review-o-matic : Fedora package review helper
Toshio Kuratomi
a.badger at gmail.com
Sat Nov 1 18:34:52 UTC 2008
Ignacio Vazquez-Abrams wrote:
> On Sat, 2008-11-01 at 10:37 -0700, Toshio Kuratomi wrote:
>> Also, do we trust mock with unaudited spec files? I know that we do
>> trust it with unaudited tarballs but I don't know if this is a reason to
>> open things up further.
>
> Doesn't the chroot mitigate most of the issues there might be in the
> source package?
It's supposed to but we have had issues in the past where the build
process modified the host environment. I don't know if we traced that
down to something escaping the chroot or if it was something that mock
did before entering the chroot. In either case, if we go for a web
app-only we need to decide whether we're comfortable building unaudited
spec files from someone who may not have a Fedora Account yet (Note: You
presently only need to have a bugzilla account when you submit your
first package. This could be changed to cla_done for use of the
review-o-matic web app) via a web app hosted in Fedora Infrastructure.
If it was a script run on a reviewer's machine this would be something
each reviewer could decide for themselves, possibly after prereviewing a
certain portion of the package.
> A VM can probably mitigate the rest.
>
As in creating and tearing down a xen guest every time a build is
requested? That might help. review-o-matic would need the ability to
do that, though, and Infrastructure needs to decide that they want to
host a web app that has the ability to kick off creation and destruction
of VMs.
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20081101/b626dc0f/attachment.sig>
More information about the fedora-devel-list
mailing list