[aur-general] TU appliance Jens Maucher (defcon)
allan at archlinux.org
Sun Apr 5 09:25:29 EDT 2009
Ali H. Caliskan wrote:
> I don't think zatoo should be that much criticized, it looks somewhat clean.
I am going to be fairly blunt here, but essentially you are wrong....
# Kerberos libs
ln -s /usr/lib/libcrypto.so libk5crypto.so.3
ln -s /usr/lib/libkrb5.so libkrb5.so.3
ln -s /usr/lib/libkrb5.so libkrb5support.so.0
ln -s /usr/lib/libgssapi.so libgssapi_krb5.so.2
Symlinking libraries to different sonames is, in my opinion, the single
worst thing you can do to your install. It can create bugs that are
incredibly difficult to track down. The current libkrb5.so is .25! A
lot has changed since .3... The correct way to deal with this is to
find a version of the package that supplies these library versions and
build it, either within the package or as a dep for the package. The
former is probably cleaner in this case unless something else requires
There is also the use of "mkdir" and "cp" instead of "install" to improve.
As Jens pointed out, he no longer maintains this. But at this point,
that is moot. He maintained it when he applied and the TUs did not know
him very well in general so we needed to rely on his packaging skill to
judge his application. The consensus opinion of the TUs was obviously
that his package standards were not high enough and I have no doubt that
this package was primarily to blame.
So, for future reference, here is my subjectiveview of what should have
happened after this package was pointed out as bad:
1) a reply to aur-general saying "I will look into it". If it was
fixable, good. If not then...
2) a reply saying, "This is very difficult to fix. I am discussing this
with my sponsor. Any suggestions on how to improve it?".
3) possibly delaying of voting until it is shown that the issue is fixed.
I see the ability to know when you have a bad PKGBUILD or other problem
and then asking for help to be far more important than the ability to
produce perfect packages. Remember, once someone is a TU, they will be
providing the community with binary packages. It is essential that the
Trusted Users ensure any new applicant is up to standard. Any doubt is
enough to say no.
More information about the aur-general