[Replicant] fdroid on replicant: dfsg changes
Hans-Christoph Steiner
hans at guardianproject.info
Mon Oct 24 14:07:08 UTC 2016
Denis 'GNUtoo' Carikli:
> On Tue, 23 Aug 2016 07:59:10 +0200
> Simon Josefsson <simon at josefsson.org> wrote:
>
>> Den Mon, 22 Aug 2016 20:15:19 +0200
>> skrev Re: fdroid on replicant: dfsg changes:
> [...]
>>>>> The idea is to:
>>>>> - make F-droid detect Replicant
>>>>> - Add a way to totally hide applications.
>>>>> - Make f-droid hide all applications with anti-features, if
>>>>> running on Replicant.
> [...]
>>>> This could be too heavy handed. For me, this would make it
>>>> impossible to install Face Slim, OsmAnd, Telegram. Of these
>>>> three, only the OsmAnd appear to actually have a licensing issue.
>>>>
>>>> However, I could live with the solution above if it means having
>>>> Replicant a FSF endorsed free distro.
>
> Another solution would be to:
> 1) Detect Replicant in f-droid
> 2) Add the ability, with the fdroid-data, to produce a repository that
> is fully fsdg-compliant. It would take the stock fdroid-data in
> input.
> 3) host that fsdg-compliant repository
> 4) make f-droid switch to the fsdg-compliant repository, somehow, when
> it is run within Replicant.
>
> That way a user could still, willingly, switch repository, while
> keeping Replicant fsdg-compliant at the same time.
We'd love to help anyone setup and run such a repository. Even better
would be if it also built the apps, so that it would also serve as a
verficiation of the reproducible builds of what is on f-droid.org. The
fdroid devs currently do not have the free cycles to take this on.
> Another option would be to:
> 1) Add compilation switches in f-droid, such as --enforce-fsdg or
> --enforce-no-anti-features that would hide all the non-fsdg (or all
> applications with anti-features)
> 2) When building f-droid in Replicant, it would be built with that
> compilation option.
>
> The advantages and disadvantages of that last approach are:
> - F-droid wound't be reproducible between Replicant and the official
> version.
> - A user could uninstall Replicant's f-droid and install the official
> one instead to get software not shown with the version
> shipped in Replicant.
> - I've no idea if compilation switches are fsdg-compliant or not.
> For me it looks like a source version of debian non-free repository.
> Coreboot for instance already has such setting, when doing make
> menuconfig, there is the "[ ] Allow use of binary-only repository"
> option[1].
>
>> I see that Replicant is mentioned there now, but this sounds strange
>> to me given the concern with fdroid.
> I think f-droid was fsdg-compliant at the time where Replicant was added
> to the list of FSDG distributions.
For this to be workable, it would then need to be a separate app from
F-Droid. We are moving towards making the F-Droid client support
multiple build "flavors". You could call it "Replicant App Store" or
whatever. It could still be included in the f-droid.org repository.
> Privileged extension:
> ---------------------
> I tested the privileged extension on Replicant 4.2, it now works great,
> and I can now update all the applications way faster. I can even
> install them faster.
>
>>> There are large security and usability advantages to including
> What are the security advantages?
> As I understand f-droid doesn't require root permissions.
The big security advantages are background updates are possible, and
Unknown Sources is not used or required.
.hc
> References:
> -----------
> [1] I mentioned it because having real world example can help,
> especially if we need to ask around to see if it is compliant.
>
> Denis.
>
--
PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
More information about the Replicant
mailing list