https://bugzilla.redhat.com/show_bug.cgi?id=2269411 --- Comment #61 from Fabio Valentini <decathorpe@xxxxxxxxx> --- Ok, final review: > Source1: https://dmellado.fedorapeople.org/bpfman/bpfman-%{version}-vendor.tar.xz This isn't really good. It's unclear how you created this tarball. You don't need to have it available for download at a URL, but you need to provide steps to reproduce its contents (either in the spec file as a comment, or in a separate script). > %autosetup -n bpfman-%{version} -p1 -a1 > # Source1 is vendored dependencies > tar -xf %{SOURCE1} -C vendor/ This is redundant? The -a1 flag for %autosetup in the first line should cause exactly the same thing to happen as the manual "tar" command in the third line. > %{_sbindir}/bpfman > %{_sbindir}/bpfman-ns > %{_sbindir}/bpfman-rpc Do these three really need to live in /usr/sbin? There's an ongoing (though incomplete) effort to merge contents of /usr/sbin to /usr/bin: https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin ================================================================================ There's also still the question of which licenses actually apply to bpfman itself. The project contains license files for Apache-2.0, BSD-2-Clause, and GPL-2.0. I just noticed that the .licenserc.yaml file seems to contain a breakdown of which files are covered by which license - These three files are listed as being GPL-2.0-only: - bpf/xdp_dispatcher_v1.bpf.c - bpf/xdp_dispatcher_v2.bpf.c - examples/go-xdp-counter/bpf/xdp_counter.c These three files are listed as being GPL-2.0-only OR BSD-2-Clause: - bpf/tc_dispatcher.bpf.c - examples/**/bpf/*.c - tests/**/*.bpf.c If any of these files contribute to the contents of the built package, then the license of these files needs to be manually taken into account (i.e. added to the list that's `%shrink`d into the License tag), and documented with a comment in the spec file. ================================================================================ Other than these things, the package looks good to me. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2269411 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202269411%23c61 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
