Description of problem: When I do a 'fedpkg local' in the kernel package git directory, fedpkg (or something related) is specifically telling RPM to use md5 for the source and binary file digest algorithms. This is wrong, as those should be sha256. I'm seeing this on both my f20 and f21 machines. Version-Release number of selected component (if applicable): fedpkg-1.18-1.fc21.noarch pyrpkg-1.26-1.fc21.noarch fedpkg-1.18-1.fc20.noarch pyrpkg-1.26-1.fc20.noarch How reproducible: Always Steps to Reproduce: 1. checkout the kernel pkgs git 2. git checkout f20 (or f19 or f21 or whatever) 3. fedpkg local Actual results: fedpkg is telling rpmbuild to use md5 for the file digests Expected results: It doesn't tell it anything and the default file digest is used, which is sha256. Additional info: F20 machine building on the f20 branch: [jwboyer@vader kernel]$ fedpkg -v local Creating repo object from /home/jwboyer/kernel DEBUG:rpkg:Creating repo object from /home/jwboyer/kernel Running rpmbuild --define '_sourcedir /home/jwboyer/kernel' --define '_specdir /home/jwboyer/kernel' --define '_builddir /home/jwboyer/kernel' --define '_srcrpmdir /home/jwboyer/kernel' --define '_rpmdir /home/jwboyer/kernel' --define 'dist .fc20' --define 'fedora 20' --eval '%undefine rhel' --define 'fc20 1' --define '_source_filedigest_algorithm md5' --define '_binary_filedigest_algorithm md5' -ba /home/jwboyer/kernel/kernel.spec | tee .build-3.15.9-200.fc20.log directly on the tty F21 machine building on the f19 branch: [jwboyer@lando kernel]$ fedpkg -v local Creating repo object from /home/jwboyer/kernel Running rpmbuild --define '_sourcedir /home/jwboyer/kernel' --define '_specdir /home/jwboyer/kernel' --define '_builddir /home/jwboyer/kernel' --define '_srcrpmdir /home/jwboyer/kernel' --define '_rpmdir /home/jwboyer/kernel' --define 'dist .fc19' --define 'fedora 19' --eval '%undefine rhel' --define 'fc19 1' --eval '%undefine fc21' --define '_source_filedigest_algorithm md5' --define '_binary_filedigest_algorithm md5' -ba /home/jwboyer/kernel/kernel.spec | tee .build-3.14.16-100.fc19.log directly on the tty
This behavior wound up causing me to file bug 1126380, which Panu helpfully pointed out was caused by the build environment. After building a number of kernels I finally noticed fedpkg is explicitly doing the wrong thing here. It doesn't seem to impact official koji builds thankfully, but it shouldn't be doing what it's doing.
Ugh... Yeah, reproducable here for me too, md5 ends up being used on every Fedora branch except rawhide I tried (f13-f21). The problem appears to be this commit in pyrpkg (so switching component): https://git.fedorahosted.org/cgit/rpkg.git/commit/?id=38bad18da64f43ef7853cfda458791c91485bdef AFAICT it should be: - if int(re.search(r'\d', self.distval).group()) < 6: + if int(re.search(r'\d+', self.distval).group()) < 6: ...because otherwise it matches on the first single digit character instead of the whole thing, and things go downhill from there... With the above it should return the right thing on everything except the range of Fedora 6-12 that just doesn't matter. In Fedora < 10 rpm only understands md5 anyway so in practise the "non-working" range is actually even smaller.
Created attachment 926881 [details] Fix to prevent md5 sum use on modern fedpkg local builds
Applied, thanks.(In reply to Tom "spot" Callaway from comment #3) > Created attachment 926881 [details] > Fix to prevent md5 sum use on modern fedpkg local builds Applied, thanks.
If you can push this as an update for all branches (f19->rawhide), that would be appreciated.
Um, an update for this would be really nice. Please?
Update landed in Fedora rawhide http://koji.fedoraproject.org/koji/buildinfo?buildID=581217 Next week I'll create update for all supported Fedora and EPEL versions.
fedpkg-1.19-1.fc21,rpkg-1.28-1.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/fedpkg-1.19-1.fc21,rpkg-1.28-1.fc21
rpkg-1.28-1.fc20,fedpkg-1.19-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/rpkg-1.28-1.fc20,fedpkg-1.19-1.fc20
fedpkg-1.19-1.fc19,rpkg-1.28-1.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/fedpkg-1.19-1.fc19,rpkg-1.28-1.fc19
rpkg-1.28-1.el7,fedpkg-1.19-1.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/rpkg-1.28-1.el7,fedpkg-1.19-1.el7
fedpkg-1.19-1.fc19, rpkg-1.28-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
rpkg-1.28-1.fc20, fedpkg-1.19-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
fedpkg-1.19-1.fc21, rpkg-1.28-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
rpkg-1.28-1.el7, fedpkg-1.19-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.