Bug 226426
Summary: | Merge Review: spamassassin | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Nobody's working on this, feel free to take it <nobody> |
Component: | Package Review | Assignee: | Gwyn Ciesla <gwync> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Package Reviews List <fedora-package-review> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | gwync, kevin, perl-devel, redhat-bugzilla, wtogami |
Target Milestone: | --- | Flags: | gwync:
fedora-review+
|
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-04-01 12:43:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Nobody's working on this, feel free to take it
2007-01-31 21:00:44 UTC
*** Bug 224477 has been marked as a duplicate of this bug. *** rpmlint on SRPM: spamassassin.src:37: W: redundant-prefix-tag The Prefix tag is uselessly defined as %{_prefix} in your spec file. It should be removed, as it is redundant with rpm defaults. spamassassin.src:72: W: unversioned-explicit-obsoletes perl-Mail-SpamAssassin The specfile contains an unversioned Obsoletes: token, which will match all older, equal and newer versions of the obsoleted thing. This may cause update problems, restrict future package/provides naming, and may match something it was originally not inteded to match -- make the Obsoletes versioned if possible. Fix. spamassassin.src:101: W: rpm-buildroot-usage %build %{__perl} Makefile.PL DESTDIR=$RPM_BUILD_ROOT/ SYSCONFDIR=%{_sysconfdir} INSTALLDIRS=vendor ENABLE_SSL=yes < /dev/null $RPM_BUILD_ROOT should not be touched during %build or %prep stage, as it will break short circuiting. There may be a good reason for this. Is there? spamassassin.src:542: W: macro-in-%changelog postun Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. spamassassin.src:580: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. spamassassin.src: W: mixed-use-of-spaces-and-tabs (spaces: line 135, tab: line 108) The specfile mixes use of spaces and tabs for indentation, which is a cosmetic annoyance. Use either spaces or tabs for indentation, not both. spamassassin.src: W: summary-ended-with-dot Spam filter for email which can be invoked from mail delivery agents. Summary ends with a dot. Fix. spamassassin.src: W: strange-permission spamassassin-helper.sh 0755 A file that you listed to include in your package has strange permissions. Usually, a file should have 0644 permissions. Fix, or document in spec. rpmlint on RPMS: spamassassin.i386: E: incoherent-logrotate-file /etc/logrotate.d/sa-update Your logrotate file should be named /etc/logrotate.d/<package name>. Fix, if it won't be too catastrophic. spamassassin.i386: W: non-conffile-in-etc /etc/logrotate.d/sa-update A non-executable file in your package is being installed in /etc, but is not a configuration file. All non-executable files in /etc should be configuration files. Mark the file as %config in the spec file. Fix. spamassassin.i386: E: executable-marked-as-config-file /etc/mail/spamassassin/spamassassin-helper.sh Executables must not be marked as config files because that may prevent upgrades from working correctly. If you need to be able to customize an executable, make it for example read a config file in /etc/sysconfig. ???? spamassassin.i386: E: non-readable /etc/cron.d/sa-update 0600 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). Probably OK. spamassassin.i386: E: non-standard-executable-perm /usr/share/spamassassin/sa-update.cron 0744 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. Fix or document. spamassassin.i386: E: executable-marked-as-config-file /etc/rc.d/init.d/spamassassin Executables must not be marked as config files because that may prevent upgrades from working correctly. If you need to be able to customize an executable, make it for example read a config file in /etc/sysconfig. Fix. spamassassin.i386: W: summary-ended-with-dot Spam filter for email which can be invoked from mail delivery agents. Summary ends with a dot. spamassassin.i386: W: obsolete-not-provided perl-Mail-SpamAssassin If a package is obsoleted by a compatible replacement, the obsoleted package must also be provided in order to provide clean upgrade paths and not cause unnecessary dependency breakage. If the obsoleting package is not a compatible replacement for the old one, leave out the provides. spamassassin.i386: W: conffile-without-noreplace-flag /etc/rc.d/init.d/spamassassin A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here spamassassin.i386: W: dangerous-command-in-%post cp spamassassin.i386: W: no-reload-entry /etc/rc.d/init.d/spamassassin In your init script (/etc/rc.d/init.d/your_file), you don't have a 'reload' entry, which is necessary for good functionality. Fix. Otherwise, full review looks good, no other blockers. Ping? I became a co-maintainer here a while back, and haven't done much since. ;) I guess the least I can do is try and finish off this review. Will take a look soon and get back to you. Thanks Kevin. :) >rpmlint on SRPM: > >spamassassin.src:37: W: redundant-prefix-tag >The Prefix tag is uselessly defined as %{_prefix} in your spec file. It should >be removed, as it is redundant with rpm defaults. Removed. >spamassassin.src:72: W: unversioned-explicit-obsoletes perl-Mail-SpamAssassin >The specfile contains an unversioned Obsoletes: token, which will match all >older, equal and newer versions of the obsoleted thing. This may cause update >problems, restrict future package/provides naming, and may match something it >was originally not inteded to match -- make the Obsoletes versioned if >possible. > >Fix. Well, the problem here is that upsteam uses that package name. So, if someone installs the upstream rpms, then decides to upgrade to the fedora one, without this they will get a confusing mix. ;( >spamassassin.src:101: W: rpm-buildroot-usage %build %{__perl} Makefile.PL >DESTDIR=$RPM_BUILD_ROOT/ SYSCONFDIR=%{_sysconfdir} INSTALLDIRS=vendor >ENABLE_SSL=yes < /dev/null >$RPM_BUILD_ROOT should not be touched during %build or %prep stage, as it will >break short circuiting. > >There may be a good reason for this. Is there? It's not clear to me where it is using the build root. It's setting DESTDIR to it, but it shouldn't be using it. Will dig more, but ideas welcome. >spamassassin.src:542: W: macro-in-%changelog postun >Macros are expanded in %changelog too, which can in unfortunate cases lead to >the package not building at all, or other subtle unexpected conditions that >affect the build. Even when that doesn't happen, the expansion results in >possibly "rewriting history" on subsequent package revisions and generally odd >entries eg. in source rpms, which is rarely wanted. Avoid use of macros in >%changelog altogether, or use two '%'s to escape them, like '%%foo'. Fixed. >spamassassin.src:580: W: macro-in-%changelog post >Macros are expanded in %changelog too, which can in unfortunate cases lead to >the package not building at all, or other subtle unexpected conditions that >affect the build. Even when that doesn't happen, the expansion results in >possibly "rewriting history" on subsequent package revisions and generally odd >entries eg. in source rpms, which is rarely wanted. Avoid use of macros in >%changelog altogether, or use two '%'s to escape them, like '%%foo'. Fixed. >spamassassin.src: W: mixed-use-of-spaces-and-tabs (spaces: line 135, tab: line >108) >The specfile mixes use of spaces and tabs for indentation, which is a cosmetic >annoyance. Use either spaces or tabs for indentation, not both. At least that instance fixed up. ;) >spamassassin.src: W: summary-ended-with-dot Spam filter for email which can be >invoked from mail delivery agents. >Summary ends with a dot. > >Fix. Fixed. >spamassassin.src: W: strange-permission spamassassin-helper.sh 0755 >A file that you listed to include in your package has strange permissions. >Usually, a file should have 0644 permissions. > >Fix, or document in spec. It's a shell script that runs and shows the exit code (spam/notspam). I guess I can add a comment that it's expected to be executable. >rpmlint on RPMS: > >spamassassin.i386: E: incoherent-logrotate-file /etc/logrotate.d/sa-update >Your logrotate file should be named /etc/logrotate.d/<package name>. > >Fix, if it won't be too catastrophic. Well, it's not spamassassin itself that logs anything, it's the daily sa-update job that pulls updates to rules. I think it makes more sense to leave it as sa-update since thats the command that generates the logs. >spamassassin.i386: W: non-conffile-in-etc /etc/logrotate.d/sa-update >A non-executable file in your package is being installed in /etc, but is not a >configuration file. All non-executable files in /etc should be configuration >files. Mark the file as %config in the spec file. > >Fix. Good catch. Fixed. >spamassassin.i386: E: executable-marked-as-config-file >/etc/mail/spamassassin/spamassassin-helper.sh >Executables must not be marked as config files because that may prevent >upgrades from working correctly. If you need to be able to customize an >executable, make it for example read a config file in /etc/sysconfig. > >???? Humm. Not sure why thats marked as config. No one should ever change it. Sadly, thats generated the file that the make process generates. It might need a patch or getting upstream to fix it. >spamassassin.i386: E: non-readable /etc/cron.d/sa-update 0600 >The file can't be read by everybody. If this is expected (for security >reasons), contact your rpmlint distributor to get it added to the list of >exceptions for your distro (or add it to your local configuration if you >installed rpmlint from the source tarball). > >Probably OK. This makes little sense to me. I would expect 644 here. Perhaps Warren can chime in with a reason for 600 ? >spamassassin.i386: E: non-standard-executable-perm >/usr/share/spamassassin/sa-update.cron 0744 >A standard executable should have permission set to 0755. If you get this >message, it means that you have a wrong executable permissions in some files >included in your package. > >Fix or document. I suppose this is due to it not making much sense to run as non root but yet, it's fine it anyone looks at it. Will document. >spamassassin.i386: E: executable-marked-as-config-file >/etc/rc.d/init.d/spamassassin >Executables must not be marked as config files because that may prevent >upgrades from working correctly. If you need to be able to customize an >executable, make it for example read a config file in /etc/sysconfig. > >Fix. Fixed. >spamassassin.i386: W: summary-ended-with-dot Spam filter for email which can be >invoked from mail delivery agents. >Summary ends with a dot. Fixed. >spamassassin.i386: W: obsolete-not-provided perl-Mail-SpamAssassin >If a package is obsoleted by a compatible replacement, the obsoleted package >must also be provided in order to provide clean upgrade paths and not cause >unnecessary dependency breakage. If the obsoleting package is not a >compatible replacement for the old one, leave out the provides. See above. >spamassassin.i386: W: conffile-without-noreplace-flag >/etc/rc.d/init.d/spamassassin >A configuration file is stored in your package without the noreplace flag. A >way to resolve this is to put the following in your SPEC file: >%config(noreplace) /etc/your_config_file_here Fixed above by making it not a config file. >spamassassin.i386: W: dangerous-command-in-%post cp This is so that updates with old config file options that are no longer supported will get updated. I don't see any easy way around it. >spamassassin.i386: W: no-reload-entry /etc/rc.d/init.d/spamassassin >In your init script (/etc/rc.d/init.d/your_file), you don't have a 'reload' >entry, which is necessary for good functionality. spamd doesn't have any functionality to do a reload without just restarting as far as I know. >Otherwise, full review looks good, no other blockers. Ok. new spec: http://www.scrye.com/~kevin/fedora/spamassassin.spec diff against old: http://www.scrye.com/~kevin/fedora/spamassassin.diff scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=998690 Warren is going to look it over as well. (In reply to comment #6) > >spamassassin.src:72: W: unversioned-explicit-obsoletes perl-Mail-SpamAssassin > >The specfile contains an unversioned Obsoletes: token, which will match all > >older, equal and newer versions of the obsoleted thing. This may cause update > >problems, restrict future package/provides naming, and may match something it > >was originally not inteded to match -- make the Obsoletes versioned if > >possible. > > > >Fix. > > Well, the problem here is that upsteam uses that package name. > So, if someone installs the upstream rpms, then decides to upgrade > to the fedora one, without this they will get a confusing mix. ;( Then commenting this in the spec should be sufficient. > > >spamassassin.src:101: W: rpm-buildroot-usage %build %{__perl} Makefile.PL > >DESTDIR=$RPM_BUILD_ROOT/ SYSCONFDIR=%{_sysconfdir} INSTALLDIRS=vendor > >ENABLE_SSL=yes < /dev/null > >$RPM_BUILD_ROOT should not be touched during %build or %prep stage, as it will > >break short circuiting. > > > >There may be a good reason for this. Is there? > > It's not clear to me where it is using the build root. It's setting DESTDIR to > it, but it shouldn't be using it. Will dig more, but ideas welcome. I'll peek at it. > >spamassassin.src: W: strange-permission spamassassin-helper.sh 0755 > >A file that you listed to include in your package has strange permissions. > >Usually, a file should have 0644 permissions. > > > >Fix, or document in spec. > > It's a shell script that runs and shows the exit code (spam/notspam). > I guess I can add a comment that it's expected to be executable. That'd be perfect. > > >rpmlint on RPMS: > > > >spamassassin.i386: E: incoherent-logrotate-file /etc/logrotate.d/sa-update > >Your logrotate file should be named /etc/logrotate.d/<package name>. > > > >Fix, if it won't be too catastrophic. > > Well, it's not spamassassin itself that logs anything, it's the daily > sa-update job that pulls updates to rules. I think it makes more sense > to leave it as sa-update since thats the command that generates the logs. Agreed, might want to comment in spec. > > >spamassassin.i386: E: executable-marked-as-config-file > >/etc/mail/spamassassin/spamassassin-helper.sh > >Executables must not be marked as config files because that may prevent > >upgrades from working correctly. If you need to be able to customize an > >executable, make it for example read a config file in /etc/sysconfig. > > > >???? > > Humm. Not sure why thats marked as config. No one should ever change it. > Sadly, thats generated the file that the make process generates. > It might need a patch or getting upstream to fix it. Hmm. > >spamassassin.i386: W: conffile-without-noreplace-flag > >/etc/rc.d/init.d/spamassassin > >A configuration file is stored in your package without the noreplace flag. A > >way to resolve this is to put the following in your SPEC file: > >%config(noreplace) /etc/your_config_file_here > > Fixed above by making it not a config file. > > >spamassassin.i386: W: dangerous-command-in-%post cp > > This is so that updates with old config file options that are no longer > supported will get updated. I don't see any easy way around it. Neither do I. Comment in spec. > >spamassassin.i386: W: no-reload-entry /etc/rc.d/init.d/spamassassin > >In your init script (/etc/rc.d/init.d/your_file), you don't have a 'reload' > >entry, which is necessary for good functionality. > > spamd doesn't have any functionality to do a reload without just restarting > as far as I know. In this instance, just make reload do what restart does. > >Otherwise, full review looks good, no other blockers. > > Ok. > > new spec: http://www.scrye.com/~kevin/fedora/spamassassin.spec > diff against old: http://www.scrye.com/~kevin/fedora/spamassassin.diff > scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=998690 > > Warren is going to look it over as well. I'll await his input. I'm OK with his proposed changes. I also suggested switching it to pidgin.spec style automatic boolean setting. That would be fine, too. Kevin, looks like once the above are finished, we're good. ok. Checked in and built in rawhide. Take a look and see if there is anything further that needs addressing. http://koji.fedoraproject.org/koji/taskinfo?taskID=1001301 It seems to me, you're lacking a "chmod -R u+w $RPM_BUILD_ROOT/*" for spamassassin as much of the other perl packages do. All files in the directory /usr/lib/perl5 are readonly, but for perl packages I got in the past usually remembered to change that to 644 rather 444. The same applies to the man pages, so command above should fit and solve. In reply to comment #11: Strange, so you think the perl files should be 644 instead of 444? Is root likely to need to write them? Or is there something thats broken by them being 444? I suppose if it's needed we could just change the defattr for those files? The guys from the Perl SIG or similar shall explain and decide whether it is needed here, adding hereby and requesting info regarding 444 vs. 644. ok. Happy for any input on the 444 vs 644 issue. Why did 444 happen? It seems completely unimportant? I have no idea why it happened, and personally I don't see any issue with those files being 444 instead of 644. Perhaps someone from the perl list will enlighten us? Ping? Well, I was waiting for input on the 644 vs 444 permissions issue. I personally don't see any guideline this violates or problem this causes. I guess your ping was for the fedora-perl-list members? Perhaps we should just close this? Everything that matters was fixed. This last issue does not matter. It was, and I'm busy with $_DAYJOB and real life, as well as many other Fedora things, so I'll take Warren's suggestion. APPROVED. Thanks all for your help. |