Account not part of Packager group issue.
by René Ribaud
Hello,
I'm currently facing an issue with my fedora account.
I would like to add new python packages to Fedora.
So I followed the process for my package
https://bugzilla.redhat.com/show_bug.cgi?id=1258405
The package was approved.
At the SCM step, I flagged my ticket with the "fedora-cvs=?" but
unfortunately it was refused because my account seems not part of the
Packager group.
My account name is "uggla".
Everything (status, cla, etc...) seems ok on the Fedora account web page.
There is nothing listed at the "things to do" page.
Looking at the "join a group" section, I have not the "join button" in
front of the Packager group allowing me to do it.
I had opened my account and submitted packages several years ago but didn't
use it for a long time, maybe this is the root cause of the issue.
Right now I'm stuck with this problem. Please, could someone help/advice me
to unlock this situation ?
Best regards.
René
8 years, 6 months
Re: [Fedora-packaging] RFC mass bug reporting: checksec failures
by Alexander Todorov
На 17.09.2015 в 08:33, Ben Boeckel написа:
> On Wed, 16 Sep, 2015 at 16:24:02 GMT, Alexander Todorov wrote:
>> Please let me know which packages need to genuinely be excluded and what should
>> we do with these packages ? Some will probably be fixed once they are rebuilt
>> but that may take a while.
>>
>> Any package maintainers out there - please fix your packages in Rawhide so we
>> don't have to file bugs for all of them.
>
> I see lots (probably all) of ghc-* packages, so filing one against
> ghc-rpm-macros or ghc itself would probably be the most expedient there.
> If it is just a missed flag or something, it can be rolled up with the
> 7.10.0 rebuild which I believe is planned for Rawhide.
>
FYI:
https://bugzilla.redhat.com/show_bug.cgi?id=1263957
> Of course, if ghc doesn't support everything checksec looks for,
> ignoring everything under %{_libdir}/ghc-*/ would be best. Jens?
>
> For any CMake-using projects (I see at least CMake itself and ParaView
> in the list), setting the `POSITION_INDEPENDENT_CODE` property[1] on
> targets would fix any missing -fPIE. It is initialized with
> `CMAKE_POSITION_INDEPENDENT_CODE`, so adding:
>
> -DCMAKE_POSITION_INDEPENDENT_CODE:BOOL=ON
>
> to %cmake when hardening is enabled should fix -fPIE missing. Anything
> with internal static libraries *might* need a scalpel to turn off the
> property on those targets.
>
> --Ben
>
> [1]http://www.cmake.org/cmake/help/v3.3/prop_tgt/POSITION_INDEPENDENT_CODE...
>
Ben,
is there any way this CMake property be turned on globally ?
--
Alex
8 years, 6 months
RFC mass bug reporting: checksec failures
by Alexander Todorov
Hello folks,
I'm looking at this feature:
https://fedoraproject.org/wiki/Changes/Harden_All_Packages
<quote>
How To Test
Running checksec should always report only
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH
otherwise a tracking bug should exist for the respective packages
</quote>
On a current Rawhide installation I'm seeing lots of potential failures, for
example:
Partial RELRO Canary found NX enabled No PIE No RPATH No
RUNPATH
Question is how to deal with these because they appear to be in the hundreds ?
I will do my best to filter out any false negatives and group the results per
package but this still leaves quite a big number of bugs to report.
How do you feel about reporting all of these offences automatically ? Are there
any known exceptions which should be mentioned in the wiki page above ?
--
Alex
8 years, 6 months
Proposal to reduce anti-bundling requirements
by Stephen Gallagher
I assume that subject line got your attention.
I know this is a long-standing debate and that this thread is likely
to turn into an incomprehensible flamewar filled with the same tired
arguments, but I'm going to make a proposal and then attempt to
respond to many of those known arguments up-front (in the hopes that
we can try to keep the conversation on-track). Please keep the
conversation on devel(a)lists.fedoraproject.org . I CCed packaging@ to
make them aware of this discussion.
Right now, we have a policy that essentially forbids source code from
being bundled into a package. In technical terms, this means
essentially that the packaging policies mandate that any code that
appears more than once in the repository must be turned into a shared
library and dynamically linked into any package that requires it. Any
package that wants an exception to this must petition the Fedora
Packaging Committee and get an explicit exemption from this policy.
This process is heavyweight and sometimes inconsistent in how the
decision is made.
I would like to propose that the no-bundled-libraries policy be
amended as follows: "Any package that has an existing mechanism to
link against a shared system library and functions correctly when
doing so must link against that library and not bundle it internally.
Any package whose upstream releases cannot link against a shared
system library (or are incompatible with the version in Fedora) may
bundle that library (without requiring a special exemption) but MUST
add Provides: bundled(<libname>) = <version> in the spec file for each
known bundled library.(This will allow us to track down the bundling
when we need to). Package maintainers should continue attempt to
engage upstream to support linking against shared system libraries
wherever possible, due to the advantages it provides the package
maintainer."
The reason for this proposal is relatively simple: we know the
advantages to unbundling, particularly with security and resource-
usage. However, the world's developer community largely *does not
care*. We fought the good fight, we tried to bring people around to
seeing our reasoning and we failed.
The point of software is to provide a service to an end-user. Users
don't run software because it has good packaging policies, they run
software because it meets a need that they have. If they can't get
that software from Fedora, they *will* get it from another source (or
use a different OS that doesn't get in their way). I'll take a moment
to remind people that two of Fedora's Four Foundations are "Features"
and "First". We want Fedora to be the most feature-complete
distribution available and we want to get there before anyone else
does. I would say that holding to our no-bundling policy actively
defeats our efforts on that score.
Let me describe some of the advantages to bundling and to unbundling
(as noted so we can hopefully skip some of the hotter parts of the
flamewar). As I noted above, anything that is capable of unbundling
should remain unbundled for its advantages. But things that are not
currently capable (or can't be due to forwards/backwards compatibility
issues, etc.) really shouldn't be forced to attempt it.
== Advantages to using shared libraries ==
* Security/Bugs - When a bug or security vulnerability is located in
a library, it needs to be patched in only a single package in order to
fix all applications using that library.
* Resources - A shared library only needs to be loaded into memory
once, reducing the memory requirements of the system.
== Advantages to bundling ==
* Guarantees that the application is running with the same set of
code that upstream tested. (Fewer Fedora-specific bugs means less
burden on the maintainer)
* Simplifies packaging of updates. (Fedora maintainer does not need
to keep tabs on unbundling patches to keep in sync for new versions)
* Increases the available pool of software that can be packaged
substantially (many modern languages such as Ruby and Go are
realistically only functional with allowable bundling)
* Did I mention the reduction in maintainer burden yet?
Thank you for reading this far. I know that this is a topic that
people get highly passionate about, so please do your best to restrain
your responses to reasoned statments and avoid the temptation to get
angry. I'll summon up a third of our Four Foundations here: remember
that Fedora is built on "Friends" too. This should be a discussion and
not an argument.
8 years, 6 months
Summary/Minutes from today's FPC Meeting (2015-09-10 16:00 - 17:45 UTC)
by James Antill
======================
#fedora-meeting-1: fpc
======================
Meeting started by geppetto at 16:00:13 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting-1/2015-09-10/fpc.2015-09-...
.
Meeting summary
---------------
* Roll Call (geppetto, 16:00:14)
* Schedule (geppetto, 16:13:40)
* LINK:
https://lists.fedoraproject.org/pipermail/packaging/2015-September/010965...
(geppetto, 16:13:48)
* #550 Darktable and Rawspeed internal library (geppetto, 16:14:10)
* LINK: https://fedorahosted.org/fpc/ticket/550 (geppetto, 16:14:16)
* ACTION: Temporary exception during 23/24 for Darktable, due to
critical usage in Design spin (+1:5, 0:1, -1:1) (geppetto,
16:41:19)
* #567 Packaging Python 3 applications and modules for EPEL 7+
(geppetto, 16:41:40)
* LINK: https://fedorahosted.org/fpc/ticket/567 (geppetto, 16:41:41)
* LINK:
http://lists.rpm.org/pipermail/rpm-list/2015-September/001763.html
(orionp, 16:53:03)
* ACTION: orionp Update draft, incl. py3_pkg etc. (geppetto,
17:04:24)
* Everyone mostly seems in favour of it for el7 optional (geppetto,
17:04:40)
* #566 RPM file triggers (geppetto, 17:04:50)
* LINK: https://fedorahosted.org/fpc/ticket/566 (geppetto, 17:04:50)
* LINK:
https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Icon_Cache
(kalev, 17:29:40)
* LINK:
https://wiki.mageia.org/en/RPM_filetriggers#Currently_supported_filetriggers
(geppetto, 17:33:53)
* Builders are currently at F21, but should move to F23 soon … can't
use them until then though. (geppetto, 17:37:23)
* Open Floor (geppetto, 17:38:08)
Meeting ended at 17:45:08 UTC.
Action Items
------------
* Temporary exception during 23/24 for Darktable, due to critical usage
in Design spin (+1:5, 0:1, -1:1)
* orionp Update draft, incl. py3_pkg etc.
Action Items, by person
-----------------------
* orionp
* orionp Update draft, incl. py3_pkg etc.
* **UNASSIGNED**
* Temporary exception during 23/24 for Darktable, due to critical
usage in Design spin (+1:5, 0:1, -1:1)
People Present (lines said)
---------------------------
* geppetto (139)
* tibbs|w (103)
* mizmo (33)
* kalev (27)
* orionp (25)
* Rathann (19)
* tomspur (19)
* adamw (17)
* racor (15)
* zodbot (13)
* sgallagh (12)
* stickster (6)
* rishi (3)
* bochecha (3)
* jwb (3)
* drago01 (2)
* SmootherFrOgZ (2)
* tibbs (0)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
8 years, 6 months
Re: [Fedora-packaging] Proposal to reduce anti-bundling requirements
by Jon Ciesla
On Thu, Sep 10, 2015 at 10:44 AM, Adam Williamson <
adamwill(a)fedoraproject.org> wrote:
> On Thu, 2015-09-10 at 09:03 -0500, Jon Ciesla wrote:
> > On Thu, Sep 10, 2015 at 8:53 AM, Stephen Gallagher <sgallagh(a)redhat.c
> > om>
> > wrote:
> >
> > > I assume that subject line got your attention.
> > >
> > > Most definitely. :)
> >
> > So it's basically the same but without FPC as a gatekeeper? Do you
> > have
> > any proposals for enforcement? A periodic query of Provides
> > (bundled-foo)
> > and a BZ requesting a review? Sometime projects enable unbundling
> > over
> > time.
>
> Do we have any kind of consistent 'enforcement' of the *current*
>
Not really. People find things and file BZs to get them fixed, but there's
really no pressure.
> policy?
> --
> Adam Williamson
> Fedora QA Community Monkey
> IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
> http://www.happyassassin.net
>
>
> --
> devel mailing list
> devel(a)lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
--
http://cecinestpasunefromage.wordpress.com/
------------------------------------------------
in your fear, seek only peace
in your fear, seek only love
-d. bowie
8 years, 6 months
Schedule for Thursday's FPC Meeting (2015-09-10 16:00 UTC)
by James Antill
Following is the list of topics that will be discussed in the FPC
meeting Thursday at 2015-09-10 16:00 UTC in #fedora-meeting-1 on
irc.freenode.net.
Local time information (via. rktime):
2015-09-10 09:00 Thu US/Pacific PDT
2015-09-10 12:00 Thu US/Eastern EDT
2015-09-10 16:00 Thu UTC <-
2015-09-10 17:00 Thu Europe/London BST
2015-09-10 18:00 Thu Europe/Paris CEST
2015-09-10 18:00 Thu Europe/Berlin CEST
2015-09-10 21:30 Thu Asia/Calcutta IST
------------------new day----------------------
2015-09-11 00:00 Fri Asia/Singapore SGT
2015-09-11 00:00 Fri Asia/Hong_Kong HKT
2015-09-11 01:00 Fri Asia/Tokyo JST
2015-09-11 02:00 Fri Australia/Brisbane EST
Links to all tickets below can be found at:
https://fedorahosted.org/fpc/report/13
= New business =
#topic #566 RPM file triggers
.fpc 566
https://fedorahosted.org/fpc/ticket/566
#topic #567 Packaging Python 3 applications and modules for EPEL 7+
.fpc 567
https://fedorahosted.org/fpc/ticket/567
= Open Floor =
For more complete details, please visit each individual ticket. The
report of the agenda items can be found at:
https://fedorahosted.org/fpc/report/13
If you would like to add something to this agenda, you can reply to
this e-mail, file a new ticket at https://fedorahosted.org/fpc,
e-mail me directly, or bring it up at the end of the meeting, during
the open floor topic. Note that added topics may be deferred until
the following meeting.
8 years, 6 months
Summary/Minutes from today's FPC Meeting (2015-09-03 16:00 - 18:00 UTC)
by James Antill
======================
#fedora-meeting-1: fpc
======================
Meeting started by geppetto at 16:00:26 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting-1/2015-09-03/fpc.2015-09-...
.
Meeting summary
---------------
* Roll Call (geppetto, 16:00:26)
* Schedule (geppetto, 16:06:05)
* LINK:
https://lists.fedoraproject.org/pipermail/packaging/2015-September/010958...
(geppetto, 16:06:08)
* #562 Bundling exception for MongoDB (geppetto, 16:06:17)
* LINK: https://fedorahosted.org/fpc/ticket/562 (geppetto, 16:06:17)
* ACTION: Need answer to tibbs question about permanence of this
bundling. (geppetto, 16:17:36)
* ACTION: Do we know of anything else that uses WT, as other wise it
seems pretty simple to remote WT and make it a sub-package of
mongoDB and just ship whatever they ship. (geppetto, 16:18:15)
* ACTION: Please fix the FTBFS for mongoDB, as this also seems
related. (geppetto, 16:18:41)
* #564 Bundling exception for apacheds-jdbm (geppetto, 16:24:29)
* LINK: https://fedorahosted.org/fpc/ticket/564 (geppetto, 16:24:29)
* ACTION: Given you said the changes are good for everyone, and the
forked version could be canonical. Can you become the Fedora
maintainer and use your version? (geppetto, 16:32:11)
* #567 Packaging Python 3 applications and modules for EPEL 7+
(geppetto, 16:33:01)
* LINK: https://fedorahosted.org/fpc/ticket/567 (geppetto, 16:33:02)
* LINK:
https://fedoraproject.org/w/index.php?title=User%3ABkabrda%
2FEPEL7_Python3&diff=421403&oldid=405371
(geppetto, 16:34:47)
* ACTION: tibbs Find a way to hide the differences between Fedora/EPEL
in an updated draft (geppetto, 17:24:41)
* LINK: https://www.python.org/dev/peps/pep-0478/ (geppetto,
17:25:29)
* py3.5 released in 10 days (13th Sept), so this is more aimed. at the
3.5 => 3.6 transition (geppetto, 17:30:04)
* Open Floor (geppetto, 17:33:06)
Meeting ended at 18:00:51 UTC.
Action Items
------------
* Need answer to tibbs question about permanence of this bundling.
* Do we know of anything else that uses WT, as other wise it seems
pretty simple to remote WT and make it a sub-package of mongoDB and
just ship whatever they ship.
* Please fix the FTBFS for mongoDB, as this also seems related.
* Given you said the changes are good for everyone, and the forked
version could be canonical. Can you become the Fedora maintainer and
use your version?
* tibbs Find a way to hide the differences between Fedora/EPEL in an
updated draft
Action Items, by person
-----------------------
* tibbs
* Need answer to tibbs question about permanence of this bundling.
* tibbs Find a way to hide the differences between Fedora/EPEL in an
updated draft
* **UNASSIGNED**
* Do we know of anything else that uses WT, as other wise it seems
pretty simple to remote WT and make it a sub-package of mongoDB and
just ship whatever they ship.
* Please fix the FTBFS for mongoDB, as this also seems related.
* Given you said the changes are good for everyone, and the forked
version could be canonical. Can you become the Fedora maintainer and
use your version?
People Present (lines said)
---------------------------
* tibbs|w (122)
* geppetto (115)
* orionp (45)
* zodbot (12)
* Rathann (10)
* mbooth (6)
* racor (3)
* tibbs (0)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
8 years, 6 months
Release Tag for Pre-release *and* Snapshot
by Scott Talbert
I've got a package where upstream that has basically stopped doing
releases, so I package git snapshots. However, the last release they did
was a pre-release (0.8.0rc1). Any suggestions on what an appropriate
Release tag should be in this case?
Something like:
0.%{releasenum}.rc1git%{shortcommit}%{?dist}
Scott
8 years, 7 months