Spec URL: http://blag.tanso.net/code/mod_auth_token.spec SRPM URL: http://blag.tanso.net/code/mod_auth_token-1.0.6-beta.tar.gz Description: mod_auth_token allow you to generate URIS for a determined time window, you can also limit them by IP. This is very useful to handle file downloads, generated URIS can't be hot-linked (after it expires), also it allows you to protect very large files that can't be piped trough a script languages due to memory limitation.
I noticed that you do wrote on your wikipage, that you do not have access to fedora yet. Is that still correct? Do you need sponsoring for this package?
I'm not familiar with the sponsoring system, but yes, I don't have access to any fedora infrastructure, and would probably need some sponsoring.
@Jan - you did not set FE-NEEDSPONSOR depedency. It is likely sponsors will be missing your requests. http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group @Andreas - Are you still working on this review? NOTE TO SPONSOR: This package is still valid, 1.0.6-beta is the latest version and I can do review if interested.
@Jan - I set the dependency for you. SRPM URL is not valid, you are linking tarball (which is broken btw). The valid url is: http://mod-auth-token.googlecode.com/files/mod_auth_token-1.0.6-beta.tar.gz My first look: %setup -q -n %{name}-%{version}-%{release} this is no longer valid for the current tarball, change to %setup -q -n %{name} Apparently, the upstream touched the tarball, this is not good. Also there is permissions issue with the upstream tarball, permissions are not right and unfortunately root user is needed to fix this or we cannot use the prep macro. I have contacted upstream: http://code.google.com/p/mod-auth-token/issues/detail?id=31
Whole autotools seem to be broken in trunk, I'd suggest to compile the module with: apxs -a -c mod_auth_token.c and then copying over to the correct place. @Jan - can you do the changes and publish new spec file? - use 1.0.5 version that has correct permissions or correct permissions for the 1.0.6b version - compile it with apxs directly
Any update on this? Pulp is planning to use this module and it would be very useful if this gets into fedora soon.
How does these look: http://blag.tanso.net/code/mod_auth_token-1.0.5-0.el6.src.rpm http://blag.tanso.net/code/mod_auth_token.spec $ rpmlint mod_auth_token.spec mod_auth_token.spec:26: W: configure-without-libdir-spec 0 packages and 1 specfiles checked; 0 errors, 1 warnings. $ rpmlint mod_auth_token-1.0.5-0.el6.src.rpm mod_auth_token.src: I: enchant-dictionary-not-found en_US mod_auth_token.src:26: W: configure-without-libdir-spec 1 packages and 0 specfiles checked; 0 errors, 1 warnings.
Taking for review.
Jan, the package does not build unfortunately: http://koji.fedoraproject.org/koji/taskinfo?taskID=4100034 Please fix that so I can start with the review. Thanks.
Fixed the build error where it couldn't find apxs. Seems this has moved around in later fedoras.. http://blag.tanso.net/code/mod_auth_token-1.0.5-1.el6.src.rpm http://blag.tanso.net/code/mod_auth_token.spec
Package Review ============== Key: - = N/A x = Pass ! = Fail ? = Not evaluated ==== C/C++ ==== [x]: MUST Package does not contain any libtool archives (.la) [x]: MUST Package does not contain kernel modules. [x]: MUST Package contains no static executables. [x]: MUST Rpath absent or only used for internal libs. [x]: MUST Package is not relocatable. [-]: MUST Development (unversioned) .so files in -devel subpackage, if present. Note: mod_auth_token-1.0.5-1.fc18.i686.rpm : /usr/lib/httpd/modules/mod_auth_token.so ==== Generic ==== [x]: MUST Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: MUST Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: MUST %build honors applicable compiler flags or justifies otherwise. [x]: MUST All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [!]: MUST Buildroot is not present Note: Buildroot is not needed unless packager plans to package for EPEL5 [x]: MUST Package contains no bundled libraries. [x]: MUST Changelog in prescribed format. [!]: MUST Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: Clean is needed only if supporting EPEL [x]: MUST Sources contain only permissible code or content. [!]: MUST Each %files section contains %defattr if rpm < 4.4 Note: defattr(....) present in %files section. This is OK if packaging for EPEL5. Otherwise not needed [x]: MUST Macros in Summary, %description expandable at SRPM build time. [x]: MUST Package requires other packages for directories it uses. [x]: MUST Package uses nothing in %doc for runtime. [x]: MUST Package is not known to require ExcludeArch. [x]: MUST Permissions on files are set properly. [x]: MUST Package does not contain duplicates in %files. [x]: MUST Spec file lacks Packager, Vendor, PreReq tags. [!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf is only needed if supporting EPEL5 [-]: MUST Large documentation files are in a -doc subpackage, if required. [x]: MUST If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x]: MUST License field in the package spec file matches the actual license. [x]: MUST Package consistently uses macros (instead of hard-coded directory names). [x]: MUST Package is named according to the Package Naming Guidelines. [x]: MUST Package does not generate any conflict. [x]: MUST Package obeys FHS, except libexecdir and /usr/target. [x]: MUST Package must own all directories that it creates. [x]: MUST Package does not own files or directories owned by other packages. [x]: MUST Package installs properly. [x]: MUST Requires correct, justified where necessary. [!]: MUST Rpmlint output is silent. rpmlint mod_auth_token-1.0.5-1.fc18.i686.rpm mod_auth_token.i686: W: spelling-error %description -l en_US auth -> auto, Ruth, author mod_auth_token.i686: W: wrong-file-end-of-line-encoding /usr/share/doc/mod_auth_token-1.0.5/README mod_auth_token.i686: W: wrong-file-end-of-line-encoding /usr/share/doc/mod_auth_token-1.0.5/ChangeLog mod_auth_token.i686: W: install-file-in-docs /usr/share/doc/mod_auth_token-1.0.5/INSTALL 1 packages and 0 specfiles checked; 0 errors, 4 warnings. rpmlint mod_auth_token-1.0.5-1.fc18.src.rpm mod_auth_token.src: W: spelling-error %description -l en_US auth -> auto, Ruth, author mod_auth_token.src:26: W: configure-without-libdir-spec 1 packages and 0 specfiles checked; 0 errors, 2 warnings. rpmlint mod_auth_token-debuginfo-1.0.5-1.fc18.i686.rpm mod_auth_token-debuginfo.i686: W: spelling-error Summary(en_US) auth -> auto, Ruth, author mod_auth_token-debuginfo.i686: W: spelling-error %description -l en_US auth -> auto, Ruth, author 1 packages and 0 specfiles checked; 0 errors, 2 warnings. [x]: MUST Sources used to build the package match the upstream source, as provided in the spec URL. /home/lzap/Download/633240/mod_auth_token-1.0.5.tar.gz : MD5SUM this package : e70f3b08f1d74d4274ddf429336c4d10 MD5SUM upstream package : e70f3b08f1d74d4274ddf429336c4d10 [x]: MUST Spec file is legible and written in American English. [x]: MUST Spec file name must match the spec package %{name}, in the format %{name}.spec. [-]: MUST Package contains a SysV-style init script if in need of one. [x]: MUST File names are valid UTF-8. [x]: MUST Useful -debuginfo package or justification otherwise. [x]: SHOULD Reviewer should test that the package builds in mock. [x]: SHOULD If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: SHOULD Dist tag is present. [x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q --requires). [x]: SHOULD Package functions as described. [x]: SHOULD Latest version is packaged. [x]: SHOULD Package does not include license text files separate from upstream. [x]: SHOULD SourceX is a working URL. [x]: SHOULD Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: SHOULD Package should compile and build into binary rpms on all supported architectures. [-]: SHOULD %check is present and all tests pass. [x]: SHOULD Packages should try to preserve timestamps of original installed files. [x]: SHOULD Spec use %global instead of %define. Issues: [!]: MUST Buildroot is not present Note: Buildroot is not needed unless packager plans to package for EPEL5 See: http://fedoraproject.org/wiki/Packaging/Guidelines#BuildRoot_tag [!]: MUST Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: Clean is needed only if supporting EPEL See: http://fedoraproject.org/wiki/Packaging/Guidelines#.25clean [!]: MUST Each %files section contains %defattr if rpm < 4.4 Note: defattr(....) present in %files section. This is OK if packaging for EPEL5. Otherwise not needed See: http://fedoraproject.org/wiki/Packaging/Guidelines#FilePermissions [!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf is only needed if supporting EPEL5 See: None [!]: MUST Rpmlint output is silent. Generated by fedora-review 0.1.3 External plugins: I have fixed all the issues, attaching patch you need to apply and you are good to go (please test it if it compiles). *** PACKAGE IS APPROVED *** Please submit it into f16 f17 and epel6 if possible. If you don't mind, I'd like to be commiter as well. Thanks.
Created attachment 586833 [details] Fixes all the minor spec issues
Thanks for the patch. Applied to: http://blag.tanso.net/code/mod_auth_token-1.0.5-2.el6.src.rpm http://blag.tanso.net/code/mod_auth_token.spec
New Package SCM Request ======================= Package Name: mod_auth_token Short Description: Token based URI access module for Apache Owners: janfrode Branches: f15 f16 f17 el6 el5
Git done (by process-git-requests).
Lukáš Zapletal, please apply for access to all the "collections" https://admin.fedoraproject.org/pkgdb/acls/name/mod_auth_token Also, I'd appreciate if we could do all development in "master", and just merge into the other branches to keep them in sync..
mod_auth_token-1.0.5-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mod_auth_token-1.0.5-2.el6
mod_auth_token-1.0.5-2.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/mod_auth_token-1.0.5-2.fc15
mod_auth_token-1.0.5-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/mod_auth_token-1.0.5-2.fc16
mod_auth_token-1.0.5-2.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/mod_auth_token-1.0.5-2.fc17
mod_auth_token-1.0.5-2.fc15 has been pushed to the Fedora 15 testing repository.
mod_auth_token-1.0.5-2.fc16 has been pushed to the Fedora 16 stable repository.
mod_auth_token-1.0.5-2.fc15 has been pushed to the Fedora 15 stable repository.
mod_auth_token-1.0.5-2.fc17 has been pushed to the Fedora 17 stable repository.
mod_auth_token-1.0.5-2.el6 has been pushed to the Fedora EPEL 6 stable repository.