packaging dnsmap

Lorenzo "Palinuro" Faletra palinuro at parrotsec.org
Tue Jan 3 18:23:04 UTC 2017 


On 31/12/2016 18:08, Samuel Henrique wrote:
> Ok, here's my review of the package:
> 
> What needs to be done in order for the upload to be approved (by me, i
> know there are other DDs who doesn't mind some problems that i'm
> considering here):
> 
> a) Bump DH level to 10: You're currently using DH 9.

done

cat debian/compat
10


> 
> b) Declare a proper DH version on d/control: Please have a look at [1],
> and bare in mind that you will be using DH 10 in your case.

added (>=10) to debhelper build dependency

how should i handle the Standards-Version field?

> 
> c) Remove the watchfile: It is pointing to code.google, which is
> obsolete and won't have any new releases (besides upstream is non-active
> for at last 7 years).

done, i have seen a github repo but we don't know how official it is,
and it doesn't provide git tags, while dnsmap doesn't seem to be up to
receive updates....

> 
> d) Remove double GPL-2+ definition: More information here[2]

fixed

> 
> e) Remove debhelper template from d/copyright: Looks like you forgot to
> have a look at line 6.

i have copied the copyright file from the kali package waiting for
further info on how to handle it

fixed the Files: * copyright field

> 
> f) Add yourself on d/copyright: After all, you did changes to the
> packaging and now you can add yourself as one of the copyright holders
> of debian/*

anyway, as i have imported or reproduced many things from the kali
source, how should i handle the debian/* stuff?

> 
> h) Open an ITP bug and close it using d/changelog: Please read this[3].

will do as soon as possible

> 
> i) Remove trailing whitespaces: I can see a lot of them on d/control and
> on on d/rules, you can either use $ wrap-and-sort -a or enable trailing
> whitespace highlighting on vim[4], i recommend you to use wrap-and-sort
> to fix this.

done

> 
> j) Remove dh comments from d/rules: Self explanatory.

cleaned

> 
> k) Remove d/docs: None of the files there is useful, the only one that
> is arguable (is a doc in fact) is README.txt, but a manpage should make
> it useless.

removed

> 
> l) Patch Makefile: The makefile is missing CPPFLAGS, LFDLAGS and the
> CFLAGS is being overriden (which causes a useless -dbgsym package),
> please have a look at[5] for hints on how to fix that. After that you
> may also add "export DEB_BUILD_MAINT_OPTIONS = hardening=+all" at
> d/rules in order to enable bindnow.

done

--- a/Makefile
+++ b/Makefile
@@ -1,9 +1,9 @@
 CC=gcc
-CFLAGS=-I.
-BINDIR=/usr/local/bin
+CFLAGS += -I.
+BINDIR=/usr/bin

 dnsmap: dnsmap.c dnsmap.h
-       $(CC) $(CFLAGS) -o dnsmap dnsmap.c
+       $(CC) $(LDFLAGS) $(CFLAGS) -o dnsmap dnsmap.c

 install: dnsmap
        mkdir -p $(DESTDIR)$(BINDIR)



should i move BINDIR from /usr/local/bin to /usr/bin too?

i did it and i was able to correctly build a package by removing the
following lines from d/rules

-override_dh_auto_install:
-	make
-	install dnsmap $(CURDIR)/debian/dnsmap/usr/bin/
-	install dnsmap-bulk.sh $(CURDIR)/debian/dnsmap/usr/bin/

which looks cleaner now


> 
> m) Rename dnsmap-bulk.sh to dnsmap-bulk: We are encouraged not to ship
> script files with language extensions, you can read more about this here[6].

install -m 0755 dnsmap-bulk.sh $(DESTDIR)$(BINDIR)/dnsmap-bulk

doesn't it copy the file without .sh already?

> 
> n) Remove d/dirs: it is not needed to put usr/bin there and
> usr/share/dnsmap is already being used on d/dnsmap.install, more info[7].

done

> 
> o) Bonus: Create a manpage: I consider this important, shouldn't be so
> trouble since one can use info already provided on README.txt.

never worked with manpages, i'll try to add it as soon as possible

> 
> That's all, i know that there are a lot of points, please don't be
> discouraged by my review, most of these problems are newbie ones and i
> believe you won't be committing them again.

discouraged? all the opposite

> 
> If you have any questions about how to do any of these changes, or feel
> like not having time to do them, please reply and i can help you. If
> you're planning to become a DM/DD, its better if you do the changes
> yourself.

everything should be as expected now except for the missing manpages and
the -dbgsym stuff

> 
> After all these changes are made, i can have another look at the package
> just to confirm that i didn't missed anything (i'm pretty sure i not).

let me know how the package looks like now

p.s.
should i add a .gitignore file to remove all that .pc/ crap from the repo??

> 
> [1]https://www.debian.org/doc/manuals/maint-guide/dreq.en.html#control
> <https://www.debian.org/doc/manuals/maint-guide/dreq.en.html#control>
> [2]https://lintian.debian.org/tags/dep5-copyright-license-name-not-unique.html
> <https://lintian.debian.org/tags/dep5-copyright-license-name-not-unique.html>
> [3]https://www.debian.org/doc/manuals/developers-reference/pkgs.html#newpackage
> <https://www.debian.org/doc/manuals/developers-reference/pkgs.html#newpackage>
> [4]Put this in your .vimrc: inoremap <F2> <CR><C-R>=repeat('
> ',col([line('.')-1,'$'])-col('.'))<CR><C-O>:.retab<CR>
> [5]http://eriberto.pro.br/blog/?p=2222
> [6]https://www.debian.org/doc/debian-policy/ch-files.html ['10.4
> Scripts' paragraph]
> [7]https://www.debian.org/doc/manuals/maint-guide/dother.en.html#dirs
> 
> Regards, and happy new year.
> 
> Samuel Henrique <samueloph>
> 
> 2016-12-30 23:43 GMT-02:00 Samuel Henrique <samueloph at gmail.com
> <mailto:samueloph at gmail.com>>:
> 
>     Sure, i would like to do that!
> 
>     Just give me 14 hours and i will reply here with my review (i'm
>     gonna do it tomorrow).
> 
>     Samuel Henrique <samueloph>
> 
>     2016-12-30 19:40 GMT-02:00 Gianfranco Costamagna
>     <locutusofborg at debian.org <mailto:locutusofborg at debian.org>>:
> 
>         Hello,
> 
>         >hello guys, i have packaged dnsmap and then adjusted some d/rules things by watching to the kali package, is someone interested in checking if everything is ok?
> 
> 
>         there are some improvements that I would like to add, but I
>         prefer somebody else to do the review :)
> 
>         Samuel, can you please give it a look?
> 
>         I see something like 4 things I would like to see fixed before
>         sponsoring :p
> 
> 
>         G.
> 
> 
> 
> 
> 
>

More information about the Pkg-security-team mailing list