Bug 998127
Summary: | Review Request: pacman — Package manager for the Arch distribution | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Zbigniew Jędrzejewski-Szmek <zbyszek> |
Component: | Package Review | Assignee: | Mario Blättermann <mario.blaettermann> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | i, lemenkov, mario.blaettermann, notting, zbyszek |
Target Milestone: | --- | Flags: | mario.blaettermann:
fedora-review+
kevin: fedora-cvs+ |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pacman-4.1.2-1.20130626git28cb22e.fc19 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-16 00:23:20 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 998125, 998690 |
Description
Zbigniew Jędrzejewski-Szmek
2013-08-17 14:04:42 UTC
Why do we need this??? (In reply to Christopher Meng from comment #1) > Why do we need this??? Perhaps it needs for installing Arch in the container. For the same reason we have debootstrap. Don't use hardcoded paths in the file lists. See http://fedoraproject.org/wiki/Packaging:RPMMacros. Requires: libalpm = %{version}-%{release} needs an isa tag: Requires: libalpm%{?_isa} = %{version}-%{release} I still need answer from Zbigniew. (In reply to Christopher Meng from comment #1) > Why do we need this??? (Sorry for the late reply, I was travelling...) Like Peter wrote, the immediate use is to allow installing Arch in a container, and this is what I'm interested in. With systemd on the host and systemd in the container, launching an instance of different distribution in a container is extremely fast (~20-50 ms for a basic OS startup with ssh login), and easy (either do systemd-nspawn manually, or even add the container to the list of services started on boot or socket activated). Of course one must get the installation from somewhere. Downloading an image/archive from the distribution itself is possible, but it is a lot of work. One can install Debian with a single debootstrap invocation, or an second Fedora with one yum --installroot invocation. pacman+pacstrap do the same for Arch. Having a bunch of containers like that is very useful for software testing: a developer can compile and test his piece of software on a bunch of different distributions or versions of a distribution in a very low-overhead way. This is nicer/simpler than doing it in a VM in some ways. E.g. when working on systemd I often do 'make && make install DESTDIR=.../path/to/fedora/container', and perform functional tests in the container. The ability to manager other distributions from Fedora makes Fedora an attractive development environment. A second use could be rescue operations of an Arch installation using Fedora livedvd/usb. (In reply to Mario Blättermann from comment #3) > Don't use hardcoded paths in the file lists. See > http://fedoraproject.org/wiki/Packaging:RPMMacros. Fixed. > Requires: libalpm = %{version}-%{release} > needs an isa tag: > Requires: libalpm%{?_isa} = %{version}-%{release} Fixed. v2: - Replace paths with macros in files - Use %{_isa} tag in Requires - Add m4 to BR - Add openssl and gpgme to BR (for signature verification) - Add libcurl to BR (for download support, might be useful to somebody) - Add 'SigLevel = Required DatabaseOptional' to /etc/pacman.conf (see below) Spec URL: http://in.waw.pl/~zbyszek/fedora/pacman.spec SRPM URL: http://in.waw.pl/~zbyszek/fedora/pacman-4.1.2-1.src.rpm koji f20: http://koji.fedoraproject.org/koji/taskinfo?taskID=5830854 koji f19: http://koji.fedoraproject.org/koji/taskinfo?taskID=5830851 I've consulted with Arch developers, and they recommended to add 'SigLevel = Required DatabaseOptional' to /etc/pacman.conf (which apparently Arch does, but it is not the default after installation), and described how to initialize the GPG keyring used to sign packages. I've also realized that because of missing BR, the koji builds were missing some features. This is all now fixed and Arch installs nicely. $ rpmlint -i -v * libalpm.armv7hl: I: checking libalpm.armv7hl: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.armv7hl: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm.armv7hl: E: missing-call-to-chdir-with-chroot /usr/lib/libalpm.so.8.0.2 This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. libalpm.i686: I: checking libalpm.i686: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.i686: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm.i686: E: missing-call-to-chdir-with-chroot /usr/lib/libalpm.so.8.0.2 This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. libalpm.x86_64: I: checking libalpm.x86_64: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.armv7hl: I: checking libalpm-devel.armv7hl: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.i686: I: checking libalpm-devel.i686: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.x86_64: I: checking libalpm-devel.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.armv7hl: I: checking pacman.armv7hl: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.armv7hl: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.armv7hl: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.armv7hl: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.armv7hl: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.armv7hl: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman.i686: I: checking pacman.i686: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.i686: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.i686: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.i686: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.i686: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.i686: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman.src: I: checking pacman.src: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.src: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking-url ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz (timeout 10 seconds) pacman.src: W: file-size-mismatch pacman-4.1.2.tar.gz = 2366685, ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 The size of the file in the package does not match the size indicated by peeking at its URL. Verify that the file in the package has the intended contents. pacman.x86_64: I: checking pacman.x86_64: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.x86_64: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman-debuginfo.armv7hl: I: checking pacman-debuginfo.armv7hl: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-debuginfo.i686: I: checking pacman-debuginfo.i686: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-debuginfo.x86_64: I: checking pacman-debuginfo.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.spec: I: checking-url ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz (timeout 10 seconds) 13 packages and 1 specfiles checked; 2 errors, 37 warnings. Some ignorable spelling errors and missing manpages. Besides that, we have errors which need to be investigated: E: missing-call-to-chdir-with-chroot /usr/lib/libalpm.so.8.0.2 This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked. W: file-size-mismatch pacman-4.1.2.tar.gz = 2366685, ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 The size of the file in the package does not match the size indicated by peeking at its URL. Verify that the file in the package has the intended contents. (In reply to Mario Blättermann from comment #7) > libalpm.armv7hl: E: missing-call-to-chdir-with-chroot > /usr/lib/libalpm.so.8.0.2 > This executable appears to call chroot without using chdir to change the > current directory. This is likely an error and permits an attacker to break > out of the chroot by using fchdir. While that's not always a security issue, > this has to be checked. The binary is not security sensitive after chrooting (once the package signatures have been verified, the scripts are executed with full root privileges, and could break out of any chroot easily, and the chroot is used to actually install things into the proper place, assuming benign nature of the scripts). > pacman.armv7hl: W: no-manual-page-for-binary pacman-db-upgrade > pacman.armv7hl: W: no-manual-page-for-binary pacman-optimize > pacman.armv7hl: W: no-manual-page-for-binary cleanupdelta > pacman.armv7hl: W: no-manual-page-for-binary pacsort > pacman.armv7hl: W: no-manual-page-for-binary testdb > pacman.armv7hl: W: no-manual-page-for-binary testpkg > pacman.armv7hl: W: no-manual-page-for-binary repo-elephant Yeah, it would be nice to have manpages, even though not a strict requirement. I'll file a bug upstream. > pacman.src: I: checking-url > ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz (timeout 10 seconds) Hm, seems slow here too. Probably a bad mirror. > pacman.src: W: file-size-mismatch pacman-4.1.2.tar.gz = 2366685, > ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 > The size of the file in the package does not match the size indicated by > peeking at its URL. Verify that the file in the package has the intended > contents. Oops, I generated the archive myself from git. Will fix. > Some ignorable spelling errors and missing manpages. Besides that, we have > errors which need to be investigated: > > E: missing-call-to-chdir-with-chroot /usr/lib/libalpm.so.8.0.2 > This executable appears to call chroot without using chdir to change the > current directory. This is likely an error and permits an attacker to break > out of the chroot by using fchdir. While that's not always a security issue, > this has to be checked. > > W: file-size-mismatch pacman-4.1.2.tar.gz = 2366685, > ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 > The size of the file in the package does not match the size indicated by > peeking at its URL. Verify that the file in the package has the intended > contents. (In reply to Zbigniew Jędrzejewski-Szmek from comment #8) > (In reply to Mario Blättermann from comment #7) > > libalpm.armv7hl: E: missing-call-to-chdir-with-chroot > > /usr/lib/libalpm.so.8.0.2 > > This executable appears to call chroot without using chdir to change the > > current directory. This is likely an error and permits an attacker to break > > out of the chroot by using fchdir. While that's not always a security issue, > > this has to be checked. > The binary is not security sensitive after chrooting (once the package > signatures have been verified, the scripts are executed with full root > privileges, and could break out of any chroot easily, and the chroot is used > to actually install things into the proper place, assuming benign nature of > the scripts). I had the look at the source, and chdir is actually called (_alpm_run_chroot function in lib/libalpm/util.c, which appears the only place that chroot is called). So the rpmlint warning is just bogus. > > pacman.src: W: file-size-mismatch pacman-4.1.2.tar.gz = 2366685, > > ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 > > The size of the file in the package does not match the size indicated by > > peeking at its URL. Verify that the file in the package has the intended > > contents. > Oops, I generated the archive myself from git. Will fix. The srpm now contains the upstream v4.1.2 tarball. I had to patch in some build fixes from upstream though. Spec URL: http://in.waw.pl/~zbyszek/fedora/pacman.spec SRPM URL: http://in.waw.pl/~zbyszek/fedora/pacman-4.1.2-1.src.rpm I've also put up my internal repo for the srpm to make it easier to review changes: http://in.waw.pl/git/fedora-pacman koji f20: http://koji.fedoraproject.org/koji/taskinfo?taskID=5834806 koji f19: http://koji.fedoraproject.org/koji/taskinfo?taskID=5834808 There are still some hardcoded paths in the file list: %config(noreplace) /etc/makepkg.conf %config(noreplace) /etc/pacman.conf Besides that, maybe we will need a -filesystem subpackage. See bug #998690. Hardcoded paths have been fixed. pacman-filesystem package has been added. spec and srpm have been updated. Scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=5838364 $ rpmlint -i -v * libalpm.x86_64: I: checking libalpm.x86_64: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.x86_64: I: checking libalpm-devel.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking pacman.src: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.src: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking-url ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz (timeout 10 seconds) pacman.src: W: file-size-mismatch pacman-4.1.2.tar.gz = 2357374, ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz = 2364922 The size of the file in the package does not match the size indicated by peeking at its URL. Verify that the file in the package has the intended contents. pacman.x86_64: I: checking pacman.x86_64: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.x86_64: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman-debuginfo.x86_64: I: checking pacman-debuginfo.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: I: checking pacman-filesystem.noarch: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. pacman.spec: I: checking-url ftp://ftp.archlinux.org/other/pacman/pacman-4.1.2.tar.gz (timeout 10 seconds) 6 packages and 1 specfiles checked; 0 errors, 16 warnings. I don't know what happened with the tarball: $ ls -v -s ... 2304 pacman-4.1.2.tar.gz 2312 pacman-4.1.2.tar.gz.orig ... Besides the file size mismatch, your package is OK and ready for approval. > I don't know what happened with the tarball: Hm, I don't know either. I was pretty sure that I pulled it from upstream to be sure that it's all clean. I could even swear that fedora-review was fine with it :) I tried to build with clean v4.1.2 as distributed, and it has just too many problems. Basically it includes really old autoconf/automake macros which screw up a bunch of things, e.g. add rpaths in a bunch of places. Some fixes for this went right after v4.1.2 was released, so I chose the first git snapshot which builds properly without patching. I think it should be OK now. koji f20: http://koji.fedoraproject.org/koji/taskinfo?taskID=5839619 koji f19: http://koji.fedoraproject.org/koji/taskinfo?taskID=5839568 manpages bug: https://bugs.archlinux.org/task/36620 (In reply to Zbigniew Jędrzejewski-Szmek from comment #13) > I tried to build with clean v4.1.2 as distributed, and it has just too many > problems. Basically it includes really old autoconf/automake macros which > screw up a bunch of things, e.g. add rpaths in a bunch of places. Some fixes > for this went right after v4.1.2 was released, so I chose the first git > snapshot which builds properly without patching. > From your spec: Source: ftp://ftp.archlinux.org/other/pacman/pacman-%{version}.tar.gz ... # Manually created diff between 'make dist' tarball from v4.1.2-62-g1438377 # source tree, and the upstream v4.1.2 tarball specified in Source. Patch0: pacman-build-fixes.patch You are _obviously_ using the upstream tarball "as is" and patch it with the changes from Git. How can it happen that the downloaded source differs from the source used for your *src.rpm? The files and folders in your tarball have time stamps from August 19 and 20, so it is definitely not that one available from the specified download URL. Either use the original tarball and patch it with the desired changes from Git, or use the Git snapshot directly, while you have to add the revision number to the package version and instructions how to get the sources and create the *tar.gz archive [2]. [1] http://fedoraproject.org/wiki/Packaging:NamingGuidelines#Snapshot_packages [2] http://fedoraproject.org/wiki/Packaging:SourceURL#Using_Revision_Control (In reply to Mario Blättermann from comment #14) > (In reply to Zbigniew Jędrzejewski-Szmek from comment #13) > > I tried to build with clean v4.1.2 as distributed, and it has just too many > > problems. Basically it includes really old autoconf/automake macros which > > screw up a bunch of things, e.g. add rpaths in a bunch of places. Some fixes > > for this went right after v4.1.2 was released, so I chose the first git > > snapshot which builds properly without patching. > > > From your spec: > > Source: ftp://ftp.archlinux.org/other/pacman/pacman-%{version}.tar.gz > ... > # Manually created diff between 'make dist' tarball from v4.1.2-62-g1438377 > # source tree, and the upstream v4.1.2 tarball specified in Source. > Patch0: pacman-build-fixes.patch The spec was updated, this part is from an old version. > while you have to add the revision number to the package version > and instructions how to get the sources and create the *tar.gz archive [2]. I forgot about this part of guidelines. I have now fixed the release tag to contain the date and git hash used to download the source: full package name is now pacman-4.1.2-1.20130626git28cb22e.fc19.src.rpm. Spec URL: http://in.waw.pl/~zbyszek/fedora/pacman.spec SRPM URL: http://in.waw.pl/~zbyszek/fedora/pacman-4.1.2-1.20130626git28cb22e.fc19.src.rpm koji f20: http://koji.fedoraproject.org/koji/taskinfo?taskID=5842283 koji f19: http://koji.fedoraproject.org/koji/taskinfo?taskID=5842284 Thanks for your patience :). $ rpmlint -i -v * libalpm.x86_64: I: checking libalpm.x86_64: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.x86_64: I: checking libalpm-devel.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking pacman.src: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.src: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking-url https://projects.archlinux.org/pacman.git/snapshot/pacman-28cb22e.tar.gz (timeout 10 seconds) pacman.x86_64: I: checking pacman.x86_64: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: incoherent-version-in-changelog 4.1.2-1 ['4.1.2-1.20130626git28cb22e.fc20', '4.1.2-1.20130626git28cb22e'] The latest entry in %changelog contains a version identifier that is not coherent with the epoch:version-release tuple of the package. pacman.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.x86_64: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman-debuginfo.x86_64: I: checking pacman-debuginfo.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: I: checking pacman-filesystem.noarch: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. pacman.spec: I: checking-url https://projects.archlinux.org/pacman.git/snapshot/pacman-28cb22e.tar.gz (timeout 10 seconds) 6 packages and 1 specfiles checked; 0 errors, 16 warnings. Ignorable spelling errors. You have to fix the changelog entry. In general, you actually have to add an entry each time you've changed anything, even during the review process. OK, it is no problem for me to track the changes anyway, but keep an eye on the changelog. Besides that, some of your build requirements are superfluous. Well, no review blocker, but shrinking the deps list makes it better readable. autoconf, automake → needed by libtool gettext → needed by gettext-devel (In reply to Mario Blättermann from comment #16) > pacman.x86_64: W: incoherent-version-in-changelog 4.1.2-1 > ['4.1.2-1.20130626git28cb22e.fc20', '4.1.2-1.20130626git28cb22e'] > The latest entry in %changelog contains a version identifier that is not > coherent with the epoch:version-release tuple of the package. Fixed, arghhh! > You have to fix the changelog entry. In general, you actually have to add an > entry each time you've changed anything, even during the review process. OK, > it is no problem for me to track the changes anyway, but keep an eye on the > changelog. I've added a changelog entry with the proper tag now. > Besides that, some of your build requirements are superfluous. Well, no > review blocker, but shrinking the deps list makes it better readable. > > autoconf, automake → needed by libtool > gettext → needed by gettext-devel Pruned. Scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=5847399 $ rpmlint -i -v * libalpm.x86_64: I: checking libalpm.x86_64: W: spelling-error %description -l en_US backend -> backed, back end, back-end The value of this tag appears to be misspelled. Please double-check. libalpm.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) libalpm-devel.x86_64: I: checking libalpm-devel.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking pacman.src: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.src: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.src: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.src: I: checking-url https://projects.archlinux.org/pacman.git/snapshot/pacman-28cb22e.tar.gz (timeout 10 seconds) pacman.x86_64: I: checking pacman.x86_64: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US gz -> g, z, gs The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: W: spelling-error %description -l en_US src -> arc, sec, sic The value of this tag appears to be misspelled. Please double-check. pacman.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman.x86_64: W: no-manual-page-for-binary pacman-db-upgrade Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacman-optimize Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary cleanupdelta Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary pacsort Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testdb Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary testpkg Each executable in standard binary directories should have a man page. pacman.x86_64: W: no-manual-page-for-binary repo-elephant Each executable in standard binary directories should have a man page. pacman-debuginfo.x86_64: I: checking pacman-debuginfo.x86_64: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: I: checking pacman-filesystem.noarch: I: checking-url https://www.archlinux.org/pacman (timeout 10 seconds) pacman-filesystem.noarch: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. pacman.spec: I: checking-url https://projects.archlinux.org/pacman.git/snapshot/pacman-28cb22e.tar.gz (timeout 10 seconds) 6 packages and 1 specfiles checked; 0 errors, 15 warnings. Ignorable spelling errors and missing manpages only. --------------------------------- key: [+] OK [.] OK, not applicable [X] needs work --------------------------------- [+] MUST: rpmlint must be run on the source rpm and all binary rpms the build produces. The output should be posted in the review. [+] MUST: The package must be named according to the Package Naming Guidelines. [+] MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption. [+] MUST: The package must meet the Packaging Guidelines. [+] MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines. [+] MUST: The License field in the package spec file must match the actual license. GPLv2+ [+] MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc. [+] MUST: The spec file must be written in American English. [+] MUST: The spec file for the package MUST be legible. [+] MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use sha256sum for this task as it is used by the sources file once imported into git. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this. $ sha256sum * 9406bbc7097808e75c15f913dbd57404d28c884d411e0c9028127bc01063cd1a pacman-28cb22e.tar.gz 9406bbc7097808e75c15f913dbd57404d28c884d411e0c9028127bc01063cd1a pacman-28cb22e.tar.gz.orig [+] MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture. [.] MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line. [+] MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense. [+] MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden. [+] MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. [.] MUST: Packages must NOT bundle copies of system libraries. [.] MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker. [+] MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. [+] MUST: A Fedora package must not list a file more than once in the spec file's %files listings. (Notable exception: license texts in specific situations) [+] MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. [+] MUST: Each package must consistently use macros. [+] MUST: The package must contain code, or permissable content. [.] MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity). [+] MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present. [.] MUST: Static libraries must be in a -static package. [+] MUST: Development files must be in a -devel package. [+] MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name}%{?_isa} = %{version}-%{release} [+] MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built. [.] MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation. [+] MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time. [+] MUST: All filenames in rpm packages must be valid UTF-8. [.] SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [.] SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. [+] SHOULD: The reviewer should test that the package builds in mock. See Koji build above (which uses Mock anyway). [+] SHOULD: The package should compile and build into binary rpms on all supported architectures. [.] SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example. [+] SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. [+] SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency. [+] SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. [.] SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. [.] SHOULD: your package should contain man pages for binaries/scripts. If it doesn't, work with upstream to add them where they make sense. ---------------- PACKAGE APPROVED ---------------- New Package SCM Request ======================= Package Name: pacman Short Description: Package manager for the Arch distribution Owners: zbyszek Branches: f19 f20 InitialCC: peter mariobl I'll request comaintainer later. So we can keep it fresh. (In reply to Christopher Meng from comment #20) > I'll request comaintainer later. > > So we can keep it fresh. Great. Git done (by process-git-requests). pacman-4.1.2-1.20130626git28cb22e.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/pacman-4.1.2-1.20130626git28cb22e.fc19 Package pacman-4.1.2-1.20130626git28cb22e.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing pacman-4.1.2-1.20130626git28cb22e.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-16003/pacman-4.1.2-1.20130626git28cb22e.fc19 then log in and leave karma (feedback). pacman-4.1.2-1.20130626git28cb22e.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. |