Bug 606073 - (xmount) Review Request: xmount - A on-the-fly convert for multiple hard disk image types
Review Request: xmount - A on-the-fly convert for multiple hard disk image types
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Pavel Alexeev
Fedora Extras Quality Assurance
:
Depends On:
Blocks: FE-SECLAB
  Show dependency treegraph
 
Reported: 2010-06-20 07:41 EDT by Fabian Affolter
Modified: 2012-09-17 18:32 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-17 13:29:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
pahan: fedora‑review+
limburgher: fedora‑cvs+


Attachments (Terms of Use)
xmount.spec with patch (1.75 KB, text/x-rpm-spec)
2010-08-25 09:31 EDT, Pavel Alexeev
no flags Details
xmount-0.4.2-fedora-afflib-path.patch patch suggestion (696 bytes, patch)
2010-08-25 09:32 EDT, Pavel Alexeev
no flags Details | Diff

  None (edit)
Description Fabian Affolter 2010-06-20 07:41:14 EDT
Spec URL: http://fab.fedorapeople.org/packages/SRPMS/xmount.spec
SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/xmount-0.4.2-1.fc13.src.rpm

Project URL: https://www.pinguin.lu/index.php

Description:
xmount allows you to convert on-the-fly between multiple input
and output hard disk image types. xmount creates a virtual file
system using FUSE (Filesystem in Userspace) that contains a virtual
representation of the input image. The virtual representation can
be in raw DD, VirtualBox's virtual disk file format or in VmWare's
VMDK file format. Input images can be raw DD, EWF (Expert Witness
Compression Format) or AFF (Advanced Forensic Format) files. In
addition, xmount also supports virtual write access to the output
files that is redirected to a cache file. This makes it possible
to boot acquired hard disk images using QEMU, KVM, VirtualBox,
VmWare or alike.

Koji scratch build:
http://koji.fedoraproject.org/koji/taskinfo?taskID=2259722

rpmlint output:
[fab@laptop011 SRPMS]$ rpmlint xmount-0.4.2-1.fc13.src.rpm 
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

[fab@laptop011 x86_64]$ rpmlint xmount*
xmount-debuginfo.x86_64: W: spurious-executable-perm /usr/src/debug/xmount-0.4.2/xmount.h
xmount-debuginfo.x86_64: W: spurious-executable-perm /usr/src/debug/xmount-0.4.2/xmount.c
2 packages and 0 specfiles checked; 0 errors, 2 warnings.

At the moment there is an issue with the afflib stuff.
checking afflib.h usability... no
checking afflib.h presence... no
checking for afflib.h... no
configure: WARNING: No afflib.h header file found! AFF input support will be disabled.
Comment 1 Pavel Alexeev 2010-08-25 09:30:45 EDT
> configure: WARNING: unrecognized options: --disable-afflib
For that fix I recommend use patch which will attach after review.

Legend: + - Ok.
- - Error.
+/- - It item acceptable, but I strongly recommend enhancement.
= - N/A.
MUST Items

[-] MUST: rpmlint must be run on every package. The output should be posted in the review.
xmount-debuginfo.i686: W: spurious-executable-perm /usr/src/debug/xmount-0.4.2/xmount.h
xmount-debuginfo.i686: W: spurious-executable-perm /usr/src/debug/xmount-0.4.2/xmount.c

Errors must be fixed.

[+] MUST: The package must be named according to the Package Naming Guidelines.
[+] MUST: The spec file name must match the base package %{name}, in the format %{name}.spec unless your package has an exemption.
[+] MUST: The package must meet the Packaging Guidelines.
[+] MUST: The package must be licensed with a Fedora approved license and meet the Licensing Guidelines.
[-] MUST: The License field in the package spec file must match the actual license.

Where you got BSD license? README file say it is GPLv3+.

[+] MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc.
[+] MUST: The spec file must be written in American English.
[+] MUST: The spec file for the package MUST be legible.
[+] MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task. If no upstream URL can be specified for this package, please see the Source URL Guidelines for how to deal with this.

$ md5sum xmount-0.4.2-src.tar.gz xmount-0.4.2-src.tar.gz_downloaded
cbb09405c812ac557feec0a3980a844a  xmount-0.4.2-src.tar.gz
cbb09405c812ac557feec0a3980a844a  xmount-0.4.2-src.tar.gz_downloaded

[+] MUST: The package MUST successfully compile and build into binary rpms on at least one primary architecture.
http://koji.fedoraproject.org/koji/taskinfo?taskID=2425969

[=] MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch. Each architecture listed in ExcludeArch MUST have a bug filed in bugzilla, describing the reason that the package does not compile/build/work on that architecture. The bug number MUST be placed in a comment, next to the corresponding ExcludeArch line.
[+] MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines ; inclusion of those as BuildRequires is optional. Apply common sense.
[=] MUST: The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
[=] MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun.
[-] MUST: Packages must NOT bundle copies of system libraries.

There copy of md5 implementation.

[=] MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker.
[=] MUST: A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory.
[+] MUST: A Fedora package must not list a file more than once in the spec file's %files listings.
[-] MUST: Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line.

See rpmlint output.

[+] MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT).
[+] MUST: Each package must consistently use macros.
[+] MUST: The package must contain code, or permissable content.
[=] MUST: Large documentation files must go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity).
[+] MUST: If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present.
[=] MUST: Header files must be in a -devel package.
[=] MUST: Static libraries must be in a -static package.
[=] MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability).
[=] MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package.
[=] MUST: In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release}
[=] MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built.
[=] MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section. If you feel that your packaged GUI application does not need a .desktop file, you must put a comment in the spec file with your explanation.
[=] MUST: Packages must not own files or directories already owned by other packages. The rule of thumb here is that the first package to be installed should own the files or directories that other packages may rely upon. This means, for example, that no package in Fedora should ever share ownership with any of the files or directories owned by the filesystem or man package. If you feel that you have a good reason to own a file or directory that another package owns, then please present that at package review time.
[=] MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT).
[=] MUST: All filenames in rpm packages must be valid UTF-8.

SHOULD Items:
[+] SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it.
[=] SHOULD: The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available.
[+] SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
[=] SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity.
[=] SHOULD: Usually, subpackages other than devel should require the base package using a fully versioned dependency.
[=] SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb.
[=] SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself.
Comment 2 Pavel Alexeev 2010-08-25 09:31:28 EDT
Created attachment 440931 [details]
xmount.spec with patch
Comment 3 Pavel Alexeev 2010-08-25 09:32:39 EDT
Created attachment 440932 [details]
xmount-0.4.2-fedora-afflib-path.patch patch suggestion
Comment 4 Fabian Affolter 2010-09-01 06:25:02 EDT
Pavel, thanks for the patch.  I will update the spec file in the near future.
Comment 5 Fabian Affolter 2011-03-27 06:51:09 EDT
I'm not able to build the package any longer.
Comment 6 Pavel Alexeev 2012-03-18 04:14:51 EDT
Can I help you with that? What kind of troubles you are experience?
Comment 7 Fabian Affolter 2012-05-01 02:07:21 EDT
Upstream released a new upstream version. I'm able to build the package but at the moment I don't know how to get rid of the md5 implementation (from guymager).
Comment 8 Pavel Alexeev 2012-05-02 11:39:21 EDT
xfreerdp with option "--plugin cliprdr" work. Is it possible set for xfreerdp or  remmina to set this option by default for all rdp connections?
Comment 9 Pavel Alexeev 2012-05-02 12:31:02 EDT
Sorry for the wrong comment!

Please post new srpm and spec files.
Comment 10 Michal Ambroz 2012-05-20 09:47:04 EDT
(In reply to comment #7)
> Upstream released a new upstream version. I'm able to build the package but
> at the moment I don't know how to get rid of the md5 implementation (from
> guymager).

Copy of MD5 code is in a lot of Fedora packages. I would not bother to try to put it away and replace with some library calling as long as upstream is maintaining the code and as long as directly this code is not exported by some already used library.

For example MD5 code is included in these packages: john, medusa, openvas-ibraries, cyrus-sasl, gnutls, flac, gcc, glibc, libgcrypt, curl, krb5, nss-softokn, openldap, openssl, uade, util-linux ... and probably many more.
Comment 11 Pavel Alexeev 2012-05-20 13:10:26 EDT
Yes, some md5 implementations bundling allowed: http://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Exceptions

Please post new package to proceed.
Comment 13 Michal Ambroz 2012-07-10 15:55:54 EDT
I have cleared the assignment, because the ticket was assigned to Fabian to review his own package, which is probably not the case.

Please Pahan are you still interested to do the review?

Best regards
Michal Ambroz
Comment 14 Pavel Alexeev 2012-07-21 06:47:54 EDT
Sorry for the delay. Yes, I've take it again.

Fabian, does it intended for EPEL too? Its important for review.

Meantime your spec miss:
Provide: bundled(md5-deutsch)
in any case.
Comment 15 Fabian Affolter 2012-08-06 06:58:44 EDT
(In reply to comment #14)
> Fabian, does it intended for EPEL too? Its important for review.

No, at least not at the moment.

> Meantime your spec miss:
> Provide: bundled(md5-deutsch)
> in any case.

Thanks

Updated files:
Spec URL: http://fab.fedorapeople.org/packages/SRPMS/xmount.spec
SRPM URL: http://fab.fedorapeople.org/packages/SRPMS/xmount-0.5.0-1.fc17.src.rpm
Comment 16 Pavel Alexeev 2012-08-22 10:40:07 EDT
Sorry for the delay.


Package Review
==============

Key:
- = N/A
+ = Pass
! = Fail
? = Not evaluated



==== C/C++ ====
[+]: MUST Header files in -devel subpackage, if present.
[+]: MUST Package does not contain any libtool archives (.la)
[+]: MUST Package does not contain kernel modules.
[+]: MUST Package contains no static executables.
[+]: MUST Rpath absent or only used for internal libs.


==== Generic ====
[+]: EXTRA Rpmlint is run on all installed packages.
     Note: No rpmlint messages.
[+]: EXTRA Spec file according to URL is the same as in SRPM.
[+]: MUST Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[+]: MUST Package successfully compiles and builds into binary rpms on at
     least one supported primary architecture.
[+]: MUST %build honors applicable compiler flags or justifies otherwise.
[+]: MUST All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[+]: MUST Package contains no bundled libraries.
	Only allowed one.
[+]: MUST Changelog in prescribed format.
[+]: MUST Sources contain only permissible code or content.
[+]: MUST Each %files section contains %defattr if rpm < 4.4
     Note: Note: defattr macros not found. They would be needed for EPEL5
[-]: MUST Macros in Summary, %description expandable at SRPM build time.
[-]: MUST Package contains desktop file if it is a GUI application.
[-]: MUST Development files must be in a -devel package
[+]: MUST Package requires other packages for directories it uses.
[+]: MUST Package uses nothing in %doc for runtime.
[+]: MUST Package is not known to require ExcludeArch.
[+]: MUST Permissions on files are set properly.
[+]: MUST Package does not contain duplicates in %files.
[+]: MUST Package complies to the Packaging Guidelines
[+]: MUST Spec file lacks Packager, Vendor, PreReq tags.
[+]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf would be needed if support for EPEL5 is required
[-]: MUST Large documentation files are in a -doc subpackage, if required.
[+]: MUST If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %doc.
[-]: MUST License field in the package spec file matches the actual license.
     Note: Checking patched sources after %prep for licenses. Licenses found:
     "zlib/libpng", "GPL (v3 or later)" For detailed output of licensecheck
     see file: /home/pasha/SOFT/Review/xmount/1/606073-xmount/licensecheck.txt
[+]: MUST Package consistently uses macro is (instead of hard-coded directory names).
[+]: MUST Package is named using only allowed ascii characters.
[+]: MUST Package is named according to the Package Naming Guidelines.
[+]: MUST Package does not generate any conflict.
     Note: Package contains no Conflicts: tag(s)
[+]: MUST Package obeys FHS, except libexecdir and /usr/target.
[-]: MUST If the package is a rename of another package, proper Obsoletes and
     Provides are present.
[-]: MUST Package must own all directories that it creates.
[+]: MUST Package does not own files or directories owned by other packages.
[+]: MUST Package installs properly.
[-]: MUST Package is not relocatable.
[+]: MUST Requires correct, justified where necessary.
[+]: MUST Rpmlint is run on all rpms the build produces.
     Note: There are rpmlint messages (see attachment).
[+]: MUST Sources used to build the package match the upstream source, as
     provided in the spec URL.
[+]: MUST Spec file is legible and written in American English.
[+]: MUST Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[-]: MUST Package contains systemd file(s) if in need.
[+]: MUST File names are valid UTF-8.
[-]: MUST Useful -debuginfo package or justification otherwise.
[+]: SHOULD Reviewer should test that the package builds in mock.
[+]: SHOULD Buildroot is not present
     Note: Unless packager wants to package for EPEL5 this is fine
[!]: SHOULD Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
     Note: Clean is needed only if supporting EPEL5
[-]: SHOULD If the source package does not include license text(s) as a
     separate file from upstream, the packager SHOULD query upstream to
     include it.
[+]: SHOULD Dist tag is present.
[+]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin,
     /usr/sbin.
[+]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q
     --requires).
[+]: SHOULD Package functions as described.
[+]: SHOULD Latest version is packaged.
[+]: SHOULD Package does not include license text files separate from
     upstream.
[+]: SHOULD SourceX tarball generation or download is documented.
[+]: SHOULD SourceX / PatchY prefixed with %{name}.
[+]: SHOULD SourceX is a working URL.
[-]: SHOULD Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[+]: SHOULD Package should compile and build into binary rpms on all supported
     architectures.
[-]: SHOULD %check is present and all tests pass.
[+]: SHOULD Packages should try to preserve timestamps of original installed
     files.
[+]: SHOULD Spec use %global instead of %define.

Conclusion:
PACKAGE APPROVED.

Meantime some minor issues to be lift:
1) Remove please %clean section.
2) Fix typo in changelog: "Permissons" -> "Permissions"
3) Does BR openssl-devel, md5deep really needed? I built package without it.
Comment 17 Fabian Affolter 2012-08-29 05:51:47 EDT
Thanks for the review. I will fix the issues before the initial import.
Comment 18 Fabian Affolter 2012-08-29 05:52:46 EDT
New Package SCM Request
=======================
Package Name: xmount
Short Description: A on-the-fly convert for multiple hard disk image types
Owners: fab
Branches: f18 f17 f16
InitialCC:
Comment 19 Gwyn Ciesla 2012-08-29 10:53:30 EDT
Git done (by process-git-requests).
Comment 20 Fedora Update System 2012-09-02 07:33:34 EDT
xmount-0.5.0-2.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/xmount-0.5.0-2.fc16
Comment 21 Fedora Update System 2012-09-02 07:33:54 EDT
xmount-0.5.0-2.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/xmount-0.5.0-2.fc18
Comment 22 Fedora Update System 2012-09-02 07:34:03 EDT
xmount-0.5.0-2.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/xmount-0.5.0-2.fc17
Comment 23 Fedora Update System 2012-09-02 15:37:28 EDT
xmount-0.5.0-2.fc18 has been pushed to the Fedora 18 testing repository.
Comment 24 Fedora Update System 2012-09-17 13:29:05 EDT
xmount-0.5.0-2.fc17 has been pushed to the Fedora 17 stable repository.
Comment 25 Fedora Update System 2012-09-17 13:30:47 EDT
xmount-0.5.0-2.fc16 has been pushed to the Fedora 16 stable repository.
Comment 26 Fedora Update System 2012-09-17 18:32:46 EDT
xmount-0.5.0-2.fc18 has been pushed to the Fedora 18 stable repository.

Note You need to log in before you can comment on or make changes to this bug.