Bug 401101 - Review Request: sleuthkit - The Sleuth Kit (TSK)
Review Request: sleuthkit - The Sleuth Kit (TSK)
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: manuel wolfshant
Fedora Extras Quality Assurance
:
: 451509 (view as bug list)
Depends On: 389471 437960
Blocks:
  Show dependency treegraph
 
Reported: 2007-11-27 10:41 EST by Nicolas Chauvet (kwizart)
Modified: 2008-07-04 20:01 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-07-04 20:01:27 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
wolfy: fedora‑review+
kevin: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Nicolas Chauvet (kwizart) 2007-11-27 10:41:56 EST
Spec URL: http://kwizart.fedorapeople.org/SPEC/sleuthkit.spec
SRPM URL: 
http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.09-1.fc7.kwizart.src.rpm
Description: The Sleuth Kit (TSK)

This package could be part of :
http://fedoraproject.org/wiki/LukeMacken/SecurityLiveCD
As such it might be desirable to have it build statically (which is the case for now) or with dietlibc. I'm also working on a shared built (for libewf afflib) but this is not done yet... Advices welcome...

A Previous request: https://bugzilla.redhat.com/204228 (closed)

There is a need to block FE-LEGAL about the compatibility between license (BSD with advertising and CPL/IBM) and eventually the NTFS case (I think this last should not give problems since we have ntfs-3g in userspace)
Comment 1 Tom "spot" Callaway 2007-11-28 11:33:23 EST
The problem here is really:

src/srchtools/srch_strings.c (GPLv2+) which links to libtsk (CPL and IBM). You
cannot do this, as both the CPL and IBM licenses are GPL incompatible.

Specifically, it uses tsk_malloc() from auxtools/mymalloc.c. 

Upstream needs to resolve that license incompatibility somehow before Fedora
could  even consider including this package.
Comment 2 Nicolas Chauvet (kwizart) 2007-11-29 16:02:38 EST
mail send upstream

Comment 3 Jason Tibbitts 2008-01-26 13:29:51 EST
Any response from upstream?
Comment 4 Nicolas Chauvet (kwizart) 2008-01-28 05:29:26 EST
yes! the 2.10 version seems to have the reported problem fixed.
(as mentioned in the changelog).

I've checked src/srchtools/srch_strings.c and it not more use tsk_malloc(), so i
think we can leave FE-Legal here. Spot ?

About dietlibc linking: I have a problem while building afflib with this scheme.
Config.log shows:
configure:14608: diet gcc -D_BSD_SOURCE -D_GNU_SOURCE -s -static -o conftest -g
-O2 -I/usr/local/include  -L/usr/local/lib  conftest.c -lssl  -lz  >&5
/usr/lib64/dietlibc/lib-x86_64/libc.a(stdout.o): In function `__fflush_stdout':
(.text+0x8): warning: warning: your code uses stdio (7+k bloat).
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libssl.a(s3_lib.o): In
function `ssl3_write':
(.text+0x413): undefined reference to `BIO_ctrl'
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libssl.a(s3_lib.o): In
function `ssl3_choose_cipher':

---------
Spec URL: http://kwizart.fedorapeople.org/SPEC/sleuthkit.spec
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.10-1.kwizart.fc8.src.rpm
Description: The Sleuth Kit (TSK)

I will try to work on autotools patches, so it can build with afflib and libewf
shared and with correct CFLAGS. (That will make the package dependent of #389471
then).

Comment 5 Tom "spot" Callaway 2008-01-28 09:31:33 EST
Yep. Lifting FE-Legal.
Comment 6 Nicolas Chauvet (kwizart) 2008-03-18 11:03:56 EDT
Spec URL: 
http://kwizart.fedorapeople.org/SPEC/sleuthkit.spec
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.51-1.fc9.kwizart.src.rpm
Description: The Sleuth Kit (TSK)

Changelog
- Update to 2.51
- Add libewf/afflib BR
- Requires mac-robber external package.
- Remove internal perl-Date-Manip.
Comment 7 Nicolas Chauvet (kwizart) 2008-03-19 17:23:24 EDT
Spec URL: 
http://kwizart.fedorapeople.org/SPECS/sleuthkit.spec
Comment 8 Jason Tibbitts 2008-06-15 05:44:15 EDT
*** Bug 451509 has been marked as a duplicate of this bug. ***
Comment 9 Joe Rozner 2008-06-16 12:38:32 EDT
I was wondering what the status was of this package. I created a spec and
submitted it for review not knowing one already existed, and was wondering if
this is still being worked on. If it is, what still needs to be done before it
can be approved and if it's not could I take it over?
Comment 10 Tom "spot" Callaway 2008-06-16 17:54:47 EDT
Looks like no one ever reviewed it.
Comment 11 Nicolas Chauvet (kwizart) 2008-06-17 13:00:35 EDT
Spec URL: 
http://kwizart.fedorapeople.org/SPECS/sleuthkit.spec
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.52-1.fc8.kwizart.src.rpm
Description: The Sleuth Kit (TSK)

This packages doesn't currently works and have showed some strange issues that
didn't appeared when <afflib/afflib.h> and <afflib/afflib_.h> was used (instead
of using the appropriate AFFLIB_CFLAGS).

Problem is:
/usr/include/afflib/afflib_i.h:343: error: redefinition of typedef 'AFFILE'
/usr/include/afflib/afflib.h:102: error: previous declaration of 'AFFILE' was here
*** [libtskimg_la-img_open.lo] Error 1

* This can be solved inside the afflib package by removing the AFFILE occurence
at l.383 of afflib_i.h
* On the other hand, this file is not meant to be used by the dependent
application, despite the dual header include (<afflib/afflib.h> and
<afflib/afflib_.h>) was submitted by the afflib developer to the sleutkit one.

* For some reasons, the linking properties of the libtsk.la are inherited by the
different binaries. I don't know how this can be avoided. This make the binaries
linked to unneeded library, and suggest that srch_strings (which is GPLv2+) is
linked against afflib (which is BSD with advertising), which is forbidden (even
if it probably don't use it directly).

Patch have been submitted to the different upsteam for advices.

@livinded
Your help would be welcome to maintain this package. I hope to have most of the
patches merged so the update will be easier. But a good reviewer is still missing.

Comment 12 manuel wolfshant 2008-06-17 19:02:57 EDT
Just for the sake of correctness: "The Sleuth Kit (TSK) is an open source
digital investigation tools (a.k.a digital forensic tools)" is not proper
English, the singular "an" being incongruous with the plural "tools".


I'll try to help in review once you fix the build issue (actually I've reviewed
macrobber with the intent to  push sleuth kit forward)
Comment 13 Nicolas Chauvet (kwizart) 2008-06-23 12:39:25 EDT
The problem leave within afflib and I'm waiting for the next afflib release to
have it fixed.
Comment 14 Nicolas Chauvet (kwizart) 2008-06-26 11:09:34 EDT
The Problem has been fixed in devel, and going thought the updates process in
F-8 and F-9...
Comment 15 Nicolas Chauvet (kwizart) 2008-06-26 11:27:13 EDT
http://koji.fedoraproject.org/koji/taskinfo?taskID=682158
This task is for F-10

I will fix the #12 with the description seen here:
http://www.sleuthkit.org/sleuthkit/ 
Comment 16 manuel wolfshant 2008-06-27 11:47:23 EDT
Everything seems fine now, I'll come back with a full review in a while, I want
to also test it first.

The only thing that I am not fond of is the fact that all header files in -devel
have the date of the build. I would have thought that the original date should
have been preserved given the usage of INSTALL="install -p" in %install.
Comment 17 manuel wolfshant 2008-07-01 10:24:54 EDT
Package Review
==============

Key:
 - = N/A
 x = Check
 ! = Problem
 ? = Not evaluated

=== REQUIRED ITEMS ===
 [x] Package is named according to the Package Naming Guidelines.
 [x] Spec file name must match the base package %{name}, in the format %{name}.spec.
 [x] Package meets the Packaging Guidelines.
 [x] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
     Tested on: devel/x86_64
 [x] Rpmlint output:
     source RPM: empty
     binary RPM:
         sleuthkit-libs: W: no-documentation
         sleuthkit and sleuthkit-devel: empty
 [x] Package is not relocatable.
 [x] Buildroot is correct
(%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n))
 [x] Package is licensed with an open-source compatible license and meets other
legal requirements as defined in the legal section of Packaging Guidelines.
 [x] License field in the package spec file matches the actual license.
     License type: CPL and IBM and GPLv2+
 [x] If (and only if) the source package includes the text of the license(s) in
its own file, then that file, containing the text of the license(s) for the
package is included in %doc.
 [x] Spec file is legible and written in American English.
 [x] Sources used to build the package matches the upstream source, as provided
in the spec URL.
     SHA1SUM of package: e2e8ebc41e4be7aa75376fef38e13cf6f2d6206f 
sleuthkit-2.52.tar.gz
 [x] Package is not known to require ExcludeArch
 [x] All build dependencies are listed in BuildRequires, except for any that are
listed in the exceptions section of Packaging Guidelines.
 [-] The spec file handles locales properly.
 [x] ldconfig called in %post and %postun if required.
 [x] Package must own all directories that it creates.
 [x] Package requires other packages for directories it uses.
 [x] Package does not contain duplicates in %files.
 [x] Permissions on files are set properly.
 [x] Package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT.
 [x] Package consistently uses macros.
 [x] Package contains code, or permissable content.
 [-] Large documentation files are in a -doc subpackage, if required.
 [x] Package uses nothing in %doc for runtime.
 [x] Header files in -devel subpackage, if present.
 [-] Static libraries in -devel subpackage, if present.
 [-] Package requires pkgconfig, if .pc files are present.
 [x] Development .so files in -devel subpackage, if present.
 [x] Fully versioned dependency in subpackages, if present.
 [x] Package does not contain any libtool archives (.la).
 [-] Package contains a properly installed %{name}.desktop file if it is a GUI
application.
 [x] Package does not own files or directories owned by other packages.

=== SUGGESTED ITEMS ===
 [x] Latest version is packaged.
 [x] Package does not include license text files separate from upstream.
 [-] Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
 [x] Reviewer should test that the package builds in mock.
     Tested on: all architectures supported by koji
 [ ] Package should compile and build into binary rpms on all supported
architectures.
     Tested on: all architectures supported by koji
 [x] Package functions as described (tested in rawhide/i386).
 [-] Scriptlets must be sane, if used.
 [-] The placement of pkgconfig(.pc) files is correct.
 [-] File based requires are sane.


================
*** APPROVED ***
================
Comment 18 Nicolas Chauvet (kwizart) 2008-07-02 16:26:27 EDT
New Package CVS Request
=======================
Package Name: sleuthkit
Short Description: The Sleuth Kit (TSK)
Owners: kwizart
Branches: F-8 F-9 EL-4 EL-5
Cvsextras Commits: yes

Comment 19 Kevin Fenzi 2008-07-04 15:40:16 EDT
cvs done.

Note You need to log in before you can comment on or make changes to this bug.