[tex-live] question about archive naming scheme

Norbert Preining preining at logic.at
Tue Sep 21 06:24:20 CEST 2010

On Mo, 20 Sep 2010, Gergely Gábor wrote:
> > I'm packaging TeX Live now since five years, of course it is not easy, but not out of the reason you state.
> I guess you are not using a source based package deployment system, so

Of course. I always have to upload source and binary of a Debian package
to the Debian archive. Distributed to the Debian users are usually only
the binary packages, but every user can get the source by typing
	apt-get source texlive-base
for example. So yes, we do source/bin both.

> package you deploy to the users. But with a source based system (like
> that of NetBSD, the pkgsrc) the archives must be available sometimes
> even a year or later too. But what i have seen at the tex sites there is

The problem is that *YOU* BSD guys want to rely on *US* TeX Live guys
to keep an aribtrary history of TeX Live, which we cannot do,
or you provide us with server/network/space/time.

You BSD guys should have your own server, and upload the snapshot
you want to keep to that server.

In Debian I repackage the TeX Live into 5 different
and those are on the *DEBIAN* servers.

> such). The netbsd pkgsrc, the freebsd ports, or even the gentoo portage
> are doing packaging since more than 5 years, so stating how long have
> you been doing something is a totally useless point in an argument,
> especially as your practice is totally bad for the above mentioned,
> older projects.

Please don't tell me how packaging should be done. If you want us
to keep a history then you have it already: Use the .iso image *ONLY*
or the released tarballss of the releases, and not intermediate
steps. We will not and cannot and have no intention (we = TL Team)
to save backlogs to arbitrary old.

Just bundle up what you need into one tar file and be gone, is it that hard?
THen use it from your or any BSD server to get the sources.

> > md5 sums are also in the texlive.tlpd
> which is totally useless, should you have read my previous mail, and

(TL hat on)
They are not sueless, as we use them to check the sanity and 
completeness of *our* packaging system.

What you wan tis to adapt *our* packaging system to what you need.
But this is not our business. Packagers have to adpat to upstream.

(Debian hat on)
You know how much time it took me to switch from the packaging of
TL 2007 to the one of 2009 in Debian. And the same will happen 
when switching to TL 2010 where I have to switch to the tlnet
distribution method. I know how to do it, I only miss the time
to program it.

> These packaging systems need a given, _tested_ version of the source
> archives. The sums could prove that a source is authentic, but how can

(TL hat on)
For what? As we are distributing TL since quite some time now, it
seems that somehow we managed without that,so why do you assume
that this is not possible? Maybe because the you don't want to 
invest time to program around what our distribution system is?

How hard is to:
- rsync any tlnet at a given date
- extract the timestamps or package revisions from the tlpdb
- rename the package.tar.xz to include the revision
- tar up all the stuff

That is a perl script of about 30 lines? 

> one get an older version, that is _known to work_, as this a principle

There is *NO*NO*NO* *known to work* release. We try our best, we
test before releases, but even with the released verison of TL2010
there are bugs. So what you can do is select any day and use that.

Before syncing to CTAN we do several tests to ensure basic operationality.

> idea of the software deployment. Not to mention that the authenticity of
> the file you keep sums in can not be checked, as it is not signed by a
> trusted key, and the mirrors can be out of sync, 

Well, that can be fixed by using gpg  signing the relase file.
Maybe I implement that.

> Then please point me to some such documentation, that can show me the
> rationale behind this. But until that i also would like to point You to

Ahem ... ever checed the doc directory in

I assume you have an idea about that, right? All the perl modules are
pod documented. Read that.

> something to read:
> http://tim.oreilly.com/pub/a/onlamp/2005/03/31/packaging.html
> I suggest the distribution file part for reading and considering.

Yes, but the problem is that *WE* are distributing already to
our users. We are not simple upstream package creators.

ALl what is written there is actually aplying to *US*versus*TeX package
writers*, they should keep a proper history.

WHen I read the recommendation in that article and I would try to 
follow there would be:
- no installation of TL over the network
- no live update over the network
- no testing of critical package before relaeaseing, ...

Please, try to see that you are dealing not with an upstream
like program foobar, but with an upstream that is also a distributor.

If you want some more traditional approach, why not pull the packages
directly from CTAN? There you have what you want, the files
directly from the authors.

Best wishes

Norbert Preining            preining@{jaist.ac.jp, logic.at, debian.org}
JAIST, Japan                                 TeX Live & Debian Developer
DSA: 0x09C5B094   fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094
The noise made by a sunburned thighs leaving plastic chair.
			--- Douglas Adams, The Meaning of Liff

More information about the tex-live mailing list