Bug 213600 - Review Request: tinyca2 - Simple graphical userinterface to manage a small CA
Review Request: tinyca2 - Simple graphical userinterface to manage a small CA
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Mamoru TASAKA
Fedora Package Reviews List
:
Depends On:
Blocks: FE-ACCEPT
  Show dependency treegraph
 
Reported: 2006-11-02 02:51 EST by Enrico Scholz
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-12-21 12:10:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Enrico Scholz 2006-11-02 02:51:05 EST
Spec URL: http://ensc.de/fedora/tinyca2
SRPM URL: http://ensc.de/fedora/tinyca2
Description: 
TinyCA is a simple graphical userinterface written in Perl/Gtk to
manage a small CA (Certification Authority).  TinyCA works as a
frontend for openssl

Currently TinyCA supports the following features:

* Unlimited CAs possible
* Support for creating and managing SubCAs
* Creation and Revocation of x509 - S/MIME certificates
* PKCS#10 Requests can be imported and signed
* RSA and DSA keys can be generated and used
* ServerCertificates
  o Certificates can be exported as: PEM, DER, TXT and PKCS#12
  o Certificates may be used with e.g. Apache, Postfix, OpenLDAP,
    Cyrus, FreeS/WAN, OpenVPN, OpenSWAN, FreeRadius
* ClientCertificates
  o Certificates can be exported as: PEM, DER, TXT and PKCS#12
  o Certificates may be used with e.g. Netscape, Konqueror, Opera,
    Internet Explorer, Outlook (Express) and FreeS/WAN
* Certificate Revocation List
  o CRLs can be exported as: PEM, DER and TXT
Comment 1 manuel wolfshant 2006-11-02 17:54:46 EST
Not an official review since I am just a rookie.

- rpmlint gives one warning on the src: tinyca2 mixed-use-of-spaces-and-tabs. A
quick glance makes me think that the indentation used in the %description and
for the sed lines (in %setup) might be the culprit
- the buildroot line does not respect the preferred value for FE
(%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)). Since this is
just a PREFERRED not a MUST, should not be a blocker
- MUST: package is named according to the guidelines
- MUST: spec file name matches the base package name
- MUST: license field matches actual license
- MUST: the program is licensed under GPL but upstream did not include the
actual text of the license is the source, just the reference to it. I guess you
should ping upstream to add the license to the provided tar files.
- MUST: spec file is in American English
- MUST: spec file is legible 
- MUST: source matches upstream, md5sum being a7f63806dbdc38a34ed58e42e79f4822
for both
- MUST: builds fine in mock/i386. Since the content is actually just a perl
script + some message (.po) files which are formatted during the build phase, I
assume it would succesfully build on any platform; created rpm is noarch
- MUST: %find_lang macro is correctly used to pick locales
- MUST: no libraries are installed, so there is no need for calling ldconfig in
%post/%postun
- MUST: package is not relocatable
- MUST: owns all directories (and files) that it creates
- MUST: no duplicate files in the %files listing
- MUST: %clean is correct
- MUST: makes consistent use of macros
- MUST: no forbidden code/content included
- MUST: large documentation does not exist, so no need for a separate -doc
- MUST: the content of %doc is a small CHANGES file, so runtime functionality is
not affected
- MUST: no header or static files, no pkgconfig(.pc), no library files with a
suffix, no ibtool archives, so no need for -devel
- MUST: IS a GUI application; correctly includes %{name}.desktop (provided by
upstream) and properly installs it with desktop-file-install; someone more
experienced please comment if the "--add-category=X-Fedora" is still required
(according to yesterday's FESCO:
  === Packaging Committee Report ===
 * Voting to stop using the X-Fedora category in the desktop file is
currently underway via email.)
- MUST: does not take ownership of foreign files/directories
- SHOULD: includes available translations
- SHOULD: as specified above, builds fine in mock
- SHOULD: on a RHEL4 system the rpm installed fine but the program did not run,
failing with:
error: Failed dependencies:
        perl(Gtk2) is needed by tinyca2-0.7.5-2.noarch
        perl(Gtk2::SimpleMenu) is needed by tinyca2-0.7.5-2.noarch
        perl(Locale::gettext) is needed by tinyca2-0.7.5-2.noarch
On FC6 it detected the missing Requires, but failed to get installed even after
installing perl-Gtk2 and gettext:
error: Failed dependencies:
        perl(Locale::gettext) is needed by tinyca2-0.7.5-2.noarch
It seems that the correct Requires should be perl-gettext rather then gettext.
The program runs successfully after installing perl-Gtk2 and perl-gettext.
- SHOULD: no scriplets at all, so neither unsane scriptlets


Bottom line
- cosmetic fixes: make rpmlint happy by replacing multiple spaces with tab (non
blocker)
- make reviewers happy by using the recommended build root line (non blocker)
- use a correct Requires line (perl-gettext instead of gettext) (BLOCKER)
Comment 2 manuel wolfshant 2006-11-02 18:07:10 EST
Sorry, I have mixed BuildRequires with Requires in the last part of the review.
I intented to say that you must add perl-gettext to the Requires line, which
should become
Requires: openssl tar zip perl-gettext


... unless I have made an evaluation error here and yum automatically picks and
solves the dependencies for the needed perl modules. I for one I had to use yum
search in order to find out which package provides perl-Locale-gettext.
Comment 3 Enrico Scholz 2006-11-03 07:12:45 EST
mmh... I don't understand

> - SHOULD: on a RHEL4 system the rpm installed fine but the program
>   did not run, failing with:
> error: Failed dependencies:
>         perl(Gtk2) is needed by tinyca2-0.7.5-2.noarch

This seems to be an rpm message but not an error given out by the
program.


> On FC6 it detected the missing Requires, but failed to get installed
> even after installing perl-Gtk2 and gettext:

Who is "it"?


> error: Failed dependencies:
>         perl(Locale::gettext) is needed by tinyca2-0.7.5-2.noarch

mmh... this seems to be a bug in FC6 yum then. 'perl(Locale::gettext)'
is provided by the perl-gettext packages both from FC5 and FC6.

Within FC5, package and the perl-gettext dependency installed fine:

| # http_proxy= yum localinstall tinyca2-0.7.5-2.noarch.rpm
| Installing:
|  tinyca2                 noarch     0.7.5-2          tinyca2-0.7.5-2.noarch.rpm  546 k
| Installing for dependencies:
|  perl-gettext            i386       1.05-8.fc5       extras             20 k
| ...
| Installed: tinyca2.noarch 0:0.7.5-2
| Dependency Installed: perl-gettext.i386 0:1.05-8.fc5
| Complete!
| #
Comment 4 manuel wolfshant 2006-11-03 07:48:34 EST
OK,. let me rephrase:
Everything is fine, my test failed because I was using only rpm rather then yum.:)

The only problems are the two cosmetic ones (mixed spaces with tabs and the
build root).

Comment 5 Enrico Scholz 2006-11-03 09:04:52 EST
sorry; I won't change these two issues.

rpmlint is wrong about the whitespace-tab mixes

and the buildroot with %(id...) is just stupid and not required
Comment 6 manuel wolfshant 2006-11-03 09:27:37 EST
Use :set list in vi and you will notice that rpmlint is not wrong about the mixes :)

The buildroot is just a recommended value, so should not be a blocker. But it's
up to a sponsor to decide. I am just a newcomer.

Comment 7 Enrico Scholz 2006-11-03 09:52:09 EST
I do not see mixed tab-spaces; TABs are used consistently. But I do not replace
every '  +' with a TAB just because it ends at a tab-position.

I do not need a sponsor; just a reviewer.
Comment 8 Mamoru TASAKA 2006-11-10 05:11:02 EST
I will review this later.
Comment 9 Mamoru TASAKA 2006-11-10 11:48:51 EST
NOTE:
* would you consider using braces {} for using macro? I think
  using braces should make spec file easier to read......

Well,
1. From http://fedoraproject.org/wiki/Packaging/Guidelines :
* License
  - (NOT A BLOCKER) original tarball does not include the copy of
  GPL license. You should ask upstream to include GPL copy.

* Desktop files
  - For desktop-file-install, the line
    "--add-category X-Fedora" should be removed as
    * this is of no use any longer.
    * original desktop-file-utils 0.11 refuses this (although Fedora
      patched against this to only warn against this).
    See:
    http://fedoraproject.org/wiki/PackagingDrafts/DesktopFiles

2. From http://fedoraproject.org/wiki/Packaging/ReviewGuidelines
   = Nothing

3. Other things I have noticed :
* desktop file
  - (NOT A BROCKER) I strongly recommend that you install a 
    icon which can be used for desktop entry and write to 
    the spec file where (or how) we can get the icon. However,
    for a quick look I cannot find a proper icon from
    http://tinyca.sm-zone.net/ ....

    Would you ask upstream to provide a icon?

Consider the comments above. However I can approve this
package now.

----------------------------------------------------------
  This package (tinyca2) is APPROVED by me.
Comment 10 Mamoru TASAKA 2006-11-14 10:42:07 EST
Don't forget to close this bug when rebuilds are done successfully.
Comment 11 Mamoru TASAKA 2006-12-12 03:52:11 EST
Well, what is the current state of this package?
Comment 12 Enrico Scholz 2006-12-12 14:01:07 EST
sorry; password manager does not work for wiki and I forget everytime the
password  and was not able to file a branch request
Comment 13 Mamoru TASAKA 2006-12-21 11:00:42 EST
(Well, for libextractor, I will check it later, althogh it may be
 tomorrow. By the way, it seems that tinyca2 has been already imported
 into FE-devel/6/5, so please close this bug when it is possible)
Comment 14 Enrico Scholz 2006-12-21 12:10:35 EST
ok; closed...

Note You need to log in before you can comment on or make changes to this bug.