Bug 220284 - Review Request: bcfg2 - Configuration management client and server
Review Request: bcfg2 - Configuration management client and server
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Axel Thimm
Fedora Package Reviews List
:
Depends On:
Blocks: FE-ACCEPT
  Show dependency treegraph
 
Reported: 2006-12-20 01:00 EST by Jeffrey C. Ollie
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-02-15 17:12:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
dennis: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Jeffrey C. Ollie 2006-12-20 01:00:05 EST
Spec URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-1.fc6.spec
SRPM URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-1.fc6.src.rpm
Description:

Bcfg2 helps system administrators produce a consistent, reproducible,
and verifiable description of their environment, and offers
visualization and reporting tools to aid in day-to-day administrative
tasks.
Comment 1 Jeffrey C. Ollie 2006-12-20 01:07:26 EST
Note that this package hasn't been tested much (there's some rpmlint cruft that
needs cleaning up), and the license needs reviewing.  See:

http://trac.mcs.anl.gov/projects/bcfg2/browser/trunk/bcfg2/LICENSE

for the license and

https://www.redhat.com/archives/fedora-extras-list/2006-December/msg00417.html

for some discussion.
Comment 2 Axel Thimm 2006-12-20 08:14:58 EST
Just for future reference rpmlint says

W: bcfg2 invalid-license BCFG Public License
E: bcfg2 wrong-line-in-lsb-tag #                    installs configuration files
served by bcfg2-server
E: bcfg2 wrong-line-in-lsb-tag #                    This is a client that
installs the server provided
E: bcfg2 wrong-line-in-lsb-tag #                    Configuration.
E: bcfg2 subsys-not-used /etc/rc.d/init.d/bcfg2
W: bcfg2-server invalid-license BCFG Public License
E: bcfg2-server wrong-line-in-lsb-tag #                    installs
configuration files served by bcfg2-server
E: bcfg2-server subsys-not-used /etc/rc.d/init.d/bcfg2-server

The wrong-line-in-lsb-tag is due to continuation of the Description fields. I'm
not sure whether rpmlint is wrong, or the init file. subsys-not-used: I wouldn't
had marked it as and error in rpmlint, but maybe it's not a bad idea to add it
to the init file.

rpm install is noisy, the openssl output should go to /dev/null. You need to
reverse the order of 2>&1 and /dev/null.

The file /etc/bcfg2.key is unowned. That's like for openssh's keys, but perhaps
not the best practice. Better own a dummy file, mark it as %config(noreplace),
and overwrite it on first install. The key would remain in the rpmdb as a
changed config file, so upgrades would not touch it and uninstalls would keep it
as *.rpmsave. This is just a (very) weak suggestion, though.
Comment 3 Jeffrey C. Ollie 2006-12-20 10:33:38 EST
(In reply to comment #2)
>
> W: bcfg2 invalid-license BCFG Public License
> W: bcfg2-server invalid-license BCFG Public License

We're (Axel and I) working with the upstream on this issue.

> E: bcfg2 wrong-line-in-lsb-tag #                    installs configuration files
> served by bcfg2-server
> E: bcfg2 wrong-line-in-lsb-tag #                    This is a client that
> installs the server provided
> E: bcfg2 wrong-line-in-lsb-tag #                    Configuration.

> E: bcfg2-server wrong-line-in-lsb-tag #                    installs
> configuration files served by bcfg2-server

> The wrong-line-in-lsb-tag is due to continuation of the Description
> fields. I'm not sure whether rpmlint is wrong, or the init
> file. subsys-not-used: I wouldn't had marked it as and error in
> rpmlint, but maybe it's not a bad idea to add it to the init file.

According to this:

http://www.freestandards.org/spec/booksets/LSB-Core-generic/LSB-Core-generic/initscrcomconv.html

the continuation of the Description field should be OK, so it looks
like a bug in rpmlint.

> E: bcfg2 subsys-not-used /etc/rc.d/init.d/bcfg2

The bcfg2 init script is a one-shot script - it doesn't actually start
a server in the background so creating a file in /var/lock/subsys
doesn't make sense.

> E: bcfg2-server subsys-not-used /etc/rc.d/init.d/bcfg2-server

Fixed in the next release.

> rpm install is noisy, the openssl output should go to /dev/null. You
> need to reverse the order of 2>&1 and /dev/null.

Turns out that runing openssh in %post to generate a key is not
needed.  The bcfg2-admin script will take care of generating the key.

> The file /etc/bcfg2.key is unowned. That's like for openssh's keys,
> but perhaps not the best practice. Better own a dummy file, mark it
> as %config(noreplace), and overwrite it on first install. The key
> would remain in the rpmdb as a changed config file, so upgrades
> would not touch it and uninstalls would keep it as *.rpmsave. This
> is just a (very) weak suggestion, though.

/etc/bcfg2.key should be marked %ghost and %config(noreplace)
Comment 4 Axel Thimm 2006-12-20 10:39:01 EST
> /etc/bcfg2.key should be marked %ghost and %config(noreplace)

That may make the key be removed upon package removal, but I'm not 100% sure.
Comment 5 Jeffrey C. Ollie 2006-12-20 10:43:27 EST
Spec URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-3.fc6.spec
SRPM URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-3.fc6.src.rpm

* Wed Dec 20 2006 Jeffrey C. Ollie <jeff@ocjtech.us> - 0.8.7.1-3
- Don't generate SSL cert in post script, it only needs to be done on
  the server and is handled by the bcfg2-admin tool.
- Move the /etc/bcfg2.key file to the server package
- Don't install a sample copy of the config file, just ghost it
- Require gamin-python for the server package
- Don't require openssl
- Make the client a separate package so you don't have to have the
  client if you don't want it
Comment 6 Jeffrey C. Ollie 2006-12-20 10:46:25 EST
(In reply to comment #4)
> > /etc/bcfg2.key should be marked %ghost and %config(noreplace)
> 
> That may make the key be removed upon package removal, but I'm not 100% sure.

Here's what happens when you remove the -1 version:

[root@an00 ~]# rpm -e bcfg2 bcfg2-server
warning: /etc/bcfg2.conf saved as /etc/bcfg2.conf.rpmsave
[root@an00 ~]# ls /etc/bcfg2.*
/etc/bcfg2.conf.rpmsave  /etc/bcfg2.key
Comment 7 Axel Thimm 2006-12-20 14:18:32 EST
Full review:
o rpmlint output: OK

W: bcfg2 invalid-license BCFG Public License
E: bcfg2 non-readable /etc/bcfg2.conf 0600
W: bcfg2-client invalid-license BCFG Public License
E: bcfg2-client wrong-line-in-lsb-tag #                    installs
configuration files served by bcfg2-server
E: bcfg2-client wrong-line-in-lsb-tag #                    This is a client that
installs the server provided
E: bcfg2-client wrong-line-in-lsb-tag #                    Configuration.
E: bcfg2-client subsys-not-used /etc/rc.d/init.d/bcfg2
W: bcfg2-client incoherent-init-script-name bcfg2
W: bcfg2-server invalid-license BCFG Public License
E: bcfg2-server non-readable /etc/bcfg2.key 0600
E: bcfg2-server wrong-line-in-lsb-tag #                    installs
configuration files served by bcfg2-server

invalid-license: may change to BSD, soon, anyway
non-readable: rpmlint false positive
wrong-line-in-lsb-tag: rpmlint false positive
subsys-not-used: see Jeff's explenation above: non-daemon start script
incoherent-init-script-name: OK

o package naming: OK
o specfile name: OK
o guidelines: OK
o open-source compatible license: todo
o license field: todo
o license in source: todo
o specfile in American English: OK
o specfile legible: OK
o sources match upstream: OK
  (md5sum, timestamps diverge)
o successfully compiles: OK
o excluding archs (none): OK
o BRs complete: OK
o locale: OK
o ldconfig (none needed): OK
o relocatable package (no): OK
o dir ownership: OK
o %files duplicates (none): OK
o sane permissions on files: OK
o %clean: OK
o consistent use of macros: OK
o contains code: OK
o doc subpackage (not needed): OK
o %doc influences package (no): OK
o *.pc files (none): OK
o shared libs (none): OK
o devel dependencies (no devel): OK
o *.la files (none): OK
o *.desktop file (no guis): OK
o cross-ownership (none): OK

The few todos are all about the new license which is about to be changed, so I'm
preapproving on the assumption that upstream will switch to plain BSD licensing
(according to our PM with the author). I'm also removing FE-LEGAL on the same
assumption. :)

Irrelevant nitpicking: Is %{_localstatedir} not preferred over %{_var}?
Comment 8 Jeffrey C. Ollie 2006-12-27 15:05:25 EST
Here's the latest Spec/SRPM:

Spec URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-5.fc6.spec
SRPM URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.1-5.fc6.src.rpm

I know that this has been approved but I want to wait until upstream
pushes a new package that will be licenced according to the standard
BSD license (which should happedn RSN).
Comment 9 Jeffrey C. Ollie 2006-12-27 22:43:12 EST
Spec URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.3-1.fc6.spec
SRPM URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.3-1.fc6.src.rpm

This is the new version of the package with the updated license...
Comment 10 Axel Thimm 2006-12-28 08:37:49 EST
Reapproving :) Thanks!
Comment 11 Axel Thimm 2007-01-09 07:21:48 EST
Is there still any open issue with the package?

I think there was just the upstream request to package in accord to their
subpackaging structure, which is up to you, both ways are fine. You can change
the subpackaging also later, if you haven't made your mind 100% yet. I'd like to
get this in, so it can be coevaluated with the other solutions. Thanks!
Comment 12 Jeffrey C. Ollie 2007-01-09 09:07:00 EST
(In reply to comment #11)
> Is there still any open issue with the package?

I think the only question still remaining is the license.

http://trac.mcs.anl.gov/projects/bcfg2/browser/trunk/bcfg2/COPYRIGHT

I think that it's free enough to be included in Fedora, but I'm not sure that
it's exactly the BSD licese.

> I think there was just the upstream request to package in accord to their
> subpackaging structure, which is up to you, both ways are fine. You can change
> the subpackaging also later, if you haven't made your mind 100% yet. I'd like to
> get this in, so it can be coevaluated with the other solutions. Thanks!

Yeah, it doesn't matter to me much either way so I'll go along with upstream.

Spec URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.3-2.fc6.spec
SRPM URL: http://repo.ocjtech.us/misc/fedora/6/SRPMS/bcfg2-0.8.7.3-2.fc6.src.rpm

Comment 13 Axel Thimm 2007-01-09 15:07:29 EST
No, that's not the BSD license. But it is at least as free/open as the 3-term
BSD license. It effectively looks like a BSD license with the non-endorsement
term is missing.

I think we can consider it free enough, or do you want to get backup from
fedora-extras?
Comment 14 Axel Thimm 2007-02-02 20:58:05 EST
Could you please import this package? Thanks!
Comment 15 Axel Thimm 2007-02-15 16:10:55 EST
Please import this package. :(

Since there is more than a month of lack of submitter's feedback "a comment is
added to the ticket indicating that the review is stalled and that a response is
needed soon."
Comment 16 Jeffrey C. Ollie 2007-02-15 17:12:09 EST
It's been imported and built for some time now, guess I forgot to close the
ticket...
Comment 17 Konstantin Ryabitsev 2007-05-01 16:54:19 EDT
Jeff: would you mind doing EPEL branches? If that's too much trouble, I'd gladly
sign up for co-maintenance to take care of those.
Comment 18 Jeffrey C. Ollie 2007-05-01 17:38:33 EDT
(In reply to comment #17)
> Jeff: would you mind doing EPEL branches? If that's too much trouble, I'd gladly
> sign up for co-maintenance to take care of those.

If you're willing to co-maintain, I'll take care of the initial setup.  I don't
run RHEL or CentOS so I'm unable to do testing/debugging on those platforms.

Package Change Request
======================
Package Name: bcfg2
New Branches: EL-4 EL-5
Updated EPEL Owners: jeff@ocjtech.us, icon@fedoraproject.org
Comment 19 Dennis Gilmore 2007-05-05 11:14:30 EDT
cvs Done

Note You need to log in before you can comment on or make changes to this bug.