From enrico.scholz at informatik.tu-chemnitz.de Wed Nov 16 09:56:56 2005 From: enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) Date: Wed, 16 Nov 2005 10:56:56 +0100 Subject: [Fedora-packaging] [RFR] Handling of %doc files Message-ID: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> Hello, I have a Request For a new packaging Rule (RFR). Current rules are saying that a package MUST work without %doc content. This implicates that a package MUST work without dependencies introduced only by %doc content. In practice, people are packaging sample scripts as %doc files (with is ok with me). Unfortunately, 'rpm' generates autodeps for these files and the rpm maintainer does not want to change this. So, it may happen that small packages with only a plain C binary get a dependency on 'perl' just because a perl script was added into the %doc section. 'openvpn' is an example for this. Therefore, I suggest one of the following rules: (a) %doc files MUST not introduce new dependencies, or (b) %doc files MUST not be executable Rule (a) is the more correct rule but more complicated to check. Rule (b) is easy to check but might be too restrictive (e.g. a sh-script in %doc will not hurt when /bin/sh is required by the core package already) and abuses a more or less documented "feature" of rpm (autodeps are generated for executable files only). Enrico -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 480 bytes Desc: not available URL: From enrico.scholz at informatik.tu-chemnitz.de Wed Nov 16 12:14:07 2005 From: enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) Date: Wed, 16 Nov 2005 13:14:07 +0100 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> (Enrico Scholz's message of "Wed, 16 Nov 2005 10:56:56 +0100") References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> Message-ID: <87fypwyels.fsf@kosh.bigo.ensc.de> enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) writes: > Therefore, I suggest one of the following rules: > > (a) %doc files MUST not introduce new dependencies, or ok, I wrote an 'rpmlint' check for this rule: http://ensc.de/fedora/DocFilesCheck.py.txt (it is '*.txt' because the provider does not seem to like '*.py') Example output: | $ rpmlint openvpn-2.0.5-1.fc4.i386.rpm | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/auth-pam.pl' creates additional dependency '/usr/bin/perl' | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/verify-cn' creates additional dependency '/usr/bin/perl' Enrico -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 480 bytes Desc: not available URL: From rdieter at math.unl.edu Wed Nov 16 12:47:33 2005 From: rdieter at math.unl.edu (Rex Dieter) Date: Wed, 16 Nov 2005 06:47:33 -0600 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <87fypwyels.fsf@kosh.bigo.ensc.de> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> Message-ID: <437B2A65.1090704@math.unl.edu> Enrico Scholz wrote: >>Therefore, I suggest one of the following rules: >>(a) %doc files MUST not introduce new dependencies, or > ok, I wrote an 'rpmlint' check for this rule: > Example output: > | $ rpmlint openvpn-2.0.5-1.fc4.i386.rpm > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/auth-pam.pl' creates additional dependency '/usr/bin/perl' > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/verify-cn' creates additional dependency '/usr/bin/perl' Excellent work and suggestion. I agree with your proposed addition to rpmlint. -- Rex From tcallawa at redhat.com Wed Nov 16 14:42:16 2005 From: tcallawa at redhat.com (Tom 'spot' Callaway) Date: Wed, 16 Nov 2005 08:42:16 -0600 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <87fypwyels.fsf@kosh.bigo.ensc.de> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> Message-ID: <1132152136.2251.212.camel@localhost.localdomain> On Wed, 2005-11-16 at 13:14 +0100, Enrico Scholz wrote: > > Therefore, I suggest one of the following rules: > > > > (a) %doc files MUST not introduce new dependencies Seems reasonable to me. I'll propose it to FESCO for approval. ~spot -- Tom "spot" Callaway: Red Hat Senior Sales Engineer || GPG ID: 93054260 Fedora Extras Steering Committee Member (RPM Standards and Practices) Aurora Linux Project Leader: http://auroralinux.org Lemurs, llamas, and sparcs, oh my! From ville.skytta at iki.fi Wed Nov 16 19:12:45 2005 From: ville.skytta at iki.fi (Ville =?ISO-8859-1?Q?Skytt=E4?=) Date: Wed, 16 Nov 2005 21:12:45 +0200 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <437B2A65.1090704@math.unl.edu> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> Message-ID: <1132168365.15334.236.camel@localhost.localdomain> On Wed, 2005-11-16 at 06:47 -0600, Rex Dieter wrote: > Enrico Scholz wrote: > > >>Therefore, I suggest one of the following rules: > > >>(a) %doc files MUST not introduce new dependencies, or > > ok, I wrote an 'rpmlint' check for this rule: > > Example output: > > | $ rpmlint openvpn-2.0.5-1.fc4.i386.rpm > > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/auth-pam.pl' creates additional dependency '/usr/bin/perl' > > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/verify-cn' creates additional dependency '/usr/bin/perl' > > Excellent work and suggestion. I agree with your proposed addition to > rpmlint. Me too, thanks, and will do. However, if included as is, I'm inclined to make the message a warning instead of an error and soften the phrasing a bit because of two things: The check doesn't do recursive depsolving (nor do I think it should), ie. it will generate noise about things pulled in by other dependencies. While strictly speaking this is not noise but the real thing, in practice packagers rely on deps pulling in things even if the software _directly_ requires something itself (not at all limited to doc files), so this would be seen as noise by many folks. I don't have that strong opinions on this though, we're talking about a lint tool anyway. The other thing is that the check strips versions from dependencies altogether, while in a perfect world it should evaluate them against other dependencies in the package and see if it is really a new one (for example, let's say a Perl script in /usr/bin results in a perl >= 0:500503 dependency, but a %doc file adds a perl >= 1:5.6.1 one -> no message emitted, but should be). Thoughts? Enrico, did you send this upstream already? From pmatilai at laiskiainen.org Wed Nov 16 19:24:05 2005 From: pmatilai at laiskiainen.org (Panu Matilainen) Date: Wed, 16 Nov 2005 21:24:05 +0200 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <1132168365.15334.236.camel@localhost.localdomain> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> Message-ID: <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> On Wed, 2005-11-16 at 21:12 +0200, Ville Skytt? wrote: > On Wed, 2005-11-16 at 06:47 -0600, Rex Dieter wrote: > > Enrico Scholz wrote: > > > > >>Therefore, I suggest one of the following rules: > > > > >>(a) %doc files MUST not introduce new dependencies, or > > > ok, I wrote an 'rpmlint' check for this rule: > > > Example output: > > > | $ rpmlint openvpn-2.0.5-1.fc4.i386.rpm > > > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/auth-pam.pl' creates additional dependency '/usr/bin/perl' > > > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/verify-cn' creates additional dependency '/usr/bin/perl' > > > > Excellent work and suggestion. I agree with your proposed addition to > > rpmlint. > > Me too, thanks, and will do. However, if included as is, I'm inclined > to make the message a warning instead of an error and soften the > phrasing a bit because of two things: > > The check doesn't do recursive depsolving (nor do I think it should), > ie. it will generate noise about things pulled in by other dependencies. > While strictly speaking this is not noise but the real thing, in > practice packagers rely on deps pulling in things even if the software > _directly_ requires something itself (not at all limited to doc files), > so this would be seen as noise by many folks. I don't have that strong > opinions on this though, we're talking about a lint tool anyway. > > The other thing is that the check strips versions from dependencies > altogether, while in a perfect world it should evaluate them against > other dependencies in the package and see if it is really a new one (for > example, let's say a Perl script in /usr/bin results in a perl >= > 0:500503 dependency, but a %doc file adds a perl >= 1:5.6.1 one -> no > message emitted, but should be). > > Thoughts? Enrico, did you send this upstream already? Another idea: how about making rpm simply make anything marked as %doc non-executable? That'd stop example scripts from accidentally pulling in dependencies for good... - Panu - From ville.skytta at iki.fi Wed Nov 16 19:49:52 2005 From: ville.skytta at iki.fi (Ville =?ISO-8859-1?Q?Skytt=E4?=) Date: Wed, 16 Nov 2005 21:49:52 +0200 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> Message-ID: <1132170592.15334.242.camel@localhost.localdomain> On Wed, 2005-11-16 at 21:24 +0200, Panu Matilainen wrote: > Another idea: how about making rpm simply make anything marked as %doc > non-executable? The initial message in this thread mentioned "Unfortunately, 'rpm' generates autodeps for these files and the rpm maintainer does not want to change this.", dunno if it covers fiddling with the executable bits. From enrico.scholz at informatik.tu-chemnitz.de Wed Nov 16 20:07:41 2005 From: enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) Date: Wed, 16 Nov 2005 21:07:41 +0100 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> (Panu Matilainen's message of "Wed, 16 Nov 2005 21:24:05 +0200") References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> Message-ID: <873blwxsoi.fsf@kosh.bigo.ensc.de> pmatilai at laiskiainen.org (Panu Matilainen) writes: > Another idea: how about making rpm simply make anything marked as %doc > non-executable? That'd stop example scripts from accidentally pulling in > dependencies for good... This is probably related to my suggested rule (b)... Else, I do not think that the rpm maintainer wants to implement this https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173087 Enrico From enrico.scholz at informatik.tu-chemnitz.de Wed Nov 16 20:23:25 2005 From: enrico.scholz at informatik.tu-chemnitz.de (Enrico Scholz) Date: Wed, 16 Nov 2005 21:23:25 +0100 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <1132168365.15334.236.camel@localhost.localdomain> (Ville Skytt's message of "Wed, 16 Nov 2005 21:12:45 +0200") References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> Message-ID: <87y83owddu.fsf@kosh.bigo.ensc.de> ville.skytta at iki.fi (Ville Skytt?) writes: >> >>(a) %doc files MUST not introduce new dependencies, or >> > ok, I wrote an 'rpmlint' check for this rule: >> > Example output: >> > | $ rpmlint openvpn-2.0.5-1.fc4.i386.rpm >> > | E: openvpn %doc file '/usr/share/doc/openvpn-2.0.5/sample-scripts/auth-pam.pl' creates additional dependency '/usr/bin/perl' > ... > Me too, thanks, and will do. However, if included as is, I'm inclined > to make the message a warning instead of an error and soften the > phrasing a bit because of two things: > > The check doesn't do recursive depsolving (nor do I think it should), > ie. it will generate noise about things pulled in by other dependencies. rpmlint operates on a single package only without having a view about the available repository. I could add a configurable whitelist, e.g. always allow /bin/sh, /usr/bin/env or make it a warning only. But rpmlint creates other false positives too and because there is not automatic process behind, this would be a cosmetic effect only. > The other thing is that the check strips versions from dependencies > altogether, while in a perfect world it should evaluate them against > other dependencies in the package and see if it is really a new one > (for example, let's say a Perl script in /usr/bin results in a perl >= > 0:500503 dependency, but a %doc file adds a perl >= 1:5.6.1 one -> no > message emitted, but should be). Obviously, solving this isssue would be a very interesting task. But it would be also complicated because you have to deal with ranges; e.g. a %doc file could require 'perl >= 5.6.1 perl < 5.9.0' while rest of the package requires 'perl >= 5.6.0 perl <= 5.8.5'. This would pull in a dep of 'perl > 5.8.5 perl < 5.9.0'. I will have to sleep a night over it to see how this can be implemented... But these versioned deps are pretty useless with the current rpm epoch mechanism. The perl autodep generator does not know about existing epochs and rpm does not allow to require a certain upstream version (non-existing epoch is always assumed as '0') > Thoughts? Enrico, did you send this upstream already? Yes, sent it to flepied at mandriva. Enrico -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 480 bytes Desc: not available URL: From ville.skytta at iki.fi Wed Nov 16 21:42:36 2005 From: ville.skytta at iki.fi (Ville =?ISO-8859-1?Q?Skytt=E4?=) Date: Wed, 16 Nov 2005 23:42:36 +0200 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <87y83owddu.fsf@kosh.bigo.ensc.de> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> <87y83owddu.fsf@kosh.bigo.ensc.de> Message-ID: <1132177356.15334.278.camel@localhost.localdomain> On Wed, 2005-11-16 at 21:23 +0100, Enrico Scholz wrote: > ville.skytta at iki.fi (Ville Skytt?) writes: > > The check doesn't do recursive depsolving (nor do I think it should), > > ie. it will generate noise about things pulled in by other dependencies. > > rpmlint operates on a single package only without having a view about > the available repository. Of course. > But rpmlint creates other > false positives too and because there is not automatic process > behind, this would be a cosmetic effect only. Well, past and existing bad behaviour is IMO not a reason to add more of it, and a lot of rpmlint _is_ about cosmetic issues :]. I have this now in my local version: printWarning(pkg, "%%doc file '%s' creates possible additional dependency '%s'" % (f, dep)) > Obviously, solving this isssue would be a very interesting task. But it > would be also complicated because you have to deal with ranges; Sure. Dunno if it's worth spending much time on though. > But these versioned deps are pretty useless with the current rpm epoch > mechanism. The perl autodep generator does not know about existing > epochs and rpm does not allow to require a certain upstream version > (non-existing epoch is always assumed as '0') Actually it does know some, but the implementation is so bitrotten that it has been practically useless already for a while, see around line 200 in /usr/lib/rpm/perl.req. > > Thoughts? Enrico, did you send this upstream already? > > Yes, sent it to flepied at mandriva. Cool, let me know if you get a response, my rpmlint patch pile is growing painfully large and is about to grow some more, and I haven't heard back from him in a few monthts :( From jpo at di.uminho.pt Thu Nov 17 21:15:22 2005 From: jpo at di.uminho.pt (=?UTF-8?B?Sm9zw6kgUGVkcm8gT2xpdmVpcmE=?=) Date: Thu, 17 Nov 2005 21:15:22 +0000 Subject: [Fedora-packaging] [RFR] Handling of %doc files In-Reply-To: <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> References: <87k6f8ykyf.fsf@kosh.bigo.ensc.de> <87fypwyels.fsf@kosh.bigo.ensc.de> <437B2A65.1090704@math.unl.edu> <1132168365.15334.236.camel@localhost.localdomain> <1132169045.31182.11.camel@weasel.turre.laiskiainen.org> Message-ID: <437CF2EA.60001@di.uminho.pt> Panu Matilainen wrote: > Another idea: how about making rpm simply make anything marked as %doc > non-executable? That'd stop example scripts from accidentally pulling in > dependencies for good... Unfortunately that doesn't resolve all the dependencies problems - perl modules (non-executable .pm files) still pull new dependencies. Example ================================== Test.pm (file permissions 0644) ---------- package Test; use Tk; 1; ---------- test.spec ----------- ... %files ... %doc Test.pm ... ----------- Dependencies ---------- $ rpm -qpR ../RPMS/i386/test-0.1-1.i386.rpm ... perl(Tk) ... ---------- jpo -- Jos? Pedro Oliveira * mailto: jpo at di.uminho.pt * http://gsd.di.uminho.pt/jpo * * gpg fingerprint = F9B6 8D87 859D 1C94 48F0 84C0 9749 9EB5 91BD 851B * -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: