[Bug 1457929] Review Request: proxysql - A high-performance MySQL proxy

2017-11-27 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Augusto Caringi  changed:

   What|Removed |Added

 Status|ASSIGNED|CLOSED
 Resolution|--- |RAWHIDE
Last Closed||2017-11-27 11:15:37



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql - A high-performance MySQL proxy

2017-09-26 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #26 from Augusto Caringi  ---
(In reply to Jakub Jedelsky from comment #25)
> I just found this Review and, if I understand correctly, there should be
> packages in rawhide and f27. Do you plan to prepare the package to EPEL7
> too? Or are there any issues with it?

Hi Jakub,

By now, you can take a look here:

https://copr.fedorainfracloud.org/coprs/acaringi/proxysql/

Regards,

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql - A high-performance MySQL proxy

2017-09-21 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Jakub Jedelsky  changed:

   What|Removed |Added

 CC||jakub.jedel...@gmail.com



--- Comment #25 from Jakub Jedelsky  ---
Hi there,

I just found this Review and, if I understand correctly, there should be
packages in rawhide and f27. Do you plan to prepare the package to EPEL7 too?
Or are there any issues with it?

Thanks,

- jj

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql - A high-performance MySQL proxy

2017-06-19 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #24 from Gwyn Ciesla  ---
Package request has been approved:
https://admin.fedoraproject.org/pkgdb/package/rpms/proxysql

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql - A high-performance MySQL proxy

2017-06-19 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Augusto Caringi  changed:

   What|Removed |Added

Summary|Review Request: proxysql, a |Review Request: proxysql -
   |high-performance MySQL  |A high-performance MySQL
   |proxy   |proxy



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-19 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Vít Ondruch  changed:

   What|Removed |Added

 CC||vondr...@redhat.com
 Blocks|177841 (FE-NEEDSPONSOR) |



--- Comment #23 from Vít Ondruch  ---
Hi Augusto,

I am clearing the FE-NEEDSPONSOR flag now, since I sponsored you into packagers
group. You should be able to proceed with package request in pkgdb [1].

I hope that praiskup, hhorak and mschorm will take care about you, but don't
hesitate contacting me should you have any additional question about packaging. 



[1]
https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Add_Package_to_Source_Code_Management_.28SCM.29_system_and_Set_Owner


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=177841
[Bug 177841] Tracker: Review requests from new Fedora packagers who need a
sponsor
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-19 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Pavel Raiskup  changed:

   What|Removed |Added

  Flags|needinfo?(acaringi@redhat.c |fedora-review+
   |om) |



--- Comment #22 from Pavel Raiskup  ---
Looks good to me.

Package Review
==

Legend:
[x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated
[ ] = Manual review needed



= MUST items =

C/C++:
[x]: Package does not contain kernel modules.
[x]: Package contains no static executables.
[x]: Package does not contain any libtool archives (.la)
[x]: Rpath absent or only used for internal libs.

Generic:
[x]: Package is licensed with an open-source compatible license and meets
 other legal requirements as defined in the legal section of Packaging
 Guidelines.
[x]: License field in the package spec file matches the actual license.
 Note: Checking patched sources after %prep for licenses. Licenses
 found: "Apache (v2.0)", "BSD (3 clause)", "Unknown or generated". 106
 files have unknown license. Detailed output of licensecheck in
 /home/praiskup/reviews/proxysql/1457929-proxysql/licensecheck.txt
[x]: If the package is under multiple licenses, the licensing breakdown
 must be documented in the spec.
[ ]: Package must own all directories that it creates.
 Note: Directories without known owners: /etc, /usr/share/man, /var,
 /usr, /usr/bin, /var/lib, /usr/share/licenses,
 /usr/lib/systemd/system, /usr/lib, /usr/lib/systemd, /usr/share,
 /usr/share/doc, /usr/share/man/man1
[x]: %build honors applicable compiler flags or justifies otherwise.
[!]: Package contains no bundled libraries without FPC exception.
praiskup: nothis seems to be relaxed nowadays:
https://fedoraproject.org/wiki/Bundled_Libraries?rd=Packaging:Bundled_Libraries
[x]: Changelog in prescribed format.
[x]: Sources contain only permissible code or content.
[-]: Each %files section contains %defattr if rpm < 4.4
 Note: %defattr present but not needed
praiskup: %attr would be better (single instances), but the usecase is valid
[-]: Package contains desktop file if it is a GUI application.
[-]: Development files must be in a -devel package
[x]: Package uses nothing in %doc for runtime.
[x]: Package consistently uses macros (instead of hard-coded directory
 names).
[x]: Package is named according to the Package Naming Guidelines.
[x]: Package does not generate any conflict.
[x]: Package obeys FHS, except libexecdir and /usr/target.
[-]: If the package is a rename of another package, proper Obsoletes and
 Provides are present.
[x]: Requires correct, justified where necessary.
[x]: Spec file is legible and written in American English.
[x]: Package contains systemd file(s) if in need.
[x]: Useful -debuginfo package or justification otherwise.
[!]: Package is not known to require an ExcludeArch tag.
praiskup: there's not much we can do about it now
[-]: Large documentation must go in a -doc subpackage. Large could be size
 (~1MB) or number of files.
 Note: Documentation size is 225280 bytes in 16 files.
[x]: Package complies to the Packaging Guidelines
[x]: Package successfully compiles and builds into binary rpms on at least
 one supported primary architecture.
[x]: Package installs properly.
[x]: Rpmlint is run on all rpms the build produces.
 Note: There are rpmlint messages (see attachment).
[x]: If (and only if) the source package includes the text of the
 license(s) in its own file, then that file, containing the text of the
 license(s) for the package is included in %license.
[x]: Package requires other packages for directories it uses.
[x]: Package does not own files or directories owned by other packages.
[x]: All build dependencies are listed in BuildRequires, except for any
 that are listed in the exceptions section of Packaging Guidelines.
[x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT
[x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
 beginning of %install.
[x]: %config files are marked noreplace or the reason is justified.
[x]: Macros in Summary, %description expandable at SRPM build time.
[x]: Dist tag is present.
[x]: Package does not contain duplicates in %files.
[x]: Permissions on files are set properly.
[x]: Package use %makeinstall only when make install DESTDIR=... doesn't
 work.
[x]: Package is named using only allowed ASCII characters.
[x]: No %config files under /usr.
[x]: Package does not use a name that already exists.
[x]: Package is not relocatable.
[x]: Sources used to build the package match the upstream source, as
 provided in the spec URL.
[x]: Spec file name must match the spec package %{name}, in the format
 %{name}.spec.
[x]: File names are valid UTF-8.
[x]: Packages must not store files under /srv,

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-15 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #21 from Augusto Caringi  ---
Spec URL: https://acaringi.fedorapeople.org/proxysql/20170615/proxysql.spec
SRPM URL:
https://acaringi.fedorapeople.org/proxysql/20170615/proxysql-1.3.7-2.fc25.src.rpm

Description: 
ProxySQL is a high performance, high availability, protocol aware proxy for
MySQL and forks (like Percona Server and MariaDB).

Fedora Account System Username: acaringi

Notes:
- Fixed build flags through exporting CPPFLAGS variable
- Remove unused bundled libraries
- Fixed configuration file ownership
- Replaced default login shell of proxysql user from /bin/false to
/sbin/nologin

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-14 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #20 from Augusto Caringi  ---
Spec URL: https://acaringi.fedorapeople.org/proxysql/20170614/proxysql.spec
SRPM URL:
https://acaringi.fedorapeople.org/proxysql/20170614/proxysql-1.3.7-1.fc25.src.rpm

Description: 
ProxySQL is a high performance, high availability, protocol aware proxy for
MySQL and forks (like Percona Server and MariaDB).

Fedora Account System Username: acaringi

Notes:
- Updated to ProxySQL 1.3.7
- De-bundled libconfig, libdaemon and sqlite libraries
- Added manpage
- Using 'proxysql' user/group

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #19 from Pavel Raiskup  ---
Hi René, thanks for the comments!

(In reply to René Cannaò from comment #18)
> I am not sure if Fedora should have jemalloc with xmalloc support, as
> upstream intentionally has this option disabled by default.

My opinion about this is that:  jemalloc upstream tries to demotivate from
using the 'xmalloc' feature, but since the option is
still available, and compiling it doesn't hurt the "default" (non-xmalloc)
use-case -- there's no reason to not compile it when some Fedira package
needs it.  It is still better than bundling.

> ProxySQL 1.4.x doesn't just enable xmalloc , but also applies a patch for it
> because by default xmalloc can hurt performance. See:
> * https://github.com/jemalloc/jemalloc/issues/522
> * https://github.com/sysown/proxysql/issues/823
> *
> https://github.com/sysown/proxysql/commit/
> 42a55f750c362299c9f0ed7834cdedc5f9778f47

I can understand this is upstream default for proxysql, but having about 25%
slower allocator (which doesn't mean the whole code is slower by 25%) might be
acceptable for Fedora (and finally, we should do the benchmarking on Fedora to
have the proof that the slowdown affect us).  If we consider the allocator
slow (because some bug report comes), we can patch the default jemalloc
package later on instead of patching one particular package .. that would
mean we ultimately fix all dependent packages, not only proxysql.

Please understand that our work on packages is volunteering effort and we
try clearly separate our responsibilities among distribution.  E.g. in
Fedora, 'jemalloc' is maintained by @ingvar; but we (db team) are
responsible many databases packages.  Additional bundle means taking care
of the bugs, security issues, etc. which is time we could spent elsewhere.

I'm saying that because bundling really hurts us a lot;  and not only us,
this is problem in every distribution out there.  At the end of the day,
it is bad for upstream too (old releases must be marked vulnerable only
because some researcher reveals some serious vulnerability in the bundle).
So we try to motivate upstreams not to bundle *if possible*, or at least
allow us to not bundle downstream (even if that means some acceptable
compromise on our side).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #18 from René Cannaò  ---
(In reply to Augusto Caringi from comment #15)
> (In reply to Pavel Raiskup from comment #12)
> > Per '/usr/share/doc/jemalloc/jemalloc.html':
> > 
> >   opt.xmalloc (bool) r- [--enable-xmalloc]
> > 
> > Abort-on-out-of-memory enabled/disabled. If enabled, rather than
> > returning failure for any allocation function, display a diagnostic
> > message on STDERR_FILENO and cause the program to drop core (using
> > abort(3)). If an application is designed to depend on this behavior,
> > set the option at compile time by including the following in the
> > source code:
> > 
> >   malloc_conf = "xmalloc:true";
> > 
> > This option is disabled by default.
> > 
> > I'm not sure.  Does that mean that we could build the support for
> > (--enable-xmalloc) into default Fedora package, without actually changing
> > the default behavior?  If yes, bug against jemalloc should be filled and
> > for the time being we could bundle ...
> 
> As far as I understand... Yes. I'll file a bug asking for that.

I am not sure if Fedora should have jemalloc with xmalloc support, as upstream
intentionally has this option disabled by default.

ProxySQL 1.4.x doesn't just enable xmalloc , but also applies a patch for it
because by default xmalloc can hurt performance. See:
* https://github.com/jemalloc/jemalloc/issues/522
* https://github.com/sysown/proxysql/issues/823
*
https://github.com/sysown/proxysql/commit/42a55f750c362299c9f0ed7834cdedc5f9778f47

I asked to apply to patch upstream, but was rejected with a valid reason:
https://github.com/jemalloc/jemalloc/pull/523
https://github.com/jemalloc/jemalloc/issues/522

Nonetheless the patch lives in ProxySQL.


> 
> > > re2
> > >   - patched (from proxysql_notes.txt: Because ProxySQL will process
> > >   regular expression in an already thread-safe environment, re2 is
> > >   patches to remove locking)
> > 
> > Interesting.  Does the locking hurt performance?
> 
> Good question, I didn't measure, but probably yes. 
>  
> > >   - Another reason: proxysql includes a private header file which is not
> > >   present in re2-devel Fedora package (regexp.h):
> > > // --- SPONSORED LINK 
> > > --
> > > // If you want to use this library for regular expression matching,
> > > // you should use re2/re2.h, which provides a class RE2 that
> > > // mimics the PCRE interface provided by PCRE's C++ wrappers.
> > > // This header describes the low-level interface used to implement RE2
> > > // and may change in backwards-incompatible ways from time to time.
> > > // In contrast, RE2's interface will not.
> > > // 
> > > -
> > 
> > I think it is fair to bundle too .. to not prolong the review too much, but
> > we
> > should have new bug for this issue.  It seems to me that the ./configure
> > script should have additional option "disabling" the "patched" version of
> > re2.
> 
> Right, but the project uses just Makefiles (no Autotools).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #17 from René Cannaò  ---
(In reply to Augusto Caringi from comment #16)
> (In reply to René Cannaò from comment #13)
> > Hi all,
> > 
> > Author of ProxySQL here.
> > First of all, thank you for considering including ProxySQL in Fedora
> > official repository.
> > I will share my thoughts.
> 
> René, thank you very much for joining this discussion, your opinion is very
> important here.

Thank you!

> > About [1] :
> > my vote goes for 1.3 as well, to create a new user.
> 
> Good to know.
> 
> > About [2]:
> > support for ARM should be as simple as removing all spinlock (this is where
> > assembly code is used) and replace them with pthread rwlock. It is on my
> > todo list.
> 
> That's nice, I've seen your latest commits removing spinlocks.
> 
> > About the dependencies currently bundled, the easy to de-bundle are
> > libconfig and libdamon.
> > SQLite3 is also patched, and there are features in the roadmap that require
> > SQLite 3.15 , for example https://github.com/sysown/proxysql/issues/1011
> 
> But the latest stable version of ProxySQL (1.3.7) has a unpatched SQLite,
> right?

That's absolutely correct!

> I think that we can de-bundle it by now, and in upcoming versions see what's
> the best approach.

I agree.

> Fedora 26 will ship with SQLite 3.19. Would be good if we could be able to
> upstream this 'from_unixtime' patch
> (https://github.com/sysown/proxysql/blob/master/deps/sqlite3/from_unixtime.
> patch) and keep using a de-bundled SQLite in the future. What do you think?

I will ping Dr. Richard Hipp on this.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #16 from Augusto Caringi  ---
(In reply to René Cannaò from comment #13)
> Hi all,
> 
> Author of ProxySQL here.
> First of all, thank you for considering including ProxySQL in Fedora
> official repository.
> I will share my thoughts.

René, thank you very much for joining this discussion, your opinion is very
important here.

> About [1] :
> my vote goes for 1.3 as well, to create a new user.

Good to know.

> About [2]:
> support for ARM should be as simple as removing all spinlock (this is where
> assembly code is used) and replace them with pthread rwlock. It is on my
> todo list.

That's nice, I've seen your latest commits removing spinlocks.

> About the dependencies currently bundled, the easy to de-bundle are
> libconfig and libdamon.
> SQLite3 is also patched, and there are features in the roadmap that require
> SQLite 3.15 , for example https://github.com/sysown/proxysql/issues/1011

But the latest stable version of ProxySQL (1.3.7) has a unpatched SQLite,
right?

I think that we can de-bundle it by now, and in upcoming versions see what's
the best approach.

Fedora 26 will ship with SQLite 3.19. Would be good if we could be able to
upstream this 'from_unixtime' patch
(https://github.com/sysown/proxysql/blob/master/deps/sqlite3/from_unixtime.patch)
and keep using a de-bundled SQLite in the future. What do you think?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #15 from Augusto Caringi  ---
(In reply to Pavel Raiskup from comment #12)
> Per '/usr/share/doc/jemalloc/jemalloc.html':
> 
>   opt.xmalloc (bool) r- [--enable-xmalloc]
> 
> Abort-on-out-of-memory enabled/disabled. If enabled, rather than
> returning failure for any allocation function, display a diagnostic
> message on STDERR_FILENO and cause the program to drop core (using
> abort(3)). If an application is designed to depend on this behavior,
> set the option at compile time by including the following in the
> source code:
> 
>   malloc_conf = "xmalloc:true";
> 
> This option is disabled by default.
> 
> I'm not sure.  Does that mean that we could build the support for
> (--enable-xmalloc) into default Fedora package, without actually changing
> the default behavior?  If yes, bug against jemalloc should be filled and
> for the time being we could bundle ...

As far as I understand... Yes. I'll file a bug asking for that.

> > re2
> >   - patched (from proxysql_notes.txt: Because ProxySQL will process
> >   regular expression in an already thread-safe environment, re2 is
> >   patches to remove locking)
> 
> Interesting.  Does the locking hurt performance?

Good question, I didn't measure, but probably yes. 

> >   - Another reason: proxysql includes a private header file which is not
> >   present in re2-devel Fedora package (regexp.h):
> > // --- SPONSORED LINK --
> > // If you want to use this library for regular expression matching,
> > // you should use re2/re2.h, which provides a class RE2 that
> > // mimics the PCRE interface provided by PCRE's C++ wrappers.
> > // This header describes the low-level interface used to implement RE2
> > // and may change in backwards-incompatible ways from time to time.
> > // In contrast, RE2's interface will not.
> > // -
> 
> I think it is fair to bundle too .. to not prolong the review too much, but
> we
> should have new bug for this issue.  It seems to me that the ./configure
> script should have additional option "disabling" the "patched" version of
> re2.

Right, but the project uses just Makefiles (no Autotools).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-13 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #14 from René Cannaò  ---
As a follow up, support for ARM is already available in branch 1.4.1

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-08 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #13 from René Cannaò  ---
Hi all,

Author of ProxySQL here.
First of all, thank you for considering including ProxySQL in Fedora official
repository.
I will share my thoughts.

About [1] :
my vote goes for 1.3 as well, to create a new user.

About [2]:
support for ARM should be as simple as removing all spinlock (this is where
assembly code is used) and replace them with pthread rwlock. It is on my todo
list.

About the dependencies currently bundled, the easy to de-bundle are libconfig
and libdamon.
SQLite3 is also patched, and there are features in the roadmap that require
SQLite 3.15 , for example https://github.com/sysown/proxysql/issues/1011

Thank you,
René

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-08 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #12 from Pavel Raiskup  ---
Thanks for the analysis!

> 3 libraries are easy to de-bundle: libconfig, libdaemon and sqlite3

Perfect.

> The other 3 libraries are hard to de-bundle due to the following reasons:
> 
> jemalloc
>   - build with different options: --enable-xmalloc
> 
> "--enable-xmalloc
> Enable support for optional immediate termination due to
> out-of-memory errors, as is commonly implemented by "xmalloc"
> wrapper function for malloc.  See the "opt.xmalloc" option
> documentation for usage details."

> This causes this message when proxysql is executed: :
> Invalid conf pair: xmalloc:true

Per '/usr/share/doc/jemalloc/jemalloc.html':

  opt.xmalloc (bool) r- [--enable-xmalloc]

Abort-on-out-of-memory enabled/disabled. If enabled, rather than
returning failure for any allocation function, display a diagnostic
message on STDERR_FILENO and cause the program to drop core (using
abort(3)). If an application is designed to depend on this behavior,
set the option at compile time by including the following in the
source code:

  malloc_conf = "xmalloc:true";

This option is disabled by default.

I'm not sure.  Does that mean that we could build the support for
(--enable-xmalloc) into default Fedora package, without actually changing
the default behavior?  If yes, bug against jemalloc should be filled and
for the time being we could bundle ...

> Turn off this option would be easy in the code: main.cpp: const char
> *malloc_conf = "xmalloc:true,lg_tcache_max:16,purge:decay";
> 
> But this modification probably would change the expected behavior of
> the software.

Agreed, proxysql seems to be designed to use 'xmalloc'.

> mariadb-connector-c
>   - patched (6 patches)

Ok.  Fair to bundle then probably.

> re2
>   - patched (from proxysql_notes.txt: Because ProxySQL will process
>   regular expression in an already thread-safe environment, re2 is
>   patches to remove locking)

Interesting.  Does the locking hurt performance?

>   - Another reason: proxysql includes a private header file which is not
>   present in re2-devel Fedora package (regexp.h):
> // --- SPONSORED LINK --
> // If you want to use this library for regular expression matching,
> // you should use re2/re2.h, which provides a class RE2 that
> // mimics the PCRE interface provided by PCRE's C++ wrappers.
> // This header describes the low-level interface used to implement RE2
> // and may change in backwards-incompatible ways from time to time.
> // In contrast, RE2's interface will not.
> // -

I think it is fair to bundle too .. to not prolong the review too much, but we
should have new bug for this issue.  It seems to me that the ./configure
script should have additional option "disabling" the "patched" version of re2.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-08 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #11 from Augusto Caringi  ---
(In reply to Pavel Raiskup from comment #3)
> * there are some bundled libraries, I would suggest to investigate (a)
>   whether we can de-bundle, or (b) add artificial Provides according to [1]
>   or if that code is not used -- we could (c) 'rm -rf' the source directory
>   to make sure that the code is not used in spec file.
>   Note that if the bundling is needed, there are several other license files
>   in the provided tarball.

Regarding this question, I've investigated the possibility of de-bundle these
libraries...

There are 6 bundled libraries:

- jemalloc  4.3.1
- libconfig 1.4.9
- libdaemon 0.14
- mariadb-connector-c 2.3.1
- re2 20140304
- sqlite3 3.9.2

All of them are present in Fedora 25, with the following versions:

- jemalloc  4.4.0
- libconfig 1.5.4
- libdaemon 0.14
- mariadb-connector-c 2.3.2
- re2 20160401
- sqlite3 3.14.2

3 libraries are easy to de-bundle: libconfig, libdaemon and sqlite3

The other 3 libraries are hard to de-bundle due to the following reasons:

jemalloc
  - build with different options: --enable-xmalloc

"--enable-xmalloc
Enable support for optional immediate termination due to out-of-memory
errors, as is commonly implemented by "xmalloc" wrapper function for
malloc.
See the "opt.xmalloc" option documentation for usage details."

This causes this message when proxysql is executed: : Invalid
conf pair: xmalloc:true

Turn off this option would be easy in the code: main.cpp: const char
*malloc_conf = "xmalloc:true,lg_tcache_max:16,purge:decay";

But this modification probably would change the expected behavior of the
software.

mariadb-connector-c
  - patched (6 patches)

re2
  - patched (from proxysql_notes.txt: Because ProxySQL will process regular
expression in an already thread-safe environment, re2 is patches to remove
locking)
  - Another reason: proxysql includes a private header file which is not
present in re2-devel Fedora package (regexp.h):
// --- SPONSORED LINK --
// If you want to use this library for regular expression matching,
// you should use re2/re2.h, which provides a class RE2 that
// mimics the PCRE interface provided by PCRE's C++ wrappers.
// This header describes the low-level interface used to implement RE2
// and may change in backwards-incompatible ways from time to time.
// In contrast, RE2's interface will not.
// -

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-07 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #10 from Augusto Caringi  ---
(In reply to Augusto Caringi from comment #9)
> %pre
> /usr/sbin/groupadd -g 28 -o -r proxysql >/dev/null 2>&1 || :
> /usr/sbin/useradd  -g proxysql -o -r -d /var/lib/proxysql -s /bin/false \
> -c "ProxySQL" -u 28 proxysql >/dev/null 2>&1 || :

But what I think that we should do differently here is to change the UID/GID.

The number 28 is reserved to nscd (/usr/share/doc/setup/uidgid):

nscd28  28  /   /bin/false  nscd

Why they chose this specific number? I'm not sure, but probably because is 27
(mysql reserved ID) + 1:

mysql   27  27  /var/lib/mysql  /bin/bash   mysql

I was taking a look here:
https://fedoraproject.org/wiki/Features/1000SystemAccounts

And I think that the best option for us is to use a "Dynamically-allocated
system accounts" (201-999)

"Any package can use dynamic allocation; it is especially appropriate for
packages that use separate identities only for privilege separation and don't
create any files owned by that group/user account. Because of the limited
number of soft static UIDs and GIDs available, it is better to use dynamic
allocation if in doubt."
(https://fedoraproject.org/wiki/Packaging:UsersAndGroups?rd=Packaging/UsersAndGroups#Allocation_Strategies)

Or would be a good idea to ask for a "Statically-allocated system accounts"?

"Soft static allocation ensures that multiple independently installed systems
use the same UID and GID values; either UID and GID values allocated by Fedora
or values that were optionally pre-allocated by the system administrator. Don't
use soft static allocation unnecessarily as the number of available values is
limited. Soft static allocation is only appropriate for packages where the UID
or GID values are shared between computers. For instance, if the package
creates files with the assigned UID or GID that are likely to be shared over
NFS. Soft static allocation MUST be evaluated by the FPC."

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-07 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Augusto Caringi  changed:

   What|Removed |Added

  Flags||needinfo?(acaringi@redhat.c
   ||om)



-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-07 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Augusto Caringi  changed:

   What|Removed |Added

  Flags|needinfo?(acaringi@redhat.c |
   |om) |



--- Comment #9 from Augusto Caringi  ---
(In reply to Honza Horak from comment #8)
> I've accidentally came across
> https://github.com/percona/proxysql-packaging/blob/master/rpm/proxysql.spec
> -- so just sharing FYI..

Good to know...

It's interesting to note that they are also creating a specific user/group for
ProxySQL called proxysql:

%pre
/usr/sbin/groupadd -g 28 -o -r proxysql >/dev/null 2>&1 || :
/usr/sbin/useradd  -g proxysql -o -r -d /var/lib/proxysql -s /bin/false \
-c "ProxySQL" -u 28 proxysql >/dev/null 2>&1 || :

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-06 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #8 from Honza Horak  ---
I've accidentally came across
https://github.com/percona/proxysql-packaging/blob/master/rpm/proxysql.spec --
so just sharing FYI..

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-06 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Pavel Raiskup  changed:

   What|Removed |Added

  Flags||needinfo?(acaringi@redhat.c
   ||om)



--- Comment #7 from Pavel Raiskup  ---
Re-adding 'needinfo' according to wiki/Package_Review_Process.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-06 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #6 from Pavel Raiskup  ---
(In reply to Honza Horak from comment #4)
> I'm still thinking about whether running ProxySQL as `mysql` user has even
> some security issues (where a hacked proxysql daemon might potentially be
> able to read the MySQL database data on the same machine).

FWIW, this makes the '1.3' solution clear winner for me.  Thanks!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-05 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Augusto Caringi  changed:

   What|Removed |Added

  Flags|needinfo?(acaringi@redhat.c |
   |om) |



--- Comment #5 from Augusto Caringi  ---
(In reply to Honza Horak from comment #4)
> I'm still thinking about whether running ProxySQL as `mysql` user has even
> some security issues (where a hacked proxysql daemon might potentially be
> able to read the MySQL database data on the same machine). I think this
> won't happen much in practice anyway, since proxysql won't probably run on
> the same machine as MySQL/MariaDB server, but still, the more I think about
> it, the more I like 1.3 as the solution..

My personal preference is 1.3 as well.

> On the other hand I'm also thinking whether there is some use case for
> having the same user for ProxySQL, as for mysql/mariadb server -- I think
> this is another thing that might be consulted with the upstream author. If
> there is no reason for that, we might be fine with creating proxysql user
> and even dynamic UID. That would probably make better sense given the
> ProxySQL uses a directory /var/lib/proxysql, which might be the home for the
> proxysql user as well.

I've already asked the upstream author about this question and he told me that
there is no specific reason to run ProxySQL as mysql user... Any user will
work:

"There is no specific reason to run ProxySQL as mysql user.
Any user can work, as long as it is privileges to access full access
/var/lib/proxysql .
Nonetheless, you do not need MySQL server installed: a simple useradd will
work."

https://github.com/sysown/proxysql/commit/6b3291b53e237460eef62a6ee6033d2e8a4dea46

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-05 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #4 from Honza Horak  ---
(In reply to Pavel Raiskup from comment #3)
> > 1. There is the question regarding the user/group.
> 
> I would prefer to discuss this with mysql/mariadb maintainers, so I'm CCing
> Michal/Honza.  My personal preference is somewhere between 1.3 or 1.4, though
> that's my POV;  reasoning is that it is pretty ugly to create the same users
> and UIDs in several spec files.

I'm still thinking about whether running ProxySQL as `mysql` user has even some
security issues (where a hacked proxysql daemon might potentially be able to
read the MySQL database data on the same machine). I think this won't happen
much in practice anyway, since proxysql won't probably run on the same machine
as MySQL/MariaDB server, but still, the more I think about it, the more I like
1.3 as the solution..

On the other hand I'm also thinking whether there is some use case for having
the same user for ProxySQL, as for mysql/mariadb server -- I think this is
another thing that might be consulted with the upstream author. If there is no
reason for that, we might be fine with creating proxysql user and even dynamic
UID. That would probably make better sense given the ProxySQL uses a directory
/var/lib/proxysql, which might be the home for the proxysql user as well.

Anyway, as for the user creation, if we would go with the mysql user -- I've
talked to ovasik about what other packages do about this issue (when more
package require the same user to be existing) and usually the packages just
duplicate the user creation. The scriptlet should just properly check, whether
the user is already installed or not:
https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-02 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Pavel Raiskup  changed:

   What|Removed |Added

 CC||acari...@redhat.com,
   ||hho...@redhat.com,
   ||msch...@redhat.com
  Flags||needinfo?(acaringi@redhat.c
   ||om)



--- Comment #3 from Pavel Raiskup  ---
> 1. There is the question regarding the user/group.

I would prefer to discuss this with mysql/mariadb maintainers, so I'm CCing
Michal/Honza.  My personal preference is somewhere between 1.3 or 1.4, though
that's my POV;  reasoning is that it is pretty ugly to create the same users
and UIDs in several spec files.

> 2. I did a koji scratch build and it fails on arm architecture due to some
> use of x86 assembly code. It seems that the upstream is already aware: 

We can probably ExcludeArch for the time being.

> 3. rpmlint complains about 2 things:
> 
>3.1: The lacking of man page for proxysql: 
> 
> W: no-manual-page-for-binary proxysql

It is fair to provide downstream manual page in such cases, and propose it
upstream, too.  Also, have a look at help2man.  This is warning-only but
installing a binary into %_bindir deserves manpage in Fedora.

>3.2: Crypto policies: 
> 
> W: crypto-policy-non-compliance-openssl /usr/bin/proxysql 
> SSL_CTX_set_cipher_list

Have a look at [2].

The spec file looks nice, thanks!  Some things that are worth looking at:

* license tag says 'GPL+', but the license file seems to be 'GPLv3'
* there are some bundled libraries, I would suggest to investigate (a)
  whether we can de-bundle, or (b) add artificial Provides according to [1]
  or if that code is not used -- we could (c) 'rm -rf' the source directory
  to make sure that the code is not used in spec file.
  Note that if the bundling is needed, there are several other license files
  in the provided tarball.
* /usr/share/doc/proxysql directory is not owned by the package,
  /usr/share/proxysql/tools neither
* there's no %configure, which means %optflags are not used automatically -
  this probably needs to be added
* consider working together with upstream on having better 'make install'
  code ... so we can use this, for the time being - please at least raise
  issue upstream and put the link near manual `install` commands in
  %install so everybody understands that this is temporary issue..
* %bulidroot%_bindir is enough (no need for the additional '/' in between)


[1]
https://fedoraproject.org/wiki/Bundled_Libraries?rd=Packaging:Bundled_Libraries
[2] https://fedoraproject.org/wiki/Packaging:CryptoPolicies

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-02 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929

Pavel Raiskup  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC||prais...@redhat.com
 Blocks||177841 (FE-NEEDSPONSOR)
   Assignee|nob...@fedoraproject.org|prais...@redhat.com



--- Comment #2 from Pavel Raiskup  ---
Thanks for the package, I'll take the review.


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=177841
[Bug 177841] Tracker: Review requests from new Fedora packagers who need a
sponsor
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org

[Bug 1457929] Review Request: proxysql, a high-performance MySQL proxy

2017-06-01 Thread bugzilla 
https://bugzilla.redhat.com/show_bug.cgi?id=1457929



--- Comment #1 from Augusto Caringi  ---
There are a few issues to discuss: 

1. There is the question regarding the user/group. The upstream provided
systemd unit file uses the user/group mysql:mysql. 
   It's possible to have proxysql running on a machine without any mysql server
installed (proxying external servers), in this case, the mysql user:group won't
be present in the system and as consequence, systemd will fail to start the
server.
   There are a few possible solutions to fix this:

   1.1: mysql-server (mariadb?) be a dependency of proxysql
   1.2: Add the user/group mysql during the installation
   1.3: Patch the unit file to run the daemon as another user (proxysql)
   1.4: Create a specific and very small subpackage of mariadb.spec which will
create 'mysql' user and UID  and then `mariadb`,
mysql and proxysql can depend on it..

2. I did a koji scratch build and it fails on arm architecture due to some use
of x86 assembly code. It seems that the upstream is already aware: 

   https://github.com/sysown/proxysql/issues/977

3. rpmlint complains about 2 things:

   3.1: The lacking of man page for proxysql: 

W: no-manual-page-for-binary proxysql

   3.2: Crypto policies: 

W: crypto-policy-non-compliance-openssl /usr/bin/proxysql
SSL_CTX_set_cipher_list

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
___
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org