[pkg-wpa-devel] Fwd: Packaging crda and wireless-regdb
Luis R. Rodriguez
mcgrof at gmail.com
Mon Feb 9 00:10:35 UTC 2009
On Sun, Feb 8, 2009 at 2:01 PM, Kel Modderman <kel at otaku42.de> wrote:
> On Monday 09 February 2009 07:57:00 Luis R. Rodriguez wrote:
>> On Sun, Feb 8, 2009 at 9:35 AM, Kel Modderman <kel at otaku42.de> wrote:
>> > On Tuesday 03 February 2009 04:16:07 Luis R. Rodriguez wrote:
>> >> On Sun, Feb 1, 2009 at 1:03 PM, Kel Modderman <kel at otaku42.de> wrote:
>> >> >> Tim -- any chance we can split wireless-regdb and crda in Ubuntu? Also
>> >> >> can we work towards getting these into Debian?
>> >> >>
>> >> >> What about iw? Anyone have that covered yet?
>> >> >
>> >> > Yeah, it's in Debian experimental already.
>> >>
>> >> Then this means debian unstable may get this soon?
>> >
>> > iw should be in unstable very soon now, as the upload was done and building
>> > seems to be going well on most of the archs.
>> >
>> > As a side note, you mentioned Ubuntu is grouping crda and wireless-regdb into
>> > same package build. Some text on IRC leads me to believe that John Linville
>> > does the same [0]. This makes me want to ask, is the upstream split of these
>> > softwares really serving the purpose of being more convenient for future
>> > updates?
>> >
>> > Thanks, Kel.
>> >
>> > [0] http://download.fedora.redhat.com/pub/fedora/linux/development/source/SRPMS/crda-1.0.1_2009.01.30-4.fc11.src.rpm
>>
>> CC'ing John. Its my understanding that John packages it together so he
>> can use a dynamic priv key built on the fly therefore satisfying
>> Fedora's package requirements.
>>
>> This doesn't mean though that other distributions like Gentoo won't
>> use separate packages. It seem that if you are stuck with those rules
>> John's practice seems suitable.
>
> Have a look at src_compile() function of [0]. It is another example of why
> the current build system is hard to work with at the distribution level.
>
> Thanks, Kel.
>
> [0] http://mirrors.gigenet.com/gentoo/net-wireless/wireless-regdb/wireless-regdb-20081117.ebuild
>
Its actually a good example of how it should be done. That's
installing it as its designed. I see no issues, if a user /
distribution / vendor / OEM disagrees they can go ahead and write up
their own wireless-regdb and decide whether or not to use signing. If
they find just a bug or regulatory rules change they can send patches
and continue use the upstream work through the upgrade of just
wireless-regdb.
If you have a build requirement for wireless-regdb and want to use RSA
signature verification I recommend to build using your own RSA key,
but also to leave John's public key in place for CRDA so users can
also update to the upstream package manually if so desired,
If the private/pubkey changes dynamically upon every build (which is
what John has opted) then unfortunately you are also stuck to
re-building crda after each wireless-regdb update unless of course you
build it all without RSA key verification which I advise against for
the reasons stated before.
Just as someone can build their their own signed packages for a
distribution I don't see why we cannot also build our own signed files
when there is enough merit for it. Maybe there just hasn't been a need
for it. If that is the case then it should just be a matter of seeing
if distribution maintainers do agree with the merit.
Please let me know what you think.
Luis
More information about the Pkg-wpa-devel
mailing list