Bug 401101 - Review Request: sleuthkit - The Sleuth Kit (TSK)
Summary: Review Request: sleuthkit - The Sleuth Kit (TSK)
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: manuel wolfshant
QA Contact: Fedora Extras Quality Assurance
: 451509 (view as bug list)
Depends On: 389471 437960
TreeView+ depends on / blocked
Reported: 2007-11-27 15:41 UTC by Nicolas Chauvet (kwizart)
Modified: 2008-07-05 00:01 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-07-05 00:01:27 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
wolfy: fedora-review+
kevin: fedora-cvs+

Attachments (Terms of Use)

Description Nicolas Chauvet (kwizart) 2007-11-27 15:41:56 UTC
Spec URL: http://kwizart.fedorapeople.org/SPEC/sleuthkit.spec
Description: The Sleuth Kit (TSK)

This package could be part of :
As such it might be desirable to have it build statically (which is the case for now) or with dietlibc. I'm also working on a shared built (for libewf afflib) but this is not done yet... Advices welcome...

A Previous request: https://bugzilla.redhat.com/204228 (closed)

There is a need to block FE-LEGAL about the compatibility between license (BSD with advertising and CPL/IBM) and eventually the NTFS case (I think this last should not give problems since we have ntfs-3g in userspace)

Comment 1 Tom "spot" Callaway 2007-11-28 16:33:23 UTC
The problem here is really:

src/srchtools/srch_strings.c (GPLv2+) which links to libtsk (CPL and IBM). You
cannot do this, as both the CPL and IBM licenses are GPL incompatible.

Specifically, it uses tsk_malloc() from auxtools/mymalloc.c. 

Upstream needs to resolve that license incompatibility somehow before Fedora
could  even consider including this package.

Comment 2 Nicolas Chauvet (kwizart) 2007-11-29 21:02:38 UTC
mail send upstream

Comment 3 Jason Tibbitts 2008-01-26 18:29:51 UTC
Any response from upstream?

Comment 4 Nicolas Chauvet (kwizart) 2008-01-28 10:29:26 UTC
yes! the 2.10 version seems to have the reported problem fixed.
(as mentioned in the changelog).

I've checked src/srchtools/srch_strings.c and it not more use tsk_malloc(), so i
think we can leave FE-Legal here. Spot ?

About dietlibc linking: I have a problem while building afflib with this scheme.
Config.log shows:
configure:14608: diet gcc -D_BSD_SOURCE -D_GNU_SOURCE -s -static -o conftest -g
-O2 -I/usr/local/include  -L/usr/local/lib  conftest.c -lssl  -lz  >&5
/usr/lib64/dietlibc/lib-x86_64/libc.a(stdout.o): In function `__fflush_stdout':
(.text+0x8): warning: warning: your code uses stdio (7+k bloat).
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libssl.a(s3_lib.o): In
function `ssl3_write':
(.text+0x413): undefined reference to `BIO_ctrl'
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../lib64/libssl.a(s3_lib.o): In
function `ssl3_choose_cipher':

Spec URL: http://kwizart.fedorapeople.org/SPEC/sleuthkit.spec
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.10-1.kwizart.fc8.src.rpm
Description: The Sleuth Kit (TSK)

I will try to work on autotools patches, so it can build with afflib and libewf
shared and with correct CFLAGS. (That will make the package dependent of #389471

Comment 5 Tom "spot" Callaway 2008-01-28 14:31:33 UTC
Yep. Lifting FE-Legal.

Comment 6 Nicolas Chauvet (kwizart) 2008-03-18 15:03:56 UTC
Spec URL: 
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.51-1.fc9.kwizart.src.rpm
Description: The Sleuth Kit (TSK)

- Update to 2.51
- Add libewf/afflib BR
- Requires mac-robber external package.
- Remove internal perl-Date-Manip.

Comment 7 Nicolas Chauvet (kwizart) 2008-03-19 21:23:24 UTC
Spec URL: 

Comment 8 Jason Tibbitts 2008-06-15 09:44:15 UTC
*** Bug 451509 has been marked as a duplicate of this bug. ***

Comment 9 Joe Rozner 2008-06-16 16:38:32 UTC
I was wondering what the status was of this package. I created a spec and
submitted it for review not knowing one already existed, and was wondering if
this is still being worked on. If it is, what still needs to be done before it
can be approved and if it's not could I take it over?

Comment 10 Tom "spot" Callaway 2008-06-16 21:54:47 UTC
Looks like no one ever reviewed it.

Comment 11 Nicolas Chauvet (kwizart) 2008-06-17 17:00:35 UTC
Spec URL: 
SRPM URL: http://kwizart.fedorapeople.org/SRPMS/sleuthkit-2.52-1.fc8.kwizart.src.rpm
Description: The Sleuth Kit (TSK)

This packages doesn't currently works and have showed some strange issues that
didn't appeared when <afflib/afflib.h> and <afflib/afflib_.h> was used (instead
of using the appropriate AFFLIB_CFLAGS).

Problem is:
/usr/include/afflib/afflib_i.h:343: error: redefinition of typedef 'AFFILE'
/usr/include/afflib/afflib.h:102: error: previous declaration of 'AFFILE' was here
*** [libtskimg_la-img_open.lo] Error 1

* This can be solved inside the afflib package by removing the AFFILE occurence
at l.383 of afflib_i.h
* On the other hand, this file is not meant to be used by the dependent
application, despite the dual header include (<afflib/afflib.h> and
<afflib/afflib_.h>) was submitted by the afflib developer to the sleutkit one.

* For some reasons, the linking properties of the libtsk.la are inherited by the
different binaries. I don't know how this can be avoided. This make the binaries
linked to unneeded library, and suggest that srch_strings (which is GPLv2+) is
linked against afflib (which is BSD with advertising), which is forbidden (even
if it probably don't use it directly).

Patch have been submitted to the different upsteam for advices.

Your help would be welcome to maintain this package. I hope to have most of the
patches merged so the update will be easier. But a good reviewer is still missing.

Comment 12 manuel wolfshant 2008-06-17 23:02:57 UTC
Just for the sake of correctness: "The Sleuth Kit (TSK) is an open source
digital investigation tools (a.k.a digital forensic tools)" is not proper
English, the singular "an" being incongruous with the plural "tools".

I'll try to help in review once you fix the build issue (actually I've reviewed
macrobber with the intent to  push sleuth kit forward)

Comment 13 Nicolas Chauvet (kwizart) 2008-06-23 16:39:25 UTC
The problem leave within afflib and I'm waiting for the next afflib release to
have it fixed.

Comment 14 Nicolas Chauvet (kwizart) 2008-06-26 15:09:34 UTC
The Problem has been fixed in devel, and going thought the updates process in
F-8 and F-9...

Comment 15 Nicolas Chauvet (kwizart) 2008-06-26 15:27:13 UTC
This task is for F-10

I will fix the #12 with the description seen here:

Comment 16 manuel wolfshant 2008-06-27 15:47:23 UTC
Everything seems fine now, I'll come back with a full review in a while, I want
to also test it first.

The only thing that I am not fond of is the fact that all header files in -devel
have the date of the build. I would have thought that the original date should
have been preserved given the usage of INSTALL="install -p" in %install.

Comment 17 manuel wolfshant 2008-07-01 14:24:54 UTC
Package Review

 - = N/A
 x = Check
 ! = Problem
 ? = Not evaluated

 [x] Package is named according to the Package Naming Guidelines.
 [x] Spec file name must match the base package %{name}, in the format %{name}.spec.
 [x] Package meets the Packaging Guidelines.
 [x] Package successfully compiles and builds into binary rpms on at least one
supported architecture.
     Tested on: devel/x86_64
 [x] Rpmlint output:
     source RPM: empty
     binary RPM:
         sleuthkit-libs: W: no-documentation
         sleuthkit and sleuthkit-devel: empty
 [x] Package is not relocatable.
 [x] Buildroot is correct
(%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n))
 [x] Package is licensed with an open-source compatible license and meets other
legal requirements as defined in the legal section of Packaging Guidelines.
 [x] License field in the package spec file matches the actual license.
     License type: CPL and IBM and GPLv2+
 [x] If (and only if) the source package includes the text of the license(s) in
its own file, then that file, containing the text of the license(s) for the
package is included in %doc.
 [x] Spec file is legible and written in American English.
 [x] Sources used to build the package matches the upstream source, as provided
in the spec URL.
     SHA1SUM of package: e2e8ebc41e4be7aa75376fef38e13cf6f2d6206f 
 [x] Package is not known to require ExcludeArch
 [x] All build dependencies are listed in BuildRequires, except for any that are
listed in the exceptions section of Packaging Guidelines.
 [-] The spec file handles locales properly.
 [x] ldconfig called in %post and %postun if required.
 [x] Package must own all directories that it creates.
 [x] Package requires other packages for directories it uses.
 [x] Package does not contain duplicates in %files.
 [x] Permissions on files are set properly.
 [x] Package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT.
 [x] Package consistently uses macros.
 [x] Package contains code, or permissable content.
 [-] Large documentation files are in a -doc subpackage, if required.
 [x] Package uses nothing in %doc for runtime.
 [x] Header files in -devel subpackage, if present.
 [-] Static libraries in -devel subpackage, if present.
 [-] Package requires pkgconfig, if .pc files are present.
 [x] Development .so files in -devel subpackage, if present.
 [x] Fully versioned dependency in subpackages, if present.
 [x] Package does not contain any libtool archives (.la).
 [-] Package contains a properly installed %{name}.desktop file if it is a GUI
 [x] Package does not own files or directories owned by other packages.

 [x] Latest version is packaged.
 [x] Package does not include license text files separate from upstream.
 [-] Description and summary sections in the package spec file contains
translations for supported Non-English languages, if available.
 [x] Reviewer should test that the package builds in mock.
     Tested on: all architectures supported by koji
 [ ] Package should compile and build into binary rpms on all supported
     Tested on: all architectures supported by koji
 [x] Package functions as described (tested in rawhide/i386).
 [-] Scriptlets must be sane, if used.
 [-] The placement of pkgconfig(.pc) files is correct.
 [-] File based requires are sane.

*** APPROVED ***

Comment 18 Nicolas Chauvet (kwizart) 2008-07-02 20:26:27 UTC
New Package CVS Request
Package Name: sleuthkit
Short Description: The Sleuth Kit (TSK)
Owners: kwizart
Branches: F-8 F-9 EL-4 EL-5
Cvsextras Commits: yes

Comment 19 Kevin Fenzi 2008-07-04 19:40:16 UTC
cvs done.

Note You need to log in before you can comment on or make changes to this bug.