[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: checking binary rpm packages



On Sun, Jan 30, 2005 at 06:48:46AM +1100, Alan Milligan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Florian,
> 
> Just a quick spin up over some of our packages:
> 
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/kernel-2.6.9-1.667.root.i686.rpm:
> tag 1147 is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/mozilla-1.7.3-17.i386.rpm: tag
> 1147 is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/mozilla-enigmail-0.89.6-1.i386.rpm:
> unknown packager: Alan Milligan
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/mozilla-enigmail-0.89.6-1.i386.rpm:
> unknown vendor: last-bastion.net
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/mozilla-nspr-1.7.3-17.i386.rpm:
> tag 1147 is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/mozilla-nss-1.7.3-17.i386.rpm:
> tag 1147 is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/openssl-0.9.7d-12.i386.rpm: tag
> 1147 is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/PIL-1.1.4-1.i386.rpm: unknown
> vendor: Last Bastion Network
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/rsync-2.6.3-1.i386.rpm: tag 1147
> is marked legacy
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/wxPythonGTK-py2.3-2.4.2.4-2.i386.rpm:
> unknown packager: Robin Dunn <robin alldunn com>
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/zope-2.7.3b1-7.i386.rpm: unknown
> vendor: Last Bastion Network
> /usr/src/redhat/BUILD/i386/Fedora/RPMS/zoperl-1.0.1-5.i386.rpm: unknown
> vendor: Zope Corporation and Contributors <zope zope org>
> 
> How about resolving tag 1147 to it's friendly name?  Also, what must be
> done to become a 'known packager/vendor'???

Hello Alan,

your output comes from "--strict" where a bit more content is checked
from rpm packages. Are e.g. vendor fields setup correctly. Tag 1147 has been
information on what SELinux filecontexts should be given to included files.
We don't include that anymore within binary rpm packages, but keep that
in the selinux-policy-* packages.

If you want to check your rpm packages about included content and good
packaging rules, "rpmlint" has way more checks for this and is a very
nice tool (http://people.redhat.com/laroche/ also contains output data
from rpmlint, too).

greetings,

Florian La Roche


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]