[Bug 245081] Review Request: libp11 - a small library for dealing with PKCS#11 tokens

Thu Jun 28 19:59:28 UTC 2007

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: libp11 - a small library for dealing with PKCS#11 tokens

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245081

------- Additional Comments From tibbs at math.uh.edu  2007-06-28 15:59 EST -------
OK, here's what rpmlint gives me:

W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1
/lib64/libssl.so.6
W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1
/lib64/libdl.so.2
W: libp11 unused-direct-shlib-dependency /usr/lib64/libp11.so.0.1.1 /lib64/libz.so.1

What this means is that libp11.so is linked against those three libraries but
doesn't actually use anything from them.  (Either that or it means rpmlint is
broken, I guess.)  I think configure is just being overzealous:
  checking for OPENSSL_LIBS... -L/usr/kerberos/lib64 -lssl -lcrypto -ldl -lz
when the package just needs -lssl.

I don't think this is a particularly big deal; probably not worth hacking the
configure script over.

Source0: should contain a full URL to the upstream source if possible.  You
probably want something like: 
   http://www.opensc-project.org/files/%{name}/%{name}-%{version}.tar.gz

You must include the COPYING file as %doc in the main package.

That's about it as far as I can see.  While you're putting up an updated
package, go ahead and apply for cvsextras access and I'll click the necessary
button.  Instructions are in
http://fedoraproject.org/wiki/PackageMaintainers/Join down in the "Get A Fedora
Account" section.

Review:
* source files match upstream:
   6593e76b815393f2a3896e163d1c23a7e0bd3eb1fabaf9795ba1bbbc4c500630  
   libp11-0.2.2.tar.gz
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* summary is OK.
* description is OK.
* dist tag is present.
* build root is OK.
* license field matches the actual license.
* license is open source-compatible.
X license text included in tarball but not in package.
* latest version is being packaged.
* BuildRequires are proper.
* compiler flags are appropriate.
* %clean is present.
* package builds in mock (development, x86_64).
* package installs properly
* debuginfo package looks complete.
* rpmlint has acceptable complaints.
* final provides and requires are sane:
  libp11-0.2.2-4.fc8.x86_64.rpm
   libp11.so.0()(64bit)
   libp11 = 0.2.2-4.fc8
  =
   /sbin/ldconfig
   libcrypto.so.6()(64bit)
   libltdl.so.3()(64bit)
   libp11.so.0()(64bit)
   libssl.so.6()(64bit)
   libz.so.1()(64bit)

  libp11-devel-0.2.2-4.fc8.x86_64.rpm
   libp11-devel = 0.2.2-4.fc8
  =
   libp11 = 0.2.2-4.fc8
   libp11.so.0()(64bit)
   pkgconfig
* %check is not present; no test suite upstream.
* shared libraries present; ldconfig called and unversioned .so files are in the 
   -devel package.
* owns the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* scriptlets are OK (ldconfig).
* code, not content.
* documentation is small, so no -docs subpackage is necessary.
  Development documentation is in the -devel subpackage.
* %docs are not necessary for the proper functioning of the package.
* headers are in the -devel subpackage.
* pkgconfig files are in the -devel subpackage; pkgconfig dependency is there.
* no static libraries.
* no libtool .la files.

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.