Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
Summary: Review Request: libvirt-sandbox - libvirt application sandbox framework
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Summary: Review Request: libvirt-sandbox - libvirt application sandbox framework Product: Fedora Version: rawhide Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: Package Review AssignedTo: nobody@fedoraproject.org ReportedBy: berrange@redhat.com QAContact: extras-qa@fedoraproject.org CC: notting@redhat.com, package-review@lists.fedoraproject.org Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: ---
Spec URL: http://berrange.fedorapeople.org/review/libvirt-sandbox/libvirt-sandbox.spec SRPM URL: http://berrange.fedorapeople.org/review/libvirt-sandbox/libvirt-sandbox-0.0.... Description: The libvirt-sandbox package provides an API for building application sandboxes using libvirt. Sandboxes can be based on either container or machine based virtualization technology. Also included is a simple command line tool for launching sandboxes for arbitrary commands.
This package is the basis for 2 Fedora 17 features
https://fedoraproject.org/wiki/Features/VirtSandbox https://fedoraproject.org/wiki/Features/SecureContainers
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
--- Comment #1 from Daniel Berrange berrange@redhat.com 2012-01-11 15:44:04 EST --- I have a F17 scratch build on x8_64:
http://koji.fedoraproject.org/koji/taskinfo?taskID=3640418
rpmlint is expected to show the following
libvirt-sandbox.x86_64: W: summary-not-capitalized C libvirt application sandbox framework libvirt-sandbox.src: W: summary-not-capitalized C libvirt application sandbox framework libvirt-sandbox-libs.x86_64: W: summary-not-capitalized C libvirt application sandbox framework libraries libvirt-sandbox-libs.x86_64: E: statically-linked-binary /usr/libexec/libvirt-sandbox-init-qemu libvirt-sandbox-devel.x86_64: W: summary-not-capitalized C libvirt application sandbox framework development files 4 packages and 0 specfiles checked; 1 errors, 4 warnings.
The warnings are all bogus.
The error can be ignored, because this particular binary is intentionally static. It must run inside an initrd where there are no dynamic libraries available. Fortunately this binary is tiny, has no external deps except glibc, and always runs inside a KVM guest under sVirt so is protected against any security issues
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Kashyap Chamarthy kchamart@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |kchamart@redhat.com
--- Comment #2 from Kashyap Chamarthy kchamart@redhat.com 2012-01-12 08:01:15 EST --- Here is my review.
######################################################## OK - %{?dist} tag is used in release OK - The package must be named according to the Package Naming Guidelines. OK - The spec file name must match the base package %{name} OK - The package must meet the Packaging Guidelines
OK - The package must be licensed with a Fedora approved license and meet the Licensing Guidelines (license is LGPLv2+)
OK - Every binary RPM package which stores shared library files must call ldconfig in %post and %postun OK - Rationale provided for static linking OK - The package MUST successfully compile and build
OK - The spec file must be written in American English. OK - The spec file for the package MUST be legible OK - The sources used to build the package must match the upstream source, as provided in the spec URL. ======================== [build@tesla SOURCES]$ gpg --verify libvirt-sandbox-0.0.1.tar.gz.asc gpg: Signature made Wed 11 Jan 2012 03:30:31 PM EST using RSA key ID 15104FDF gpg: Good signature from "Daniel P. Berrange berrange@redhat.com" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF [build@tesla SOURCES]$ ========================
OK - A Fedora package must not list a file more than once in the spec file's %files listings OK - Permissions on files must be set properly OK - Each package must have a %clean section OK - Each package must consistently use macros OK - The package must contain code, or permissible content OK - Large documentation files must go in a -doc subpackage -- No large documentation OK - If a package includes something as %doc, it must not affect the runtime of the application OK - Header files must be in a -devel package. OK - Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' - This is fetched as part of other deps. OK - Packages must NOT contain any .la libtool archives OK - No file conflicts with other packages and no general names. OK - All file names in rpm packages must be valid UTF-8 OK - The package does not yet exist in Fedora. The Review Request is not a duplicate. ########################################################
Looks good to me. Hope I didn't miss anything. As Dan already pointed out, rpmlint bogus warnings can be ignored.
Also, scratch build is successful per previous comment.
Review Approved.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Kashyap Chamarthy kchamart@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|nobody@fedoraproject.org |kchamart@redhat.com
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Kashyap Chamarthy kchamart@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag| |fedora-review+
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Daniel Berrange berrange@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag| |fedora-cvs?
--- Comment #3 from Daniel Berrange berrange@redhat.com 2012-01-12 09:25:55 EST --- New Package SCM Request ======================= Package Name: libvirt-sandbox Short Description: libvirt application sandbox framework Owners: berrange Branches: f16 InitialCC:
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
--- Comment #4 from Jon Ciesla limburgher@gmail.com 2012-01-12 09:47:43 EST --- Git done (by process-git-requests).
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=773442
Daniel Berrange berrange@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |RAWHIDE Last Closed| |2012-01-12 10:48:37
--- Comment #5 from Daniel Berrange berrange@redhat.com 2012-01-12 10:48:37 EST --- Built into rawhide.
package-review@lists.fedoraproject.org