Spec URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools.spec SRPM URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools-1.3.0-1.fc11.src.rpm Description: Dogtag pki is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. These platform-dependent PKI executables are used to help make Dogtag pki into a more complete and robust PKI solution.
# rpmlint pki-native-tools-1.3.0-1.fc11.i586.rpm pki-native-tools.i586: E: non-executable-script /usr/share/pki/templates/pki_subsystem_command_wrapper 0644 /bin/sh pki-native-tools.i586: E: non-executable-script /usr/share/pki/templates/pki_instance_command_wrapper 0644 /bin/sh 1 packages and 0 specfiles checked; 2 errors, 0 warnings. EXPLANATION: (1) Both of these files are are non-executable "templates" which require substituted values to create executable command-line wrappers.
updated spec file and src rpm: Spec URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools.spec SRPM URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools-1.3.0-1.fc11.src.rpm
Comment From John Dennis (jdennis) 2009-11-02 15:16:44 EDT: The package pki-native-tools is doing a number of bogus things. It installs these executable scripts: /usr/bin/pkiarch /usr/bin/pkidist /usr/bin/pkiflavor /usr/bin/pkiname whose job is to echo (hardcoded) configuration information. This is not how we store and query configuration information in Fedora (and RHEL). This information should be located in files under /etc. pkiarch returns 'i386', pkidist returns 'fc11' on my machine, Each of the above executable needs to be removed and replaced with mechanisms appropriate to our distributions (e.g. store the information in a configuration file, marked as %config, and read the information out of that file) and/or use the existing mechanisms to determine the arch, release, etc. If the packages need executables like pkiarch and pkidist then it's an indication of bad packaging practices elsewhere which also will need to be corrected. The package pki-native-tools also installs a symbolic link /usr/bin/pkiperl which points to /usr/bin/perl Then all the perl scripts in all the pki packages have this in their shebang line: #!/usr/bin/pkiperl This also is bad packaging practice. If you need a specific version of perl then that needs to be specified in the spec file so that rpm can resolve those dependencies. Scripts then invoke /usr/bin/perl. Setting up links in /usr/bin to specific versions of interpreters is likely to create all sorts of problems in RPM managed systems.
the currently posted build does not build in mock.
Comment #3 has been resolved in https://bugzilla.redhat.com/show_bug.cgi?id=522895 Comment #4 will be addressed in https://bugzilla.redhat.com/show_bug.cgi?id=533534
Updated spec file and src rpm: Spec URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools.spec SRPM URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools-1.3.0-3.fc11.src.rpm
( fedora-review flag must be set by the reviewer, not the submitter. Revoking for now )
Review: + package builds in mock (rawhide i686). koji Build =>http://koji.fedoraproject.org/koji/taskinfo?taskID=1864052 + rpmlint is silent for SRPM and for RPM. + source files match upstream url (sha1sum) 135f705c99d00d81c0e7d5058055178d30c181b0 pki-native-tools-1.3.0.tar.gz Suggestions: 1) you can preserve timestamps make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p" 2) Note that you can safely remove buildroot tag and cleanup of buildroot in %install as per given at http://fedoraproject.org/wiki/PackagingGuidelines#BuildRoot_tag and http://fedoraproject.org/wiki/PackagingGuidelines#Prepping_BuildRoot_For_.25install 3) Please add newline after you added new changelog entry. 4) why not to choose following as Group? Group: System Environment/Base 5) Is the license tag "GPLv2 with exceptions" is already discussed and approved by emailing them to fedora-legal-list? 6) Why "Requires: perl" is needed? 7) I don't understand why following is included? BuildRequires: bash See after I removed it , koji scratch build is successful at http://koji.fedoraproject.org/koji/taskinfo?taskID=1869062 8) Try to use macros in all places in SPEC. See https://fedoraproject.org/wiki/Packaging:RPMMacros
Regarding the following: 2) Note that you can safely remove buildroot tag and cleanup of buildroot in %install as per given at http://fedoraproject.org/wiki/PackagingGuidelines#BuildRoot_tag and http://fedoraproject.org/wiki/PackagingGuidelines#Prepping_BuildRoot_For_.25install Since there is discussion of building these in EPEL, we need to continue using the buildroot tag and cleanup of buildroot. The rest of these issues will be addressed in an upcoming update to the package.
These updated files address the issues from Comment #8. (with the exception of issue 2). see Comment #9) Spec URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools.spec SRPM URL: http://people.redhat.com/kwright/pki-native-tools/pki-native-tools-1.3.0-4.fc11.src.rpm
Review: + package builds in mock (rawhide i686). koji Build =>http://koji.fedoraproject.org/koji/taskinfo?taskID=1872517 + rpmlint is silent for SRPM and for RPM. + source files match upstream url (sha1sum) 7062bbc726af7d49488727a1f25fbf7d88b3e490 pki-native-tools-1.3.0.tar.gz + package meets naming and packaging guidelines. + specfile is properly named, is cleanly written + Spec file is written in American English. + Spec file is legible. + dist tag is present. + license is open source-compatible. + License text is included in package. + %doc is present. + BuildRequires are proper. + %clean is present. + package installed properly. + no headers or static libraries. + no .pc file present. + no -devel subpackage + no .la files. + no translations are available + Does owns the directories it creates. + no scriptlets present. + no duplicates in %files. + file permissions are appropriate. + Not a GUI application APPROVED.
New Package CVS Request ======================= Package Name: pki-native-tools Short Description: The Dogtag PKI Native Tools Owners: kwright Branches: F-11, F-12, EL-5 InitialCC: ausil
cvs done.
pki-native-tools-1.3.0-4.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-4.fc11
pki-native-tools-1.3.0-4.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-4.fc12
pki-native-tools-1.3.0-4.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-4.el5
pki-native-tools-1.3.0-4.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pki-native-tools'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/EL-5/FEDORA-EPEL-2009-1011
pki-native-tools-1.3.0-4.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pki-native-tools'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-13288
pki-native-tools-1.3.0-4.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pki-native-tools'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-13314
pki-native-tools-1.3.0-4.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
pki-native-tools-1.3.0-4.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
pki-native-tools-1.3.0-4.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
pki-native-tools-1.3.0-5.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-5.el5
pki-native-tools-1.3.0-5.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-5.fc11
pki-native-tools-1.3.0-5.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/pki-native-tools-1.3.0-5.fc12
pki-native-tools-1.3.0-5.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
pki-native-tools-1.3.0-5.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
pki-native-tools-1.3.0-5.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.