Re: [aur-general] PKGBUILDs for monkeysphere feedback
On Wed, 22 Jun 2016 12:12:00 +0200 Baptiste Jonglez wrote: > - as you have apparently figured out, installing in /usr/sbin/ is not > recommended [3], but I don't think it's worth patching the source [4]. > /usr/sbin is a symbolic link to /usr/bin anyway. This isn't entirely correct. Pacman will no longer parse symlinks, so the patch is necessary or the package won't install. I would use sed instead of a patch, but that's more of a personal preference. pgpbIDX5T1zj3.pgp Description: OpenPGP digital signature
Re: [aur-general] PKGBUILDs for monkeysphere feedback
On Wed, 22 Jun 2016 11:30:57 +0200 Valo wrote: > Hello everybody, > > As gnupg 2.1.13 is now available in core I'd like to update monkeysphere > to 0.38, here are the PKGBUILDs for monkeysphere[2] and for > agent-transfer[1], a new monkeysphere checkdependency. > > Agent-transfer is included in the monkeysphere source code but it's a > checkdependency and so I choose to create a separate package for it, is > it correct? How can I make it better? > > Namcap will complain about monkeysphere dependencies as it thinks they > are not needed but they actually are > > Thanks > > sValo > > [1] https://git.eigenlab.org/svalo/agent-transfer/blob/0.38/PKGBUILD > > [2] https://git.eigenlab.org/svalo/monkeysphere/blob/0.38/PKGBUILD > > In addition to everything else mentioned, you should never be running chown in the install scripts. If the files/dirs need to be owned by a specific user/group, you should do that in the package function. You can't really use $pkgdir in the build function. Please, for the sake of readability, be consistent with how you use variables. Either use braces or don't. pgpbppeftWaiM.pgp Description: OpenPGP digital signature
Re: [aur-general] PKGBUILDs for monkeysphere feedback
For creating users, there is now sysusers.d which makes system user creation a bit more standardised, take a look here: https://www.freedesktop.org/software/systemd/man/sysusers.d.html Regards, Justin
Re: [aur-general] PKGBUILDs for monkeysphere feedback
Hi Baptiste,
Il 22/06/2016 12:12, Baptiste Jonglez ha scritto:
> That is, can it be used and be useful without monkeysphere? If so, it
> could make sense to provide it as a separate package,
As for package description: "|Copy a secret key from GnuPG's gpg-agent
to OpenSSH's ssh-agent|"
It *can* be used outsite of monkeysphere but I don't know if it *will* :)
> but I think you
> should implement it as a split package then (since both monkeysphere and
> agent-transfer "build" from the same source).
I thought about it but I wasn't able to understand from the wiki how I
should proceed aside from the array of package names, can you point me
to a good PKGBUILD I cant learn from?
>
> Of course, to avoid over-engineering, you could just have a single package
> bundling both monkeysphere and agent-transfer. Judging from [2], this is
> what is intended by upstream.
Yup, I thought it as well but couldn't figure out how to resolve the
checkdependency on agent-transfer of monkeysphere without packaging it
on it's own. As the software is about security I feel like running the
tests upstream provide is very important and during the tests
agent-transfer is called, without it tests will not succeed.
> Also, some minor nitpicks:
>
> - you have a small typo in agent-transfer ("makedepens")
>
> - the "gcc" makedepends is not needed, because it is in base-devel [1]
Right, removed :)
> - as you have apparently figured out, installing in /usr/sbin/ is not
> recommended [3], but I don't think it's worth patching the source [4].
> /usr/sbin is a symbolic link to /usr/bin anyway.
Ok, it was so when I adopted the package and kept it, if it's compliant
with the standards then I'll remove it happily
> - I'm not sure about the convention for adding users/groups [5]. Looking
> at a few packages [6,7,8], it seems that UID and GID are hard-coded, but I
> don't know if there is a registry. At the very least, you should create
> a system user (-r option to useradd), because otherwise the UID will
> fall into the user range 1000+.
Great! I'll add the -r option as I don't feel like hardcoding a UID and GID.
> Thanks for maintaining the package!
Thanks for the feedback!
sValo
signature.asc
Description: OpenPGP digital signature
Re: [aur-general] PKGBUILDs for monkeysphere feedback
Hi Valo,
On Wed, Jun 22, 2016 at 11:30:57AM +0200, Valo wrote:
> As gnupg 2.1.13 is now available in core I'd like to update monkeysphere
> to 0.38, here are the PKGBUILDs for monkeysphere[2] and for
> agent-transfer[1], a new monkeysphere checkdependency.
>
> Agent-transfer is included in the monkeysphere source code but it's a
> checkdependency and so I choose to create a separate package for it, is
> it correct? How can I make it better?
Do you think that agent-transfer is a useful package in its own right?
That is, can it be used and be useful without monkeysphere? If so, it
could make sense to provide it as a separate package, but I think you
should implement it as a split package then (since both monkeysphere and
agent-transfer "build" from the same source).
Of course, to avoid over-engineering, you could just have a single package
bundling both monkeysphere and agent-transfer. Judging from [2], this is
what is intended by upstream.
Also, some minor nitpicks:
- you have a small typo in agent-transfer ("makedepens")
- the "gcc" makedepends is not needed, because it is in base-devel [1]
- as you have apparently figured out, installing in /usr/sbin/ is not
recommended [3], but I don't think it's worth patching the source [4].
/usr/sbin is a symbolic link to /usr/bin anyway.
- I'm not sure about the convention for adding users/groups [5]. Looking
at a few packages [6,7,8], it seems that UID and GID are hard-coded, but I
don't know if there is a registry. At the very least, you should create
a system user (-r option to useradd), because otherwise the UID will
fall into the user range 1000+.
Thanks for maintaining the package!
Baptiste
[1] https://wiki.archlinux.org/index.php/PKGBUILD#makedepends
[2] https://git.eigenlab.org/svalo/monkeysphere/blob/0.38/exclude-agent.patch
[3] https://wiki.archlinux.org/index.php/Arch_packaging_standards#Directories
[4] https://git.eigenlab.org/svalo/monkeysphere/blob/0.38/binmerge.patch
[5] https://git.eigenlab.org/svalo/monkeysphere/blob/0.38/monkeysphere.install
[6]
https://git.archlinux.org/svntogit/packages.git/tree/trunk/ntp.install?h=packages/ntp
[7]
https://git.archlinux.org/svntogit/community.git/tree/trunk/tor.install?h=packages/tor
[8]
https://git.archlinux.org/svntogit/packages.git/tree/trunk/install?h=packages/mpd
signature.asc
Description: PGP signature
[aur-general] PKGBUILDs for monkeysphere feedback
Hello everybody, As gnupg 2.1.13 is now available in core I'd like to update monkeysphere to 0.38, here are the PKGBUILDs for monkeysphere[2] and for agent-transfer[1], a new monkeysphere checkdependency. Agent-transfer is included in the monkeysphere source code but it's a checkdependency and so I choose to create a separate package for it, is it correct? How can I make it better? Namcap will complain about monkeysphere dependencies as it thinks they are not needed but they actually are Thanks sValo [1] https://git.eigenlab.org/svalo/agent-transfer/blob/0.38/PKGBUILD [2] https://git.eigenlab.org/svalo/monkeysphere/blob/0.38/PKGBUILD signature.asc Description: OpenPGP digital signature
[aur-general] Signoff report for [community-testing]
=== Signoff report for [community-testing] === https://www.archlinux.org/packages/signoffs/ There are currently: * 0 new packages in last 24 hours * 0 known bad packages * 0 packages not accepting signoffs * 0 fully signed off packages * 13 packages missing signoffs * 5 packages older than 14 days (Note: the word 'package' as used here refers to packages as grouped by pkgbase, architecture, and repository; e.g., one PKGBUILD produces one package per architecture, even if it is a split package.) == Incomplete signoffs for [community] (13 total) == * avr-libc-2.0.0-2 (any) 0/2 signoffs * salt-2016.3.1-1 (any) 0/2 signoffs * avr-gcc-6.1.1-1 (i686) 0/1 signoffs * avr-gdb-7.11.1-1 (i686) 0/1 signoffs * calibre-2.59.0-2 (i686) 0/1 signoffs * fcitx-qt5-1.0.5-4 (i686) 0/1 signoffs * qtav-1.11.0-1 (i686) 0/1 signoffs * avr-gcc-6.1.1-1 (x86_64) 0/2 signoffs * avr-gdb-7.11.1-1 (x86_64) 0/2 signoffs * calibre-2.59.0-2 (x86_64) 0/2 signoffs * docker-1:1.11.2-2 (x86_64) 0/2 signoffs * fcitx-qt5-1.0.5-4 (x86_64) 0/2 signoffs * qtav-1.11.0-1 (x86_64) 0/2 signoffs == All packages in [community-testing] for more than 14 days (5 total) == * avr-gcc-6.1.1-1 (i686), since 2016-05-09 * avr-gcc-6.1.1-1 (x86_64), since 2016-05-09 * avr-libc-2.0.0-2 (any), since 2016-05-10 * avr-gdb-7.11.1-1 (i686), since 2016-06-01 * avr-gdb-7.11.1-1 (x86_64), since 2016-06-01 == Top five in signoffs in last 24 hours == 1. bisson - 5 signoffs
