On Tue, Mar 09, 2004 at 05:32:03PM +0100, Thomas Viehmann wrote: > I have a package that has an optional part that cannot presently be > built in main but ships a (java bytecode) binary in the tarball. > Policy prevents me from adding this to the binary debs, but my > understanding of policy is that I can keep it in the orig.tar.gz for the > sake of using an unchanged upstream tarball. > Is this correct?
It depends on what the licence terms are for the binary. If that licence is DFSG-free, and you are complying with the licence without distributing the source (ie it's not a GPL-like "must give source" licence) then there's no problem. Debian can comply with that licence in it's current form, and can distribute the source package to it's mirrors and users without fear. However, if the licence for the binary isn't so nice, you've got a problem. If free redistribution isn't explicitly allowed, Debian can't make copies of that binary at all - so every mirror and user that gets a copy is a breach of copyright. Even if "unmodified" redistribution is allowed, that's putting DFSG material in the main distribution, which we try to avoid. There's two differing levels of strictness people adhere to for source-package material. The most overbearing interpretation (which I tend to agree with) is that *every* byte that goes into main, whether source or binary, should be DFSG-free, because users can download source material almost as easily as binary packages, and they expect that everything in Debian will adhere to the DFSG. The more relaxed view is that non-free-but-redistributable stuff can go into source packages, because users aren't as interested in the source as the binaries. I would urge you to sanitise your tarballs. It's a PITA to do (and note in the documentation), but it's the safest course of action for our users. - Matt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
