Bug 461305
Summary: | Review Request: pam_kcoda - coda auth/cred/session PAM module | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Neil Horman <nhorman> |
Component: | Package Review | Assignee: | Gwyn Ciesla <gwync> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | fedora-package-review, gwync, notting |
Target Milestone: | --- | Flags: | gwync:
fedora-review+
huzaifas: fedora-cvs+ |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-03-31 13:18:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Neil Horman
2008-09-05 18:13:23 UTC
rpmlint on SRPM: pam_kcoda.src: W: no-url-tag The URL tag is missing. rpmlint on RPMS: pam_kcoda.i386: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. pam_kcoda.i386: W: no-url-tag The URL tag is missing. pam_kcoda.i386: W: unstripped-binary-or-object /lib/security/pam_kcoda.so pam_kcoda-debuginfo.i386: E: empty-debuginfo-package This debuginfo package contains no files. This is often a sign of binaries being unexpectedly stripped too early during the build, rpmbuild not being able to strip the binaries, the package actually being a noarch one but erratically packaged as arch dependent, or something else. Verify what the case is, and if there's no way to produce useful debuginfo out of it, disable creation of the debuginfo package. pam_kcoda-debuginfo.i386: W: no-url-tag The URL tag is missing. I'd like to see something in the spec explaining the patches and whether or not they've been submitted upstream. The license tag claims GPLv1, the README specifies GPL, but the license included is BSD. This will need to be clarified. The URL tag would help with this. Provides a shared library, should include: %post -p /sbin/ldconfig %postun -p /sbin/ldconfig Running a mock build to check BR. . . Mock build, BRs OK. Just address the above and we're good. added a url to the spec I checked the License, GPLv1 is listed in the REadme and the pam_kcoda.c file. Not sure where you saw a BSD license. Given the url tag, I think GPL is the safe conclusion I did include the only docs to come with the pkg (the readme), I marked it as a %doc in the new package below I'm not sure why the debuginfo stuff isn't getting populated. The pma_kcoda.so file isn't stripped, even after packaging (verify with an install and file /lib64/security/pam_kcoda.so) New files for you, thanks! SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.4-2.fc8.src.rpm Look in pam_koda.c, lines 50-60. BSD License: http://swik.net/License:BSD/BSD+License+Text See what I mean? And it doesn't include a copy of the GPL anywhere. As for debuginfo, see: https://fedoraproject.org/wiki/Packaging/Debuginfo, and see if that sheds any light. If you can't get -debuginfo populate, disable generation of the -debugingo package. Only for debuginfo issue: (In reply to comment #4) > If you can't get -debuginfo populate, disable generation of the -debugingo package. We should not allow this. All packages must create debuginfo rpm correctly unless they are noarch rpms, monos, or so. 2 issues: - build log actually shows that Fedora specific compilation flags are not honored correctly: ---------------------------------------------------------- + CFLAGS='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables -fPIC' + export CFLAGS + make mkdir -p ./dynamic gcc -O2 -Dlinux -DLINUX_PAM -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wshadow -pedantic -fPIC -DPAM_DYNAMIC -c pam_kcoda.c -o dynamic/pam_kcoda.o ----------------------------------------------------------- So -g debug option flag is not used. 'make %{?_smp_mflags} CC="gcc $RPM_OPT_FLAGS"' seems to work - pam_kcoda.so is installed with 0644 permission. find-debuginfo.sh will tries to strip binaries only with executable permission flag. pam_kcoda.so should be installed with 0755 permission (change SHLIBMODE). Fair enough. +1. >Look in pam_koda.c, lines 50-60. Look at lines 47-48 of the same file, indicating GPL License. The stuff on lines 50-60 isn't the BSD license, thats just the standard disclaimer. This is the full BSD license: http://www.opensource.org/licenses/bsd-license.php Which isn't included anywhere in the code or accomanying documentation Although it is odd that they don't include a COPYING file. Unfortunately, the maintainers still haven't responded to me on any of my queries. I've gone through the debuginfo link you provided, and none of those tips seems to be the cause of the empty debuginfo package, so I'm disabling it for now: New Files for you. Thanks! SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.4-3.fc8.src.rpm Ok, hopefully they can clarify what the license should be. Let me know. We need to know what version of the GPL it should be. Including a copy of the relevant version would be the best. I've gotten a bounce from the email listed in the docs. Some googling has found me an alternate email to try. I copied you on the note asking for licence clarification. sorry, I fat fingered your email on my note to him, and your copy bounced, This is the reply from the author: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Neil Horman wrote: > I'm in the process of trying to get > pam_kcoda packaged for fedora: cool ;) - pam_kcoda was one of my first FLOSS projects while student; Ivan Popov took over maintaining the software in 2001 and added Kerberos support - I have not heard from him since years now. > https://bugzilla.redhat.com/show_bug.cgi?id=461305 > Your name is in the docs, but I just got a bounce from the address that was > listed there. Some quick googling led me to you at this address so I thought I > would write and ask, if you are indeed the author of that package: > http://www.kernel.org/pub/linux/libs/pam/pre/modules/pam_kcoda-v0.4.tgz I'm the original author, but no license expert ;) > And if you are, if you could clarify what version of the GPL you intended to > distribute it under. My impression is that you intended to distribute under the > GPLv1 but I'd like to be sure. Feel free to release pam_kcoda under GPL v2 or 3.., MIT or BSD license whatever suits you best. I wrote the original code in GPL v1 as was Coda (and PAM?) in 1999 - IIRC Ivan asked to release it under BSD conditions and probably then the license mess started.. > Could you by any chance update the upstream > package with a COPYING file with a specific license, or clarify what your intent > was, either in the above bugzilla or via email? I have no idea how this ended up on http://www.kernel.org/pub/linux/libs/pam/pre/modules/ and don't have write permissions there [yet]. If necessary I con roll a new release mid next week (I'll be traveling and am only sporadically online during the next days) . Do you know any PAM devs? cheers, robin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjIAFAACgkQeVUk8U+VK0KLqwCgoCDRuJxkhKqhKVsPTFT19buI x38An1DtWXjQ2HK7aJ4CpbNZ99sAJhfi =Sfjy -----END PGP SIGNATURE----- So, if we change the spec License tag to be GPLv2+, will that be sufficient until a new version is released from Robin with a proper license file? Honestly, it'd be simpler to wait for a new release that includes the version the author wants (hopefully GPLv2+, IMHO). Then we can get a better URL for upstream, as well, and the one we have currently gives no info, just the bits. Its going to be a few weeks on that, and we're not going to get a better URL. My understanding is that Robin is just going to upload a new version to his space on kernel.org If it's really to be that long, create a pam_koda-license-README.txt for %doc that explicitly documents the above, and we'll run it by legal to see if that passes muster. copy that, I'll post a new rpm shortly. ok new files for review: SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.4-4.fc8.src.rpm pam_kcoda.i386: W: incoherent-version-in-changelog 0.4.3 0.4-4.fc9 The last entry in %changelog contains a version identifier that is not coherent with the epoch:version-release tuple of the package. Fix. pam_kcoda.i386: W: unstripped-binary-or-object /lib/security/pam_kcoda.so Manually stripping this in the spec should silence this. Sorted. New package/spec: SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.4-5.fc8.src.rpm Good enough. Just waiting on legal then. ping, any update here? Still nothing from legal. ETA on new release? No, I expect that will be a few weeks, origional author indicated he would be traveling for a few weeks. I'll try contact him again I've heard from the upstream maintainer, who posted a new version with GPLv3 license langage. I've got a package put together here: SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.5-1.fc8.src.rpm Clearing legal blocker. The source still says GPLv2, as does COPYING. Changlog in source says GPLv3, though that's a start. Upstream may want to correct. pam_kcoda.i386: E: library-not-linked-against-libc /lib/security/pam_kcoda.so 1 packages and 0 specfiles checked; 1 errors, 0 warnings. upstream noticed at the same time you did. New package w/ fixed licensing, and corrected linkage. SPEC: http://nhorman.fedorapeople.org/pam_kcoda.spec SRPM: http://nhorman.fedorapeople.org/pam_kcoda-0.5.1-1.fc8.src.rpm That, my friend, is hysterical. :) APPROVED. Cool Thanks! New Package CVS Request ======================= Package Name: pam_kcoda Short Description: pam module to automate autentication to coda servers Owners: nhorman Branches: devel F-9 InitialCC: cvs done Built, closing. |