[prev in list] [next in list] [prev in thread] [next in thread] 

List:       whonix-devel
Subject:    [Whonix-devel] 'Architecture: all' with architecture specific dependencies - the Depends field conta
From:       Patrick Schleizer <patrick-mailinglists () whonix ! org>
Date:       2019-11-27 18:45:11
Message-ID: d60695af-8b04-e27f-97ae-9ca90935139f () whonix ! org
[Download RAW message or body]

I am maintaining two Debian derivatives distributions, Whonix and
Kicksecure. (Open Source) I hope you don't mind my question.

I am trying to build a custom meta package with 'Architecture: all' that
has an architecture specific dependency:
hardened-malloc [amd64]

Package hardened-malloc is only available for amd64 and cannot be
trivially ported. (Would require source code level changes which I am
unable to contribute.) That package is not all that important. We want
it pre-installed on amd64 but at the same time it shouldn't be a blocker
for ports to let's say arm64.

(We got ported to to arm64 and ppc64 earlier before we introduced
architecture specific packages.)

Here is a simplified example.

Package: kicksecure-dependencies-cli
Priority: required
Architecture: all
Depends: ...,
 pkg1,
 pkg2,
 ...,
 hardened-malloc [amd64],
 ${misc:Depends}
Description: Dependencies for hardened systems CLI
 A metapackage, which installs command line interface (CLI) packages
which should be installed on hardened systems.


debhelper fails with the following error message

> dh_gencontrol
> dpkg-gencontrol: error: the Depends field contains an arch-specific
dependency but the package is architecture all
> dh_gencontrol: dpkg-gencontrol -pkicksecure-dependencies-cli
-ldebian/changelog -Tdebian/kicksecure-dependencies-cli.substvars
-Pdebian/kicksecure-dependencies-cli -UMulti-Arch returned exit code 255
> dh_gencontrol: Aborting due to earlier error
> make: *** [debian/rules:9: binary] Error 25
> dpkg-buildpackage: error: fakeroot debian/rules binary subprocess
returned exit status 2


'Recommends:' does not fit either since we're using apt with
'--no-install-recommends' during the build process to have tighter
control about which packages get installed.

Can I somehow hack or work around that limitation?

I could use 'Architecture: any' but then that meta package would be
build and added to the repository as 'amd64', although it's "mostly"
just a 'Architecture: all' package, except for the "optional dependency".

This would mean that either,

- architecture users other than amd64 couldn't simply install our meta
package by simply adding our third party repository and apt installing
from it, or

- I'd have to build that package for all platforms and add to
repository. That's doable in theory but would require a lot of
cowbuilder chroots, disk space and build time.

("99%" of our packages are "really" 'Architecture: all', i.e. just
configuration packages, bash or python.)

Hence, I am looking for a simpler fix. Any idea?

Kind regards,
Patrick
_______________________________________________
You are receiving this e-mail because you subscribed Whonix-devel mailing list. To unsubscribe visit \
https://www.whonix.org/cgi-bin/mailman/listinfo/whonix-devel or mail "unsubscribe" to \
Whonix-devel-unsubscribe@whonix.org.

Sie erhalten diese E-Mail, weil Sie die Whonix-devel Mailingliste aboniert haben. Zum abbestellen \
besuchen Sie https://www.whonix.org/cgi-bin/mailman/listinfo/whonix-devel oder mailen Sie "unsubscribe" \
an Whonix-devel-unsubscribe@whonix.org.


[prev in list] [next in list] [prev in thread] [next in thread]