FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Development

 
 
LinkBack Thread Tools
 
Old 12-10-2010, 04:00 PM
Toshio Kuratomi
 
Default Changes to the Packaging Guidelines

On Fri, Dec 10, 2010 at 08:40:23PM +0900, Mamoru Tasaka wrote:
> Thomas Moschny wrote, at 12/10/2010 08:19 PM +9:00:
> > That seems by far the cleanest solution to me. Especially
> > development-oriented packages often contain example directories;
> > removing x-bits there only puts extra-burden on someone trying to play
> > with the examples.
>
> Indeed some examples/ directory contains some executable scripts
> which are useful to understand what the package can do.
> I think "%doc files must not have executable permissions" must be
> reverted.
>
To my mind, if you have examples that you want to be runnable by the user
and you want them to not have to perform chmod 0755 to achieve that, you'd
also want rpm to ensure that the dependencies for those examples are
installed.

Alternately, the user can be expected to chmod the scripts and install the
necessary deps themselves.

So either this guideline is fine or the idea that examples shouldn't drag in
new deps is where the flaw lies.

-Toshio
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 04:18 PM
Ralf Corsepius
 
Default Changes to the Packaging Guidelines

On 12/10/2010 06:00 PM, Toshio Kuratomi wrote:
> On Fri, Dec 10, 2010 at 08:40:23PM +0900, Mamoru Tasaka wrote:
>> Thomas Moschny wrote, at 12/10/2010 08:19 PM +9:00:
>>> That seems by far the cleanest solution to me. Especially
>>> development-oriented packages often contain example directories;
>>> removing x-bits there only puts extra-burden on someone trying to play
>>> with the examples.
>>
>> Indeed some examples/ directory contains some executable scripts
>> which are useful to understand what the package can do.
>> I think "%doc files must not have executable permissions" must be
>> reverted.
>>
> To my mind, if you have examples that you want to be runnable by the user
> and you want them to not have to perform chmod 0755 to achieve that, you'd
> also want rpm to ensure that the dependencies for those examples are
> installed.

In my mind, examples are descriptions, outlines, demonstrations of
working principles. As such they don't have to be functional, but should
also carry "reasonable" permissions.

> So either this guideline is fine or the idea that examples shouldn't drag in
> new deps is where the flaw lies.
Neither. Simply ignore all files below %docdir or if you really insist
on it, all %doc'ed files, dependency-wise.

In other words, In my view, the cause of all this is rpmbuild taking
%doc into account for dependency tracking.

Ralf



--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 04:21 PM
Panu Matilainen
 
Default Changes to the Packaging Guidelines

On Fri, 10 Dec 2010, Toshio Kuratomi wrote:

> On Fri, Dec 10, 2010 at 08:40:23PM +0900, Mamoru Tasaka wrote:
>> Thomas Moschny wrote, at 12/10/2010 08:19 PM +9:00:
>>> That seems by far the cleanest solution to me. Especially
>>> development-oriented packages often contain example directories;
>>> removing x-bits there only puts extra-burden on someone trying to play
>>> with the examples.
>>
>> Indeed some examples/ directory contains some executable scripts
>> which are useful to understand what the package can do.
>> I think "%doc files must not have executable permissions" must be
>> reverted.
>>
> To my mind, if you have examples that you want to be runnable by the user
> and you want them to not have to perform chmod 0755 to achieve that, you'd
> also want rpm to ensure that the dependencies for those examples are
> installed.
>
> Alternately, the user can be expected to chmod the scripts and install the
> necessary deps themselves.
>
> So either this guideline is fine or the idea that examples shouldn't drag in
> new deps is where the flaw lies.

Indeed. If the example scripts are supposed to be runnable, then
dependencies should be generated for them (whether such material should
be placed in %doc at all is another question). And if not, missing
execute-permissions serve as a clue that it's not something you can expect
to successfully run as-is.

- Panu -
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 05:15 PM
Mamoru Tasaka
 
Default Changes to the Packaging Guidelines

Toshio Kuratomi wrote, at 12/11/2010 02:00 AM +9:00:
> On Fri, Dec 10, 2010 at 08:40:23PM +0900, Mamoru Tasaka wrote:
>> Thomas Moschny wrote, at 12/10/2010 08:19 PM +9:00:
>>> That seems by far the cleanest solution to me. Especially
>>> development-oriented packages often contain example directories;
>>> removing x-bits there only puts extra-burden on someone trying to play
>>> with the examples.
>>
>> Indeed some examples/ directory contains some executable scripts
>> which are useful to understand what the package can do.
>> I think "%doc files must not have executable permissions" must be
>> reverted.
>>
> To my mind, if you have examples that you want to be runnable by the user
> and you want them to not have to perform chmod 0755 to achieve that, you'd
> also want rpm to ensure that the dependencies for those examples are
> installed.

So, when a package
- contains some example scripts
- the packager thinks that such scripts are useful and many people actually
want to execute them
- but such scripts need additional dependencies
then the packager actually may want to add additional dependencies.

So
- Loosen the guideline to "%doc files should not add "too much" additional
dependency"
- If executing %doc scripts want some "large" additional dependency, move such scripts
to somewhere else (out of /usr/share/doc, e.g. %_libdir/%name/examples),
or create subpackage like %name-examples
?
(By the way I think in most cases additional dependencies are actually
not needed)

Regards,
Mamoru

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 07:25 PM
Steve Traylen
 
Default Changes to the Packaging Guidelines

On Fri, Dec 10, 2010 at 7:15 PM, Mamoru Tasaka
<mtasaka@ioa.s.u-tokyo.ac.jp> wrote:
> Toshio Kuratomi wrote, at 12/11/2010 02:00 AM +9:00:
>> On Fri, Dec 10, 2010 at 08:40:23PM +0900, Mamoru Tasaka wrote:
>>> Thomas Moschny wrote, at 12/10/2010 08:19 PM +9:00:
>>>> That seems by far the cleanest solution to me. Especially
>>>> development-oriented packages often contain example directories;
>>>> removing x-bits there only puts extra-burden on someone trying to play
>>>> with the examples.
>>>
>>> Indeed some examples/ directory contains some executable scripts
>>> which are useful to understand what the package can do.
>>> I think "%doc files must not have executable permissions" must be
>>> reverted.
>>>
>> To my mind, if you have examples that you want to be runnable by the user
>> and you want them to not have to perform chmod 0755 to achieve that, you'd
>> also want rpm to ensure that the dependencies for those examples are
>> installed.
>
> So, when a package
> - contains some example scripts
> - the packager thinks that such scripts are useful and many people actually
> *want to execute them
> - but such scripts need additional dependencies
> then the packager actually may want to add additional dependencies.
>
> So
> - Loosen the guideline to "%doc files should not add "too much" additional
> *dependency"
> - If executing %doc scripts want some "large" additional dependency, move such scripts
> *to somewhere else (out of /usr/share/doc, e.g. %_libdir/%name/examples),
> *or create subpackage like %name-examples
> ?
> (By the way I think in most cases additional dependencies are actually
> *not needed)

/usr/share/doc contains documents for reading and part of learning may
well include
reading example scripts, leave them there for reading.

If you have a script that should actually be executable as installed
on the system
then move it to /usr/bin and if sensible put it in an -examples sub package.

You can go either further and say that /usr/share/doc must be
readable. e.g including a .tex file
is bad practise but a .pdf make sense.
Steve.



> Regards,
> Mamoru
>
> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
>



--
Steve Traylen
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 08:49 PM
Garrett Holmstrom
 
Default Changes to the Packaging Guidelines

Mamoru Tasaka wrote:
> So, when a package
> - contains some example scripts
> - the packager thinks that such scripts are useful and many people actually
> want to execute them
> - but such scripts need additional dependencies
> then the packager actually may want to add additional dependencies.

Irrespective of files' usefulness or purposes, it seems like an
incredibly bad idea for a package to Provide any files that, because
they are %doc files, may not even get installed on target systems.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-10-2010, 09:19 PM
Orcan Ogetbil
 
Default Changes to the Packaging Guidelines

On Fri, Dec 10, 2010 at 10:30 AM, Tom Callaway wrote:
> On 12/10/2010 01:03 AM, Orcan Ogetbil wrote:
>> rpmbuild can call either chmod -x on the %doc files at the end; or if
>> the problem is just the dependencies added by executable %doc files,
>> then rpmbuild can be taught to not scan the %doc files for generating
>> dependencies. If no, why not?
>
> While I'm not at all opposed to having rpmbuild set chmod -x on
> everything %doc before checking for dependencies, we decided quite a
> while ago that FPC was in the business of working with the RPM we have,
> rather than waiting for RPM to fix itself.
>

If this decision is final, could you folks add an rpmlint check that
spits a warning for executable %doc files? Doing this check manually
might become cumbersome.

Thanks,
Orcan
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-11-2010, 10:59 PM
"Pavel Alexeev (aka Pahan-Hubbitus)"
 
Default Changes to the Packaging Guidelines

09.12.2010 17:46, Tom Callaway wrote:

Here are the latest set of changes to the Fedora Packaging Guidelines:

---
---
Some clarification has been added to the sections dealing with bundled
libraries, specifically that:

In this RPM packaging context, the definition of the term 'library'
includes: compiled third party source code resulting in shared or static
linkable files, interpreted third party source code such as Python, PHP
and others. At this time _javascript_ intended to be served to a web
browser is specifically exempted from this but this will likely change
in the future.

https://fedoraproject.org/wiki/Packaging:Guidelines#Duplication_of_system_librari es



_javascript_ libraries may be bundled in any way? No additional
guidelines for that?? Why?


---

The guidelines have been updated to indicate that %doc files must not
have executable permissions.

https://fedoraproject.org/wiki/Packaging:Guidelines#Documentation


"Irrelevant documentation
include build instructions, the omnipresent*INSTALL*file
containing generic build instructions, for example, and
documentation for non-Linux systems, e.g.*README.MSDOS." sentence also
lack some verbose like "should (must?) not be included". How you
think?





--

With best wishes, Pavel Alexeev (aka Pahan-Hubbitus). For fast
contact with me use jabber: Hubbitus@jabber.ru


--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-13-2010, 03:13 PM
Toshio Kuratomi
 
Default Changes to the Packaging Guidelines

On Sun, Dec 12, 2010 at 02:59:18AM +0300, Pavel Alexeev (aka Pahan-Hubbitus) wrote:
> 09.12.2010 17:46, Tom Callaway wrote:
>
> Here are the latest set of changes to the Fedora Packaging Guidelines:
>
> ---
> ---
> Some clarification has been added to the sections dealing with bundled
> libraries, specifically that:
>
> In this RPM packaging context, the definition of the term 'library'
> includes: compiled third party source code resulting in shared or static
> linkable files, interpreted third party source code such as Python, PHP
> and others. At this time JavaScript intended to be served to a web
> browser is specifically exempted from this but this will likely change
> in the future.
>
> https://fedoraproject.org/wiki/Packaging:Guidelines#Duplication_of_system_librari es
>
>
> JavaScript libraries may be bundled in any way? No additional guidelines for
> that?? Why?
>
ATM they are not because not everyone is convinced that JavaScript has
security issues (Some people see JavaScript as data served by a web server
rather than code). The code is executed on the client rather than the
server so the security concerns are different but the JavaScript Packaging
draft lays out the case for JavaScript libraries having similar concerns
despite that::
https://fedoraproject.org/wiki/JavaScript_libraries_packaging_guideline_draft

Additionally, there is a lot of work involved in unbundling JavaScript
because I anticipate zero upstreams currently having build scripts that
anticipate being able to use unbundled JavaScript. So when we mandate this,
we want to be ready with working recipes for how to unbundle.

We would be very happy to have someone work on the JavaScript Guidelines and
try to get them into shape for the FPC to cote on them. I've invited many
people to work on that but no one has taken me up on that so far.

Also note, the new wording in duplication of System Libraries makes clear
that JavaScript that is being used on the local system is not allowed to be
bundled (For instance, server-side JavaScript and bindings to libraries)
whereas previous versions left that ambiguous.

-Toshio
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 
Old 12-15-2010, 07:25 PM
Ville Skyttä
 
Default Changes to the Packaging Guidelines

On Saturday 11 December 2010, Orcan Ogetbil wrote:

> could you folks add an rpmlint check that
> spits a warning for executable %doc files?

rpmlint already does and has done for a long time even better than that: it
not only issues exactly those warnings (spurious-executable-perm), but it also
emits additional warnings for files marked as documentation that add
dependencies to a package (doc-file-dependency). I intend to further improve
that upstream by omitting the spurious-executable-perm warning for files that
look like ones that do benefit from being executable.

The fact that rpmlint's unit of work is a single package means that it doesn't
know about the package's dependency chain which results in some false
positives being reported (the most common of which, /bin/sh, is already
filtered out in the Fedora rpmlint config), but that's not a big deal and
these can usually easily be checked and verified as false positives by
packagers.

In my opinion the guideline should be something like this instead of blindly
banning executable %doc files:

"Files marked as documentation must not cause additional dependencies that
aren't satisfied by the package itself or its dependency chain as it would be
if none of its files marked as documentation were included in the package."

By the way, just banning executable %doc files covers only part of the intent
(assuming I understand the intent correctly). For example, install a *.pm
Perl module as %doc (executable or not) and you'll get the autodetected
dependencies for it in the package. The above suggested alternative guideline
would cover those cases as well as the executable doc case where they matter.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
 

Thread Tools




All times are GMT. The time now is 01:55 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org