rpmlint-2.4.0-2.fc38.noarch reports this error for every Fedora package: $ rpmlint -v ../RPMS/x86_64/libloc-0.9.15-1.fc38.x86_64.rpm 202 blocks ======================================== rpmlint session starts ======================================= rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 1 libloc.x86_64: E: missing-hash-section /usr/lib64/libloc.so.1.0.2 SystemV requires each shared library must provide .hash section that is used for efficient symbol resolution. ========= 1 packages and 0 specfiles checked; 1 errors, 0 warnings, 1 badness; has taken 0.1 s ======== That's because Fedora does not build ELF executables with a deprecated .hash section. Fedora instead only produces .gnu.hash section: $ objdump -x /usr/lib64/libc.so.6 | grep '\.hash' 3 .gnu.hash 00004710 00000000000003e8 00000000000003e8 000003e8 2**3 I think this new rpmlint test is a response to bug #2129358, where some packages used to produce both sections (Fedora 35): $ objdump -x /usr/lib64/libc.so.6| grep '\.hash' 3 .gnu.hash 000046f0 00000000000003e8 00000000000003e8 000003e8 2**3 21 .hash 00003f18 00000000001f0ba8 00000000001f0ba8 001f0ba8 2**3 Provided Fedora, in general, is content without .hash section, I recommend correcting rpmlint setting for Fedora to ignore this test. Or to check .gnu.hash instead.
This check was added in upstream fdf47307 (add missing-hash-section check for HASH ELF sections, 2022-08-25)[1]. It checks for both .hash and .gnu.hash. We should be able to add 'missing-hash-section' to the fedora.toml Filters list, like: diff --git i/configs/Fedora/fedora.toml w/configs/Fedora/fedora.toml index 8443e97e..39ea6afe 100644 --- i/configs/Fedora/fedora.toml +++ w/configs/Fedora/fedora.toml @@ -320,6 +320,7 @@ Filters = [ 'sudo.* (setuid-binary|non-standard-executable-perm) /usr/bin/sudo(edit)? (root )?04', 'upstart.* (setuid-binary|non-standard-executable-perm) /sbin/initctl (root )?04', 'usermode.* (setuid-binary|non-standard-executable-perm) /usr/sbin/userhelper (root )?04', + 'missing-hash-section', ## Bash completion files are not scripts, do not require them marked as %config # 'W: non-conffile-in-etc /etc/bash_completion.d/', I'm not clear on whether we should ignore this or not, since the glibc change to drop .hash is being reverted (at least temporarily). Thoughts from anyone who knows this area well/better? [1] https://github.com/rpm-software-management/rpmlint/commit/fdf47307 https://github.com/rpm-software-management/rpmlint/pull/917 (the EAC issue from bug #2129358 was indeed a/the motivator)
I suppose that short of a mass rebuild, all of the packages built recently will only have a .gnu.hash section, right? Adding warnings for all of them is not very helpful, as it just puts packagers in the middle of a policy dispute they have little to no control over.
I submitted https://src.fedoraproject.org/rpms/rpmlint/pull-request/29 to fix this and some other errors/warnings added between rpmlint 2.2.0 and 2.4.0. I'll plan to merge that early next week if all goes well.
FEDORA-2022-4bd445e150 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2022-4bd445e150
FEDORA-2022-4bd445e150 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.