rpmlint - errors safely to ignore

Vít Ondruch vondruch at redhat.com
Tue Jul 2 13:42:59 UTC 2013

Dne 2.7.2013 14:48, Axilleas Pi napsal(a):
> Hi all,
> I am in the process of an informal review attempt of rugged [0] and I 
> bumped into some errors that rpmlint found and could be false 
> positives. I would like your opinion.
> 1) explicit-lib-dependency libgit2
> You must let rpm find the library dependencies by itself. Do not put 
> unneeded explicit Requires: tags.
> I have found only this section in the wiki[1] which is a little 
> relevant, but some example would be better.

If package has BR on some -devel package and the library is linked 
against it, then RPM automatically pick-ups the dependency on that 
library. You don't have to specify it manually.

In this case, I am afraid that libgit2 is vendored in the gem and it is 
statically linked. That means:

1) It is against bundling policy
2) RPM cannot pickup the dependency
3) It makes ironically the Requires unneeded.

I would focus on solving the first point ;)

> 2) non-standard-executable-perm 
> /usr/lib64/gems/ruby/rugged-0.16.0/lib/rubygem-rugged/rugged.so 0775L
> The permissions of all libraries I have in /usr/lib64/gems/ruby/ are 
> 755 so I guess it is safe to ignore.

Note the difference 07*7*5 vs 07*5*5.

The thing is that the .so file in ext/ has wrong permissions, while the 
.so file in lib/ has correct permissions. The one from lib/ should be 
taken while the ext/ should be ignored/removed

> 3)  arch-dependent-file-in-usr-share 
> /usr/share/gems/gems/rugged-0.16.0/lib/rugged/rugged.so
> This package installs an ELF binary in the /usr/share  hierarchy, 
> which is reserved for architecture-independent files.

See 2) This file should be moved into %{gem_extdir_mri}

> Additionally to 3, running mock it shows that:
> ------
> DEBUG: *** WARNING: identical binaries are copied, not linked:
> DEBUG: /usr/share/gems/gems/rugged-0.16.0/lib/rugged/rugged.so
> DEBUG: and 
> /usr/lib64/gems/ruby/rugged-0.16.0/lib/rubygem-rugged/rugged.so
> ------
> Are they both needed, is it safe to ignore?

These are related to the points 2 and 3.


More information about the ruby-sig mailing list