[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: proposed mock changes (diff)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael_E_Brown Dell com wrote:
> I am leaving for OLS 2006 and wont be able to do any review for the next
> week.
>
> I just caught up on the rpmlint discussion, and have a few concerns.
>     -- Security of installing just-built RPM
>     -- Can rpmlint just be done outside of mock (using mock chroot,
> for example)? Why do we have to extend mock for this?
>

We don't really have to. I wondered if it could be done without a
major upheaval in the code. Turns out it can if we're just talking
about running it against the package files.  But it would take quite a
bit more to do it automagically against an installed package (i.e.
install the just-built package into the chroot and run rpmlint on the
installed package(s)).

My thought is that running rpmlint against the just-generated
RPM/SRPMs is a nice thing to have around, so that a developer could
get a regular sanity check on the package (since the results are kept
in an rpmlint.log file). Note that you'd still have to invoke mock
with the --rpmlint command line option. I think that installing the
package in a chroot and doing more extensive testing is job for a
testing tool (not mock).

So left to myself I'd probably add the --rpmlint option as is and let
someone use 'mock --no-clean chroot <commands>' to do more extensive
testing. But I don't feel strongly enough about it that I'd argue for
it in the face of determined resistance.

Clark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFEu/CRHyuj/+TTEp0RAsiIAKCJaWb5Oi8fFBLwPSPokx3jPGkJ4gCfcG9o
mLa7aQdS89Wgq8t7OiXtv6w=
=QV6u
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]