Spec URL: See attachment. SRPM URL: See attachment. Description: Rich Access Control Lists: utilities and dynamic library Fedora Account System Username: agruenba Hello, could you please review the attached package for inclusion as a Fedora package? I'm attaching the results I got from the fedora-review tool; the changes since then include an update of the COPYING files in the package and of the descriptions in the spec file. The previous version has successfully built here: https://copr.fedoraproject.org/coprs/devos/richacl/ Thanks to Niels de Vos for helping with the packaging.
Created attachment 1021844 [details] .src.rpm file Niels, this could be uploaded to copr ... if you don't, I will as soon as I have a place on Fedorapeople for putting the file.
Created attachment 1021845 [details] The spec file from inside the .src.rpm file
Created attachment 1021847 [details] fedora-review report I've added '+' signs where I think the package is fine. The error that rpmlint complains about (the FSF address) has been fixed.
Created attachment 1021896 [details] Updated .src.rpm Upstream: Include the COPYING-GPLv2 and COPYING-LGPLv2.1 files in the release tarball. Packages: Include the COPYING files in the packages. Split up the License field for the sub-packages.
Created attachment 1021897 [details] Updated spec file from attachment 1021896 [details]
Please fix all the entries marked with [!]. Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: Header files in -devel subpackage, if present. [x]: ldconfig called in %post and %postun if required. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. [x]: Development (unversioned) .so files in -devel subpackage, if present. Generic: [!]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. Koji build failed: missing dep on automake [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [!]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. A patch "upstream.diff" to get a COPYING file is not allowed. If the version of the upstream tarball you're grabbing doesn't include a COPYING file, you just can't ship one, until the next version when it does. [!]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "GPL (v2 or later) (with incorrect FSF address)", "LGPL (v2.1 or later) (with incorrect FSF address)", "GPL (v2 or later)", "LGPL (v2.1 or later)", "Unknown or generated". 3 files have unknown license. Please correct the FSF address in the upstream code. Also, as per the licensing table (https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing), the licenses tags for the spec are: GPLv2+ and LGPLv2+. [!]: License file installed when any subpackage combination is installed. License file in librichacl-devel is useless. [!]: Package must own all directories that it creates. Note: Directories without known owners: /usr/include/sys Requires on glibc-headers required for /usr/include/sys [x]: %build honors applicable compiler flags or justifies otherwise. [!]: All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. automake dep missing [x]: Package contains no bundled libraries without FPC exception. [!]: Changelog in prescribed format. Add newlines between changelog entries [x]: Sources contain only permissible code or content. [-]: Package contains desktop file if it is a GUI application. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [!]: Package consistently uses macros (instead of hard-coded directory names). Both $-style and %-style macros used. (e.g. $RPM_BUILD_ROOT and %{_libdir}). Please use %{buildroot} and %{_builddir} [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [!]: Requires correct, justified where necessary. Missing require for glibc-headers for includedir/sys base package misses Requires on librichacl librichacl-devel requirement on librichacl is not architecture-specific (%{_isa}) [!]: Spec file is legible and written in American English. I have no idea what "%{!?_licensedir:%global license %%doc}" does. [-]: Package contains systemd file(s) if in need. [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. [x]: Packages must not store files under /srv, /opt or /usr/local [x]: Package complies to the Packaging Guidelines [x]: Package installs properly. [!]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [!]: Package requires other packages for directories it uses. Dep for glibc-headers missing for /usr/include/sys Dep for pkgconfig missing for /usr/lib(64)/pkgconfig [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT $RPM_BUILD_ROOT consistently used. But also %-style macros used. [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package do not use a name that already exist [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. ===== SHOULD items ===== Generic: [!]: Reviewer should test that the package builds in mock. Package does NOT build in mock. [!]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. Instead, license is put as patch. This is NOT allowed. [x]: Final provides and requires are sane (see attachments). [!]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in librichacl , librichacl-devel [?]: Package functions as described. [x]: Latest version is packaged. [!]: Package does not include license text files separate from upstream. DOES include license text seperate from upstream. [x]: Scriptlets must be sane, if used. [-]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [!]: Package should compile and build into binary rpms on all supported architectures. [-]: %check is present and all tests pass. %check skipped on current systems because of lacking kernel support [x]: Packages should try to preserve timestamps of original installed files. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: Dist tag is present (not strictly required in GL). [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Uses parallel make %{?_smp_mflags} macro. [x]: The placement of pkgconfig(.pc) files are correct. [!]: SourceX is a working URL. Please use the github tarball urls: https://github.com/andreas-gruenbacher/richacl/archive/v1.4.tar.gz [-]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [-]: Large data in /usr/share should live in a noarch subpackage if package is arched. [!]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Package should not use obsolete m4 macros Rpmlint ------- Checking: richacl-1.4-1.fc21.x86_64.rpm librichacl-1.4-1.fc21.x86_64.rpm librichacl-devel-1.4-1.fc21.x86_64.rpm richacl-1.4-1.fc21.src.rpm richacl.x86_64: W: name-repeated-in-summary C richacl richacl.x86_64: W: invalid-license LGPLv2.1, GPL2 richacl.x86_64: W: no-documentation richacl.x86_64: W: no-manual-page-for-binary getrichacl richacl.x86_64: W: no-manual-page-for-binary setrichacl librichacl.x86_64: W: invalid-license LGPLv2.1, GPL2 librichacl.x86_64: W: no-documentation librichacl-devel.x86_64: W: invalid-license LGPLv2.1, GPL2 librichacl-devel.x86_64: W: only-non-binary-in-usr-lib librichacl-devel.x86_64: W: no-documentation librichacl-devel.x86_64: E: incorrect-fsf-address /usr/include/sys/richacl.h richacl.src: W: name-repeated-in-summary C richacl richacl.src: W: invalid-license LGPLv2.1, GPL2 richacl.src:10: W: macro-in-comment %{name} richacl.src:10: W: macro-in-comment %{version} richacl.src:10: W: macro-in-comment %{name} richacl.src:10: W: macro-in-comment %{version} richacl.src:46: W: configure-without-libdir-spec richacl.src:69: W: macro-in-comment %{_docdir} richacl.src:69: W: macro-in-comment %{name} richacl.src:77: W: macro-in-comment %license richacl.src: W: invalid-url Source0: richacl-1.4.tar.xz 4 packages and 0 specfiles checked; 1 errors, 21 warnings. Rpmlint (installed packages) ---------------------------- Cannot parse rpmlint output: Requires -------- richacl (rpmlib, GLIBC filtered): libc.so.6()(64bit) librichacl.so.1()(64bit) librichacl.so.1(RICHACL_1.0)(64bit) rtld(GNU_HASH) librichacl-devel (rpmlib, GLIBC filtered): /usr/bin/pkg-config libattr-devel librichacl librichacl (rpmlib, GLIBC filtered): /sbin/ldconfig libc.so.6()(64bit) rtld(GNU_HASH) Provides -------- richacl: richacl richacl(x86-64) librichacl-devel: librichacl-devel librichacl-devel(x86-64) pkgconfig(librichacl) librichacl: librichacl librichacl(x86-64) librichacl.so.1()(64bit) librichacl.so.1(RICHACL_1.0)(64bit) librichacl.so.1(RICHACL_1.1)(64bit) Source checksums ---------------- Using local file /home/agruenba/rpm/richacl/richacl-1.4.tar.xz as upstream file:///home/agruenba/rpm/richacl/richacl-1.4.tar.xz : CHECKSUM(SHA256) this package : 251df4695bf9de68ca588c071e52d5140dbbf398ea64f5d35b8275d8b7568251 CHECKSUM(SHA256) upstream package : 251df4695bf9de68ca588c071e52d5140dbbf398ea64f5d35b8275d8b7568251 Generated by fedora-review 0.5.2 (63c24cb) last change: 2014-07-14 Command line :/usr/bin/fedora-review --verbose --no-build -p --rpm-spec -n richacl-1.4-1.fc21.src.rpm Buildroot used: fedora-21-x86_64 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby Disabled flags: EXARCH, EPEL5, BATCH, DISTTAG
> [!]: Package successfully compiles and builds into binary rpms on at least one > supported primary architecture. > Koji build failed: missing dep on automake The package did actually depend on automake but shouldn't have. > [!]: Package must own all directories that it creates. > Note: Directories without known owners: /usr/include/sys > Requires on glibc-headers required for /usr/include/sys The librichacl-devel package does not create /usr/include/sys, it only puts files there. But see below ... > [!]: Spec file is legible and written in American English. > I have no idea what "%{!?_licensedir:%global license %%doc}" does. It's from this from this commit: http://pkgs.fedoraproject.org/cgit/acl.git/commit/?id=231dae96d1ec92a18d9a53e73e080c538d5739df It defines "%license" to expand to "%doc" if %_licensedir is not defined. Seemingly that was needed in 2014; why would that have changed? > [!]: Rpmlint is run on all rpms the build produces. > Note: There are rpmlint messages (see attachment). Let's see if any of the nonsense rpmlint complains about really needs to be addressed with the updated spec file. > [!]: Package requires other packages for directories it uses. > Dep for glibc-headers missing for /usr/include/sys > Dep for pkgconfig missing for /usr/lib(64)/pkgconfig Okay, but this rule seems totally arbitrary: there are numerous packages where this is not the case, just check some of those: rpm -qf /usr/include/sys/* | sort -u rpm -qf /usr/lib64/pkgconfig/* | sort -u > [!]: SourceX is a working URL. > Please use the github tarball urls: > https://github.com/andreas-gruenbacher/richacl/archive/v1.4.tar.gz This is actually bad advice: those tarballs that github creates dynamically are git snapshots for certain tags. They do not include generated files like configure, etc. and they don't work in the context of SourceX. We could make them work by adding autoconf + automake to the dependencies and by running autoreconf, but that is not recommended.
Updated version: https://agruenba.fedorapeople.org/scratch/richacl-1.5-1.fc21.src.rpm https://agruenba.fedorapeople.org/scratch/richacl.spec
Updated version: https://agruenba.fedorapeople.org/scratch/richacl-1.5-2.fc21.src.rpm https://agruenba.fedorapeople.org/scratch/richacl.spec
(In reply to Andreas Gruenbacher from comment #7) > > [!]: Package must own all directories that it creates. > > Note: Directories without known owners: /usr/include/sys > > Requires on glibc-headers required for /usr/include/sys > > The librichacl-devel package does not create /usr/include/sys, it only puts > files there. But see below ... Fair enough, this was only meant under the "Requires packages for directories it uses". > > > [!]: Spec file is legible and written in American English. > > I have no idea what "%{!?_licensedir:%global license %%doc}" does. > > It's from this from this commit: > > > http://pkgs.fedoraproject.org/cgit/acl.git/commit/ > ?id=231dae96d1ec92a18d9a53e73e080c538d5739df > > It defines "%license" to expand to "%doc" if %_licensedir is not defined. > Seemingly that was needed in 2014; why would that have changed? Okay, I have found the origin of this line, but it's only used for EPEL 5/6 compatibility. If you're not going to put this in EPEL 5 or 6, please remove it. > > > [!]: Rpmlint is run on all rpms the build produces. > > Note: There are rpmlint messages (see attachment). > > Let's see if any of the nonsense rpmlint complains about really needs > to be addressed with the updated spec file. > > > [!]: Package requires other packages for directories it uses. > > Dep for glibc-headers missing for /usr/include/sys > > Dep for pkgconfig missing for /usr/lib(64)/pkgconfig > > Okay, but this rule seems totally arbitrary: there are numerous packages > where this is not the case, just check some of those: > > rpm -qf /usr/include/sys/* | sort -u > rpm -qf /usr/lib64/pkgconfig/* | sort -u I don't know how you get this to return nothing, on F21: [puiterwijk@bofh ~]$ rpm -qf /usr/lib64/pkgconfig/* | sort -u | head GeoIP-devel-1.6.5-1.fc21.x86_64 R-core-devel-3.1.3-1.fc21.x86_64 SDL-devel-1.2.15-17.fc21.x86_64 SDL2-devel-2.0.3-4.fc21.x86_64 SDL2_image-devel-2.0.0-7.fc21.x86_64 SDL2_mixer-devel-2.0.0-7.fc21.x86_64 SDL2_net-devel-2.0.0-2.fc21.x86_64 SDL2_ttf-devel-2.0.12-4.fc21.x86_64 Xaw3d-devel-1.6.2-7.fc21.x86_64 accountsservice-devel-0.6.39-2.fc21.x86_64 [puiterwijk@bofh ~]$ rpm -qf /usr/include/sys/* | sort -u | head alsa-lib-devel-1.0.28-2.fc21.x86_64 glibc-headers-2.20-8.fc21.x86_64 libacl-devel-2.2.52-7.fc21.x86_64 libcap-devel-2.24-7.fc21.x86_64 systemtap-sdt-devel-2.7-1.fc21.x86_64 Also: the fact "Nobody does it, thus I don't have to do it" is just... wrong. > > > [!]: SourceX is a working URL. > > Please use the github tarball urls: > > https://github.com/andreas-gruenbacher/richacl/archive/v1.4.tar.gz > > This is actually bad advice: those tarballs that github creates dynamically > are > git snapshots for certain tags. They do not include generated files like > configure, etc. and they don't work in the context of SourceX. > > We could make them work by adding autoconf + automake to the dependencies > and by > running autoreconf, but that is not recommended. You can also upload your own tarballs to github for a release you created (https://help.github.com/articles/creating-releases/). You should REALLY consider making sane releases, since that also makes it a lot easier for people to check your package and for other people (non-Fedora users) to pick it up.
New version: https://agruenba.fedorapeople.org/scratch/richacl-1.5-4.fc21.src.rpm https://agruenba.fedorapeople.org/scratch/richacl.spec
Package looks good to me. APPROVED Also, since you needed a sponsor, I have sponsored you into the packager group.
New Package SCM Request ======================= Package Name: richacl Short Description: Rich Access Control List utilities Upstream URL: https://github.com/andreas-gruenbacher/richacl Owners: agruenba devos Branches: f22
WARNING: Requested package name richacl doesn't match bug summary richacls
Git done (by process-git-requests).
richacl-1.5-2.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/richacl-1.5-2.fc22
richacl-1.5-2.fc22 has been pushed to the Fedora 22 stable repository.