Postings by Jamie Nguyen

Guidelines for scriptlets modifying %config(noreplace) files


I noticed on an Ansible run that a recent update to bind changed
/etc/named.conf directly, instead of creating a separate rpmnew file.
(It's running sed in a scriptlet.)

I couldn't find clear packaging policy on this. The guidelines [0] talk
about %config(noreplace) vs %config, but /etc/named.conf is installed as
a "noreplace" file.

I've not really been a particularly active packager in a long time so I
could be wrong, but my expectation was that you're not meant to edit
"noreplace" files in scriptlets.

Orphaning some python packages


Sadly, due to lack of time, I've orphaned these 3 packages:

rpms/python-ctypesgen -- A pure-python ctypes wrapper generator ( master
f24 f23 f22 el6 )
<a href="" title=""></a>

rpms/python-py2neo -- A simple Python library that provides access to
Neo4j ( master f24 f23 f22 el6 )
<a href="" title=""></a>

rpms/python-testify -- A replacement for Python's unittest module and
nose ( master f24 f23 f22 el6 )
<a href="" title=""></a>

Please feel free to take them!

Bodhi error: security updates stuck with no way to request stable


This update for 3 Nginx CVEs was auto-submitted to stable yesterday:

<a href="" title=""></a>

I got this error message:

nginx-1.8.1-1.fc23 ejected from the push because 'Request --RAW HTML
NOT ALLOWED-- inconsistent with mash request --RAW HTML NOT ALLOWED--'

Now there isn't an option for me to request a push to stable.

Request for advice: Major version update of Nginx on EL5/6/7


Distributions like RHEL and Debian have a very strict update policy (for
good reason). People expect stability and don't want surprises.

When CVEs arise, patches can often be backported. Nginx 1.8.1 recently
fixed three CVEs and I've backported to Nginx 1.6.x on EL7.

Unfortunately, Nginx 1.0.x on EL6 is too old; I gave it a good shot but
backporting the patches reliably without creating new CVEs is beyond my
expertise. Nginx 0.8.x on EL5 is prehistoric.

I've had a couple of bug reports recently suggesting that I rebase Nginx
to 1.8.1 on all branches.

Request for karma: Nginx CVEs

Hi all,

Three CVEs were fixed in Nginx 1.8.1.

NGINX cannot be installed. Possible to include libunwind in CentOS-Base?


I'm the maintainer of NGINX package for Fedora/EPEL 7. The most commonly
recommended way to install NGINX on CentOS 7 is via the EPEL 7
repository. However, for the last few days this has not been possible.

libunwind is now included in RHEL 7.2 (having previously been only in
EPEL 7 repo). Unfortunately, the maintainer for the RHEL libunwind broke
the upgrade path by using a Release (1.1-5) lower than the EPEL
libunwind (1.1-10).

Between a rock and a hard place


libunwind package is now part of RHEL 7.2. It got retired from EPEL7
three days ago (and incidentally the Release went backwards so upgrade
path is broken):

<a href="" title=""></a>

Unfortunately, that leaves CentOS users in a bit of a pickle, as
libunwind is no longer installable (unless they enable CR repository or
wait X weeks until CentOS 7.2 is released).

NGINX depends on gperftools which depends on libunwind.

nodejs-read-installed license change BSD to ISC

Next update across all Fedora branches plus EL6 changes the license from
BSD (nodejs-read-installed-0.2.3) to ISC

Kind regards,

nodejs-read-package-json license change BSD to ISC

Next update across all Fedora branches plus EL6 changes the license from
BSD (nodejs-read-package-json-1.1.1) to ISC

Kind regards,

nodejs-slide license change MIT to ISC

Next update across all Fedora branches plus EL6 changes the license from
MIT (nodejs-slide 1.1.4) to ISC (nodejs-slide 1.1.5).

Kind regards,

Backslash swallowed by %configure on koji rawhide build


The spec in question:
<a href="" title=""></a>

The lines in question:
%configure --disable-static \
--with-ipsec-script=%{name} \

nodejs-graceful-fs incorrect license, now BSD

License change notification:

Upstream specifies in package.json (metadata) that the license is BSD,
but has actually been shipping a LICENSE file containing the MIT
license. Upstream have now replaced it with the text of the BSD license.

The license of the Fedora package has been changed from MIT to BSD
accordingly, and contains a copy of the updated LICENSE.

Kind regards,

Tor package on the way to awesome, and looking for a re-review


In the FESCo meeting yesterday (February 27th), it was decided that
Enrico Scholz would be removed as maintainer of the tor package, and
that I should become the primary maintainer.

I am going about fixing the package and bringing it back into shape with
the help of co-maintainer Paul Wouters and hopefully with input from

SCM request not quite complete?

Hi Jon (and list),

I opened an SCM request here:
<a href="" title=""></a>

The master branch seems fine. I've cloned, imported and built
nodejs-send for rawhide.

Does anybody know how to contact "louizatakk"?


I'm trying to contact the maintainer of python-sleekxmpp to request to
co-maintain (as it's a bit out of date). Emails to his/her FAS email
address are bouncing but there are no other maintainers to contact.

Not really sure how exactly to get in touch given that email is the only
form of communication on offer:

User: louizatakk, Name: None, email: <a href="mailto: ... at louiz dot org"> ... at louiz dot org</a>, Creation:
2008-04-22, IRC Nick: None, Timezone: None, Locale: None, GPG

Approved Groups: cla_fedora cla_done fedorabugs cvsl10n packager cla_fpca

Kind regards,

Tor maintainership

Hi Enrico,

Thanks very much for adding me as a co-maintainer. I guess that you
probably don't have much time for updating the Tor package, so I'm glad
to be on board and will be taking a very active role in maintaining the
package so that you can spend time on other things. I have some package
cleanup tasks lined up and will be closing the security bugs on our
bugzilla very soon.

Thanks again.

(Also cc'd to fedora-devel to inform the public that any recent problems
with the package should hopefully now be history :)

Kind regards,

Please test Tor Fedora 17 package

Please could testers give some karma:

<a href="" title=""></a>

Tor package for Fedora 17 has been out-of-date with security issues for
4 months. Maintainer Enrico Scholz says he will not push the update
without enough karma (despite even critical path updates only requiring
14-days without negative karma before they can be pushed):

<a href="" title=""></a>

Cannot change fedora-cvs flag on bugzilla

Hi all,

Having some trouble for this package review request:
<a href="" title=""></a>

It has been approved, but I can't set the fedora-cvs flag. This has
worked in the past, but maybe something to do with different email

FAS email: <a href="mailto: ... at jamielinux dot com"> ... at jamielinux dot com</a>
Bugzilla email: <a href="mailto: ... at fedoraproject dot org"> ... at fedoraproject dot org</a>

Would appreciate any help.

Kind regards,