[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 Ankur Sinha (FranciscoD) changed: What|Removed |Added Blocks||1013488 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UTfsqOuWDU&a=cc_unsubscribe ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 Dridi Boukelmoune changed: What|Removed |Added Assignee|nob...@fedoraproject.org|dridi.boukelmo...@gmail.com Flags||fedora-review? -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #1 from Dridi Boukelmoune --- Everything seems OK to fedora-review. I'm starting a manual review, at first glance it doesn't seem OK to me. -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485
--- Comment #2 from Dridi Boukelmoune ---
Package Review
==
Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed
Issues:
===
- Permissions on files are set properly.
Note: See rpmlint output
See: http://fedoraproject.org/wiki/Packaging/Guidelines#FilePermissions
- Package contains BR: python2-devel or python3-devel
- Package do not use a name that already exist
Note: A package already exist with this name, please check
https://admin.fedoraproject.org/pkgdb/acls/name/mod_scgi
See:
https://fedoraproject.org/wiki/Packaging/NamingGuidelines#Conflicting_Package_Names
- Package is licensed with MIT, and CNRI for the code it forked
- Long running packages must be hardened (_hardened_build)
- Package has a %clean section with rm -rf $RPM_BUILD_ROOT
- Package contains a bundled passfd
The upstream name is actually scgi, the package should maybe be named scgi
and build sub-packages python-passfd and mod_scgi.
- Does it really run with the specific version of httpd it was built against ?
Requires: httpd-mmn = %(cat %{_includedir}/httpd/.mmn || echo missing)
- Spec uses unversionned __python macro
- Missing .py and .pyo for quixote_handler and scgi_server
- Patches don't link to upstream bugs/comments/lists and are not justified.
- Spec uses %define instead of %global
= MUST items =
C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Development (unversioned) .so files in -devel subpackage, if present.
Note: Unversioned so-files in private %_libdir subdirectory (see
attachment). Verify they are not in ld path.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.
Generic:
[x]: Package is licensed with an open-source compatible license and meets
other legal requirements as defined in the legal section of Packaging
Guidelines.
[!]: License field in the package spec file matches the actual license.
Note: Checking patched sources after %prep for licenses. Licenses found:
"Unknown or generated". 9 files have unknown license. Detailed output of
licensecheck in
/home/dridi/fedora/_reviews/1013485-mod_scgi/licensecheck.txt
[!]: %build honors applicable compiler flags or justifies otherwise.
[!]: Package contains no bundled libraries without FPC exception.
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory names).
[x]: Package is named according to the Package Naming Guidelines.
[?]: Package does not generate any conflict.
[?]: Package obeys FHS, except libexecdir and /usr/target.
[?]: If the package is a rename of another package, proper Obsoletes and
Provides are present.
[?]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[-]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[x]: Package is not known to require an ExcludeArch tag.
[?]: Large documentation must go in a -doc subpackage. Large could be size
(~1MB) or number of files.
Note: Documentation size is 51200 bytes in 8 files.
[!]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least one
supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s)
for the package is included in %doc.
[x]: Package requires other packages for directories it uses.
[x]: Package must own all directories that it creates.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any that
are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
beginning of %install.
[x]: %config files are marked noreplace or the reason is justified.
[x]: Each %files section contains %defattr if rpm < 4.4
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Package does not contain duplicates in %files.
[-]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't
work.
[x]: Package is named using only allowed ASCII characters.
[x]: No %config files under /usr.
[x]: Package is not relocatable.
[x]: Sources used to build the packa
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #3 from Dridi Boukelmoune --- I've also just noticed that quixote_handler and scgi_server are in both bindir and python_sitearch. -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 Ankur Sinha (FranciscoD) changed: What|Removed |Added Status|NEW |ASSIGNED -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485
--- Comment #4 from Ankur Sinha (FranciscoD) ---
(In reply to Dridi Boukelmoune from comment #2)
> Package Review
> ==
>
> Legend:
> [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
> [ ] = Manual review needed
>
>
> Issues:
> ===
> - Permissions on files are set properly.
> Note: See rpmlint output
> See: http://fedoraproject.org/wiki/Packaging/Guidelines#FilePermissions
> - Package contains BR: python2-devel or python3-devel
> - Package do not use a name that already exist
> Note: A package already exist with this name, please check
> https://admin.fedoraproject.org/pkgdb/acls/name/mod_scgi
> See:
>
> https://fedoraproject.org/wiki/Packaging/
> NamingGuidelines#Conflicting_Package_Names
This is only a re-review. Package name is the same.
>
>
> - Package is licensed with MIT, and CNRI for the code it forked
License corrected.
> - Long running packages must be hardened (_hardened_build)
> - Package has a %clean section with rm -rf $RPM_BUILD_ROOT
> - Package contains a bundled passfd
Removed bundled passfd and removed unrequired bits from the spec.
> The upstream name is actually scgi, the package should maybe be named scgi
> and build sub-packages python-passfd and mod_scgi.
> - Does it really run with the specific version of httpd it was built against
> ?
> Requires: httpd-mmn = %(cat %{_includedir}/httpd/.mmn || echo missing)
It's there from the original spec, so I think yes.
> - Spec uses unversionned __python macro
> - Missing .py and .pyo for quixote_handler and scgi_server
> - Patches don't link to upstream bugs/comments/lists and are not justified.
> - Spec uses %define instead of %global
Updated spec to correct this.
>
> = MUST items =
>
> C/C++:
> [x]: Package does not contain kernel modules.
> [x]: Package contains no static executables.
> [x]: Development (unversioned) .so files in -devel subpackage, if present.
> Note: Unversioned so-files in private %_libdir subdirectory (see
> attachment). Verify they are not in ld path.
> [x]: Package does not contain any libtool archives (.la)
> [x]: Rpath absent or only used for internal libs.
>
> Generic:
> [x]: Package is licensed with an open-source compatible license and meets
> other legal requirements as defined in the legal section of Packaging
> Guidelines.
> [!]: License field in the package spec file matches the actual license.
> Note: Checking patched sources after %prep for licenses. Licenses found:
> "Unknown or generated". 9 files have unknown license. Detailed output of
> licensecheck in
> /home/dridi/fedora/_reviews/1013485-mod_scgi/licensecheck.txt
> [!]: %build honors applicable compiler flags or justifies otherwise.
> [!]: Package contains no bundled libraries without FPC exception.
> [x]: Changelog in prescribed format.
> [x]: Sources contain only permissible code or content.
> [-]: Package contains desktop file if it is a GUI application.
> [-]: Development files must be in a -devel package
> [x]: Package uses nothing in %doc for runtime.
> [x]: Package consistently uses macros (instead of hard-coded directory
> names).
> [x]: Package is named according to the Package Naming Guidelines.
> [?]: Package does not generate any conflict.
> [?]: Package obeys FHS, except libexecdir and /usr/target.
> [?]: If the package is a rename of another package, proper Obsoletes and
> Provides are present.
> [?]: Requires correct, justified where necessary.
> [x]: Spec file is legible and written in American English.
> [-]: Package contains systemd file(s) if in need.
> [x]: Useful -debuginfo package or justification otherwise.
> [x]: Package is not known to require an ExcludeArch tag.
> [?]: Large documentation must go in a -doc subpackage. Large could be size
> (~1MB) or number of files.
> Note: Documentation size is 51200 bytes in 8 files.
> [!]: Package complies to the Packaging Guidelines
> [x]: Package successfully compiles and builds into binary rpms on at least
> one
> supported primary architecture.
> [x]: Package installs properly.
> [x]: Rpmlint is run on all rpms the build produces.
> Note: There are rpmlint messages (see attachment).
> [x]: If (and only if) the source package includes the text of the license(s)
> in its own file, then that file, containing the text of the license(s)
> for the package is included in %doc.
> [x]: Package requires other packages for directories it uses.
> [x]: Package must own all directories that it creates.
> [x]: Package does not own files or directories owned by other packages.
> [x]: All build dependencies are listed in BuildRequires, except for any that
> are listed in the exceptions section of Packaging Guidelines.
> [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
> [!]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
> beginning of %install.
> [x]: %conf
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #5 from Dridi Boukelmoune --- You've removed the bundled passfd, but I don't see any alternative. The package should require something that would provide passfd. Since I don't find any, this spec should build both the mod_scgi and python-passfd package, shouldn't it ? OTOH, /usr/lib64/python2.7/site-packages/scgi/scgi_server.py does ``` from scgi import passfd ``` Is it really bundled then, other packages seem to do the same thing ? Sorry about that, the rest of the package looks good (still needs a closer look). -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #6 from Ankur Sinha (FranciscoD) --- (In reply to Dridi Boukelmoune from comment #5) > You've removed the bundled passfd, but I don't see any alternative. The > package should require something that would provide passfd. Since I don't > find any, this spec should build both the mod_scgi and python-passfd > package, shouldn't it ? > > OTOH, /usr/lib64/python2.7/site-packages/scgi/scgi_server.py does > ``` > from scgi import passfd > ``` > > Is it really bundled then, other packages seem to do the same thing ? Sorry > about that, the rest of the package looks good (still needs a closer look). I looked this up. I found a python-passfd[1], but it's quite different from the implementation provided in scgi. I'd say that scgi is using a specific implementation of passfd(pass file descriptor), and this should be included as an internal library, not one that other applications are supposed to use. I think I should build it, include it in the same package (since we don't want yum finding a python-passfd package), but filter it from requires, since it's only to be used by the python scripts in this package. Does that sound OK Dridi? Thanks, Ankur -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #7 from Ankur Sinha (FranciscoD) --- http://code.google.com/p/python-passfd/ -> A python-passfd module. -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #8 from Dridi Boukelmoune --- (In reply to Ankur Sinha (FranciscoD) from comment #7) > http://code.google.com/p/python-passfd/ -> A python-passfd module. Yes! This is the project I found, that's why I thought it was a bundled library. Please submit a new spec and srpm with passfd, and I'll finish the review. -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
[Bug 1013485] Re-Review Request: mod_scgi - Python implementation of the SCGI protocol
https://bugzilla.redhat.com/show_bug.cgi?id=1013485 --- Comment #9 from Ankur Sinha (FranciscoD) --- (In reply to Dridi Boukelmoune from comment #8) > (In reply to Ankur Sinha (FranciscoD) from comment #7) > > http://code.google.com/p/python-passfd/ -> A python-passfd module. > > Yes! This is the project I found, that's why I thought it was a bundled > library. > > Please submit a new spec and srpm with passfd, and I'll finish the review. Hi Dridi, New spec/srpm: http://ankursinha.fedorapeople.org/mod_scgi/mod_scgi.spec http://ankursinha.fedorapeople.org/mod_scgi/mod_scgi-1.14-1.fc20.src.rpm * Tue Oct 22 2013 Ankur Sinha 1.14-1 - Filter passfd since it's only to be used by the handlers this package provides - Follow debian packaging and break into two separate packages - http://packages.debian.org/sid/python-scgi - http://packages.debian.org/sid/alpha/libapache2-mod-scgi - Updated as per https://bugzilla.redhat.com/show_bug.cgi?id=1013485#c8 As the changelog says, I've split out the python part which isn't required by httpd. It's a python implementation of SCGI, and should live in a separate package as Debian keeps it. rpmlint output: [asinha@ankur-laptop SRPMS]$ rpmlint /var/lib/mock/fedora-rawhide-x86_64/result/*.rpm ../SPECS/mod_scgi.spec ./mod_scgi-1.14-1.fc20.src.rpm cat: /usr/include/httpd/.mmn: No such file or directory python-scgi.x86_64: E: non-standard-executable-perm /usr/lib64/python2.7/site-packages/scgi/passfd.so 0775L ^^ I've checked and shared objects in /usr/lib64/python2.7/site-packages have a 0755 permission, so this should be OK. cat: /usr/include/httpd/.mmn: No such file or directory cat: /usr/include/httpd/.mmn: No such file or directory 5 packages and 1 specfiles checked; 1 errors, 0 warnings. python-scgi also does not provide passfd since it's an internally used python module specific to the package. [asinha@ankur-laptop SRPMS]$ rpm -qp --provides /var/lib/mock/fedora-rawhide-x86_64/result/python-scgi-1.14-1.fc21.x86_64.rpm python-scgi = 1.14-1.fc21 python-scgi(x86-64) = 1.14-1.fc21 Thanks, Warm regards, Ankur -- You are receiving this mail because: You are on the CC list for the bug. ___ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
