Comment 99 for bug 102212

>I said that .svn dirs must be removed ;)
A package for being accepted must be lintian *clean*, so i think, as i prev said:
1) we get a good package from dev team
2) we get an execption from ubuntu-dev

Completely agree, we were just trying to see if we could get past this for the time being.

I think the best solution is as follows:

1) We split metasploit into the following packages -
     * metasploit-core (Containing all the core components, including CLI)
     * metasploit-web (Containing all of the msfweb files)
     * metasploit-gui (Containing all of the msfgui and needed files)
     * metasploit-data (Containing all exploits, modules, etc.)

2) Offer a way to automatically update the exploits and modules only (leaving core, web, and gui to be updated in future releases or with security concerns). Although we need to discuss how this should be approached, specific SVN, repackaging to the archive, a download script, etc.

The problem again, is how to we gain the ability to do such. The options are MSF distributes the upstream package as we have outlined above, or they allow an exception to the license that grants Ubuntu the right to modify the package and distribute in the way stated above.

But it is a long shot that they would repackage just to please one distro (even though other distros could benefit from such a release).
Worse it is unlikely any license exception or change will be seen until the next major release which should be accompanied by a new license.

Which leaves us hanging without a metasploit release again...feedback?

I wonder if the MSF team would be willing to create a separate SVN trunk for Ubuntu specifically, in which they release under the layout above?

Thanks,
Justin M. Wray