https://bugzilla.redhat.com/show_bug.cgi?id=1860688 --- Comment #2 from Paul Townsend <p@xxxxxxxxx> --- Thank you for the review Andy. Comments inline. (In reply to Andy Mender from comment #1) > Really nice job with the SPEC file! It looks super clean! > > If you need a sponsor, your report should block the FE-NEEDSPONSOR bug > report: https://bugzilla.redhat.com/show_bug.cgi?id=FE-NEEDSPONSOR > That way it will be properly tracked and can be picked up by prospective > sponsors :) Thank you - I have done this :) > > > - Changed Source0 to use .xz file instead of .gz > > I think either is fine. > > > License: BSD > > `licensecheck` reports the following: > epic5-2.1.2/contrib/ircman.c: *No copyright* GNU General Public License > > There is a comment header in that file which indicates that it is indeed GPL > licensed. I would change the "License:" block to: > License: BSD and GPL > and add a comment above "License:" to indicate this file is GPL licensed. Done. > > BuildRequires: gcc > > BuildRequires: gdbm-devel > > BuildRequires: ncurses-devel > > BuildRequires: openssl-devel > > The -devel packages can be represented as "pkgconfig(foo)", for instance > "pkgconfig(gdbm)" instead of "gdbm-devel". If building fails for any of > these, you can safely use the "package-devel" format. Okay - ncurses and openssl worked with pkgconfig() but gdbm didn't so I have left that as -devel. > > %install > > %make_install > > Pass the "-p" flag to %make_install to preserve timestamps. Done. > Full review below: > Package Review > ============== > > Legend: > [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated > [ ] = Manual review needed > > > Issues: > ======= > - Package installs properly. > Note: Installation errors (see attachment) > See: https://docs.fedoraproject.org/en-US/packaging-guidelines/ > - Package does not use a name that already exists. > Note: A package with this name already exists. Please check > https://src.fedoraproject.org/rpms/epic5 > See: https://docs.fedoraproject.org/en-US/packaging- > guidelines/Naming/#_conflicting_package_names > - Large documentation must go in a -doc subpackage. Large could be size > (~1MB) or number of files. > Note: Documentation size is 2826240 bytes in 216 files. > See: https://docs.fedoraproject.org/en-US/packaging- > guidelines/#_documentation > Review: Please, put the docs dir into a separate -doc package. I'm not sure where that documentation size has come from: [p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share/doc/epic5] % du -sh . 516K . [p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share/doc/epic5] % ls -R | wc -l 37 > > > ===== MUST items ===== > > C/C++: > [x]: Package does not contain kernel modules. > [x]: Package contains no static executables. > [x]: If your application is a C or C++ application you must list a > BuildRequires against gcc, gcc-c++ or clang. > [x]: Package does not contain any libtool archives (.la) > [x]: Rpath absent or only used for internal libs. > > Generic: > [x]: Package successfully compiles and builds into binary rpms on at least > one supported primary architecture. > Note: Using prebuilt packages > [x]: Package is licensed with an open-source compatible license and meets > other legal requirements as defined in the legal section of Packaging > Guidelines. > [x]: If (and only if) the source package includes the text of the > license(s) in its own file, then that file, containing the text of the > license(s) for the package is included in %license. > [!]: License field in the package spec file matches the actual license. > Note: Checking patched sources after %prep for licenses. Licenses > found: "Unknown or generated", "BSD 3-clause "New" or "Revised" > License", "*No copyright* GNU General Public License", "*No copyright* > Public domain", "Expat License", "BSD 4-clause "Original" or "Old" > License". 275 files have unknown license. Detailed output of > licensecheck in > /home/amender/rpmbuild/SPECS/epic5/epic5/licensecheck.txt > [x]: %build honors applicable compiler flags or justifies otherwise. > [x]: Package contains no bundled libraries without FPC exception. > [x]: Changelog in prescribed format. > [x]: Sources contain only permissible code or content. > [-]: Package contains desktop file if it is a GUI application. > [-]: Development files must be in a -devel package > [?]: Package uses nothing in %doc for runtime. > [x]: Package consistently uses macros (instead of hard-coded directory > names). > [x]: Package is named according to the Package Naming Guidelines. > [x]: Package does not generate any conflict. > [x]: Package obeys FHS, except libexecdir and /usr/target. > [-]: If the package is a rename of another package, proper Obsoletes and > Provides are present. > [x]: Requires correct, justified where necessary. > [x]: Spec file is legible and written in American English. > [-]: Package contains systemd file(s) if in need. > [x]: Package is not known to require an ExcludeArch tag. > [x]: Package complies to the Packaging Guidelines > [x]: Rpmlint is run on all rpms the build produces. > Note: There are rpmlint messages (see attachment). > [x]: Package requires other packages for directories it uses. > [x]: Package must own all directories that it creates. > [x]: Package does not own files or directories owned by other packages. > [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT > [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the > beginning of %install. > [x]: Macros in Summary, %description expandable at SRPM build time. > [x]: Dist tag is present. > [x]: Package does not contain duplicates in %files. > [x]: Permissions on files are set properly. > [x]: Package must not depend on deprecated() packages. > [x]: Package use %makeinstall only when make install DESTDIR=... doesn't > work. > [x]: Package is named using only allowed ASCII characters. > [x]: Package is not relocatable. > [x]: Sources used to build the package match the upstream source, as > provided in the spec URL. > [x]: Spec file name must match the spec package %{name}, in the format > %{name}.spec. > [x]: File names are valid UTF-8. > [x]: Packages must not store files under /srv, /opt or /usr/local > > ===== SHOULD items ===== > > Generic: > [x]: Reviewer should test that the package builds in mock. > [x]: If the source package does not include license text(s) as a separate > file from upstream, the packager SHOULD query upstream to include it. > [x]: Final provides and requires are sane (see attachments). > [?]: Package functions as described. > [x]: Latest version is packaged. > [x]: Package does not include license text files separate from upstream. > [x]: Sources are verified with gpgverify first in %prep if upstream > publishes signatures. > Note: gpgverify is not used. > [-]: Description and summary sections in the package spec file contains > translations for supported Non-English languages, if available. > [x]: Package should compile and build into binary rpms on all supported > architectures. > [-]: %check is present and all tests pass. > [!]: Packages should try to preserve timestamps of original installed > files. > [x]: Buildroot is not present > [x]: Package has no %clean section with rm -rf %{buildroot} (or > $RPM_BUILD_ROOT) > [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. > [x]: Fully versioned dependency in subpackages if applicable. > [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file > [x]: Sources can be downloaded from URI in Source: tag > [x]: SourceX is a working URL. > [x]: Spec use %global instead of %define unless justified. > > ===== EXTRA items ===== > > Generic: > [!]: Rpmlint is run on all installed packages. > Note: Mock build failed > See: https://docs.fedoraproject.org/en-US/packaging- > guidelines/#_use_rpmlint > [ ]: Large data in /usr/share should live in a noarch subpackage if package > is arched. > Note: Arch-ed rpms have a total of 5468160 bytes in /usr/share > Review: You can probably move stuff that goes into %{_datadir}/%{name} > to a separate -data subpackage. I'm not sure whether the 5.4MB is worth > the split, though. Again, not sure where these size numbers have come from! [p@athena:~/rpmbuild/BUILDROOT/epic5-2.1.2-1.fc32.x86_64/usr/share] % du -sh . 1.1M . > > > Installation errors > ------------------- > INFO: mock.py version 2.4 starting (python version = 3.8.3)... > Start: init plugins > INFO: selinux enabled > Finish: init plugins > INFO: Signal handler active > Start: run > Start: chroot init > INFO: calling preinit hooks > INFO: enabled root cache > INFO: enabled package manager cache > Start: cleaning package manager metadata > Finish: cleaning package manager metadata > INFO: enabled HW Info plugin > Mock Version: 2.4 > INFO: Mock Version: 2.4 > Finish: chroot init > INFO: installing package(s): > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.i686.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.s390x.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.armv7hl.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.x86_64.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.aarch64.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.ppc64le.rpm > ERROR: Command failed: > # /usr/bin/dnf --installroot /var/lib/mock/fedora-rawhide-x86_64/root/ > --releasever 33 --setopt=deltarpm=False --allowerasing --disableplugin=local > --disableplugin=spacewalk install I'm not too sure why this is failing? > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.i686.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.s390x.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.armv7hl.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.x86_64.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.aarch64.rpm > /home/amender/rpmbuild/SPECS/epic5/epic5-debuginfo-2.1.2-1.fc33.ppc64le.rpm > --setopt=tsflags=nocontexts > > > > Rpmlint > ------- > Checking: epic5-2.1.2-1.fc33.src.rpm > epic5.src: W: spelling-error Summary(en_US) ircII -> IRC, cir > epic5.src: W: spelling-error %description -l en_US nhanced -> enhanced, > chanced, nuanced > epic5.src: W: spelling-error %description -l en_US rogrammable -> > programmable, programmer > epic5.src: W: spelling-error %description -l en_US lient -> lien, lint, lent > epic5.src: W: spelling-error %description -l en_US ircII -> IRC, cir > epic5.src: W: invalid-url BugURL: https://bugz.fedoraproject.org/epic5 HTTP > Error 503: Service Temporarily Unavailable > 1 packages and 0 specfiles checked; 0 errors, 6 warnings. > > Manual Rpmlint > -------------- > epic5.x86_64: W: spelling-error Summary(en_US) ircII -> IRC, cir > epic5.x86_64: W: spelling-error %description -l en_US nhanced -> enhanced, > chanced, nuanced > epic5.x86_64: W: spelling-error %description -l en_US rogrammable -> > programmable, programmer > epic5.x86_64: W: spelling-error %description -l en_US lient -> lien, lint, > lent > epic5.x86_64: W: spelling-error %description -l en_US ircII -> IRC, cir > epic5.x86_64: W: invalid-url BugURL: https://bugz.fedoraproject.org/epic5 > HTTP Error 503: Service Temporarily Unavailable > epic5.x86_64: E: missing-call-to-setgroups-before-setuid /usr/bin/epic5-2.1.2 My interpretation of the code is that setuid(getuid()); is called on a forked child PID to ensure the user running the program owns the child and exiting if it does not -- setuid() is not called in relation to dropping privileges. I can double-check this with the author if necessary. > epic5.x86_64: W: file-not-utf8 /usr/share/doc/epic5/UPDATES > epic5.x86_64: W: manual-page-warning /usr/share/man/man1/epic5.1.gz 236: > warning: macro `Tp' not defined > epic5.x86_64: W: manual-page-warning /usr/share/man/man1/epic5.1.gz 252: > warning: macro `TP' not defined > epic5.x86_64: W: no-manual-page-for-binary epic5-2.1.2 > 1 packages and 0 specfiles checked; 1 errors, 10 warnings. > > > > Source checksums > ---------------- > http://ftp.epicsol.org/pub/epic/EPIC5-PRODUCTION/epic5-2.1.2.tar.xz : > CHECKSUM(SHA256) this package : > 5e41cf00f924e79e3503dd456ecd9b1dd93ac447c2573d4fa7da03b8bd19dbad > CHECKSUM(SHA256) upstream package : > 5e41cf00f924e79e3503dd456ecd9b1dd93ac447c2573d4fa7da03b8bd19dbad > > > Requires > -------- > > > Provides > -------- Files have been updated to reflect changes: Spec URL: https://kobol.org/~p/fedora-rpms/epic5/epic5.spec SRPM URL: https://kobol.org/~p/fedora-rpms/epic5/epic5-2.1.2-1.fc32.src.rpm - Paul -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
