[libvirt] [Guidelines Change] Changes to the Packaging Guidelines

Fri Apr 13 09:29:25 UTC 2012

On Thu, Apr 12, 2012 at 03:13:13PM -0600, Eric Blake wrote:
> things we should be thinking about:
> 
> On 04/12/2012 02:57 PM, Tom Callaway wrote:
> > Here is the latest set of changes to the Fedora Packaging Guidelines:
> > 
> > ---
> > 
> > Packages which have SysV initscripts that contain 'non-standard service
> > commands' (commands besides start, stop, reload, restart, or
> > try-restart) must convert those commands into standalone helper scripts.
> > Systemd does not support non-standard unit commands.
> > 
> > https://fedoraproject.org/wiki/Packaging:Systemd#Unit_Files
> 
> I think libvirt-guests falls into this category.
> 
> > 
> > ---
> > 
> > The guidelines relating to PIE and Hardened Packages were updated. Now,
> > if your package meets the following critera you MUST enable the PIE
> > compiler flags:
> > 
> > * Your package is long running. This means it's likely to be started and
> > keep running until the machine is rebooted, not start on demand and quit
> > on idle.
> > 
> > * Your package has suid binaries, or binaries with capabilities.
> > 
> > * Your package runs as root.
> > 
> > https://fedoraproject.org/wiki/Packaging:Guidelines#PIE
> 
> libvirtd definitely qualifies as one of these packages needing PIE
> compilation in our libvirt.spec file.

We should make sure libvirt always uses these PIE flags, avoiding the
need for the RPM macro

> Plus, we still haven't converted our mingw specfile over to the mingw64
> toolchain.  Anyone up for some specfile maintenance?

That's waiting on other Fedora maintainers to port over things we
depend on. Once they're ported, I'll update libvirt

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|