[Pkg-nx-group] freenx debian packaging

Stefan Lippers-Hollmann s.L-H at gmx.de
Tue Jan 8 14:26:52 UTC 2008 

Hi

On Dienstag, 8. Januar 2008, Timo Aaltonen wrote:
> On Tue, 8 Jan 2008, Emilio Scalise wrote:
[...]
> 
> Does freenx still ship it's own X libs? It would be nice to integrate the 
> funcionality in Xorg.

FreeNX itself is "just" a bunch of bash scripts, but it depends on nxcomp,
nxcompext and nxproxy, which in turn are built from within nx-X11 - which
is a forked X.org 6.6 (including nxagent and other patches to support the 
NX protocol) source tree (it has been XFree86 4.3 for NX <3.0). As a whole 
it is released under the GPL2-only, have fun submitting that to X.org 
upstream, or rather prepare yourself for heavy handed clean room 
reverse engineering.

Don't forget that nxssh is also required for any kind of client 
functionality, guess where that comes from...

Samba and CuPS would be kind of optional, but without those you simply 
won't have (seamless) file access/ printing support, same goes for esound 
and audio support.

> I've tried updating freenx in the past, and the experience was awful (and 
> it failed, obviously).

Simply "updating" the libraries and FreeNX isn't too difficult, but what 
would be the result?
As is, it is not releasable for debian, because it simply duplicates vast amounts
of security sensitive basic packages like X.org and openssh. Doing the 
"same everyone else does" outside of debian is possible, but requires quite
some dedication and time (don't even consider it, if your spare time comes 
in <=30 minute chunks) to just keep it working/ up to date - and still 
ignores security implications of forked package sources which have long 
been abandoned upstream (don't dare to think all known security issues 
in the underlying X.org (and friends) code base would be covered by 
upstream releases, they aren't).

NX is a really cool technology, but as it presents itself today it is 
simply unmaintainable in a responsible way<fullstop>.
(I'm not even thinking about stable release criterias here)

Getting it in shape for "3rd party distribution" is not impossible, but 
really requires a lively developer crowd (>>1) with lots of spare time to 
get it FHS compliant, rediffed against current (modular) X.org/ openssh and
then to hopefully reduce the necessity of forking (or to use approaches
like apache2-src vs. apache2-mpm-itk), supporting upstreams for FOSS 
clients (2X nxclient, qtnx/ nxclientlib) etc. 
But all of this would still kind of ignore the licensing vs. code 
duplication issues.

Personally I am still very interested in NX (or similar FOSS technologies),
but had to realize that there needs to be an answer to those issues first,
which won't solve itself over time (unless you bet on broadband propagation
and roundtrip/ latency reduction), but need active work on development and
license issues. Just dumping quick and dirty builds into the wild wouldn't 
be responsible maintenance at all.

Regards
	Stefan Lippers-Hollmann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-nx-group/attachments/20080108/a86d6e2a/attachment-0001.pgp

More information about the Pkg-nx-group mailing list