Fabian Greffrath <fab...@greffrath.com> writes: > it seems that some buildds occasionally have libssl-dev installed in > their chroot. A friend of mine has found out that the netatalk package > depends on libssl0.9.8 [sparc] in sid and [hppa, mipsel] in squeeze. > Other architectures are not affected. For GPL-licensed software like > netatalk this is IMHO to be considered a license violation and thus RC!
> If you have a look at the build logs on e.g. sparc, you will see that > indeed the configure script detects an OpenSSL installation and builds > the package against it: > <https://buildd.debian.org/fetch.cgi?pkg=netatalk;ver=2.0.5-2;arch=sparc;stamp=1259628740> > This doesn't happen on other archs: > <https://buildd.debian.org/pkg.cgi?pkg=netatalk> > I guess the buildds for the affected archs need their chroots cleaned up > and netatalk needs bin-NMUs scheduled, right? This is a bug in the netatalk Debian packaging. You cannot assume the package will be built in a clean chroot; among other things, the buildd software explicitly does not guarantee that all packages will be removed. The packaging needs to prevent the package from being linked with OpenSSL if that's what the resulting binary packages are supposed to be like, even if OpenSSL is installed. If the changes to the packaging are too invasive to do the right thing no matter what's installed, you can add a Build-Conflicts. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
