Hi,
I just had a short look at those Ubuntu .deb packages spottet in another
thread.
While
$ dpkg -I lyx-1.5.6-1~hardy_i386.deb
neues Debian-Paket, Version 2.0.
Größe 10024154 Byte: control-Archiv= 1234 Byte.
1557 Byte, 31 Zeilen control
534 Byte, 17 Zeilen * postinst #!/bin/sh
473 Byte, 13 Zeilen * postrm #!/bin/sh
Package: lyx
Version: 1.5.6-1
Architecture: i386
Maintainer: [EMAIL PROTECTED]
Installed-Size: 35100
Depends: libaiksaurus-1.2-0c2a, libaspell15, libboost-filesystem1.34.1,
libboost-regex1.34.1, libboost-signals1.34.1, libc6, libgcc1, libqt4-core,
libqt4-gui, libstdc++6, libx11-6, zlib1g, xdg-utils, mime-support, python,
python-support, texlive-latex-base, texlive-latex-recommended,
texlive-latex-extra, texlive-fonts-recommended, imagemagick, latex-xft-fonts
Conflicts: lyx-common
Section: editors
Priority: optional
Description: Document Processor
[...]
looks sane compared to other packages we've seen in the past but a conflict
on the lyx-common package suggests that there is something fishy.
If you'd use 'our' /debian/ direrctory to build the package you'd end up with
a lyx-common package aswell so there must have been changes to the packaging.
(missing the source package here as usual, even an added backdoor has to be
GPL'ed)
So let's go on to the stupid part in this package. As you can read above this
package depends on parts of the boost libs as it would happen if you use the
/debian/ dir from Debian or Ubuntu.
$ ar x lyx-1.5.6-1~hardy_i386.deb
$ tar zxf data.tar.gz
$ ldd usr/bin/lyx|grep boost
$
Hm. Fishy as suspected.
I've another one up my sleeve which I'll save for later use just in case
someone comes back with such broken shit and just fixed the obvious one
pointed out here.
So if you're a user of Ubuntu and you're constantly searching for 3rd party
packages you should thinks twice.
If you're the packager please go back to your workplace repackage with a
sane /debian/ directory. Now.
Afterwards publish a sane _source_ and binary package.
Thanks.
Sven
(sorry for digging again in other peoples shit but sometimes I think
everyone should learn from such cases to do better)
--
If God passed a mic to me to speak
I'd say stay in bed, world
Sleep in peace
[The Cardigans - 03:45: No sleep]
