Bug#1053565: RFS: openvpn3-client/20+dfsg-1 [ITP] -- virtual private network daemon (version 3)
>> * Package name : openvpn3-client > BTW, why it is named this way? > Is it client-only now, without the server part? > Previous package is named just "openvpn", it acts > as both client or server (actually the two roles are > symmetric, it can be both). If new openvpn is like > this, I suggest naming it just "openvpn3", without > the -client part, since it is quite confusing. > Or is there also -daemon (or -server) part? Sorry, missed your e-mail. This is not the same as the openvpn packages, this is a different implementation from the same company. At the moment, they have only released the client part. This implementation has functionality for 2-factor authentication that openvpn2 does not have. The package that upstream releases is openvpn3-linux (source) or openvpn3 (package). I have named it openvpn3-client to 1. Make it clear that this is only the client part 2. Prepare for future releases that include a server part There internal software structure is already split into different parts; but they release a collapsed archive for the client only. -- g. Marc GPG: 827C FD74 BA46 8152 A041 F3A0 7A6A 4F17 5995 A65B
Bug#1053565: RFS: openvpn3-client/20+dfsg-1 [ITP] -- virtual private network daemon (version 3)
06.10.2023 16:03, Marc Leeman wrote: * Package name : openvpn3-client BTW, why it is named this way? Is it client-only now, without the server part? Previous package is named just "openvpn", it acts as both client or server (actually the two roles are symmetric, it can be both). If new openvpn is like this, I suggest naming it just "openvpn3", without the -client part, since it is quite confusing. Or is there also -daemon (or -server) part? Thanks, /mjt
Bug#1053565: RFS: openvpn3-client/20+dfsg-1 [ITP] -- virtual private network daemon (version 3)
> The issue and ITP talks about there being two packages, a library part > and the client part. Has this changed (I cannot find the library part.) I did start out to have different packages (client, library, dev); but after discussing with upstream, I decided to mirror the upstream (tarball) release since they release their client as a single tarball and there is no other software that uses the library. For the moment, I would have to use the git tarballs from github instead of what they release as a tested client (integrated tarball of client and library). I thought it would be best to follow the upstream lead on this. > - changelog for an initial release should be only the first line, (as there > are no changes to the debian package on the initial upload) ack > - you are creating an user. [1] > - As per Debian polic 9.3, the username shouldbe an invalid user and start > with an "_" > - If I am not mistaken, you can use tmpfiles.d to specify the > directory /var/lib/openvpn to be owned by openvpn:openvpn, so that > snipped in postinst might not be needed. (please verify) I followed the user name lead on this one, but I'll adjust to match the policy. Thanks. > [1] https://wiki.debian.org/AccountHandlingInMaintainerScripts > - unicode-impl.hpp > I'm not convinced that this (license) issue is a non-issue. It might be > solved in later versions of the file, but the version in the tarball > does not allow modification. > As you are anyway dfsg repacking (at least the version indicates this, > see also below), hows' about removing the file and then reintroducing a > fine one with a patch? This is a difficult one (at least to me). I started investigating this and asking around on #debian-mentors. Therre it was concluded that it was a false positive. But since the licence seems to have changed for this file (the different copies included in Debian indicate this), I can do that, solves your concern. The DFSG was needed because the library used a random binary for testing without sources (some sparc binary iirc). > - files installed in /usr/include > --> you want a -dev package. I'll re-investigate this: since this client is standalone at the moment (cf supra); it should not install any header at all. > - d/copyright > - is not DEP-5 format. > - There is no indication why it is dfsg, and there id no > Files-Exluded section.. so are you repacking at all? The re-packaging was documented in debian/README.source > - For praticality reasons, it is recommended to keep the license of > the debian the same as upstream. Otherwise, package upstreaming > might get more difficult than needed. (GPL2 is anyway incompatibel > with Affero GPL 3; your "or later" safes the day.) > - There is license text for the Gnu Affero General Public License 3, > and it should be probably "AGPL-3" abbreviated. > - Note: I did not do a license review of the source files. Inspired by the openvpn team, I'll review. > - lintian overrides > - you need to comment the overrides WHY you overrode them. ack > - postinst > - remove the useless comment about utf-8, or let me know what you want > to say with it. my bad > - the python part - I think this should be in a dedicated python module > package? > > - S-V could be updated. > > - There is no watch file. This is in discussion with upstream to have a standard download location that can be scanned. At the moment, the download location does not allow indexing. > - The package is in a team namespace on salsa, but d/control does not > indicate that it is team maintained. As the ITP mentioned, part of the work was company sponsored, hence the (default) teamspace. But since I seem to be the only one working on it, I'll move it to a personal space. > As usual, remove moreinfo when you are done updating your package. ack -- g. Marc GPG: 827C FD74 BA46 8152 A041 F3A0 7A6A 4F17 5995 A65B
Bug#1053565: RFS: openvpn3-client/20+dfsg-1 [ITP] -- virtual private network daemon (version 3)
Control: tags -1 moreinfo Hi Marc, On Fri, Oct 06, 2023 at 03:03:02PM +0200, Marc Leeman wrote: > Package: sponsorship-requests > * Package name : openvpn3-client >Version : 20+dfsg-1 >Upstream contact : OpenVPN Solutions LLC > * URL : https://openvpn.net/ > * License : Gnu Affero General Public License 3 > * Vcs : https://salsa.debian.org/televic-team/openvpn3-client >Section : net > (...) > > openvpn3-client (20+dfsg-1) unstable; urgency=medium > . >* Initial release. (Closes: #904044) >* d/control: do not depend on openvpn2 dev headers >* d/postinst: create user before chown >* d/README: add comment on lintian-warning unicode-impl.hpp >* d/README: update dfsg motivation >* remove sum files (see d/README.source) > > Additional discussion on the packaging with upstream can be found here: > https://github.com/OpenVPN/openvpn3-linux/issues/193 The issue and ITP talks about there being two packages, a library part and the client part. Has this changed (I cannot find the library part.) - changelog for an initial release should be only the first line, (as there are no changes to the debian package on the initial upload) - you are creating an user. [1] - As per Debian polic 9.3, the username shouldbe an invalid user and start with an "_" - If I am not mistaken, you can use tmpfiles.d to specify the directory /var/lib/openvpn to be owned by openvpn:openvpn, so that snipped in postinst might not be needed. (please verify) [1] https://wiki.debian.org/AccountHandlingInMaintainerScripts - unicode-impl.hpp I'm not convinced that this (license) issue is a non-issue. It might be solved in later versions of the file, but the version in the tarball does not allow modification. As you are anyway dfsg repacking (at least the version indicates this, see also below), hows' about removing the file and then reintroducing a fine one with a patch? - files installed in /usr/include --> you want a -dev package. - d/copyright - is not DEP-5 format. - There is no indication why it is dfsg, and there id no Files-Exluded section.. so are you repacking at all? - For praticality reasons, it is recommended to keep the license of the debian the same as upstream. Otherwise, package upstreaming might get more difficult than needed. (GPL2 is anyway incompatibel with Affero GPL 3; your "or later" safes the day.) - There is license text for the Gnu Affero General Public License 3, and it should be probably "AGPL-3" abbreviated. - Note: I did not do a license review of the source files. - lintian overrides - you need to comment the overrides WHY you overrode them. - postinst - remove the useless comment about utf-8, or let me know what you want to say with it. - the python part - I think this should be in a dedicated python module package? - S-V could be updated. - There is no watch file. - The package is in a team namespace on salsa, but d/control does not indicate that it is team maintained. As usual, remove moreinfo when you are done updating your package. Cheers, -- tobi
Bug#1053565: RFS: openvpn3-client/20+dfsg-1 [ITP] -- virtual private network daemon (version 3)
Package: sponsorship-requests Severity: wishlist Dear Maintainer, Dear mentors, I am looking for a sponsor for my package "openvpn3-client": * Package name : openvpn3-client Version : 20+dfsg-1 Upstream contact : OpenVPN Solutions LLC * URL : https://openvpn.net/ * License : Gnu Affero General Public License 3 * Vcs : https://salsa.debian.org/televic-team/openvpn3-client Section : net The source builds the following binary packages: openvpn3-client - virtual private network daemon (version 3) To access further information about this package, please visit the following URL: https://mentors.debian.net/package/openvpn3-client/ Alternatively, you can download the package with 'dget' using this command: dget -x https://mentors.debian.net/debian/pool/main/o/openvpn3-client/openvpn3-client_20+dfsg-1.dsc Changes for the initial release: openvpn3-client (20+dfsg-1) unstable; urgency=medium . * Initial release. (Closes: #904044) * d/control: do not depend on openvpn2 dev headers * d/postinst: create user before chown * d/README: add comment on lintian-warning unicode-impl.hpp * d/README: update dfsg motivation * remove sum files (see d/README.source) Regards, Additional discussion on the packaging with upstream can be found here: https://github.com/OpenVPN/openvpn3-linux/issues/193 -- Marc Leeman
