https://bugzilla.redhat.com/show_bug.cgi?id=1860688
--- Comment #2 from Paul Townsend p@kobol.org --- Thank you for the review Andy. Comments inline.
(In reply to Andy Mender from comment #1)
Really nice job with the SPEC file! It looks super clean!
If you need a sponsor, your report should block the FE-NEEDSPONSOR bug report: https://bugzilla.redhat.com/show_bug.cgi?id=FE-NEEDSPONSOR That way it will be properly tracked and can be picked up by prospective sponsors :)
Thank you - I have done this :)
- Changed Source0 to use .xz file instead of .gz
I think either is fine.
License: BSD
`licensecheck` reports the following: epic5-2.1.2/contrib/ircman.c: *No copyright* GNU General Public License
There is a comment header in that file which indicates that it is indeed GPL licensed. I would change the "License:" block to: License: BSD and GPL and add a comment above "License:" to indicate this file is GPL licensed.
Done.
BuildRequires: gcc BuildRequires: gdbm-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel
The -devel packages can be represented as "pkgconfig(foo)", for instance "pkgconfig(gdbm)" instead of "gdbm-devel". If building fails for any of these, you can safely use the "package-devel" format.
Okay - ncurses and openssl worked with pkgconfig() but gdbm didn't so I have left that as -devel.
%install %make_install
Pass the "-p" flag to %make_install to preserve timestamps.
Done.
Full review below: Package Review ==============
Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed
Issues:
- Package installs properly. Note: Installation errors (see attachment) See: https://docs.fedoraproject.org/en-US/packaging-guidelines/
- Package does not use a name that already exists. Note: A package with this name already exists. Please check https://src.fedoraproject.org/rpms/epic5 See: https://docs.fedoraproject.org/en-US/packaging- guidelines/Naming/#_conflicting_package_names
- Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 2826240 bytes in 216 files. See: https://docs.fedoraproject.org/en-US/packaging- guidelines/#_documentation Review: Please, put the docs dir into a separate -doc package.
I'm not sure where that documentation size has come from:
[p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share/doc/epic5] % du -sh . 516K . [p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share/doc/epic5] % ls -R | wc -l 37
===== MUST items =====
C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: If your application is a C or C++ application you must list a BuildRequires against gcc, gcc-c++ or clang. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs.
Generic: [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. Note: Using prebuilt packages [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "Unknown or generated", "BSD 3-clause "New" or "Revised" License", "*No copyright* GNU General Public License", "*No copyright* Public domain", "Expat License", "BSD 4-clause "Original" or "Old" License". 275 files have unknown license. Detailed output of licensecheck in /home/amender/rpmbuild/SPECS/epic5/epic5/licensecheck.txt [x]: %build honors applicable compiler flags or justifies otherwise. [x]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [-]: Development files must be in a -devel package [?]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: Package is not known to require an ExcludeArch tag. [x]: Package complies to the Packaging Guidelines [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package must not depend on deprecated() packages. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local
===== SHOULD items =====
Generic: [x]: Reviewer should test that the package builds in mock. [x]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [?]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Sources are verified with gpgverify first in %prep if upstream publishes signatures. Note: gpgverify is not used. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [-]: %check is present and all tests pass. [!]: Packages should try to preserve timestamps of original installed files. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Fully versioned dependency in subpackages if applicable. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified.
===== EXTRA items =====
Generic: [!]: Rpmlint is run on all installed packages. Note: Mock build failed See: https://docs.fedoraproject.org/en-US/packaging- guidelines/#_use_rpmlint [ ]: Large data in /usr/share should live in a noarch subpackage if package is arched. Note: Arch-ed rpms have a total of 5468160 bytes in /usr/share Review: You can probably move stuff that goes into %{_datadir}/%{name} to a separate -data subpackage. I'm not sure whether the 5.4MB is worth the split, though.
Again, not sure where these size numbers have come from!
[p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share] % du -sh . 1.1M .
Installation errors
INFO: mock.py version 2.4 starting (python version = 3.8.3)... Start: init plugins INFO: selinux enabled Finish: init plugins INFO: Signal handler active Start: run Start: chroot init INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin Mock Version: 2.4 INFO: Mock Version: 2.4 Finish: chroot init INFO: installing package(s): /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.i686.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.s390x.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.armv7hl.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.x86_64.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.aarch64.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.ppc64le.rpm ERROR: Command failed: # /usr/bin/dnf --installroot /var/lib/mock/fedora-rawhide-x86_64/root/ --releasever 33 --setopt=deltarpm=False --allowerasing --disableplugin=local --disableplugin=spacewalk install
I'm not too sure why this is failing?
/home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.i686.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.s390x.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.armv7hl.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.x86_64.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.aarch64.rpm /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.ppc64le.rpm --setopt=tsflags=nocontexts
Rpmlint
Checking: epic5-2.1.2-1.fc33.src.rpm epic5.src: W: spelling-error Summary(en_US) ircII -> IRC, cir epic5.src: W: spelling-error %description -l en_US nhanced -> enhanced, chanced, nuanced epic5.src: W: spelling-error %description -l en_US rogrammable -> programmable, programmer epic5.src: W: spelling-error %description -l en_US lient -> lien, lint, lent epic5.src: W: spelling-error %description -l en_US ircII -> IRC, cir epic5.src: W: invalid-url BugURL: https://bugz.fedoraproject.org/epic5 HTTP Error 503: Service Temporarily Unavailable 1 packages and 0 specfiles checked; 0 errors, 6 warnings.
Manual Rpmlint
epic5.x86_64: W: spelling-error Summary(en_US) ircII -> IRC, cir epic5.x86_64: W: spelling-error %description -l en_US nhanced -> enhanced, chanced, nuanced epic5.x86_64: W: spelling-error %description -l en_US rogrammable -> programmable, programmer epic5.x86_64: W: spelling-error %description -l en_US lient -> lien, lint, lent epic5.x86_64: W: spelling-error %description -l en_US ircII -> IRC, cir epic5.x86_64: W: invalid-url BugURL: https://bugz.fedoraproject.org/epic5 HTTP Error 503: Service Temporarily Unavailable epic5.x86_64: E: missing-call-to-setgroups-before-setuid /usr/bin/epic5-2.1.2
My interpretation of the code is that setuid(getuid()); is called on a forked child PID to ensure the user running the program owns the child and exiting if it does not -- setuid() is not called in relation to dropping privileges. I can double-check this with the author if necessary.
epic5.x86_64: W: file-not-utf8 /usr/share/doc/epic5/UPDATES epic5.x86_64: W: manual-page-warning /usr/share/man/man1/epic5.1.gz 236: warning: macro `Tp' not defined epic5.x86_64: W: manual-page-warning /usr/share/man/man1/epic5.1.gz 252: warning: macro `TP' not defined epic5.x86_64: W: no-manual-page-for-binary epic5-2.1.2 1 packages and 0 specfiles checked; 1 errors, 10 warnings.
Source checksums
http://ftp.epicsol.org/pub/epic/EPIC5-PRODUCTION/epic5-2.1.2.tar.xz : CHECKSUM(SHA256) this package : 5e41cf00f924e79e3503dd456ecd9b1dd93ac447c2573d4fa7da03b8bd19dbad CHECKSUM(SHA256) upstream package : 5e41cf00f924e79e3503dd456ecd9b1dd93ac447c2573d4fa7da03b8bd19dbad
Requires
Provides
Files have been updated to reflect changes:
Spec URL: https://kobol.org/~p/fedora-rpms/epic5/epic5.spec SRPM URL: https://kobol.org/~p/fedora-rpms/epic5/epic5-2.1.2-1.fc32.src.rpm
- Paul