Spec URL: http://kyoder.users.sourceforge.net/libtpms.spec SRPM URL: http://kyoder.users.sourceforge.net/libtpms-0.5.0-1.src.rpm Description: The TPM library provides TPM functionality to VMs. Its current target is its integration into Qemu. For questions, please contact Stefan Berger at stefanb.com.
There are multiple problems with the package. For the first look: 1. Only a static library is built. Fedora discourages shipping static libraries except for well defined cases. The biggest problem is then if you want to add/modify a package in Fedora that would use this static library. You would have to obtain explicit exception from FESCo to allow this. See: https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_Static_Libraries I suggest to modify the build process of libtpms to create shared libraries if there are not really compelling reasons why it shouldn't or can't be done. 2. RPM_OPT_FLAGS are not properly passed to compiler during the build. 3. This is only a cosmetic issue - the tarball unpacks to a src directory. It is confusing when you look it up in the BUILD directory of rpmbuild, can you either create a libtpms directory first and unpack the tarball inside it with %setup or rename the src directory after the unpacking? 4. Another cosmetic issue - use %setup -q option. 5. Please add an appropriate URL tag.
Sorry for the long delay. I now converted the build to produce a dynamic link library. It now has a dependency on freebl. With this we withdraw the previous version of the library. Items 1 - 5 have been addressed and many more modifications have been made to be able to use the makefile. The URLs now are: Spec URL: http://kyoder.users.sourceforge.net/libtpms.spec SRPM URL: http://kyoder.users.sourceforge.net/libtpms-0.5.1-1.src.rpm
We just update the spec file and rpm and made the .tgz available. Now the src rpm passes rpmlint without complaint.
New URLS: Spec URL: http://sourceforge.net/projects/trousers/files/QEMU/libtpms.spec SRPM URL: http://sourceforge.net/projects/trousers/files/QEMU/libtpms-0.5.1-1.src.rpm
I am switching now the file hosting to my own public hosting space on sourceforge: SPEC: http://bergerstefan.users.sourceforge.net/libtpms/libtpms.spec SRPM: http://bergerstefan.users.sourceforge.net/libtpms/libtpms-0.5.1-2.src.rpm
A few more comments: 1. Not that it is blocker by any means but why do you use your own space on sourceforge? The sourceforge project files can be properly referenced too: https://fedoraproject.org/wiki/Packaging:SourceURL#Sourceforge.net 2. You should not use the %release in the "upstream" tarball - this should be used only for the package n-v-r bumps for the spec file changes. 3. The parallel make flags are %{_smp_mflags} - do not hardcode -j9 there. https://fedoraproject.org/wiki/Packaging:Guidelines#Parallel_make 4. Use %post -p /sbin/ldconfig etc. - see https://fedoraproject.org/wiki/Packaging:Guidelines#Shared_Libraries You do not have anything else in the %post %postun scripts so this is the better way because it also adds automatically the Requires(post). Also do not call ldconfig in %post/%postun of the devel package. 5. Do not use %defattr(755, root, root) - it is confusing and may lead to mistakes use %defattr(-, root, root, -) 6. Although it is not strictly required I suggest adding V-R of the package to the changelog entries as in https://fedoraproject.org/wiki/Packaging:Guidelines#Changelogs Also the changelog entries should be separated by empty line for better readability. 7. The license of the package should be included in the tarball in a separate COPYING or LICENSE file and included as %doc in the main package. 8. You should use $RPM_BUILD_ROOT in %clean consistently with the rest of the spec.
I addressed comments 2 to 8. I am still using my own hosting space. SPEC: http://bergerstefan.users.sourceforge.net/libtpms/libtpms.spec SRPM: http://bergerstefan.users.sourceforge.net/libtpms/libtpms-0.5.1-3.src.rpm
I'd suggest also to remove the command that cleans the buildroot at the beginning of the %install and the BuildRoot declaration as the %clean is now removed. What is bigger problem is that I was unable to build the package neither in F13 nor in F14 build root. Both builds failed with: tpm_crypto_freebl.c: In function 'TPM_RSAGeneratePrivateToken': tpm_crypto_freebl.c:556:2: warning: implicit declaration of function 'RSA_Popula tePrivateKey' tpm_crypto_freebl.c:556:2: warning: nested extern declaration of 'RSA_PopulatePr ivateKey' There are undefined symbols in libtpms.so libtpms.so: undefined reference to `RSA_PopulatePrivateKey'
I build the library on my system with the following libraries installed nss-softokn-devel-3.12.9-2.fc14.x86_64 nss-softokn-3.12.9-2.fc14.x86_64 nss-softokn-freebl-3.12.9-2.fc14.x86_64 nss-softokn-freebl-devel-3.12.9-2.fc14.x86_64 I did some mock builds on FC infrastructure using koji and there it also worked fine with FC14 but got the same errors with FC13. You may want to update those libraries. Previous versions may be missing that symbol. I updated the spec file.
I added explicit version requirements into the spec file: BuildRequires: nss-softokn-freebl-devel >= 3.12.9-2, nss-softokn-devel >= 3.12.9-2, gmp-devel Requires: nss-softokn-freebl >= 3.12.9-2, nss-softokn >= 3.12.9-2
OK, I was finally able to build it in mock on F14. The (Build)Requires on 3.12.9-1 would be enough, but you can leave it at -2 that does not matter much. Here is the rpmlint output - rpmlint is silent. rpmlint -v /var/lib/mock/fedora-14-x86_64/result/libtpms-* libtpms-debuginfo.x86_64: I: checking libtpms-debuginfo.x86_64: I: checking-url http://sourceforge.net/projects/ibmswtpm (timeout 10 seconds) libtpms-devel.x86_64: I: checking libtpms-devel.x86_64: I: checking-url http://sourceforge.net/projects/ibmswtpm (timeout 10 seconds) libtpms.src: I: checking libtpms.src: I: checking-url http://sourceforge.net/projects/ibmswtpm (timeout 10 seconds) libtpms.src: I: checking-url http://bergerstefan.users.sourceforge.net/libtpms/libtpms-0.5.1.tgz (timeout 10 seconds) libtpms.x86_64: I: checking libtpms.x86_64: I: checking-url http://sourceforge.net/projects/ibmswtpm (timeout 10 seconds) 4 packages and 0 specfiles checked; 0 errors, 0 warnings. I suggest to change the Requires in the devel subpackage to: Requires: %{name}%{?_isa} = %{version}-%{release} The package conforms to the guidelines and is APPROVED
I have also added you to the Fedora packager group and sponsored you.
Thank you!
New Package SCM Request ======================= Package Name: libtpms Short Description: Library providing TPM functionality for VMs. Targeted for integration into Qemu. Owners: stefanberger Branches: f14 f15 InitialCC:
Git done (by process-git-requests).
Stefan, you should build the package now and close the request. Then also build it in the f14 and f15 branches and submit update for it. there.
I was holding off on it because the SHA1 implementation in freebl seems to have a problem related to suspending state on for example an i386 machine and resuming it on a x86-64 machine -- it may not resume properly. So I guess building it is ok, but I won't push it.
Any hints on this: # fedpkg import ~/rpmbuild/SRPMS/libtpms-0.5.1-4.src.rpm Uploading: 42625c086ad36dcfbdff8efd536c1f44 libtpms-0.5.1.tgz Could not import srpm: Lookaside failure. Please run 'fedora-cert -v' to verify your certificate # fedora-cert -v Verifying Certificate cert expires: 2011-06-01 CRL Checking not implemented yet I suppose 06-01 is June 1st.
That's weird. Could you try to upload the tarball directly with 'fedpkg new-sources libtpms-0.5.1.tgz'
It built...