On 11/20/18 6:58 AM, Florian Weimer wrote:
* Carlos O'Donell:
> The rpm checking in downstream complains that glibc-nss-devel
> has a dependency on glibc because the *.so links point to
> the compat and files nss DSOs. It's probably simplest to just
> make the glibc-nss-devel depend on the explicit version of
> glibc they were built with.
This looks like a false positive to me because we already have a
transitive dependency on %{name}%{_isa} = %{version}-%{release} via
nss_db%{_isa} = %{version}-%{release}.
In the technical sense it is a absolutely a false positive. There is
enough information to ensure that things work. But in the abstract
design of the package, if we moved the remaining NSS files out of the
main glibc package, then the symlinks in the -devel package would be
broken. So I think it's more of a warning.
The downstream check appears to be incorrect for Fedora, too. This
tells a different story, I think:
<
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_explicit_requ...
I didn't catch this in my review. Thanks. This is exactly the kind
of policy statement I was look to review.
I think in this case of a -devel package with symlinks directly to
files in the glibc package, we can probably list the explict requires
because we control both subpackages. Otherwise I'd apply the
"Explicit Requires" policy and call this a false positive.
> %package nss-devel
> Summary: Development files for directly linking NSS service modules
> +Requires: %{name} = %{version}-%{release}
> Requires: nss_db%{_isa} = %{version}-%{release}
> Requires: nss_hesiod%{_isa} = %{version}-%{release}
You didn't add %{_isa}. I suggest to use it for consistency.
I will add %{_isa} and commit this.
In the future if we move NSS packages out of glibc then we'd change
this Requires to match the new package that was split out.
--
Cheers,
Carlos.