Bug#925473: Tomcat 9 requires Systemd

Thu Jun 2 16:33:06 BST 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384

Patrik Schindler dixit:
>Am 02.06.2022 um 16:47 schrieb Thorsten Glaser <tg at mirbsd.de>:
>
>> I’ll update the sysvinit branch and publish a new build of the
>> package in my personal APT repository then (I’ve not done so for a
>> while since I’m currently not in a Java™ project). If that’s enough
>> for you that is — I can sign checksums with my Debian Developer PGP
>> key for you to verify.
>
>Thank you *very* much! Does this also resolve the packages' hard
>dependency on systemd?

Yes, of course.

>What is your opinion about staying current with security updates for
>this specifically crafted package?

If I know I have users I can stay on top of other updates with this
package. For simplicity I’d probably follow uploads to unstable and
rebuild these, with the sysvinit patchset added, within bullseye; I
have successfully used the binary packages coming from that as well
on a buster system, so this should cover three releases.

One thing I have already done is to “split” the packages in my APT
repo so that those I consider “LTS” are available without pulling
in other “alternative” versions of packages, so it can safely be
added to most systems. The current set of packages for bullseye is:

• musescore-general-soundfont musescore-general-soundfont-small
  (just huge data packages)
• openjdk-8 (sid but also used in stretch-security; bullseye uses 11)
• screen (updated Unicode support)
• tomcat9
• uw-imap (add back missing binary packages)
• wtf-debian-keyring (the keyring package for this repo)

>Is there some higher instance within the Debian project you can call up
>for probably conciliating this issue?

The package maintainer generally has the highest authority. There
are cases, yes, but the Debian project has voted, in a General
Resolution, that lack of support for multiple init systems cannot
be pushed like that. Or (at least) the vocal minority has while the
rest of the developers abstained from voting, looking at percentages…

>Or might a fork to tomcat9-sysvinit be feasible?

No, that’s a ridiculous amount of duplication and overhead.
Besides, we’d have to had this done years ago.

bye,
//mirabilos
- -- 
(gnutls can also be used, but if you are compiling lynx for your own use,
there is no reason to consider using that package)
	-- Thomas E. Dickey on the Lynx mailing list, about OpenSSL

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (MirBSD)
Comment: ☃ ЦΤℱ—８　☕☂☄

iQIcBAEBCQAGBQJimNhAAAoJEHa1NLLpkAfg9XIP/2OQ0gkxyHrl4x1YzqLIjVGf
U+atwoCIGDZVLvCAxjYRjpznzK10QLL3Lek1sCgGbtaxXCHPDxZgEyhH0LrYD4iF
+fJCCBPsBuJ8zYL52ViddFoFa8yl8FeQdS/rby/o86uhTVL12vBxmeWFi+poPykw
oFQbTXaz9KwYfm+Ov51NwchJ8Eg5ks0R3dl+hLi/w8IL88ls0u8+d2iw6ETdRn/6
Y4HbZqKbki5jnVKink0GNlroE6Fbn4m76Zzo1oyFPzU27Z6xVxI9koP5WetYGXAw
mX5rrJTFb6QoI4glhCmaAu06NjyNOGEL5SPoWhlZU6Yc6/w2s4XsS2clOYTS7Xgv
RIQGtee+nEO09C65hAB7Cw16BY+Rte0S3yGxI/Zaok4dDGtsvv4lLcvl2LJh4L3c
YK5g7OCTuYx4miR7JV6jDcFbzoKor5J62JFNYtPE76bqz7hvW8LlENTKd0ObNXUO
/xFTdKjyrQqvi3JiYMgPV+YFH0pz1YpaYkojR8o04lrpbrPOKoT2SZppKxvB5TGp
wk2H3nwJ/s6LCvgfZv4Ro2RI80XGchD9iti69SZOXW/VNVqpuHKuj7vS8JSKU8PX
XUXUeBtHwGpxYCb4hSc+4RrO+2bgx0vSBSoG7U10vpIHtiKTPbHbP4yDuBwOkhHj
pBDqgKXyv8bcjZO2hJty
=B/aM
-----END PGP SIGNATURE-----