts are only
7355 created on users' systems on demand.
7356 </p>
7358 <p>
7359 These ids are for packages which are obscure or
7360 which require many statically-allocated ids. These
7361 packages should check for and create the accounts in
7364 necessary. Packages which are likely to require
7365 further allocations should have a "hole" left after
7366 them in the allocation, to give them room to
7367 grow.
7368 </p>
7369 </item>
7372 <item>
7374 </item>
7377 <item>
7378 <p>
7381 </p>
7382 </item>
7385 <item>
7386 <p>
7389 was 16 bits.
7390 </p>
7391 </item>
7394 <item>
7395 <p>
7396 Dynamically allocated user accounts. By
7398 and GIDs in this range, to ease compatibility with
7400 bits.
7401 </p>
7402 </item>
7405 <item>
7406 <p>
7408 used, because it is used as the anonymous, unauthenticated
7409 user by some NFS implementations.
7410 </p>
7411 </item>
7414 <item>
7415 <p>
7417 not</em> be used, because it is the error return
7418 sentinel value.
7419 </p>
7420 </item>
7421 </taglist>
7422 </p>
7423 </sect1>
7424 </sect>
7432 <p>
7437 </p>
7439 <p>
7440 There are at least two different, yet functionally
7441 equivalent, ways of handling these scripts. For the sake
7442 of simplicity, this document describes only the symbolic
7443 link method. However, it must not be assumed by maintainer
7444 scripts that this method is being used, and any automated
7445 manipulation of the various runlevel behaviors by
7446 maintainer scripts must be performed using
7448 manually installing or removing symlinks. For information
7449 on the implementation details of the other method,
7451 to the documentation of that package.
7452 </p>
7454 <p>
7455 These scripts are referenced by symbolic links in the
7461 scripts.
7462 </p>
7464 <p>
7465 The names of the links all have the form
7469 is the name of the script (this should be the same as the
7471 </p>
7473 <p>
7482 link for starting services upon entering the runlevel.
7483 </p>
7485 <p>
7486 For example, if we are changing from runlevel 2 to
7491 referred-to file to be executed with an argument of
7494 </p>
7496 <p>
7498 the order in which to run the scripts: low-numbered links
7499 have their scripts run first. For example, the
7502 must be started before another. For example, the name
7505 can set up its access lists. In this case, the script
7508 runs first:
7510 /etc/rc2.d/S17bind
7511 /etc/rc2.d/S70inn
7512 </example>
7513 </p>
7515 <p>
7517 different. In these runlevels, the links with an
7521 </p>
7522 </sect1>
7527 <p>
7528 Packages that include daemons for system services should
7530 services at boot time or during a change of runlevel.
7531 These scripts should be named
7533 accept one argument, saying what to do:
7535 <taglist>
7543 <item>stop and restart the service if it's already running,
7544 otherwise start the service</item>
7547 <item>restart the service if it's already running,
7548 otherwise just report success.</item>
7551 <item><p>cause the configuration of the service to be
7552 reloaded without actually stopping and restarting
7553 the service,</item>
7556 <item>cause the configuration to be reloaded if the
7557 service supports this, otherwise restart the
7558 service.</item>
7562 </taglist>
7569 optional.
7570 </p>
7572 <p>
7574 behave sensibly (i.e., returning success and not starting
7577 when it isn't, and that they don't kill unfortunately-named
7578 user processes. The best way to achieve this is usually to
7580 option.
7581 </p>
7583 <p>
7586 accepting various error exit statuses when daemons are already
7587 running or already stopped without aborting
7590 in effect<footnote>
7593 in effect and echoing status messages to the console fails,
7594 for example.
7597 each command separately.
7598 </p>
7600 <p>
7601 If a service reloads its configuration automatically (as
7604 should behave as if the configuration has been reloaded
7605 successfully.
7606 </p>
7608 <p>
7610 configuration files, either (if they are present in the
7611 package, that is, in the .deb file) by marking them as
7613 by managing them correctly in the maintainer scripts (see
7615 to give the local system administrator the chance to adapt
7616 the scripts to the local system, e.g., to disable a
7617 service without de-installing the package, or to specify
7618 some special command line options when starting a service,
7619 while making sure their changes aren't lost during the next
7620 package upgrade.
7621 </p>
7623 <p>
7624 These scripts should not fail obscurely when the
7625 configuration files remain but the package has been
7626 removed, as configuration files remain on the system after
7629 configuration files be removed. In particular, as the
7632 if the package is removed but not purged. Therefore, you
7634 script, like this:
7637 </example>
7638 </p>
7640 <p>
7642 scripts whose values control the behavior of the scripts,
7643 and which a system administrator is likely to want to
7644 change. As the scripts themselves are frequently
7646 administrator merge in their changes each time the package
7648 the burden on the system administrator, such configurable
7649 values should not be placed directly in the script.
7650 Instead, they should be placed in a file in
7653 should be sourced by the script when the script runs. It
7654 must contain only variable settings and comments in SUSv3
7658 for more details.
7659 </p>
7661 <p>
7662 To ensure that vital configurable values are always
7664 values for each of the shell variables it uses, either
7666 afterwards using something like the <tt>:
7668 script must behave sensibly and not fail if the
7670 </p>
7672 <p>
7676 filesystem and are normally not persistent across a reboot.
7678 This will typically mean creating any required subdirectories
7681 </p>
7682 </sect1>
7684 <sect1>
7687 <p>
7688 Maintainers should use the abstraction layer provided by
7690 programs to deal with initscripts in their packages'
7693 </p>
7695 <p>
7696 Directly managing the /etc/rc?.d links and directly
7698 be done only by packages providing the initscript
7701 </p>
7703 <sect2>
7706 <p>
7708 package maintainers to arrange for the proper creation and
7710 or their functional equivalent if another method is being
7711 used. This may be used by maintainers in their packages'
7713 </p>
7715 <p>
7717 symbolic links in the actual archive or manually create or
7718 remove the symbolic links in maintainer scripts; you must
7720 former will fail if an alternative method of maintaining
7721 runlevel information is being used.) You must not include
7724 package may do so.)
7725 </p>
7727 <p>
7730 and stop them in the halt runlevel (0), the single-user
7732 administrator will have the opportunity to customize
7733 runlevels by simply adding, moving, or removing the
7735 symbolic links are being used, or by modifying
7737 is being used.
7738 </p>
7740 <p>
7741 To get the default behavior for your package, put in your
7745 </example>
7748 if [ "$1" = purge ]; then
7750 fi
7751 </example>. Note that if your package changes runlevels
7752 or priority, you may have to remove and recreate the links,
7753 since otherwise the old links may persist. Refer to the
7755 </p>
7757 <p>
7758 This will use a default sequence number of 20. If it does
7760 script is run, use this default. If it does, then you
7763 help you choose a number.
7764 </p>
7766 <p>
7770 </p>
7771 </sect2>
7773 <sect2>
7775 <p>
7777 it easier for package maintainers to properly invoke an
7778 initscript, obeying runlevel and other locally-defined
7779 constraints that might limit a package's right to start,
7780 stop and otherwise manage services. This program may be
7781 used by maintainers in their packages' scripts.
7782 </p>
7784 <p>
7785 The package maintainer scripts must use
7788 calling them directly.
7789 </p>
7791 <p>
7793 action requests (start, stop, reload, restart...) to the
7795 to start or restart a service out of its intended
7796 runlevels.
7797 </p>
7799 <p>
7800 Most packages will simply need to change:
7807 </example>
7808 </p>
7810 <p>
7811 A package should register its initscript services using
7814 unregistered services may fail.
7815 </p>
7817 <p>
7818 For more information about using
7821 </p>
7822 </sect2>
7823 </sect1>
7825 <sect1>
7828 <p>
7830 which contained scripts which were run once per machine
7831 boot. This has been deprecated in favour of links from
7835 </p>
7836 </sect1>
7838 <sect1>
7841 <p>
7842 An example on which you can base your
7845 </p>
7847 </sect1>
7848 </sect>
7850 <sect>
7853 <p>
7854 This section describes the formats to be used for messages
7856 scripts. The intent is to improve the consistency of
7857 Debian's startup and shutdown look and feel. For this
7858 reason, please look very carefully at the details. We want
7859 the messages to have the same format in terms of wording,
7860 spaces, punctuation and case of letters.
7861 </p>
7863 <p>
7864 Here is a list of overall rules that should be used for
7866 </p>
7868 <p>
7869 <list>
7870 <item>
7871 The message should fit in one line (fewer than 80
7872 characters), start with a capital letter and end with
7874 </item>
7876 <item>
7877 If the script is performing some time consuming task in
7878 the background (not merely starting or stopping a
7879 program, for instance), an ellipsis (three dots:
7881 leading or tailing whitespace or line feeds.
7882 </item>
7884 <item>
7885 The messages should appear as if the computer is telling
7886 the user what it is doing (politely :-), but should not
7887 mention "it" directly. For example, instead of:
7889 I'm starting network daemons: nfsd mountd.
7890 </example>
7891 the message should say
7893 Starting network daemons: nfsd mountd.
7894 </example>
7895 </item>
7896 </list>
7897 </p>
7899 <p>
7901 message formats for the situations enumerated below.
7902 </p>
7904 <p>
7905 <list>
7906 <item>
7909 <p>
7910 If the script starts one or more daemons, the output
7911 should look like this (a single line, no leading
7912 spaces):
7915 </example>
7917 subsystem the daemon or set of daemons are part of,
7919 denote each daemon's name (typically the file name of
7920 the program).
7921 </p>
7923 <p>
7925 would look like:
7927 Starting printer spooler: lpd.
7928 </example>
7929 </p>
7931 <p>
7932 This can be achieved by saying
7934 echo -n "Starting printer spooler: lpd"
7935 start-stop-daemon --start --quiet --exec /usr/sbin/lpd
7936 echo "."
7937 </example>
7938 in the script. If there are more than one daemon to
7939 start, the output should look like this:
7941 echo -n "Starting remote file system services:"
7942 echo -n " nfsd"; start-stop-daemon --start --quiet nfsd
7943 echo -n " mountd"; start-stop-daemon --start --quiet mountd
7944 echo -n " ugidd"; start-stop-daemon --start --quiet ugidd
7945 echo "."
7946 </example>
7947 This makes it possible for the user to see what is
7948 happening and when the final daemon has been started.
7949 Care should be taken in the placement of white spaces:
7950 in the example above the system administrators can
7951 easily comment out a line if they don't want to start
7952 a specific daemon, while the displayed message still
7953 looks good.
7954 </p>
7955 </item>
7957 <item>
7960 <p>
7961 If you have to set up different system parameters
7962 during the system boot, you should use this format:
7965 </example>
7966 </p>
7968 <p>
7969 You can use a statement such as the following to get
7970 the quotes right:
7973 </example>
7974 </p>
7976 <p>
7978 for the left and right quotation marks. A grave accent
7981 </p>
7982 </item>
7984 <item>
7987 <p>
7988 When you stop or restart a daemon, you should issue a
7989 message identical to the startup message, except that
7992 </p>
7994 <p>
7995 For example, stopping the printer daemon will look like
7996 this:
7998 Stopping printer spooler: lpd.
7999 </example>
8000 </p>
8001 </item>
8003 <item>
8006 <p>
8007 There are several examples where you have to run a
8008 program at system startup or shutdown to perform a
8009 specific task, for example, setting the system's clock
8011 when the system shuts down. Your message should look
8012 like this:
8014 Doing something very useful...done.
8015 </example>
8017 the job has been completed, so that the user is
8018 informed why they have to wait. You can get this
8019 behavior by saying
8021 echo -n "Doing something very useful..."
8022 do_something
8023 echo "done."
8024 </example>
8025 in your script.
8026 </p>
8027 </item>
8029 <item>
8032 <p>
8033 When a daemon is forced to reload its configuration
8034 files you should use the following format:
8037 </example>
8039 daemon starting message.
8040 </p>
8041 </item>
8042 </list>
8043 </p>
8044 </sect>
8049 <p>
8050 Packages must not modify the configuration file
8053 </p>
8055 <p>
8056 If a package wants to install a job that has to be executed via
8057 cron, it should place a file named as specified
8059 directories:
8061 /etc/cron.hourly
8062 /etc/cron.daily
8063 /etc/cron.weekly
8064 /etc/cron.monthly
8065 </example>
8066 As these directory names imply, the files within them are
8067 executed on an hourly, daily, weekly, or monthly basis,
8068 respectively. The exact times are listed in
8070 </p>
8072 <p>
8073 All files installed in any of these directories must be
8074 scripts (e.g., shell scripts or Perl scripts) so that they
8075 can easily be modified by the local system administrator.
8076 In addition, they must be treated as configuration files.
8077 </p>
8079 <p>
8080 If a certain job has to be executed at some other frequency or
8081 at a specific time, the package should install a file in
8086 treated as a configuration file. (Note that entries in the
8089 directory for jobs which may be skipped if the system is not
8090 running.)
8091 </p>
8093 <p>
8100 <enumlist>
8108 </enumlist>
8109 Ranges of numbers are allowed. Ranges are two numbers
8110 separated with a hyphen. The specified range is inclusive.
8111 Lists are allowed. A list is a set of numbers (or ranges)
8112 separated by commas. Step values can be used in conjunction
8113 with ranges.
8114 </p>
8116 <p>
8118 check if all necessary programs are installed before they
8119 try to execute them. Otherwise, problems will arise when a
8120 package was removed but not purged since configuration files
8121 are kept on the system in this situation.
8122 </p>
8124 <p>
8128 must also support names for days and months, ranges, and
8130 and correctly execute the scripts in
8132 execute scripts in
8134 </p>
8139 <p>
8140 The file name of a cron job file should normally match the
8141 name of the package from which it comes.
8142 </p>
8144 <p>
8145 If a package supplies multiple cron job files files in the
8146 same directory, the file names should all start with the name
8147 of the package (possibly modified as described below) followed
8149 </p>
8151 <p>
8152 A cron job file name must not include any period or plus
8156 characters.
8157 </p>
8158 </sect1>
8159 </sect>
8164 <p>
8165 Packages shipping applications that comply with minimal requirements
8166 described below for integration with desktop environments should
8167 register these applications in the desktop menu, following the
8172 and complementary information can be found in the
8175 </p>
8177 <p>
8178 The desktop entry files are installed by the packages in the
8181 not necessary to depend on packages providing FreeDesktop menu
8182 systems.
8183 </p>
8185 <p>
8186 Entries displayed in the FreeDesktop menu should conform to the
8187 following minima for relevance and visual integration.
8189 <list>
8190 <item>
8191 Unless hidden by default, the desktop entry must point to a PNG
8192 or SVG icon with a transparent background, providing at least
8194 should be neutral enough to integrate well with the default icon
8195 themes. It is encouraged to ship the icon in the default
8198 </item>
8200 <item>
8201 If the menu entry is not useful in the general case as a
8202 standalone application, the desktop entry should set the
8204 configured to be displayed only by those who need it.
8205 </item>
8207 <item>
8208 In doubt, the package maintainer should coordinate with the
8209 maintainers of menu implementations through the
8211 with categories or bad interactions with other icons. Especially
8212 for packages which are part of installation tasks, the contents
8214 validated by the maintainers of the relevant environments.
8215 </item>
8216 </list>
8217 </p>
8219 <p>
8220 Since the FreeDesktop menu is a cross-distribution standard, the
8221 desktop entries written for Debian should be forwarded upstream,
8222 where they will benefit to other users and are more likely to
8223 receive extra contributions such as translations.
8224 </p>
8226 <p>
8227 Packages can, to be compatible with Debian additions to some window
8228 managers that do not support the FreeDesktop standard, also provide a
8234 </p>
8235 </sect>
8240 <p>
8241 Media types (formerly known as MIME types, Multipurpose Internet Mail
8243 data streams and providing meta-information about them, in particular
8246 </p>
8248 <p>
8249 Registration of media type handlers allows programs like mail
8250 user agents and web browsers to invoke these handlers to
8251 view, edit or display media types they don't support directly.
8252 </p>
8254 <p>
8255 There are two overlapping systems to associate media types to programs
8258 aimed at Desktop environments. In Debian, FreeDesktop entries are
8259 automatically translated in mailcap entries, therefore packages
8260 already using desktop entries should not use the mailcap system
8261 directly.
8262 </p>
8267 <p>
8268 Packages shipping an application able to view, edit or point to
8269 files of a given media type, or open links with a given URI scheme,
8274 </p>
8275 </sect1>
8280 <p>
8281 Packages that are not using desktop entries for registration should
8284 file name should be the binary package's name.
8285 </p>
8287 <p>
8291 triggers<footnote>
8292 Creating, modifying or removing a file in
8294 not activate the trigger. In that case, it can be done by calling
8296 the maintainer script after creating, modifying, or removing
8297 the file.
8298 </footnote>.
8300 <p>
8301 Packages installing desktop entries should not install mailcap
8302 entries for the same program, because the
8304 entries.
8305 </p>
8307 <p>
8310 </p>
8311 </sect1>
8316 <p>
8317 The media type of a file is discovered by inspecting the file's
8319 interrogating a database associating them with media types.
8320 </p>
8322 <p>
8323 To support new associations between media types and files, their
8324 characteristic file extensions and magic patterns should be
8325 registered to the IANA (Internet Assigned Numbers Authority). See
8327 for details. This information will then propagate to the systems
8328 discovering file media types in Debian, provided by the
8331 packages. If registration and propagation can not be waited for,
8332 support can be asked to the maintainers of the packages mentioned
8333 above.
8334 </p>
8336 <p>
8337 For files that are produced and read by a single application, it
8338 is also possible to declare this association to the
8342 </p>
8343 </sect1>
8344 </sect>
8346 <sect>
8349 <p>
8350 To achieve a consistent keyboard configuration so that all
8351 applications interpret a keyboard event the same way, all
8352 programs in the Debian distribution must be configured to
8353 comply with the following guidelines.
8354 </p>
8356 <p>
8357 The following keys must have the specified interpretations:
8359 <taglist>
8368 </taglist>
8370 The interpretation of any keyboard events should be
8371 independent of the terminal that is used, be it a virtual
8372 console, an X terminal emulator, an rlogin/telnet session,
8373 etc.
8374 </p>
8376 <p>
8377 The following list explains how the different programs
8378 should be set up to achieve this:
8379 </p>
8381 <p>
8382 <list>
8383 <item>
8385 </item>
8387 <item>
8389 </item>
8391 <item>
8392 X translations are set up to make
8395 is the vt220 escape code for the "delete character"
8396 key). This must be done by loading the X resources
8398 using the application defaults, so that the
8399 translation resources used correspond to the
8401 </item>
8403 <item>
8404 The Linux console is configured to make
8407 </item>
8409 <item>
8412 applications already work like this.
8413 </item>
8415 <item>
8417 </item>
8419 <item>
8423 </item>
8425 <item>
8431 </item>
8433 <item>
8436 with ASCII DEL being "delete previous character" and
8438 cursor".
8439 </item>
8441 </list>
8442 </p>
8444 <p>
8445 This will solve the problem except for the following
8446 cases:
8447 </p>
8449 <p>
8450 <list>
8451 <item>
8454 these terminals Emacs help will be unavailable on
8456 character takes precedence in Emacs, and has been set
8458 available) can be used instead.
8459 </item>
8461 <item>
8463 erase</tt>. However, modern telnet versions and all
8467 correctly, things can be made to work by using
8469 </item>
8471 <item>
8472 Some systems (including previous Debian versions) use
8476 their X clients using the same X resources that we use
8477 to do it for our own clients, or configure our clients
8478 using their resources when things are the other way
8479 around. On displays configured like this
8481 will.
8482 </item>
8484 <item>
8489 log in from a system conforming to our policy, but
8491 </item>
8492 </list>
8493 </p>
8494 </sect>
8496 <sect>
8499 <p>
8500 A program must not depend on environment variables to get
8501 reasonable defaults. (That's because these environment
8502 variables would have to be set in a system-wide
8504 supported by all shells.)
8505 </p>
8507 <p>
8508 If a program usually depends on environment variables for its
8509 configuration, the program should be changed to fall back to
8510 a reasonable default configuration if these environment
8511 variables are not present. If this cannot be done easily
8512 (e.g., if the source code of a non-free program is not
8513 available), the program must be replaced by a small
8514 "wrapper" shell script which sets the environment variables
8515 if they are not already defined, and calls the original program.
8516 </p>
8518 <p>
8519 Here is an example of a wrapper script for this purpose:
8522 #!/bin/sh
8523 BAR=${BAR:-/var/lib/fubar}
8524 export BAR
8525 exec /usr/lib/foo/foo "$@"
8526 </example>
8527 </p>
8529 <p>
8532 not put any environment variables or other commands into that
8533 file.
8534 </p>
8535 </sect>
8540 <p>
8542 flexible mechanism for handling and presenting
8543 documentation. The recommended practice is for every Debian
8544 package that provides online documentation (other than just
8545 manual pages) to register these documents with
8549 </p>
8550 <p>
8551 Please refer to the documentation that comes with the
8553 details.
8554 </p>
8555 </sect>
8559 <p>
8560 A number of other init systems are available now in Debian that
8562 init implementations must support running SysV init scripts as
8564 </p>
8565 <p>
8566 Packages may integrate with these replacement init systems by
8567 providing implementation-specific configuration information about
8568 how and when to start a service or in what order to run certain
8569 tasks at boot time. However, any package integrating with other
8570 init systems must also be backwards-compatible with
8572 with the same name as and equivalent functionality to any
8573 init-specific job, as this is the only start-up configuration
8574 method guaranteed to be supported by all init implementations. An
8575 exception to this rule is scripts or jobs provided by the init
8576 implementation itself; such jobs may be required for an
8578 scripts and may not have a one-to-one correspondence with the init
8579 scripts.
8580 </p>
8584 <p>
8586 boot system by installing job files in the
8588 an equivalent upstart job is available must query the output of
8591 upstart job, using a test such as this:
8593 if [ "$1" = start ] && which initctl >/dev/null && initctl version | grep -q upstart
8594 then
8595 exit 1
8596 fi
8597 </example>
8598 </p>
8599 <p>
8600 Because packages shipping upstart jobs may be installed on
8601 systems that are not using upstart, maintainer scripts must
8604 and for starting and stopping services. These maintainer
8607 interfaces directly. Instead, implementations of
8609 when an upstart job with the same name as an init script is
8610 present, and perform the requested action using the upstart job
8611 instead of the init script.
8612 </p>
8613 <p>
8614 Dependency-based boot managers for SysV init scripts, such as
8616 entirely when an equivalent upstart job is present, to avoid
8617 unnecessary forking of no-op init scripts. In this case, the
8618 boot manager should integrate with upstart to detect when the
8619 upstart job in question is started or stopped to know when the
8620 dependency has been satisfied.
8621 </p>
8622 </sect1>
8623 </sect>
8625 </chapt>
8634 <p>
8635 Two different packages must not install programs with
8636 different functionality but with the same filenames. (The
8637 case of two programs having the same functionality but
8638 different implementations is handled via "alternatives" or
8641 one of the programs must be renamed. The maintainers should
8643 try to find a consensus about which program will have to be
8645 programs must be renamed.
8646 </p>
8647 <p>
8653 </p>
8654 <p>
8657 package, and a compatibility symlink at the old path is needed,
8658 the symlink must be managed in a way that will not break
8661 directory due to symlinks or other mechanisms.
8662 </p>
8663 <p>
8664 Binary executables must not be statically linked with the GNU C
8665 library, since this prevents the binary from benefiting from
8666 fixes and improvements to the C library without being rebuilt
8667 and complicates security updates. This requirement may be
8668 relaxed for binary executables whose intended purpose is to
8669 diagnose and fix the system in situations where the GNU C
8670 library may not be usable (such as system recovery shells or
8671 utilities like ldconfig) or for binary executables where the
8672 security benefits of static linking outweigh the drawbacks.
8673 </p>
8674 <p>
8675 By default, when a package is being built, any binaries
8676 created should include debugging information, as well as
8677 being compiled with optimization. You should also turn on
8678 as many reasonable compilation warnings as possible; this
8679 makes life easier for porters, who can then look at build
8680 logs for possible problems. For the C programming language,
8681 this means the following compilation parameters should be
8682 used:
8684 CC = gcc
8685 CFLAGS = -O2 -g -Wall # sane warning options vary between programs
8686 LDFLAGS = # none
8687 INSTALL = install -s # (or use strip on the files in debian/tmp)
8688 </example>
8689 </p>
8691 <p>
8692 Note that by default all installed binaries should be stripped,
8695 the binaries after they have been copied into
8697 package.
8698 </p>
8700 <p>
8701 Although binaries in the build tree should be compiled with
8702 debugging information by default, it can often be difficult to
8703 debug programs if they are also subjected to compiler
8704 optimization. For this reason, it is recommended to support the
8707 several flags to change how a package is compiled and built.
8708 </p>
8710 <p>
8711 It is up to the package maintainer to decide what
8712 compilation options are best for the package. Certain
8713 binaries (such as computationally-intensive programs) will
8715 example); feel free to use them. Please use good judgment
8716 here. Don't use flags for the sake of it; only use them
8717 if there is good reason to do so. Feel free to override
8718 the upstream author's ideas about which compilation
8719 options are best: they are often inappropriate for our
8720 environment.
8721 </p>
8722 </sect>
8728 <p>
8730 the shared library compilation and linking flags must have
8732 the supported architectures<footnote>
8733 <p>
8735 relocatable position independent code, which is required for
8736 most architectures to create a shared library, with i386 and
8737 perhaps some others where non position independent code is
8738 permitted in a shared library.
8739 </p>
8740 <p>
8741 Position independent code may have a performance penalty,
8743 speed penalty must be measured against the memory wasted on
8744 the few architectures where non position independent code is
8745 even possible.
8746 </p>
8747 </footnote>. Any exception to this rule must be discussed on
8749 a rough consensus obtained. The reasons for not compiling
8753 be used on architectures where it is required.<footnote>
8754 <p>
8755 Some of the reasons why this might be required is if the
8756 library contains hand crafted assembly code that is not
8757 relocatable, the speed penalty is excessive for compute
8758 intensive libs, and similar reasons.
8759 </p>
8760 </footnote>
8761 </p>
8762 <p>
8763 As to the static libraries, the common case is not to have
8764 relocatable code, since there is no benefit, unless in specific
8765 cases; therefore the static version must not be compiled
8767 should be discussed on the mailing list
8771 <p>
8772 Some of the reasons for linking static libraries with
8774 Perl API for a library that is under rapid development,
8775 and has an unstable API, so shared libraries are
8776 pointless at this phase of the library's development. In
8777 that case, since Perl needs a library with relocatable
8778 code, it may make sense to create a static library with
8779 relocatable code. Another reason cited is if you are
8780 distilling various libraries into a common shared
8782 installer project.
8783 </p>
8784 </footnote>
8785 </p>
8786 <p>
8787 In other words, if both a shared and a static library is
8789 for C files) will need to be compiled twice, for the normal
8790 case.
8791 </p>
8793 <p>
8794 Libraries should be built with threading support and to be
8795 thread-safe if the library supports this.
8796 </p>
8798 <p>
8799 Although not enforced by the build tools, shared libraries
8800 must be linked against all libraries that they use symbols from
8801 in the same way that binaries are. This ensures the correct
8804 systems and guarantees that all libraries can be safely opened
8807 Since this option enforces symbol resolution at build time,
8808 a missing library reference will be caught early as a fatal
8809 build error.
8810 </p>
8812 <p>
8813 All installed shared libraries should be stripped with
8816 </example>
8819 needed for relocation processing.) Shared libraries can
8820 function perfectly well when stripped, since the symbols for
8821 dynamic linking are in a separate part of the ELF object
8822 file.<footnote>
8823 You might also want to use the options
8827 libraries.
8828 </footnote>
8829 </p>
8831 <p>
8832 Note that under some circumstances it may be useful to
8833 install a shared library unstripped, for example when
8834 building a separate package to support debugging.
8835 </p>
8837 <p>
8839 public libraries, that is, they are not meant to be linked
8840 to by third party executables (binaries of other packages),
8841 should be installed in subdirectories of the
8843 rules that govern ordinary shared libraries, except that
8844 they must not be installed executable and should be
8845 stripped.<footnote>
8846 A common example are the so-called "plug-ins",
8847 internal shared objects that are dynamically loaded by
8849 </footnote>
8850 </p>
8852 <p>
8854 their shared libraries install a file containing additional
8856 For public libraries intended for use by other packages, these
8857 files normally should not be included in the Debian package,
8858 since the information they include is not necessary to link with
8859 the shared library on Debian and can add unnecessary additional
8860 dependencies to other programs or libraries.<footnote>
8861 These files store, among other things, all libraries on which
8862 that shared library depends. Unfortunately, if
8865 linking against that library will cause the resulting program
8866 or library to be linked against those dependencies as well,
8867 even if this is unnecessary. This can create unneeded
8868 dependencies on shared library packages that would otherwise
8869 be hidden behind the library ABI, and can make library
8870 transitions to new SONAMEs unnecessarily complicated and
8871 difficult to manage.
8872 </footnote>
8877 the empty string. If the shared library development package has
8880 emptied) until all libraries that depend on it have removed or
8882 files to prevent linking with those other libraries
8884 </p>
8886 <p>
8892 package.
8893 </p>
8895 <p>
8897 apply to loadable modules or libraries not installed in
8898 directories searched by default by the dynamic linker. Packages
8899 installing loadable modules will frequently need to install
8902 does not need to be modified for libraries or modules that are
8903 not installed in directories searched by the dynamic linker by
8904 default and not intended for use by other packages.
8905 </p>
8907 <p>
8908 You must make sure that you use only released versions of
8909 shared libraries to build your packages; otherwise other
8910 users will not be able to run your binaries
8911 properly. Producing source packages that depend on
8912 unreleased compilers is also usually a bad
8913 idea.
8914 </p>
8915 </sect>
8918 <sect>
8920 <p>
8922 </p>
8923 </sect>
8929 <p>
8930 All command scripts, including the package maintainer
8933 to interpret them.
8934 </p>
8936 <p>
8937 In the case of Perl scripts this should be
8939 </p>
8941 <p>
8942 When scripts are installed into a directory in the system
8943 PATH, the script name should not include an extension such
8945 language currently used to implement it.
8946 </p>
8947 <p>
8952 to how frequently they need to call commands that are allowed to
8953 fail, and it may instead be easier to check the exit status of
8956 </p>
8957 <p>
8960 </p>
8961 <p>
8963 SUSv3 Shell Command Language<footnote>
8964 Single UNIX Specification, version 3, which is also IEEE
8968 registration.</footnote>
8969 plus the following additional features not mandated by
8970 SUSv3:<footnote>
8971 These features are in widespread use in the Linux community
8972 and are implemented in all of bash, dash, and ksh, the most
8974 </footnote>
8975 <list>
8977 must not generate a newline.</item>
8980 operators.</item>
8982 supported, including listing multiple variables in a single
8983 local command and assigning a value to a variable at the
8985 may not preserve the variable value from an outer scope if
8986 no assignment is present. Uses such as:
8988 fname () {
8989 local a b c=delta d
8990 # ... use a, b, c, d ...
8991 }
8992 </example>
8995 </item>
8998 the name of a signal or one of the numeric signals listed in
9001 built-in.
9002 </item>
9004 signals must be supported. In addition to the signal
9005 numbers listed in the extension, which are the same as for
9007 </item>
9008 </list>
9009 If a shell script requires non-SUSv3 features from the shell
9010 interpreter other than those listed above, the appropriate shell
9011 must be specified in the first line of the script (e.g.,
9013 providing the shell (unless the shell package is marked
9015 </p>
9017 <p>
9018 You may wish to restrict your script to SUSv3 features plus the
9020 as its interpreter. Checking your script
9024 uncover violations of the above requirements. If in doubt
9025 whether a script complies with these requirements,
9027 </p>
9029 <p>
9030 Perl scripts should check for errors when making any
9033 </p>
9035 <p>
9037 scripting languages. See <em>Csh Programming Considered
9041 then you must make sure that they start with
9044 </p>
9046 <p>
9047 Any scripts which create files in world-writeable
9049 mechanism which will fail atomically if a file with the same
9050 name already exists.
9051 </p>
9053 <p>
9056 this purpose.
9057 </p>
9058 </sect>
9061 <sect>
9064 <p>
9065 In general, symbolic links within a top-level directory should
9066 be relative, and symbolic links pointing from one top-level
9067 directory to or into another should be absolute. (A top-level
9068 directory is a sub-directory of the root
9073 absolute.<footnote>
9074 This is necessary to allow top-level directories to be
9080 target.
9081 </footnote>
9082 Symbolic links must not traverse above the root directory.
9083 </p>
9085 <p>
9086 In addition, symbolic links should be specified as short as
9088 deprecated.
9089 </p>
9091 <p>
9092 Note that when creating a relative link using
9094 link to exist relative to the working directory you're
9096 directory to the directory where the link is to be made.
9097 Simply include the string that should appear as the target
9098 of the link (this will be a pathname relative to the
9099 directory in which the link resides) as the first argument
9101 </p>
9103 <p>
9107 ln -fs gcc $(prefix)/bin/cc
9108 ln -fs gcc debian/tmp/usr/bin/cc
9109 ln -fs ../sbin/sendmail $(prefix)/bin/runq
9110 ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
9111 </example>
9112 </p>
9114 <p>
9115 A symbolic link pointing to a compressed file (in the sense
9118 have the same file extension as the referenced file. (For
9120 symbolic link, the filename of the link has to end with
9122 </p>
9123 </sect>
9125 <sect>
9128 <p>
9129 Packages must not include device files or named pipes in the
9130 package file tree.
9131 </p>
9133 <p>
9134 Debian packages should assume that device files
9136 some other system facility and do not have to be explicitly
9137 created or managed by the package. Debian packages other than
9139 file tree must not attempt to create or remove device files
9141 is in use.
9142 </p>
9144 <p>
9146 required by a package, they should normally be created when
9147 necessary by the programs in the package, by init scripts or
9148 systemd unit files, or by similar on-demand mechanisms. If such
9149 files need to be created during package installation, they must
9151 script<footnote>
9154 positives from automated checks for packages incorrectly
9155 creating device files.
9156 </footnote>
9159 </p>
9160 </sect>
9165 <sect1>
9168 <p>
9169 <taglist>
9171 <item>
9172 A file that affects the operation of a program, or
9173 provides site- or host-specific information, or
9174 otherwise customizes the behavior of a program.
9175 Typically, configuration files are intended to be
9176 modified by the system administrator (if needed or
9177 desired) to conform to local policy or to provide
9178 more useful site-specific behavior.
9179 </item>
9182 <item>
9186 </item>
9187 </taglist>
9188 </p>
9190 <p>
9191 The distinction between these two is important; they are
9192 not interchangeable concepts. Almost all
9195 </p>
9197 <p>
9202 treated as configuration files. In general, any script that
9203 embeds configuration information is de-facto a configuration
9204 file and should be treated as such.
9205 </p>
9206 </sect1>
9208 <sect1>
9211 <p>
9212 Any configuration files created or used by your package
9215 named after your package.
9216 </p>
9218 <p>
9219 If your package creates or uses configuration files
9223 from the location that the package requires.
9224 </p>
9225 </sect1>
9227 <sect1>
9230 <p>
9231 Configuration file handling must conform to the following
9232 behavior:
9234 <item>
9235 local changes must be preserved during a package
9236 upgrade, and
9237 </item>
9238 <item>
9239 configuration files must be preserved when the
9240 package is removed, and only deleted when the
9241 package is purged.
9242 </item>
9243 </list>
9244 Obsolete configuration files without local changes should be
9245 removed by the package during upgrade.<footnote>
9248 </p>
9250 <p>
9251 The easy way to achieve this behavior is to make the
9253 appropriate only if it is possible to distribute a default
9254 version that will work for most installations, although
9255 some system administrators may choose to modify it. This
9256 implies that the default version will be part of the
9257 package distribution, and must not be modified by the
9258 maintainer scripts during installation (or at any other
9259 time).
9260 </p>
9262 <p>
9263 In order to ensure that local changes are preserved
9264 correctly, no package may contain or make hard links to
9265 conffiles.<footnote>
9266 Rationale: There are two problems with hard links.
9267 The first is that some editors break the link while
9268 editing one of the files, so that the two files may
9269 unwittingly become unlinked and different. The second
9272 </footnote>
9273 </p>
9275 <p>
9276 The other way to do it is via the maintainer scripts. In
9277 this case, the configuration file must not be listed as a
9279 distribution. If the existence of a file is required for
9280 the package to be sensibly configured it is the
9281 responsibility of the package maintainer to provide
9282 maintainer scripts which correctly create, update and
9283 maintain the file and remove it on purge. (See <ref
9285 scripts must be idempotent (i.e., must work correctly if
9287 during installation or removal), must cope with all the
9289 scripts, must not overwrite or otherwise mangle the user's
9290 configuration without asking, must not ask unnecessary
9291 questions (particularly during upgrades), and must
9292 otherwise be good citizens.
9293 </p>
9295 <p>
9296 The scripts are not required to configure every possible
9297 option for the package, but only those necessary to get
9298 the package running on a given system. Ideally the
9299 sysadmin should not have to do any configuration other
9300 than that done (semi-)automatically by the
9302 </p>
9304 <p>
9305 A common practice is to create a script called
9308 configuration file does not already exist. In certain
9309 cases it is useful for there to be an example or template
9310 file which the maintainer scripts use. Such files should
9313 they are architecture-independent or not). There should
9314 be symbolic links to them from
9316 they are examples, and should be perfectly ordinary
9318 configuration files).
9319 </p>
9321 <p>
9322 These two styles of configuration file handling must
9323 not be mixed, for that way lies madness:
9325 every time the package is upgraded.
9326 </p>
9327 </sect1>
9329 <sect1>
9332 <p>
9333 If two or more packages use the same configuration file
9334 and it is reasonable for both to be installed at the same
9335 time, one of these packages must be defined as
9337 the package which handles that file as a configuration
9338 file. Other packages that use the configuration file must
9339 depend on the owning package if they require the
9340 configuration file to operate. If the other package will
9341 use the configuration file if present, but is capable of
9342 operating without it, no dependency need be declared.
9343 </p>
9345 <p>
9346 If it is desirable for two or more related packages to
9348 related packages to be able to modify that configuration
9349 file, then the following should be done:
9351 <item>
9352 One of the related packages (the "owning" package)
9353 will manage the configuration file with maintainer
9354 scripts as described in the previous section.
9355 </item>
9356 <item>
9357 The owning package should also provide a program
9358 that the other packages may use to modify the
9359 configuration file.
9360 </item>
9361 <item>
9362 The related packages must use the provided program
9363 to make any desired modifications to the
9364 configuration file. They should either depend on
9365 the core package to guarantee that the configuration
9366 modifier program is available or accept gracefully
9367 that they cannot modify the configuration file if it
9368 is not. (This is in addition to the fact that the
9369 configuration file may not even be present in the
9370 latter scenario.)
9371 </item>
9372 </enumlist>
9373 </p>
9375 <p>
9376 Sometimes it's appropriate to create a new package which
9377 provides the basic infrastructure for the other packages
9378 and which manages the shared configuration files. (The
9380 </p>
9382 <p>
9383 If the configuration file cannot be shared as described above,
9384 the packages must be marked as conflicting with each other.
9385 Two packages that specify the same file as
9387 general rule about not sharing files. Neither alternatives
9388 nor diversions are likely to be appropriate in this case; in
9391 </p>
9393 <p>
9395 may see left-over configuration files from each other even
9396 though they conflict with each other. If a user removes
9397 (without purging) one of the packages and installs the other,
9399 old package. If the file was modified by the user, it will be
9400 treated the same as any other locally
9402 </p>
9404 <p>
9407 belong to.
9408 </p>
9409 </sect1>
9411 <sect1>
9414 <p>
9417 No other program should reference the files in
9419 </p>
9421 <p>
9422 Therefore, if a program needs a dotfile to exist in
9425 configuration file.
9426 </p>
9428 <p>
9429 However, programs that require dotfiles in order to
9430 operate sensibly are a bad thing, unless they do create
9431 the dotfiles themselves automatically.
9432 </p>
9434 <p>
9435 Furthermore, programs should be configured by the Debian
9436 default installation to behave as closely to the upstream
9437 default behavior as possible.
9438 </p>
9440 <p>
9441 Therefore, if a program in a Debian package needs to be
9442 configured in some way in order to operate sensibly, that
9443 should be done using a site-wide configuration file placed
9445 site-wide default configuration and the package maintainer
9446 doesn't have time to add it may a default per-user file be
9448 </p>
9450 <p>
9452 This is particularly true because there is no easy (or
9453 necessarily desirable) mechanism for ensuring that the
9454 appropriate dotfiles are copied into the accounts of
9455 existing users when a package is installed.
9456 </p>
9457 </sect1>
9458 </sect>
9460 <sect>
9462 <p>
9463 Log files should usually be named
9465 log files, or need a separate directory for permission
9469 files there.
9470 </p>
9472 <p>
9473 Log files must be rotated occasionally so that they don't grow
9474 indefinitely. The best way to do this is to install a log
9475 rotation configuration file in the
9479 <footnote>
9480 <p>
9481 The traditional approach to log files has been to set up
9483 scripts and cron. While this approach is highly
9484 customizable, it requires quite a lot of sysadmin work.
9485 Even though the original Debian system helped a little
9486 by automatically installing a system which can be used
9487 as a template, this was deemed not enough.
9488 </p>
9490 <p>
9492 by Red Hat, is better, as it centralizes log management.
9493 It has both a configuration file
9495 packages can drop their individual log rotation
9497 </p>
9498 </footnote>
9499 Here is a good example for a logrotate config
9503 /var/log/foo/*.log {
9504 rotate 12
9505 weekly
9506 compress
9507 missingok
9508 postrotate
9509 start-stop-daemon -K -p /var/run/foo.pid -s HUP -x /usr/sbin/foo -q
9510 endscript
9511 }
9512 </example>
9514 compressed generations, and tells the daemon to reopen its log
9515 files after the log rotation. It skips this log rotation
9517 avoids errors if the package is removed but not purged.
9518 </p>
9520 <p>
9521 Log files should be removed when the package is
9522 purged (but not when it is only removed). This should be
9526 </p>
9527 </sect>
9532 <p>
9533 The rules in this section are guidelines for general use.
9534 If necessary you may deviate from the details below.
9535 However, if you do so you must make sure that what is done
9536 is secure and you should try to be as consistent as possible
9537 with the rest of the system. You should probably also
9539 </p>
9541 <p>
9543 writable only by the owner and universally readable (and
9545 </p>
9547 <p>
9548 Directories should be mode 755 or (for group-writability)
9549 mode 2775. The ownership of the directory should be
9550 consistent with its mode: if a directory is mode 2775, it
9551 should be owned by the group that needs write access to
9552 it.<footnote>
9553 <p>
9554 When a package is upgraded, and the owner or permissions
9555 of a file included in the package has changed, dpkg
9556 arranges for the ownership and permissions to be
9557 correctly set upon installation. However, this does not
9558 extend to directories; the permissions and ownership of
9559 directories already on the system does not change on
9560 install or upgrade of packages. This makes sense, since
9562 always be in flux. To correctly change permissions of a
9563 directory the package owns, explicit action is required,
9565 taken to handle downgrades as well, in that case.
9566 </p>
9567 </footnote>
9568 </p>
9570 <p>
9574 scripts</qref>).
9575 </p>
9577 <p>
9579 respectively, and owned by the appropriate user or group.
9580 They should not be made unreadable (modes like 4711 or
9582 because anyone can find the binary in the freely available
9583 Debian package; it is merely inconvenient. For the same
9584 reason you should not restrict read or execute permissions
9585 on non-set-id executables.
9586 </p>
9588 <p>
9589 Some setuid programs need to be restricted to particular
9590 sets of users, using file permissions. In this case they
9591 should be owned by the uid to which they are set-id, and by
9592 the group which should be allowed to execute them. They
9593 should have mode 4754; again there is no point in making
9594 them unreadable to those users who must not be allowed to
9595 execute them.
9596 </p>
9598 <p>
9599 It is possible to arrange that the system administrator can
9600 reconfigure the package to correspond to their local
9601 security policy by changing the permissions on a binary:
9603 described below.<footnote>
9606 normally have their permissions reset to the distributed
9607 permissions when the package is reinstalled. However,
9609 default behavior.
9610 </footnote>
9611 Another method you should consider is to create a group for
9612 people allowed to use the program(s) and make any setuid
9613 executables executable only by that group.
9614 </p>
9616 <p>
9617 If you need to create a new user or group for your package
9618 there are two possibilities. Firstly, you may need to
9619 make some files in the binary package be owned by this
9620 user or group, or you may need to compile the user or
9621 group id (rather than just the name) into the binary
9622 (though this latter should be avoided if possible, as in
9623 this case you need a statically allocated id).</p>
9625 <p>
9626 If you need a statically allocated id, you must ask for a
9628 and must not release the package until you have been
9629 allocated one. Once you have been allocated one you must
9630 either make the package depend on a version of the
9633 your package to create the user or group itself with the
9637 possible, otherwise a pre-dependency will be needed on the
9639 </p>
9641 <p>
9642 On the other hand, the program might be able to determine the
9643 uid or gid from the user or group name at runtime, so that a
9644 dynamically allocated id can be used. In this case you should
9645 choose an appropriate user or group name, discussing this
9647 When this has been checked you must arrange for your package to
9648 create the user or group if necessary using
9651 preferred if it is possible).
9652 </p>
9654 <p>
9655 Note that changing the numeric value of an id associated
9656 with a name is very difficult, and involves searching the
9657 file system for all appropriate files. You need to think
9658 carefully whether a static or dynamic id is required, since
9659 changing your mind later will cause problems.
9660 </p>
9663 <p>
9664 This section is not intended as policy, but as a
9666 </p>
9668 <p>
9669 If a system administrator wishes to have a file (or
9670 directory or other such thing) installed with owner and
9671 permissions different from those in the distributed Debian
9674 settings every time the file is installed. Thus the
9675 package maintainer should distribute the files with their
9676 normal permissions, and leave it for the system
9677 administrator to make any desired changes. For example, a
9678 daemon which is normally required to be setuid root, but
9679 in certain situations could be used without being setuid,
9681 local system administrator can change this if they wish.
9682 If there are two standard ways of doing it, the package
9685 maintainer script if necessary to accommodate the system
9686 administrator's choice. Care must be taken during
9687 upgrades to not override an existing setting.
9688 </p>
9690 <p>
9692 essentially a tool for system administrators and would not
9693 normally be needed in the maintainer scripts. There is
9694 one type of situation, though, where calls to
9696 maintainer scripts, and that involves packages which use
9697 dynamically allocated user or group ids. In such a
9698 situation, something like the following idiom can be very
9701 <example>
9702 for i in /usr/bin/foo /usr/sbin/bar
9703 do
9704 # only do something when no setting exists
9706 then
9707 #include: debconf processing, question about foo and bar
9709 dpkg-statoverride --update --add sysuser root 4755 $i
9710 fi
9711 fi
9712 done
9713 </example>
9714 The corresponding code to remove the override when the package
9715 is purged would be:
9716 <example>
9717 for i in /usr/bin/foo /usr/sbin/bar
9718 do
9720 then
9721 dpkg-statoverride --remove $i
9722 fi
9723 done
9724 </example>
9725 </p>
9726 </sect1>
9727 </sect>
9732 <p>
9733 The name of the files installed by binary packages in the system PATH
9736 ASCII.
9737 </p>
9739 <p>
9740 The name of the files and directories installed by binary packages
9741 outside the system PATH must be encoded in UTF-8 and should be
9742 restricted to ASCII when it is possible to do so.
9743 </p>
9744 </sect>
9745 </chapt>
9754 <p>
9755 If a program needs to specify an <em>architecture specification
9756 string</em> in some place, it should select one of the strings
9759 part is sometimes elided, as when the OS is Linux.
9760 </p>
9762 <p>
9763 Note that we don't want to use
9766 since this would make our programs incompatible with other
9767 Linux distributions. We also don't use something like
9770 </p>
9775 <p>
9776 A package may specify an architecture wildcard. Architecture
9780 Internally, the package system normalizes the GNU triplets
9781 and the Debian arches into Debian arch triplets (which are
9782 kind of inverted GNU triplets), with the first component of
9783 the triplet representing the libc and ABI in use, and then
9784 does matching against those triplets. However, such
9785 triplets are an internal implementation detail that should
9786 not be used by packages directly. The libc and ABI portion
9787 is handled internally by the package system based on
9789 </footnote>
9790 </p>
9791 </sect1>
9792 </sect>
9794 <sect>
9797 <p>
9801 by other packages.
9802 </p>
9804 <p>
9805 If a package requires a new entry in one of these files, the
9806 maintainer should get in contact with the
9809 package.
9810 </p>
9812 <p>
9814 modified by the package's scripts except via the
9817 for details on how to add entries.
9818 </p>
9820 <p>
9821 If a package wants to install an example entry into
9824 treated as "commented out by user" by the
9826 activated during package updates.
9827 </p>
9828 </sect>
9830 <sect>
9831 <heading>Using pseudo-ttys and modifying wtmp, utmp and
9832 lastlog</heading>
9834 <p>
9835 Some programs need to create pseudo-ttys. This should be done
9836 using Unix98 ptys if the C library supports it. The resulting
9837 program must not be installed setuid root, unless that
9838 is required for other functionality.
9839 </p>
9841 <p>
9846 </p>
9847 </sect>
9849 <sect>
9852 <p>
9853 Some programs have the ability to launch an editor or pager
9854 program to edit or display a text document. Since there are
9855 lots of different editors and pagers available in the Debian
9856 distribution, the system administrator and each user should
9857 have the possibility to choose their preferred editor and
9858 pager.
9859 </p>
9861 <p>
9862 In addition, every program should choose a good default
9863 editor/pager if none is selected by the user or system
9864 administrator.
9865 </p>
9867 <p>
9868 Thus, every program that launches an editor or pager must
9869 use the EDITOR or PAGER environment variable to determine
9870 the editor or pager the user wishes to use. If these
9873 </p>
9875 <p>
9877 "alternatives" mechanism. Every package providing an editor or
9881 should have a slave alternative
9884 corresponding manual page.
9885 </p>
9887 <p>
9888 If it is very hard to adapt a program to make use of the
9889 EDITOR or PAGER variables, that program may be configured to
9892 program respectively. These are two scripts provided in the
9894 and PAGER variables and launch the appropriate program, and fall
9897 </p>
9899 <p>
9900 A program may also use the VISUAL environment variable to
9901 determine the user's choice of editor. If it exists, it
9902 should take precedence over EDITOR. This is in fact what
9904 </p>
9906 <p>
9907 It is not required for a package to depend on
9909 package to provide such virtual packages.<footnote>
9910 The Debian base system already provides an editor and a
9911 pager program.
9912 </footnote>
9913 </p>
9914 </sect>
9919 <p>
9920 This section describes the locations and URLs that should
9921 be used by all web servers and web applications in the
9922 Debian system.
9923 </p>
9925 <p>
9926 <enumlist>
9927 <item>
9928 Cgi-bin executable files are installed in the
9929 directory
9931 /usr/lib/cgi-bin
9932 </example>
9933 or a subdirectory of that directory, and the script
9936 </example>
9937 should be referred to as
9940 </example>
9941 </item>
9943 <item>
9945 </item>
9947 <item>
9949 <p>
9950 It is recommended that images for a package be stored
9953 as
9954 <example>
9956 </example>
9958 </p>
9959 </item>
9961 <item>
9964 <p>
9965 Web Applications should try to avoid storing files in
9966 the Web Document Root. Instead they should use the
9968 documents and register the Web Application via the
9970 web document root is unavoidable then use
9972 /var/www/html
9973 </example>
9974 as the Document Root. This might be just a symbolic
9975 link to the location where the system administrator
9976 has put the real document root.
9977 </p>
9978 </item>
9980 <p>
9981 All web servers should provide the virtual package
9984 </p>
9985 <p>
9986 All web applications which do not contain CGI scripts should
9990 </p>
9991 </item>
9992 </enumlist>
9993 </p>
9994 </sect>
9999 <p>
10000 Debian packages which process electronic mail, whether mail
10001 user agents (MUAs) or mail transport agents (MTAs), must
10002 ensure that they are compatible with the configuration
10003 decisions below. Failure to do this may result in lost
10005 damage!
10006 </p>
10008 <p>
10011 the FHS). On older systems, the mail spool may be
10013 access to the mail spool should be via the
10015 base system and not part of the MTA package.
10016 </p>
10018 <p>
10019 All Debian MUAs, MTAs, MDAs and other mailbox accessing
10020 programs (such as IMAP daemons) must lock the mailbox in an
10022 be combined with dot locking. To avoid deadlocks, a program
10024 this, or alternatively implement the two locking methods in
10025 a non blocking way<footnote>
10026 If it is not possible to establish both locks, the
10027 system shouldn't wait for the second lock to be
10028 established, but remove the first lock, wait a (random)
10029 time, and start over locking again.
10033 accomplish this.
10034 </p>
10036 <p>
10037 Mailboxes are generally either mode 600 and owned by
10040 There are two traditional permission schemes for mail spools:
10041 mode 600 with all mail delivery done by processes running as
10042 the destination user, or mode 660 and owned by group mail with
10043 mail delivery done by a process running as a system user in
10044 group mail. Historically, Debian required mode 660 mail
10045 spools to enable the latter model, but that model has become
10046 increasingly uncommon and the principle of least privilege
10047 indicates that mail systems that use the first model should
10048 use permissions of 600. If delivery to programs is permitted,
10049 it's easier to keep the mail system secure if the delivery
10050 agent runs as the destination user. Debian Policy therefore
10051 permits either scheme.
10052 </footnote>. The local system administrator may choose a
10053 different permission scheme; packages should not make
10054 assumptions about the permission and ownership of mailboxes
10055 unless required (such as when creating a new mailbox). A MUA
10056 may remove a mailbox (unless it has nonstandard permissions) in
10057 which case the MTA or another MUA must recreate it if needed.
10058 </p>
10060 <p>
10062 be setgid mail to do the locking mentioned above (and
10063 must obviously avoid accessing other users' mailboxes
10064 using this privilege).</p>
10066 <p>
10068 aliases (e.g., postmaster, usenet, etc.), it is the one
10073 even if it does nothing, but older MTA packages did not do
10075 cannot be found. Note that because of this, all MTA
10078 </p>
10080 <p>
10081 The convention of writing <tt>forward to
10085 <p>
10090 is supported.</p>
10092 <p>
10093 If your package needs to know what hostname to use on (for
10094 example) outgoing news and mail messages which are generated
10097 (at) sign for email addresses of users on the machine
10098 (followed by a newline).
10099 </p>
10101 <p>
10102 Such a package should check for the existence of this file
10103 when it is being configured. If it exists, it should be
10104 used without comment, although an MTA's configuration script
10105 may wish to prompt the user even if it finds that this file
10106 exists. If the file does not exist, the package should
10107 prompt the user for the value (preferably using
10109 as well as using it in the package's configuration. The
10110 prompt should make it clear that the name will not just be
10111 used by that package. For example, in this situation the
10114 Please enter the "mail name" of your system. This is the
10115 hostname portion of the address to be shown on outgoing
10116 news and mail messages. The default is
10118 name ["<var>syshostname</var>"]:
10119 </example>
10121 --fqdn</tt>.
10122 </p>
10123 </sect>
10125 <sect>
10128 <p>
10129 All the configuration files related to the NNTP (news)
10130 servers and clients should be located under
10133 <p>
10134 There are some configuration issues that apply to a number
10135 of news clients and server packages on the machine. These
10136 are:
10138 <taglist>
10140 <item>
10141 A string which should appear as the
10142 organization header for all messages posted
10143 by NNTP clients on the machine
10144 </item>
10147 <item>
10148 Contains the FQDN of the upstream NNTP
10149 server, or localhost if the local machine is
10150 an NNTP server.
10151 </item>
10152 </taglist>
10154 Other global files may be added as required for cross-package news
10155 configuration.
10156 </p>
10157 </sect>
10160 <sect>
10163 <sect1>
10166 <p>
10167 Programs that can be configured with support for the X
10168 Window System must be configured to do so and must declare
10169 any package dependencies necessary to satisfy their
10170 runtime requirements when using the X Window System. If
10171 such a package is of higher priority than the X packages
10172 on which it depends, it is required that either the
10173 X-specific components be split into a separate package, or
10174 that an alternative version of the package, which includes
10175 X support, be provided, or that the package's priority be
10176 lowered.
10177 </p>
10178 </sect1>
10180 <sect1>
10183 <p>
10184 Packages that provide an X server that, directly or
10185 indirectly, communicates with real input and display
10187 field that they provide the virtual
10189 This implements current practice, and provides an
10191 virtual package which appears in the virtual packages
10192 list. In a nutshell, X servers that interface
10193 directly with the display and input hardware or via
10194 another subsystem (e.g., GGI) should provide
10197 </footnote>
10198 </p>
10199 </sect1>
10201 <sect1>
10204 <p>
10205 Packages that provide a terminal emulator for the X Window
10206 System which meet the criteria listed below should declare in
10209 also register themselves as an alternative for
10211 20. That alternative should have a slave alternative
10213 pointing to the corresponding manual page.
10214 </p>
10216 <p>
10219 <item>
10220 Be able to emulate a DEC VT100 terminal, or a
10221 compatible terminal.
10222 </item>
10224 <item>
10225 Support the command-line option <tt>-e
10227 terminal window<footnote>
10228 "New terminal window" does not necessarily mean
10229 a new top-level X window directly parented by
10230 the window manager; it could, if the terminal
10231 emulator application were so coded, be a new
10232 "view" in a multiple-document interface (MDI).
10233 </footnote>
10235 interpreting the entirety of the rest of the command
10236 line as a command to pass straight to exec, in the
10238 </item>
10240 <item>
10241 Support the command-line option <tt>-T
10244 </item>
10245 </list>
10246 </p>
10247 </sect1>
10249 <sect1>
10252 <p>
10253 Packages that provide a window manager should declare in
10256 register themselves as an alternative for
10258 calculated as follows:
10260 <item>
10261 Start with a priority of 20.
10262 </item>
10264 <item>
10265 If the window manager supports the Debian menu
10266 system, add 20 points if this support is available
10267 in the package's default configuration (i.e., no
10268 configuration files belonging to the system or user
10269 have to be edited to activate the feature); if
10270 configuration files must be modified, add only 10
10271 points.
10272 </p>
10273 </item>
10275 <item>
10276 If the window manager complies with <url
10281 </item>
10283 <item>
10284 If the window manager permits the X session to be
10286 (without killing the X server) in its default
10287 configuration, add 10 points; otherwise add none.
10288 </item>
10289 </list>
10290 That alternative should have a slave alternative
10292 pointing to the corresponding manual page.
10293 </p>
10294 </sect1>
10296 <sect1>
10299 <p>
10300 Packages that provide fonts for the X Window
10301 System<footnote>
10302 For the purposes of Debian Policy, a "font for the X
10303 Window System" is one which is accessed via X protocol
10304 requests. Fonts for the Linux console, for PostScript
10305 renderer, or any other purpose, do not fit this
10306 definition. Any tool which makes such fonts available
10307 to the X Window System, however, must abide by this
10308 font policy.
10309 </footnote>
10310 must do a number of things to ensure that they are both
10311 available without modification of the X or font server
10312 configuration, and that they do not corrupt files used by
10313 other font packages to register information about
10314 themselves.
10315 <enumlist>
10316 <item>
10317 Fonts of any type supported by the X Window System
10318 must be in a separate binary package from any
10319 executables, libraries, or documentation (except
10320 that specific to the fonts shipped, such as their
10321 license information). If one or more of the fonts
10322 so packaged are necessary for proper operation of
10323 the package with which they are associated the font
10324 package may be Recommended; if the fonts merely
10325 provide an enhancement, a Suggests relationship may
10326 be used. Packages must not Depend on font
10327 packages.<footnote>
10328 This is because the X server may retrieve fonts
10329 from the local file system or over the network
10330 from an X font server; the Debian package system
10331 is empowered to deal only with the local
10332 file system.
10333 </footnote>
10334 </item>
10336 <item>
10337 BDF fonts must be converted to PCF fonts with the
10340 placed in a directory that corresponds to their
10341 resolution:
10343 <item>
10344 100 dpi fonts must be placed in
10346 </item>
10348 <item>
10349 75 dpi fonts must be placed in
10351 </item>
10353 <item>
10354 Character-cell fonts, cursor fonts, and other
10355 low-resolution fonts must be placed in
10357 </item>
10358 </list>
10359 </item>
10361 <item>
10362 Type 1 fonts must be placed in
10364 metric files are available, they must be placed here
10365 as well.
10366 </item>
10368 <item>
10370 other than those listed above must be neither
10373 are excepted for historical reasons, but installation of
10374 files into these directories remains discouraged.)
10375 </item>
10377 <item>
10378 Font packages may, instead of placing files directly
10379 in the X font directories listed above, provide
10380 symbolic links in that font directory pointing to
10381 the files' actual location in the filesystem. Such
10382 a location must comply with the FHS.
10383 </item>
10385 <item>
10386 Font packages should not contain both 75dpi and
10387 100dpi versions of a font. If both are available,
10388 they should be provided in separate binary packages
10390 the names of the packages containing the
10391 corresponding fonts.
10392 </item>
10394 <item>
10396 should not be included in the same package as 75dpi
10397 or 100dpi fonts; instead, they should be provided in
10399 its name.
10400 </item>
10402 <item>
10403 Font packages must not provide the files
10406 <list>
10407 <item>
10409 </item>
10411 <item>
10413 files, if needed, should be provided in the
10414 directory
10417 subdirectory of
10419 package's corresponding fonts are stored
10422 that provides these fonts, and
10425 the file contents.
10426 </item>
10427 </list>
10428 </item>
10430 <item>
10431 Font packages must declare a dependency on
10434 </item>
10436 <item>
10437 Font packages that provide one or more
10440 directory into which they installed fonts
10443 This invocation must occur in both the
10447 </item>
10449 <item>
10450 Font packages that provide one or more
10453 directory into which they installed fonts. This
10454 invocation must occur in both the
10458 </item>
10460 <item>
10461 Font packages must invoke
10463 which they installed fonts. This invocation must
10467 </item>
10469 <item>
10470 Font packages must not provide alias names for the
10471 fonts they include which collide with alias names
10472 already in use by fonts already packaged.
10473 </item>
10475 <item>
10476 Font packages must not provide fonts with the same
10477 XLFD registry name as another font already packaged.
10478 </item>
10479 </enumlist>
10480 </p>
10481 </sect1>
10486 <p>
10487 Application defaults files must be installed in the
10490 in the <em>X Toolkit Intrinsics - C Language
10491 Interface</em> manual is also permitted). They must be
10493 configuration files.
10494 </p>
10496 <p>
10497 Customization of programs' X resources may also be
10498 supported with the provision of a file with the same name
10499 as that of the package placed in
10502 configuration file.<footnote>
10503 Note that this mechanism is not the same as using
10504 app-defaults; app-defaults are tied to the client
10505 binary on the local file system, whereas X resources
10506 are stored in the X server and affect all connecting
10507 clients.
10508 </footnote>
10509 </p>
10510 </sect1>
10512 <sect1>
10515 <p>
10516 Historically, packages using the X Window System used a
10517 separate set of installation directories from other packages.
10518 This practice has been discontinued and packages using the X
10519 Window System should now generally be installed in the same
10520 directories as any other package. Specifically, packages must
10523 regarded as obsolete.
10524 </p>
10526 <p>
10527 Include files previously installed under
10530 installed into subdirectories of
10535 </p>
10537 <p>
10538 Configuration files for window, display, or session managers
10539 or other applications that are tightly integrated with the X
10540 Window System may be placed in a subdirectory
10542 Other X Window System applications should use
10545 </p>
10546 </sect1>
10547 </sect>
10552 <p>
10553 Perl programs and modules should follow the current Perl policy.
10554 </p>
10556 <p>
10559 It is also available from the Debian web mirrors at
10562 </p>
10563 </sect>
10568 <p>
10569 Please refer to the "Debian Emacs Policy" for details of how to
10570 package emacs lisp programs.
10571 </p>
10573 <p>
10574 The Emacs policy is available in
10577 It is also available from the Debian web mirrors at
10580 </p>
10581 </sect>
10583 <sect>
10586 <p>
10589 </p>
10591 <p>
10592 Each game decides on its own security policy.</p>
10594 <p>
10595 Games which require protected, privileged access to
10596 high-score files, saved games, etc., may be made
10600 example). They must not be made
10602 an attacker can subvert any set-user-id game they can
10603 overwrite the executable of any other, causing other players
10604 of these games to run a Trojan horse program. With a
10605 set-group-id game the attacker only gets access to less
10606 important game data, and if they can get at the other
10607 players' accounts at all it will take considerably more
10608 effort.)</p>
10610 <p>
10611 Some packages, for example some fortune cookie programs, are
10612 configured by the upstream authors to install with their
10613 data files or other static information made unreadable so
10614 that they can only be accessed through set-id programs
10615 provided. You should not do this in a Debian package: anyone can
10617 so there is no point making the files unreadable. Not
10618 making the files unreadable also means that you don't have
10619 to make so many programs set-id, which reduces the risk of a
10620 security hole.</p>
10622 <p>
10623 As described in the FHS, binaries of games should be
10625 applies to games that use the X Window System. Manual pages
10626 for games (X and non-X games) should be installed in
10628 </sect>
10629 </chapt>
10635 <sect>
10638 <p>
10642 details). You must not install a pre-formatted "cat page".
10643 </p>
10645 <p>
10646 Each program, utility, and function should have an
10647 associated manual page included in the same package. It is
10648 suggested that all configuration files also have a manual
10649 page included as well. Manual pages for protocols and other
10650 auxiliary things are optional.
10651 </p>
10653 <p>
10654 If no manual page is available, this is considered as a bug
10655 and should be reported to the Debian Bug Tracking System (the
10656 maintainer of the package is allowed to write this bug report
10657 themselves, if they so desire). Do not close the bug report
10658 until a proper man page is available.<footnote>
10659 It is not very hard to write a man page. See the
10666 </footnote>
10667 </p>
10669 <p>
10670 You may forward a complaint about a missing man page to the
10671 upstream authors, and mark the bug as forwarded in the
10672 Debian bug tracking system. Even though the GNU Project do
10673 not in general consider the lack of a man page to be a bug,
10674 we do; if they tell you that they don't consider it a bug
10675 you should leave the bug in our bug tracking system open
10676 anyway.
10677 </p>
10679 <p>
10681 </p>
10683 <p>
10684 If one man page needs to be accessible via several names it
10686 feature, but there is no need to fiddle with the relevant
10688 symlinks: don't do it unless it's easy. You should not
10689 create hard links in the manual page directories, nor put
10692 base of the man page tree (usually
10695 in the file system to the alternate names of the man page,
10697 man page under those names based solely on the information in
10698 the man page's header.<footnote>
10700 unreasonable processing time to find a manual page or to
10701 report that none exists, and moves knowledge into man's
10702 database that would be better left in the file system.
10703 This support is therefore deprecated and will cease to
10704 be present in the future.
10705 </footnote>
10706 </p>
10708 <p>
10709 Manual pages in locale-specific subdirectories of
10711 legacy encoding for that language (normally the one corresponding
10712 to the shortest relevant locale name in
10717 use. In future, all manual pages will be required to use
10718 UTF-8.
10719 </footnote>
10720 </p>
10722 <p>
10724 included in the subdirectory name unless it indicates a
10725 significant difference in the language, as this excludes
10726 speakers of the language in other countries.<footnote>
10727 At the time of writing, Chinese and Portuguese are the main
10730 </footnote>
10731 </p>
10733 <p>
10734 If a localized version of a manual page is provided, it should
10735 either be up-to-date or it should be obvious to the reader that
10736 it is outdated and the original manual page should be used
10737 instead. This can be done either by a note at the beginning of
10738 the manual page or by showing the missing or changed portions in
10739 the original language instead of the target language.
10740 </p>
10741 </sect>
10743 <sect>
10746 <p>
10749 </p>
10751 <p>
10754 use of info readers. This file must not be included in packages
10756 </p>
10758 <p>
10760 appropriate using dpkg triggers. Packages other than
10764 for this purpose.
10765 </p>
10767 <p>
10770 </p>
10772 <p>
10773 Info documents should contain section and directory entry
10774 information in the document for the use
10777 space and the section of this info page. The directory entry or
10778 entries should be included between
10781 <example>
10782 INFO-DIR-SECTION Individual utilities
10783 START-INFO-DIR-ENTRY
10784 * example: (example). An example info directory entry.
10785 END-INFO-DIR-ENTRY
10786 </example>
10787 To determine which section to use, you should look
10789 the most relevant (or create a new section if none of the
10790 current sections are relevant).<footnote>
10791 Normally, info documents are generated from Texinfo source.
10792 To include this information in the generated info document, if
10793 it is absent, add commands like:
10794 <example>
10795 @dircategory Individual utilities
10796 @direntry
10797 * example: (example). An example info directory entry.
10798 @end direntry
10799 </example>
10800 to the Texinfo source of the document and ensure that the info
10801 documents are rebuilt from source during the package build.
10802 </footnote>
10803 </p>
10804 </sect>
10809 <p>
10810 Any additional documentation that comes with the package may be
10811 installed at the discretion of the package maintainer. It is
10812 often a good idea to include text information files
10814 source package in the binary package. However, you don't need
10815 to install the instructions for building and installing the
10816 package, of course!
10817 </p>
10819 <p>
10820 Plain text documentation should be compressed with <tt>gzip
10822 </p>
10824 <p>
10825 If a package comes with large amounts of documentation that many
10826 users of the package will not require, you should create a
10827 separate binary package to contain it so that it does not take
10828 up disk space on the machines of users who do not need or want
10829 it installed. As a special case of this rule, shared library
10830 documentation of any appreciable size should always be packaged
10832 or in a separate documentation package, since shared libraries
10833 are frequently installed as dependencies of other packages by
10834 users who have little interest in documentation of the library
10835 itself. The documentation package for the
10839 separate documentation packages for multiple languages).
10840 </p>
10842 <p>
10844 command-line tool, or library development package,
10846 library development package) already provides documentation in
10852 </p>
10854 <p>
10855 Additional documentation included in the package should be
10857 If the documentation is packaged separately,
10859 either that path or into the documentation directory for the
10860 separate documentation package
10862 example). However, installing the documentation into the
10863 documentation directory of the main package is preferred since
10864 it is independent of the packaging method and will be easier for
10865 users to find.
10866 </p>
10868 <p>
10869 Any separate package providing documentation must still install
10870 standard documentation files in its
10874 </p>
10876 <p>
10877 Packages must not require the existence of any files in
10879 <footnote>
10880 The system administrator should be able to delete files
10882 to break.
10883 </footnote>. Any files that are used or read by programs but
10884 are also useful as stand alone documentation should be installed
10885 elsewhere, such as
10887 included via symbolic links
10889 </p>
10891 <p>
10894 the two packages both come from the same source and the
10895 first package Depends on the second.<footnote>
10896 <p>
10897 Please note that this does not override the section on
10898 changelog files below, so the file
10900 must refer to the changelog for the current version of
10902 that the sources of the target and the destination of the
10903 symlink must be the same (same source package and
10904 version).
10905 </p>
10906 </footnote>
10907 </p>
10908 </sect>
10910 <sect>
10913 <p>
10914 The unification of Debian documentation is being carried out
10915 via HTML.</p>
10917 <p>
10918 If the package comes with extensive documentation in a
10919 markup format that can be converted to various other formats
10920 you should if possible ship HTML versions in a binary
10921 package.<footnote>
10922 Rationale: The important thing here is that HTML
10924 binary package.
10925 </footnote>
10926 The documentation must be installed as specified in
10928 </p>
10930 <p>
10931 Other formats such as PostScript may be provided at the
10932 package maintainer's discretion.
10933 </p>
10934 </sect>
10939 <p>
10940 Every package must be accompanied by a verbatim copy of its
10941 copyright information and distribution license in the file
10943 file must neither be compressed nor be a symbolic link.
10944 </p>
10946 <p>
10947 In addition, the copyright file must say where the upstream
10948 sources (if any) were obtained, and should name the original
10949 authors.
10950 </p>
10952 <p>
10954 areas should state in the copyright file that the package is not
10955 part of the Debian distribution and briefly explain why.
10956 </p>
10958 <p>
10959 A copy of the file which will be installed in
10962 </p>
10964 <p>
10967 the two packages both come from the same source and the
10968 first package Depends on the second. These rules are important
10970 mechanical means.
10971 </p>
10973 <p>
10974 Packages distributed under the Apache license (version 2.0), the
10978 to the corresponding files under
10980 <p>
10981 In particular,
10994 respectively. The University of California BSD license is
10997 brevity of this license, its specificity to code whose
10998 copyright is held by the Regents of the University of
10999 California, and the frequency of minor wording changes, its
11000 text should be included in the copyright file rather than
11001 referencing this file.
11002 </p>
11003 </footnote> rather than quoting them in the copyright
11004 file.
11005 </p>
11007 <p>
11009 file. If your package has such a file it should be
11012 </p>
11014 <p>
11015 All copyright files must be encoded in UTF-8.
11016 </p>
11021 <p>
11022 A specification for a standard, machine-readable format
11027 also available from the Debian web mirrors at
11030 </p>
11032 <p>
11033 Use of this format is optional.
11034 </p>
11035 </sect1>
11036 </sect>
11038 <sect>
11041 <p>
11042 Any examples (configurations, source files, whatever),
11043 should be installed in a directory
11045 files should not be referenced by any program: they're there
11046 for the benefit of the system administrator and users as
11047 documentation only. Architecture-specific example files
11048 should be installed in a directory
11050 links to them from
11052 latter directory itself may be a symbolic link to the
11053 former.
11054 </p>
11056 <p>
11057 If the purpose of a package is to provide examples, then the
11058 example files may be installed into
11060 </p>
11061 </sect>
11066 <p>
11067 Packages that are not Debian-native must contain a
11069 the Debian source tree in
11072 </p>
11074 <p>
11075 If an upstream changelog is available, it should be accessible as
11077 plain text. If the upstream changelog is distributed in
11078 HTML, it should be made available in that form as
11082 the upstream changelog files do not already conform to this
11083 naming convention, then this may be achieved either by
11084 renaming the files, or by adding a symbolic link, at the
11085 maintainer's discretion.<footnote>
11086 Rationale: People should not have to look in places for
11087 upstream changelogs merely because they are given
11088 different names or are distributed in HTML format.
11089 </footnote>
11090 </p>
11092 <p>
11093 All of these files should be installed compressed using
11095 if they start out small.
11096 </p>
11098 <p>
11099 If the package has only one changelog which is used both as
11100 the Debian changelog and the upstream one because there is
11101 no separate upstream maintainer then that changelog should
11102 usually be installed as
11104 there is a separate upstream maintainer, but no upstream
11105 changelog, then the Debian changelog should still be called
11107 </p>
11109 <p>
11110 For details about the format and contents of the Debian
11112 </p>
11113 </sect>
11114 </chapt>
11119 <p>
11120 These appendices are taken essentially verbatim from the
11121 now-deprecated Packaging Manual, version 3.2.1.0. They are
11122 the chapters which are likely to be of use to package
11123 maintainers and which have not already been included in the
11124 policy document itself. Most of these sections are very likely
11125 not relevant to policy; they should be treated as
11126 documentation for the packaging system. Please note that these
11127 appendices are included for convenience, and for historical
11128 reasons: they used to be part of policy package, and they have
11129 not yet been incorporated into dpkg documentation. However,
11130 they still have value, and hence they are presented here.
11131 </p>
11133 <p>
11134 They have not yet been checked to ensure that they are
11135 compatible with the contents of policy, and if there are any
11136 contradictions, the version in the main policy document takes
11137 precedence. The remaining chapters of the old Packaging
11138 Manual have also not been read in detail to ensure that there
11139 are not parts which have been left out. Both of these will be
11140 done in due course.
11141 </p>
11143 <p>
11144 Certain parts of the Packaging manual were integrated into the
11145 Policy Manual proper, and removed from the appendices. Links
11146 have been placed from the old locations to the new ones.
11147 </p>
11149 <p>
11151 package files and installing and removing them on Unix
11152 systems.<footnote>
11154 work on or be ported to other systems.
11155 </footnote>
11156 </p>
11158 <p>
11159 The binary packages are designed for the management of
11160 installed executable programs (usually compiled binaries) and
11161 their associated data, though source code examples and
11162 documentation are provided as part of some packages.</p>
11164 <p>
11165 This manual describes the technical aspects of creating Debian
11167 behavior of the package management programs
11169 they interact with packages.</p>
11171 <p>
11172 This manual does not go into detail about the options and
11173 usage of the package building and installation tools. It
11174 should therefore be read in conjunction with those programs'
11175 man pages.
11176 </p>
11178 <p>
11180 not described in detail here, are documented in their man pages.
11181 </p>
11183 <p>
11184 It is assumed that the reader is reasonably familiar with the
11186 Unfortunately this manual does not yet exist.
11187 </p>
11189 <p>
11190 The Debian version of the FSF's GNU hello program is provided as
11191 an example for people wishing to create Debian packages. However,
11192 while the examples are helpful, they do not replace the need to
11193 read and follow the Policy and Programmer's Manual.</p>
11194 </appendix>
11199 <p>
11201 </p>
11205 </heading>
11207 <p>
11208 All manipulation of binary package files is done by
11212 will spot that the options requested are appropriate to
11214 arguments.)
11215 </p>
11217 <p>
11218 In order to create a binary package, you must make a directory
11219 tree which contains all the files and directories you want to
11220 have in the file system data part of the package. In
11221 Debian-format source packages, this directory is usually
11224 the package's source tree.
11225 </p>
11227 <p>
11228 They should have the locations (relative to the root of the
11229 directory tree you're constructing) ownerships and
11230 permissions which you want them to have on the system when
11231 they are installed.
11232 </p>
11234 <p>
11236 and gid/groupname mappings for the users and groups being
11237 used should be the same on the system where the package is
11238 built and the one where it is installed.
11239 </p>
11241 <p>
11242 You need to add one special directory to the root of the
11243 miniature file system tree you're creating:
11245 information files, notably the binary package control file
11247 </p>
11249 <p>
11251 file system archive of the package, and so won't be installed
11253 </p>
11255 <p>
11256 When you've prepared the package, you should invoke:
11257 <example>
11259 </example>
11260 </p>
11262 <p>
11263 This will build the package in
11267 build the package.)
11268 </p>
11270 <p>
11272 to examine the contents of this newly-created file. You may find the
11273 output of following commands enlightening:
11274 <example>
11278 </example>
11279 To view the copyright file for a package you could use this command:
11280 <example>
11282 </example>
11283 </p>
11284 </sect>
11289 <p>
11290 The control information portion of a binary package is a
11292 It will treat the contents of these files specially - some
11294 installing or removing the package; others are scripts which
11296 </p>
11298 <p>
11299 It is possible to put other files in the package control
11300 information file area, but this is not generally a good idea
11301 (though they will largely be ignored).
11302 </p>
11304 <p>
11305 Here is a brief list of the control information files supported
11307 </p>
11309 <p>
11310 <taglist>
11312 <item>
11313 <p>
11314 This is the key description file used by
11316 and version, gives its description for the user,
11317 states its relationships with other packages, and so
11320 </p>
11322 <p>
11323 It is usually generated automatically from information
11324 in the source package by the
11328 </p>
11329 </item>
11333 </tag>
11334 <item>
11335 <p>
11336 These are executable files (usually scripts) which
11338 and removal of packages. They allow the package to
11339 deal with matters which are particular to that package
11340 or require more complicated processing than that
11343 </p>
11345 <p>
11346 It is very important to make these scripts idempotent.
11348 </p>
11350 <p>
11351 The maintainer scripts are not guaranteed to run with a
11352 controlling terminal and may not be able to interact with
11354 </p>
11355 </item>
11358 </tag>
11359 <item>
11360 This file contains a list of configuration files which
11363 every configuration file should be listed here.
11364 </item>
11367 </tag>
11368 <item>
11369 This file contains a list of the shared libraries
11370 supplied by the package, with dependency details for
11372 when it determines what dependencies are required in a
11375 </item>
11376 </taglist>
11377 </p>
11382 <p>
11383 The most important control information file used by
11386 statistics".
11387 </p>
11389 <p>
11390 The binary package control files of packages built from
11391 Debian sources are made by a special tool,
11395 more details.
11396 </p>
11398 <p>
11399 The fields in binary package control files are listed in
11401 </p>
11403 <p>
11404 A description of the syntax of control files and the purpose
11406 </p>
11407 </sect>
11409 <sect>
11412 <p>
11414 </p>
11415 </sect>
11416 </appendix>
11421 <p>
11422 The Debian binary packages in the distribution are generated
11423 from Debian sources, which are in a special format to assist
11424 the easy and automatic building of binaries.
11425 </p>
11430 <p>
11431 Various tools are provided for manipulating source packages;
11432 they pack and unpack sources and help build of binary
11433 packages and help manage the distribution of new versions.
11434 </p>
11436 <p>
11437 They are introduced and typical uses described here; see
11439 documentation about their arguments and operation.
11440 </p>
11442 <p>
11443 For examples of how to construct a Debian source package,
11444 and how to use those utilities that are used by Debian
11446 package.
11447 </p>
11450 <heading>
11452 packages
11453 </heading>
11455 <p>
11456 This program is frequently used by hand, and is also
11457 called from package-independent automated building scripts
11459 </p>
11461 <p>
11462 To unpack a package it is typically invoked with
11463 <example>
11465 </example>
11466 </p>
11468 <p>
11471 the same directory. It unpacks into
11473 applicable
11475 the current directory.
11476 </p>
11478 <p>
11479 To create a packed source archive it is typically invoked:
11480 <example>
11482 </example>
11483 </p>
11485 <p>
11489 source tree first - this must be done separately if it is
11490 required.
11491 </p>
11493 <p>
11495 </sect1>
11499 <heading>
11501 control script
11502 </heading>
11504 <p>
11506 </p>
11507 </sect1>
11510 <heading>
11512 control files
11513 </heading>
11515 <p>
11518 tree.
11519 </p>
11521 <p>
11522 This is usually done just before the files and directories in the
11523 temporary directory tree where the package is being built have their
11524 permissions and ownerships set and the package is constructed using
11526 <footnote>
11527 This is so that the control file which is produced has
11528 the right permissions
11529 </footnote>.
11530 </p>
11532 <p>
11534 files which are to go into the package have been placed in
11535 the temporary build directory, so that its calculation of
11536 the installed size of a package is correct.
11537 </p>
11539 <p>
11542 variable substitutions created by
11544 are available.
11545 </p>
11547 <p>
11548 For a package which generates only one binary package, and
11550 of the source package, it is usually sufficient to call
11552 </p>
11554 <p>
11555 Sources which build several binaries will typically need
11556 something like:
11557 <example>
11562 tells it which package's control file should be generated.
11563 </p>
11565 <p>
11568 (for example) a future invocation of
11570 </sect1>
11573 <heading>
11575 dependencies
11576 </heading>
11578 <p>
11580 </p>
11581 </sect1>
11584 <heading>
11587 </heading>
11589 <p>
11590 Some packages' uploads need to include files other than
11591 the source and binary package files.
11592 </p>
11594 <p>
11599 </p>
11601 <p>
11604 <example>
11606 </example>
11609 is usually the directory above the top level of the source
11611 file there just before or just after calling
11613 </p>
11615 <p>
11618 </p>
11619 </sect1>
11623 <heading>
11625 upload control file
11626 </heading>
11628 <p>
11630 </p>
11631 </sect1>
11634 <heading>
11636 representation of a changelog
11637 </heading>
11639 <p>
11641 </p>
11642 </sect1>
11645 <heading>
11647 host system
11648 </heading>
11650 <p>
11652 </p>
11653 </sect1>
11654 </sect>
11659 <p>
11660 The source archive scheme described later is intended to
11661 allow a Debian package source tree with some associated
11662 control information to be reproduced and transported easily.
11663 The Debian package source tree is a version of the original
11664 program with certain files added for the benefit of the
11665 packaging process, and with any other changes required
11666 made to the rest of the source code and installation
11667 scripts.
11668 </p>
11670 <p>
11671 The extra files created for Debian are in the subdirectory
11673 source tree. They are described below.
11674 </p>
11679 <p>
11681 </p>
11682 </sect1>
11687 <p>
11689 </p>
11691 </sect1>
11693 <sect1>
11696 <p>
11698 </p>
11699 </sect1>
11702 </heading>
11704 <p>
11705 This is the default temporary location for the construction of
11708 system tree as it is being constructed (for example, by using
11709 the package's upstream makefiles install targets and
11710 redirecting the output there), and it also contains
11713 </p>
11715 <p>
11716 This is only a default and can be easily overridden. Most
11719 case of a source package building only one binary package.
11721 temporary staging area for built files and do not construct
11722 packages from it.
11723 </p>
11725 <p>
11726 If several binary packages are generated from the same source
11727 tree, it is usual to use a separate
11729 package as the temporary construction locations.
11730 </p>
11732 <p>
11733 Whatever temporary directories are created and used by the
11736 </p>
11737 </sect1>
11738 </sect>
11742 </heading>
11744 <p>
11745 As it exists on the FTP site, a Debian source package
11746 consists of three related files. You must have the right
11747 versions of all three to be able to use them.
11748 </p>
11750 <p>
11751 <taglist>
11753 <item>
11755 to extract a source package.
11757 </item>
11759 <tag>
11760 Original source archive -
11761 <file>
11763 </file>
11764 </tag>
11766 <item>
11767 <p>
11770 the upstream authors of the program.
11771 </p>
11772 </item>
11774 <tag>
11775 Debian package diff -
11776 <file>
11778 </file>
11779 </tag>
11780 <item>
11782 <p>
11784 giving the changes which are required to turn the
11785 original source into the Debian source. These changes
11786 may only include editing and creating plain files.
11787 The permissions of files, the targets of symbolic
11788 links and the characteristics of special files or
11789 pipes may not be changed and no files may be removed
11790 or renamed.
11791 </p>
11793 <p>
11794 All the directories in the diff must exist, except the
11796 tree, which will be created by
11798 </p>
11800 <p>
11803 executable (see below).</p></item>
11804 </taglist>
11805 </p>
11807 <p>
11808 If there is no original source code - for example, if the
11809 package is specially prepared for Debian or the Debian
11810 maintainer is the same as the upstream maintainer - the
11811 format is slightly different: then there is no diff, and the
11812 tarfile is named
11814 and preferably contains a directory named
11816 </p>
11817 </sect>
11819 <sect>
11822 <p>
11824 Debian source package. However, if it is not available it
11825 is possible to unpack a Debian source archive as follows:
11827 <item>
11828 <p>
11830 directory.</p>
11831 </item>
11832 <item>
11835 </item>
11836 <item>
11837 <p>
11839 the source tree.</p>
11840 </item>
11842 </item>
11843 <item><p>Untar the tarfile again if you want a copy of the original
11844 source code alongside the Debian version.</p>
11845 </item>
11846 </enumlist>
11848 <p>
11849 It is not possible to generate a valid Debian source archive
11853 </p>
11855 <sect1>
11858 <p>
11859 The source package may not contain any hard links
11860 <footnote>
11861 This is not currently detected when building source
11862 packages, but only when extracting
11863 them.
11864 </footnote>
11865 <footnote>
11866 Hard links may be permitted at some point in the
11867 future, but would require a fair amount of
11868 work.
11869 </footnote>, device special files, sockets or setuid or
11870 setgid files.
11871 <footnote>
11872 Setgid directories are allowed.
11873 </footnote>
11874 </p>
11876 <p>
11877 The source packaging tools manage the changes between the
11881 package source must not involve any changes which cannot be
11882 handled by these tools. Problematic changes which cause
11884 building the source package are:
11887 </item>
11889 </item>
11891 </item>
11894 print a warning but continue anyway are:
11896 <item>
11897 <p>
11898 Removing files, directories or symlinks.
11899 <footnote>
11900 Renaming a file is not treated specially - it is
11901 seen as the removal of the old file (which
11902 generates a warning, but is otherwise ignored),
11903 and the creation of the new one.
11904 </footnote>
11905 </p>
11906 </item>
11907 <item>
11908 <p>
11909 Changed text files which are missing the usual final
11910 newline (either in the original or the modified
11911 source tree).
11912 </p>
11913 </item>
11914 </list>
11915 Changes which are not represented, but which are not detected by
11918 <item><p>Changing the permissions of files (other than
11920 </list>
11921 </p>
11923 <p>
11927 directory, and afterwards it will make
11929 </p>
11930 </sect1>
11931 </sect>
11932 </appendix>
11937 <p>
11939 data in a common format, known as control files. Binary and
11941 files which control the installation of uploaded files, and
11943 format.
11944 </p>
11946 <sect>
11949 <p>
11951 </p>
11953 <p>
11954 It is important to note that there are several fields which
11956 tools are concerned, but which must appear in every Debian
11957 package, or whose omission may cause problems.
11958 </p>
11959 </sect>
11961 <sect>
11964 <p>
11966 </p>
11968 <p>
11969 This section now contains only the fields that didn't belong
11970 to the Policy manual.
11971 </p>
11976 <p>
11978 filename(s) of (the parts of) a package in the
11979 distribution directories, relative to the root of the
11980 Debian hierarchy. If the package has been split into
11981 several parts the parts are all listed in order, separated
11982 by spaces.
11983 </p>
11984 </sect1>
11989 <p>
11991 bytes, expressed in decimal) and MD5 checksum of the
11992 file(s) which make(s) up a binary package in the
11993 distribution. If the package is split into several parts
11994 the values for the parts are listed in order, separated by
11995 spaces.
11996 </p>
11997 </sect1>
12002 <p>
12004 whether the user wants a package installed, removed or
12005 left alone, whether it is broken (requiring
12006 re-installation) or not and what its current state on the
12007 system is. Each of these pieces of information is a
12008 single word.
12009 </p>
12010 </sect1>
12015 <p>
12016 If a package is not installed or not configured, this
12018 version of the package which was successfully
12019 configured.
12020 </p>
12021 </sect1>
12026 <p>
12028 information about the automatically-managed configuration
12030 appear anywhere in a package!
12031 </p>
12032 </sect1>
12034 <sect1>
12037 <p>
12039 not appear anywhere any more.
12046 <item>
12047 The Debian revision part of the package version was
12048 at one point in a separate control field. This
12049 field went through several names.
12050 </item>
12061 </taglist>
12062 </p>
12063 </sect1>
12064 </sect>
12066 </appendix>
12071 <p>
12073 handling of package configuration files.
12074 </p>
12076 <p>
12077 Whether this mechanism is appropriate depends on a number of
12078 factors, but basically there are two approaches to any
12079 particular configuration file.
12080 </p>
12082 <p>
12083 The easy method is to ship a best-effort configuration in the
12085 handle updates. If the user is unlikely to want to edit the
12086 file, but you need them to be able to without losing their
12087 changes, and a new package with a changed version of the file
12088 is only released infrequently, this is a good approach.
12089 </p>
12091 <p>
12092 The hard method is to build the configuration file from
12094 responsibility for fixing any mistakes made in earlier
12095 versions of the package automatically. This will be
12096 appropriate if the file is likely to need to be different on
12097 each system.
12098 </p>
12100 <sect><heading>Automatic handling of configuration files by
12102 </heading>
12104 <p>
12105 A package may contain a control information file called
12107 of configuration files needing automatic handling, separated
12108 by newlines. The filenames should be absolute pathnames,
12109 and the files referred to should actually exist in the
12110 package.
12111 </p>
12113 <p>
12115 the configuration files during the configuration stage,
12117 script,
12118 </p>
12120 <p>
12121 For each file it checks to see whether the version of the
12122 file included in the package is the same as the one that was
12123 included in the last version of the package (the one that is
12124 being upgraded from); it also compares the version currently
12125 installed on the system with the one shipped with the last
12126 version.
12127 </p>
12129 <p>
12130 If neither the user nor the package maintainer has changed
12131 the file, it is left alone. If one or the other has changed
12132 their version, then the changed version is preferred - i.e.,
12133 if the user edits their file, but the package maintainer
12134 doesn't ship a different version, the user's changes will
12135 stay, silently, but if the maintainer ships a new version
12136 and the user hasn't edited it the new version will be
12137 installed (with an informative message). If both have
12138 changed their version the user is prompted about the problem
12139 and must resolve the differences themselves.
12140 </p>
12142 <p>
12143 The comparisons are done by calculating the MD5 message
12144 digests of the files, and storing the MD5 of the file as it
12145 was included in the most recent version of the package.
12146 </p>
12148 <p>
12149 When a package is installed for the first time
12151 unless that would mean overwriting a file already on the
12152 file system.
12153 </p>
12155 <p>
12157 replace a conffile that was removed by the user (or by a
12158 script). This is necessary because with some programs a
12159 missing file produces an effect hard or impossible to
12160 achieve in another way, so that a missing file needs to be
12161 kept that way if the user did it.
12162 </p>
12164 <p>
12168 the user confusing and possibly dangerous options for
12169 conffile update when the package is upgraded.</p>
12170 </sect>
12172 <sect><heading>Fully-featured maintainer script configuration
12173 handling
12174 </heading>
12176 <p>
12177 For files which contain site-specific information such as
12178 the hostname and networking details and so forth, it is
12179 better to create the file in the package's
12181 </p>
12183 <p>
12184 This will typically involve examining the state of the rest
12185 of the system to determine values and other information, and
12186 may involve prompting the user for some information which
12187 can't be obtained some other way.
12188 </p>
12190 <p>
12191 When using this method there are a couple of important
12192 issues which should be considered:
12193 </p>
12195 <p>
12196 If you discover a bug in the program which generates the
12197 configuration file, or if the format of the file changes
12198 from one version to the next, you will have to arrange for
12199 the postinst script to do something sensible - usually this
12200 will mean editing the installed configuration file to remove
12201 the problem or change the syntax. You will have to do this
12202 very carefully, since the user may have changed the file,
12203 perhaps to fix the very problem that your script is trying
12204 to deal with - you will have to detect these situations and
12205 deal with them correctly.
12206 </p>
12208 <p>
12209 If you do go down this route it's probably a good idea to
12210 make the program that generates the configuration file(s) a
12213 appropriate from the post-installation script. The
12215 unquestioningly overwrite an existing configuration - if its
12216 mode of operation is geared towards setting up a package for
12217 the first time (rather than any arbitrary reconfiguration
12218 later) you should have it check whether the configuration
12220 overwrite it.</p></sect>
12221 </appendix>
12225 Packaging Manual)
12226 </heading>
12228 <p>
12229 When several packages all provide different versions of the
12230 same program or file it is useful to have the system select a
12231 default, but to allow the system administrator to change it
12232 and have their decisions respected.
12233 </p>
12235 <p>
12237 editor, and there is no reason to prevent all of them from
12238 being installed at once, each under their own name
12241 refer to something, at least by default.
12242 </p>
12244 <p>
12245 If all the packages involved cooperate, this can be done with
12247 </p>
12249 <p>
12250 Each package provides its own version under its own name, and
12252 register its version (and again in its prerm to deregister
12253 it).
12254 </p>
12256 <p>
12259 </p>
12261 <p>
12263 you may wish to consider using diversions instead.</p>
12264 </appendix>
12267 package's version of a file (from old Packaging Manual)
12268 </heading>
12270 <p>
12272 when it reinstalls the package it belongs to, and to have it
12273 put the file from the package somewhere else instead.
12274 </p>
12276 <p>
12277 This can be used locally to override a package's version of a
12278 file, or by one package to override another's version (or
12279 provide a wrapper for it).
12280 </p>
12282 <p>
12283 Before deciding to use a diversion, read <ref
12285 rather than several alternative versions of a program.
12286 </p>
12288 <p>
12292 details of its operation.
12293 </p>
12295 <p>
12296 When a package wishes to divert a file from another, it should
12298 diversion and rename the existing file. For example,
12301 <example>
12302 dpkg-divert --package smailwrapper --add --rename \
12303 --divert /usr/sbin/smail.real /usr/sbin/smail
12306 can bypass the diversion and get installed as the true version.
12307 It's safe to add the diversion unconditionally on upgrades since
12308 it will be left unchanged if it already exists, but
12310 message, make the command conditional on the version from which
12311 the package is being upgraded:
12312 <example>
12314 dpkg-divert --package smailwrapper --add --rename \
12315 --divert /usr/sbin/smail.real /usr/sbin/smail
12316 fi
12318 diversion was first added to the package. Running the command
12319 during abort-upgrade is pointless but harmless.
12320 </p>
12322 <p>
12323 The postrm has to do the reverse:
12324 <example>
12326 dpkg-divert --package smailwrapper --remove --rename \
12327 --divert /usr/sbin/smail.real /usr/sbin/smail
12328 fi
12329 </example> If the diversion was added at a particular version, the
12330 postrm should also handle the failure case of upgrading from an
12331 older version (unless the older version is so old that direct
12332 upgrades are no longer supported):
12333 <example>
12335 dpkg-divert --package smailwrapper --remove --rename \
12336 --divert /usr/sbin/smail.real /usr/sbin/smail
12337 fi
12339 diversion was first added to the package. The postrm should not
12340 remove the diversion on upgrades both because there's no reason to
12341 remove the diversion only to immediately re-add it and since the
12342 postrm of the old package is run after unpacking so the removal of
12343 the diversion will fail.
12344 </p>
12346 <p>
12347 Do not attempt to divert a file which is vitally important for
12349 there is a time, after it has been diverted but before
12351 does not exist.</p>
12353 <p>
12355 handle it well.
12356 </p>
12357 </appendix>
12359 </book>
12360 </debiandoc>
12361 <!-- Local variables: -->
12362 <!-- indent-tabs-mode: t -->
12363 <!-- End: -->
12364 <!-- vim:set ai sts=2 sw=2 tw=76: -->