Bug 1129806 - fedpkg is defining the wrong filedigest algorithm for local builds
Summary: fedpkg is defining the wrong filedigest algorithm for local builds
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: rpkg
Version: 21
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Pavol Babinčák
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-08-13 17:21 UTC by Josh Boyer
Modified: 2014-10-20 15:42 UTC (History)
5 users (show)

Fixed In Version: rpkg-1.28-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-09-26 17:06:32 UTC


Attachments (Terms of Use)
Fix to prevent md5 sum use on modern fedpkg local builds (944 bytes, patch)
2014-08-14 19:07 UTC, Tom "spot" Callaway
no flags Details | Diff

Description Josh Boyer 2014-08-13 17:21:27 UTC
Description of problem:
When I do a 'fedpkg local' in the kernel package git directory, fedpkg (or something related) is specifically telling RPM to use md5 for the source and binary file digest algorithms.  This is wrong, as those should be sha256.

I'm seeing this on both my f20 and f21 machines.

Version-Release number of selected component (if applicable):

fedpkg-1.18-1.fc21.noarch
pyrpkg-1.26-1.fc21.noarch

fedpkg-1.18-1.fc20.noarch
pyrpkg-1.26-1.fc20.noarch


How reproducible:
Always

Steps to Reproduce:
1. checkout the kernel pkgs git
2. git checkout f20 (or f19 or f21 or whatever)
3. fedpkg local

Actual results:

fedpkg is telling rpmbuild to use md5 for the file digests

Expected results:

It doesn't tell it anything and the default file digest is used, which is sha256.


Additional info:

F20 machine building on the f20 branch:

[jwboyer@vader kernel]$ fedpkg -v local
Creating repo object from /home/jwboyer/kernel
DEBUG:rpkg:Creating repo object from /home/jwboyer/kernel
Running rpmbuild --define '_sourcedir /home/jwboyer/kernel' --define '_specdir /home/jwboyer/kernel' --define '_builddir /home/jwboyer/kernel' --define '_srcrpmdir /home/jwboyer/kernel' --define '_rpmdir /home/jwboyer/kernel' --define 'dist .fc20' --define 'fedora 20' --eval '%undefine rhel' --define 'fc20 1' --define '_source_filedigest_algorithm md5' --define '_binary_filedigest_algorithm md5' -ba /home/jwboyer/kernel/kernel.spec | tee .build-3.15.9-200.fc20.log directly on the tty

F21 machine building on the f19 branch:

[jwboyer@lando kernel]$ fedpkg -v local
Creating repo object from /home/jwboyer/kernel
Running rpmbuild --define '_sourcedir /home/jwboyer/kernel' --define '_specdir /home/jwboyer/kernel' --define '_builddir /home/jwboyer/kernel' --define '_srcrpmdir /home/jwboyer/kernel' --define '_rpmdir /home/jwboyer/kernel' --define 'dist .fc19' --define 'fedora 19' --eval '%undefine rhel' --define 'fc19 1' --eval '%undefine fc21' --define '_source_filedigest_algorithm md5' --define '_binary_filedigest_algorithm md5' -ba /home/jwboyer/kernel/kernel.spec | tee .build-3.14.16-100.fc19.log directly on the tty

Comment 1 Josh Boyer 2014-08-13 17:24:29 UTC
This behavior wound up causing me to file bug 1126380, which Panu helpfully pointed out was caused by the build environment.  After building a number of kernels I finally noticed fedpkg is explicitly doing the wrong thing here.  It doesn't seem to impact official koji builds thankfully, but it shouldn't be doing what it's doing.

Comment 2 Panu Matilainen 2014-08-14 06:29:20 UTC
Ugh... Yeah, reproducable here for me too, md5 ends up being used on every Fedora branch except rawhide I tried (f13-f21). The problem appears to be this commit in pyrpkg (so switching component):
https://git.fedorahosted.org/cgit/rpkg.git/commit/?id=38bad18da64f43ef7853cfda458791c91485bdef

AFAICT it should be:

-            if int(re.search(r'\d', self.distval).group()) < 6:
+            if int(re.search(r'\d+', self.distval).group()) < 6:

...because otherwise it matches on the first single digit character instead of the whole thing, and things go downhill from there... With the above it should return the right thing on everything except the range of Fedora 6-12 that just doesn't matter. In Fedora < 10 rpm only understands md5 anyway so in practise the "non-working" range is actually even smaller.

Comment 3 Tom "spot" Callaway 2014-08-14 19:07:31 UTC
Created attachment 926881 [details]
Fix to prevent md5 sum use on modern fedpkg local builds

Comment 4 Pavol Babinčák 2014-08-15 08:30:51 UTC
Applied, thanks.(In reply to Tom "spot" Callaway from comment #3)
> Created attachment 926881 [details]
> Fix to prevent md5 sum use on modern fedpkg local builds
Applied, thanks.

Comment 5 Tom "spot" Callaway 2014-08-16 18:33:27 UTC
If you can push this as an update for all branches (f19->rawhide), that would be appreciated.

Comment 6 Josh Boyer 2014-09-25 15:47:58 UTC
Um, an update for this would be really nice.  Please?

Comment 7 Pavol Babinčák 2014-09-26 17:06:32 UTC
Update landed in Fedora rawhide http://koji.fedoraproject.org/koji/buildinfo?buildID=581217

Next week I'll create update for all supported Fedora and EPEL versions.

Comment 8 Fedora Update System 2014-10-02 12:53:32 UTC
fedpkg-1.19-1.fc21,rpkg-1.28-1.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/fedpkg-1.19-1.fc21,rpkg-1.28-1.fc21

Comment 9 Fedora Update System 2014-10-02 12:55:28 UTC
rpkg-1.28-1.fc20,fedpkg-1.19-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/rpkg-1.28-1.fc20,fedpkg-1.19-1.fc20

Comment 10 Fedora Update System 2014-10-02 12:56:43 UTC
fedpkg-1.19-1.fc19,rpkg-1.28-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/fedpkg-1.19-1.fc19,rpkg-1.28-1.fc19

Comment 11 Fedora Update System 2014-10-02 13:00:21 UTC
rpkg-1.28-1.el7,fedpkg-1.19-1.el7 has been submitted as an update for Fedora EPEL 7.
https://admin.fedoraproject.org/updates/rpkg-1.28-1.el7,fedpkg-1.19-1.el7

Comment 12 Fedora Update System 2014-10-04 03:20:07 UTC
fedpkg-1.19-1.fc19, rpkg-1.28-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2014-10-04 03:29:53 UTC
rpkg-1.28-1.fc20, fedpkg-1.19-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2014-10-08 18:57:32 UTC
fedpkg-1.19-1.fc21, rpkg-1.28-1.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2014-10-20 15:42:16 UTC
rpkg-1.28-1.el7, fedpkg-1.19-1.el7 has been pushed to the Fedora EPEL 7 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.