openSUSE:Backports Packaging Policy

Jump to: navigation, search

Overview

This page is to document the package inclusion, and update (maintenance) policies for the openSUSE Backports project

Packaging Guidelines

In general packages for the Backports project must comply with the established openSUSE Packaging Guidelines

That means any package for Backports must pass the same technical and legal reviews as packages for openSUSE Factory.

No conflicts with SLE

Packages in Backports shall not replace, conflict or otherwise interfere with packages provided by SUSE Linux Enterprise. Supportability for the distribution must be maintained.

That means

  • no same name
  • no provides, obsoletes or conflicts
  • no overlap in file list
  • no overlay of stacked locations (e.g. /bin vs /usr/bin)

with packages contained in the following supported products, add-ons or modules:

  • SUSE Linux Enterprise Server (SLES)
  • SUSE Linux Enterprise Desktop (SLED)
  • SUSE Linux Enterprise Workstation Extension (WE)
  • SUSE Linux Enterprise "Modules"

No kernels or kernel modules

Backports should only contain package that are in general safe to install and use without interferring with SUSE's ability to provide customer support. Kernels other than those delivered by SUSE render the system unsupportable. In the same way, any kernel modules not provided by SUSE or via the SUSE SolidDriver Program can render a system unsupportable.

Therefore kernels and kernel modules are prohibited from the openSUSE:Backports projects.

Quality Assurance

The Backports project uses the same QA process as openSUSE maintenance. That means all to-be-released updates are accumulated in a test repo. After several days (depending on urgencly of the update) without receiving negative feedback the package gets released.

Package Update Policy

Updates to Backports packages will be left to the discretion of the package maintainer as long as the consistency of the overall repo is not impacted.

Security

The SUSE security team tracks issues in Backports packages like in any other openSUSE code stream. Ie the security team files bug reports and assigns them to the package maintainer.

Veto Right

The following teams are empowered to

  • veto inclusion of new packages
  • delete or disable packages

in the Backports repo if there are good reasons to do so (e.g. license or patent violation, grave security vulnerabilities):

  • openSUSE maintenance team
  • SUSE security team
  • SUSE legal team
  • openSUSE:Backports project maintainers