Dne Čt 23. května 2013 11:54:04, John.Florian(a)dart.biz napsal(a):
> From: pmatilai(a)laiskiainen.org
>
> On 05/23/2013 06:09 PM, John.Florian(a)dart.biz wrote:
> > And even though I have to give rpmbuild a tarball, I don't
> > believe it ever reuses it "as is". My understanding is that the
content
> > gets extracted, processed and tarballed again.
>
> I dont know what gave you such an idea
Me neither. Perhaps the apparent slowness with large packages and/or a
lack of coffee this morning.
, rpm certainly does nothing of
> the sort. The tarball is obviously extracted for building, but what ends
>
> up in the src.rpm is the original tarball and the patches defined in the
>
> spec - this is the "pristine sources" principle:
>
http://rpm.org/max-rpm-snapshot/ch-rpm-philosophy.html#S1-RPM-
> PHILOSOPHY-PRISTINE-SOURCES
You are, of course, right. I actually knew that for srpms. I just tend
not to think about the srpms much since for nearly all the builds I do, *I
am the upstream* source so I'm really only interested in the binary rpms.
> > I'd like to see it behave more the way I expected it to when I naively
> > first started rolling my own packages. Specifically, it would be nice
> > if the %Source URI was processed intelligently to automatically
retrieve
> > the content via HTTP, FTP, GIT, FILE or whatever (within reason)
happens
> > to be specified there.
>
> Rpm >= 4.10 can automatically download remote sources and patches over
> http and ftp, but since there's (currently) no way to verify downloaded
> content the feature is disabled by default as its quite a security risk
> to download arbitrary content from the internet without checking
> checksums at least.
This sounds more like something that should be a part of rpmdev-tools (if it
isn't already. I recommend getting in touch with the maintainer of those and
see if there is something that can be done there.
Thanks
Jan