Fedora Merge Review: openswan http://cvs.fedora.redhat.com/viewcvs/devel/openswan/ Initial Owner: harald
Legend: + = PASSED, - = FAILED, 0 = Not Applicable - MUST: rpmlint must be run on every package. The output should be posted in the review wycliff:openswan (f17) $ fedpkg lint /home/matej/build/Extras/openswan/openswan.spec:128: W: rpm-buildroot-usage %build fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_libexecdir}/ipsec/* \ /home/matej/build/Extras/openswan/openswan.spec:129: W: rpm-buildroot-usage %build fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_sbindir}/ipsec \ /home/matej/build/Extras/openswan/openswan.spec:255: W: macro-in-%changelog %ghost This is a false positive from rpmlint. Maybe it could be better not to irritate rpmlint and put that definition somewhere else (%install ?). Not sure whether it wouldn't break anything though. Certainly this is not an issue over which I would stop this review going through though. /home/matej/build/Extras/openswan/openswan.spec: W: invalid-url Source0: openswan-2.6.37.tar.gz Couldn't we get better URL here, please? Upstream seems to have rather nice URLs for download (e.g., http://download.openswan.org/openswan/openswan-2.6.38.tar.gz). openswan.src:255: W: macro-in-%changelog %ghost Use %%ghost instead (or eliminate macro from %chagelog entirely). openswan.x86_64: W: only-non-binary-in-usr-lib Most likely a false positive ... there is only directory %{_libdir}/fipscheck which is most likely hardwired by fipscheck, right? openswan.x86_64: E: incorrect-fsf-address /usr/share/doc/openswan-2.6.37/COPYING Correct address is (according to https://www.fsf.org/about/contact/): Free Software Foundation 51 Franklin Street, Fifth Floor Boston, MA 02110-1301 USA Or you can completely new fresh version of the license at https://www.gnu.org/licenses/gpl-2.0.txt Just let upstream know about it, please. openswan.x86_64: E: subsys-not-used /etc/rc.d/init.d/ipsec While your daemon is running, you have to put a lock file in /var/lock/subsys/. To see an example, look at this directory on your machine and examine the corresponding init scripts. I have absolutely no idea, whether this is a false positive or not. Please, comment. + MUST: package named according to the Package Naming Guidelines + MUST: The spec file name must match the base package %{name} + MUST: The package must meet the Packaging Guidelines . + MUST: The package licensed with a Fedora approved license and meets the Licensing Guidelines I assume that kernel part of the upstream package is not compiled in our binary packages, right? Otherwise, we would have to include all licenses mentioned in LICENSING file. - MUST: The License field in the package spec file matches the actual license At least according to programs/pluto/plutomain.c, the licensing includes "or (at your option) any later version", so this should be GPLv2+ + MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc. + MUST: The spec file must be written in American English. + MUST: The spec file for the package MUST be legible. + MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task MD5: e5c948555088df06cfadcfbe6c13adfe + MUST: The package successfully compiles and builds into binary rpms on at least one primary architecture - built many times in koji and brew 0 MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch + MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines 0 MUST: The spec file handles locales properly. This is done by using the %find_lang macro No locales are present. 0 MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. + MUST: Packages must NOT bundle copies of system libraries 0 MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker + MUST: Package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory + MUST: Package must not list a file more than once in the spec file's %files listings + MUST: Permissions on files must be set properly. Every %files section must include a %defattr(...) line. + MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). + MUST: Each package must consistently use macros + MUST: The package must contain code, or permissible content + MUST: Large documentation files must go in a -doc subpackage + MUST: If a package includes something as %doc, it must not affect the runtime of the application 0 MUST: Header files must be in a -devel package 0 MUST: Static libraries must be in a -static package 0 MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' 0 MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package 0 MUST: devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} 0 MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built 0 MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section + MUST: Packages must not own files or directories already owned by other packages + MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) + MUST: All filenames in rpm packages must be valid UTF-8 Please just comment on the result of rpmlint and fix small issues mentioned in the rest of the review.
This bug should probably be closed?
(In reply to comment #2) > This bug should probably be closed? What's the status of openswan? It seems to be orphaned in Rawhide. Does it mean it should die eventually? If it is so, then yes, this bug should be closed as WONTFIX.
Yes. libreswan has obsoleted openswan in rawhide and fedora18. But not yet in fedora19 because of the freeze.