OptRequirement
Contents
This page discusses the current state of the /opt requirement for apps.
Background
Apps which go to the AppReviewBoard, currently have the requirement to install files into /opt.
Rationale
Avoiding conflicts: Installing files into a separate location on the file system helps to avoid file conflicts.
(Future) confinement: In the future this would allow us to more easily confine apps.(?)
- Currently possible already: through directory separation things like (broken) plugins are impossible to do.
Exceptions
Exceptions to the /opt requirement need approval by the TB on a case by case basis. Currently unity extensions and .desktop file are allowed.
Problems
- Our toolkits, checking tools and frameworks are stream-lined to install files into /usr, not into /opt.
- General documentation on the internet is all about /usr.
- If you want to get your app into Ubuntu, you have to either special-case where you look for files or maintain separate versions of your code.
Solutions
- A large number of possible conflicts could be avoided if we check package contents against:
- $release Contents*.gz files (for stable releases they exist and don't change)
- Contents*.gz files for -updates, -security and -backports, archive.canonical.com and extras (these would need to be generated).
- One caveat would be diversions and alternatives, but they could be checked with a logic like in command-not-found.
- An unlikely, but possible problem is: App A is accepted and ships file X, later on package B in Ubuntu proper ships new file X. Conflict!
- Could this be avoided (or at least be made much less likely) with having a "no general-purpose file/directory name" policy?
Confinement is a problem not solved by the /opt requirement, but with initiatives like SecurityTeam/Specifications/Precise/AppArmorEasyprof be considered in the future.
- Plugins such as Nautilus plugins are currently not allowed anyway. The /opt requirement just 'automatically' rules out they sneak in.