Bug 576839
| Summary: | Review Request: bdii - The Berkeley Database Information Index (BDII) | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Mattias Ellert <mattias.ellert> |
| Component: | Package Review | Assignee: | Steve Traylen <steve.traylen> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | fedora-package-review, notting, steve.traylen |
| Target Milestone: | --- | Flags: | steve.traylen:
fedora-review+
kevin: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | bdii-5.1.5-1.el5 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-06-14 17:15:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 576838 | ||
| Bug Blocks: | |||
|
Description
Mattias Ellert
2010-03-25 12:19:23 UTC
Just a suggestion at the moment. Can the bdii be made to run as user bdii or whatever. Also same comment as globus-schema about the tags rather than trunk in the svn path if possible. Steve. This looks more fundamental: install package. 1) /etc/rc.d/init.d/bdii status /etc/rc.d/init.d/bdii status BDII Stopped [ OK ] gives an extra blank line and status code of 0 2) # service bdii start Starting SLAPD: SLAPD failed to start [FAILED] /usr/sbin/slapd -f /etc/bdii/bdii-slapd.conf -h ldap://localhost:2170 -u ldap -d 256 @(#) $OpenLDAP: slapd 2.4.19 (Feb 24 2010 09:09:19) $ mockbuild.fedoraproject.org:/builddir/build/BUILD/openldap-2.4.19/openldap-2.4.19/build-servers/servers/slapd daemon: bind(7) failed errno=13 (Permission denied) daemon: bind(7) failed errno=13 (Permission denied) slapd stopped. connections_destroy: nothing to destroy. running the startup with "-x" includes amongst others things. + chown -R ldap:ldap /var/run/bdii/db + sudo -u ldap rm -f /var/run/bdii/db/stats/DB_CONFIG + sudo -u ldap rm -f /var/run/bdii/db/glue2/DB_CONFIG + sudo -u ldap rm -f /var/run/bdii/db/DB_CONFIG /var/run/bdii/db/glue2 /var/run/bdii/db/stats + sudo -u ldap rm -f /var/run/bdii/old.ldif + sudo -u ldap cp /etc/bdii/DB_CONFIG /var/run/bdii/db yikes!! I probably should have been slightly more verbose than "yikes" in my previous comments. These chowns and sudos look to be working around the files not being owned by user ldap in the first place, can they be marked as owned by ldap in the first place. I realise the init.d script will need some rewriting. More over I think the "ldap" user is already used to such an important degree serving quite possibly NSS information that running the bdii as a new user , presumably bdii makes sense. Steve. (In reply to comment #1) > Just a suggestion at the moment. > > Can the bdii be made to run as user bdii or whatever. The default configuration from upstream is to run as user ldap. > Also same comment as glue-schema about the tags rather than trunk in > the svn path if possible. For the bdii there are important fixes in trunk, especially w.r.t. having consistent licensing information in the sources, so using the old tag was not possible. There is however a new tag (5.1.0) available now, and I have based the new version on this one. (In reply to comment #2) > This looks more fundamental: > > install package. > > 1) /etc/rc.d/init.d/bdii status > /etc/rc.d/init.d/bdii status > BDII Stopped [ OK ] > > gives an extra blank line and status code of 0 The extra blank lines are fixed in the new version, I have sent the patch upstream. The patch also fixes the status code (is now 3). > 2) # service bdii start > Starting SLAPD: SLAPD failed to start [FAILED] > > /usr/sbin/slapd -f /etc/bdii/bdii-slapd.conf -h ldap://localhost:2170 -u ldap > -d 256 > @(#) $OpenLDAP: slapd 2.4.19 (Feb 24 2010 09:09:19) $ > > mockbuild.fedoraproject.org:/builddir/build/BUILD/openldap-2.4.19/openldap-2.4.19/build-servers/servers/slapd > daemon: bind(7) failed errno=13 (Permission denied) > daemon: bind(7) failed errno=13 (Permission denied) > slapd stopped. > connections_destroy: nothing to destroy. The new version has the necessary SELinux management in the RPM scriptlets to allow the service to run. > running the startup with "-x" includes amongst others things. > > + chown -R ldap:ldap /var/run/bdii/db > + sudo -u ldap rm -f /var/run/bdii/db/stats/DB_CONFIG > + sudo -u ldap rm -f /var/run/bdii/db/glue2/DB_CONFIG > + sudo -u ldap rm -f /var/run/bdii/db/DB_CONFIG /var/run/bdii/db/glue2 > /var/run/bdii/db/stats > + sudo -u ldap rm -f /var/run/bdii/old.ldif > + sudo -u ldap cp /etc/bdii/DB_CONFIG /var/run/bdii/db > > > yikes!! (In reply to comment #3) > I probably should have been slightly more verbose than "yikes" in my previous > comments. > > These chowns and sudos look to be working around the files not being owned > by user ldap in the first place, can they be marked as owned by ldap in > the first place. I realise the init.d script will need some rewriting. > More over I think the "ldap" user is already used to such an important > degree serving quite possibly NSS information that running the bdii as a new > user , presumably bdii makes sense. The FHS says about /var/run: "This directory contains system information data describing the system since it was booted. Files under this directory must be cleared (removed or truncated as appropriate) at the beginning of the boot process." So any directory hierarchy inside /var/run must be recreated in the startup script, since it could in principle disappear at reboot, if e.g. /var/run is configured as a tmpfs. New version: Spec URL: http://www.grid.tsl.uu.se/review/bdii.spec SRPM URL: http://www.grid.tsl.uu.se/review/bdii-5.1.0-1.fc12.src.rpm Thanks for the selinux stuff. [root@f13 ~]# /etc/init.d/bdii start Starting SLAPD: [ OK ] Starting update process: [ OK ] [root@f13 ~]# /etc/init.d/bdii status BDII Runnning [ OK ] [root@f13 ~]# /etc/init.d/bdii stop Stopping update process: [ OK ] Stopping SLAPD: [ OK ] is a bit inconsistent, the status does not report the update process and all messages should probably include bdii in them. e.g Starting BDII slapd Starting BDII update process. Certainly on my box I can uninstall sudo, should it be a requires? Other than looking quickly seems good, I'll do the review shortly anyway. Steve. Review: bdii
Date: Apr 24th 2010
* PASS: rpmlint output
$ rpmlint SPECS/bdii.spec \
RPMS/noarch/bdii-5.1.0-1.fc13.noarch.rpm \
SRPMS/bdii-5.1.0-1.fc13.src.rpm
SPECS/bdii.spec: W: invalid-url Source0: bdii-5.1.0.tar.gz
bdii.noarch: E: incoherent-subsys /etc/rc.d/init.d/bdii bdii-update
bdii.noarch: E: incoherent-subsys /etc/rc.d/init.d/bdii bdii-slapd
bdii.src: W: invalid-url Source0: bdii-5.1.0.tar.gz
2 packages and 1 specfiles checked; 2 errors, 2 warnings.
which is all okay.
* PASS: Named according to the Package Naming Guidelines.
* PASS: spec file name same as base package %{name}.
* PASS: Packaging Guidelines.
yes.
* PASS: Approved license in .spec file.
yes ASL 2.0
* PASS: License on Source code.
* PASS: Include LICENSE file or similar if it exist.
copywright.
* PASS: Written in American English.
* PASS: Spec file legible.
* PASS: Included source must match upstream source.
* PASS: Build on one architecture.
* PASS: Not building on an architecture must highlighted.
* PASS: Build dependencies must be listed in BuildRequires.
* PASS: Handle locales properly.
no locales
* PASS: ldconfig must be called on shared libs.
None
* PASS: No bundled copies of system libraries.
None
* PASS: Package must state why relocatable if relocatable.
Not
* PASS: A package must own all directories that it creates
Yes.
* PASS: No duplicate files in %files listings.
* PASS: Permissions on files must be set properly. %defattr
* PASS: %clean section contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT).
* PASS: Each package must consistently use macros.
* PASS: The package must contain code, or permissable content.
* PASS: Large documentation files must go in a -doc subpackage.
* PASS: %doc must not affect the runtime of the application.
* PASS: Header files must be in a -devel package.
* PASS: Static libraries must be in a -static package.
* PASS: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig'
* PASS: Then library files that end in .so
* PASS: devel packages must require the exact base package
* PASS: No .la libtool archives
* PASS: GUI apps should have %{name}.desktop file
* PASS: No files or directories already owned by other packages.
* PASS: %install must run rm -rf %{buildroot} (or $RPM_BUILD_ROOT).
* PASS: All filenames in rpm packages must be valid UTF-8.
Summary:
Just the comments in the previous comment.
Sorry for the delay... New version: Spec URL: http://www.grid.tsl.uu.se/review/bdii.spec SRPM URL: http://www.grid.tsl.uu.se/review/bdii-5.1.5-1.fc12.src.rpm (In reply to comment #5) > Thanks for the selinux stuff. > > [root@f13 ~]# /etc/init.d/bdii start > Starting SLAPD: [ OK ] > Starting update process: [ OK ] > [root@f13 ~]# /etc/init.d/bdii status > BDII Runnning [ OK ] > [root@f13 ~]# /etc/init.d/bdii stop > Stopping update process: [ OK ] > Stopping SLAPD: [ OK ] > > is a bit inconsistent, the status does not report the update process > and all messages should probably include bdii in them. e.g > > Starting BDII slapd > Starting BDII update process. [root@ellert ~]# service bdii start Starting BDII slapd: [ OK ] Starting BDII update process: [ OK ] [root@ellert ~]# service bdii start Starting BDII: BDII already started [root@ellert ~]# service bdii status BDII Runnning [ OK ] [root@ellert ~]# service bdii stop Stopping BDII update process: [ OK ] Stopping BDII slapd: [ OK ] [root@ellert ~]# service bdii stop Stopping BDII: BDII already stopped [root@ellert ~]# service bdii status BDII Stopped [ OK ] The logic of the status function is that both processes must be running to report "BDII Runnning", and both must be stopped to report "BDII Stopped". > Certainly on my box I can uninstall sudo, should it be a requires? sudo added as Requires, Requires(preun) and Requries(postun) I have also patch the initscript so that it does not use the lsb-initscript functions due to the recent discussion on fedora-devel. Thank you for the review! New Package CVS Request ======================= Package Name: bdii Short Description: The Berkeley Database Information Index (BDII) Owners: ellert Branches: F-12 F-13 EL-4 EL-5 EL-6 InitialCC: CVS done (by process-cvs-requests.py). bdii-5.1.5-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bdii'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/bdii-5.1.5-1.fc13 bdii-5.1.5-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bdii'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/bdii-5.1.5-1.fc12 bdii-5.1.5-1.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bdii'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/bdii-5.1.5-1.el5 bdii-5.1.5-1.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update bdii'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/bdii-5.1.5-1.el4 bdii-5.1.5-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. bdii-5.1.5-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. bdii-5.1.5-1.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report. bdii-5.1.5-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. |