https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Bug ID: 1016221 Summary: Review Request: courier-authlib - The Courier authentication library provides authentication services for other Courier applications. Product: Fedora Version: rawhide Component: Package Review Severity: medium Assignee: nobody@fedoraproject.org Reporter: viz@flippedperspective.com QA Contact: extras-qa@fedoraproject.org CC: notting@redhat.com, package-review@lists.fedoraproject.org
Spec URL: http://fedorapkgs.flippedperspective.com/SPECS/courier-authlib.spec SRPM URL: http://fedorapkgs.flippedperspective.com/SRPMS/courier-authlib-0.66.0-1.fc19...
Description:
The Courier authentication library provides authentication services for other Courier applications.
Fedora Account System Username: viz
Notes:
This is my first package, so I need a sponsor
When I ran rpmlint I saw 6 errors. One was an incorrect-fsf-address which I've already reported to upstream. The other 5 are non-readable /etc/authlib/auth*rc 0660L. I believe there are security reasons for not making these files world readable, especially for authmysqlrc, authpgsqlrc, and authldaprc, as these files contain passwords.
I intend to also pick up the courier-imap package (https://bugzilla.redhat.com/show_bug.cgi?id=514105) but figured I'd do courier-authlib first, as courier-authlib is a dependency for courier-imap.
Koji f19 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6030607 Koji f20 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6030575
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Christopher Meng cickumqt@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |201449 (FE-DEADREVIEW), | |485401 (KyaPanel), 514105 | |(courier-imap) CC| |itamar@ispbrasil.com.br
--- Comment #1 from Christopher Meng cickumqt@gmail.com --- *** Bug 486570 has been marked as a duplicate of this bug. ***
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=201449 [Bug 201449] FE-DEADREVIEW -- Reviews stalled due to lack of submitter response should be blocking this bug. https://bugzilla.redhat.com/show_bug.cgi?id=485401 [Bug 485401] Review Request: KyaPanel - Servers Manager The easy way to admin Postfix and Samba Servers. https://bugzilla.redhat.com/show_bug.cgi?id=514105 [Bug 514105] Review Request: courier-imap - The Courier IMAP server
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Christopher Meng cickumqt@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |cickumqt@gmail.com Blocks|201449 (FE-DEADREVIEW), |177841 (FE-NEEDSPONSOR) |485401 (KyaPanel), 514105 | |(courier-imap) |
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=177841 [Bug 177841] Tracker: Review requests from new Fedora packagers who need a sponsor https://bugzilla.redhat.com/show_bug.cgi?id=201449 [Bug 201449] FE-DEADREVIEW -- Reviews stalled due to lack of submitter response should be blocking this bug. https://bugzilla.redhat.com/show_bug.cgi?id=485401 [Bug 485401] Review Request: KyaPanel - Servers Manager The easy way to admin Postfix and Samba Servers. https://bugzilla.redhat.com/show_bug.cgi?id=514105 [Bug 514105] Review Request: courier-imap - The Courier IMAP server
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #2 from Christopher Meng cickumqt@gmail.com --- CCing because of interests.
Marking DUP of before one.
Thoughts:
1. I can see license clarification at the top of the spec, I don't think we need that.
2. I don't know if you can remove :
################################################################################
in the spec? As it's looking funny since this spec is not difficult for reading like kernel.
3. Group: System Environment/Daemons
Since Fedora doesn't need it as MUST, you can remove that or change to the correct one, I don't think it's a daemon.
4. Remove some tags cause they are obsoleted after Fedora 10:
BuildRoot: -- rm -rf $RPM_BUILD_ROOT in %install -- Whole %clean section -- %defattr(-,root,root,-)
5. I can see old style:
Requires: %{name} = 0:%{version}-%{release}
Please remove epoch in the version requires:
Requires: %{name} = %{version}-%{release}
I think we should add isa tag as:
Requires: %{name}%{?_isa} = %{version}-%{release}
http://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_and_.25.7B_...
6. Sort BR like in alphabetical order:
BuildRequires: expect BuildRequires: libltdl-devel BuildRequires: gdbm-devel BuildRequires: openldap-devel BuildRequires: pam-devel BuildRequires: mysql-devel BuildRequires: postgresql-devel BuildRequires: sqlite3-devel
7. Why this?
MAKEFLAGS= make -j 1 install DESTDIR=$RPM_BUILD_ROOT MAKEFLAGS= make -j 1 install-configure DESTDIR=$RPM_BUILD_ROOT
Why can't use parallel make?
http://fedoraproject.org/wiki/Packaging:Guidelines#Parallel_make
8. All install should be with -p option to preserve the timestamps.
http://fedoraproject.org/wiki/Packaging:Guidelines#Timestamps
9. The authenumerate.8 page comes from Debian, but do you think it's helpful?
http://sources.debian.net/data/main/c/courier-authlib/0.63.0-6/debian/authen...
(pod2man convert is needed if you really want to build from 'source')
10. %changelog:
-New initial RPM release heavily based on source spec file and the below changes
We can see others keeping a good style, so you can leave a space after "-"
11. Other distros have -authdaemon subpackage, would you like keep the same style with them?
12. configure should be with --disable-static
13. mkdir -p $RPM_BUILD_ROOT%{_datadir} install -m 555 %{name}.sysvinit $RPM_BUILD_ROOT%{_datadir}
First, you should use %doc to mark it as doc, avoid installing them directly.
Second, do we need this under systemd? Any substitution avail?
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #3 from Zvi "Viz" Effron viz@flippedperspective.com --- SPEC: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.0-2/SPECS/cour... SRPM: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.0-2/SRPMS/cour...
Koji f19 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6035077 Koji f20 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6035070
I think I've addressed all of the points above in a new build (except for #11 which I respond to below).
11. There's no reason we couldn't do a separate -authdaemon package, but it deviates more from the upstream spec files. It seems that some of the courier programs (e.g. courier-imap) don't need authdaemond, so there may be some interest in forming a separate package to install it. I'm not sure it warrants deviating further from upstream. Thoughts?
13. Currently the upstream provided unit file is just a wrapper around the sysvinit script. I've changed that in the new build, and have recommended the change to upstream.
Notes:
In the previous bug for this package (https://bugzilla.redhat.com/show_bug.cgi?id=486570) there was a discussion of placing libs being in %{_libdir} instead of %{_libdir}/%{name}. I brought this up with upstream, and they pointed out than many packages install groups of libraries to %{_libdir}/%{name}. They also suggested that an ld.so.conf.d entry is not needed because everything that uses those libraries loads them via dlopen.
However, when I tried to build upstream's latest courier-imap package it would fail unless I included the .la files. So for the time being, I'm including the ld.so.conf file and running ldconfig. When I take a look at packaging courier-imap, I'll see if I can figure out why the .la files are needed for it to find the shared libs.
This only seems to be a problem when building packages that rely on courier-authlib, though. Should the ownership of the ld.so.conf file and the runs of ldconfig be placed on the -devel subpackage instead of the base package?
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #4 from Christopher Meng cickumqt@gmail.com --- All 0:%{version}-%{release} should be removed, you didn't...
For 11/12 issues, sorry, I'm not sure, too.
Waiting for others' opinions.
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #5 from Zvi "Viz" Effron viz@flippedperspective.com --- SPEC: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.0-3/SPECS/cour... SRPM: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.0-3/SRPMS/cour...
Koji f19 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6040284 Koji f20 scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=6040289
I thought I'd gotten the epoch removed, but you're right I missed that. It's fixed in this build.
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Björn "besser82" Esser bjoern.esser@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |bjoern.esser@gmail.com Assignee|nobody@fedoraproject.org |bjoern.esser@gmail.com Flags| |fedora-review?
--- Comment #6 from Björn "besser82" Esser bjoern.esser@gmail.com --- taken ;)
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #7 from Christopher Meng cickumqt@gmail.com --- I'd like to see this package get approved.
Bjorn, any progress here?
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Christopher Meng cickumqt@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(bjoern.esser@gmai | |l.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
--- Comment #8 from Zvi "Viz" Effron viz@flippedperspective.com --- SPEC: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.1-1/SPECS/cour... SRPM: http://fedorapkgs.flippedperspective.com/courier-authlib/0.66.1-1/SRPMS/cour...
Koji f19 scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=6534172 Koji f20 scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=6534168 Koji f21 scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=6534161 Koji rawhide scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=6534160
Several of the changes I suggested to upstream were merged into 0.66.1.
Also, I've determined the ld.so.conf file and ldconfig runs do need to be in the base package or the executables won't be able to find the shared libraries.
https://bugzilla.redhat.com/show_bug.cgi?id=1016221
Björn "besser82" Esser besser82@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEW Assignee|besser82@fedoraproject.org |nobody@fedoraproject.org Flags|fedora-review? | |needinfo?(besser82@fedorapr | |oject.org) |
package-review@lists.fedoraproject.org