Bug 1168511
| Summary: | Review Request: radamsa - test case generator for robustness testing, aka a fuzzer | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Niranjan MR <niranjan> |
| Component: | Package Review | Assignee: | Parag AN(पराग) <panemade> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | kumarpraveen.nitdgp, package-review, panemade |
| Target Milestone: | --- | Flags: | panemade:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | radamsa-0.4-2.fc20 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-02-03 11:59:27 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1174288 | ||
| Bug Blocks: | |||
|
Description
Niranjan MR
2014-11-27 07:59:14 UTC
Hi Niranjan, We have this process http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group to get sponsored in packager group. Can you either submit few more packages and/or some (3-5) package reviews? This is needed to make sure package submitter understands packaging well and follows as per fedora packaging guidelines. Please go through links 1) http://fedoraproject.org/wiki/Package_Review_Process 2) https://fedoraproject.org/wiki/PackagingGuidelines 3) To find package already submitted for review check http://fedoraproject.org/PackageReviewStatus/ 4) http://fedoraproject.org/wiki/Packaging:ReviewGuidelines 5) https://fedorahosted.org/FedoraReview/ this is fedora-review tool to help review packages in fedora. If you got any questions please ask :) I can do formal review, since I am not able to provide sponorship so removing myself from Assiginee. Thanks Praveen. You are welcome to do formal review here. Note: From http://fedoraproject.org/wiki/Package_Review_Process#Reviewer, "If it is the first package of a Contributor, the Reviewer must be in the Sponsor group and be willing to sponsor that Contributor." So, If I see package contributor will do minimum 3 full package reviews as part of http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group#Show_Your_Expertise_by_Commenting_on_other_Review_Requests then I will sponsor him :) Thanks parag, will try to review packages and let you know. =====This is a Formal review======
Package Review
==============
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
Issues:
=======
- Package uses either %{buildroot} or $RPM_BUILD_ROOT
!
Note: Using both %{buildroot} and $RPM_BUILD_ROOT
See: http://fedoraproject.org/wiki/Packaging/Guidelines#macros
- No License Information in Source tarball (need to request from upstream)
- changelog is not correct (check rpmlint warnings)
- Spec file contain clean section which not required any more.
- No BuildRequire/Require present, Try to build it using koji or mock to find out what should be included for BuildRequire and Require section.
===== MUST items =====
C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
Generic:
[!]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[!]: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s)
for the package is included in %doc.
[!]: License field in the package spec file matches the actual license.
Note: Checking patched sources after %prep for licenses. Licenses found:
"Unknown or generated". 13 files have unknown license. Detailed output of
licensecheck in /home/prkumar/fedora-scm/1168511-radamsa/licensecheck.txt
[x]: %build honors applicable compiler flags or justifies otherwise.
[-]: Package contains no bundled libraries without FPC exception.
[!]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Each %files section contains %defattr if rpm < 4.4
Note: %defattr present but not needed
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[-]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[!]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[-]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[-]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 10240 bytes in 1 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least one
supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: Package do not use a name that already exist
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as provided
in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
%{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv, /opt or /usr/local
===== SHOULD items =====
Generic:
[!]: Sources can be downloaded from URI in Source: tag
Note: Could not download Source0:
http://ouspg.googlecode.com/files/radamsa-0.3.tar.gz
See: http://fedoraproject.org/wiki/Packaging:Guidelines#Tags
[!]: Package has no %clean section with rm -rf %{buildroot} (or
$RPM_BUILD_ROOT)
Note: %clean present but not required
[!]: If the source package does not include license text(s) as a separate file
from upstream, the packager SHOULD query upstream to include it.
[x]: Final provides and requires are sane (see attachments).
[x]: Package functions as described.
[x]: Latest version is packaged.
[x]: Package does not include license text files separate from upstream.
[-]: SourceX tarball generation or download is documented.
Note: Package contains tarball without URL, check comments
[x]: Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
[x]: Package should compile and build into binary rpms on all supported
architectures.
[x]: %check is present and all tests pass.
[x]: Packages should try to preserve timestamps of original installed files.
[x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file
[x]: Reviewer should test that the package builds in mock.
[x]: Buildroot is not present
[x]: Dist tag is present (not strictly required in GL).
[x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin.
[x]: Uses parallel make %{?_smp_mflags} macro.
[x]: SourceX is a working URL.
[x]: Spec use %global instead of %define unless justified.
===== EXTRA items =====
Generic:
[x]: Rpmlint is run on all installed packages.
Note: There are rpmlint messages (see attachment).
[x]: Large data in /usr/share should live in a noarch subpackage if package is
arched.
[x]: Spec file according to URL is the same as in SRPM.
Rpmlint
-------
Checking: radamsa-0.3-1.fc20.x86_64.rpm
radamsa-0.3-1.fc20.src.rpm
radamsa.x86_64: W: name-repeated-in-summary C Radamsa
radamsa.x86_64: W: spelling-error %description -l en_US fuzzer -> fuzzier, fuzzes, fuzzed
radamsa.x86_64: W: incoherent-version-in-changelog 0.3 ['0.3-1.fc20', '0.3-1']
radamsa.src: W: name-repeated-in-summary C Radamsa
radamsa.src: W: spelling-error %description -l en_US fuzzer -> fuzzier, fuzzes, fuzzed
radamsa.src:7: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 7)
2 packages and 0 specfiles checked; 0 errors, 6 warnings.
Rpmlint (installed packages)
----------------------------
# rpmlint radamsa
radamsa.x86_64: W: name-repeated-in-summary C Radamsa
radamsa.x86_64: W: spelling-error %description -l en_US fuzzer -> fuzzier, fuzzes, fuzzed
radamsa.x86_64: W: incoherent-version-in-changelog 0.3 ['0.3-1.fc20', '0.3-1']
1 packages and 0 specfiles checked; 0 errors, 3 warnings.
# echo 'rpmlint-done:'
Requires
--------
radamsa (rpmlib, GLIBC filtered):
libc.so.6()(64bit)
rtld(GNU_HASH)
Provides
--------
radamsa:
radamsa
radamsa(x86-64)
Thanks praveen for the review, Regarding license i am checking with upstream and filed an issue upstream to include License file. https://code.google.com/p/ouspg/issues/detail?id=97 Nice to have radamsa packaged for Fedora :-) (I'm a colleague of the author). Alas, there might be some complications (which have discouraged me from doing a package myself) You may want to note that radamsa.c is actually generated from rad/*.scm (the real source code for radamsa) and that is done by https://code.google.com/p/owl-lisp/ , and thus radamsa.c starts with a sort-of-binary-blob of bytecode. It's all MIT licensed, so no problems with licensing. I doubt anyone wants owl separately packaged, so to 100% comply with all open source guidelines could just include owl in the src.rpm and build owl, rebuild radamsa.c and then build that. Or verify whether fedora blob exception magic could apply here and use upstream radamsa.c like you did here :-) Radamsa git has a license file already, will poke to see whether a 0.3.1 or so with it is possible (or if he's ready to release 0.4) Thanks Pekka for your inputs, It would be nice if they include a License file Regarding providing owl in the src rpm, I am working on it. Upstream has released a new version with License file included in the source tar . Upstream Ticket: https://code.google.com/p/ouspg/issues/detail?id=97#makechanges Newupstream version: http://haltp.org/aoh/misc/radamsa-0.4.tar.gz I will update with new spec and scratch build. (In reply to Pekka Pietikäinen from comment #7) > I doubt anyone wants owl separately packaged, so to 100% comply with all > open source guidelines could just include owl in the src.rpm and build owl, > rebuild radamsa.c and then build that. > I or Niranjan can package owl separately, i am sure it will prove useful, otherwise as well :) > Or verify whether fedora blob exception magic could apply here and use > upstream radamsa.c like you did here :-) > > Radamsa git has a license file already, will poke to see whether a 0.3.1 or > so with it is possible (or if he's ready to release 0.4) True, owl also works as a BuildRequires for https://code.google.com/p/ouspg/wiki/Blab, also a pretty nifty tool. Please find the Review request for owl-lisp at: https://bugzilla.redhat.com/show_bug.cgi?id=1174288 I will modify the spec file of radamsa appropriately and submit modified spec and srpm. Apologize for the delay Since owl-lisp is being packaged separately, Radamsa's Makefile needs to be modified to use /usr/bin/ol . I have raised an issue upstream for the changes. https://code.google.com/p/ouspg/issues/detail?id=98 radamsa spec file and srpm has been modified. The changes made are: * owl-lisp is added in Build requires. * Radamsa Make file has a new target build_radamsa, which checks of /usr/bin/ol and uses it to generate radamsa.c radamsa spec file: https://mrniranjan.fedorapeople.org/radamsa.spec radamsa srpm: https://mrniranjan.fedorapeople.org/radamsa-0.4-1.fc21.src.rpm Requesting review, I have made all the changes as specified in the review. Just Note: owl-lisp is Build time requirement for this radamsa . Review request for owl-lisp can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=1174288 Updated spec file: https://mrniranjan.fedorapeople.org/radamsa.spec UPdated SRPM: https://mrniranjan.fedorapeople.org/radamsa-0.4-2.fc21.src.rpm Parag: My unofficial package reviews: https://bugzilla.redhat.com/show_bug.cgi?id=1174933 https://bugzilla.redhat.com/show_bug.cgi?id=1175023 https://bugzilla.redhat.com/show_bug.cgi?id=1176658 Also i am packaging one more package: owl-lisp : https://bugzilla.redhat.com/show_bug.cgi?id=1174288 Could you please review above Hey Niranjan, Please try to do full package reviews and when using fedora-review tool, mark all the items like ! or x or - or ? Hey parag: I have added full review in the below bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1175023 https://bugzilla.redhat.com/show_bug.cgi?id=1176658 for : https://bugzilla.redhat.com/show_bug.cgi?id=1174933 The source tar ball is not downloadable. Same here also 1) BuildRequire for gcc is not needed see https://fedoraproject.org/wiki/Packaging:Guidelines#Exceptions_2 2) Requires: glibc is not needed as well 3) in %install section you don't need following as its automatically get cleaned rm -rf $RPM_BUILD_ROOT See https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRoot_tag 4) you don't need now to specify %defattr(-,root,root,-) See https://fedoraproject.org/wiki/Packaging:Guidelines#File_Permissions 5) %clean section is not needed for Fedora packaging. See https://fedoraproject.org/wiki/Packaging:Guidelines#.25clean Thanks parag, Please find the updated spec and srpms: spec: https://mrniranjan.fedorapeople.org/radamsa.spec srpm: https://mrniranjan.fedorapeople.org/radamsa-0.4-2.fc21.src.rpm Fixed rpmlint errors for radamsa-debuginfo packages: spec files and srpms can be find in the same location specified in comment #21 parag, Could you have a look at the updated spec and srpm in comment #21 After owl-lisp gets built on koji for all requested branches I will approve this package. Parag, Below are the links of koji builds for owl-lisp http://koji.fedoraproject.org/koji/taskinfo?taskID=8606220 [rawhide] http://koji.fedoraproject.org/koji/taskinfo?taskID=8606454 [f21] http://koji.fedoraproject.org/koji/taskinfo?taskID=8606599 [f20] https://admin.fedoraproject.org/pkgdb/package/owl-lisp/ Thanks. APPROVED this package New Package SCM Request ======================= Package Name: radamsa Short Description:Test case generator for robustness testing. Upstream URL: http://code.google.com/p/ouspg/wiki/Radamsa Owners: mrniranjan huzaifas Branches: f20 f21 devel InitialCC: huzaifas pjp Git done (by process-git-requests). radamsa-0.4-2.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/radamsa-0.4-2.fc20 radamsa-0.4-2.fc20 has been pushed to the Fedora 20 testing repository. radamsa-0.4-2.fc20 has been pushed to the Fedora 20 stable repository. |