Name : eucalyptus Version : 3.1.0 License : GPLv3 URL : http://www.eucalyptus.com Summary : Elastic Utility Computing Architecture Description : Eucalyptus is a service overlay that implements elastic computing using existing resources. The goal of Eucalyptus is to allow sites with existing clusters and server infrastructure to co-host an elastic computing service that is interface-compatible with Amazon AWS. SPEC: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-16/eucalyptus.spec SRPM: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-16/eucalyptus-3.1.0-16.fc18.src.rpm There are a number of lint warnings. I'll go through my rationale on them: 1) eucalyptus.x86_64: W: dangerous-command-in-%pre tar This could be changed to copy commands if that's deemed "safer" ... this is how upstream packages currently work, though. 2) dangling-symlink (many of these) Eucalyptus relies on all jars being in a common directory. jetty does something similar in /usr/share/jetty/lib. All symlink targets are unversioned jar filenames and are contained in Requires. 3) explicit-lib-dependency (json-lib and cglib) Bogus. These are java packages 4) install-file-in-docs The install file does also contain some setup instructions, but I could get rid of it. 5) log-files-without-logrotate We use log4j to rotate almost all of our logs. We may instate logrotate for the remaining logs 6) no-documentation Subpackages depend on the eucalyptus package, which contains docs. The only exception is the python admin tools, which are actually licensed separately (as BSD) but do not ship a license file at this time. 7) no-manual-page-for-binary Eucalyptus does not create manual pages for most binaries. End-user binaries have help text, and I've used help2man for some of those. The service binaries are not really intended to be run by an end user in most cases, and could perhaps be moved into libexec 8) non-conffile-in-etc We may simply need to relocate /etc/eucalyptus/cloud.d entirely. I'm just not certain of the right place, and would like advice on this. In some cases, these are files that users may want/need to modify (jrxml templates for jasperreports, for example). Generally they won't be modified, though. The file not in /etc/eucalyptus should likely be config files. I'll talk to our developers about this. 9) non-standard-dir-perm 0700 I'm not sure why 0700 is strange. The instances of this are mainly sensitive data which should only be readable by the eucalyptus user. 10) non-standard-executable-perm / setuid-binary (these are related) The "rootwrap" and "mountwrap" binaries, unfortunately, are used to give eucalyptus root privileges for specific operations. I wish this were better, but this is how eucalyptus currently works 11) non-standard-gid / non-standard-uid eucalyptus owns a number of directories, usually so that permissions can be set to 0700 12) only-non-binary-in-usr-lib This is RHBZ 794777 13) spelling-error This is due to our acronyms (NC, CC, SC) Sorry, that's a lot to work through. Hopefully some brave reviewer can take this on.
This spec is quite complex. I noticed a few issues : - %{_libdir}/eucalyptus/ is unowned - Source11: eucalyptus-3.1.0-generated.tgz there is no comment on where and how this was generated or downloaded from - the whole stuff like : %global euca_libvirt libvirt do not make the spec very readable, IMHO. It would be easier to inline directly - some patch do not have a mention of being sent upstream ( 14, 15, 16 among others ), any reasons ? - some packages would be installed without license file, like eucalyptus-axis2-clients or python%{?pybasever}-eucadmin - by the way, if nothing define %ybasever, what is the use ? - the various %post are puzzling, why does it reload udev, why does -walrus restart eucalyptus-cloud.service ?
(In reply to comment #1) > This spec is quite complex. Yes it is. > I noticed a few issues : > - %{_libdir}/eucalyptus/ is unowned Oops... I'll certainly correct that > - Source11: eucalyptus-3.1.0-generated.tgz > there is no comment on where and how this was generated or downloaded from Good point, I should be more specific about exactly how to reproduce it. My hope is that we'll get a more compatible version of axis2 into Fedora so that I can get rid of this. > - the whole stuff like : > %global euca_libvirt libvirt > > do not make the spec very readable, IMHO. It would be easier to inline > directly These variables were pulled in from upstream's official rpm packaging, which suport several different distros. I can remove the ones related to file / package names. I'd like to keep the ones which refer to paths which are specified throughout the SPEC, though. > - some patch do not have a mention of being sent upstream ( 14, 15, 16 among > others ), any reasons ? I just haven't filed issues for them yet. In the case of 15, it's closely related to #13, and should just be grouped under the same comment > - some packages would be installed without license file, like > eucalyptus-axis2-clients or python%{?pybasever}-eucadmin Those are BSD, and upstream does not package a copy of that license file. > - by the way, if nothing define %ybasever, what is the use ? That was related to RHEL 6 packaging, and isn't really necessary for this version of the package. I Can remove those. > - the various %post are puzzling, why does it reload udev, why does -walrus > restart eucalyptus-cloud.service ? I'm not sure about the udev reload; that came from upstream packaging. walrus is a component of the eucalyptus-cloud service. When that or eucalyptus-sc changes, eucalyptus-cloud must be restarted. Thank you for the comments. I'll work on some changes an post a new spec.
I assigned this ticket to myself, but if there are any other takers who want to do a full/partial review of it (whether official or not), then feel free to add your comments.
Review would be surely easier if the source was splitted into smaller component, but I guess that this would require a rather huge change upstream :) I am also quite surprised by the number of BuildRequires, are we sure they are all needed ? For the license of eucalyptus-axis2-clients, that's GPLv3, not BSD in the spec ? And if upstream do not ship license, you should ask them to include it
Also, i think the definition of python_sitelib can be dropped, should be good on all supported fedora version. BuildRequires: libxml2-devel can be dropped, already pulled by by libxslt-devel same for awk : https://fedoraproject.org/wiki/Packaging:Guidelines#Exceptions_2 BuildRequires: %{euca_libvirt}-devel BuildRequires: %{euca_libvirt} is duplicating requires with libvirt-devel previously added. There is also 3 ant requires, and it seems ant and ant-nodeps have been merged, so just 1 buildRequires should be enough.
While on it : $ repoquery --requires velocity apache-commons-collections apache-commons-lang apache-commons-logging bcel hsqldb jakarta-oro jdom junit log4j servlet3 werken-xpath $ repoquery --requires bcel /bin/sh regexp $ repoquery --requires hsqldb /bin/sh coreutils initscripts java shadow-utils tomcat-servlet-3.0-api there is lots of BuildRequires that could be removed, since I am pretty sure they all pull the same bits. I
In file httpd-cc.conf, you have /usr/lib64 hardcoded, that's likely not working on 32 bits. I also find weird to have : ServerRoot "/etc/httpd" even if i am likely too cuatious about potential side effects. PidFile /var/run/eucalyptus/httpd.pid would be cleaner to use the suffix -cc there too, as this would be more coherent with the -nc web service. Another potential improvement would be to have a common file that would be included, and maybe removing a bit the various modules ( so 1) this would take less memory, start faster and easier to read ). For example : LoadModule userdir_module modules/mod_userdir.so seems weird there. setenvif_module is not used in the configuration so could be dropped, etc, etc. Also, since it use mpm_event, maybe the other part of the config file could be dropped : ( mpm_prefork_module, etc ) so the file is easier to read and maintain ?
One last comment ( or you will never be able to digest everything ), why are all services using PrivateTmp=false ? Do they communicate between them using /tmp ? If not, I think it would be better to enable that, as a added security measure.
(In reply to comment #4) > Review would be surely easier if the source was splitted into smaller > component, but I guess that this would require a rather huge change upstream > :) > > I am also quite surprised by the number of BuildRequires, are we sure they > are all needed ? They are all requirements, but I am removing a number of them which are transitive. > For the license of eucalyptus-axis2-clients, that's GPLv3, not BSD in the > spec ? And if upstream do not ship license, you should ask them to include it Sorry, I missed that you mentioned that package; I was referring to the python subpackages. axis2-clients depends on eucalyptus-cc, which depends on eucalyptus, which contains the license file.
(In reply to comment #7) > In file httpd-cc.conf, you have /usr/lib64 hardcoded, that's likely not > working on 32 bits. Ah, true; I don't ever use 32-bit, so I had not tested that yet. > I also find weird to have : > ServerRoot "/etc/httpd" > > even if i am likely too cuatious about potential side effects. What's the suggestion here? I used that so that specifying relative paths for modules would work. I'm open to other ideas here. > PidFile /var/run/eucalyptus/httpd.pid > > would be cleaner to use the suffix -cc there too, as this would be more > coherent with the -nc web service. Indeed, this is a bug. > Another potential improvement would be to have a common file that would be > included, and maybe removing a bit the various modules ( so 1) this would > take less memory, start faster and easier to read ). > > For example : > LoadModule userdir_module modules/mod_userdir.so > > seems weird there. setenvif_module is not used in the configuration so could > be dropped, etc, etc. > > Also, since it use mpm_event, maybe the other part of the config file could > be dropped : ( mpm_prefork_module, etc ) so the file is easier to read and > maintain ? I'm actually not yet sure which is our preferred mpm. And as for the other modules, I started with a very minimal list and got frustrated trying to figure out which modules are now required for a functional apache instance, so I added all of those which are enabled by default in Fedora's apache config. I would love to prune that list. Suggestions on a true minimally viable set would be great. And yes, a common file definitely makes sense. I'll work on that.
In the spec, I only see this for eucalyptis-axis2-client, so is the requirement missing ? %package axis2-clients Summary: Axis2/C web service clients for Eucalyptus services License: GPLv3 Requires: wso2-axis2
(In reply to comment #11) > In the spec, I only see this for eucalyptis-axis2-client, so is the > requirement missing ? > > %package axis2-clients > Summary: Axis2/C web service clients for Eucalyptus services > License: GPLv3 > Requires: wso2-axis2 yes, that's one of the many many things I'm fixing at the moment. Should have a new version posted soon.
> What's the suggestion here? I used that so that specifying relative paths for > modules would work. I'm open to other ideas here. I do not have any cleaner suggestion, but I wonder how this would work on a server non dedicated to eucalyptus. For example, I am not sure the default logs file would not end in /var/log/httpd due to link in /etc/httpd, this kind of thing. But if your test didn't show a issue, there is then likely no issue. And the only thing to do would be to duplicate the tree of /etc/httpd, that's not a good idea IMHO. For a minimal set of modules, I guess removing them one by one could be easy to do once the rpm is in, so that's not urgent.
Actually, I don't have to duplicate much. I can just make /etc/eucalyptus/httpd, make that ServerRoot, and put a modules symlink under it.
next revision: SPEC: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-17/eucalyptus.spec SRPM: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-17/eucalyptus-3.1.0-17.fc18.src.rpm This one built against rawhide in koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=4420182 I realized after I submitted it that I still have to finish fixing the apache configs; they're in a broken state at the moment. I'd still like to have comments about other things in the spec or layouts of the resulting packages that might not be acceptable.
Here's a first stab at a package review. It isn't as bad as it looks, as most of these issues are trivially-fixable. I can take this if you would like Marek, but this one is going to need multiple sets of eyes to review either way. ;-) === List of issues === As some binaries are composed of code with multiple, compatible licenses, I believe the license tag should be "GPLv3 and (GPLv3 and ASL 2.0) and (GPLv3 and BSD)". It might be worth double-checking with Spot, though. clc/modules/www/src/licenses/webui-iconic-icons.LICENSE must be included with %doc. /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params appears in two packages. /etc/eucalyptus/eucalyptus.conf is owned by the eucalyptus user. If that is actually correct (yuck) then please state so in the spec file. Rather than starting tgtd in the sc package's %post scriptlet, consider adding Wants=tgtd.service to eucalyptus-cloud.service. Are multiple restarts of the same service in %postun really the safest/most reasonable way to do upgrades? axis2-clients should probably require eucalyptus-cc with a fully-versioned dependency. The following files have filesystem layout problems: These go in /usr/share/%name: /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params /etc/eucalyptus/eucalyptus-version /etc/eucalyptus/vtunall.conf.template These go in /usr/share/%name or /usr/libexec/%name: /etc/eucalyptus/cloud.d/scripts/* /etc/eucalyptus/cloud.d/upgrade/* /usr/sbin/eucalyptus-*.init This goes with documentation: /etc/eucalyptus/drbd.conf.example The following configuration files are not marked with %config(noreplace) or %config: /etc/eucalyptus/axis2.xml /etc/eucalyptus/eucalyptus.conf /etc/eucalyptus/httpd/conf/httpd-cc.conf /etc/eucalyptus/httpd/conf/httpd-common.conf /etc/eucalyptus/httpd/conf/httpd-nc.conf %install uses %{S:2}, whereas the rest of the file uses the %{SOURCE#} format. /var/run/eucalyptus needs a tmpfiles.d entry. eucalyptus-cc cleanstart, cleanstop, and cleanrestart are supposed to be converted to standalone scripts. The spec file must contain BuildRequires: systemd-units for the %_unitdir macro. The Java guidelines require arch-independent JARs to go under %_javadir, not /usr/share/eucalyptus. This affects the following files: /usr/share/eucalyptus/eucalyptus-auth-3.1.0.jar /usr/share/eucalyptus/eucalyptus-bootstrap-3.1.0.jar /usr/share/eucalyptus/eucalyptus-cloud-3.1.0.jar /usr/share/eucalyptus/eucalyptus-clustermgr-3.1.0.jar /usr/share/eucalyptus/eucalyptus-component-3.1.0.jar /usr/share/eucalyptus/eucalyptus-config-3.1.0.jar /usr/share/eucalyptus/eucalyptus-core-3.1.0.jar /usr/share/eucalyptus/eucalyptus-dns-3.1.0.jar /usr/share/eucalyptus/eucalyptus-euare-3.1.0.jar /usr/share/eucalyptus/eucalyptus-euare-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-msgs-3.1.0.jar /usr/share/eucalyptus/eucalyptus-notifications-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-postgresql-3.1.0.jar /usr/share/eucalyptus/eucalyptus-storage-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-walrus-3.1.0.jar /usr/share/eucalyptus/eucalyptus-ws-3.1.0.jar /usr/share/eucalyptus/eucalyptus-www-3.1.0.jar Similarly, JNI-using JARs must go in %_libdir/%name. There is one of these: /usr/share/eucalyptus/eucalyptus-storagecontroller-3.1.0.jar Calls to System.loadLibrary must be replaced with System.load with complete .so paths. This affects the following file in the source tree: clc/modules/storage-controller/src/main/java/com/eucalyptus/storage/OverlayManager.java /usr/lib/python2.7/site-packages/eucadmin/local.py from the python-eucadmin package requires m2crypto and python-paramiko. However, that module is unused, so you could also patch it out if you would like. === Other commentary === I must admit that I am not a fan of macros like %eucastatedir, which don't really do much to enhance readability. I would rather see the real paths inline. Are all of those httpd modules really necessary? If possible, please see if you can filter out Provides and Requires for internal libs. Please query upstream about including license files for the BSD sub-packages. I'd change "Eucalyptus Enterprise Edition" to "Eucalyptus Enterprise plugins" since there's only one version of eucalyptus now. provide_abi isn't necessary for a Fedora package, so I'd just remove it. You should probably add commentary about why you're explicitly setting LANG when you call make. Mandatory review guidelines: ok - rpmlint output: eucalyptus.src: W: spelling-error %description -l en_US nc -> NC, n, c eucalyptus.src: W: spelling-error %description -l en_US sc -> SC, tic, cs eucalyptus.src: W: strange-permission eucalyptus-nc.init 0755L eucalyptus.src: W: strange-permission eucalyptus-cc.init 0755L eucalyptus.src:477: W: macro-in-comment %patch7 eucalyptus.src: W: invalid-url Source12: eucalyptus-3.1.0-generated.tgz eucalyptus.x86_64: W: spelling-error %description -l en_US nc -> NC, n, c eucalyptus.x86_64: W: spelling-error %description -l en_US sc -> SC, tic, cs eucalyptus.x86_64: W: non-standard-uid /etc/eucalyptus/eucalyptus.conf eucalyptus eucalyptus.x86_64: W: non-standard-gid /etc/eucalyptus/eucalyptus.conf eucalyptus eucalyptus.x86_64: W: non-conffile-in-etc /etc/eucalyptus/eucalyptus.conf eucalyptus.x86_64: W: non-standard-uid /var/lib/eucalyptus eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/lib/eucalyptus eucalyptus eucalyptus.x86_64: W: non-conffile-in-etc /etc/eucalyptus/httpd/conf/httpd-common.conf eucalyptus.x86_64: W: non-standard-gid /usr/libexec/eucalyptus eucalyptus eucalyptus.x86_64: W: non-standard-uid /var/lib/eucalyptus/keys eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/lib/eucalyptus/keys eucalyptus eucalyptus.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/keys 0700L eucalyptus.x86_64: W: dangling-symlink /etc/eucalyptus/httpd/modules /usr/lib64/httpd/modules eucalyptus.x86_64: W: non-standard-uid /var/lib/eucalyptus/upgrade eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/lib/eucalyptus/upgrade eucalyptus eucalyptus.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/upgrade 0700L eucalyptus.x86_64: W: non-standard-uid /var/lib/eucalyptus/db eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/lib/eucalyptus/db eucalyptus eucalyptus.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/db 0700L eucalyptus.x86_64: W: non-conffile-in-etc /etc/eucalyptus/axis2.xml eucalyptus.x86_64: W: non-standard-uid /var/log/eucalyptus eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/log/eucalyptus eucalyptus eucalyptus.x86_64: W: non-standard-gid /usr/libexec/eucalyptus/euca_mountwrap eucalyptus eucalyptus.x86_64: E: setuid-binary /usr/libexec/eucalyptus/euca_mountwrap root 04750L eucalyptus.x86_64: E: non-standard-executable-perm /usr/libexec/eucalyptus/euca_mountwrap 04750L eucalyptus.x86_64: E: non-standard-executable-perm /usr/libexec/eucalyptus/euca_mountwrap 04750L eucalyptus.x86_64: W: non-conffile-in-etc /etc/eucalyptus/eucalyptus-version eucalyptus.x86_64: W: non-standard-gid /usr/libexec/eucalyptus/euca_rootwrap eucalyptus eucalyptus.x86_64: E: setuid-binary /usr/libexec/eucalyptus/euca_rootwrap root 04750L eucalyptus.x86_64: E: non-standard-executable-perm /usr/libexec/eucalyptus/euca_rootwrap 04750L eucalyptus.x86_64: E: non-standard-executable-perm /usr/libexec/eucalyptus/euca_rootwrap 04750L eucalyptus.x86_64: W: non-standard-uid /var/run/eucalyptus eucalyptus eucalyptus.x86_64: W: non-standard-gid /var/run/eucalyptus eucalyptus eucalyptus.x86_64: W: log-files-without-logrotate /var/log/eucalyptus eucalyptus.x86_64: W: no-manual-page-for-binary euca_sync_key eucalyptus.x86_64: W: install-file-in-docs /usr/share/doc/eucalyptus-3.1.0/INSTALL eucalyptus.x86_64: W: percent-in-%pre eucalyptus.x86_64: W: dangerous-command-in-%pre tar eucalyptus-admin-tools.noarch: W: no-manual-page-for-binary euca-get-credentials eucalyptus-admin-tools.noarch: W: no-manual-page-for-binary euca_conf eucalyptus-axis2-clients.x86_64: W: spelling-error %description -l en_US webservices -> web services, web-services, services eucalyptus-axis2-clients.x86_64: W: no-documentation eucalyptus-axis2-clients.x86_64: W: no-manual-page-for-binary NCclient eucalyptus-axis2-clients.x86_64: W: no-manual-page-for-binary GLclient eucalyptus-axis2-clients.x86_64: W: no-manual-page-for-binary CCclient eucalyptus-cc.x86_64: W: no-documentation eucalyptus-cc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/cc/services/EucalyptusGL /usr/lib64/eucalyptus/axis2/gl/services/EucalyptusGL eucalyptus-cc.x86_64: W: non-conffile-in-etc /etc/eucalyptus/httpd/conf/httpd-cc.conf eucalyptus-cc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/cc/axis2.xml /etc/eucalyptus/axis2.xml eucalyptus-cc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/cc/modules /usr/lib64/wso2-axis2/modules eucalyptus-cc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/cc/lib /usr/lib64 eucalyptus-cc.x86_64: W: non-standard-uid /var/lib/eucalyptus/CC eucalyptus eucalyptus-cc.x86_64: W: non-standard-gid /var/lib/eucalyptus/CC eucalyptus eucalyptus-cc.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/CC 0700L eucalyptus-cc.x86_64: W: non-conffile-in-etc /etc/eucalyptus/vtunall.conf.template eucalyptus-cc.x86_64: E: non-standard-executable-perm /usr/libexec/eucalyptus/shutdownCC 0555L eucalyptus-cc.x86_64: W: no-manual-page-for-binary eucalyptus-cc.init eucalyptus-cloud.x86_64: W: no-documentation eucalyptus-cloud.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params eucalyptus-cloud.x86_64: W: no-manual-page-for-binary euca-lictool eucalyptus-common-java.x86_64: E: explicit-lib-dependency json-lib eucalyptus-common-java.x86_64: W: spelling-error Summary(en_US) ws -> es, w, s eucalyptus-common-java.x86_64: W: only-non-binary-in-usr-lib eucalyptus-common-java.x86_64: W: no-documentation eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-module-builders.jar /usr/share/java/mule/mule-module-builders.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jsr-305.jar /usr/share/java/jsr-305.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/upgrade/upgrade_20_31.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-io.jar /usr/share/java/apache-commons-io.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/avalon-framework-impl.jar /usr/share/java/avalon-framework-impl.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-http.jar /usr/share/java/jetty/jetty-http.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-util.jar /usr/share/java/batik/batik-util.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/javassist.jar /usr/share/java/javassist.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/storage.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/dnsjava.jar /usr/share/java/dnsjava.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/stax2-api.jar /usr/share/java/stax2-api.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/setup_db.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-web.jar /usr/share/java/springframework/spring-web.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-jpa-2.0-api.jar /usr/share/java/hibernate-jpa-2.0-api.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/run.jar /usr/share/java/jibx/run.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/commons-digester.jar /usr/share/java/commons-digester.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-util.jar /usr/share/java/jetty/jetty-util.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/channels.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jboss-logging.jar /usr/share/java/jboss-logging.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/bcprov.jar /usr/share/java/bcprov.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/user_s3.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-fileupload.jar /usr/share/java/apache-commons-fileupload.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-ehcache.jar /usr/share/java/hibernate3/hibernate-ehcache.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/notifications.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/nested_s3.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-overlay-deployer.jar /usr/share/java/jetty/jetty-overlay-deployer.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-beanutils.jar /usr/share/java/apache-commons-beanutils.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/nested_storage.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-compress.jar /usr/share/java/apache-commons-compress.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/gwt-web.xml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-css.jar /usr/share/java/batik/batik-css.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-deploy.jar /usr/share/java/jetty/jetty-deploy.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/s3.jrxml eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/user_storage.jrxml eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/eucalyptus-web.properties eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-jbosscache.jar /usr/share/java/hibernate3/hibernate-jbosscache.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-logging.jar /usr/share/java/apache-commons-logging.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/transfer.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-context-support.jar /usr/share/java/springframework/spring-context-support.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-svggen.jar /usr/share/java/batik/batik-svggen.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/setup_persistence.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/walrusprops.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-collections.jar /usr/share/java/apache-commons-collections.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/tools.jar /usr/share/java/jibx/tools.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/extras.jar /usr/share/java/jibx/extras.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xpp3.jar /usr/share/java/xpp3.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/walruslogger.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-beans.jar /usr/share/java/springframework/spring-beans.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-module-spring-config.jar /usr/share/java/mule/mule-module-spring-config.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jsch.jar /usr/share/java/jsch.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-policy.jar /usr/share/java/jetty/jetty-policy.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/tomcat-servlet-3.0-api.jar /usr/share/java/tomcat-servlet-3.0-api.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jgroups212.jar /usr/share/java/jgroups212.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-entitymanager.jar /usr/share/java/hibernate3/hibernate-entitymanager.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/api.jar /usr/share/java/slf4j/api.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xstream.jar /usr/share/java/xstream.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-servlet.jar /usr/share/java/jetty/jetty-servlet.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/axiom-api.jar /usr/share/java/axiom/axiom-api.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/setup_membership.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/notifications_digest.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jcl-over-slf4j.jar /usr/share/java/slf4j/jcl-over-slf4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-transport-vm.jar /usr/share/java/mule/mule-transport-vm.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/Pruner.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-jxpath.jar /usr/share/java/apache-commons-jxpath.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/avalon-logkit.jar /usr/share/java/avalon-logkit.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/woodstox-core.jar /usr/share/java/woodstox-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/json-lib.jar /usr/share/java/json-lib.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-ext.jar /usr/share/java/batik/batik-ext.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/mysqldbsource.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/geronimo-jta.jar /usr/share/java/geronimo-jta.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/storageprops.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-jndi.jar /usr/share/java/jetty/jetty-jndi.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xalan-j2-serializer.jar /usr/share/java/xalan-j2-serializer.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-annotations.jar /usr/share/java/jetty/jetty-annotations.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/nested_instance.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xalan-j2.jar /usr/share/java/xalan-j2.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/all.jar /usr/share/java/hamcrest12/all.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-websocket.jar /usr/share/java/jetty/jetty-websocket.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-awt-util.jar /usr/share/java/batik/batik-awt-util.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-rewrite.jar /usr/share/java/jetty/jetty-rewrite.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jakarta-commons-httpclient.jar /usr/share/java/jakarta-commons-httpclient.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-webapp.jar /usr/share/java/jetty/jetty-webapp.jar eucalyptus-common-java.x86_64: W: non-standard-uid /var/lib/eucalyptus/webapps eucalyptus eucalyptus-common-java.x86_64: W: non-standard-gid /var/lib/eucalyptus/webapps eucalyptus eucalyptus-common-java.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/webapps 0700L eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-start.jar /usr/share/java/jetty/jetty-start.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/cglib.jar /usr/share/java/cglib.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/wss4j.jar /usr/share/java/wss4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jbosscache-core.jar /usr/share/java/jbosscache-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/log4j.jar /usr/share/java/log4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-commons-annotations.jar /usr/share/java/hibernate/hibernate-commons-annotations.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/components.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/schema.jar /usr/share/java/jibx/schema.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-client.jar /usr/share/java/jetty/jetty-client.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/asm-all.jar /usr/share/java/objectweb-asm/asm-all.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/upgrade/upgrade_30_31.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/eucalyptus-web-default.properties eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/guava.jar /usr/share/java/guava.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/instance.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/bcel.jar /usr/share/java/bcel.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-server.jar /usr/share/java/jetty/jetty-server.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-context.jar /usr/share/java/springframework/spring-context.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-module-xml.jar /usr/share/java/mule/mule-module-xml.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-logging-api.jar /usr/share/java/apache-commons-logging-api.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-module-management.jar /usr/share/java/mule/mule-module-management.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-script.jar /usr/share/java/batik/batik-script.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/netty31.jar /usr/share/java/netty31.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/qname.jar /usr/share/java/qname.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/users_groups.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xml-security.jar /usr/share/java/xml-security.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-xml.jar /usr/share/java/jetty/jetty-xml.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/proxool.jar /usr/share/java/proxool.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-ajp.jar /usr/share/java/jetty/jetty-ajp.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-core.jar /usr/share/java/mule/mule-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-anim.jar /usr/share/java/batik/batik-anim.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-xml.jar /usr/share/java/batik/batik-xml.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/java-uuid-generator.jar /usr/share/java/java-uuid-generator.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/velocity.jar /usr/share/java/velocity.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/postgresql-jdbc.jar /usr/share/java/postgresql-jdbc.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/bind.jar /usr/share/java/jibx/bind.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/ezmorph.jar /usr/share/java/ezmorph.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/axiom-dom.jar /usr/share/java/axiom/axiom-dom.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/btm.jar /usr/share/java/btm.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-continuation.jar /usr/share/java/jetty/jetty-continuation.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/ha-jdbc.jar /usr/share/java/ha-jdbc.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/describe_nodes.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/security.policy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/axiom-impl.jar /usr/share/java/axiom/axiom-impl.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-lang.jar /usr/share/java/apache-commons-lang.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-security.jar /usr/share/java/jetty/jetty-security.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/ehcache-core.jar /usr/share/java/ehcache-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jboss-connector-1.6-api.jar /usr/share/java/jboss-connector-1.6-api.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/bsf.jar /usr/share/java/bsf.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/geronimo-ejb.jar /usr/share/java/geronimo-ejb.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jaxen.jar /usr/share/java/jaxen.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jul-to-slf4j.jar /usr/share/java/slf4j/jul-to-slf4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-cli.jar /usr/share/java/apache-commons-cli.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-parser.jar /usr/share/java/batik/batik-parser.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mule-module-client.jar /usr/share/java/mule/mule-module-client.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/user_vms.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/wsdl4j.jar /usr/share/java/wsdl4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/antlr.jar /usr/share/java/antlr.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/dom4j.jar /usr/share/java/dom4j.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/commons-codec.jar /usr/share/java/commons-codec.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-plus.jar /usr/share/java/jetty/jetty-plus.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jboss-common-core.jar /usr/share/java/jboss-common-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-proxool.jar /usr/share/java/hibernate3/hibernate-proxool.jar eucalyptus-common-java.x86_64: W: non-standard-uid /var/lib/eucalyptus/webapps/root.war eucalyptus eucalyptus-common-java.x86_64: W: non-standard-gid /var/lib/eucalyptus/webapps/root.war eucalyptus eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xerces-j2.jar /usr/share/java/xerces-j2.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-jmx.jar /usr/share/java/jetty/jetty-jmx.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-logging-adapters.jar /usr/share/java/apache-commons-logging-adapters.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/system.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/ant.jar /usr/share/java/ant.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/setup_dbpool.groovy eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/PrunerThread.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-io.jar /usr/share/java/jetty/jetty-io.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/drbd/drbd.conf.example eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/tomcat-el-2.2-api.jar /usr/share/java/tomcat-el-2.2-api.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/jmx/com.eucalyptus.component.Component eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jcip-annotations.jar /usr/share/java/jcip-annotations.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-bridge.jar /usr/share/java/batik/batik-bridge.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/vmstate.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xom.jar /usr/share/java/xom.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/backport-util-concurrent-3.1.jar /usr/share/java/backport-util-concurrent-3.1.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/jetty-servlets.jar /usr/share/java/jetty/jetty-servlets.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/hibernate-core.jar /usr/share/java/hibernate3/hibernate-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/quartz.jar /usr/share/java/quartz.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-core.jar /usr/share/java/springframework/spring-core.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/regexp.jar /usr/share/java/regexp.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/apache-commons-pool.jar /usr/share/java/apache-commons-pool.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/xml-commons-apis.jar /usr/share/java/xml-commons-apis.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/reports/msg.jrxml eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/geronimo-jms.jar /usr/share/java/geronimo-jms.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/scripts/initialize_cloud.groovy eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-dom.jar /usr/share/java/batik/batik-dom.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/log4j12.jar /usr/share/java/slf4j/log4j12.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/spring-expression.jar /usr/share/java/springframework/spring-expression.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-svg-dom.jar /usr/share/java/batik/batik-svg-dom.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/batik-gvt.jar /usr/share/java/batik/batik-gvt.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/groovy.jar /usr/share/java/groovy.jar eucalyptus-common-java.x86_64: W: dangling-symlink /usr/share/eucalyptus/mail.jar /usr/share/java/javamail/mail.jar eucalyptus-common-java.x86_64: W: non-conffile-in-etc /etc/eucalyptus/cloud.d/www/admin.xml eucalyptus-common-java.x86_64: W: no-manual-page-for-binary eucalyptus-cloud.init eucalyptus-common-java.x86_64: W: no-manual-page-for-binary eucalyptus-cloud eucalyptus-gl.x86_64: W: no-documentation eucalyptus-nc.x86_64: W: no-documentation eucalyptus-nc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/nc/axis2.xml /etc/eucalyptus/axis2.xml eucalyptus-nc.x86_64: W: non-conffile-in-etc /etc/eucalyptus/httpd/conf/httpd-nc.conf eucalyptus-nc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/nc/services/EucalyptusGL /usr/lib64/eucalyptus/axis2/gl/services/EucalyptusGL eucalyptus-nc.x86_64: W: non-standard-uid /var/lib/eucalyptus/instances eucalyptus eucalyptus-nc.x86_64: W: non-standard-gid /var/lib/eucalyptus/instances eucalyptus eucalyptus-nc.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/instances 0771L eucalyptus-nc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/nc/modules /usr/lib64/wso2-axis2/modules eucalyptus-nc.x86_64: W: non-conffile-in-etc /etc/eucalyptus/nc-hooks/example.sh eucalyptus-nc.x86_64: E: non-executable-script /etc/eucalyptus/nc-hooks/example.sh 0644L /bin/bash eucalyptus-nc.x86_64: W: dangling-symlink /usr/lib64/eucalyptus/axis2/nc/lib /usr/lib64 eucalyptus-nc.x86_64: W: no-manual-page-for-binary euca_test_nc eucalyptus-nc.x86_64: W: no-manual-page-for-binary eucalyptus-nc.init eucalyptus-sc.x86_64: W: no-documentation eucalyptus-sc.x86_64: W: non-standard-uid /var/lib/eucalyptus/volumes eucalyptus eucalyptus-sc.x86_64: W: non-standard-gid /var/lib/eucalyptus/volumes eucalyptus eucalyptus-sc.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/volumes 0700L eucalyptus-walrus.x86_64: W: no-documentation eucalyptus-walrus.x86_64: W: non-conffile-in-etc /etc/eucalyptus/drbd.conf.example eucalyptus-walrus.x86_64: W: non-standard-uid /var/lib/eucalyptus/bukkits eucalyptus eucalyptus-walrus.x86_64: W: non-standard-gid /var/lib/eucalyptus/bukkits eucalyptus eucalyptus-walrus.x86_64: E: non-standard-dir-perm /var/lib/eucalyptus/bukkits 0700L python-eucadmin.noarch: W: no-documentation python-eucadmin.noarch: E: non-executable-script /usr/lib/python2.7/site-packages/eucadmin/generic.py 0644L /usr/bin/env 13 packages and 0 specfiles checked; 18 errors, 263 warnings. Some of these are bogus, and you've addressed the rest. ok - License is acceptable (GPLv3, LGPLv2+, ASL 2.0, BSD, Public Domain) NO - License field in spec is correct GPLv3 should be GPLv3 and (GPLv3 and ASL 2.0) and (GPLv3 and BSD) NO - License files included in package %docs if included in source package Missing clc/modules/www/src/licenses/webui-iconic-icons.LICENSE ok - License files installed when any subpackage combination is installed Upstream does not include license files for the BSD sub-packages ok - Spec written in American English ok - Spec is legible ok - Sources match upstream unless altered to fix permissibility issues Upstream SHA256: 4e36c398321403a2de915e1e14abc336ec088c99f734c9693c068b8a248edc85 eucalyptus-3.1.0.tar.gz Your SHA256: 4e36c398321403a2de915e1e14abc336ec088c99f734c9693c068b8a248edc85 eucalyptus-3.1.0.tar.gz ok - Build succeeds on at least one primary arch ok - Build succeeds on all primary arches or has ExcludeArch + bugs filed ok - BuildRequires correct, justified where necessary -- - Locales handled with %find_lang, not %_datadir/locale/* -- - %post, %postun call ldconfig if package contains shared .so files ok - No bundled libs -- - Relocatability is justified ok - Package owns all directories it creates ok - Package requires others for directories it uses but does not own NO - No duplication in %files unless necessary for license files /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params NO - File permissions are sane -rw-r--r-- eucalyptus eucalyptus /etc/eucalyptus/eucalyptus.conf ok - Package contains permissible code or content ok - Large docs go in -doc subpackage ok - %doc files not required at runtime -- - Static libs go in -static package/virtual Provides -- - Development files go in -devel package -- - -devel packages Require base with fully-versioned dependency, %_isa ok - No .la files -- - GUI app uses .desktop file, installs it with desktop-file-install ok - File list does not conflict with other packages' without justification ok - File names are valid UTF-8 Optional review guidelines: ok - Query upstream about including license files -- - Translations of description, summary ok - Builds in mock no - Builds on all arches (Standard no-java-on-ppc disclaimer) no - Scriptlets are sane Rather than starting tgtd, add Wants=tgtd.service to eucalyptus-sc.service. no - Subpackages require base with fully-versioned dependency if sensible axis2-clients should require eucalyptus-cc with a fully-versioned dep. -- - .pc file subpackage placement is sensible ok - No file deps outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin ok - Include man pages if available Naming guidelines: ok - Package names use only a-zA-Z0-9-._+ subject to restrictions on -._+ ok - Package names are sane ok - No naming conflicts ok - Spec file name matches base package name ok - Version is sane ok - Version does not contain ~ ok - Release is sane ok - %dist tag ok - Case used only when necessary -- - Renaming handled correctly Packaging guidelines: ok - Useful without external bits ok - No kmods NO - Pre-built binaries, libs removed in %prep tools/floppy contains grub ok - Sources contain only redistributable code or content ok - Spec format is sane NO - Package obeys FHS, except libexecdir, /run, /usr/target These go in /usr/share/%name: /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params /etc/eucalyptus/eucalyptus-version /etc/eucalyptus/vtunall.conf.template These go in /usr/share/%name or /usr/libexec/%name: /etc/eucalyptus/cloud.d/scripts/* /etc/eucalyptus/cloud.d/upgrade/* /usr/sbin/eucalyptus-*.init This goes with documentation: /etc/eucalyptus/drbd.conf.example ok - No files in /bin, /sbin, /lib* on >= F17 -- - Programs run before FS mounting use /run instead of /var/run -- - Binaries in /bin, /sbin do not depend on files in /usr on < F17 ok - No files under /srv, /opt, /usr/local ok - Changelog in prescribed format ok - No Packager, Vendor, Copyright, PreReq tags ok - Summary does not end in a period -- - Correct BuildRoot tag on < EL6 -- - Correct %clean section on < EL6 NO - Requires correct, justified where necessary cloud, sc should require systemd-units since they restart services ok - Summary, description do not use trademarks incorrectly no - All relevant documentation is packaged, appropriately marked with %doc Example configs are documentation. ok - Doc files do not drag in extra dependencies (e.g. due to +x) ok - Code compilable with gcc is compiled with gcc NO - Build honors applicable compiler flags or justifies otherwise LDFLAGS not supplied to build NO - PIE used for long-running/root daemons, setuid/filecap programs Long-running daemons and setuid binaries require _hardened_build ok - Useful -debuginfo package or disabled and justified -- - Package with .pc files Requires pkgconfig on < EL6 ok - No static executables ok - Rpath absent or only used for internal libs NO - Config files marked with %config(noreplace) or justified %config /etc/eucalyptus/axis2.xml /etc/eucalyptus/eucalyptus.conf /etc/eucalyptus/httpd/conf/httpd-cc.conf /etc/eucalyptus/httpd/conf/httpd-common.conf /etc/eucalyptus/httpd/conf/httpd-nc.conf ok - No config files under /usr -- - Third party package manager configs acceptable, in %_docdir -- - .desktop files are sane NO - Spec uses macros consistently %install uses %{S:2} instead of %{SOURCE2} ok - Spec uses macros instead of hard-coded names where appropriate ok - Spec uses macros for executables only when configurability is needed -- - %makeinstall used only when alternatives don't work -- - Macros in Summary, description are expandable at srpm build time ok - Spec uses %{SOURCE#} instead of $RPM_SOURCE_DIR and %sourcedir ok - No software collections (scl) -- - Macro files named /etc/rpm/macros.%name ok - Build uses only python/perl/shell+coreutils/lua/BuildRequired langs ok - %global, not %define -- - Package translating with gettext BuildRequires it -- - Package translating with Linguist BuildRequires qt-devel ok - File ops preserve timestamps no - Parallel make Justified in spec ok - No Requires(pre,post) notation ok - User, group creation handled correctly (See Packaging:UsersAndGroups) Note that the packaging guidelines require shadow-utils, not paths. ok - Web apps go in /usr/share/%name, not /var/www -- - Conflicts are justified ok - One project per package ok - No bundled fonts ok - Patches have appropriate commentary -- - Available test suites executed in %check NO - tmpfiles.d used for /run, /run/lock on >= F15 /var/run/eucalyptus Systemd guidelines: ok - Traditional service uses a unit file NO - Non-standard service commands converted to standalone scripts eucalyptus-cc cleanstart, cleanstop, cleanrestart ok - Unit names are sane ok - Description= lines do not exceed 80 characters -- - Documentation field has correct URI format ok - Service Types= are correct ok - Requires=, Wants= used only when necessary ok - Units do not refer to runlevel*.target ok - Symlinks used instead of Name= ok - StandardOutput=, StandardError= used only when necessary -- - Socket-activated service has FESCo approval, correct unit files ok - Unit files go in %_unitdir NO - BuildRequires: systemd-units for %_unitdir macro ok - Packaged unit files are not %config files ok - Unit file scriptlets are correct Java guidelines: -- - Javadocs go in javadoc subpackage ok - Prefer split JARs over monolithic ok - JAR file names correct NO - JAR files go in %{_javadir} or %{_javadir}-$version /usr/share/eucalyptus/eucalyptus-auth-3.1.0.jar /usr/share/eucalyptus/eucalyptus-bootstrap-3.1.0.jar /usr/share/eucalyptus/eucalyptus-cloud-3.1.0.jar /usr/share/eucalyptus/eucalyptus-clustermgr-3.1.0.jar /usr/share/eucalyptus/eucalyptus-component-3.1.0.jar /usr/share/eucalyptus/eucalyptus-config-3.1.0.jar /usr/share/eucalyptus/eucalyptus-core-3.1.0.jar /usr/share/eucalyptus/eucalyptus-dns-3.1.0.jar /usr/share/eucalyptus/eucalyptus-euare-3.1.0.jar /usr/share/eucalyptus/eucalyptus-euare-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-msgs-3.1.0.jar /usr/share/eucalyptus/eucalyptus-notifications-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-postgresql-3.1.0.jar /usr/share/eucalyptus/eucalyptus-storage-common-3.1.0.jar /usr/share/eucalyptus/eucalyptus-walrus-3.1.0.jar /usr/share/eucalyptus/eucalyptus-ws-3.1.0.jar /usr/share/eucalyptus/eucalyptus-www-3.1.0.jar ok - Multiple JAR files go in a %{name} subdirectory -- - Javadocs go in unversioned %{_javadocdir}/%{name} -- - javadoc subpackage is noarch on > EL5 ok - BuildRequires java-devel, jpackage-utils ok - Requires java, jpackage-utils ok - Dependencies on java/java-devel >= 1.6.0 add epoch 1 -- - Package requiring maven2 Requires jpackage-utils for post and postun -- - Package requiring maven contains correct maven-specific code in spec -- - Wrapper script in %{_bindir} -- - GCJ AOT bits follow GCJ guidelines ok - No devel package -- - pom.xml files, if any, installed with %add_maven_depmap NO - JNI shared objects, JARs that require them go in %{_libdir}/%{name} /usr/share/eucalyptus/eucalyptus-storagecontroller-3.1.0.jar NO - Calls to System.loadLibrary replaced w/ System.load w/ full .so path clc/modules/storage-controller/src/main/java/com/eucalyptus/storage/OverlayManager.java ok - Bundled JAR files not included or used for build ok - No Javadoc %post/%ghost ok - No class-path elements in JAR manifests Perl guidelines: ok - Module requirements use virtual perl(modname) syntax ok - Spec BuildRequires correct core modules, not perl-devel -- - Spec contains correct MODULE_COMPAT Requires ok - Requires/Provides are sane -- - CPAN URL tag is not versioned -- - All tests enabled where possible -- - Use Build.PL if present unless justified otherwise -- - .h files not split into -devel package Python guidelines: NO - Runtime Requires correct /usr/lib/python2.7/site-packages/eucadmin/local.py requires: m2crypto python-paramiko That file is actually unused, so you could patch it out. -- - Python macros declared on < EL6 ok - All .py files packaged with .pyc, .pyo counterparts -- - Includes .egg-info files/directories when generated ok - Provides/Requires properly filtered -- - Code that invokes gtk.gdk.get_pixels_array() Requires numpy
Garrett, Michael, feel free to assign the ticket to you, since you did the job already.
(In reply to comment #16) > === List of issues === > > As some binaries are composed of code with multiple, compatible licenses, I > believe the license tag should be "GPLv3 and (GPLv3 and ASL 2.0) and (GPLv3 > and BSD)". It might be worth double-checking with Spot, though. Fixed. > clc/modules/www/src/licenses/webui-iconic-icons.LICENSE must be included > with %doc. I think we discussed this one offline; this isn't needed until we build the UI. > /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params appears in two packages. This file is now completely excluded from the install, as it's not really an approved way to deal with setting kernel parameters. > /etc/eucalyptus/eucalyptus.conf is owned by the eucalyptus user. If that is > actually correct (yuck) then please state so in the spec file. Added a comment. > Rather than starting tgtd in the sc package's %post scriptlet, consider > adding Wants=tgtd.service to eucalyptus-cloud.service. Fixed. > Are multiple restarts of the same service in %postun really the safest/most > reasonable way to do upgrades? I've removed all duplication of these for now. I think we need to more closely investigate the right way to upgrade this package, but you're right that restarting multiple times is awful. > axis2-clients should probably require eucalyptus-cc with a fully-versioned > dependency. Fixed. > The following files have filesystem layout problems: > These go in /usr/share/%name: > /etc/eucalyptus/cloud.d/init.d/01_pg_kernel_params > /etc/eucalyptus/eucalyptus-version > /etc/eucalyptus/vtunall.conf.template Removed the first; fixed the other two. > These go in /usr/share/%name or /usr/libexec/%name: > /etc/eucalyptus/cloud.d/scripts/* > /etc/eucalyptus/cloud.d/upgrade/* > /usr/sbin/eucalyptus-*.init Moved these into libexec, but had the symlink the cloud.d ones for now. > This goes with documentation: > /etc/eucalyptus/drbd.conf.example Moved. > The following configuration files are not marked with %config(noreplace) or > %config: > /etc/eucalyptus/axis2.xml > /etc/eucalyptus/eucalyptus.conf > /etc/eucalyptus/httpd/conf/httpd-cc.conf > /etc/eucalyptus/httpd/conf/httpd-common.conf > /etc/eucalyptus/httpd/conf/httpd-nc.conf Fixed. > %install uses %{S:2}, whereas the rest of the file uses the %{SOURCE#} > format. Fixed (I found at least one other like this as well) > /var/run/eucalyptus needs a tmpfiles.d entry. Added. > eucalyptus-cc cleanstart, cleanstop, and cleanrestart are supposed to be > converted to standalone scripts. /usr/sbin/eucalyptus-clean-cc is now a separate script which performs the "clean" function which was formerly part of the init script. > The spec file must contain BuildRequires: systemd-units for the %_unitdir > macro. Fixed. > The Java guidelines require arch-independent JARs to go under %_javadir, not > /usr/share/eucalyptus. This affects the following files: > /usr/share/eucalyptus/eucalyptus-auth-3.1.0.jar > ... Fixed. /usr/share now just has symlinks. > Similarly, JNI-using JARs must go in %_libdir/%name. There is one of these: > /usr/share/eucalyptus/eucalyptus-storagecontroller-3.1.0.jar Fixed > Calls to System.loadLibrary must be replaced with System.load with complete > .so paths. This affects the following file in the source tree: > > clc/modules/storage-controller/src/main/java/com/eucalyptus/storage/ > OverlayManager.java Fixed > /usr/lib/python2.7/site-packages/eucadmin/local.py from the python-eucadmin > package requires m2crypto and python-paramiko. However, that module is > unused, so you could also patch it out if you would like. Removed. > > === Other commentary === > > I must admit that I am not a fan of macros like %eucastatedir, which don't > really do much to enhance readability. I would rather see the real paths > inline. I have remove most of these, except for: %global eucalibexecdir %{_libexecdir}/%{name} %global eucadatadir %{_datadir}/%{name} %global eucajavalibdir %{_datadir}/%{name} %global helperdir %{_datadir}/%{name} These are here because they are things that the current upstream packages put in strange / unacceptable places, and files of distinctly different types are placed in the same directory. Keeping these notations will make it easier to move these into cleaner directory structure at some point. It's easy enough to run the srpm through rpmspec to get readable names. > Are all of those httpd modules really necessary? Nope. The list is much smaller now. Figuring out the smallest usable subset was nontrivial! > If possible, please see if you can filter out Provides and Requires for > internal libs. Done. > Please query upstream about including license files for the BSD sub-packages. Filed an issue for this upstream. I think it might be assigned to you. ;) > I'd change "Eucalyptus Enterprise Edition" to "Eucalyptus Enterprise > plugins" since there's only one version of eucalyptus now. where? I don't see reference to this in the spec. I only see it in a script in the tools directory. > provide_abi isn't necessary for a Fedora package, so I'd just remove it. Removed. > You should probably add commentary about why you're explicitly setting LANG > when you call make. This was done due to a single invalid character, and has now been removed. > Packaging guidelines: > NO - Pre-built binaries, libs removed in %prep > tools/floppy contains grub This is now truncated in prep. Left as a placeholder and to avoid having to patch the makefile. > NO - Requires correct, justified where necessary > cloud, sc should require systemd-units since they restart services This has been changed. > NO - Build honors applicable compiler flags or justifies otherwise > LDFLAGS not supplied to build TODO. > NO - PIE used for long-running/root daemons, setuid/filecap programs > Long-running daemons and setuid binaries require _hardened_build TODO. I'll post a new SPEC and SRPM later today when I finish these last two things. I just wanted to give an update here document my progress.
Updates: * LDFLAGS are now set prior to configure, and I've confirmed that they are respected (a patch was needed for the mountwrap/rootwrap Makefile) * _hardened_build is now set. Note that this package is now using a git snapshot. I've versioned it as a 3.1.2 prerelease, since that's the closest applicable version. SPEC: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.2-0.3.20120917gitb8c109b4/eucalyptus.spec SRPM: http://arg.fedorapeople.org/reviews/eucalyptus/3.1.2-0.3.20120917gitb8c109b4/eucalyptus-3.1.2-0.3.20120917gitb8c109b4.fc18.src.rpm
Also, latest koji scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=4493209
Releasing the review, since Garrett took it. Feel free to assign it to yourself.
Thanks for slogging through all that, Andy. There's little left to go, as far as I can tell, though of course someone else could always chime in. === List of issues === Please filter out Provides for internal libraries. These include: libEucalyptusCC.so()(64bit) libEucalyptusGL.so()(64bit) libEucalyptusNC.so()(64bit) liblvm2control.so()(64bit) rpmlint found some filesystem permission issues. The latter is due to +x. E: non-standard-executable-perm /usr/libexec/eucalyptus/shutdownCC 0555L E: script-without-shebang /usr/share/eucalyptus/floppy === Other commentary === You don't need to %doc the INSTALL file. Are you sure you need to run euca_conf in %post? You already write that info to eucalyptus.conf with sed during %install. rpmlint complained about missing logrotate configs. Does eucalyptus rotate all of its logs or would it benefit from logrotate's picking up any stragglers? I suggest double-checking the license header with spot, but I'm not going to hold the review up for that. It already has my best guess. === Review of eucalyptus-3.1.2-0.3.20120917gitb8c109b4 === Mandatory review guidelines: NO - rpmlint output (attached) 13 packages and 0 specfiles checked; 22 errors, 239 warnings. Most of the issues are bogus or previously-addressed. The rest appear above. ok - License is acceptable (GPLv3, LGPLv2+, ASL 2.0, BSD, Public Domain) ok - License field in spec is correct It might be worth double-checking with spot to ensure this is correct. ok - License files included in package %docs if included in source package ok - License files installed when any subpackage combination is installed Upstream does not include license files for the BSD sub-packages ok - Spec written in American English ok - Spec is legible -- - Sources match upstream unless altered to fix permissibility issues Built directly from upstream git ok - Build succeeds on at least one primary arch ok - Build succeeds on all primary arches or has ExcludeArch + bugs filed ok - BuildRequires correct, justified where necessary -- - Locales handled with %find_lang, not %_datadir/locale/* -- - %post, %postun call ldconfig if package contains shared .so files ok - No bundled libs -- - Relocatability is justified ok - Package owns all directories it creates ok - Package requires others for directories it uses but does not own ok - No duplication in %files unless necessary for license files NO - File permissions are sane -rwxr-xr-x root root /usr/share/eucalyptus/floppy -r-xr-xr-x root root /usr/libexec/eucalyptus/shutdownCC ok - Package contains permissible code or content ok - Large docs go in -doc subpackage ok - %doc files not required at runtime -- - Static libs go in -static package/virtual Provides -- - Development files go in -devel package -- - -devel packages Require base with fully-versioned dependency, %_isa ok - No .la files -- - GUI app uses .desktop file, installs it with desktop-file-install ok - File list does not conflict with other packages' without justification ok - File names are valid UTF-8 Optional review guidelines: ok - Query upstream about including license files -- - Translations of description, summary ok - Builds in mock no - Builds on all arches (Standard no-java-on-ppc disclaimer) ok - Scriptlets are sane ok - Subpackages require base with fully-versioned dependency if sensible -- - .pc file subpackage placement is sensible ok - No file deps outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin ok - Include man pages if available Naming guidelines: ok - Package names use only a-zA-Z0-9-._+ subject to restrictions on -._+ ok - Package names are sane ok - No naming conflicts ok - Spec file name matches base package name ok - Version is sane ok - Version does not contain ~ ok - Release is sane ok - %dist tag ok - Case used only when necessary -- - Renaming handled correctly Packaging guidelines: ok - Useful without external bits ok - No kmods ok - Pre-built binaries, libs removed in %prep ok - Sources contain only redistributable code or content ok - Spec format is sane ok - Package obeys FHS, except libexecdir, /run, /usr/target ok - No files in /bin, /sbin, /lib* on >= F17 -- - Programs run before FS mounting use /run instead of /var/run -- - Binaries in /bin, /sbin do not depend on files in /usr on < F17 ok - No files under /srv, /opt, /usr/local ok - Changelog in prescribed format ok - No Packager, Vendor, Copyright, PreReq tags ok - Summary does not end in a period -- - Correct BuildRoot tag on < EL6 -- - Correct %clean section on < EL6 ok - Requires correct, justified where necessary ok - Summary, description do not use trademarks incorrectly ok - All relevant documentation is packaged, appropriately marked with %doc ok - Doc files do not drag in extra dependencies (e.g. due to +x) ok - Code compilable with gcc is compiled with gcc ok - Build honors applicable compiler flags or justifies otherwise ok - PIE used for long-running/root daemons, setuid/filecap programs ok - Useful -debuginfo package or disabled and justified -- - Package with .pc files Requires pkgconfig on < EL6 ok - No static executables ok - Rpath absent or only used for internal libs ok - Config files marked with %config(noreplace) or justified %config ok - No config files under /usr -- - Third party package manager configs acceptable, in %_docdir -- - .desktop files are sane ok - Spec uses macros consistently ok - Spec uses macros instead of hard-coded names where appropriate ok - Spec uses macros for executables only when configurability is needed -- - %makeinstall used only when alternatives don't work -- - Macros in Summary, description are expandable at srpm build time ok - Spec uses %{SOURCE#} instead of $RPM_SOURCE_DIR and %sourcedir ok - No software collections (scl) -- - Macro files named /etc/rpm/macros.%name ok - Build uses only python/perl/shell+coreutils/lua/BuildRequired langs ok - %global, not %define -- - Package translating with gettext BuildRequires it -- - Package translating with Linguist BuildRequires qt-devel ok - File ops preserve timestamps no - Parallel make Justified in spec ok - No Requires(pre,post) notation ok - User, group creation handled correctly (See Packaging:UsersAndGroups) Note that the packaging guidelines require shadow-utils, not paths. ok - Web apps go in /usr/share/%name, not /var/www -- - Conflicts are justified ok - One project per package ok - No bundled fonts ok - Patches have appropriate commentary -- - Available test suites executed in %check ok - tmpfiles.d used for /run, /run/lock on >= F15 Systemd guidelines: ok - Traditional service uses a unit file ok - Non-standard service commands converted to standalone scripts ok - Unit names are sane ok - Description= lines do not exceed 80 characters -- - Documentation field has correct URI format ok - Service Types= are correct ok - Requires=, Wants= used only when necessary ok - Units do not refer to runlevel*.target ok - Symlinks used instead of Name= ok - StandardOutput=, StandardError= used only when necessary -- - Socket-activated service has FESCo approval, correct unit files ok - Unit files go in %_unitdir ok - BuildRequires: systemd-units for %_unitdir macro ok - Packaged unit files are not %config files ok - Unit file scriptlets are correct Java guidelines: -- - Javadocs go in javadoc subpackage ok - Prefer split JARs over monolithic ok - JAR file names correct ok - JAR files go in %{_javadir} or %{_javadir}-$version ok - Multiple JAR files go in a %{name} subdirectory -- - Javadocs go in unversioned %{_javadocdir}/%{name} -- - javadoc subpackage is noarch on > EL5 ok - BuildRequires java-devel, jpackage-utils ok - Requires java, jpackage-utils ok - Dependencies on java/java-devel >= 1.6.0 add epoch 1 -- - Package requiring maven2 Requires jpackage-utils for post and postun -- - Package requiring maven contains correct maven-specific code in spec -- - Wrapper script in %{_bindir} -- - GCJ AOT bits follow GCJ guidelines ok - No devel package -- - pom.xml files, if any, installed with %add_maven_depmap ok - JNI shared objects, JARs that require them go in %{_libdir}/%{name} ok - Calls to System.loadLibrary replaced w/ System.load w/ full .so path ok - Bundled JAR files not included or used for build ok - No Javadoc %post/%ghost ok - No class-path elements in JAR manifests Perl guidelines: ok - Module requirements use virtual perl(modname) syntax ok - Spec BuildRequires correct core modules, not perl-devel -- - Spec contains correct MODULE_COMPAT Requires ok - Requires/Provides are sane -- - CPAN URL tag is not versioned -- - All tests enabled where possible -- - Use Build.PL if present unless justified otherwise -- - .h files not split into -devel package Python guidelines: ok - Runtime Requires correct -- - Python macros declared on < EL6 ok - All .py files packaged with .pyc, .pyo counterparts -- - Includes .egg-info files/directories when generated ok - Provides/Requires properly filtered -- - Code that invokes gtk.gdk.get_pixels_array() Requires numpy
Created attachment 617345 [details] rpmlint output for eucalyptus-3.1.2-0.3.20120917gitb8c109b4
Update: * Filtered out the lib provides * Fixed the permissions on the two files mentioned * Removed INSTALL from %doc line * Removed euca_conf from %post I will investigate the logrotate thing, but I don't want to do something that conflicts with the 3.2 logging changes, so I need to talk to other developers about this. New build: http://koji.fedoraproject.org/koji/taskinfo?taskID=4555991 SPEC: https://raw.github.com/a13m/eucalyptus-rpmspec/32ce790eab950df06579249ca6a918aa6c757457/eucalyptus.spec SRPM: http://kojipkgs.fedoraproject.org//work/tasks/5992/4555992/eucalyptus-3.1.2-0.5.20120917gitb8c109b4.fc18.src.rpm
Created attachment 622466 [details] rpmlint output for eucalyptus-3.1.2-0.5.20120917gitb8c109b4
That looks good to me. The cc package requires euca_conf twice, but that isn't going to break anything. Nice job! === Review of eucalyptus-3.1.2-0.5.20120917gitb8c109b4 === Mandatory review guidelines: ok - rpmlint output (attached) 13 packages and 0 specfiles checked; 20 errors, 243 warnings. The issues here are bogus or already addressed in the spec or this bug. ok - License is acceptable (GPLv3, LGPLv2+, ASL 2.0, BSD, Public Domain) ok - License field in spec is correct It might be worth double-checking with spot to ensure this is correct. ok - License files included in package %docs if included in source package ok - License files installed when any subpackage combination is installed Upstream does not include license files for the BSD sub-packages ok - Spec written in American English ok - Spec is legible -- - Sources match upstream unless altered to fix permissibility issues Built directly from upstream git ok - Build succeeds on at least one primary arch ok - Build succeeds on all primary arches or has ExcludeArch + bugs filed ok - BuildRequires correct, justified where necessary -- - Locales handled with %find_lang, not %_datadir/locale/* -- - %post, %postun call ldconfig if package contains shared .so files ok - No bundled libs -- - Relocatability is justified ok - Package owns all directories it creates ok - Package requires others for directories it uses but does not own ok - No duplication in %files unless necessary for license files ok - File permissions are sane ok - Package contains permissible code or content ok - Large docs go in -doc subpackage ok - %doc files not required at runtime -- - Static libs go in -static package/virtual Provides -- - Development files go in -devel package -- - -devel packages Require base with fully-versioned dependency, %_isa ok - No .la files -- - GUI app uses .desktop file, installs it with desktop-file-install ok - File list does not conflict with other packages' without justification ok - File names are valid UTF-8 Optional review guidelines: ok - Query upstream about including license files -- - Translations of description, summary ok - Builds in mock no - Builds on all arches (Standard no-java-on-ppc disclaimer) ok - Scriptlets are sane ok - Subpackages require base with fully-versioned dependency if sensible -- - .pc file subpackage placement is sensible ok - No file deps outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin ok - Include man pages if available Naming guidelines: ok - Package names use only a-zA-Z0-9-._+ subject to restrictions on -._+ ok - Package names are sane ok - No naming conflicts ok - Spec file name matches base package name ok - Version is sane ok - Version does not contain ~ ok - Release is sane ok - %dist tag ok - Case used only when necessary -- - Renaming handled correctly Packaging guidelines: ok - Useful without external bits ok - No kmods ok - Pre-built binaries, libs removed in %prep ok - Sources contain only redistributable code or content ok - Spec format is sane ok - Package obeys FHS, except libexecdir, /run, /usr/target ok - No files in /bin, /sbin, /lib* on >= F17 -- - Programs run before FS mounting use /run instead of /var/run -- - Binaries in /bin, /sbin do not depend on files in /usr on < F17 ok - No files under /srv, /opt, /usr/local ok - Changelog in prescribed format ok - No Packager, Vendor, Copyright, PreReq tags ok - Summary does not end in a period -- - Correct BuildRoot tag on < EL6 -- - Correct %clean section on < EL6 ok - Requires correct, justified where necessary ok - Summary, description do not use trademarks incorrectly ok - All relevant documentation is packaged, appropriately marked with %doc ok - Doc files do not drag in extra dependencies (e.g. due to +x) ok - Code compilable with gcc is compiled with gcc ok - Build honors applicable compiler flags or justifies otherwise ok - PIE used for long-running/root daemons, setuid/filecap programs ok - Useful -debuginfo package or disabled and justified -- - Package with .pc files Requires pkgconfig on < EL6 ok - No static executables ok - Rpath absent or only used for internal libs ok - Config files marked with %config(noreplace) or justified %config ok - No config files under /usr -- - Third party package manager configs acceptable, in %_docdir -- - .desktop files are sane ok - Spec uses macros consistently ok - Spec uses macros instead of hard-coded names where appropriate ok - Spec uses macros for executables only when configurability is needed -- - %makeinstall used only when alternatives don't work -- - Macros in Summary, description are expandable at srpm build time ok - Spec uses %{SOURCE#} instead of $RPM_SOURCE_DIR and %sourcedir ok - No software collections (scl) -- - Macro files named /etc/rpm/macros.%name ok - Build uses only python/perl/shell+coreutils/lua/BuildRequired langs ok - %global, not %define -- - Package translating with gettext BuildRequires it -- - Package translating with Linguist BuildRequires qt-devel ok - File ops preserve timestamps no - Parallel make Noted in spec ok - No Requires(pre,post) notation ok - User, group creation handled correctly (See Packaging:UsersAndGroups) Note that the packaging guidelines require shadow-utils, not paths. ok - Web apps go in /usr/share/%name, not /var/www -- - Conflicts are justified ok - One project per package ok - No bundled fonts ok - Patches have appropriate commentary -- - Available test suites executed in %check ok - tmpfiles.d used for /run, /run/lock on >= F15 Systemd guidelines: ok - Traditional service uses a unit file ok - Non-standard service commands converted to standalone scripts ok - Unit names are sane ok - Description= lines do not exceed 80 characters -- - Documentation field has correct URI format ok - Service Types= are correct ok - Requires=, Wants= used only when necessary ok - Units do not refer to runlevel*.target ok - Symlinks used instead of Name= ok - StandardOutput=, StandardError= used only when necessary -- - Socket-activated service has FESCo approval, correct unit files ok - Unit files go in %_unitdir ok - BuildRequires: systemd-units for %_unitdir macro ok - Packaged unit files are not %config files ok - Unit file scriptlets are correct Java guidelines: -- - Javadocs go in javadoc subpackage ok - Prefer split JARs over monolithic ok - JAR file names correct ok - JAR files go in %{_javadir} or %{_javadir}-$version ok - Multiple JAR files go in a %{name} subdirectory -- - Javadocs go in unversioned %{_javadocdir}/%{name} -- - javadoc subpackage is noarch on > EL5 ok - BuildRequires java-devel, jpackage-utils ok - Requires java, jpackage-utils ok - Dependencies on java/java-devel >= 1.6.0 add epoch 1 -- - Package requiring maven2 Requires jpackage-utils for post and postun -- - Package requiring maven contains correct maven-specific code in spec -- - Wrapper script in %{_bindir} -- - GCJ AOT bits follow GCJ guidelines ok - No devel package -- - pom.xml files, if any, installed with %add_maven_depmap ok - JNI shared objects, JARs that require them go in %{_libdir}/%{name} ok - Calls to System.loadLibrary replaced w/ System.load w/ full .so path ok - Bundled JAR files not included or used for build ok - No Javadoc %post/%ghost ok - No class-path elements in JAR manifests Perl guidelines: ok - Module requirements use virtual perl(modname) syntax ok - Spec BuildRequires correct core modules, not perl-devel -- - Spec contains correct MODULE_COMPAT Requires ok - Requires/Provides are sane -- - CPAN URL tag is not versioned -- - All tests enabled where possible -- - Use Build.PL if present unless justified otherwise -- - .h files not split into -devel package Python guidelines: ok - Runtime Requires correct -- - Python macros declared on < EL6 ok - All .py files packaged with .pyc, .pyo counterparts -- - Includes .egg-info files/directories when generated ok - Provides/Requires properly filtered -- - Code that invokes gtk.gdk.get_pixels_array() Requires numpy
New Package SCM Request ======================= Package Name: eucalyptus Short Description: Elastic Utility Computing Architecture Owners: madsa arg gholms Branches: f17 f18 InitialCC:
This ticket is not assigned to anyone. Please fix and re-raise the flag.
Git done (by process-git-requests).
eucalyptus-3.1.2-0.6.20120917gitb8c109b4.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/eucalyptus-3.1.2-0.6.20120917gitb8c109b4.fc18
eucalyptus-3.1.2-0.6.20120917gitb8c109b4.fc18 has been pushed to the Fedora 18 testing repository.