Description: Gitolite allows a server to host many git repositories and provide access to many developers, without having to give them real userids on the server. The essential magic in doing this is ssh's pubkey access and the authorized keys file, and the inspiration was an older program called gitosis. Gitolite can restrict who can read from (clone/fetch) or write to (push) a repository. It can also restrict who can push to what branch or tag, which is very important in a corporate environment. Gitolite can be installed without requiring root permissions, and with no additional software than git itself and perl. It also has several other neat features described below and elsewhere in the doc/ directory. SPEC: http://fedorapeople.org/~limb/review/gitolite3/gitolite3.spec SRPM: http://fedorapeople.org/~limb/review/gitolite3/gitolite3-3.01-1.fc16.src.rpm Does not Obsolete gitolite because gitolite 2.x will be maintained for some time, and this facilitates careful migration to 3.x.
CCing gitolite maintainer.
I will review this package
I suggest using %attr(750,%{name},%{name}) %dir %{gitolite_homedir} %attr(750,%{name},%{name}) %dir %{gitolite_homedir}/.ssh instead of %attr(750,%{name},%{name}) %{gitolite_homedir} %attr(750,%{name},%{name}) %{gitolite_homedir}/.ssh to avoid files listed multiple times.
Key: - = N/A x = Pass ! = Fail ? = Not evaluated ==== Generic ==== [x]: MUST Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: MUST Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [-]: MUST %build honors applicable compiler flags or justifies otherwise. [x]: MUST All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [!]: MUST Buildroot is not present Note: Buildroot is not needed unless packager plans to package for EPEL5 [x]: MUST Package contains no bundled libraries. [x]: MUST Changelog in prescribed format. [!]: MUST Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: Clean is needed only if supporting EPEL [x]: MUST Sources contain only permissible code or content. [x]: MUST %config files are marked noreplace or the reason is justified. [!]: MUST Each %files section contains %defattr if rpm < 4.4 Note: defattr(....) present in %files section. This is OK if packaging for EPEL5. Otherwise not needed [-]: MUST Macros in Summary, %description expandable at SRPM build time. [x]: MUST Package requires other packages for directories it uses. [x]: MUST Package uses nothing in %doc for runtime. [x]: MUST Package is not known to require ExcludeArch. [x]: MUST Permissions on files are set properly. [x]: MUST Package does not contain duplicates in %files. [x]: MUST Spec file lacks Packager, Vendor, PreReq tags. [!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf is only needed if supporting EPEL5 [-]: MUST Large documentation files are in a -doc subpackage, if required. [!]: MUST If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x]: MUST License field in the package spec file matches the actual license. [x]: MUST Package consistently uses macros (instead of hard-coded directory names). [x]: MUST Package is named according to the Package Naming Guidelines. [x]: MUST No %config files under /usr. [x]: MUST Package does not generate any conflict. [x]: MUST Package obeys FHS, except libexecdir and /usr/target. [x]: MUST Package must own all directories that it creates. [x]: MUST Package does not own files or directories owned by other packages. [x]: MUST Package installs properly. [x]: MUST Requires correct, justified where necessary. [!]: MUST Rpmlint output is silent. [!]: MUST Sources used to build the package match the upstream source, as provided in the spec URL. Package has no sources or they are generated by developer [x]: MUST Spec file is legible and written in American English. [x]: MUST Spec file name must match the spec package %{name}, in the format %{name}.spec. [-]: MUST Package contains a SysV-style init script if in need of one. [x]: MUST File names are valid UTF-8. [-]: MUST Useful -debuginfo package or justification otherwise. [x]: SHOULD Reviewer should test that the package builds in mock. [x]: SHOULD If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: SHOULD Dist tag is present. [x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q --requires). [x]: SHOULD Package functions as described. [x]: SHOULD Latest version is packaged. [x]: SHOULD Package does not include license text files separate from upstream. [-]: SHOULD Scriptlets must be sane, if used. [x]: SHOULD SourceX is a working URL. [-]: SHOULD Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: SHOULD Package should compile and build into binary rpms on all supported architectures. [-]: SHOULD %check is present and all tests pass. [x]: SHOULD Packages should try to preserve timestamps of original installed files. [x]: SHOULD Spec use %global instead of %define.
EPEL 5: Looking at the spec file I assume that the package will not be built for EPEL 5. [!]: MUST If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. The archive includes the "COPYING" file but that's not included in the %doc section. [!]: MUST Rpmlint output is silent. gitolite3.noarch: W: spelling-error %description -l en_US userids -> use rids, use-rids, user ids gitolite3.noarch: W: spelling-error %description -l en_US ssh's -> ash's, sash's gitolite3.noarch: W: spelling-error %description -l en_US pubkey -> pub key, pub-key, puberty gitolite3.noarch: W: spelling-error %description -l en_US gitosis -> mitosis, halitosis gitolite3.src: W: spelling-error %description -l en_US Gitolite -> Impolite gitolite3.src: W: spelling-error %description -l en_US userids -> use rids, use-rids, user ids gitolite3.src: W: spelling-error %description -l en_US ssh's -> ash's, sash's gitolite3.src: W: spelling-error %description -l en_US pubkey -> pub key, pub-key, puberty gitolite3.src: W: spelling-error %description -l en_US gitosis -> mitosis, halitosis gitolite3.src: W: spelling-error %description -l en_US perl -> Perl, peel, perk Dictionary errors, can be ignored (halitosis?). gitolite3.noarch: E: script-without-shebang /usr/share/perl5/vendor_perl/Gitolite/Triggers/CpuTime.pm gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/lib/Gitolite/Triggers/CpuTime.pm No interpreter for perl modules, can be ignored. gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/continuation-lines gitolite3.noarch: E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/keysubdirs-as-groups Do these need an interpreter at the top? gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3/.ssh/authorized_keys gitolite3 gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3/.ssh/authorized_keys gitolite3 gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3 gitolite3 gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3 gitolite3 gitolite3.noarch: E: non-standard-dir-perm /var/lib/gitolite3 0750L gitolite3.noarch: W: non-standard-uid /var/lib/gitolite3/.ssh gitolite3 gitolite3.noarch: W: non-standard-gid /var/lib/gitolite3/.ssh gitolite3 gitolite3.noarch: W: hidden-file-or-dir /var/lib/gitolite3/.ssh I suppose these can be ignored as per the package structure and the way the user is confined. gitolite3.noarch: E: non-standard-dir-perm /var/lib/gitolite3/.ssh 0750L gitolite3.noarch: W: hidden-file-or-dir /var/lib/gitolite3/.ssh gitolite3.noarch: E: non-readable /var/lib/gitolite3/.ssh/authorized_keys 0640L gitolite3.noarch: E: zero-length /var/lib/gitolite3/.ssh/authorized_keys Maybe (I'm not sure) this line can be removed from the spec file: %attr(750,%{name},%{name}) %{gitolite_homedir}/.ssh and a %ghost could be added to the authorized_keys file. Or another option can be like pcpa stated in Comment #3 gitolite3.noarch: W: no-manual-page-for-binary gitolite Can be ignored. gitolite3.noarch: E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L /usr/bin/perl I think this is wrong, all the other scripts in /usr/share/gitolite3/VREF/ are executable. gitolite3.src: W: invalid-url Source0: sitaramc-gitolite-v3.01-0-g88b4c86-nodocs.tar.gz Missing script to generate tarball in the SRPM. 2 packages and 0 specfiles checked; 9 errors, 20 warnings. [!]: MUST Sources used to build the package match the upstream source, as provided in the spec URL. Package has no sources or they are generated by developer Script to generate the sources tarball from the git repository with the declared components excluded is missing: http://fedoraproject.org/wiki/Packaging:SourceURL#When_Upstream_uses_Prohibited_Code
- Added license file, fixed duplicate files, dropped defattr. - Dropped clean and buildroot. - Added script to generate tarball in comments. Right, I'll be building F-17, F-16, and EL-6 only. SPEC: http://fedorapeople.org/~limb/review/gitolite3/gitolite3.spec SRPM: http://fedorapeople.org/~limb/review/gitolite3/gitolite3-3.01-2.fc16.src.rpm
Are these the intended behaviour in the latest revision you posted? E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/continuation-lines E: script-without-shebang /usr/share/gitolite3/syntactic-sugar/keysubdirs-as-groups E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L /usr/bin/perl --Simone
I believe so.
If the above points for you are all expected behaviour, especially: E: non-executable-script /usr/share/gitolite3/VREF/MERGE-CHECK 0644L /usr/bin/perl then for me the package is approved.
It's indicated to be demo code, and isn't AFAICT called elsewhere. Thanks! Adding Lubo as co-maintainer, please remove yourself if not interested. New Package SCM Request ======================= Package Name: gitolite3 Short Description: Highly flexible server for git directory version tracker Owners: limb lkundrak Branches: f16 f17 el6 InitialCC:
Git done (by process-git-requests).
gitolite3-3.01-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/gitolite3-3.01-2.fc16
gitolite3-3.01-2.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/gitolite3-3.01-2.fc17
gitolite3-3.01-2.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/gitolite3-3.01-2.el6
gitolite3-3.01-2.el6 has been pushed to the Fedora EPEL 6 testing repository.
gitolite3-3.02-1.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/gitolite3-3.02-1.fc16
gitolite3-3.02-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/gitolite3-3.02-1.fc17
gitolite3-3.02-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/gitolite3-3.02-1.el6
gitolite3-3.03-1.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/gitolite3-3.03-1.fc16
gitolite3-3.03-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/gitolite3-3.03-1.fc17
gitolite3-3.03-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/gitolite3-3.03-1.el6
gitolite3-3.03-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
gitolite3-3.03-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
gitolite3-3.03-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.