libraries missing on F22 and higher

Antonio Trande anto.trande at gmail.com
Thu Dec 31 13:05:43 CET 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note that is not just a fc? vs fc23 issue; just for example:

1) Which RPMFusion packages use %license?
(http://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License_Text)

$ repoquery -f /usr/share/licenses/* --disablerepo=fedora,updates
- --enablerepo=rpmfusion-free-updates-testing

or

$ repoquery -f /usr/share/licenses/* --disablerepo=fedora,updates
- --enablerepo=rpmfusion-free

And which ones push a COPYING in a bad directory?

$ repoquery -f /usr/share/doc/*/COPYING* --disablerepo=fedora,updates
- --enablerepo=rpmfusion-free


2) Which RPMFusion packages are **rebuilt** by including hardening flags?
(http://fedoraproject.org/wiki/Packaging:Guidelines#Compiler_flags
https://fedoraproject.org/wiki/Changes/Harden_All_Packages)
   Just for example I chosen that most famous:

$ rpm -qa ffmpeg
ffmpeg-2.8.3-1.fc23.x86_64

(Good! It has been rebuilt for F23)

$ rpm -q --list ffmpeg | grep bin
/usr/bin/ffmpeg
/usr/bin/ffplay
/usr/bin/ffprobe
/usr/bin/ffserver
/usr/bin/qt-faststart

# checksec --file /usr/bin/ffmpeg

Ops! 'Partial RELRO' and 'No PIE' warnings

$ rpm -qa ffmpeg-compat
ffmpeg-compat-0.6.7-9.fc23.x86_64

(Ops! Still fc22 but okay, it's working)

$ rpm -q --list ffmpeg | grep COPYING
/usr/share/doc/ffmpeg/COPYING.GPLv2
/usr/share/doc/ffmpeg/COPYING.GPLv3
/usr/share/doc/ffmpeg/COPYING.LGPLv2.1
/usr/share/doc/ffmpeg/COPYING.LGPLv3

(Ops! Packaging rules violation)

$ rpm -q --list ffmpeg-compat | grep lib
/usr/lib64/libavcodec.so.52
/usr/lib64/libavcodec.so.52.72.2
/usr/lib64/libavdevice.so.52
/usr/lib64/libavdevice.so.52.2.0
/usr/lib64/libavfilter.so.1
/usr/lib64/libavfilter.so.1.19.0
/usr/lib64/libavformat.so.52
/usr/lib64/libavformat.so.52.64.2
/usr/lib64/libavutil.so.50
/usr/lib64/libavutil.so.50.15.1
/usr/lib64/libpostproc.so.51
/usr/lib64/libpostproc.so.51.2.0
/usr/lib64/libswscale.so.0
/usr/lib64/libswscale.so.0.11.0

# checksec --file /usr/lib64/libavcodec.so.52.72.2
Ops! 'Partial RELRO' warning

Therefore, am I exagerrating? Okay, but please don't tell me that ALL
RPMFusion packages respect packaging guidelines of Fedora.


- -- 
Antonio Trande

mailto: sagitter 'at' fedoraproject 'dot' org
http://fedoraos.wordpress.com/
https://fedoraproject.org/wiki/User:Sagitter
GPG Key: 0x565E653C
Check on https://keys.fedoraproject.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWhRoTAAoJEF5tK7VWXmU8iswH/0b1wEDOAlKW10xYt5rhwq2R
41irVEf/VMbB8wARDDWLXVxlWAeVy/NEcKcQfVaHYYets1zZyykyXXIgNej2kM2L
2SQBWiAfIzTncVO9nEkjlpKmfWLbDgzM2T75gq8ifC0yi7ZZttv3qmLyLDuLWF57
0oiLDEtlIF9MkWixxfCVnOVKq5w2vGE8GzimhYxVv7x6YHHEuGny4dMTL9K80rxv
RxJQ/lDIrQAuIc4+i/wW64g0sISIVYVPevxwFXTsprpALrorOCTTsapA0xUwq5rf
yMiSfOM6mcU2tq5ywg4YKivtaqlAXlg0+4wGAolzMUznI9C97K8/PZQpurZOpeY=
=1u9b
-----END PGP SIGNATURE-----

More information about the rpmfusion-developers mailing list