On Wed, Jun 7, 2023 at 8:33 PM Tim Flink <tflink(a)fedoraproject.org> wrote:
On 5/25/23 09:56, Xiao Yang wrote:
> Hi all,
>
> I try to create rpma source package on fedora by fedpkg --release rawhide
mockbuild.
> The permissions of original rpma.spec is 0644:
> $ ll rpma.spec
> -rw-r--r--. 1 mockbuild mock 2107 May 25 17:31 rpma.spec
>
> The permissions of rpma.spec in the generated rpma source package is changed to 0600
and then the following warning is triggered by fedpkg --release rawhide lint.
> $ fedpkg --release rawhide lint
> Failed to get repository name from Git url or pushurl
> Failed to get ns from Git url or pushurl
> Mockbuild results directory found. Linting mockbuild results.
> ============ rpmlint session starts ================
> rpmlint: 2.4.0
> configuration:
> /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml
> /etc/xdg/rpmlint/fedora-legacy-licenses.toml
> /etc/xdg/rpmlint/fedora-spdx-licenses.toml
> /etc/xdg/rpmlint/fedora.toml
> /etc/xdg/rpmlint/scoring.toml
> /etc/xdg/rpmlint/users-groups.toml
> /etc/xdg/rpmlint/warn-on-functions.toml
> checks: 31, packages: 4
>
> rpma.src: W: strange-permission rpma.spec 600
> 3 packages and 1 specfiles checked; 0 errors, 1 warnings, 0 badness; has taken 0.3
s
>
> Could you tell me how to fix the warning?
>
> Best Regards,
> Xiao Yang
> _______________________________________________
> devel mailing list -- devel(a)lists.fedoraproject.org
> To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
I don't know if you found a solution to this but I figured that I would post what I
ended up doing after hitting the same problem, assuming that you're also using
rpmautospec.
The root of this is that rpmautospec/rpkg use python's tempdir in their process of
rendering the actual spec file. On my system, at least, /tmp has 600 permissions so the
rendered file inherits those permissions and is just copied after rendering, making it
into the srpm without a permission change.
I assume that the koji builders don't have the same setup and thus avoid the rpmlint
warnings for official builds.
I fixed the problem for my local build by generating the srpm outside fedpkg:
$ mkdir build
$ rpmautospec process-distgit mypackage.spec build/mypackage.spec
$ chmod 644 build/mypackage.spec
$ mock -r fedora-rawhide-x86_64 --buildsrpm --spec build/mypackage.spec --sources .
$ cp /var/lib/mock/fedora-rawhide-x86_64/result/*.src.rpm .
I'm a little unclear on whether this needs to be fixed or not if it only affects
local mockbuilds or if there are better workarounds. If there's a better solution for
this other than going back to generating the changelog and release by hand, I'm all
ears 😄
Well, if this is caused by rpmautospec producing a file with unusual
permissions ...
It should be possible to retain the mode of the original spec file
somehow, and I'd report this as an RFE here: