tags 150607 + patch thanks hi,
please find attached a patch. there might be better packages to mention as examples, no idea. thanks, serafi
From a53ef84bd1219cc325b6319349b324d5cdc61b06 Mon Sep 17 00:00:00 2001 From: "Serafeim (Serafi) Zanikolas" <[email protected]> Date: Mon, 4 May 2026 22:10:35 +0200 Subject: [PATCH] best-pkging-practices: add high level guidance for daemons and web apps. Closes: #150607. --- source/best-pkging-practices.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/source/best-pkging-practices.rst b/source/best-pkging-practices.rst index a4b11ff..9eff460 100644 --- a/source/best-pkging-practices.rst +++ b/source/best-pkging-practices.rst @@ -1349,6 +1349,21 @@ corresponding packaging rules and practices: - Rust packaging is described in the `Debian Rust Team Book <https://rust-team.pages.debian.net/book/>`__;. +- Packages providing services ("daemons") should be functional on a fresh + install, to the extent that that is possible without compromising security + (e.g. a web server should by default be up and running and serve a dummy + page, but must otherwise not allow unauthenticated sensitive operations). + +- Web application packages should aim to have their dependencies (including + javascript) packaged separately, and should carry out whatever setup is + necessary for basic and secure functionality out of the box (e.g. create a + database, ship configs with reasonable defaults, install files in appropriate + location with appropriate permissions, etc). For examples, look at how + existing web applications are packaged, e.g. hugo for Go, gitlab for ruby on + rails, node-shiny-server for NPM. diaspora-installer is a dummy package + which downloads diaspora (also pulling in runtime dependencies as rubygems) + and configures it to use PostgreSQL and Nginx. + .. _bpp-archindepdata: Architecture-independent data -- 2.47.3
signature.asc
Description: PGP signature

