On Thu, Feb 13, 2014 at 11:30:23AM -0600, Dennis Gilmore wrote:
If ponting people at koji is good enough that's okay. The images will be made available somewhere on the download server and via mirrors say under /pub/fedora/linux/releases/21/Update1/Images/
but to get the sources you would need to either go to koji where only unsigned copies are easily available sometimes the only copy available. We do clean up the signed copy of older updates, we keep the signature header and can reattach it if needed. or you need to look through the Base release or updates source trees where the signed copy of the rpm will be available. With knowledge you can always get the source from git.
My concern is over how easily do we need to make the source available? does the source need to be available in the same location as the binaries?
do I need to have a source tree at /pub/fedora/linux/releases/21/Update1/SRPMS/ for instance to match above do we need to add a README.Sources or similar file that points the user to where to get the sources or do we not need to do anything?
Add a README.Sources or similar file that points the user to where to get the sources. They don't have to be available in the same location as the binaries, but they have to remain available for as long as Fedora is making the images available (which I assume would be the case if you point people to koji).
You can assume that the reader of README.Sources (or whatever) has the technical skill and knowledge of an average Fedora packager.
- Richard