Spec URL: <http://www.saef.com.ve/fedorarpm/django-admin-honeypot.spec> SRPM URL: <http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot-0.2.3-1.fc17.src.rpm> Description: <A fake Django admin login screen to notify admins of attempted unauthorized access. This app was inspired by discussion in and around Paul McMillan's security talk at DjangoCon 2011> Fedora Account System Username:echevemaster This is my first package so I will be needing a sponsor!
please add rpmlint[1] out [1] http://gomix.fedora-ve.org/projects/fedobetatest/wiki/Rpmlint The package SPEC seems ok, but i not rebuild/compile this rpm
---------------------- RPMLINT ---------------------- $ rpmlint -i python-django-admin-honeypot-0.2.3-1.fc17.noarch.rpm python-django-admin-honeypot.noarch: W: spelling-error Summary(en_US) Login -> Logan, Loin, Logic The value of this tag appears to be misspelled. Please double-check. python-django-admin-honeypot.noarch: W: spelling-error %description -l en_US login -> loin, logic, lo gin The value of this tag appears to be misspelled. Please double-check. python-django-admin-honeypot.noarch: E: description-line-too-long C A fake Django admin login screen to notify admins of attempted unauthorized access. Your description lines must not exceed 80 characters. If a line is exceeding this number, cut it to fit in two lines. python-django-admin-honeypot.noarch: W: incoherent-version-in-changelog 0.2.3 ['0.2.3-1.fc17', '0.2.3-1'] The latest entry in %changelog contains a version identifier that is not coherent with the epoch:version-release tuple of the package. 1 packages and 0 specfiles checked; 1 errors, 3 warnings.
New Spec and SRPM with fixed warnings Spec URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot.spec SRPM URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot-0.2.3-2.fc17.src.rpm
---------------------- RPMLINT ---------------------- $ rpmlint -i python-django-admin-honeypot-0.2.3-2.fc17.src.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings
This is url of Koji build scratch: http://koji.fedoraproject.org/koji/taskinfo?taskID=4453856
Koji Build Scratch Fedora 17: http://koji.fedoraproject.org/koji/taskinfo?taskID=4454001
some drive-by comments: - we're in the process of renaming all django-related packages. So you new package must be named python-django-admin-honeypot - on that github page, there are also tests included. I recommend, you should run them in a %check section - if you don't run checks, there's no need for django/python-django during build
(In reply to comment #7) > some drive-by comments: > > - we're in the process of renaming all django-related packages. So you new > package must be named python-django-admin-honeypot > - on that github page, there are also tests included. I recommend, you > should run them in a %check section > - if you don't run checks, there's no need for django/python-django during > build Thanks Matthias by your comments I Change %changelog * Wed Sep 05 2012 Eduardo Eheverria <echevemaster> - 0.2.3-3 - Remove python-django during build * Tue Sep 04 2012 Eduardo Echeverria <echevemaster> - 0.2.3-2 - Change Summary * Tue Sep 04 2012 Eduardo Echeverria <echevemaster> - 0.2.3-1 - initial packaging ===================== RPMLINT ========================================= $ rpmlint -i python-django-admin-honeypot-0.2.3-3.fc17.src.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings ===================== Koji Build ====================================== http://koji.fedoraproject.org/koji/taskinfo?taskID=4459556
New Spec and SRPM with changes based on the comments of Matthias Runge Spec URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot.spec SRPM URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot-0.2.3-3.fc17.src.rpm
Eduardo, since, there is a test existing, you should definitely use it! If I would review this package (and would sponsor you as well), I'd consider this as a review blocker. If there's pep8 required in version 1.3.1 (actually, it is), we should work to get this version included in fedora, instead of version 1.0.1 as in fedora 17) One side note: the spec from the SRPM and the spec linked at your webspace should match! There are some differences there, e.g your surname differs there: %changelog -* Wed Sep 05 2012 Eduardo Echeverria <echevemaster> - 0.2.3-3 +* Wed Sep 05 2012 Eduardo Eheverria <echevemaster> - 0.2.3-3
Thanks again Matthias Get a review about this in https://bugzilla.redhat.com/show_bug.cgi?id=833324, then add in https://fedoraproject.org/wiki/Upstream_release_monitoring consider. According to this review the version 1.3 is in rawhide. This definitely locked my package?
Yes, python-pep8 version 1.3 is in f18 (and later, including rawhide). That shouldn't prevent you from doing the tests. Esp. it's definitely possible to install that package on your system: yum --enablerepo=rawhide install python-pep8 To support Ian, you should add yourself to that bug; you could/should also attach there a diff (or so) for the later version. Supporting others, e.g. through patches is a great plus, when looking for a sponsor. I (as person) consider not using provided tests as blocker, I know, there are other sponsors out there, agreeing with me; others don't mind checks. Actually, the packaging guide says: https://fedoraproject.org/wiki/Packaging/Guidelines#Test_Suites If the source code of the package provides a test suite, it should be executed in the %check section, whenever it is practical to do so.
1.3.3 will be in rawhide within a day. Do you need it in F18 as well?
Created attachment 610638 [details] Fix runtime requirements for python-pep8 1.3.3
(In reply to comment #12) > Yes, python-pep8 version 1.3 is in f18 (and later, including rawhide). That > shouldn't prevent you from doing the tests. Esp. it's definitely possible to > install that package on your system: > > yum --enablerepo=rawhide install python-pep8 > > To support Ian, you should add yourself to that bug; you could/should also > attach there a diff (or so) for the later version. Supporting others, e.g. > through patches is a great plus, when looking for a sponsor. > > I (as person) consider not using provided tests as blocker, I know, there > are other sponsors out there, agreeing with me; others don't mind checks. > > Actually, the packaging guide says: > https://fedoraproject.org/wiki/Packaging/Guidelines#Test_Suites > > If the source code of the package provides a test suite, it should be > executed in the %check section, whenever it is practical to do so. New Spec and SRPM with changes based on the comments of Matthias Runge in https://bugzilla.redhat.com/show_bug.cgi?id=854176#c12: Spec URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot/python-django-admin-honeypot.spec SRPM URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot/python-django-admin-honeypot-0.2.3-4.fc17.src.rpm
############################## Koji Build F18 ########################## http://koji.fedoraproject.org/koji/taskinfo?taskID=4462885
(In reply to comment #13) > 1.3.3 will be in rawhide within a day. Do you need it in F18 as well? Thanks Ian I did run the test in f18 with 1.3 , do you recommend?
itamarjp has agreed to mentor Eduardo. I have sponsored him into the packager group and itamar will be the primary contact for help learning how to package for Fedora. You can also contact me (abadger1999 on irc) if there's any questions that itamar cannot answer. I've asked Itamar to lend a hand in this review so that he can better know where you need help.
Great. I'll do a full review later today. Please note, I also lifted FE-NEEDSPONSOR. Eduardo, please feel free, to contact me as well, if there are problems, questions, etc.
(In reply to comment #19) > Great. I'll do a full review later today. > > Please note, I also lifted FE-NEEDSPONSOR. > > Eduardo, please feel free, to contact me as well, if there are problems, > questions, etc. Thank you very much for your valuable comments Matthias, I hope your review.
Eduardo, it looks like, it still requires pep-1.3.3 to build. I haven't looked into your patch, yet. I guess, that can be fixed really fast.
(In reply to comment #21) > Eduardo, it looks like, it still requires pep-1.3.3 to build. I haven't > looked into your patch, yet. I guess, that can be fixed really fast. Matthias the package does not build on f17, basically what I did was follow your tip: - yum --enablerepo=rawhide install python-pep8 - Make the patch to change pep 1.3.3 to 1.3 (available in f18) - Incorporate test suite (https://github.com/dmpayton/django-admin-honeypot/tree/master/tests) - rpmbuild Today will incorporate the f19 , pep8 1.3.3 is in rawhide, BTW thanks Ian
With pep8 1.3 in f18 Spec URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot/python-django-admin-honeypot.spec SRPM URL: http://www.saef.com.ve/fedorarpm/python-django-admin-honeypot/python-django-admin-honeypot-0.2.3-4.fc17.src.rpm With the pep8 1.3.3 in rawhide http://echevemaster.fedorapeople.org/python-django-admin-honeypot/5/python-django-admin-honeypot-0.2.3-5.fc17.src.rpm http://echevemaster.fedorapeople.org/python-django-admin-honeypot/5/python-django-admin-honeypot.spec ############################## Koji Build F18 ########################## http://koji.fedoraproject.org/koji/taskinfo?taskID=4462885 ############################## Koji Build Rawhide ########################## http://koji.fedoraproject.org/koji/taskinfo?taskID=4473702
Created attachment 611658 [details] Fix runtime requirements for rawhide With Patch 0001-change-setup.py-requires-to-fix.patch ############################## Koji Build F18 ########################## http://koji.fedoraproject.org/koji/taskinfo?taskID=4462885 With Patch 0002-change-setup.py-requires-to-fix.patch ############################## Koji Build Rawhide ########################## http://koji.fedoraproject.org/koji/taskinfo?taskID=4473702
Package Review ============== Key: - = N/A x = Pass ! = Fail ? = Not evaluated ==== Generic ==== [x]: EXTRA Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: EXTRA Spec file according to URL is the same as in SRPM. [x]: MUST Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: MUST Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: MUST %build honors applicable compiler flags or justifies otherwise. [x]: MUST All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [x]: MUST Package contains no bundled libraries. [x]: MUST Changelog in prescribed format. [x]: MUST Sources contain only permissible code or content. [x]: MUST Each %files section contains %defattr if rpm < 4.4 Note: Note: defattr macros not found. They would be needed for EPEL5 [x]: MUST Macros in Summary, %description expandable at SRPM build time. [-]: MUST Package contains desktop file if it is a GUI application. [-]: MUST Development files must be in a -devel package [x]: MUST Package requires other packages for directories it uses. [x]: MUST Package uses nothing in %doc for runtime. [x]: MUST Package is not known to require ExcludeArch. [x]: MUST Permissions on files are set properly. [x]: MUST Package does not contain duplicates in %files. [x]: MUST Package complies to the Packaging Guidelines [x]: MUST Spec file lacks Packager, Vendor, PreReq tags. [x]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. Note: rm -rf would be needed if support for EPEL5 is required [-]: MUST Large documentation files are in a -doc subpackage, if required. [x]: MUST If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [!]: MUST License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. No licenses found. Please check the source files for licenses manually. [x]: MUST Package consistently uses macro is (instead of hard-coded directory names). [x]: MUST Package is named using only allowed ascii characters. [x]: MUST Package is named according to the Package Naming Guidelines. [x]: MUST Package does not generate any conflict. Note: Package contains no Conflicts: tag(s) [x]: MUST Package obeys FHS, except libexecdir and /usr/target. [x]: MUST If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: MUST Package must own all directories that it creates. [x]: MUST Package does not own files or directories owned by other packages. [x]: MUST Package installs properly. [x]: MUST Package is not relocatable. [x]: MUST Requires correct, justified where necessary. [x]: MUST Rpmlint is run on all rpms the build produces. Note: No rpmlint messages. [x]: MUST Sources used to build the package match the upstream source, as provided in the spec URL. [x]: MUST Spec file is legible and written in American English. [x]: MUST Spec file name must match the spec package %{name}, in the format %{name}.spec. [-]: MUST Package contains systemd file(s) if in need. [x]: MUST File names are valid UTF-8. [x]: SHOULD Reviewer should test that the package builds in mock. [x]: SHOULD Buildroot is not present Note: Unless packager wants to package for EPEL5 this is fine [x]: SHOULD Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: Clean would be needed if support for EPEL5 is required [x]: SHOULD If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: SHOULD Dist tag is present. [x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q --requires). [?]: SHOULD Package functions as described. [x]: SHOULD Latest version is packaged. [x]: SHOULD Package does not include license text files separate from upstream. [x]: SHOULD Patches link to upstream bugs/comments/lists or are otherwise justified. [x]: SHOULD SourceX tarball generation or download is documented. [!]: SHOULD SourceX / PatchY prefixed with %{name}. Note: Patch1 (0002-change-setup.py-requires-to-fix.patch) Source0 (django-admin-honeypot-0.2.3.tar.gz) [x]: SHOULD SourceX is a working URL. [-]: SHOULD Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: SHOULD Package should compile and build into binary rpms on all supported architectures. [x]: SHOULD %check is present and all tests pass. [x]: SHOULD Packages should try to preserve timestamps of original installed files. [x]: SHOULD Spec use %global instead of %define. Rpmlint ------- Checking: python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm python-django-admin-honeypot-0.2.3-5.fc19.src.rpm 2 packages and 0 specfiles checked; 0 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- Cannot parse rpmlint output: Requires -------- python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm (rpmlib, GLIBC filtered): python(abi) = 2.7 python-django Provides -------- python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm: django-admin-honeypot = 0.2.3-5.fc19 python-django-admin-honeypot = 0.2.3-5.fc19 MD5-sum check ------------- http://pypi.python.org/packages/source/d/django-admin-honeypot/django-admin-honeypot-0.2.3.tar.gz : CHECKSUM(SHA256) this package : 9cd9a77e8804815fc1775e88230ab6f0da22afbb338d1bc3e71c717b96e76372 CHECKSUM(SHA256) upstream package : 9cd9a77e8804815fc1775e88230ab6f0da22afbb338d1bc3e71c717b96e76372 Package APPROVED
New Package SCM Request ======================= Package Name: django-admin-honeypot Short Description: A fake Django admin log in screen to notify admins of unauthorized access Owners: echevemaster Branches: devel InitialCC: mrunge
New Package SCM Request ======================= Package Name: python-django-admin-honeypot Short Description: A fake Django admin log in screen to notify admins of unauthorized access Owners: echevemaster Branches: devel InitialCC: mrunge
Git done (by process-git-requests).
python-django-admin-honeypot-0.2.3-5.fc19 has been pushed to the rawhide repository.
(In reply to comment #13) > 1.3.3 will be in rawhide within a day. Do you need it in F18 as well? You can push PEP8 1.3.3 to f18? Regards
Sure, I'll take care of that sometime today.
(In reply to comment #25) > Package Review > ============== > > Key: > - = N/A > x = Pass > ! = Fail > ? = Not evaluated > > > > ==== Generic ==== > [x]: EXTRA Rpmlint is run on all installed packages. > Note: There are rpmlint messages (see attachment). > [x]: EXTRA Spec file according to URL is the same as in SRPM. > [x]: MUST Package is licensed with an open-source compatible license and > meets > other legal requirements as defined in the legal section of Packaging > Guidelines. > [x]: MUST Package successfully compiles and builds into binary rpms on at > least one supported primary architecture. > [x]: MUST %build honors applicable compiler flags or justifies otherwise. > [x]: MUST All build dependencies are listed in BuildRequires, except for any > that are listed in the exceptions section of Packaging Guidelines. > [x]: MUST Package contains no bundled libraries. > [x]: MUST Changelog in prescribed format. > [x]: MUST Sources contain only permissible code or content. > [x]: MUST Each %files section contains %defattr if rpm < 4.4 > Note: Note: defattr macros not found. They would be needed for EPEL5 > [x]: MUST Macros in Summary, %description expandable at SRPM build time. > [-]: MUST Package contains desktop file if it is a GUI application. > [-]: MUST Development files must be in a -devel package > [x]: MUST Package requires other packages for directories it uses. > [x]: MUST Package uses nothing in %doc for runtime. > [x]: MUST Package is not known to require ExcludeArch. > [x]: MUST Permissions on files are set properly. > [x]: MUST Package does not contain duplicates in %files. > [x]: MUST Package complies to the Packaging Guidelines > [x]: MUST Spec file lacks Packager, Vendor, PreReq tags. > [x]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at > the > beginning of %install. > Note: rm -rf would be needed if support for EPEL5 is required > [-]: MUST Large documentation files are in a -doc subpackage, if required. > [x]: MUST If (and only if) the source package includes the text of the > license(s) in its own file, then that file, containing the text of the > license(s) for the package is included in %doc. > [!]: MUST License field in the package spec file matches the actual license. > Note: Checking patched sources after %prep for licenses. No licenses > found. Please check the source files for licenses manually. > [x]: MUST Package consistently uses macro is (instead of hard-coded directory > names). > [x]: MUST Package is named using only allowed ascii characters. > [x]: MUST Package is named according to the Package Naming Guidelines. > [x]: MUST Package does not generate any conflict. > Note: Package contains no Conflicts: tag(s) > [x]: MUST Package obeys FHS, except libexecdir and /usr/target. > [x]: MUST If the package is a rename of another package, proper Obsoletes and > Provides are present. > [x]: MUST Package must own all directories that it creates. > [x]: MUST Package does not own files or directories owned by other packages. > [x]: MUST Package installs properly. > [x]: MUST Package is not relocatable. > [x]: MUST Requires correct, justified where necessary. > [x]: MUST Rpmlint is run on all rpms the build produces. > Note: No rpmlint messages. > [x]: MUST Sources used to build the package match the upstream source, as > provided in the spec URL. > [x]: MUST Spec file is legible and written in American English. > [x]: MUST Spec file name must match the spec package %{name}, in the format > %{name}.spec. > [-]: MUST Package contains systemd file(s) if in need. > [x]: MUST File names are valid UTF-8. > [x]: SHOULD Reviewer should test that the package builds in mock. > [x]: SHOULD Buildroot is not present > Note: Unless packager wants to package for EPEL5 this is fine > [x]: SHOULD Package has no %clean section with rm -rf %{buildroot} (or > $RPM_BUILD_ROOT) > Note: Clean would be needed if support for EPEL5 is required > [x]: SHOULD If the source package does not include license text(s) as a > separate file from upstream, the packager SHOULD query upstream to > include it. > [x]: SHOULD Dist tag is present. > [x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin, > /usr/sbin. > [x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm > -q > --requires). > [?]: SHOULD Package functions as described. > [x]: SHOULD Latest version is packaged. > [x]: SHOULD Package does not include license text files separate from > upstream. > [x]: SHOULD Patches link to upstream bugs/comments/lists or are otherwise > justified. > [x]: SHOULD SourceX tarball generation or download is documented. > [!]: SHOULD SourceX / PatchY prefixed with %{name}. > Note: Patch1 (0002-change-setup.py-requires-to-fix.patch) Source0 > (django-admin-honeypot-0.2.3.tar.gz) > [x]: SHOULD SourceX is a working URL. > [-]: SHOULD Description and summary sections in the package spec file > contains > translations for supported Non-English languages, if available. > [x]: SHOULD Package should compile and build into binary rpms on all > supported > architectures. > [x]: SHOULD %check is present and all tests pass. > [x]: SHOULD Packages should try to preserve timestamps of original installed > files. > [x]: SHOULD Spec use %global instead of %define. > > > > Rpmlint > ------- > Checking: python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm > python-django-admin-honeypot-0.2.3-5.fc19.src.rpm > 2 packages and 0 specfiles checked; 0 errors, 0 warnings. > > > Rpmlint (installed packages) > ---------------------------- > Cannot parse rpmlint output: > Requires > -------- > python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm (rpmlib, GLIBC > filtered): > > python(abi) = 2.7 > python-django > > Provides > -------- > python-django-admin-honeypot-0.2.3-5.fc19.noarch.rpm: > > django-admin-honeypot = 0.2.3-5.fc19 > python-django-admin-honeypot = 0.2.3-5.fc19 > > MD5-sum check > ------------- > http://pypi.python.org/packages/source/d/django-admin-honeypot/django-admin- > honeypot-0.2.3.tar.gz : > CHECKSUM(SHA256) this package : > 9cd9a77e8804815fc1775e88230ab6f0da22afbb338d1bc3e71c717b96e76372 > CHECKSUM(SHA256) upstream package : > 9cd9a77e8804815fc1775e88230ab6f0da22afbb338d1bc3e71c717b96e76372 > > > > Package APPROVED Hi Matthias I fedpkg update in cvs for bohdi Creating a new update for python-django-admin-honeypot-0.2.3-5.fc19 python-django-admin-honeypot-0.2.3-5.fc19 not tagged as an update candidate why?, i don't understand Regards
> > Hi Matthias > I fedpkg update in cvs for bohdi > > Creating a new update for python-django-admin-honeypot-0.2.3-5.fc19 > python-django-admin-honeypot-0.2.3-5.fc19 not tagged as an update candidate > > why?, i don't understand > Regards Eduardo, f19 is currently our development version, so currently f19 == devel == rawhide. To get a package into that, it's just sufficient to build it, no need to fedpkg update. If you want your package also get included in f18, you'll need to file a package change request according to this: https://fedoraproject.org/wiki/Package_SCM_admin_requests#Package_Change_Requests_for_existing_packages (just request f18 branch) It is also possible, to conditionalize the test, so that the check is just executed at certain fedora versions. Matthias
Package Change Request ====================== Package Name: python-django-admin-honeypot New Branches: f18 Owners: echevemaster
python-django-admin-honeypot-0.2.4-1.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/python-django-admin-honeypot-0.2.4-1.fc18
python-django-admin-honeypot-0.2.4-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.