Spec URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11.spec SRPM URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11-0.2.2-1.src.rpm Description: libp11 is part of the Open Smart Card project http://www.opensc-project.org/ This srpm has been found clean with rpmlint, and has been tested on i386 and x86_64.
Corrected Group to be Development/Libraries This is my first package, so I am in need of a sponsor.
A few comments: The scriptlets are a bit odd. You probably just want to use %post -p /sbin/ldconfig %postun -p /sbin/ldconfig and delete %preun entirely. See the "Shared libraries" section of http://fedoraproject.org/wiki/Packaging/ScriptletSnippets. You should use an actual ASCII dash in the changelog. Not only is that mandated by the packaging guidelines, but since the web server hosting the specfile serves it as ISO-8859-1, it shows up as garbage. Probably easiest to just avoid the pain. The SRPM is clean according to rpmlint, but the built package sure isn't. I'll address the complaints: W: libp11 no-documentation This is OK as long as there really is no documentation. However, that sure doesn't seem to be the case, with nice doc and examples directories in the source tarball. You should at least include README and Changelog files. If you have development documentation, you should include that in the -devel subpackage (see below). E: libp11 postun-without-ldconfig /usr/lib64/libp11.so.0.1.1 W: libp11 one-line-command-in-%post /sbin/ldconfig W: libp11 empty-%preun W: libp11 empty-%postun Will go away if you call ldconfig properly and clean up the empty scriptlet as detailed earlier. W: libp11 devel-file-in-non-devel-package /usr/lib64/libp11.so W: libp11 devel-file-in-non-devel-package /usr/lib64/pkgconfig/libp11.pc W: libp11 devel-file-in-non-devel-package /usr/include/libp11.h W: libp11 devel-file-in-non-devel-package /usr/lib64/libp11.a These shouldn't be in the main package. You need a libp11-devel subpackage to hold the unversioned .so link, the .pc file and the headers. You will need a libp11-static subpackage to hold the static library. E: libp11 explicit-lib-dependency libtool I can't imagine how a runtime library could need libtool. I don't even see how the -devel subpackage could need it, although I could be wrong. What's it for? W: libp11 no-version-in-last-changelog W: libp11-debuginfo no-version-in-last-changelog Please version your changelog entries. See the "Changelogs" section of http://fedoraproject.org/wiki/Packaging/Guidelines.
Thanks for the suggestions, I've updated the spec file and built a libp11-0.2.2-2.src.rpm that is in the same directory as before. I took your advice and got rid of %prerun and used the suggested %post and %postrun command format. The dash is fixed, and I put version numbers in the changelog as per the guidelines. I've added the html, README and ChangeLog files to the libp11 base package for documentation. I also created a libp11-devel package like you suggested and added the doc/api directory along with the examples directory for the documentation there. I looked for an example of a -static package, and wasn't able to find any. Searching on my system I found several .a files that were registered in the -devel packages so for now I did not create a -static. If anyone knows of an example I could follow I will. The libtool dependency should have really just been a BuildRequires libtool-ltdl-devel since libp11 needs ltdl.h so I've removed it from Requires. The libp11-0.2.2-2 rpm builds cleanly on x86_64 and i386. This time all four rpms {base,-devel,-debuginfo,src} have been checked with rpmlint with no warnings or errors found.
After some more reading I found that --disable-statics is preferred, along with rpmdevtools' rpmdev-newspec template. I've made those changes and posted updated files: Spec URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11.spec SRPM URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11-0.2.2-3.fc7.src.rpm
> Summary: LibP11 is a library for using PKCS#11 modules Better is Summary: Library for using PKCS#11 modules Repeating the package/software name in the summary is considered bad taste often, since in many package database interfaces it usually results in displaying the package %{name} multiple times, e.g.: libp11 - LibP11 is a library for using PKCS#11 modules > BuildRequires: openssl pkgconfig libtool-ltdl-devel openssl-devel not openssl > Requires: openssl pkgconfig A dependency on the openssl shared libs is automatically added by rpmbuild. If not, then your package doesn't link against openssl actually, and in that case you should add a comment in the spec file as why it requires openssl. The main package does NOT require pkgconfig. The -devel packages should. > %package devel > Summary: LibP11-devel contains the static libraries > and header files for libp11 Better is something like Summary: Files for developing with %{name} since -devel packages usually contain files other than "static libs and headers". > %description devel > Development libraries and header files for libp11. The summary could be the same. ;) > %configure --prefix=/usr --disable-static --prefix=/usr is default. See: rpm --eval %configure > %files devel [...] > %{_libdir}/libp11.la Better delete the libtool archive or %exclude it. It is not needed at build/link-time. > %{_libdir}/pkgconfig/* The -devel package should add "Requires: pkgconfig"
Thanks for the comments. I've made all the suggested changes and posted a new version of the spec file and srpm: Spec URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11.spec SRPM URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11-0.2.2-4.fc7.src.rpm These have been checked with rpmlint and build correctly on i386 and x86_64.
OK, here's what rpmlint gives me: W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1 /lib64/libssl.so.6 W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1 /lib64/libdl.so.2 W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1 /lib64/libz.so.1 What this means is that libp11.so is linked against those three libraries but doesn't actually use anything from them. (Either that or it means rpmlint is broken, I guess.) I think configure is just being overzealous: checking for OPENSSL_LIBS... -L/usr/kerberos/lib64 -lssl -lcrypto -ldl -lz when the package just needs -lssl. I don't think this is a particularly big deal; probably not worth hacking the configure script over. Source0: should contain a full URL to the upstream source if possible. You probably want something like: http://www.opensc-project.org/files/%{name}/%{name}-%{version}.tar.gz You must include the COPYING file as %doc in the main package. That's about it as far as I can see. While you're putting up an updated package, go ahead and apply for cvsextras access and I'll click the necessary button. Instructions are in http://fedoraproject.org/wiki/PackageMaintainers/Join down in the "Get A Fedora Account" section. Review: * source files match upstream: 6593e76b815393f2a3896e163d1c23a7e0bd3eb1fabaf9795ba1bbbc4c500630 libp11-0.2.2.tar.gz * package meets naming and versioning guidelines. * specfile is properly named, is cleanly written and uses macros consistently. * summary is OK. * description is OK. * dist tag is present. * build root is OK. * license field matches the actual license. * license is open source-compatible. X license text included in tarball but not in package. * latest version is being packaged. * BuildRequires are proper. * compiler flags are appropriate. * %clean is present. * package builds in mock (development, x86_64). * package installs properly * debuginfo package looks complete. * rpmlint has acceptable complaints. * final provides and requires are sane: libp11-0.2.2-4.fc8.x86_64.rpm libp11.so.0()(64bit) libp11 = 0.2.2-4.fc8 = /sbin/ldconfig libcrypto.so.6()(64bit) libltdl.so.3()(64bit) libp11.so.0()(64bit) libssl.so.6()(64bit) libz.so.1()(64bit) libp11-devel-0.2.2-4.fc8.x86_64.rpm libp11-devel = 0.2.2-4.fc8 = libp11 = 0.2.2-4.fc8 libp11.so.0()(64bit) pkgconfig * %check is not present; no test suite upstream. * shared libraries present; ldconfig called and unversioned .so files are in the -devel package. * owns the directories it creates. * doesn't own any directories it shouldn't. * no duplicates in %files. * file permissions are appropriate. * scriptlets are OK (ldconfig). * code, not content. * documentation is small, so no -docs subpackage is necessary. Development documentation is in the -devel subpackage. * %docs are not necessary for the proper functioning of the package. * headers are in the -devel subpackage. * pkgconfig files are in the -devel subpackage; pkgconfig dependency is there. * no static libraries. * no libtool .la files.
I've made the changes you suggested and posted the updated files: Spec URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11.spec SRPM URL: http://free.linux.hp.com/~mra/rpms/libp11/libp11-0.2.2-5.fc7.src.rpm I will also look into the dependency issue you found. Instead of including a patch in the rpm I will see about getting it upstream. These seem to me to be overly broad dependencies based on the package previously being part of a larger OpenSC project.
Hmm, the URL isn't actually correct; you're missing a "/files" after the hostname. It may be helpful for you to install the rpmdevtools package and run spectool -g *spec which will expand the macros in the Source URLs and download them all. But really, that's a minor issue; you can fix it when you check in. APPROVED
Were you going to make your CVS request and get this checked in and built?
New Package CVS Request ======================= Package Name: libp11 Short Description: Library for using PKCS#11 modules Owners: mra Branches: F-7 InitialCC: tibbs.edu
libp11-0.2.2-5.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
libp11-0.2.2-5.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.