Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1113413 - suricata packaging issues
Summary: suricata packaging issues
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: suricata
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Steve Grubb
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: DuplicSysLibsTracker
TreeView+ depends on / blocked
 
Reported: 2014-06-26 07:17 UTC by Christopher Meng
Modified: 2016-07-19 11:50 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-19 11:50:28 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Christopher Meng 2014-06-26 07:17:12 UTC 
Hi,

Just did some checks on your package and found this package has many problems.

1. suricata has its own website:

suricata-ids.org

2. RPM spec contains obsoleted tags:

BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
rm -rf $RPM_BUILD_ROOT
%clean
%defattr(-,root,root,-)

Since suricata never goes into EPEL, I think it's quite normal to drop them.

*************************8<*************************
3. suricata bundles libhtp.

This is a serious problem:

https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries

build.log:

  Non-bundled htp:                         no

Append --enable-non-bundled-htp to the %configure.
*************************>8*************************

4. I don't think %doc doc/INSTALL is a good idea, in contrast, it's useless.

5. %{python_sitelib} -> %{python2_sitelib}

python-devel -> python2-devel

https://fedoraproject.org/wiki/Packaging:Python#BuildRequires

6. Mix using %{buildroot} and $RPM_BUILD_ROOT, please only choose one of them in the spec.

https://fedoraproject.org/wiki/Packaging:Guidelines#Using_.25.7Bbuildroot.7D_and_.25.7Boptflags.7D_vs_.24RPM_BUILD_ROOT_and_.24RPM_OPT_FLAGS

7. Obsoleted systemd packaging tags:

https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd

8. Koji build.log:

checking for spatch... no
   Warning! spatch not found, you will not be 
   able to run code checking with coccinelle  
   get it from http://coccinelle.lip6.fr      
   or install from your distribution  

Missing BR coccinelle.

(Verify if we need code analysis)

9. You just enabled lua support, are you sure lua 5.2 is supported? If not, We have lua 5.1 fallback in the repo:

compat-lua

10. checking for doxygen... no

Missing BR doxygen.
Comment 1 Steve Grubb 2014-06-28 13:00:54 UTC 
Thanks for the review. 
1) changed. 
2) There is a bz asking for EPEL, so I'm leaving it. I'll potentially fix item #3 if/when I fix EPEL support.
3) For years the bundled version was the only supported one. It was documented that if you use anything else, you are on your own. The bundled one is the only one that is QA'ed. Not sure the suricata project has reached a point where they are ready for any random version of libhtp or they would have dropped the bundled library completely. I'm inclined to leave as is for now and start a discussion upstream about the topic.
4) it used to be more than pointing to a web site. deleted.
5) fixed
6) fixed
7) All I saw was Requires(*) that needed fixing. If you see something else, please be more specific.
8) spatch is for QA testing. We don't use it. Added --disable-coccinelle to make it clear
9) It seems to work. If there was a bug reported against lua I could look at changing to the compat library
10) doxygen is not needed

I don't see anything reported important enough to recall the current update. So, I will only check this into the master branch and f20 can pick it up on the next upstream update. 2.0.2-2 is now in koji. Thanks.
Comment 2 Christopher Meng 2014-07-01 16:56:04 UTC 
(In reply to Steve Grubb from comment #1)
> 3) For years the bundled version was the only supported one. It was
> documented that if you use anything else, you are on your own. The bundled
> one is the only one that is QA'ed. Not sure the suricata project has reached
> a point where they are ready for any random version of libhtp or they would
> have dropped the bundled library completely. I'm inclined to leave as is for
> now and start a discussion upstream about the topic.

From the website I can see that it mentions the external dependency with version specified, doesn't it indicated that you could have a try?

Any way, it's right, we need to get an answer from upstream first.

And, if FESCo has granted such exception, an appropriate Provides: should be in the spec as well.
Comment 3 Jaroslav Reznik 2015-03-03 17:02:29 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22
Comment 4 Fedora End Of Life 2016-07-19 11:50:28 UTC 
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.
Note You need to log in before you can comment on or make changes to this bug.