Spec URL: http://cern.ch/straylen/myproxy-rpms/myproxy.spec SRPM URL: http://cern.ch/straylen/myproxy-rpms/myproxy-4.7-1.fc11.src.rpm Description: MyProxy is open source software for managing X.509 Public Key Infrastructure (PKI) security credentials (certificates and private keys). MyProxy combines an online credential repository with an online certificate authority to allow users to securely obtain credentials when and where needed. Users run myproxy-logon to authenticate and obtain credentials, including trusted CA certificates and Certificate Revocation Lists (CRLs).
These are updated packages with new myproxy version and also contain some corrections. Spec: http://cern.ch/straylen/rpms/myproxy/myproxy.spec SRPM: http://cern.ch/straylen/rpms/myproxy/myproxy-4.8-1.fc11.src.rpm
Updated to require the voms version fixed for bug 523972 Spec: http://cern.ch/straylen/rpms/myproxy/myproxy.spec SRPM: http://cern.ch/straylen/rpms/myproxy/myproxy-4.8-2.fc11.src.rpm A koji build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1694311 $ rpmlint SPECS/myproxy.spec 0 packages and 1 specfiles checked; 0 errors, 0 warnings. $ rpmlint SRPMS/myproxy-4.8-2.fc11.src.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. $ rpmlint RPMS/x86_64/myproxy-* myproxy-devel.x86_64: W: no-documentation myproxy-server.x86_64: W: non-standard-uid /var/lib/myproxy myproxy myproxy-server.x86_64: W: non-standard-gid /var/lib/myproxy myproxy myproxy-server.x86_64: E: non-standard-dir-perm /var/lib/myproxy 0700 myproxy-server.x86_64: W: incoherent-subsys /etc/rc.d/init.d/myproxy-server $prog These are all justified in particular /var/lib/myproxy should not be readable by anyone other than the myproxy user. Steve
Hi, All the blocking bugs on this are now resolved and a koji build is now quite possible: http://koji.fedoraproject.org/koji/taskinfo?taskID=1711749 really looking for a review of this. Steve
http://cern.ch/straylen/rpms/myproxy/myproxy.spec http://cern.ch/straylen/rpms/myproxy/myproxy-4.8-3.fc11.src.rpm .spec file altered so that it now builds on .el5 as well. http://koji.fedoraproject.org/koji/taskinfo?taskID=1722508 still looking for a review. Steve
Fedora review myproxy-4.8-3.fc11.src.rpm 2009-10-07 rpmlint results: myproxy-devel.x86_64: W: no-documentation myproxy-server.x86_64: W: non-standard-uid /var/lib/myproxy myproxy myproxy-server.x86_64: W: non-standard-gid /var/lib/myproxy myproxy myproxy-server.x86_64: E: non-standard-dir-perm /var/lib/myproxy 0700 myproxy-server.x86_64: W: incoherent-subsys /etc/rc.d/init.d/myproxy-server $prog 8 packages and 0 specfiles checked; 1 errors, 4 warnings. All fine. + OK - needs some work + package name follows naming guidelines + spec file name matches package name + The package license tag (NCSA and BSD) is a Fedoara approved license - In addition to the license tags stated - which corresponds to the license statements in the license files - the following source files contain license statements saying they are licensed under Apache license v 2.0: pubcookie.h, safe_id_range_list.[ch], safe_is_path_trusted.[ch] + License files in the sources are installed as %doc: LICENSE, LICENSE.netbsd, LICENSE.sasl + Specfile is written in legible English + Source matches upstream - and is the latest upstream version. $ md5sum myproxy-4.8.tar.gz src/myproxy-4.8.tar.gz 85f29d553bfec5fa5f2042440542524f myproxy-4.8.tar.gz 85f29d553bfec5fa5f2042440542524f src/myproxy-4.8.tar.gz + Package builds in mock (Fedora-11) + BuildRequires are sane + Library package calls ldconfig appropiately + No bundled system libraries - The package owns most directories it creates except /etc/grid-security I know this is a tricky one, since many exernal third party non-Fedora packages put files there - the IGTF CA packages in particular. But currently the only package that is in Fedora that owns this directory is the voms server which the myproxy server does not have a dependency on. + No duplicate files + File permissions are sane and all %files sections have %defattr + %clean clears buildroot + Specfile uses macros consistently + Package contains code + Documentation is in doc sub package + %doc is not runtime essential + Headers are in devel + No static libraries + .so symlink in devel + devel requires main with full version + No libtool archives + Package does not own other's files + %install clears buildroot + filenames are valid UTF8 So formally mostly OK Some additional comments: The %_initddir macro is (as you noticed) not available in RHEL4/5, but the older (now considered misspelled) %_initrddir macro is. You could use the following definition to define the new macro to the value of the old macro if the new macro is not available: %{!?_initddir: %global _initddir %{_initrddir}} The %define should be replaced by %global anyway - see https://fedoraproject.org/wiki/Packaging:Guidelines#.25global_preferred_over_.25define Since the package name (unlike the globus packages) does not contain any underscores, the %_name macro is not really needed for this package and the %name can be used instead. The main package rpm tags values are aligned on column 16, while the subpackage tag values are separated by a single space - except for the Group tag. I can see why you might want to do it differently for the main and the sub packages, but not really why you then treat the Group tag differently. The voms not available yet comment should be removed (the --with-voms option to configure is already there). Many of the %attr statements in the %files sections look redundant and seems to be covered by the %defattr. There is a missing empty line between two entries in the changelog. In Fedora 11 the autogenerated requires in the devel package from the pkg-config dependencies will be sufficient, but if you intend to put the package in EPEL these will not be present, and there will be no dependency that will drag in globus-gss-assist-devel package when installing myproxy-devel. Adding a requires on globus-gss-assist-devel in the devel package would help. $ rpm -q --requires -p myproxy-devel-4.8-3.fc11.x86_64.rpm /usr/bin/pkg-config libmyproxy.so.4()(64bit) myproxy = 4.8-3.fc11 pkgconfig(globus-gss-assist) >= 3 < This will not be there in EPEL rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(VersionedDependencies) <= 3.0.3-1
Thanks. Updated packages include white space changes, change in how initddir is set for epel, removal of useless _name variable and removal of redundant %attr flags. Also: - Add ASL 2.0 license as well. - Explicitly add /etc/grid-security to files list - For .el4/5 build only add globus-gss-assist-devel as requirement to myproxy-devel package. i.e everything you mentioned. Also I swapped %{_sharedstatedir} for %{_var}/lib since the former is /usr/com on .el5 it seems. rpmlint is unchanged: myproxy-devel.x86_64: W: no-documentation myproxy-server.x86_64: W: non-standard-uid /var/lib/myproxy myproxy myproxy-server.x86_64: W: non-standard-gid /var/lib/myproxy myproxy myproxy-server.x86_64: E: non-standard-dir-perm /var/lib/myproxy 0700 myproxy-server.x86_64: W: incoherent-subsys /etc/rc.d/init.d/myproxy-server $prog a .fc13 and .el5 koji build: http://koji.fedoraproject.org/koji/taskinfo?taskID=1733813 http://koji.fedoraproject.org/koji/taskinfo?taskID=1733819 and the update: http://cern.ch/straylen/rpms/myproxy/myproxy.spec http://cern.ch/straylen/rpms/myproxy/myproxy-4.8-4.fc11.src.rpm
Package approved.
New Package CVS Request ======================= Package Name: myproxy Short Description: Manage X.509 Public Key Infrastructure Owners: stevetraylen Branches: F-11 F-12 EL-4 EL-5 InitialCC:
cvs done.
myproxy-4.8-4.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/myproxy-4.8-4.fc12
myproxy-4.8-4.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/myproxy-4.8-4.fc11
myproxy-4.8-4.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/myproxy-4.8-4.el5
myproxy-4.8-5.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/myproxy-4.8-5.el4
myproxy-4.8-4.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
myproxy-4.8-4.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
myproxy-4.8-5.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report.