[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

We have begun to remove content from the wiki.  The old pages should all
now have links to the new docs site.  As we continue to work on the new
documents, the corresponding wiki pages will be emptied and left only
with the link to the new content.  This is currently most visible on the
main guidelines page.  The wiki history remains, of course, and all of
that history was also copied into the git repository which holds the
source of the current site.

As always, if you spot issues in the packaging guidelines, feel free to
file a ticket at https://pagure.io/packaging-committee/issues.  You can
even send us a pull request.

-

The versioning guidelines have been modified to allow limited use of
RPM's tilde (~) notation when packaging upstream-tagged prereleases.

* https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/
* https://pagure.io/packaging-committee/issue/832
* 
https://pagure.io/packaging-committee/c/5113d478f5885d2338dfbdceb043da634f732e51?branch=master

-


The python packaging guidelines have been updated to indicate the
changed default in Fedora 30 for %_python_bytecompile_extra (to 0). This
setting controls whether python files outside of the regular locations
for python modules are subject to automatic byte compilation.

* 
https://docs.fedoraproject.org/en-US/packaging-guidelines/Python_Appendix/#manual-bytecompilation
* https://pagure.io/packaging-committee/issue/830
* 
https://pagure.io/packaging-committee/c/647454105e873c15ce0c5e10cfad37aae8a50225?branch=master
* 
https://fedoraproject.org/wiki/Changes/No_more_automagic_Python_bytecompilation_phase_2

-

Due to the recent accumulation of problems caused by unannounced SONAME
bumps in rawhide, a short "Listing shared library files" section was
added to the "Shared Libraries" chapter of the Packaging Guidelines: It
is now discouraged to use globs of the form libFOO.so.* (or similar) for
listing %files entries like libFOO.so.MAJOR.MINOR.PATCH in %{_libdir},
because it can conceal SONAME changes, and may contribute to accidental
bumps. If the use of any glob is helpful in reducing maintenance burden,
using something less general - like libFOO.so.MAJOR* - is encouraged
instead.

* 
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_listing_shared_library_files
* https://pagure.io/packaging-committee/issue/784
* 
https://pagure.io/packaging-committee/c/2051d0c7dcd7f062e2c8571f19a8cf7eea8b0ce6?branch=master
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

We have begun to remove content from the wiki.  The old pages should all
now have links to the new docs site.  As we continue to work on the new
documents, the corresponding wiki pages will be emptied and left only
with the link to the new content.  This is currently most visible on the
main guidelines page.  The wiki history remains, of course, and all of
that history was also copied into the git repository which holds the
source of the current site.

As always, if you spot issues in the packaging guidelines, feel free to
file a ticket at https://pagure.io/packaging-committee/issues.  You can
even send us a pull request.

-

The versioning guidelines have been modified to allow limited use of
RPM's tilde (~) notation when packaging upstream-tagged prereleases.

* https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/
* https://pagure.io/packaging-committee/issue/832
* 
https://pagure.io/packaging-committee/c/5113d478f5885d2338dfbdceb043da634f732e51?branch=master

-


The python packaging guidelines have been updated to indicate the
changed default in Fedora 30 for %_python_bytecompile_extra (to 0). This
setting controls whether python files outside of the regular locations
for python modules are subject to automatic byte compilation.

* 
https://docs.fedoraproject.org/en-US/packaging-guidelines/Python_Appendix/#manual-bytecompilation
* https://pagure.io/packaging-committee/issue/830
* 
https://pagure.io/packaging-committee/c/647454105e873c15ce0c5e10cfad37aae8a50225?branch=master
* 
https://fedoraproject.org/wiki/Changes/No_more_automagic_Python_bytecompilation_phase_2

-

Due to the recent accumulation of problems caused by unannounced SONAME
bumps in rawhide, a short "Listing shared library files" section was
added to the "Shared Libraries" chapter of the Packaging Guidelines: It
is now discouraged to use globs of the form libFOO.so.* (or similar) for
listing %files entries like libFOO.so.MAJOR.MINOR.PATCH in %{_libdir},
because it can conceal SONAME changes, and may contribute to accidental
bumps. If the use of any glob is helpful in reducing maintenance burden,
using something less general - like libFOO.so.MAJOR* - is encouraged
instead.

* 
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_listing_shared_library_files
* https://pagure.io/packaging-committee/issue/784
* 
https://pagure.io/packaging-committee/c/2051d0c7dcd7f062e2c8571f19a8cf7eea8b0ce6?branch=master
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The Python packaging guidelines have been updated to reflect the fact
that Python 2 is deprecated.  All relevant information for legacy Python
2 packaging has been moved to the appendix.  Together with this change,
the rule for naming the executables if both Python versions are shipped
has been changed: "The unversioned executable should be the python3
version, unless it would break users expectations, in that case it may
be the python2 version." Examples of that are provided in the appendix.

* https://fedoraproject.org/wiki/Packaging:Python
* https://fedoraproject.org/wiki/Packaging:Python_Appendix
* https://pagure.io/packaging-committee/issue/793

-

The python guidelines were modified to indicate that packagers should
not simply glob all files and directories under the sitelib and sitearch
directories.  Other small changes were made to avoid conflicting with
this requirement.

* https://fedoraproject.org/wiki/Packaging:Python#Files_to_include
* https://pagure.io/packaging-committee/issue/782

-

A section covering the new automatic dependency generator was added to
the Python guidelines.

* 
https://fedoraproject.org/wiki/Packaging:Python#Automatically_generated_dependencies
* https://pagure.io/packaging-committee/issue/740

-

A new guidelines page was added, providing a place to discuss what is
and is not allowed in Fedora. A number of sections were moved there from
the main guidelines, and a new section was added indicating that only a
single kernel package is allowed in the distribution.

* https://fedoraproject.org/wiki/Packaging:What_Can_Be_Packaged
* https://pagure.io/packaging-committee/issue/792

-

Small cleanups were made to the crypto policies guidelines to modernize
them a bit, and a new section was added requiring that newly added
crypto libraries must comply with existing crypto policies.

* https://fedoraproject.org/wiki/Packaging:CryptoPolicies
* https://pagure.io/packaging-committee/issue/785

-

The section on file and directory dependencies has been rewritten to be
clearer and to explicitly indicate which file dependencies are
permissible and which are not.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#File_and_Directory_Dependencies
* https://pagure.io/packaging-committee/issue/714

-
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The Python packaging guidelines have been updated to reflect the fact
that Python 2 is deprecated.  All relevant information for legacy Python
2 packaging has been moved to the appendix.  Together with this change,
the rule for naming the executables if both Python versions are shipped
has been changed: "The unversioned executable should be the python3
version, unless it would break users expectations, in that case it may
be the python2 version." Examples of that are provided in the appendix.

* https://fedoraproject.org/wiki/Packaging:Python
* https://fedoraproject.org/wiki/Packaging:Python_Appendix
* https://pagure.io/packaging-committee/issue/793

-

The python guidelines were modified to indicate that packagers should
not simply glob all files and directories under the sitelib and sitearch
directories.  Other small changes were made to avoid conflicting with
this requirement.

* https://fedoraproject.org/wiki/Packaging:Python#Files_to_include
* https://pagure.io/packaging-committee/issue/782

-

A section covering the new automatic dependency generator was added to
the Python guidelines.

* 
https://fedoraproject.org/wiki/Packaging:Python#Automatically_generated_dependencies
* https://pagure.io/packaging-committee/issue/740

-

A new guidelines page was added, providing a place to discuss what is
and is not allowed in Fedora. A number of sections were moved there from
the main guidelines, and a new section was added indicating that only a
single kernel package is allowed in the distribution.

* https://fedoraproject.org/wiki/Packaging:What_Can_Be_Packaged
* https://pagure.io/packaging-committee/issue/792

-

Small cleanups were made to the crypto policies guidelines to modernize
them a bit, and a new section was added requiring that newly added
crypto libraries must comply with existing crypto policies.

* https://fedoraproject.org/wiki/Packaging:CryptoPolicies
* https://pagure.io/packaging-committee/issue/785

-

The section on file and directory dependencies has been rewritten to be
clearer and to explicitly indicate which file dependencies are
permissible and which are not.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#File_and_Directory_Dependencies
* https://pagure.io/packaging-committee/issue/714

-
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The packaging guidelines for enabling services by default were
significantly revised to emphasize that services starting by default
should fail only in exceptional conditions, and to provide additional
guidance for services related to hardware enablement.
 
 * https://fedoraproject.org/wiki/Packaging:DefaultServices
 * https://pagure.io/packaging-committee/issue/777

-

The Python guidelines were modified to mention the %pypi_source macro
(available in all Fedora and EPEL releases) which conveniently expands
to the proper source URL for the package at PyPi.

 * https://fedoraproject.org/wiki/Packaging:Python#Source_Files_from_PyPI
 * https://pagure.io/packaging-committee/issue/759

-

The Python guidelines were modified to indicate that packages must not
own the top-level __pycache__ directory.

 * https://fedoraproject.org/wiki/Packaging:Python#Byte_compiling
 * https://pagure.io/packaging-committee/issue/782

-

A small change was made to the Java packaging guidelines to specify a
dependency on javapackages-filesystem instead of javapackages-tools.

 * https://fedoraproject.org/wiki/Packaging:Java#BuildRequires_and_Requires
 * https://pagure.io/packaging-committee/issue/781
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/message/HP4LRC2RJNMOMXITZZYJ6FLF2RITY6H6/
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/HP4LRC2RJNMOMXITZZYJ6FLF2RITY6H6/

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The packaging guidelines for enabling services by default were
significantly revised to emphasize that services starting by default
should fail only in exceptional conditions, and to provide additional
guidance for services related to hardware enablement.
 
 * https://fedoraproject.org/wiki/Packaging:DefaultServices
 * https://pagure.io/packaging-committee/issue/777

-

The Python guidelines were modified to mention the %pypi_source macro
(available in all Fedora and EPEL releases) which conveniently expands
to the proper source URL for the package at PyPi.

 * https://fedoraproject.org/wiki/Packaging:Python#Source_Files_from_PyPI
 * https://pagure.io/packaging-committee/issue/759

-

The Python guidelines were modified to indicate that packages must not
own the top-level __pycache__ directory.

 * https://fedoraproject.org/wiki/Packaging:Python#Byte_compiling
 * https://pagure.io/packaging-committee/issue/782

-

A small change was made to the Java packaging guidelines to specify a
dependency on javapackages-filesystem instead of javapackages-tools.

 * https://fedoraproject.org/wiki/Packaging:Java#BuildRequires_and_Requires
 * https://pagure.io/packaging-committee/issue/781
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/HP4LRC2RJNMOMXITZZYJ6FLF2RITY6H6/

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

In Fedora 28 (and rawhide), the texinfo scriptlets (which call
install-info) are no longer necessary and should be removed or, for
cross-release specfiles, wrapped in conditionals. Note that there are
nearly 300 specs currently calling install-info in scriptlets; lists of
these packages will be posted separately to the devel list.

* https://fedoraproject.org/wiki/Packaging:Scriptlets#Texinfo
* https://pagure.io/packaging-committee/issue/773

-

The section of the Python packaging appendix relating to manual byte
compilation has been amended with a new section applying to Fedora 29
and newer only. Because this is a rarely-trafficked section of the
guidelines and the change mandates modifications to a number of
packages, I will summarize here:

If your package installs files with names ending in ".py" outside of the
standard directories for python files (/usr/lib(64)?/python\d.\d) then
in rawhide you must disable automatic byte compilation of files outside
of these directories by adding "%global _python_bytecompile_extra 0" to
your spec and then, if necessary, manually byte-compile those files with
a specific python version using the %py_byte_compile macro.

There are 479 packages which will need attention to fix this before the
default value of %_python_bytecompile_extra becomes 0 (and potentially
breaks many of those packages) in a future release. Lists of these
packages will be posted separately on the devel list.

* 
https://fedoraproject.org/wiki/Packaging:Python_Appendix#Manual_byte_compilation
* https://pagure.io/packaging-committee/issue/772

-

A new guideline page relating to package deprecation has been added, and both 
the main guidelines and review guidelines have been updated to reference it.

* https://fedoraproject.org/wiki/Packaging:Deprecating_Packages
* https://fedoraproject.org/wiki/Packaging:Guidelines#Deprecating_Packages
* 
https://fedoraproject.org/wiki/Packaging:ReviewGuidelines#Things_To_Check_On_Review
* https://pagure.io/packaging-committee/issue/723
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/message/4LOZKTTCTKJAT4D7FVSN7X3WVDSUVBG2/
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/4LOZKTTCTKJAT4D7FVSN7X3WVDSUVBG2/

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

Many changes have been made to the Ruby packaging guidelines to reflect
the current state of Ruby packaging.

* https://fedoraproject.org/wiki/Packaging:Ruby
* https://pagure.io/packaging-committee/issue/710

Note that the macros required for some of those guidelines might still
be making their way into the stable releases.

-

The Libraries and Applications section of the guidelines was modified to
favor independent packaging of applications and to discourage separate
graphical applications from having dependencies on each other.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Libraries_and_Applications
* https://pagure.io/packaging-committee/issue/694

-

An exception allowing the use of a specific subdirectory in /etc/opt by
Chrome native messaging extensions was approved.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Limited_usage_of_.2Fopt.2C_.2Fetc.2Fopt.2C_and_.2Fvar.2Fopt
* https://pagure.io/packaging-committee/issue/767
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org/message/DJUZVSBPI7G24IQYK2Q4WYON656ECFIG/
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/DJUZVSBPI7G24IQYK2Q4WYON656ECFIG/

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

Many changes have been made to the Ruby packaging guidelines to reflect
the current state of Ruby packaging.

* https://fedoraproject.org/wiki/Packaging:Ruby
* https://pagure.io/packaging-committee/issue/710

Note that the macros required for some of those guidelines might still
be making their way into the stable releases.

-

The Libraries and Applications section of the guidelines was modified to
favor independent packaging of applications and to discourage separate
graphical applications from having dependencies on each other.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Libraries_and_Applications
* https://pagure.io/packaging-committee/issue/694

-

An exception allowing the use of a specific subdirectory in /etc/opt by
Chrome native messaging extensions was approved.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Limited_usage_of_.2Fopt.2C_.2Fetc.2Fopt.2C_and_.2Fvar.2Fopt
* https://pagure.io/packaging-committee/issue/767
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/DJUZVSBPI7G24IQYK2Q4WYON656ECFIG/

Re: [Guidelines change] Changes to the packaging guidelines

[Miro Hrončok]

On 24.4.2018 15:32, Miro Hrončok wrote:

On 23.4.2018 21:37, Mátyás Selmeci wrote:

On 04/23/2018 01:06 PM, Jason L Tibbitts III wrote:

The Python guidelines now more clearly indicate that use of %{__python},
%{python_sitelib} and %{python_sitearch} is forbidden.

  * https://fedoraproject.org/wiki/Packaging:Python#Macros
  * https://pagure.io/packaging-committee/issue/745



The EPEL guidelines for Python [1] still recommend these for EPEL6 
instead of %{python2_sitelib}, etc.  Is that still the case, or should 
those guidelines be updated?


AFAIK all of those macros are available in EPEL6. Will check and open an 
issue at http://pagure.io/packaging-committee/


Indeed. https://pagure.io/packaging-committee/issue/765

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Miro Hrončok]

On 23.4.2018 21:37, Mátyás Selmeci wrote:

On 04/23/2018 01:06 PM, Jason L Tibbitts III wrote:

The Python guidelines now more clearly indicate that use of %{__python},
%{python_sitelib} and %{python_sitearch} is forbidden.

  * https://fedoraproject.org/wiki/Packaging:Python#Macros
  * https://pagure.io/packaging-committee/issue/745



The EPEL guidelines for Python [1] still recommend these for EPEL6 
instead of %{python2_sitelib}, etc.  Is that still the case, or should 
those guidelines be updated?


AFAIK all of those macros are available in EPEL6. Will check and open an 
issue at http://pagure.io/packaging-committee/



--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Mátyás Selmeci]

On 04/23/2018 01:06 PM, Jason L Tibbitts III wrote:

The Python guidelines now more clearly indicate that use of %{__python},
%{python_sitelib} and %{python_sitearch} is forbidden.

  * https://fedoraproject.org/wiki/Packaging:Python#Macros
  * https://pagure.io/packaging-committee/issue/745



The EPEL guidelines for Python [1] still recommend these for EPEL6 
instead of %{python2_sitelib}, etc.  Is that still the case, or should 
those guidelines be updated?


Thanks,
-Mat

[1] https://fedoraproject.org/wiki/EPEL:Packaging#Python
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

A note was added to the Python guidelines indicating that the python2
stack may go away and that upstreams should be contacted about software
not yet ported to python3.

 * https://fedoraproject.org/wiki/Packaging:Python#Python_Version_Support
 * https://pagure.io/packaging-committee/issue/753

-

The Python guidelines now more clearly indicate that use of %{__python},
%{python_sitelib} and %{python_sitearch} is forbidden.

 * https://fedoraproject.org/wiki/Packaging:Python#Macros
 * https://pagure.io/packaging-committee/issue/745

-

Information about the automatic shebang line checking and modification
has been added to both the main guidelines and the Python guidelines.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Shebang_lines
 * https://fedoraproject.org/wiki/Packaging:Python#Multiple_Python_Runtimes
 * https://pagure.io/packaging-committee/issue/738

-

The guidelines section relating to architecture support has been updated
to reflect the current state of koji's support of
ExclusiveArch:/ExcludeArch: in noarch packages.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Noarch_with_Unported_Dependencies
 * https://pagure.io/packaging-committee/issue/751

-

A guideline was added showing how to disable buildroot policy scripts
for your package, if necessary:

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#BRP_.28BuildRoot_Policy.29_Scripts
 * https://pagure.io/packaging-committee/issue/749

-

The Documentation section of the main guidelines was expanded to include
information about reducing build dependencies by building documentation
in a separate source package.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Documentation
 * https://pagure.io/packaging-committee/issue/715

-

The AppData guidelines were updated to mention the %_metainfodir macro,
which was added to cut down on the need for %if blocks in cross-distro
specfiles.

 * https://fedoraproject.org/wiki/Packaging:AppData#app-data-validate_usage
 * https://pagure.io/packaging-committee/issue/752

Note that redhat-rpm-config/epel-rpm-macros packages supporting this are
in updates-testing, but buildroot overrides are active so you can use
the macro in Koji builds now.

-

The section on packaging additional RPM macros has been simplified 
significantly.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_of_Additional_RPM_Macros
 * https://pagure.io/packaging-committee/issue/601

Note that the epel-rpm-macros package supporting this in EPEL7 is in
updates-testing, but a buildroot override is active so you can use the
macro in Koji builds now.
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

A note was added to the Python guidelines indicating that the python2
stack may go away and that upstreams should be contacted about software
not yet ported to python3.

 * https://fedoraproject.org/wiki/Packaging:Python#Python_Version_Support
 * https://pagure.io/packaging-committee/issue/753

-

The Python guidelines now more clearly indicate that use of %{__python},
%{python_sitelib} and %{python_sitearch} is forbidden.

 * https://fedoraproject.org/wiki/Packaging:Python#Macros
 * https://pagure.io/packaging-committee/issue/745

-

Information about the automatic shebang line checking and modification
has been added to both the main guidelines and the Python guidelines.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Shebang_lines
 * https://fedoraproject.org/wiki/Packaging:Python#Multiple_Python_Runtimes
 * https://pagure.io/packaging-committee/issue/738

-

The guidelines section relating to architecture support has been updated
to reflect the current state of koji's support of
ExclusiveArch:/ExcludeArch: in noarch packages.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Noarch_with_Unported_Dependencies
 * https://pagure.io/packaging-committee/issue/751

-

A guideline was added showing how to disable buildroot policy scripts
for your package, if necessary:

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#BRP_.28BuildRoot_Policy.29_Scripts
 * https://pagure.io/packaging-committee/issue/749

-

The Documentation section of the main guidelines was expanded to include
information about reducing build dependencies by building documentation
in a separate source package.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Documentation
 * https://pagure.io/packaging-committee/issue/715

-

The AppData guidelines were updated to mention the %_metainfodir macro,
which was added to cut down on the need for %if blocks in cross-distro
specfiles.

 * https://fedoraproject.org/wiki/Packaging:AppData#app-data-validate_usage
 * https://pagure.io/packaging-committee/issue/752

Note that redhat-rpm-config/epel-rpm-macros packages supporting this are
in updates-testing, but buildroot overrides are active so you can use
the macro in Koji builds now.

-

The section on packaging additional RPM macros has been simplified 
significantly.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_of_Additional_RPM_Macros
 * https://pagure.io/packaging-committee/issue/601

Note that the epel-rpm-macros package supporting this in EPEL7 is in
updates-testing, but a buildroot override is active so you can use the
macro in Koji builds now.
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Just this one change, but it has implications for many packages.

The Scriptlet guidelines have received several changes regarding the
installation of shared libraries and ldconfig.  Use of the new macros
is detailed, and there is a new section on the scriptlets required when
linker configuration files are installed.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Shared_Libraries
* https://fedoraproject.org/wiki/Packaging:Scriptlets#Shared_Libraries
* https://pagure.io/packaging-committee/issue/654

Please note the following before attempting to use the new macros
outside of rawhide builds:

1) The updates for F27 (redhat-rpm-config-70.1.fc27) and F26
   (redhat-rpm-cponfig-64.1.fc26) which provide the new macros are
   currently on their way to stable and will hopefully be generally
   available in a day or so.

2) The epel-rpm-macros updates for EPEL7 and EPEL6, which provide the
   new macros for those EPEL releases, are in the testing repositories
   and need more karma before they can be pushed to stable:
   * https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c5ae067f71
   * https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-580a31cb75
   
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Just this one change, but it has implications for many packages.

The Scriptlet guidelines have received several changes regarding the
installation of shared libraries and ldconfig.  Use of the new macros
is detailed, and there is a new section on the scriptlets required when
linker configuration files are installed.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Shared_Libraries
* https://fedoraproject.org/wiki/Packaging:Scriptlets#Shared_Libraries
* https://pagure.io/packaging-committee/issue/654

Please note the following before attempting to use the new macros
outside of rawhide builds:

1) The updates for F27 (redhat-rpm-config-70.1.fc27) and F26
   (redhat-rpm-cponfig-64.1.fc26) which provide the new macros are
   currently on their way to stable and will hopefully be generally
   available in a day or so.

2) The epel-rpm-macros updates for EPEL7 and EPEL6, which provide the
   new macros for those EPEL releases, are in the testing repositories
   and need more karma before they can be pushed to stable:
   * https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-c5ae067f71
   * https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-580a31cb75
   
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

We have more things coming in concert with various distro changes that
are happening, but I wanted to get these two out there now.

-

The icon cache scriptlets were removed from the scriptlet guidelines, as
no live Fedora release needs them.  They have been moved to the EPEL
packaging guidelines instead.
* https://fedoraproject.org/wiki/Packaging:Scriptlets
* https://fedoraproject.org/wiki/EPEL:Packaging
* https://pagure.io/packaging-committee/issue/736

-

A section was added to the beginning of the guidelines, clarifying how
they apply to the various Fedora releases and to EPEL.
* https://fedoraproject.org/wiki/Packaging:Guidelines#Applicability
* https://pagure.io/packaging-committee/issue/744
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

Following releng approval, the restrictions on the use of rich/Boolean
dependencies have been lifted.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
* https://pagure.io/packaging-committee/issue/559

-

Packaging guidelines for Rust have been added.

* https://fedoraproject.org/wiki/Packaging:Rust
* https://pagure.io/packaging-committee/issue/705

-

A new section was added to the packaging guidelines regarding shebang
lines. It forbids the use of 'env' and codifies the longstanding rpmlint
rule that non-executable files should not have shebang lines.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Shebang_lines
* https://pagure.io/packaging-committee/issue/700

-

Appstream metadata guidelines were updated to reflect the new location
into which appdata files should be placed.

* https://fedoraproject.org/wiki/Packaging:AppData
* https://pagure.io/packaging-committee/issue/704

-

The python guidelines were modified to forbid the use of /usr/bin/python
in shebang lines or as a dependency of a package.

* https://fedoraproject.org/wiki/Packaging:Python#Multiple_Python_Runtimes
* https://pagure.io/packaging-committee/issue/698

-

The SourceURL guideliens were altered to Use a simplified form for
github URLs.

* https://fedoraproject.org/wiki/Packaging:SourceURL#Git_Hosting_Services
* https://pagure.io/packaging-committee/issue/697

-

The section on bundled libraries was expanded with more explicit
instructions on constructing the Provides: line which indicates the
bundling.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Bundling_and_Duplication_of_system_libraries
* https://pagure.io/packaging-committee/issue/696

-

The section on statically linking executables has been completely
revamped to remove the need for committee intervention and to make it
more obvious that there is no prohibition on statically linking to build
artifacts within a single package.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Statically_Linking_Executables
* https://pagure.io/packaging-committee/issue/692
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The guidelines for enabling services by default modified to indicate
that FESCo approval is required for services which change the behavior
of other services.

* https://fedoraproject.org/wiki/Packaging:DefaultServices#Restrictions
* https://pagure.io/packaging-committee/issue/683

-

A very minor tweak was made to the bootstrapping guidelines to invert
the sense of a test so that it matches expectations.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Bootstrapping
* https://pagure.io/packaging-committee/issue/684

-

The python guidelines were updated to mention that "python-" MUST NOT be
used in dependencies unless the proper "python2-" or "python3-" packages
do not exist.

* https://fedoraproject.org/wiki/Packaging:Python#Dependencies
* https://pagure.io/packaging-committee/issue/686

-

The naming guidelines have been altered to indicate that python2 binary
packages MUST be named starting with "python2-" and that python3 binary
package MUST be named starting with "python3-".  The section on the old
naming conventions for python packages has been removed as it has not
been acceptable for many releases now.

* https://fedoraproject.org/wiki/Packaging:Naming#Python_modules
* https://pagure.io/packaging-committee/issue/685

-

The guidelines for package dependencies were cleaned up and modified to
indicate that all package dependencies MUST be satisfiable within the
official Fedora repositories.  A statement reiterating that fact was
added to the page on weak dependencies as well.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Package_Dependencies
* https://fedoraproject.org/wiki/Packaging:WeakDependencies
* https://pagure.io/packaging-committee/issue/688
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jonathan Wakely]

On 07/03/17 13:41 -0600, Jason L Tibbitts III wrote:

"JW" == Jonathan Wakely  writes:


JW> The template at
JW> 
https://fedoraproject.org/wiki/How_to_create_an_RPM_package#SPEC_templates_and_examples
JW> still shows %install cleaning the buildroot as the first step,
JW> should that be corrected?

There are probably any number of pages which these days have become
outdated with regards to changes to the guidelines.  I try to fix them
when I can but I have finite time.


Sure. I was checking whether I should make the change myself, not
complaining it hadn't been done.


Also, in context, your link is already in the section saying it's from
the old document and is probably out of date, isn't it?  I guess I could


Good point. I jumped past that note (I think I got there from a
Google search for %clean or something like that) and didn't even
realise there is an "Old document below" section of the page.

I won't bother changing it as it's the out-of-date info anyway.

Thanks.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "JW" == Jonathan Wakely  writes:

JW> Sure. I was checking whether I should make the change myself, not
JW> complaining it hadn't been done.

You are of course welcome to change any page that isn't in one of the
protected hierarchies (Packaging:, Legal:).  We certainly need more
people willing to fix up bad information on the wiki.

JW> I won't bother changing it as it's the out-of-date info anyway.

I did fix it up, but I'm sure there are more things in that document
which would need changing.  It would of course be better if I actually
had the time to finish working on that document, but of course everyone
is welcome to help.

 - J<
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "JW" == Jonathan Wakely  writes:

JW> The template at
JW> 
https://fedoraproject.org/wiki/How_to_create_an_RPM_package#SPEC_templates_and_examples
JW> still shows %install cleaning the buildroot as the first step,
JW> should that be corrected?

There are probably any number of pages which these days have become
outdated with regards to changes to the guidelines.  I try to fix them
when I can but I have finite time.

Also, in context, your link is already in the section saying it's from
the old document and is probably out of date, isn't it?  I guess I could
have just completely removed the old document once my rewrite had
progressed to the point it's at, but I elected not to do so.

 - J<
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Sérgio Basto]

On Ter, 2017-03-07 at 14:29 +, Jonathan Wakely wrote:
> > 
> > The Tags and Sections section of the main guidelines was modified
> > to
> > use "SHOULD" and "MUST" language throughout, and to either
> > discourage
> > or prohibit the use of certain tags and sections. The section is
> > short,
> > so I've included it below.
> > 
> > "
> > * The Copyright:, Packager:, Vendor: and PreReq: tags MUST NOT be
> > used.
> > * The BuildRoot: tag and %clean section SHOULD NOT be used.
> > * The contents of the buildroot SHOULD NOT be removed in the first
> > line
> >   of %install.
> > * The Summary: tag value SHOULD NOT end in a period.
> > * The Source: tags document where to find the upstream sources for
> > the
> >   package. In most cases this SHOULD be a complete URL to the
> > upstream
> >   tarball. For special cases, please see the SourceURL Guidelines.
> > * The Group: tag is unnecessary.
> > "
> > 
> > * https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sect
> > ions
> > * https://fedorahosted.org/fpc/ticket/652
> 
> The template at https://fedoraproject.org/wiki/How_to_create_an_RPM_p
> ackage#SPEC_templates_and_examples still shows %install cleaning the
> buildroot as the first step, should that be corrected?

IMHO No , also  $RPM_BUILD_ROOT is in disuse 


-- 
Sérgio M. B.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jonathan Wakely]

> The Tags and Sections section of the main guidelines was modified to
> use "SHOULD" and "MUST" language throughout, and to either discourage
> or prohibit the use of certain tags and sections. The section is short,
> so I've included it below.
> 
> "
> * The Copyright:, Packager:, Vendor: and PreReq: tags MUST NOT be used.
> * The BuildRoot: tag and %clean section SHOULD NOT be used.
> * The contents of the buildroot SHOULD NOT be removed in the first line
>   of %install.
> * The Summary: tag value SHOULD NOT end in a period.
> * The Source: tags document where to find the upstream sources for the
>   package. In most cases this SHOULD be a complete URL to the upstream
>   tarball. For special cases, please see the SourceURL Guidelines.
> * The Group: tag is unnecessary.
> "
> 
> * https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections
> * https://fedorahosted.org/fpc/ticket/652

The template at 
https://fedoraproject.org/wiki/How_to_create_an_RPM_package#SPEC_templates_and_examples
 still shows %install cleaning the buildroot as the first step, should that be 
corrected?

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Vít Ondruch]

Dne 3.3.2017 v 02:33 Jason L Tibbitts III napsal(a):
> Here are the recent changes to the packaging guidelines.
>
> 
>
> The guidelines on versioning packages were completely rewritten in order
> to make them (hopefully) more comprehensible. This rewrite was not
> intended to introduce functional changes, but during the draft process
> the following small changes to the versioning scheme were approved by
> the committee and included in the rewrite:
>
> * Use of Version: 0 when upstream has not chosen a version.
>
> * Allowing "MMDD.commithash" (instead of requiring mention of
>   the SCM in use) in the "snapshot information" field.
>
> * Explicit mention of the case where upstream uses invalid characters.
>
> * More detailed explanation of dealing with "unsortable" elements,
>   instead of leaving many cases undefined.
>
> The examples were also split out of this page and placed in a new page
> which is outside of the protected Packaging hierarchy. The rewrite of
> this page is not yet complete at this time and I will be working on over
> the next several days, but assistance is most welcome.
>
> * https://fedoraproject.org/wiki/Packaging:Versioning
> * https://fedoraproject.org/wiki/Package_Versioning_Examples
> * https://pagure.io/packaging-committee/issue/656
>

Wouldn't it be useful to mention "rpmdev-vercmp" somewhere?


Vít
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Kevin Kofler]

Jason L Tibbitts III wrote:
> * Allowing "MMDD.commithash" (instead of requiring mention of
>   the SCM in use) in the "snapshot information" field.

What's the point of allowing that format?
1. It destroys consistency (and the fact that the formats are now
   "suggested" rather than required do, too).
2. It omits information.
3. It can become really confusing if upstream switches to another revision
   control system with the same revision ID format (e.g., from one
   distributed SCM using hashes to another, e.g., git to hg or hg to git).

And also, why, if essentially the whole versioning guidelines were 
rewritten, was the opportunity not taken to also finally use the tilde in 
Version instead of the legacy Release hack?

Kevin Kofler
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.



The guidelines on versioning packages were completely rewritten in order
to make them (hopefully) more comprehensible. This rewrite was not
intended to introduce functional changes, but during the draft process
the following small changes to the versioning scheme were approved by
the committee and included in the rewrite:

* Use of Version: 0 when upstream has not chosen a version.

* Allowing "MMDD.commithash" (instead of requiring mention of
  the SCM in use) in the "snapshot information" field.

* Explicit mention of the case where upstream uses invalid characters.

* More detailed explanation of dealing with "unsortable" elements,
  instead of leaving many cases undefined.

The examples were also split out of this page and placed in a new page
which is outside of the protected Packaging hierarchy. The rewrite of
this page is not yet complete at this time and I will be working on over
the next several days, but assistance is most welcome.

* https://fedoraproject.org/wiki/Packaging:Versioning
* https://fedoraproject.org/wiki/Package_Versioning_Examples
* https://pagure.io/packaging-committee/issue/656

-

The main guideline page has been updated to indicate that the Group: tag
should not be used.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections
* https://pagure.io/packaging-committee/issue/679

-

The section of the guidelines relating to spec files was
reorganized. Outdated information was removed and a new section was
added indicating the canonical status of the spec file in Fedora git
repository.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_Files
* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_Maintenance_and_Canonicity
* https://pagure.io/packaging-committee/issue/613

-

A new section was added to the main guideline page with information on
the differences between libraries and how packages which fall into both
categories should be packaged.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Libraries_and_Applications
* https://pagure.io/packaging-committee/issue/558

-

The main guidelines section on file dependencies was amended to include
information about directory dependencies, including a rule against
depending on a directory in order to bring in any files or package
functionality.

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#File_and_Directory_Dependencies
* https://pagure.io/packaging-committee/issue/632

-

The Dependency Filtering guideline page was cleaned up a bit to remove
outdated information about Perl filtering.

* https://fedoraproject.org/wiki/Packaging:AutoProvidesAndRequiresFiltering
* https://pagure.io/packaging-committee/issue/591

-

The example spec in the tmpfiles.d guidelines has been cleaned up.

* https://fedoraproject.org/wiki/Packaging:Tmpfiles.d
* https://pagure.io/packaging-committee/issue/680
* https://pagure.io/packaging-committee/issue/670
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "TK" == Tomasz Kłoczko  writes:

TK> And now someone should add to git filtering off above, process all
TK> spec files in git repos and commit necessary changes adding in
TK> commit comment link to updated guidelines.

Yes, I have some scripts brewing but I am not going to try and
do that until F27 branches.  I wasn't planning on trying to do anything
in a git hook, though; that kind of thing can cause problems because no
matter what you do, there's always an exception case that it breaks.

Tuning up rpmlint to complain properly is another thing to do.  I just
haven't managed to get very far in hacking tests into it yet.

Also, it's possible (or rather, I've proposed) that with EPEL5 going
away in six weeks that we will move from "Group: is unnecessary" to
"Group: SHOULD NOT be used".  That's being discussed in
https://pagure.io/packaging-committee/issue/679

 - J<
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Tomasz Kłoczko]

On 17 February 2017 at 03:35, Jason L Tibbitts III 
wrote:

> * The Copyright:, Packager:, Vendor: and PreReq: tags MUST NOT be used.
> * The BuildRoot: tag and %clean section SHOULD NOT be used.
> * The contents of the buildroot SHOULD NOT be removed in the first line
>   of %install.
> * The Summary: tag value SHOULD NOT end in a period.
> * The Source: tags document where to find the upstream sources for the
>   package. In most cases this SHOULD be a complete URL to the upstream
>   tarball. For special cases, please see the SourceURL Guidelines.
> * The Group: tag is unnecessary.
>

And now someone should add to git filtering off above, process all spec
files in git repos and commit necessary changes adding in commit comment
link to updated guidelines.
Without this even in a year still will be in many spec files not compliant
with those rules.

Tomasz
-- 
Tomasz Kłoczko | LinkedIn: *http://lnkd.in/FXPWxH *
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Oops, one additional change was made which I left out of the previous
announcement.

A section was added to the Python guidelines describing the automatic
generation of Provides: which was added in Fedora 25. Descriptions of
three new macros were also added.

* 
https://fedoraproject.org/wiki/Packaging:Python#Automatic_Provides_with_a_standardized_name
* https://fedoraproject.org/wiki/Packaging:Python#Macros
* https://fedorahosted.org/fpc/ticket/635 
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The systemd section of the scriptlet guidelines was updated to indicate
situations where the %systemd_ordering macro may be used instead of
%systemd_requires.

* https://fedoraproject.org/wiki/Packaging:Scriptlets#Systemd
* https://fedorahosted.org/fpc/ticket/644

-

The guidelines for replacing existing packages have been updated with
mention of the "fedora-obsolete-packages" package:

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Renaming.2FReplacing_Existing_Packages
* https://apps.fedoraproject.org/packages/fedora-obsolete-packages/overview/
* https://fedorahosted.org/fpc/ticket/645

-

The guidelines for systemd scriptlets were updated with mention of the
macros to be used for systemd user units.

* https://fedoraproject.org/wiki/Packaging:Scriptlets#Systemd
* https://fedorahosted.org/fpc/ticket/647

-

The SourceURL guidelines were updated to reflect a simpler method for
downloading tagged releases from Github.

* https://fedoraproject.org/wiki/Packaging:SourceURL#Git_Tags
* https://fedorahosted.org/fpc/ticket/651

-

The Tags and Sections section of the main guidelines was modified to
use "SHOULD" and "MUST" language throughout, and to either discourage
or prohibit the use of certain tags and sections. The section is short,
so I've included it below.

"
* The Copyright:, Packager:, Vendor: and PreReq: tags MUST NOT be used.
* The BuildRoot: tag and %clean section SHOULD NOT be used.
* The contents of the buildroot SHOULD NOT be removed in the first line
  of %install.
* The Summary: tag value SHOULD NOT end in a period.
* The Source: tags document where to find the upstream sources for the
  package. In most cases this SHOULD be a complete URL to the upstream
  tarball. For special cases, please see the SourceURL Guidelines.
* The Group: tag is unnecessary.
"

* https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections
* https://fedorahosted.org/fpc/ticket/652

-

The File Permissions section was cleaned up somewhat, to use slightly
cleaner grammar, use "SHOULD" and "MUST" throughout and to remove
redundant information. In addition, the following sentence was added:

"The %defattr directive in the %files list SHOULD ONLY be used when
setting a non-default value, or to reset to the default value after
having set a non-default value."

* https://fedoraproject.org/wiki/Packaging:Guidelines#File_Permissions
* https://fedorahosted.org/fpc/ticket/652

-

The Python Egg guidelines were update to better match current Python
packaging and to mention the %py*_install_egg macros.

* https://fedoraproject.org/wiki/Packaging:Python_Eggs
* https://fedorahosted.org/fpc/ticket/663

-

The example spec in the Python guidelines was modified to correspond to
the usual, "python3 is default" case where versioned executables are not
installed.

* https://fedoraproject.org/wiki/Packaging:Python
* https://fedorahosted.org/fpc/ticket/672

-

The guidelines for using Alternatives have been better indicate the
situations where alternatives are and are not appropriate.

* https://fedoraproject.org/wiki/Packaging:Alternatives
* https://fedorahosted.org/fpc/ticket/673

-

The guidelines for per-product configuration have been updated to allow
copying the config file instead of mandating symlinking and to specify
the location where the variant configurations should be stored.

* https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
* https://fedorahosted.org/fpc/ticket/675
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Oops, one additional change was made which I left out of the previous
announcement.

A section was added to the Python guidelines describing the automatic
generation of Provides: which was added in Fedora 25. Descriptions of
three new macros were also added.

* 
https://fedoraproject.org/wiki/Packaging:Python#Automatic_Provides_with_a_standardized_name
* https://fedoraproject.org/wiki/Packaging:Python#Macros
* https://fedorahosted.org/fpc/ticket/635 
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The systemd section of the scriptlet guidelines was updated to indicate
situations where the %systemd_ordering macro may be used instead of
%systemd_requires.

* https://fedoraproject.org/wiki/Packaging:Scriptlets#Systemd
* https://fedorahosted.org/fpc/ticket/644

-

The guidelines for replacing existing packages have been updated with
mention of the "fedora-obsolete-packages" package:

* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Renaming.2FReplacing_Existing_Packages
* https://apps.fedoraproject.org/packages/fedora-obsolete-packages/overview/
* https://fedorahosted.org/fpc/ticket/645

-

The guidelines for systemd scriptlets were updated with mention of the
macros to be used for systemd user units.

* https://fedoraproject.org/wiki/Packaging:Scriptlets#Systemd
* https://fedorahosted.org/fpc/ticket/647

-

The SourceURL guidelines were updated to reflect a simpler method for
downloading tagged releases from Github.

* https://fedoraproject.org/wiki/Packaging:SourceURL#Git_Tags
* https://fedorahosted.org/fpc/ticket/651

-

The Tags and Sections section of the main guidelines was modified to
use "SHOULD" and "MUST" language throughout, and to either discourage
or prohibit the use of certain tags and sections. The section is short,
so I've included it below.

"
* The Copyright:, Packager:, Vendor: and PreReq: tags MUST NOT be used.
* The BuildRoot: tag and %clean section SHOULD NOT be used.
* The contents of the buildroot SHOULD NOT be removed in the first line
  of %install.
* The Summary: tag value SHOULD NOT end in a period.
* The Source: tags document where to find the upstream sources for the
  package. In most cases this SHOULD be a complete URL to the upstream
  tarball. For special cases, please see the SourceURL Guidelines.
* The Group: tag is unnecessary.
"

* https://fedoraproject.org/wiki/Packaging:Guidelines#Tags_and_Sections
* https://fedorahosted.org/fpc/ticket/652

-

The File Permissions section was cleaned up somewhat, to use slightly
cleaner grammar, use "SHOULD" and "MUST" throughout and to remove
redundant information. In addition, the following sentence was added:

"The %defattr directive in the %files list SHOULD ONLY be used when
setting a non-default value, or to reset to the default value after
having set a non-default value."

* https://fedoraproject.org/wiki/Packaging:Guidelines#File_Permissions
* https://fedorahosted.org/fpc/ticket/652

-

The Python Egg guidelines were update to better match current Python
packaging and to mention the %py*_install_egg macros.

* https://fedoraproject.org/wiki/Packaging:Python_Eggs
* https://fedorahosted.org/fpc/ticket/663

-

The example spec in the Python guidelines was modified to correspond to
the usual, "python3 is default" case where versioned executables are not
installed.

* https://fedoraproject.org/wiki/Packaging:Python
* https://fedorahosted.org/fpc/ticket/672

-

The guidelines for using Alternatives have been better indicate the
situations where alternatives are and are not appropriate.

* https://fedoraproject.org/wiki/Packaging:Alternatives
* https://fedorahosted.org/fpc/ticket/673

-

The guidelines for per-product configuration have been updated to allow
copying the config file instead of mandating symlinking and to specify
the location where the variant configurations should be stored.

* https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
* https://fedorahosted.org/fpc/ticket/675
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Pavel Raiskup]

On Tuesday, October 4, 2016 2:27:44 PM CEST Andrea Musuruane wrote:
> On Tue, Aug 23, 2016 at 1:54 PM, Andrea Musuruane  wrote:
> >
> >
> > On Thu, Aug 18, 2016 at 8:25 PM, Jason L Tibbitts III 
> > wrote:
> >>
> >> Here are the recent changes to the packaging guidelines.
> >>
> >> -
> >>
> >> The Filesystem Layout section of the guidelines was simplified and
> >> outdated information was removed.
> >>
> >> * https://fedoraproject.org/wiki/Packaging:Guidelines
> >> * https://fedoraproject.org/wiki/Packaging:Guidelines#Filesystem_Layout
> >> * https://fedorahosted.org/fpc/ticket/623
> >
> >
> > The links to FHS specs are all outdated. The current one is
> > https://wiki.linuxfoundation.org/lsb/fhs
> >
> > Moreover I still read "The Filesystem Hierarchy Standard does not include
> > any provision for libexecdir, " which is not accurate:
> > http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html
> 
> I still read the same issues. The page is protected and it cannot be
> freely edited.

FWIW, I don't think the FHS has been fixed correctly WRT libexecdir, even
though it points to GNU Coding Standards (which is equivalent to how Fedora
interprets libexec):

FHS [1] says:

  /usr/libexec includes internal binaries that are not intended to be
  executed directly by users or shell scripts. ...

.. why there is the part ".. or shell scripts?".  How a shell script differs
from other (binary) programs?

GNU standards [2] say "The directory for installing executable
programs to be run by other programs rather than by users.".

[1] http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html
[2] https://www.gnu.org/prep/standards/html_node/Directory-Variables.html

Pavel
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Andrea Musuruane]

On Tue, Aug 23, 2016 at 1:54 PM, Andrea Musuruane  wrote:
>
>
> On Thu, Aug 18, 2016 at 8:25 PM, Jason L Tibbitts III 
> wrote:
>>
>> Here are the recent changes to the packaging guidelines.
>>
>> -
>>
>> The Filesystem Layout section of the guidelines was simplified and
>> outdated information was removed.
>>
>> * https://fedoraproject.org/wiki/Packaging:Guidelines
>> * https://fedoraproject.org/wiki/Packaging:Guidelines#Filesystem_Layout
>> * https://fedorahosted.org/fpc/ticket/623
>
>
> The links to FHS specs are all outdated. The current one is
> https://wiki.linuxfoundation.org/lsb/fhs
>
> Moreover I still read "The Filesystem Hierarchy Standard does not include
> any provision for libexecdir, " which is not accurate:
> http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html

I still read the same issues. The page is protected and it cannot be
freely edited.

Bye,

Andrea
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Andrea Musuruane]

On Thu, Aug 18, 2016 at 8:25 PM, Jason L Tibbitts III 
wrote:

> Here are the recent changes to the packaging guidelines.
>
> -
>
> The Filesystem Layout section of the guidelines was simplified and
> outdated information was removed.
>
> * https://fedoraproject.org/wiki/Packaging:Guidelines
> * https://fedoraproject.org/wiki/Packaging:Guidelines#Filesystem_Layout
> * https://fedorahosted.org/fpc/ticket/623


The links to FHS specs are all outdated. The current one is
https://wiki.linuxfoundation.org/lsb/fhs

Moreover I still read "The Filesystem Hierarchy Standard does not include
any provision for libexecdir, " which is not accurate:
http://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html

Bye,

Andrea
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The Filesystem Layout section of the guidelines was simplified and
outdated information was removed.

* https://fedoraproject.org/wiki/Packaging:Guidelines
* https://fedoraproject.org/wiki/Packaging:Guidelines#Filesystem_Layout
* https://fedorahosted.org/fpc/ticket/623

-

The outdated section restricting dependencies between /bin and /usr has
been removed.

* https://fedoraproject.org/wiki/Packaging:Guidelines
* 
https://fedoraproject.org/wiki/Packaging:Guidelines#Binaries_in_.2Fbin_and_.2Fsbin
(now deleted)
* https://fedorahosted.org/fpc/ticket/624

-

A set of guidelines for GAP packages has been added.

* https://fedoraproject.org/wiki/Packaging:GAP
* https://fedorahosted.org/fpc/ticket/625

-

A section has been added to the guidelines which documents the
procedure for deviation from those guidelines. Work will now begin to
clarify the language in existing guidelines into the usual SHOULD and
MUST categories to help reduce confusion surrounding the "strength" of
guidelines. 

* https://fedoraproject.org/wiki/Packaging:Guidelines#General_Exception_Policy
* https://fedorahosted.org/fpc/ticket/633

-

Due to the addition of RPM file triggers, the scriptlet guidelines have
been amended to indicate that some scriptlets should not be used in
F24+. Specifically: gsettings schemas, gdk-pixbuf loaders, gtk+ 3
modules, gio modules and mimeinfo.  Also, update-desktop-database should
not be used as of Fedora 25.

* https://fedoraproject.org/wiki/Packaging:Scriptlets
* https://fedorahosted.org/fpc/ticket/636

-

The review process document has been amended to note possible
exceptions, and to indicate that review is not needed in certain
situations where a different version of an existing package is being
added.

* 
https://fedoraproject.org/wiki/Packaging:ReviewGuidelines#Package_Review_Process
* https://fedorahosted.org/fpc/ticket/637

-

Corrected the suggest source URL for tarballs hosted on pypi to use
https://files.pythonhosted.org

* https://fedoraproject.org/wiki/Packaging:Python#Example_common_spec_file
* https://fedoraproject.org/wiki/Packaging:SourceURL#Python_Packages_.28pypi.29
* https://fedorahosted.org/fpc/ticket/640

-

The running of system daemons as the "nobody" user has been forbidden.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Users_and_Groups
* https://fedorahosted.org/fpc/ticket/642
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel-annou...@lists.fedoraproject.org
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The section on the use of pregenerated code was amended to indicate the
preference for having tools necessary to regenerate such code be free
software and packaged in Fedora.
* https://fedoraproject.org/wiki/Packaging:Guidelines
* https://fedoraproject.org/wiki/Packaging:Guidelines#Use_of_pregenerated_code
* https://fedorahosted.org/fesco/ticket/1514

-

The outdated prohibition on socket activated services was removed from
the Systemd packaging guidelines.

* https://fedoraproject.org/wiki/Packaging:Systemd
* https://fedoraproject.org/wiki/Packaging:Systemd#Socket_activation
* https://fedorahosted.org/fpc/ticket/618 

-

The Perl guidelines were modified to include information about necessary
build dependencies now that Perl itself is being removed from the
default buildroot.

* https://fedoraproject.org/wiki/Packaging:Perl
* https://fedoraproject.org/wiki/Packaging:Perl#Build_Dependencies
* https://fedorahosted.org/fpc/ticket/620 

-

The section on use of /run has been simplified.

* https://fedoraproject.org/wiki/Packaging:Guidelines#.2Frun
* https://fedorahosted.org/fpc/ticket/622
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-annou...@lists.fedoraproject.org
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "RD" == Rex Dieter  writes:

RD> Perhaps fpc folks missed my recent related post:

That change was actually made quite some time before I sent the
announcement.  Sometimes I get behind.

 - J<
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Rex Dieter]

Jason L Tibbitts III wrote:

> Here are the recent changes to the packaging guidelines.
...
> The use of rich (or Boolean) dependencies is now OK for F23+.
>  * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
>  * https://fedorahosted.org/fpc/ticket/593

Perhaps fpc folks missed my recent related post:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/WGMAZSE76GW2WH3OGXYQM5RLRNBV5ZWV/

short version:
* using rich deps with Supplements is ok
* using rich deps with Requires/Recommends is not ok

This is mostly due to fedora tools that are still yum-based.  yum can grok 
Requires/Recommends, but not rich deps.  Supplements are ok, since yum 
currently does not support it (and it is ignored).

Was this considered?

(I'll add a comment to the ticket too)

-- Rex
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Matthew Miller]

On Mon, Mar 28, 2016 at 07:15:31PM -0500, Jason L Tibbitts III wrote:
> The use of rich (or Boolean) dependencies is now OK for F23+.
>  * 
> https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
>  * https://fedorahosted.org/fpc/ticket/593 

Exciting. A little scary. :)

(PS: thanks again for doing these summaries.)

-- 
Matthew Miller

Fedora Project Leader
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The use of rich (or Boolean) dependencies is now OK for F23+.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
 * https://fedorahosted.org/fpc/ticket/593 

-

The ban on the use of the %systemd_requires macro has been lifted.

 * https://fedoraproject.org/wiki/Packaging:Scriptlets#Systemd
 * https://fedorahosted.org/fpc/ticket/600 

-

The mono guidelines were modified to require that packages limit
themselves via ExclusiveArch: to architectures which actually support
mono.

 * https://fedoraproject.org/wiki/Packaging:Mono
 * https://fedorahosted.org/fpc/ticket/602 
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-annou...@lists.fedoraproject.org
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

Some PHP scriptlets are now unnecessary in F24 due to the use of file
triggers.

 * https://fedoraproject.org/wiki/Packaging:PHP#PECL_Modules
 * https://fedorahosted.org/fpc/ticket/597

-

A page describing the implementation of Langpacks for F23 and newer has
been added to the guidelines, and various other pages have been updated
to reference it.

 * https://fedoraproject.org/wiki/Packaging:Langpacks
 * https://fedorahosted.org/fpc/ticket/593
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-annou...@lists.fedoraproject.org
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

Some PHP scriptlets are now unnecessary in F24 due to the use of file
triggers.

 * https://fedoraproject.org/wiki/Packaging:PHP#PECL_Modules
 * https://fedorahosted.org/fpc/ticket/597

-

A page describing the implementation of Langpacks for F23 and newer has
been added to the guidelines, and various other pages have been updated
to reference it.

 * https://fedoraproject.org/wiki/Packaging:Langpacks
 * https://fedorahosted.org/fpc/ticket/593
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Mat Booth]

On 22 February 2016 at 17:38, Corey Sheldon  wrote:
>
> Kevin, et al.
>
> I am willing to help with the re-write but admittedly some of it will
require a crash course for me.
>
>
> On 02/22/2016 11:31 AM, Kevin Fenzi wrote:
>
> On Mon, 22 Feb 2016 15:02:45 +
> Mat Booth  wrote:
>
> Wow, that "HOWTO" is a really old page -- not changed since being
> imported from the old moin moin wiki. My feeling is that page should
> be deleted and the "How to create an RPM package" page should be
> updated.
>
> Here is the official guideline:
> https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 --
> basically, we just got out of the business of keeping track of what
> the minimum buildroot contains.
>
> Should we just delete that HOWTO page?
>
> Really you should be using mock these days and it should tell you when
> you don't have the right buildrequires present by failing until you add
> them.
>
> kevin
>
>

Actually, I just went ahead and made the change:
https://fedoraproject.org/w/index.php?title=How_to_create_an_RPM_package=435832=432092

Now it links to a document that tells you how test package builds using
mock.


--
Mat Booth
http://fedoraproject.org/get-fedora
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Mat Booth]

On 22 February 2016 at 16:31, Kevin Fenzi  wrote:

> On Mon, 22 Feb 2016 15:02:45 +
> Mat Booth  wrote:
>
> > Wow, that "HOWTO" is a really old page -- not changed since being
> > imported from the old moin moin wiki. My feeling is that page should
> > be deleted and the "How to create an RPM package" page should be
> > updated.
> >
> > Here is the official guideline:
> > https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 --
> > basically, we just got out of the business of keeping track of what
> > the minimum buildroot contains.
>
> Should we just delete that HOWTO page?
>
> Really you should be using mock these days and it should tell you when
> you don't have the right buildrequires present by failing until you add
> them.
>
> kevin



Yeah, this is what I was suggesting. And the "How to create an RPM package"
page should be updated to tell users to use mock.

I think anyone can edit these pages (I don't believe they belong to the
FPC.)


-- 
Mat Booth
http://fedoraproject.org/get-fedora
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Corey Sheldon]

Kevin, et al.

I am willing to help with the re-write but admittedly some of it will
require a crash course for me.

On 02/22/2016 11:31 AM, Kevin Fenzi wrote:
> On Mon, 22 Feb 2016 15:02:45 +
> Mat Booth  wrote:
>
>> Wow, that "HOWTO" is a really old page -- not changed since being
>> imported from the old moin moin wiki. My feeling is that page should
>> be deleted and the "How to create an RPM package" page should be
>> updated.
>>
>> Here is the official guideline:
>> https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 --
>> basically, we just got out of the business of keeping track of what
>> the minimum buildroot contains.
> Should we just delete that HOWTO page?
>
> Really you should be using mock these days and it should tell you when
> you don't have the right buildrequires present by failing until you add
> them. 
>
> kevin
>
>
>
> --
> devel mailing list
> devel@lists.fedoraproject.org
> http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

-- 
Corey W. Sheldon
Freelance IT Tutor
Security Researcher | Fedora Ambassador, North America
sheldon.co...@gmail.com | cshel...@ameridea.net | core...@fedoraproject.org
ph: (11)+1.310.909.7672 skype: cwwsheldon
Securely:
PGP: 

<>

signature.asc
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Kevin Fenzi]

On Mon, 22 Feb 2016 15:02:45 +
Mat Booth  wrote:

> Wow, that "HOWTO" is a really old page -- not changed since being
> imported from the old moin moin wiki. My feeling is that page should
> be deleted and the "How to create an RPM package" page should be
> updated.
> 
> Here is the official guideline:
> https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 --
> basically, we just got out of the business of keeping track of what
> the minimum buildroot contains.

Should we just delete that HOWTO page?

Really you should be using mock these days and it should tell you when
you don't have the right buildrequires present by failing until you add
them. 

kevin



pgpwPrqXwdlTk.pgp
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Mat Booth]

On 22 February 2016 at 10:54, Kamil Paral  wrote:

> > RWMJ> Is that new?
> >
> > Not really.  The change relating to what's in the buildroot was made
> > about nine months ago: https://fedorahosted.org/fpc/ticket/497
>
> I created my first COPR over this weekend. I worked according to:
> https://fedoraproject.org/wiki/How_to_create_an_RPM_package
> because that is linked heavily from other pages and also was the first
> google result for fedora rpm packaging.
>
> However, under
> https://fedoraproject.org/wiki/How_to_create_an_RPM_package#SPEC_file_overview
> it says:
> > BuildRequires: ... Some common packages can be omitted, such as gcc.
> and links to here:
> https://fedoraproject.org/wiki/HOWTOFindMissingBuildRequires#Exceptions
>
> If that's no longer true, somebody who knows what he's doing should adjust
> that, because that wiki page is likely the most visible rpm tutorial for
> Fedora.
>

Wow, that "HOWTO" is a really old page -- not changed since being imported
from the old moin moin wiki. My feeling is that page should be deleted and
the "How to create an RPM package" page should be updated.

Here is the official guideline:
https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2 --
basically, we just got out of the business of keeping track of what the
minimum buildroot contains.


-- 
Mat Booth
http://fedoraproject.org/get-fedora
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Kamil Paral]

> RWMJ> Is that new?
> 
> Not really.  The change relating to what's in the buildroot was made
> about nine months ago: https://fedorahosted.org/fpc/ticket/497

I created my first COPR over this weekend. I worked according to:
https://fedoraproject.org/wiki/How_to_create_an_RPM_package
because that is linked heavily from other pages and also was the first google 
result for fedora rpm packaging.

However, under 
https://fedoraproject.org/wiki/How_to_create_an_RPM_package#SPEC_file_overview 
it says:
> BuildRequires: ... Some common packages can be omitted, such as gcc.
and links to here:
https://fedoraproject.org/wiki/HOWTOFindMissingBuildRequires#Exceptions

If that's no longer true, somebody who knows what he's doing should adjust 
that, because that wiki page is likely the most visible rpm tutorial for Fedora.
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Richard W.M. Jones]

On Fri, Feb 19, 2016 at 09:29:16AM -0700, Kevin Fenzi wrote:
> On Fri, 19 Feb 2016 10:07:29 +
> "Richard W.M. Jones"  wrote:
> 
> > Here's a video demonstrating this:
> > 
> >   http://oirase.annexia.org/tmp/packaging-caching/
> 
> I think this is fallout from some problems we had with a memcached
> server yesterday. I've cleared out our varnish cache, so it should
> hopefully refresh right now from memcached. 
> 
> Can you let me know if the problem persists? And if so, ideally file an
> infrastructure ticket on it?

Yes, the problem persists.  It still behaves exactly the same as the
video.  I filed a ticket here:

  https://fedorahosted.org/fedora-infrastructure/ticket/5118

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Kevin Fenzi]

On Fri, 19 Feb 2016 10:07:29 +
"Richard W.M. Jones"  wrote:

> Here's a video demonstrating this:
> 
>   http://oirase.annexia.org/tmp/packaging-caching/

I think this is fallout from some problems we had with a memcached
server yesterday. I've cleared out our varnish cache, so it should
hopefully refresh right now from memcached. 

Can you let me know if the problem persists? And if so, ideally file an
infrastructure ticket on it?

Thanks, 

kevin


pgpWvhnX5zVNy.pgp
Description: OpenPGP digital signature
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Richard W.M. Jones]

Here's a video demonstrating this:

  http://oirase.annexia.org/tmp/packaging-caching/

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Richard W.M. Jones]

On Fri, Feb 19, 2016 at 09:29:56AM +0100, Hans de Goede wrote:
> Hi Jason,
> 
> On 18-02-16 08:33, Jason L Tibbitts III wrote:
> >Here are the recent changes to the packaging guidelines.
> >
> >-
> >
> >A section on the treatment of pregenerated code has been added to the
> >main guideline page.
> >
> >  
> > *​https://fedoraproject.org/wiki/Packaging:Guidelines#Use_of_pregenerated_code
> >  *​https://fedorahosted.org/fpc/ticket/580
> 
> I was specifically interested in this one, but this seems to be missing
> from the wiki page ?

It's very strange, because this link was missing for me too, but I
made it work by going to the "history" tab and selecting the current
revision.  Then go to "packaging" tab, and lo-and-behold the section
appears.

That was yesterday.

Today I visited the page, and again, the section is missing!  But
going through the process above makes it appear again.

So there's some very strange caching going on.  I'm not sure what,
because *clearing* my browser cache makes the section go away ...

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "HdG" == Hans de Goede  writes:

HdG> I was specifically interested in this one, but this seems to be
HdG> missing from the wiki page ?

That URL certainly works for me.  Here's the text:

Use of pregenerated code

Often a package will contain code which was itself generated by other
code. This often takes the form of configure files or parsing code
generated by bison/yacc or lex/flex.

It is required that the original source files from which the code was
generated be included in the srpm. Generally these files are part of the
source archive supplied by upstream, but it may be necessary to fetch
those files from an upstream source repository and include them in the
srpm as separate Source: entries.

It is suggested, but not required, that such code be regenerated as part
of the build process. The means for doing this are entirely specific to
the individual package being built, but it may happen automatically if
the necessary dependencies are present at build time.

 - J<
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Hans de Goede]

Hi Jason,

On 18-02-16 08:33, Jason L Tibbitts III wrote:

Here are the recent changes to the packaging guidelines.

-

A section on the treatment of pregenerated code has been added to the
main guideline page.

  *​https://fedoraproject.org/wiki/Packaging:Guidelines#Use_of_pregenerated_code
  *​https://fedorahosted.org/fpc/ticket/580


I was specifically interested in this one, but this seems to be missing
from the wiki page ?

Regards,

Hans
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "RWMJ" == Richard W M Jones  writes:

RWMJ> Is that new?

Not really.  The change relating to what's in the buildroot was made
about nine months ago: https://fedorahosted.org/fpc/ticket/497

RWMJ> I'm fairly sure I've got a lot of packages that assume gcc is
RWMJ> there as part of the basic environment.

FPC doesn't generally make guideline changes retroactive.  Of course, if
releng were to decide to drop gcc from the buildroot (which they could
do at their leisure since the packaging guidelines no longer specify
what's in the buildroot) then those packages would fail to build.

The guideline page to which you're referring is simply a new page about
packaging C and C++ applications, but it doesn't change anything about
what's guaranteed to be in the buildroot.

 - J<
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Christopher]

On Thu, Feb 18, 2016 at 10:04 AM Jason L Tibbitts III 
wrote:

> Here are the recent changes to the packaging guidelines.
>  *​https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_for_EPEL
>  *​https://fedoraproject.org/wiki/EPEL:Packaging
>  *​https://fedorahosted.org/fpc/ticket/599
>
>
The link in this section for EPEL packaging is broken, but I don't seem to
have permission to edit the Wiki to fix it (FAS:ctubbsii).
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Richard W.M. Jones]

On Thu, Feb 18, 2016 at 01:33:28AM -0600, Jason L Tibbitts III wrote:
> A new page for guidelines specific to C and C++ has been added.
> 
>  *​https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B?rd=C_and_C++
>  *​https://fedorahosted.org/fpc/ticket/540 

  "If your application is a C or C++ application you must list a
  BuildRequires against gcc, gcc-c++ or clang."

Is that new?  I'm fairly sure I've got a lot of packages that assume
gcc is there as part of the basic environment.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

A section on the treatment of pregenerated code has been added to the
main guideline page.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Use_of_pregenerated_code
 *​https://fedorahosted.org/fpc/ticket/580

-

Text was added to the section on spec legibility indicating that non
Fedora/EPEL macros should not be used in Fedora specfiles.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_Legibility
 *​https://fedorahosted.org/fpc/ticket/582 

-

The node.js guidelines have gained a requirement for a %check section
which at minimam ensures that the module is loadable.

 * https://fedoraproject.org/wiki/Packaging:Node.js#Build_testing_in_.25check
 * https://fedorahosted.org/fpc/ticket/583

-

The AppData guidelines were updated to reflect the current version of
the AppData standard.

 * https://fedoraproject.org/wiki/Packaging:AppData
 * https://fedorahosted.org/fpc/ticket/584

-

Information about requesting bootstrapping exceptions, including blanket
exceptions, was added to the committee page.

 
*​https://fedoraproject.org/wiki/Packaging_Committee#Bootstrapping_Exception_Procedure
 *​https://fedorahosted.org/fpc/ticket/585

-

The systemd scriptlet guidelines were cleaned up to use correct links
and fix some typos.

 *​https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Scriptlets
 * https://fedorahosted.org/fpc/ticket/590 

-

A reference to the EPEL packaging guidelines was added to the main
guidelines page.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_for_EPEL
 *​https://fedoraproject.org/wiki/EPEL:Packaging
 *​https://fedorahosted.org/fpc/ticket/599

-

The shared library section of the guidelines has been updated to refer
to a separate page on ABI comparison tools.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Shared_Libraries
 *​https://fedoraproject.org/wiki/How_to_check_for_ABI_changes_in_a_package
 * https://fedorahosted.org/fpc/ticket/579 

-

A new page for guidelines specific to C and C++ has been added.

 *​https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B?rd=C_and_C++
 *​https://fedorahosted.org/fpc/ticket/540 

-

The submodules section of the SourceURL guideline page was simplified to
use git --recursive.

 *​https://fedoraproject.org/wiki/Packaging:SourceURL#Git_Submodules
 *​https://fedorahosted.org/fpc/ticket/547 
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-annou...@lists.fedoraproject.org
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

A section on the treatment of pregenerated code has been added to the
main guideline page.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Use_of_pregenerated_code
 *​https://fedorahosted.org/fpc/ticket/580

-

Text was added to the section on spec legibility indicating that non
Fedora/EPEL macros should not be used in Fedora specfiles.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_Legibility
 *​https://fedorahosted.org/fpc/ticket/582 

-

The node.js guidelines have gained a requirement for a %check section
which at minimam ensures that the module is loadable.

 * https://fedoraproject.org/wiki/Packaging:Node.js#Build_testing_in_.25check
 * https://fedorahosted.org/fpc/ticket/583

-

The AppData guidelines were updated to reflect the current version of
the AppData standard.

 * https://fedoraproject.org/wiki/Packaging:AppData
 * https://fedorahosted.org/fpc/ticket/584

-

Information about requesting bootstrapping exceptions, including blanket
exceptions, was added to the committee page.

 
*​https://fedoraproject.org/wiki/Packaging_Committee#Bootstrapping_Exception_Procedure
 *​https://fedorahosted.org/fpc/ticket/585

-

The systemd scriptlet guidelines were cleaned up to use correct links
and fix some typos.

 *​https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Scriptlets
 * https://fedorahosted.org/fpc/ticket/590 

-

A reference to the EPEL packaging guidelines was added to the main
guidelines page.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_for_EPEL
 *​https://fedoraproject.org/wiki/EPEL:Packaging
 *​https://fedorahosted.org/fpc/ticket/599

-

The shared library section of the guidelines has been updated to refer
to a separate page on ABI comparison tools.

 *​https://fedoraproject.org/wiki/Packaging:Guidelines#Shared_Libraries
 *​https://fedoraproject.org/wiki/How_to_check_for_ABI_changes_in_a_package
 * https://fedorahosted.org/fpc/ticket/579 

-

A new page for guidelines specific to C and C++ has been added.

 *​https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B?rd=C_and_C++
 *​https://fedorahosted.org/fpc/ticket/540 

-

The submodules section of the SourceURL guideline page was simplified to
use git --recursive.

 *​https://fedoraproject.org/wiki/Packaging:SourceURL#Git_Submodules
 *​https://fedorahosted.org/fpc/ticket/547 
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

Re: [Guidelines change] Changes to the packaging guidelines

[Neal Gompa]

Hey Jason,

In regards to boolean/rich dependencies, DNF should support them fine,
because libsolv (the depsolver library) does. During the F23 development
cycle, libsolv's support for them was switched on, and as of F23 release,
they should work. As for the build system, Koji should be able to handle it
with F24 and newer, since Koji now uses DNF for building chroots using
mock. And finally, the version of RPM that introduces it is RPM 4.13. The
page says "RPM 1.13".

On Tue, Nov 10, 2015 at 12:51 AM, Jason L Tibbitts III 
wrote:

> Here are the recent changes to the packaging guidelines.
>
> -
>
> The guidelines were updated to reflect the current policy that Fedora
> packages are no longer permitted to carry SysV-style initscripts. The
> relevant guidelines page has been moved to the EPEL hierarchy.
>
>  * https://fedoraproject.org/wiki/Packaging:Guidelines#Initscripts
>  * https://fedoraproject.org/wiki/EPEL:SysVInitScript
>  * https://fedorahosted.org/fpc/ticket/577
>
> -
>
> Until sufficient support exists in the build system and package manager,
> rich/Boolean dependencies are not permitted in Fedora.
>
>  *
> https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
>  * https://fedorahosted.org/fpc/ticket/559
>
> -
>
> The MPI packaging guidelines were updated to handle python3 packages.
>
>  * https://fedoraproject.org/wiki/Packaging:MPI
>  *
> https://fedoraproject.org/w/index.php?title=Packaging%3AMPI=427683=309350
>  * https://fedorahosted.org/fpc/ticket/563
> ___
> devel-announce mailing list
> devel-annou...@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel-announce
> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct




-- 
真実はいつも一つ！/ Always, there's only one truth!
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

> "NG" == Neal Gompa  writes:

NG> In regards to boolean/rich dependencies, DNF should
NG> support them fine, because libsolv (the depsolver library)
NG> does.

This ban came a the direct request of one of the DNF project managers
during Flock.  The final syntax hadn't even been chosen then.  Of course
things may have progressed since then, but I've simply been slow to
announce something that was passed by FPC not long after Flock.

I'm sure that someone will ask for said guideline to be updated to
indicate the Fedora version where it is permitted once things are
actually ready to go.


NG> The page says "RPM 1.13".

My apologies for the typographical error, though you should either
contact FPC or at least CC me directly about such things, instead of
hoping that I see a mailing list message.

 - J<
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The guidelines were updated to reflect the current policy that Fedora
packages are no longer permitted to carry SysV-style initscripts. The
relevant guidelines page has been moved to the EPEL hierarchy.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Initscripts
 * https://fedoraproject.org/wiki/EPEL:SysVInitScript
 * https://fedorahosted.org/fpc/ticket/577 

-

Until sufficient support exists in the build system and package manager,
rich/Boolean dependencies are not permitted in Fedora.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
 * https://fedorahosted.org/fpc/ticket/559

-

The MPI packaging guidelines were updated to handle python3 packages.

 * https://fedoraproject.org/wiki/Packaging:MPI
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AMPI=427683=309350
 * https://fedorahosted.org/fpc/ticket/563
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The guidelines were updated to reflect the current policy that Fedora
packages are no longer permitted to carry SysV-style initscripts. The
relevant guidelines page has been moved to the EPEL hierarchy.

 * https://fedoraproject.org/wiki/Packaging:Guidelines#Initscripts
 * https://fedoraproject.org/wiki/EPEL:SysVInitScript
 * https://fedorahosted.org/fpc/ticket/577 

-

Until sufficient support exists in the build system and package manager,
rich/Boolean dependencies are not permitted in Fedora.

 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Rich.2FBoolean_dependencies
 * https://fedorahosted.org/fpc/ticket/559

-

The MPI packaging guidelines were updated to handle python3 packages.

 * https://fedoraproject.org/wiki/Packaging:MPI
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AMPI=427683=309350
 * https://fedorahosted.org/fpc/ticket/563
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Bohuslav Kabrda]

- Original Message -
 On Thu, Aug 06, 2015 at 10:03:00AM -0400, Robert Kuska wrote:
  - Original Message -
   From: Jason L Tibbitts III ti...@math.uh.edu
   To: devel-annou...@lists.fedoraproject.org
   Sent: Tuesday, August 4, 2015 11:34:06 PM
   Subject: [Guidelines change] Changes to the packaging guidelines
   
   Here are the recent changes to the packaging guidelines.
   
   -
   
   The big change is that the Python guidelines have been extensively
   reorganized and partially rewritten, and new macros are available which
   simplify packaging by removing some of the boilerplate which was
   previously required.
   
   The main guideline page has been slimmed down to show the more basic
   info and a clean and simple spec using the new macros which is free of
   multiline conditionals.
   
   boilerplate previously associated with python packages.  Some of the
   more esoteric information has been moved to an appendix page to keep the
   main page of reasonable size.
   
   The new guidelines are currently only functional on Fedora 22 and newer
   releases, but are currently in updates-testing for Fedora 21 and EPEL7.
   The older guidelines are preserved in a separate page and we'll try to
   keep them updated with new requirements.
   
   The new guidelines page:
   * https://fedoraproject.org/wiki/Packaging:Python
  
  Sorry for late reply.
  
  From the Python packaging:
  
  # Must do the python2 install first because the scripts in /usr/bin are
  # overwritten with every setup.py install, and in general we want the
  # python3 version to be the default.
  %py2_install
  %py3_install
  
  I don't think that binaries of python module should be already switched to
  the state that non versioned binary is python3 binary.
 This problem is covered extensively in the guidelines:
 
   If the executables provide the same functionality independent of
   whether they are run on top of Python 2 or Python 3, then only one
   version of the executable should be packaged. On releases up to and
   including F21, this was the python 2 implementation. Python3 should
   be used in F22 and later if supported by upstream. [...]
   Transitioning from python2 to python3 is left to individual package
   maintainers[...]
 
 The switch as default was accepted as
 https://fedoraproject.org/wiki/Changes/Python_3_as_Default.
 
  While /usr/bin/python points to /usr/bin/python2 and python-foo provides
  python2 version
  of the foo package I would expect binary foo to run on python2.
 Fedora is finally switching to Python 3. E.g. /usr/bin/dnf now uses Python 3,
 and a lot of other things also.

I'm not sure I understand what you're saying 100 %, so let's make this clear:
1. If the package ships a binary that does the same regardless of Python 
version used to invoke it, then /usr/bin/foo should be invoked with Python 3. 
This usually applies to applications, like dnf.
2. If the package ships a binary that does different things on different Python 
versions, then the unversioned binary should point to Python 2 version. This is 
done in order to stay in line with /usr/bin/python pointing to Python 2. This 
usually applies to e.g. test runners, coverage tools, etc.

  This applies for modules binaries such as pytest (nosetests, pip, ...)
  where is
  difference between running python2 and python3 version of the binary.
 For those cases guidelines say that both versions should be packaged.
 
  Currently we should have non versioned binaries to run on python3 only for
  python
  applications (devassistant) where both python2 and python3 version of the
  application
  provide same functionality.
 Yes.
 
  Therefore I suggest to switch order of pyX_install macros.
 Eeee, no. Let's use Python 3 by default.

Yes. Because the example in the guidelines is an example of packaging a Python 
library (point 2. above), hence the unversioned binary should still use Python 
2. Even the guidelines say that:

 For example, the python3 version of coverage must ship executables 
/usr/bin/coverage-3 and /usr/bin/coverage-3.4 (assuming python3 is currently 
version 3.4), while the python2 version must provide /usr/bin/coverage, 
/usr/bin/coverage-2 and /usr/bin/coverage-2.7 (assuming python2 version 2.7). 

 Zbyszek

-- 
Regards,
Slavek Kabrda
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

 VS == Ville Skyttä ville.sky...@iki.fi writes:

VS I have a bug report about the macros. Where should I file it, FPC
VS ticket or Bugzilla against the python* packages that ship the
VS affected macro files?

Oops, I didn't see your mailing list post until well after I saw the
ticket.

Unfortunately this kind of thing is in the hands of the python folks.
We'll all coordinate to try to get something worked out but in the end
they have to update and push and support these things while the
guidelines are just documentation.

 - J
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Zbigniew Jędrzejewski-Szmek]

On Thu, Aug 06, 2015 at 10:03:00AM -0400, Robert Kuska wrote:
 - Original Message -
  From: Jason L Tibbitts III ti...@math.uh.edu
  To: devel-annou...@lists.fedoraproject.org
  Sent: Tuesday, August 4, 2015 11:34:06 PM
  Subject: [Guidelines change] Changes to the packaging guidelines
  
  Here are the recent changes to the packaging guidelines.
  
  -
  
  The big change is that the Python guidelines have been extensively
  reorganized and partially rewritten, and new macros are available which
  simplify packaging by removing some of the boilerplate which was
  previously required.
  
  The main guideline page has been slimmed down to show the more basic
  info and a clean and simple spec using the new macros which is free of
  multiline conditionals.
  
  boilerplate previously associated with python packages.  Some of the
  more esoteric information has been moved to an appendix page to keep the
  main page of reasonable size.
  
  The new guidelines are currently only functional on Fedora 22 and newer
  releases, but are currently in updates-testing for Fedora 21 and EPEL7.
  The older guidelines are preserved in a separate page and we'll try to
  keep them updated with new requirements.
  
  The new guidelines page:
  * https://fedoraproject.org/wiki/Packaging:Python
 
 Sorry for late reply.
 
 From the Python packaging:
 
 # Must do the python2 install first because the scripts in /usr/bin are
 # overwritten with every setup.py install, and in general we want the
 # python3 version to be the default.
 %py2_install
 %py3_install
 
 I don't think that binaries of python module should be already switched to
 the state that non versioned binary is python3 binary.
This problem is covered extensively in the guidelines:

  If the executables provide the same functionality independent of
  whether they are run on top of Python 2 or Python 3, then only one
  version of the executable should be packaged. On releases up to and
  including F21, this was the python 2 implementation. Python3 should
  be used in F22 and later if supported by upstream. [...] 
  Transitioning from python2 to python3 is left to individual package
  maintainers[...]

The switch as default was accepted as
https://fedoraproject.org/wiki/Changes/Python_3_as_Default.

 While /usr/bin/python points to /usr/bin/python2 and python-foo provides 
 python2 version
 of the foo package I would expect binary foo to run on python2.
Fedora is finally switching to Python 3. E.g. /usr/bin/dnf now uses Python 3,
and a lot of other things also.

 This applies for modules binaries such as pytest (nosetests, pip, ...) where 
 is 
 difference between running python2 and python3 version of the binary.
For those cases guidelines say that both versions should be packaged.

 Currently we should have non versioned binaries to run on python3 only for 
 python
 applications (devassistant) where both python2 and python3 version of the 
 application
 provide same functionality.
Yes.

 Therefore I suggest to switch order of pyX_install macros.
Eeee, no. Let's use Python 3 by default.

Zbyszek
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Robert Kuska]

- Original Message -
 From: Jason L Tibbitts III ti...@math.uh.edu
 To: devel-annou...@lists.fedoraproject.org
 Sent: Tuesday, August 4, 2015 11:34:06 PM
 Subject: [Guidelines change] Changes to the packaging guidelines
 
 Here are the recent changes to the packaging guidelines.
 
 -
 
 The big change is that the Python guidelines have been extensively
 reorganized and partially rewritten, and new macros are available which
 simplify packaging by removing some of the boilerplate which was
 previously required.
 
 The main guideline page has been slimmed down to show the more basic
 info and a clean and simple spec using the new macros which is free of
 multiline conditionals.
 
 boilerplate previously associated with python packages.  Some of the
 more esoteric information has been moved to an appendix page to keep the
 main page of reasonable size.
 
 The new guidelines are currently only functional on Fedora 22 and newer
 releases, but are currently in updates-testing for Fedora 21 and EPEL7.
 The older guidelines are preserved in a separate page and we'll try to
 keep them updated with new requirements.
 
 The new guidelines page:
 * https://fedoraproject.org/wiki/Packaging:Python

Sorry for late reply.

From the Python packaging:

# Must do the python2 install first because the scripts in /usr/bin are
# overwritten with every setup.py install, and in general we want the
# python3 version to be the default.
%py2_install
%py3_install

I don't think that binaries of python module should be already switched to
the state that non versioned binary is python3 binary.

While /usr/bin/python points to /usr/bin/python2 and python-foo provides 
python2 version
of the foo package I would expect binary foo to run on python2.

This applies for modules binaries such as pytest (nosetests, pip, ...) where is 
difference between running python2 and python3 version of the binary.

Currently we should have non versioned binaries to run on python3 only for 
python
applications (devassistant) where both python2 and python3 version of the 
application
provide same functionality.

Therefore I suggest to switch order of pyX_install macros.

 
 The appendix:
 * https://fedoraproject.org/wiki/Packaging:Python_Appendix
 
 The old guidelines:
 * https://fedoraproject.org/wiki/Packaging:Python_Old
 
 Note that these cleaned up pages (and the old copy) include some
 new guidelines as well:
 
   There is new section indicating that -OO must not be used for python
   versions less than 3.5.
   * https://fedoraproject.org/wiki/Packaging:Python#Optimization
 
   There are requirements for what python module packages must provide
   (via Provides:):
   * https://fedoraproject.org/wiki/Packaging:Python#Provides
 
 Related FPC tickets:
 * https://fedorahosted.org/fpc/ticket/281
 * https://fedorahosted.org/fpc/ticket/534
 * https://fedorahosted.org/fpc/ticket/542
 * https://fedorahosted.org/fpc/ticket/545
 * https://fedorahosted.org/fpc/ticket/552
 
 
 -
 
 Guidelines have been added covering services which need to perform setup
 when they are first started (including self-signed certificate
 generation).
 
 *​https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup
 *​https://fedorahosted.org/fpc/ticket/506
 
 -
 
 The guideline on spec file naming was moved into the main guidelines and
 now requires that its name be constructed by taking the name of the
 source package and appending .spec.
 
 * https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_File_Naming
 * https://fedorahosted.org/fpc/ticket/553
 
 -
 
 FPC can now grant exceptions to the regular package review procedures.
 
 *
 https://fedoraproject.org/wiki/Packaging_Committee#Review_Process_Exemption_Procedure
 * https://fedorahosted.org/fpc/ticket/539
 * https://fedorahosted.org/fesco/ticket/1435
 ___
 devel-announce mailing list
 devel-annou...@lists.fedoraproject.org
 https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Ville Skyttä]

On Wed, Aug 5, 2015 at 12:34 AM, Jason L Tibbitts III ti...@math.uh.edu wrote:
 The big change is that the Python guidelines have been extensively
 reorganized and partially rewritten, and new macros are available which
 simplify packaging by removing some of the boilerplate which was
 previously required.

I have a bug report about the macros. Where should I file it, FPC
ticket or Bugzilla against the python* packages that ship the affected
macro files?
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Kevin Fenzi]

On Wed, 5 Aug 2015 10:11:26 +0300
Ville Skyttä ville.sky...@iki.fi wrote:

 On Wed, Aug 5, 2015 at 12:34 AM, Jason L Tibbitts III
 ti...@math.uh.edu wrote:
  The big change is that the Python guidelines have been extensively
  reorganized and partially rewritten, and new macros are available
  which simplify packaging by removing some of the boilerplate which
  was previously required.
 
 I have a bug report about the macros. Where should I file it, FPC
 ticket or Bugzilla against the python* packages that ship the affected
 macro files?

I'd say a FPC ticket since they might want to look at any proposed
changes, then they can file bug(s) against the macro carrying packages. 

kevin


pgpUBCBwxk7Ak.pgp
Description: OpenPGP digital signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Ville Skyttä]

On Wed, Aug 5, 2015 at 7:22 PM, Kevin Fenzi ke...@scrye.com wrote:
 On Wed, 5 Aug 2015 10:11:26 +0300
 Ville Skyttä ville.sky...@iki.fi wrote:

 On Wed, Aug 5, 2015 at 12:34 AM, Jason L Tibbitts III
 ti...@math.uh.edu wrote:
  The big change is that the Python guidelines have been extensively
  reorganized and partially rewritten, and new macros are available
  which simplify packaging by removing some of the boilerplate which
  was previously required.

 I have a bug report about the macros. Where should I file it, FPC
 ticket or Bugzilla against the python* packages that ship the affected
 macro files?

 I'd say a FPC ticket since they might want to look at any proposed
 changes, then they can file bug(s) against the macro carrying packages.

https://fedorahosted.org/fpc/ticket/557
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The big change is that the Python guidelines have been extensively
reorganized and partially rewritten, and new macros are available which
simplify packaging by removing some of the boilerplate which was
previously required.

The main guideline page has been slimmed down to show the more basic
info and a clean and simple spec using the new macros which is free of
multiline conditionals.

boilerplate previously associated with python packages.  Some of the
more esoteric information has been moved to an appendix page to keep the
main page of reasonable size.

The new guidelines are currently only functional on Fedora 22 and newer
releases, but are currently in updates-testing for Fedora 21 and EPEL7.
The older guidelines are preserved in a separate page and we'll try to
keep them updated with new requirements.

The new guidelines page:
* https://fedoraproject.org/wiki/Packaging:Python

The appendix:
* https://fedoraproject.org/wiki/Packaging:Python_Appendix

The old guidelines:
* https://fedoraproject.org/wiki/Packaging:Python_Old

Note that these cleaned up pages (and the old copy) include some
new guidelines as well:

  There is new section indicating that -OO must not be used for python
  versions less than 3.5.
  * https://fedoraproject.org/wiki/Packaging:Python#Optimization

  There are requirements for what python module packages must provide
  (via Provides:):
  * https://fedoraproject.org/wiki/Packaging:Python#Provides

Related FPC tickets:
* https://fedorahosted.org/fpc/ticket/281
* https://fedorahosted.org/fpc/ticket/534
* https://fedorahosted.org/fpc/ticket/542
* https://fedorahosted.org/fpc/ticket/545
* https://fedorahosted.org/fpc/ticket/552


-

Guidelines have been added covering services which need to perform setup
when they are first started (including self-signed certificate
generation).

*​https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup
*​https://fedorahosted.org/fpc/ticket/506

-

The guideline on spec file naming was moved into the main guidelines and
now requires that its name be constructed by taking the name of the
source package and appending .spec.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_File_Naming
* https://fedorahosted.org/fpc/ticket/553

-

FPC can now grant exceptions to the regular package review procedures.

* 
https://fedoraproject.org/wiki/Packaging_Committee#Review_Process_Exemption_Procedure
* https://fedorahosted.org/fpc/ticket/539
* https://fedorahosted.org/fesco/ticket/1435
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.

-

The big change is that the Python guidelines have been extensively
reorganized and partially rewritten, and new macros are available which
simplify packaging by removing some of the boilerplate which was
previously required.

The main guideline page has been slimmed down to show the more basic
info and a clean and simple spec using the new macros which is free of
multiline conditionals.

boilerplate previously associated with python packages.  Some of the
more esoteric information has been moved to an appendix page to keep the
main page of reasonable size.

The new guidelines are currently only functional on Fedora 22 and newer
releases, but are currently in updates-testing for Fedora 21 and EPEL7.
The older guidelines are preserved in a separate page and we'll try to
keep them updated with new requirements.

The new guidelines page:
* https://fedoraproject.org/wiki/Packaging:Python

The appendix:
* https://fedoraproject.org/wiki/Packaging:Python_Appendix

The old guidelines:
* https://fedoraproject.org/wiki/Packaging:Python_Old

Note that these cleaned up pages (and the old copy) include some
new guidelines as well:

  There is new section indicating that -OO must not be used for python
  versions less than 3.5.
  * https://fedoraproject.org/wiki/Packaging:Python#Optimization

  There are requirements for what python module packages must provide
  (via Provides:):
  * https://fedoraproject.org/wiki/Packaging:Python#Provides

Related FPC tickets:
* https://fedorahosted.org/fpc/ticket/281
* https://fedorahosted.org/fpc/ticket/534
* https://fedorahosted.org/fpc/ticket/542
* https://fedorahosted.org/fpc/ticket/545
* https://fedorahosted.org/fpc/ticket/552


-

Guidelines have been added covering services which need to perform setup
when they are first started (including self-signed certificate
generation).

*​https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup
*​https://fedorahosted.org/fpc/ticket/506

-

The guideline on spec file naming was moved into the main guidelines and
now requires that its name be constructed by taking the name of the
source package and appending .spec.

* https://fedoraproject.org/wiki/Packaging:Guidelines#Spec_File_Naming
* https://fedorahosted.org/fpc/ticket/553

-

FPC can now grant exceptions to the regular package review procedures.

* 
https://fedoraproject.org/wiki/Packaging_Committee#Review_Process_Exemption_Procedure
* https://fedorahosted.org/fpc/ticket/539
* https://fedorahosted.org/fesco/ticket/1435
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Re: [Guidelines change] Changes to the packaging guidelines

[Michael Catanzaro]

On Thu, 2015-07-09 at 21:42 -0600, Jerry James wrote:
 If that is not what the word means, then a definition
 in the introduction would be very helpful, since there is no
 definition anywhere on that page.

A hint is a weak dependency that does not affect the default package
suggestion: Suggests and Enhances.

Recommends and Supplements are not hints.

There is a little table at the top of the wiki page; maybe it could be
more clear.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Björn Persson]

Jerry James wrote:
 First, what is a hint?  Does that word refer collectively to all weak
 dependencies?  The wiki page doesn't say, so I'm left to guess.

That seemed perfectly clear to me. Note how the word is introduced:
“They come in two strengths: weak and hint [...]”

The meaning of “weak” is more ambiguous. Sometimes “weak dependencies”
is used as a collective term for all weak dependencies, and sometimes
it means specifically the stronger kind of weak dependencies.

 If a transaction will
 install packages that fulfill reverse dependencies, then the packages
 containing those dependencies are also installed.

It took me several attempts to figure out what you meant with that
sentence. “Match” as used on the wiki page is a much better word than
“fulfill”. The whole idea of a reverse dependency is that the dependency
is contained in the package that fulfills the dependency, not in the
dependent package, so “fulfill” makes your sentence collapse into a
redundant statement that the packages being installed will be installed.

Björn Persson


pgprBRIKeTPks.pgp
Description: OpenPGP digital signatur
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Stephen Gallagher]

On Thu, 2015-07-09 at 10:32 -0500, Michael Catanzaro wrote:
 On Thu, 2015-07-09 at 11:22 -0400, Stephen Gallagher wrote:
  Is there any case to allow Supplements: in the Fedora Collection? 
  It
  seems to me like this could be problematic. (e.g. I write a plugin 
  for
  a popular engine and package it, then add Supplements: so that it 
  gets
  pulled in by default whenever that engine is installed. My plugin 
  then
  causes things to crash.) I think it is reasonable for us to forbid
  Supplements: except with FPC exemption. It should be up to the 
  owner 
  of
  the primary package to decide to add Recommends: instead.
 
 The new guidelines say reverse dependencies may be used with the
 agreement of the package maintainer of the targeted package which
 seems good enough to me.
 
 Reverse dependencies are mainly designed for 3rd party vendors who 
 can
 attach their plug-ins/add-ons/extensions to distribution or other 3rd
 party packages. Within Fedora the control over which packages a 
 package
 requires should stay with the package maintainer. There are, however,
 cases when it is easier for the requiring package not needing to care
 about all add-ons. In this cases reverse dependencies may be used 
 with
 the agreement of the package maintainer of the targeted package.

I guess I'd have preferred stronger wording. Something to the effect of
reverse dependencies may not be used except with the permission of the
package maintainer of the targeted package.

signature.asc
Description: This is a digitally signed message part
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Jan Zelený]

On 10. 7. 2015 at 09:45:36, Stephen Gallagher wrote:
 On Thu, 2015-07-09 at 10:32 -0500, Michael Catanzaro wrote:
  On Thu, 2015-07-09 at 11:22 -0400, Stephen Gallagher wrote:
   Is there any case to allow Supplements: in the Fedora Collection?
   It
   seems to me like this could be problematic. (e.g. I write a plugin
   for
   a popular engine and package it, then add Supplements: so that it
   gets
   pulled in by default whenever that engine is installed. My plugin
   then
   causes things to crash.) I think it is reasonable for us to forbid
   Supplements: except with FPC exemption. It should be up to the
   owner
   of
   the primary package to decide to add Recommends: instead.
  
  The new guidelines say reverse dependencies may be used with the
  agreement of the package maintainer of the targeted package which
  seems good enough to me.
  
  Reverse dependencies are mainly designed for 3rd party vendors who
  can
  attach their plug-ins/add-ons/extensions to distribution or other 3rd
  party packages. Within Fedora the control over which packages a
  package
  requires should stay with the package maintainer. There are, however,
  cases when it is easier for the requiring package not needing to care
  about all add-ons. In this cases reverse dependencies may be used
  with
  the agreement of the package maintainer of the targeted package.
 
 I guess I'd have preferred stronger wording. Something to the effect of
 reverse dependencies may not be used except with the permission of the
 package maintainer of the targeted package.

While I see your point and I'm not completely against the wording you used, I 
have to say that it would beat the main idea behind reverse weak deps: To have 
a way of creating dependencies in situations when the maintainer is non-
responsive or for example against having the dependency in his spec file for 
whatever (valid or invalid) reason. Note that this is also the reason why 
there is no reverse Requires.

I think at least in the case of Enhances, there is no reason why to implement 
the restriction, as creating this dependency is not invasive to the enhanced 
packages IMHO.

Thanks
Jan
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Stephen Gallagher]

On Wed, 2015-07-08 at 20:13 -0500, Jason L Tibbitts III wrote:
 Here are the recent changes to the packaging guidelines.  Note that
 there is also a set of Python guideline changes pending which I will
 send in a separate announcement.
 
 -
 
 Guidelines for making use of weak dependencies (Recommends:, 
 Suggests:,
 etc.) have been added.
 
  *https://fedoraproject.org/wiki/Packaging:WeakDependencies
  *https://fedorahosted.org/fpc/ticket/531 
 

Is there any case to allow Supplements: in the Fedora Collection? It
seems to me like this could be problematic. (e.g. I write a plugin for
a popular engine and package it, then add Supplements: so that it gets
pulled in by default whenever that engine is installed. My plugin then
causes things to crash.) I think it is reasonable for us to forbid
Supplements: except with FPC exemption. It should be up to the owner of
the primary package to decide to add Recommends: instead.


signature.asc
Description: This is a digitally signed message part
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Michael Catanzaro]

On Thu, 2015-07-09 at 11:22 -0400, Stephen Gallagher wrote:
 Is there any case to allow Supplements: in the Fedora Collection? It
 seems to me like this could be problematic. (e.g. I write a plugin 
 for
 a popular engine and package it, then add Supplements: so that it 
 gets
 pulled in by default whenever that engine is installed. My plugin 
 then
 causes things to crash.) I think it is reasonable for us to forbid
 Supplements: except with FPC exemption. It should be up to the owner 
 of
 the primary package to decide to add Recommends: instead.

The new guidelines say reverse dependencies may be used with the
agreement of the package maintainer of the targeted package which
seems good enough to me.

Reverse dependencies are mainly designed for 3rd party vendors who can
attach their plug-ins/add-ons/extensions to distribution or other 3rd
party packages. Within Fedora the control over which packages a package
requires should stay with the package maintainer. There are, however,
cases when it is easier for the requiring package not needing to care
about all add-ons. In this cases reverse dependencies may be used with
the agreement of the package maintainer of the targeted package.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Jerry James]

On Thu, Jul 9, 2015 at 6:44 AM, Matthew Miller mat...@fedoraproject.org wrote:
 On Wed, Jul 08, 2015 at 08:13:58PM -0500, Jason L Tibbitts III wrote:
  * https://fedoraproject.org/wiki/Packaging:WeakDependencies

 Awesome -- thanks, FPC! This is really exciting.

That is exciting!  Thanks to everyone involved in this effort.  May I
suggest a few small tweaks to the wiki page, though?

First, what is a hint?  Does that word refer collectively to all weak
dependencies?  The wiki page doesn't say, so I'm left to guess.  The
final sentence of the Hints section implies that it is something
different, but later uses of the word hint imply otherwise.  If it
does refer to all weak dependencies, then I think the page would be
much clearer if all uses of the word hint were replaced by weak
dependencies.  If that is not what the word means, then a definition
in the introduction would be very helpful, since there is no
definition anywhere on that page.

Second, there are some typos in the Package Preference section.
Change the following:
a older - an older
poption - option

Also, in the final sentence of the Package Preference section,
change the arrow to a comma.

Finally, the entire Forward vs Backward Dependencies section is
worded rather awkwardly and contains several grammar and punctuation
errors.  May I suggest replacing it with this text?  (Note that I
don't know what best means in the first paragraph, so I left that
word alone.  A definition of best would be helpful, also.)

--
Forward dependencies are evaluated for each package that is installed,
just like strong dependencies.  The best of the packages that fulfill
the forward dependencies are also installed.  If a transaction will
install packages that fulfill reverse dependencies, then the packages
containing those dependencies are also installed.

In general, forward dependencies should be used in preference to
reverse dependencies.  Reverse dependencies are mainly designed for
use by third party vendors who supply plug-ins, add-ons, or extensions
to distribution packages or other third party packages.  Within
Fedora, cooperation between package maintainers can eliminate the need
for reverse dependencies, as all weak dependencies can be added as
forward dependencies in the main package.  However, there are cases
where it is easier for the main package maintainer if add-ons use
reverse dependencies instead.  If the main package maintainer agrees
to allow the use of reverse dependencies, they may be used in Fedora.

Note, that EPEL or other third party repositories may have (and are
encouraged to have) a different policy.
--

Regards,
-- 
Jerry James
http://www.jamezone.org/
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Matthew Miller]

On Wed, Jul 08, 2015 at 08:13:58PM -0500, Jason L Tibbitts III wrote:
  * https://fedoraproject.org/wiki/Packaging:WeakDependencies

Awesome -- thanks, FPC! This is really exciting.

-- 
Matthew Miller
mat...@fedoraproject.org
Fedora Project Leader
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.  Note that
there is also a set of Python guideline changes pending which I will
send in a separate announcement.

-

Guidelines for making use of weak dependencies (Recommends:, Suggests:,
etc.) have been added.

 *​https://fedoraproject.org/wiki/Packaging:WeakDependencies
 *​https://fedorahosted.org/fpc/ticket/531 

-

The SSL Certificate Handling guidelines were slightly clarified.

 *​https://fedoraproject.org/wiki/Packaging:SSLCertificateHandling
 
*​https://fedoraproject.org/w/index.php?title=Packaging%3ASSLCertificateHandlingdiff=414415oldid=412705
 *​https://fedorahosted.org/fpc/ticket/536 

-

The Locally running services section of the Default Services
guidelines been clarified.

 
*​https://fedoraproject.org/wiki/Packaging:DefaultServices#Locally_running_services
 
*​https://fedoraproject.org/w/index.php?title=Packaging%3ADefaultServicesdiff=414410oldid=413672
 *​https://fedorahosted.org/fpc/ticket/532#comment:6 

-

The guidelines for referencing upstream source were overhauled to
include more information about git hosting services.

 * https://fedoraproject.org/wiki/Packaging:SourceURL
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ASourceURLdiff=417378oldid=372006
 * https://fedorahosted.org/fpc/ticket/547

-

The General Naming section of the Package Naming Guidelines has been
modified to bring mention of lower casing and use of dashes to the
beginning, and to slightly emphasize the use of lower case package
names.

 * https://fedoraproject.org/wiki/Packaging:NamingGuidelines#General_Naming
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ANamingGuidelinesdiff=417380oldid=400817
 * https://fedorahosted.org/fpc/ticket/541
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines.  Note that
there is also a set of Python guideline changes pending which I will
send in a separate announcement.

-

Guidelines for making use of weak dependencies (Recommends:, Suggests:,
etc.) have been added.

 *​https://fedoraproject.org/wiki/Packaging:WeakDependencies
 *​https://fedorahosted.org/fpc/ticket/531 

-

The SSL Certificate Handling guidelines were slightly clarified.

 *​https://fedoraproject.org/wiki/Packaging:SSLCertificateHandling
 
*​https://fedoraproject.org/w/index.php?title=Packaging%3ASSLCertificateHandlingdiff=414415oldid=412705
 *​https://fedorahosted.org/fpc/ticket/536 

-

The Locally running services section of the Default Services
guidelines been clarified.

 
*​https://fedoraproject.org/wiki/Packaging:DefaultServices#Locally_running_services
 
*​https://fedoraproject.org/w/index.php?title=Packaging%3ADefaultServicesdiff=414410oldid=413672
 *​https://fedorahosted.org/fpc/ticket/532#comment:6 

-

The guidelines for referencing upstream source were overhauled to
include more information about git hosting services.

 * https://fedoraproject.org/wiki/Packaging:SourceURL
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ASourceURLdiff=417378oldid=372006
 * https://fedorahosted.org/fpc/ticket/547

-

The General Naming section of the Package Naming Guidelines has been
modified to bring mention of lower casing and use of dashes to the
beginning, and to slightly emphasize the use of lower case package
names.

 * https://fedoraproject.org/wiki/Packaging:NamingGuidelines#General_Naming
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ANamingGuidelinesdiff=417380oldid=400817
 * https://fedorahosted.org/fpc/ticket/541
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Re: Build-essential packages (was: Re: [Guidelines change] Changes to the packaging guidelines)

[Dennis Gilmore]

On Thursday, June 11, 2015 08:36:38 AM Florian Weimer wrote:
 On 05/21/2015 10:11 PM, Jason L Tibbitts III wrote:
  The BuildRequires section of the guidelines has been revised; the
  exceptions list is gone.  The release engineering folks are free to
  define the buildroot and rpm is free to change its dependency list.
  
   * https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2
   *
   https://fedoraproject.org/w/index.php?title=Packaging%3AGuidelinesdiff=
   413629oldid=409506 * https://fedorahosted.org/fpc/ticket/497
 
 Can we get a build-essential package instead that requires everything
 that is needed to get a working C and C++ compiler, and run most
 autoconf/automake/libtool-generated scripts (but not the autotools
 themselves)?

Can you please help me to understand the problem you are trying to solve? what 
is different to dnf install @buildsys-build other than a package vs a comps 
group
 
 In my opinion, it is a bad use of developer time to track what programs
 exactly are called from ./configure, and how these programs match
 sed/grep/coreutils.  It would also  give us a central place where we can
 fix breakage due to missing packages in build roots because a
 significant fraction of packages got a build-required package through an
 indirect dependency.

can you describe the issues and breakages you are talking about, or point me 
at some examples.  the buildroot does not often break.  but in the scenario 
you are talking about fixing may be difficult without being able to build the 
package that has the fix.

I am trying to understand what you see as broken and how this would fix it. as 
opposed to how things are currently done.

right now we have the build group defined in koji and buildsys-build in comps. 
the packages defined in the comps groups define the minimal buildroot, which 
is what gets installed when you do mock -r config --init  BuildRequires 
get installed on top of it.  then the build is done

Regards

Dennis

signature.asc
Description: This is a digitally signed message part.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Build-essential packages (was: Re: [Guidelines change] Changes to the packaging guidelines)

[Florian Weimer]

On 05/21/2015 10:11 PM, Jason L Tibbitts III wrote:

 The BuildRequires section of the guidelines has been revised; the
 exceptions list is gone.  The release engineering folks are free to
 define the buildroot and rpm is free to change its dependency list.
  * https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2
  * 
 https://fedoraproject.org/w/index.php?title=Packaging%3AGuidelinesdiff=413629oldid=409506
  * https://fedorahosted.org/fpc/ticket/497

Can we get a build-essential package instead that requires everything
that is needed to get a working C and C++ compiler, and run most
autoconf/automake/libtool-generated scripts (but not the autotools
themselves)?

In my opinion, it is a bad use of developer time to track what programs
exactly are called from ./configure, and how these programs match
sed/grep/coreutils.  It would also  give us a central place where we can
fix breakage due to missing packages in build roots because a
significant fraction of packages got a build-required package through an
indirect dependency.

-- 
Florian Weimer / Red Hat Product Security
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Miloslav Trmač]

 Yes, that's the way I understand it too. The distinction between local
 and remote is that remote attacks are in general more likely and thus
 dangerous.
 This is a good assumption - I'm sure that on most installations of Fedora
 there's just one or a few trusted users, and they outnumber installations
 with a large list of potentially rogue accounts.

Note that with the recent-ish push towards having not-quite-trusted or even 
not-at-all-trusted applications running in local containers, local attacks over 
the network are more of a threat than in the past. (Not in the sense that 
running untrusted software locally any more of a threat with containers, but in 
the sense that we used to just say “don’t do that” and now some are promising 
that this is, or will be, safe.)
Mirek
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Miloslav Trmač]

Hello,
  Nevertheless, you raise an interesting question in general.  The way
  I understand the motivation for the restriction is to avoid any
  chance of attack or unexpected access over the network.  [...]
 
 OK, so the question is - are we (still) trying to preclude -local-
 escalation-of-privileges type problems?

Hopefully not just trying to: 
http://fedoraproject.org/wiki/Privilege_escalation_policy .

I.e. there should be no known unrestricted privilege escalation paths.

 If not, then many more
 services can be enabled by default - as long as they bind only to
 unix-domain sockets and/or localhost.

As for restricted/authenticated privilege escalation: the default choice should 
be “switched off”, i.e. never install and enable a service just because someone 
wrote it if there is no actual need to keep it installed and enabled by 
default. (This is the case we’ve been burned with in the 1990’s—“Internet 
server” Linux distributions and UNIX products: package all available servers, 
install and enable all of them by default, they were supposedly either harmless 
or properly authenticated—except that the implementations, not the design 
intent, were insecure.)

Obviously some services are much less, if at all, useful if not enabled by 
default, so this is obviously a balancing act; but I do want to stress that 
“services can be enabled by default” should be viewed more as a responsibility 
and a burden, rather than as a freedom to be celebrated and gleefully used to 
the maximum extent.

 (I guess we're not supposed to
 count on the default firewalls?)

The firewall that allows most incoming connections on Workstation? No.
Mirek
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Stephen Gallagher]

On Sun, 2015-05-24 at 14:46 +, Zbigniew Jędrzejewski-Szmek wrote:
 On Sat, May 23, 2015 at 07:24:07AM -0400, Frank Ch. Eigler wrote:
  
  zbyszek wrote:
  
   [...]
   Clarification: this change did not touch this part of the policy: 
   that
   definition got copied over from the guidelines [1]. [...]
  
  (The previous wording said a package that ...does not listen on a
  network socket... can be enabled by default, which was a broader
  restriction and thus more secure.)
 Hm, you're right. I can't say for certain why sgallagh made that 
 rewording,
 but I think it was intended as a clarification, not a change.
 

Yes, I thought my new phrasing was more clearly expressing the original
intent of the statement as I understood it. It appears that I may have
inadvertently raised new questions. I think we should perhaps discuss
this at the weekly FESCo meeting.

This is what I get for trying to improve clarity!


   Nevertheless, you raise an interesting question in general.  The 
   way
   I understand the motivation for the restriction is to avoid any
   chance of attack or unexpected access over the network.  [...]
  
  OK, so the question is - are we (still) trying to preclude -local-
  escalation-of-privileges type problems?  If not, then many more
  services can be enabled by default - as long as they bind only to
  unix-domain sockets and/or localhost.  (I guess we're not supposed 
  to
  count on the default firewalls?)
 Yes, that's the way I understand it too. The distinction between 
 local
 and remote is that remote attacks are in general more likely and thus 
 dangerous.
 This is a good assumption - I'm sure that on most installations of 
 Fedora
 there's just one or a few trusted users, and they outnumber 
 installations
 with a large list of potentially rogue accounts. So it makes sense
 to treat remotely-accessible services more carefully. Nevertheless,
 even though those rules don't spell this out, it would be considered 
 a
 serious bug if a package allowed unexpected privilege escalation by
 the mere fact of being installed, be it through a local network
 socket, a unix socket, setuid binary, or any other mechanism. I think
 this is an implicit shared understanding. Coming back to network
 services: even though packagers don't expect a service to allow
 unexpected privilege escalation, the base of attackers is bigger in
 case of remote services, so those rules disallow running by default 
 as
 an additional safety precaution.
 
 Zbyszek


These are very reasonable arguments. As noted above, I think it's
reasonable for FESCo to make (or reiterate) a stance on this, which we
will then use to update the guidelines.


signature.asc
Description: This is a digitally signed message part
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Frank Ch. Eigler]

sgallagh wrote:

 [...]  Yes, I thought my new phrasing was more clearly expressing
 the original intent of the statement as I understood it. [...]  I
 think we should perhaps discuss this at the weekly FESCo meeting.

https://fedorahosted.org/fesco/ticket/1446

 This is what I get for trying to improve clarity!

No good deed goes unpunished! :-)

- FChE
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Zbigniew Jędrzejewski-Szmek]

On Sat, May 23, 2015 at 07:24:07AM -0400, Frank Ch. Eigler wrote:
 
 zbyszek wrote:
 
  [...]
  Clarification: this change did not touch this part of the policy: that
  definition got copied over from the guidelines [1]. [...]
 
 (The previous wording said a package that ...does not listen on a
 network socket... can be enabled by default, which was a broader
 restriction and thus more secure.)
Hm, you're right. I can't say for certain why sgallagh made that rewording,
but I think it was intended as a clarification, not a change.

  Nevertheless, you raise an interesting question in general.  The way
  I understand the motivation for the restriction is to avoid any
  chance of attack or unexpected access over the network.  [...]
 
 OK, so the question is - are we (still) trying to preclude -local-
 escalation-of-privileges type problems?  If not, then many more
 services can be enabled by default - as long as they bind only to
 unix-domain sockets and/or localhost.  (I guess we're not supposed to
 count on the default firewalls?)
Yes, that's the way I understand it too. The distinction between local
and remote is that remote attacks are in general more likely and thus dangerous.
This is a good assumption - I'm sure that on most installations of Fedora
there's just one or a few trusted users, and they outnumber installations
with a large list of potentially rogue accounts. So it makes sense
to treat remotely-accessible services more carefully. Nevertheless,
even though those rules don't spell this out, it would be considered a
serious bug if a package allowed unexpected privilege escalation by
the mere fact of being installed, be it through a local network
socket, a unix socket, setuid binary, or any other mechanism. I think
this is an implicit shared understanding. Coming back to network
services: even though packagers don't expect a service to allow
unexpected privilege escalation, the base of attackers is bigger in
case of remote services, so those rules disallow running by default as
an additional safety precaution.

Zbyszek
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Frank Ch. Eigler]

zbyszek wrote:

 [...]
 Clarification: this change did not touch this part of the policy: that
 definition got copied over from the guidelines [1]. [...]

(The previous wording said a package that ...does not listen on a
network socket... can be enabled by default, which was a broader
restriction and thus more secure.)


 Nevertheless, you raise an interesting question in general.  The way
 I understand the motivation for the restriction is to avoid any
 chance of attack or unexpected access over the network.  [...]

OK, so the question is - are we (still) trying to preclude -local-
escalation-of-privileges type problems?  If not, then many more
services can be enabled by default - as long as they bind only to
unix-domain sockets and/or localhost.  (I guess we're not supposed to
count on the default firewalls?)


- FChE
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Matthew Miller]

On Sat, May 23, 2015 at 07:24:07AM -0400, Frank Ch. Eigler wrote:
 OK, so the question is - are we (still) trying to preclude -local-
 escalation-of-privileges type problems?  If not, then many more
 services can be enabled by default - as long as they bind only to
 unix-domain sockets and/or localhost.  (I guess we're not supposed to
 count on the default firewalls?)

I think we should think about this in the context of the different
editions (and possibly spins as well). Off still seems like a good
_general_ default, but with per-edition defaults considered separately.

-- 
Matthew Miller
mat...@fedoraproject.org
Fedora Project Leader
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Zbigniew Jędrzejewski-Szmek]

On Fri, May 22, 2015 at 10:26:48AM -0400, Frank Ch. Eigler wrote:
  I'd personally prefer to assume the best intentions of our packagers;
  specifically I'd assume that if there's a question as to the safety of
  starting something by default, either they'd bring it up voluntarily or
  someone would do so on their behalf if a problem was discovered.
 
 This is not about trusting the code or intentions of the packagers.
 This is about what threat model are we expected to protect against by
 not activating e.g. all services by default.  Specifying that would
 help clear up -why- the change, and that will in turn inform -how- to
 change.

Clarification: this change did not touch this part of the policy: that
definition got copied over from the guidelines [1]. The why is that
functionality became available (systemd presets) which was not there
before and allows the distribution to manage default enablement of
services in a nicer way.

[1] 
https://fedoraproject.org/w/index.php?title=Starting_services_by_defaultoldid=404212

Nevertheless, you raise an interesting question in general.
The way I understand the motivation for the restriction is to avoid
any chance of attack or unexpected access over the network.

When you look the list of exceptions, they are pretty narrow for
services which listen on a port. does not require manual
configuration to be functional cuts out many daemons which could
serve stuff. does not listen on a public socket cuts out even
more. I guess that rather trying to refine the rules, it'd be better
to look at specific packages and verify that the default installation
does not allow any unexpected privilege escalation, exposure of data,
or resource usage.

Zbyszek
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Frank Ch. Eigler]

sgallagh wrote:

 [...]
 The definition of public was intentionally vague, but perhaps we
 could try to find a better way to say it. I was trying to treat it as
 network interfaces that accept connections from arbitrary sources.

OK ...

 I'm not sure that there's a tremendously meaningful distinction to be
 made between allowing services that listen on D-BUS or a local UNIX
 socket and services that listen on the localhost TCP socket [...]

Indeed.

 I'd personally prefer to assume the best intentions of our packagers;
 specifically I'd assume that if there's a question as to the safety of
 starting something by default, either they'd bring it up voluntarily or
 someone would do so on their behalf if a problem was discovered.

This is not about trusting the code or intentions of the packagers.
This is about what threat model are we expected to protect against by
not activating e.g. all services by default.  Specifying that would
help clear up -why- the change, and that will in turn inform -how- to
change.


- FChE
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines:

The policy for systemd presets has been modified to merge the
individual treatments of service, socket and timer units into one
policy. The policy page was also moved into the packaging guidelines
proper.
 * https://fedoraproject.org/wiki/Packaging:DefaultServices
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ADefaultServicesdiff=413672oldid=413670
 * https://fedorahosted.org/fpc/ticket/532

-

Slightly modified the per-product configuration guidelines to account
for changes in the os-release file.
 * https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3APer-Product_Configurationdiff=411980oldid=410805
 * https://fedorahosted.org/fpc/ticket/520#comment:7

-

New guidelines for the consistent usage of SSL certificates by
applications have been added.
 * https://fedoraproject.org/wiki/Packaging:SSLCertificateHandling
 *  https://fedorahosted.org/fpc/ticket/480

-

It is now mandatory that modules which support python3 be packaged for
python3.  Python modules which support both python2 and python3 may be
packages for both, or just python3.  Packaging of modules which support
only python2 are unaffected.
 * https://fedoraproject.org/wiki/Packaging:Python
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3APythondiff=413621oldid=409012
 * https://fedorahosted.org/fpc/ticket/526

-

The AppData packaging guidelines have been updated to include
information about addon packages, and to use appstream-util instead of
appdata-validate.
 * https://fedoraproject.org/wiki/Packaging:AppData
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AAppDatadiff=413661oldid=398214
 * https://fedorahosted.org/fpc/ticket/527

-

The R Packaging guidelines have been revised to indicate that the
DESCRIPTION file should not be marked %doc, as it is actually required
for operation of the R package and needs to be present even when
installed with --excludedocs.
 * https://fedoraproject.org/wiki/Packaging:R
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ARdiff=413668oldid=234180
 * https://fedorahosted.org/fpc/ticket/535

-

The BuildRequires section of the guidelines has been revised; the
exceptions list is gone.  The release engineering folks are free to
define the buildroot and rpm is free to change its dependency list.
 * https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AGuidelinesdiff=413629oldid=409506
 * https://fedorahosted.org/fpc/ticket/497
___
devel-announce mailing list
devel-annou...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines:

The policy for systemd presets has been modified to merge the
individual treatments of service, socket and timer units into one
policy. The policy page was also moved into the packaging guidelines
proper.
 * https://fedoraproject.org/wiki/Packaging:DefaultServices
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ADefaultServicesdiff=413672oldid=413670
 * https://fedorahosted.org/fpc/ticket/532

-

Slightly modified the per-product configuration guidelines to account
for changes in the os-release file.
 * https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3APer-Product_Configurationdiff=411980oldid=410805
 * https://fedorahosted.org/fpc/ticket/520#comment:7

-

New guidelines for the consistent usage of SSL certificates by
applications have been added.
 * https://fedoraproject.org/wiki/Packaging:SSLCertificateHandling
 *  https://fedorahosted.org/fpc/ticket/480

-

It is now mandatory that modules which support python3 be packaged for
python3.  Python modules which support both python2 and python3 may be
packages for both, or just python3.  Packaging of modules which support
only python2 are unaffected.
 * https://fedoraproject.org/wiki/Packaging:Python
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3APythondiff=413621oldid=409012
 * https://fedorahosted.org/fpc/ticket/526

-

The AppData packaging guidelines have been updated to include
information about addon packages, and to use appstream-util instead of
appdata-validate.
 * https://fedoraproject.org/wiki/Packaging:AppData
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AAppDatadiff=413661oldid=398214
 * https://fedorahosted.org/fpc/ticket/527

-

The R Packaging guidelines have been revised to indicate that the
DESCRIPTION file should not be marked %doc, as it is actually required
for operation of the R package and needs to be present even when
installed with --excludedocs.
 * https://fedoraproject.org/wiki/Packaging:R
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ARdiff=413668oldid=234180
 * https://fedorahosted.org/fpc/ticket/535

-

The BuildRequires section of the guidelines has been revised; the
exceptions list is gone.  The release engineering folks are free to
define the buildroot and rpm is free to change its dependency list.
 * https://fedoraproject.org/wiki/Packaging:Guidelines#BuildRequires_2
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AGuidelinesdiff=413629oldid=409506
 * https://fedorahosted.org/fpc/ticket/497
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Re: [Guidelines change] Changes to the packaging guidelines

[Frank Ch. Eigler]

Jason L Tibbitts III ti...@math.uh.edu writes:

 Here are the recent changes to the packaging guidelines:
 [...]
  * https://fedoraproject.org/wiki/Packaging:DefaultServices
 [...]

In this context (1.1 locally running services), what is a public
network socket?  Is the idea that localhost services are now
permitted by default (despite the risk of e.g. privilege escalation
that we had tried to preclude before)?


- FChE
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: [Guidelines change] Changes to the packaging guidelines

[Stephen Gallagher]

On Thu, 2015-05-21 at 21:03 -0400, Frank Ch. Eigler wrote:
 Jason L Tibbitts III ti...@math.uh.edu writes:
 
  Here are the recent changes to the packaging guidelines:
  [...]
   * https://fedoraproject.org/wiki/Packaging:DefaultServices
  [...]
 
 In this context (1.1 locally running services), what is a public
 network socket?  Is the idea that localhost services are now
 permitted by default (despite the risk of e.g. privilege escalation
 that we had tried to preclude before)?

The definition of public was intentionally vague, but perhaps we
could try to find a better way to say it. I was trying to treat it as
network interfaces that accept connections from arbitrary sources.

I'm not sure that there's a tremendously meaningful distinction to be
made between allowing services that listen on D-BUS or a local UNIX
socket and services that listen on the localhost TCP socket, except
perhaps that D-BUS and UNIX sockets have a limited degree of built-in
authorization capability.

I'd personally prefer to assume the best intentions of our packagers;
specifically I'd assume that if there's a question as to the safety of
starting something by default, either they'd bring it up voluntarily or
someone would do so on their behalf if a problem was discovered.

signature.asc
Description: This is a digitally signed message part
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[Guidelines change] Changes to the packaging guidelines

[Jason L Tibbitts III]

Here are the recent changes to the packaging guidelines:

The guidelines for packaging static libraries were amended to indicate
that the -static package should require the -devel package:
 * 
https://fedoraproject.org/wiki/Packaging:Guidelines#Packaging_Static_Libraries_2
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AGuidelinesdiff=409506oldid=405928
 * https://fedorahosted.org/fpc/ticket/338

-

Due to advancements in packaging making it somewhat irrelevant, the EE
APIs section is removed from the Java packaging guidelines:
 * https://fedoraproject.org/wiki/Packaging:Java
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3AJavadiff=407092oldid=398187
 * https://fedorahosted.org/fpc/ticket/512

-

Guidelines and example SPEC for DevAssistant plug-ins are updated to
accommodate for %license tag:
 * https://fedoraproject.org/wiki/Packaging:DevAssistant
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3ADevAssistantdiff=407093oldid=402017
 * https://fedorahosted.org/fpc/ticket/511

-

The guidelines for providing per-product configuration defaults have
been rewritten to be much more robust.
 * https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
 * 
https://fedoraproject.org/w/index.php?title=Packaging%3APer-Product_Configurationdiff=410805oldid=384093
 * https://fedorahosted.org/fpc/ticket/520
___
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce