Spec URL: http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec SRPM URL: http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools-1.0-1.src.rpm Description: TPM Quote Tools is a collection of programs that provide support for TPM based attestation using the TPM quote operation. Note: This is the first package I've submitted. Suggested sponsor: Steve Grubb.
Please fix your review summary: http://fedoraproject.org/wiki/PackageMaintainers/Join#Create_Your_Review_Request Also take a look at Packaging Guidelines: http://fedoraproject.org/wiki/Packaging/Guidelines * The Packager tag should not be used in spec files. * The Vendor tag should not be used. Do you plan to release an EPEL5 package? Read about BuildRoot tag. Remove trousers explicit Require. Why package INSTALL file? Check "Parallel make" section under Guidelines too. You should understand most of this process before ask for sponsoring... so, let's read the docs :)
*** Bug 683125 has been marked as a duplicate of this bug. ***
(In reply to comment #1) Thanks for you quick reply. I fixed the errors in my local copy of the spec file, although I still don't see where the instructions say the Packager and Vendor tags should be omitted. I ran rpmlint, and it didn't complain about the tags, or maybe it did, and I didn't understand the warning I received. I don't understand what is wrong with my review summary. I thought I was supposed to supply the name of the package followed by a hyphen and then the summary from the spec file. Please tell me what I should have written. > Please fix your review summary: > > http://fedoraproject.org/wiki/PackageMaintainers/Join#Create_Your_Review_Request > > Also take a look at Packaging Guidelines: > > http://fedoraproject.org/wiki/Packaging/Guidelines > > * The Packager tag should not be used in spec files. > * The Vendor tag should not be used. > > Do you plan to release an EPEL5 package? Read about BuildRoot tag. > > Remove trousers explicit Require. > > Why package INSTALL file? > > Check "Parallel make" section under Guidelines too. > > You should understand most of this process before ask for sponsoring... > so, let's read the docs :)
(In reply to comment #3) I uploaded the corrected spec file to: http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec > (In reply to comment #1) > > Thanks for you quick reply. I fixed the errors in my local copy of the spec > file, although I still don't see where the instructions say the Packager and > Vendor tags should be omitted. I ran rpmlint, and it didn't complain about the > tags, or maybe it did, and I didn't understand the warning I received. > > I don't understand what is wrong with my review summary. I thought I was > supposed to supply the name of the package followed by a hyphen and then the > summary from the spec file. Please tell me what I should have written. > > > Please fix your review summary: > > > > http://fedoraproject.org/wiki/PackageMaintainers/Join#Create_Your_Review_Request > > > > Also take a look at Packaging Guidelines: > > > > http://fedoraproject.org/wiki/Packaging/Guidelines > > > > * The Packager tag should not be used in spec files. > > * The Vendor tag should not be used. > > > > Do you plan to release an EPEL5 package? Read about BuildRoot tag. > > > > Remove trousers explicit Require. > > > > Why package INSTALL file? > > > > Check "Parallel make" section under Guidelines too. > > > > You should understand most of this process before ask for sponsoring... > > so, let's read the docs :)
Any movement on this package?
I've fixed your review summary.
Added FE-NEEDSPONSOR to you. For more information read: http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group
Where is your %changelog? http://fedoraproject.org/wiki/How_to_create_an_RPM_package
(In reply to comment #8) > Where is your %changelog? > > http://fedoraproject.org/wiki/How_to_create_an_RPM_package I added the %changelog and changed my configure.ac file so that this field will always be filled in from the ChangeLog.
(In reply to comment #9) > (In reply to comment #8) > > Where is your %changelog? > > > > http://fedoraproject.org/wiki/How_to_create_an_RPM_package > > I added the %changelog and changed my configure.ac file so that this field will > always be filled in from the ChangeLog. I retracted the change to my configure.ac fill so that the %changelog entry differs from the ChangeLog.
(In reply to comment #7) > Added FE-NEEDSPONSOR to you. > > For more information read: > http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group I read the information. Is this step blocked on me? I didn't see what I was supposed to do except wait for someone to offer to be my sponsor. If anything else is blocking on me now, please let me know.
If you would like to read about a protocol and its analysis built on top of TPM Quote, check out http://www.ccs.neu.edu/home/ramsdell/papers/caves.pdf. This paper describes a remote attestation protocol and shows it achieves its security goals. The root of trust for reporting is a TPM, and the TPM Quote operation. TPM Quote Tools provides the functionality needed to implement the attestation protocol.
Is this task blocked on me?
William can I sponsor John?
(In reply to comment #14) > William can I sponsor John? He needs to read the guidelines and docs on packaging. The spec isn't OK yet. I can contact you when he's ready.
Okay. I reread the packaging guidelines and noticed I was using %makeinstall, but that's apparently that is a no no. I've placed updated versions of the sources, spec, and source rpm on www.ccs.neu.edu. By the way, once I figure out how to get the TPM Quote Tools package in the pipeline, I have another cool package ready to go. It's a datalog interpreter. I recently found out that Jasper Lievisse Adriaanse has been packaging it for OpenBSD, and at the same time, Georges Louis contacted me asking questions on how to embed it into a Python runtime system. I guess people are using it.
John, please add links for new spec and srpm in comments when you change something. Also fix your changelog. Take a look at the format example. http://fedoraproject.org/wiki/How_to_create_an_RPM_package You should increase your release tag to 3. There is no need to include "tpm-quote-tools.spec.in" on entries.
The changelog entries have already been fixed. Rpmlint and rpmbuild on FC15 were used. The links are http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools-1.0-1.src.rpm I'll fix the release tag when I get a chance, but meetings are now taking over my day. I'm not sure which entries you are referring to when you say including tpm-quote-tools.spec.in need not be done. It gets put into the source distribution so that configure works. I plan to create projects on SourceForge for both tpm-quote-tools and datalog. The reason Jasper sent his message was to ding me for replacing source distributions rather than keeping old ones available. I'm not sure how much space I'm allowed to use at NEU, so I delete old versions. Package maintainers don't like that.
I fixed the release tag. The links are http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools-1.0-3.src.rpm
newer first. your changelog should be like this: * Fri Jul 8 2011 John D. Ramsdell <ramsdell> - 1.0-5 - Fixed changelog * Fri Jul 8 2011 John D. Ramsdell <ramsdell> - 1.0-4 - Removed use of %makeinstall * Thu Jun 2 2011 John D. Ramsdell <ramsdell> - 1.0-3 - Added %changelog * Wed Mar 9 2011 John D. Ramsdell <ramsdell> - 1.0-2 - Fixed spec to meet Fedora standards. * Wed Mar 9 2011 John D. Ramsdell <ramsdell> - 1.0-1 - Initial package also don't put extra space between your name: Wed Mar 9 2011" John D. Ramsdell "<ramsdell> 1.0-3
I fixed the comment syntax and found the "secret" to getting the syntax right, at least for emacs users. It's M-x rpm-add-change-log-entry. It reads the release field and generates entire first line in the correct format. I love not having to get those kinds of details right. The new files are: http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools-1.0-5.src.rpm Thanks. (In reply to comment #20) > newer first. > > your changelog should be like this: > > * Fri Jul 8 2011 John D. Ramsdell <ramsdell> - 1.0-5 > - Fixed changelog > > * Fri Jul 8 2011 John D. Ramsdell <ramsdell> - 1.0-4 > - Removed use of %makeinstall > > * Thu Jun 2 2011 John D. Ramsdell <ramsdell> - 1.0-3 > - Added %changelog > > * Wed Mar 9 2011 John D. Ramsdell <ramsdell> - 1.0-2 > - Fixed spec to meet Fedora standards. > > * Wed Mar 9 2011 John D. Ramsdell <ramsdell> - 1.0-1 > - Initial package > > also don't put extra space between your name: > > Wed Mar 9 2011" John D. Ramsdell "<ramsdell> 1.0-3
SPECS/tpm-quote-tools.spec:44: W: macro-in-%changelog %makeinstall SPECS/tpm-quote-tools.spec:47: W: macro-in-%changelog %changelog SPECS/tpm-quote-tools.spec: W: invalid-url Source0: tpm-quote-tools-1.0.tar.gz - Fix RPM macros in changelog (%%name instead of %name). - Use Source0 instead of Source alias. - Put link of gzip'ed tarball on Source0. - I would change your Group tag to Applications/System. - README says it requires tpm-tools. If so, add explicit require on tpm-tools.
(In reply to comment #22) > - Fix RPM macros in changelog (%%name instead of %name). Done > - Use Source0 instead of Source alias. Done > - Put link of gzip'ed tarball on Source0. Done, but there is a problem. See below. > - I would change your Group tag to Applications/System. Done. > - README says it requires tpm-tools. If so, add explicit require on tpm-tools. I added a comment to the README that says when tpm-tools are needed. You only need them to take ownership of a TPM. TPM Quote Tools are used for attestation using an owned TPM. Now on to the problem. I set up a TPM Quote Tools project on SourceForge. The sources are available by cloning the Git repository at http://sf.net/projects/tpmquotetools. I cannot figure out how to specify a URL to the source gzip'd tarball that doesn't time out. Right now, the spec points to my NEU account, but I delete old versions due to disk space limitations. Does anyone know how to specify a project URL that doesn't time out on SourceForge?
The new files are: http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools-1.0-6.src.rpm
Your Source0 could be: http://downloads.sourceforge.net/tpmquotetools/%{name}-%{version}.tar.gz by the way, why are you using "tpmquotetools" instead of "tpm-quote-tools" as project name under sf.net? the gzip'ed tarball provided by sf.net differs from your latest srpm. why? - http://fedoraproject.org/wiki/Packaging:SourceURL
(In reply to comment #25) > Your Source0 could be: > > http://downloads.sourceforge.net/tpmquotetools/%{name}-%{version}.tar.gz Done. > by the way, why are you using "tpmquotetools" instead of "tpm-quote-tools" > as project name under sf.net? I thought project names usually don't have hyphens. Oh well... > the gzip'ed tarball provided by sf.net differs from your latest srpm. why? I think it's simply a matter of me screwing up. In any case, here are the new files. http://www.ccs.neu.edu/home/ramsdell/tools/tpm-quote-tools.spec http://downloads.sourceforge.net/tpmquotetools/1.0.1/tpm-quote-tools-1.0.1-1.fc15.src.rpm
(In reply to comment #25) > Your Source0 could be: > > http://downloads.sourceforge.net/tpmquotetools/%{name}-%{version}.tar.gz FYI, rpmlint does not like this URL. It doesn't like http://downloads.sourceforge.net/tpmquotetools/%{version}/%{name}-%{version}.tar.gz either. John
(In reply to comment #27) > (In reply to comment #25) > > Your Source0 could be: > > > > http://downloads.sourceforge.net/tpmquotetools/%{name}-%{version}.tar.gz > > FYI, rpmlint does not like this URL. I take it back. It does like this URL after one correctly sets ones proxy settings. Sorry about that.
OK, Daniel Walsh can proceed from now!
(In reply to comment #29) > OK, Daniel Walsh can proceed from now! Dan, Is there something I'm supposed to be doing? I think the ball is in your court. Please tell me if I'm wrong. John
Sorry John, I asked in a private message what I am supposed to do now? And no one responded. I will ping the Fedora team.
Looks good. APPROVED. I've also sponsored you John, be sure you follow all the steps from http://fedoraproject.org/wiki/PackageMaintainers/Join#Install_the_Client_Tools_.28Koji.29 and below. If you have any questions on how to do things, please ask me or Dan.
New Package SCM Request ======================= Package Name: tpm-quote-tools Short Description: TPM-based attestation using the TPM quote operation (tools) Owners: ramsdell Branches: f15 f16 el6 InitialCC: tcallaw dwalsh
Git done (by process-git-requests). Fixed fas username.
(In reply to comment #33) > If you have any questions on how to do things, please ask me or Dan. Do you mean to use email or though this medium? I'll gladly switch to email if that is what you meant. In any event, I have two problems. The browser certificate that was generated for me is not valid for unkown reasons according to firefox. When I try to connect to koji, the certificate is not trusted. I git committed and pushed an SRPM to pkg.fedoraproject.org, but when i attempt to build the package, koji cannot download the source tarball. The error message is in this file: http://koji.fedoraproject.org/koji/getfile?taskID=3372665&name=root.log I don't know what to do about this message.
If you run "fedora-packager-setup", it should generate a proper browser certificate, if that is failing, let me know. It doesn't look like you uploaded the source tarball to the lookaside cache, try running: fedpkg new-sources tpm-quote-tools-1.0.1.tar.gz (with that tarball present in the git checkout dir)
(In reply to comment #37) > It doesn't look like you uploaded the source tarball to the lookaside cache, > try running: > > fedpkg new-sources tpm-quote-tools-1.0.1.tar.gz > > (with that tarball present in the git checkout dir) And with this advice, we have a system that builds. http://koji.fedoraproject.org/koji/taskinfo?taskID=3372802 Thanks Tom!
(In reply to comment #37) > If you run "fedora-packager-setup", it should generate a proper browser > certificate, if that is failing, let me know. I tried running "fedora-package-setup" yet again, but the cert is still not valid. It may have something to do with the fact that yesterday, I was trying to do this work behind a firewall, and something broke. For example, "fedpkg clone" doesn't work. I've learned to do this task at home. $ fedora-cert -v Verifying Certificate cert expires: 2012-03-20 CRL Checking not implemented yet $
tpm-quote-tools-1.0.1-1.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/tpm-quote-tools-1.0.1-1.fc16
tpm-quote-tools-1.0.1-1.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/tpm-quote-tools-1.0.1-1.fc15
tpm-quote-tools-1.0.1-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/tpm-quote-tools-1.0.1-1.el6
tpm-quote-tools-1.0.1-1.el6 has been pushed to the Fedora EPEL 6 testing repository.
tpm-quote-tools-1.0.1-1.fc16 has been pushed to the Fedora 16 stable repository.
tpm-quote-tools-1.0.1-1.fc15 has been pushed to the Fedora 15 stable repository.
tpm-quote-tools-1.0.1-1.el6 has been pushed to the Fedora EPEL 6 stable repository.