Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1356739
Summary: | Review Request: zulucrypt - Qt GUI front end to cryptsetup | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Raphael Groner <projects.rg> | ||||
Component: | Package Review | Assignee: | gil cattaneo <puntogil> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | CC: | package-review, puntogil | ||||
Target Milestone: | --- | Keywords: | Reopened | ||||
Target Release: | --- | Flags: | puntogil:
fedora-review+
|
||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-09-22 18:50:00 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1356657 | ||||||
Bug Blocks: | 928937 | ||||||
Attachments: |
|
Description
Raphael Groner
2016-07-14 22:21:27 UTC
Maybe you could remove from the BRs list: BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: glibc-devel cause: are installed by default and change BuildRequires: device-mapper-devel -> pkgconfig(devmapper) BuildRequires: libblkid-devel -> pkgconfig(blkid) BuildRequires: libpwquality-devel -> pkgconfig(pwquality) BuildRequires: cryptsetup-devel -> pkgconfig(libcryptsetup) Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. Note: These BR are not needed: gcc gcc-c++ See: http://fedoraproject.org/wiki/Packaging/Guidelines#Exceptions_2 - update-desktop-database is invoked in %post and %postun if package contains desktop file(s) with a MimeType: entry. Note: desktop file(s) with MimeType entry in zulucrypt See: http://fedoraproject.org/wiki/Packaging:ScriptletSnippets#desktop- database ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: Header files in -devel subpackage, if present. [x]: ldconfig called in %post and %postun if required. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. [x]: Development (unversioned) .so files in -devel subpackage, if present. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "GPL", "BSD (2 clause)", "GPL (v2 or later)", "GPL (v3 or later)", "Unknown or generated". 53 files have unknown license. Detailed output of licensecheck in /home/gil/1356739-zulucrypt/licensecheck.txt [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [!]: Package contains no bundled libraries without FPC exception. [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: gtk-update-icon-cache is invoked in %postun and %posttrans if package contains icons. Note: icons in zulucrypt [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 30720 bytes in 6 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package contains desktop file if it is a GUI application. [x]: Package installs a %{name}.desktop using desktop-file-install or desktop-file-validate if there is such a file. [x]: Dist tag is present. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in zulucrypt-libs , zulucrypt-devel , zulucrypt-doc , zulucrypt-debuginfo [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Scriptlets must be sane, if used. [x]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [?]: %check is present and all tests pass. [?]: Packages should try to preserve timestamps of original installed files. [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: The placement of pkgconfig(.pc) files are correct. [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on debuginfo package(s). Note: No rpmlint messages. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: zulucrypt-5.0.0-1.fc25.i686.rpm zulucrypt-libs-5.0.0-1.fc25.i686.rpm zulucrypt-devel-5.0.0-1.fc25.i686.rpm zulucrypt-doc-5.0.0-1.fc25.noarch.rpm zulucrypt-debuginfo-5.0.0-1.fc25.i686.rpm zulucrypt-5.0.0-1.fc25.src.rpm zulucrypt.i686: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.i686: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt-libs.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt-libs.i686: W: spelling-error %description -l en_US unmounting -> mounting, unstinting, mountain zulucrypt-libs.i686: W: shared-lib-calls-exit /usr/lib/libzuluCrypt-exe.so.1.2.0 exit zulucrypt-libs.i686: W: no-documentation zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt-exe.so.1.2.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt.so.1.2.0 zulucrypt-libs.i686: E: non-empty-%postun /sbin/ldconfig zulucrypt-devel.i686: W: no-documentation zulucrypt.src: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.src: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.src: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.src: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt.src:60: W: unversioned-explicit-provides bundled(md5-openssl) zulucrypt.src:161: W: macro-in-comment %{buildroot} zulucrypt.src:161: W: macro-in-comment %{_bindir} zulucrypt.src:161: W: macro-in-comment %{buildroot} zulucrypt.src:161: W: macro-in-comment %{_libdir} zulucrypt.src:161: W: macro-in-comment %{srcname} 6 packages and 0 specfiles checked; 4 errors, 19 warnings. Rpmlint (debuginfo) ------------------- Checking: zulucrypt-debuginfo-5.0.0-1.fc25.i686.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- zulucrypt.i686: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.i686: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt-devel.i686: W: no-documentation zulucrypt-libs.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt-libs.i686: W: spelling-error %description -l en_US unmounting -> mounting, unstinting, mountain zulucrypt-libs.i686: W: unused-direct-shlib-dependency /usr/lib/libzuluCrypt-exe.so.1.2.0 /lib/libgcrypt.so.20 zulucrypt-libs.i686: W: shared-lib-calls-exit /usr/lib/libzuluCrypt-exe.so.1.2.0 exit zulucrypt-libs.i686: W: no-documentation zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt-exe.so.1.2.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt.so.1.2.0 zulucrypt-libs.i686: E: non-empty-%postun /sbin/ldconfig 5 packages and 0 specfiles checked; 4 errors, 10 warnings. Requires -------- zulucrypt (rpmlib, GLIBC filtered): /bin/sh hicolor-icon-theme libKF5Notifications.so.5 libKF5Wallet.so.5 libQt5Core.so.5 libQt5Core.so.5(Qt_5) libQt5Core.so.5(Qt_5.6) libQt5Gui.so.5 libQt5Gui.so.5(Qt_5) libQt5Network.so.5 libQt5Network.so.5(Qt_5) libQt5Widgets.so.5 libQt5Widgets.so.5(Qt_5) libblkid.so.1 libblkid.so.1(BLKID_1.0) libblkid.so.1(BLKID_2.15) libblkid.so.1(BLKID_2.17) libc.so.6 libcryptsetup.so.4 libgcc_s.so.1 libgcc_s.so.1(GCC_3.0) libgcrypt.so.20 libgcrypt.so.20(GCRYPT_1.6) libgio-2.0.so.0 libglib-2.0.so.0 libgobject-2.0.so.0 libm.so.6 libpthread.so.0 libpwquality.so.1 libpwquality.so.1(LIBPWQUALITY_1.0) libsecret-1.so.0 libstdc++.so.6 libstdc++.so.6(CXXABI_1.3) libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 rtld(GNU_HASH) zulucrypt-libs(x86-32) zulucrypt-devel (rpmlib, GLIBC filtered): /usr/bin/pkg-config libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs(x86-32) zulucrypt-libs (rpmlib, GLIBC filtered): /sbin/ldconfig libKF5Notifications.so.5 libKF5Wallet.so.5 libQt5Core.so.5 libQt5Core.so.5(Qt_5) libQt5Core.so.5(Qt_5.6) libQt5Gui.so.5 libQt5Gui.so.5(Qt_5) libQt5Widgets.so.5 libQt5Widgets.so.5(Qt_5) libblkid.so.1 libblkid.so.1(BLKID_1.0) libblkid.so.1(BLKID_2.15) libblkid.so.1(BLKID_2.17) libc.so.6 libcryptsetup.so.4 libcryptsetup.so.4(CRYPTSETUP_1.0) libgcc_s.so.1 libgcc_s.so.1(GCC_3.0) libgcrypt.so.20 libgcrypt.so.20(GCRYPT_1.6) libgio-2.0.so.0 libglib-2.0.so.0 libgobject-2.0.so.0 libm.so.6 libpthread.so.0 libsecret-1.so.0 libstdc++.so.6 libstdc++.so.6(CXXABI_1.3) libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 rtld(GNU_HASH) zulucrypt-doc (rpmlib, GLIBC filtered): zulucrypt-debuginfo (rpmlib, GLIBC filtered): Provides -------- zulucrypt: application() application(zuluCrypt.desktop) application(zuluMount.desktop) bundled(lxqt-wallet) bundled(md5-openssl) bundled(tcplay) zulucrypt zulucrypt(x86-32) zulucrypt-devel: pkgconfig(libzuluCrypt) zulucrypt-devel zulucrypt-devel(x86-32) zulucrypt-libs: libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs zulucrypt-libs(x86-32) zulucrypt-doc: zulucrypt-doc zulucrypt-debuginfo: zulucrypt-debuginfo zulucrypt-debuginfo(x86-32) Source checksums ---------------- https://github.com/mhogomchungu/zuluCrypt/archive/5.0.0/zulucrypt-5.0.0.tar.gz : CHECKSUM(SHA256) this package : 949eb7f2d6489d22b2e669509ce74241edbe590617fb1df1d35c357c1fbd2f61 CHECKSUM(SHA256) upstream package : 949eb7f2d6489d22b2e669509ce74241edbe590617fb1df1d35c357c1fbd2f61 Generated by fedora-review 0.6.1 (f03e4e7) last change: 2016-05-02 Command line :/usr/bin/fedora-review -b 1356739 --plugins C/C++ -m fedora-rawhide-i386 Buildroot used: fedora-rawhide-i386 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6 Issues: - All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. Note: These BR are not needed: gcc gcc-c++ See: http://fedoraproject.org/wiki/Packaging/Guidelines#Exceptions_2 - update-desktop-database is invoked in %post and %postun if package contains desktop file(s) with a MimeType: entry. Note: desktop file(s) with MimeType entry in zulucrypt See: http://fedoraproject.org/wiki/Packaging:ScriptletSnippets#desktop- database i not sure what happen with zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt-exe.so.1.2.0 zulucrypt-libs.i686: E: postun-without-ldconfig /usr/lib/libzuluCrypt.so.1.2.0 zulucrypt-libs.i686: E: non-empty-%postun /sbin/ldconfig have time for this https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1354118 ? > [!]: Package contains no bundled libraries without FPC exception. What do you mean? Provides -------- zulucrypt: application() application(zuluCrypt.desktop) application(zuluMount.desktop) bundled(lxqt-wallet) bundled(md5-openssl) bundled(tcplay) zulucrypt zulucrypt(x86-32) > [?]: %check is present and all tests pass. > [?]: Packages should try to preserve timestamps of original installed > files. I don't understand. What should I fix? (In reply to Raphael Groner from comment #5) > > [!]: Package contains no bundled libraries without FPC exception. > > What do you mean? > > Provides > -------- > zulucrypt: > application() > application(zuluCrypt.desktop) > application(zuluMount.desktop) > bundled(lxqt-wallet) > bundled(md5-openssl) > bundled(tcplay) > zulucrypt > zulucrypt(x86-32) > > > [?]: %check is present and all tests pass. > > [?]: Packages should try to preserve timestamps of original installed > > files. > > I don't understand. What should I fix? see Comment#3 under public domain zuluCrypt-5.0.0/zuluCrypt-gui/md5/md5.c zuluCrypt-5.0.0/zuluCrypt-gui/md5/md5.h from http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5 report this notice /* * This routine is part of libc. We include it nevertheless, * since the libc version has some security flaws. * * TODO: use canonicalize_file_name() when exist in glibc */ zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.c zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.h Forwarding an e-mail I got from upstream: Greetings from founder and current maintainer of zuluCrypt. I usually google "zuluCrypt" to see what is out there and google led me to your effort of packaging zuluCrypt for fedora here[1] and i have a few comments that i think will get you in your effort. 1. It is currently not possible to use upstream version of tcplay with zuluCrypt. Upstream seems to have lost interest in the project and i have extended my "personal" copy of the library in incompatible ways. For example,upstream version does not have this[2] pull request but my copy has it.My copy extended this pull request to add unlocking VeraCrypt volumes that uses a PIM value.A bunch of APIs like this[3] one are also not in the upstream version. Upstream seems uninterested in the project and i have not attempted to offer them upstream because of it. 2. It should be possible to cleanly unbundle "lxqt_wallet" since zuluCrypt only uses lxqt_wallet documented API.Will add a config option shortly to build using an external version. 3. If you dont want to have zulu*-cli CLI components as suid-root binaries(offers best user experience in my opinion),look at what debian[4] is doing to have the second best user experience. With the "debian way",a user clicks an icon and they get a polkit prompt to root authenticate before they start the application with root's privileges but they still wont be able to do everything since the user that invokes the application is remembered and the application will do only what that user is allowed to do.This is done through pkexec[5]. I think this should be enought for now. Thank you for packaging my project for fedora. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1356739 [2] https://github.com/bwalex/tc-play/pull/65 [3] https://github.com/mhogomchungu/zuluCrypt/blob/6653c8d465470d862c18baee3287b0cb91158fe0/external_libraries/tc-play/tcplay_api.h#L57 [4] https://github.com/marciosouza20/zulucrypt [5] https://github.com/marciosouza20/zulucrypt/blob/master/zuluCrypt-gui-pkexec Created attachment 1180782 [details]
unbundle lxqtwallet
Unbundle lxqt-wallet.
Patch got from upstream.
(In reply to gil cattaneo from comment #9) > report this notice > > /* > * This routine is part of libc. We include it nevertheless, > * since the libc version has some security flaws. > * > * TODO: use canonicalize_file_name() when exist in glibc > */ > zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.c > > > zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.h https://github.com/mhogomchungu/zuluCrypt/issues/41 (In reply to Raphael Groner from comment #13) > (In reply to gil cattaneo from comment #9) > > report this notice > > > > /* > > * This routine is part of libc. We include it nevertheless, > > * since the libc version has some security flaws. > > * > > * TODO: use canonicalize_file_name() when exist in glibc > > */ > > zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.c > > > > > > zuluCrypt-5.0.0/zuluCrypt-cli/lib/canonicalize/canonicalize.h > > https://github.com/mhogomchungu/zuluCrypt/issues/41 perhaps, it would not be enough to add Provides: bundled(glibc) or what is ... also for this and should update license field (In reply to gil cattaneo from comment #14) … > > https://github.com/mhogomchungu/zuluCrypt/issues/41 > > perhaps, it would not be enough to add Provides: bundled(glibc) or what is > ... > also for this and should update license field There's a patch now to use external glibc function. I'll apply it. (In reply to Raphael Groner from comment #12) > Created attachment 1180782 [details] > unbundle lxqtwallet > > Unbundle lxqt-wallet. > > Patch got from upstream. This patch is incomplete. I wrote an e-mail to upstream to get it working with 'rm -r zuluCrypt-gui/lxqt_wallet'. (In reply to Raphael Groner from comment #11) … > 1. It is currently not possible to use upstream version of tcplay with > zuluCrypt. Upstream seems to have lost interest in the project and i > have extended my "personal" copy of the library in incompatible ways. > For example,upstream version does not have this[2] pull request but my > copy has it.My copy extended this pull request to add unlocking > VeraCrypt volumes that uses a PIM value.A bunch of APIs like this[3] > one are also not in the upstream version. Upstream seems uninterested > in the project and i have not attempted to offer them upstream because > of it. We've to discuss that with the maintainer of the tcplay package. Maybe we can add the patches and fully unbundle from the zuluCrypt package. > 2. It should be possible to cleanly unbundle "lxqt_wallet" since > zuluCrypt only uses lxqt_wallet documented API.Will add a config > option shortly to build using an external version. See above. > 3. If you dont want to have zulu*-cli CLI components as suid-root > binaries(offers best user experience in my opinion),look at what > debian[4] is doing to have the second best user experience. With the > "debian way",a user clicks an icon and they get a polkit prompt to > root authenticate before they start the application with root's > privileges but they still wont be able to do everything since the user > that > invokes the application is remembered and the application will do only > what that user is allowed to do.This is done through pkexec[5]. IMHO that should be handled in another package review for zulucrypt-pkexec (or the like) because it's a new upstream. 1. It is currently not possible to use upstream version of tcplay with zuluCrypt. Upstream seems to have lost interest in the project and i have extended my "personal" copy of the library in incompatible ways. For example,upstream version does not have this[2] pull request but my copy has it.My copy extended this pull request to add unlocking VeraCrypt volumes that uses a PIM value.A bunch of APIs like this[3] one are also not in the upstream version. Upstream seems uninterested in the project and i have not attempted to offer them upstream because of it. How to proceed with this? a. Bundle (embedded) tc-play fork. b. Remove tc-play sources and so drop feature completely for truecrypt and veracrypt. c. Wait for tc-play maintainer to apply patch in the package. I tend to prefer b for now, in long term try to achieve c. SPEC: https://raphgro.fedorapeople.org/review/util/zulucrypt.spec SRPM: https://raphgro.fedorapeople.org/review/util/zulucrypt-5.0.0-2.20160802git064e9db.fc24.src.rpm Task info: http://koji.fedoraproject.org/koji/taskinfo?taskID=15134015 %changelog * Fri Jul 22 2016 Raphael Groner <> - 5.0.0-2.20160802git064e9db.fc25 - switch to git snapshot to include all latest upstream patches - unbundle lxqt-wallet - prepare to unbundle tcplay - drop hack for desktop-file-validate, upstream issue#42 - add polkit - split cli into console subpackage - move licenses and general documentation into libs subpackage - fix incorrect desktop files - use BR: pkgconfig() where applicable - drop default dependencies - add scriptlets for MimeType key - drop scriptlets option -p to not confuse rpmlint - note Public Domain for bundled md5-openssl - note GPLv3+ and GPLv2+ partly in source files - fix find_lang - drop chrpath (previously commented) %if %{with bundle_tcplay} Provides: bundled(tcplay) = 2.0 %else #BuildRequires: tcplay-devel >= 2.0 %endif should be changed in: %if %{with bundle_tcplay} BuildRequires: tcplay-devel >= 2.0 %else Provides: bundled(tcplay) = 2.0 %endif cause bundle tcplay is still use during the build Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. Note: These BR are not needed: gcc gcc-c++ See: http://fedoraproject.org/wiki/Packaging/Guidelines#Exceptions_2 IGNORE ===== MUST items ===== C/C++: [x]: Package does not contain kernel modules. [x]: Package contains no static executables. [x]: Header files in -devel subpackage, if present. [x]: ldconfig called in %post and %postun if required. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. [x]: Development (unversioned) .so files in -devel subpackage, if present. Generic: [x]: Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x]: License field in the package spec file matches the actual license. Note: Checking patched sources after %prep for licenses. Licenses found: "GPL", "BSD (2 clause)", "GPL (v2 or later)", "Unknown or generated". 42 files have unknown license. Detailed output of licensecheck in /home/gil/1356739-zulucrypt/licensecheck.txt [x]: License file installed when any subpackage combination is installed. [x]: If the package is under multiple licenses, the licensing breakdown must be documented in the spec. [x]: %build honors applicable compiler flags or justifies otherwise. [!]: Package contains no bundled libraries without FPC exception. See Comment#18 [x]: Changelog in prescribed format. [x]: Sources contain only permissible code or content. [x]: Development files must be in a -devel package [x]: Package uses nothing in %doc for runtime. [x]: Package consistently uses macros (instead of hard-coded directory names). [x]: Package is named according to the Package Naming Guidelines. [x]: Package does not generate any conflict. [x]: Package obeys FHS, except libexecdir and /usr/target. [-]: If the package is a rename of another package, proper Obsoletes and Provides are present. [x]: Requires correct, justified where necessary. [x]: Spec file is legible and written in American English. [-]: Package contains systemd file(s) if in need. [x]: gtk-update-icon-cache is invoked in %postun and %posttrans if package contains icons. Note: icons in zulucrypt [x]: Useful -debuginfo package or justification otherwise. [x]: Package is not known to require an ExcludeArch tag. [x]: Large documentation must go in a -doc subpackage. Large could be size (~1MB) or number of files. Note: Documentation size is 30720 bytes in 6 files. [x]: Package complies to the Packaging Guidelines [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %license. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package contains desktop file if it is a GUI application. [x]: Package installs a %{name}.desktop using desktop-file-install or desktop-file-validate if there is such a file. [x]: Dist tag is present. Note: Multiple Release: tags found [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package does not use a name that already exists. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [-]: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [x]: Final provides and requires are sane (see attachments). [x]: Fully versioned dependency in subpackages if applicable. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in zulucrypt-console , zulucrypt-libs , zulucrypt-devel , zulucrypt-doc , zulucrypt-debuginfo [x]: Package functions as described. [x]: Latest version is packaged. [x]: Package does not include license text files separate from upstream. [x]: Scriptlets must be sane, if used. [x]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x]: Package should compile and build into binary rpms on all supported architectures. [x]: %check is present and all tests pass. [?]: Packages should try to preserve timestamps of original installed files. See @ line 188 of the spec file, maybe you should also use "-p" [x]: Reviewer should test that the package builds in mock. [x]: Buildroot is not present [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: The placement of pkgconfig(.pc) files are correct. [x]: Sources can be downloaded from URI in Source: tag [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on debuginfo package(s). Note: No rpmlint messages. [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: zulucrypt-5.0.0-2.20160802git064e9db.fc26.i686.rpm zulucrypt-console-5.0.0-2.20160802git064e9db.fc26.i686.rpm zulucrypt-libs-5.0.0-2.20160802git064e9db.fc26.i686.rpm zulucrypt-devel-5.0.0-2.20160802git064e9db.fc26.i686.rpm zulucrypt-doc-5.0.0-2.20160802git064e9db.fc26.noarch.rpm zulucrypt-debuginfo-5.0.0-2.20160802git064e9db.fc26.i686.rpm zulucrypt-5.0.0-2.20160802git064e9db.fc26.src.rpm zulucrypt.i686: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end zulucrypt.i686: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.i686: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt.i686: W: incoherent-version-in-changelog 5.0.0-2.20160802git064e9db.fc25 ['5.0.0-2.20160802git064e9db.fc26', '5.0.0-2.20160802git064e9db'] zulucrypt.i686: W: desktopfile-without-binary /usr/share/applications/zuluCrypt.desktop pkexec zulucrypt.i686: W: desktopfile-without-binary /usr/share/applications/zuluMount.desktop pkexec zulucrypt-console.i686: W: spelling-error %description -l en_US frontends -> front ends, front-ends, fronds zulucrypt-console.i686: W: spelling-error %description -l en_US subpackage -> sub package, sub-package, package's zulucrypt-libs.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt-libs.i686: W: spelling-error %description -l en_US unmounting -> mounting, unstinting, mountain zulucrypt-libs.i686: W: shared-lib-calls-exit /usr/lib/libzuluCrypt-exe.so.1.2.0 exit zulucrypt-libs.i686: W: one-line-command-in-%post /sbin/ldconfig zulucrypt-devel.i686: W: no-documentation zulucrypt.src: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.src: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.src: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end zulucrypt.src: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.src: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt.src:75: W: unversioned-explicit-provides bundled(md5-openssl) zulucrypt.src:160: W: macro-in-comment %{_includedir} 7 packages and 0 specfiles checked; 0 errors, 22 warnings. Rpmlint (debuginfo) ------------------- Checking: zulucrypt-debuginfo-5.0.0-2.20160802git064e9db.fc26.i686.rpm 1 packages and 0 specfiles checked; 0 errors, 0 warnings. Rpmlint (installed packages) ---------------------------- zulucrypt-libs.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt-libs.i686: W: spelling-error %description -l en_US unmounting -> mounting, unstinting, mountain zulucrypt-libs.i686: W: unused-direct-shlib-dependency /usr/lib/libzuluCrypt-exe.so.1.2.0 /lib/libgcrypt.so.20 zulucrypt-libs.i686: W: shared-lib-calls-exit /usr/lib/libzuluCrypt-exe.so.1.2.0 exit zulucrypt-libs.i686: W: one-line-command-in-%post /sbin/ldconfig zulucrypt.i686: W: spelling-error Summary(en_US) cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US cryptsetup -> crypt setup, crypt-setup, Cryptozoic zulucrypt.i686: W: spelling-error %description -l en_US frontend -> fronted, front end, front-end zulucrypt.i686: W: spelling-error %description -l en_US truecrypt -> true crypt, true-crypt, encrypt zulucrypt.i686: W: spelling-error %description -l en_US sudo -> suds, ludo, sumo zulucrypt.i686: W: incoherent-version-in-changelog 5.0.0-2.20160802git064e9db.fc25 ['5.0.0-2.20160802git064e9db.fc26', '5.0.0-2.20160802git064e9db'] zulucrypt-console.i686: W: spelling-error %description -l en_US frontends -> front ends, front-ends, fronds zulucrypt-console.i686: W: spelling-error %description -l en_US subpackage -> sub package, sub-package, package's zulucrypt-devel.i686: W: no-documentation 6 packages and 0 specfiles checked; 0 errors, 14 warnings. Requires -------- zulucrypt-debuginfo (rpmlib, GLIBC filtered): zulucrypt-libs (rpmlib, GLIBC filtered): /bin/sh libblkid.so.1 libblkid.so.1(BLKID_1.0) libblkid.so.1(BLKID_2.15) libblkid.so.1(BLKID_2.17) libc.so.6 libcryptsetup.so.4 libcryptsetup.so.4(CRYPTSETUP_1.0) libgcrypt.so.20 libgcrypt.so.20(GCRYPT_1.6) libpthread.so.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 rtld(GNU_HASH) zulucrypt (rpmlib, GLIBC filtered): /bin/sh hicolor-icon-theme libQt5Core.so.5 libQt5Core.so.5(Qt_5) libQt5Core.so.5(Qt_5.7) libQt5Gui.so.5 libQt5Gui.so.5(Qt_5) libQt5Network.so.5 libQt5Network.so.5(Qt_5) libQt5Widgets.so.5 libQt5Widgets.so.5(Qt_5) libblkid.so.1 libblkid.so.1(BLKID_1.0) libc.so.6 libgcc_s.so.1 libgcc_s.so.1(GCC_3.0) libgcrypt.so.20 libgcrypt.so.20(GCRYPT_1.6) libgio-2.0.so.0 libglib-2.0.so.0 libgobject-2.0.so.0 liblxqt-wallet.so.3.0.0 libm.so.6 libpthread.so.0 libpwquality.so.1 libpwquality.so.1(LIBPWQUALITY_1.0) libsecret-1.so.0 libstdc++.so.6 libstdc++.so.6(CXXABI_1.3) libzuluCryptPluginManager.so.1.0.0 polkit rtld(GNU_HASH) zulucrypt-console(x86-32) zulucrypt-libs(x86-32) zulucrypt-doc (rpmlib, GLIBC filtered): zulucrypt-console (rpmlib, GLIBC filtered): libblkid.so.1 libblkid.so.1(BLKID_2.15) libblkid.so.1(BLKID_2.17) libc.so.6 libcryptsetup.so.4 libgcrypt.so.20 libpthread.so.0 libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 rtld(GNU_HASH) zulucrypt-libs(x86-32) zulucrypt-devel (rpmlib, GLIBC filtered): /usr/bin/pkg-config libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs(x86-32) Provides -------- zulucrypt-debuginfo: zulucrypt-debuginfo zulucrypt-debuginfo(x86-32) zulucrypt-libs: libzuluCrypt-exe.so.1.2.0 libzuluCrypt.so.1.2.0 libzuluCryptPluginManager.so.1.0.0 zulucrypt-libs zulucrypt-libs(x86-32) zulucrypt: application() application(zuluCrypt.desktop) application(zuluMount.desktop) bundled(md5-openssl) bundled(tcplay) zulucrypt zulucrypt(x86-32) zulucrypt-doc: zulucrypt-doc zulucrypt-console: zulucrypt-console zulucrypt-console(x86-32) zulucrypt-devel: pkgconfig(libzuluCrypt) zulucrypt-devel zulucrypt-devel(x86-32) Source checksums ---------------- https://github.com/mhogomchungu/zuluCrypt/archive/064e9db3a81f0c3e2030eabc1931914461c7a829/zulucrypt-064e9db3a81f0c3e2030eabc1931914461c7a829.tar.gz : CHECKSUM(SHA256) this package : 74ab892026123876395f7c05260f89d89f73aa2dc7ea5e4b3eeda3b0c7b00584 CHECKSUM(SHA256) upstream package : 74ab892026123876395f7c05260f89d89f73aa2dc7ea5e4b3eeda3b0c7b00584 Generated by fedora-review 0.6.1 (f03e4e7) last change: 2016-05-02 Command line :/usr/bin/fedora-review -b 1356739 --plugins C/C++ -m fedora-rawhide-i386 Buildroot used: fedora-rawhide-i386 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP Disabled flags: EXARCH, DISTTAG, EPEL5, BATCH, EPEL6 Issues: [!]: Package contains no bundled libraries without FPC exception. See Comment#18 [?]: Packages should try to preserve timestamps of original installed files. See @ line 188 of the spec file, maybe you should also use "-p" Please, fix also these problem: zulucrypt.i686: W: incoherent-version-in-changelog 5.0.0-2.20160802git064e9db.fc25 ['5.0.0-2.20160802git064e9db.fc26', '5.0.0-2.20160802git064e9db'] zulucrypt.src:160: W: macro-in-comment %{_includedir} (In reply to gil cattaneo from comment #20) > Issues: > > [!]: Package contains no bundled libraries without FPC exception. > See Comment#18 zulucrypt: application() application(zuluCrypt.desktop) application(zuluMount.desktop) bundled(md5-openssl) bundled(tcplay) I don't understand comment#18, we need 'Provides: bundled(tcplay)'. See open discussion in comment #16. https://fedoraproject.org/wiki/Packaging:Guidelines#Bundling_and_Duplication_of_system_libraries > [?]: Packages should try to preserve timestamps of original installed > files. > See @ line 188 of the spec file, maybe you should also use "-p" Can fix while importing the package. > Please, fix also these problem: > zulucrypt.i686: W: incoherent-version-in-changelog > 5.0.0-2.20160802git064e9db.fc25 ['5.0.0-2.20160802git064e9db.fc26', > '5.0.0-2.20160802git064e9db'] Hmpf, maybe uploaded an old SRPM. It's fixed in spec file. > zulucrypt.src:160: W: macro-in-comment %{_includedir} This is part of (commented) preparation to unbundle tcplay. Currently not possible to apply, see above. Should I drop the commented lines? About rpath: https://fedorahosted.org/fpc/ticket/641 (In reply to Raphael Groner from comment #21) > (In reply to gil cattaneo from comment #20) > > Issues: > > > > [!]: Package contains no bundled libraries without FPC exception. > > See Comment#18 > > zulucrypt: > application() > application(zuluCrypt.desktop) > application(zuluMount.desktop) > bundled(md5-openssl) > bundled(tcplay) > > I don't understand comment#18, we need 'Provides: bundled(tcplay)'. See open > discussion in comment #16. > https://fedoraproject.org/wiki/Packaging: > Guidelines#Bundling_and_Duplication_of_system_libraries it is set now is useless. should be: %if %{without bundle_tcplay} Provides: bundled(tcplay) = 2.0 %else #BuildRequires: tcplay-devel >= 2.0 %endif otherwise this "if" never will enter the "Provides" > > [?]: Packages should try to preserve timestamps of original installed > > files. > > See @ line 188 of the spec file, maybe you should also use "-p" > > Can fix while importing the package. > > > Please, fix also these problem: > > zulucrypt.i686: W: incoherent-version-in-changelog > > 5.0.0-2.20160802git064e9db.fc25 ['5.0.0-2.20160802git064e9db.fc26', > > '5.0.0-2.20160802git064e9db'] > > Hmpf, maybe uploaded an old SRPM. It's fixed in spec file. > > > zulucrypt.src:160: W: macro-in-comment %{_includedir} > > This is part of (commented) preparation to unbundle tcplay. Currently not > possible to apply, see above. Should I drop the commented lines? as above (In reply to gil cattaneo from comment #23) > > > > > zulucrypt.src:160: W: macro-in-comment %{_includedir} > > > > This is part of (commented) preparation to unbundle tcplay. Currently not > > possible to apply, see above. Should I drop the commented lines? > > as above is useless now? then why not remove a useless rpmlint warning ... ops my bad ... ignore last comment about bundle tcplay, my apologize approved Thanks for the review! Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/zulucrypt lxqt-wallet-3.0.0-1.fc24 zulucrypt-5.0.0-2.20160802git064e9db.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f2d6af926 lxqt-wallet-3.0.0-1.fc24 zulucrypt-5.0.0-2.20160802git064e9db.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f2d6af926 lxqt-wallet-3.0.0-1.el7 zulucrypt-5.0.0-2.20160802git064e9db.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f08257b92c lxqt-wallet-3.0.0-1.el7 zulucrypt-5.0.0-2.20160802git064e9db.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f08257b92c lxqt-wallet-3.0.0-1.fc24, zulucrypt-5.0.0-2.20160802git064e9db.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f2d6af926 lxqt-wallet-3.0.0-1.el7, zulucrypt-5.0.0-2.20160802git064e9db.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f08257b92c lxqt-wallet-3.0.0-1.fc24, zulucrypt-5.0.0-2.20160802git064e9db.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. lxqt-wallet-3.0.0-1.el7 zulucrypt-5.0.0-3.20160802git064e9db.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f08257b92c lxqt-wallet-3.0.0-1.el7, zulucrypt-5.0.0-3.20160802git064e9db.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f08257b92c lxqt-wallet-3.0.0-1.el7, zulucrypt-5.0.0-3.20160802git064e9db.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. |