[Replicant] fdroid on replicant: dfsg changes

Denis 'GNUtoo' Carikli GNUtoo at no-log.org
Sat Oct 22 01:53:11 UTC 2016


On Tue, 23 Aug 2016 07:59:10 +0200
Simon Josefsson <simon at josefsson.org> wrote:

> Den Mon, 22 Aug 2016 20:15:19 +0200
> skrev Re: fdroid on replicant: dfsg changes:
[...]
> > >> The idea is to:
> > >> - make F-droid detect Replicant
> > >> - Add a way to totally hide applications.
> > >> - Make f-droid hide all applications with anti-features, if
> > >> running on Replicant.
[...]
> > > This could be too heavy handed.  For me, this would make it
> > > impossible to install Face Slim, OsmAnd, Telegram.  Of these
> > > three, only the OsmAnd appear to actually have a licensing issue.
> > > 
> > > However, I could live with the solution above if it means having
> > > Replicant a FSF endorsed free distro.

Another solution would be to:
1) Detect Replicant in f-droid
2) Add the ability, with the fdroid-data, to produce a repository that
   is fully fsdg-compliant. It would take the stock fdroid-data in
   input.
3) host that fsdg-compliant repository
4) make f-droid switch to the fsdg-compliant repository, somehow, when
   it is run within Replicant.

That way a user could still, willingly, switch repository, while
keeping Replicant fsdg-compliant at the same time.

Another option would be to:
1) Add compilation switches in f-droid, such as --enforce-fsdg or
   --enforce-no-anti-features that would hide all the non-fsdg (or all
   applications with anti-features)
2) When building f-droid in Replicant, it would be built with that
   compilation option.

The advantages and disadvantages of that last approach are:
- F-droid wound't be reproducible between Replicant and the official
  version.
- A user could uninstall Replicant's f-droid and install the official
  one instead to get software not shown with the version
  shipped in Replicant.
- I've no idea if compilation switches are fsdg-compliant or not.
  For me it looks like a source version of debian non-free repository.
  Coreboot for instance already has such setting, when doing make
  menuconfig, there is the "[ ] Allow use of binary-only repository"
  option[1].

> I see that Replicant is mentioned there now, but this sounds strange
> to me given the concern with fdroid.
I think f-droid was fsdg-compliant at the time where Replicant was added
to the list of FSDG distributions.

Privileged extension:
---------------------
I tested the privileged extension on Replicant 4.2, it now works great,
and I can now update all the applications way faster. I can even
install them faster.

> > There are large security and usability advantages to including
What are the security advantages?
As I understand f-droid doesn't require root permissions.

References:
-----------
[1] I mentioned it because having real world example can help,
    especially if we need to ask around to see if it is compliant.

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20161022/5d2b23db/attachment.asc>


More information about the Replicant mailing list