Summary: | sysutils/dirvish erroneously marked BROKEN unfetchable | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Nathan Robertson <nathan> | ||||||||
Component: | Individual Port(s) | Assignee: | Rene Ladan <rene> | ||||||||
Status: | Closed FIXED | ||||||||||
Severity: | Affects Many People | CC: | antoine, colin, koobs, nathan, portmaster, rene, tarkhil | ||||||||
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(tarkhil) |
||||||||
Version: | Latest | ||||||||||
Hardware: | Any | ||||||||||
OS: | Any | ||||||||||
Attachments: |
|
Added antoine@FreeBSD.org to the cc: list, as his check-in marked this port as BROKEN unfetchable. It is BROKEN: => dirvish-1.2.1.tgz doesn't seem to exist in /usr/ports/distfiles/. => Attempting to fetch http://www.dirvish.org/dirvish-1.2.1.tgz fetch: http://www.dirvish.org/dirvish-1.2.1.tgz: size mismatch: expected 46908, actual 48604 @Nathan If you can provide a patch to update the distribution file and/or its checksum after evaluating the source of the checksum mismatch, please re-open the issue Created attachment 210807 [details]
Differences between ancient Fedora tgz and website version
I can not find anywhere a tarball that matches the SHA sum in the ports for this. I have gone looking through Debian and Fedora, and have found that the current Fedora (31) matches the tarball they distributed in Fedora 12 (ie. very ancient). Incidentally, Debian's tarball matches that SHA sum as well. But I can't find one that matches the one in FreeBSD. I've attached a patch showing the differences between the really ancient Fedora one and the one on the dirvish.org website now. It's just a bunch of places in the source code and documentation which were saying version 1.2, and should have been 1.2.1. Somebody has fixed that, re-released and not announced the change. There used to be a distfiles directory on ftp.freebsd.org. I don't know whether something like that still exists, but if it does, it'd be nice to get access to the tarball that matches the SHA sum this port uses. Otherwise, given the attached patch looks very safe, and the fact the source code being used by Fedora hasn't changed in so many years (and current Debian, for that matter), I'd say it'd be safe just to update the SHA sum to what's on the website, and re-enable the port. Ok, I located a copy of the dirvish-1.2.1.tgz from the FreeBSD distfiles (I found it cached on an old server. There are two differences between the version on the website and the old one in the distfiles: 1. A one line change to the dirvish.conf(5) man page. 2. The distfiles tarball has all the files in the root. The website version has them in a subdirectory (dirvish-1.2.1) Here's a copy and paste of this: nathanr@nathanr:~/tmp$ sha256sum freebsd-ports-dirvish-1.2.1.tgz dirvish-1.2.1.tgz 75bf0b1b42c6ecf6e133202550b2c65e914e9b22a540da31ba44cc652e6d3e2a freebsd-ports-dirvish-1.2.1.tgz 6b7f29c3541448db3d317607bda3eb9bac9fb3c51f970611ffe27e9d63507dcd dirvish-1.2.1.tgz nathanr@nathanr:~/tmp$ tar -xzf dirvish-1.2.1.tgz nathanr@nathanr:~/tmp$ mv dirvish-1.2.1 dirvish-website nathanr@nathanr:~/tmp$ mkdir dirvish-freebsd-ports nathanr@nathanr:~/tmp$ cd dirvish-freebsd-ports/ nathanr@nathanr:~/tmp/dirvish-freebsd-ports$ tar -xzf ../freebsd-ports-dirvish-1.2.1.tgz nathanr@nathanr:~/tmp/dirvish-freebsd-ports$ cd .. nathanr@nathanr:~/tmp$ diff -urN dirvish-freebsd-ports dirvish-website diff -urN dirvish-freebsd-ports/dirvish.conf.5 dirvish-website/dirvish.conf.5 --- dirvish-freebsd-ports/dirvish.conf.5 2008-03-26 02:35:43.000000000 +1100 +++ dirvish-website/dirvish.conf.5 2012-01-07 14:26:00.000000000 +1100 @@ -786,7 +786,7 @@ .ta +.5i +36m wd { sun } +3 months wd { sun } md { 1\-7 } +1 year - wd { 1 } md { 1\-7 } mo { 1,4,7,10 } never + wd { 1 } md { 1\-7 } mo { 1 4 7 10 } never hr { 10\-20 } +10 days .ft R .fi nathanr@nathanr:~/tmp$ Created attachment 210880 [details]
Updated checksum and Makefile
Updates to the Makefile:
- The distribution now untars into a subdirectory.
- Remove the BROKEN flag
Updates to distinfo:
- New checksum.
See my previous comment in this bug showing a diff between the contents of the previous FreeBSD distfiles tarball and the new one published on the website. The differences are safe and immaterial.
I believe this patch is safe to apply.
@Antoine - could you please review the attached patch. If you read through my comments on this bug, it's safe to update the SHA sum and re-enable the port. I've done the work to show that the differences between the old and new tarballs (which have the same name) are safe. OK this has gone on *way* too long. Here's what I've discovered: tar tvf freebsd-copy/dirvish-1.2.1.tgz dirvish-copy/dirvish-1.2.1.tgz freebsd-copy -rw-rw-r-- 0 keithl keithl 39118 Mar 25 2008 CHANGELOG -rw-rw-r-- 0 keithl keithl 9910 Mar 25 2008 COPYING -rw-rw-r-- 0 keithl keithl 8140 Mar 25 2008 dirvish.8 -rw-rw-r-- 0 keithl keithl 21480 Mar 25 2008 dirvish.conf.5 -rw-rw-r-- 0 keithl keithl 3387 Mar 25 2008 dirvish-expire.8 -rw-rw-r-- 0 keithl keithl 5656 Mar 25 2008 dirvish-expire.pl -rw-rw-r-- 0 keithl keithl 3060 Mar 25 2008 dirvish-locate.8 -rw-rw-r-- 0 keithl keithl 5413 Mar 25 2008 dirvish-locate.pl -rw-rw-r-- 0 keithl keithl 23385 Mar 25 2008 dirvish.pl -rw-rw-r-- 0 keithl keithl 2350 Mar 25 2008 dirvish-runall.8 -rw-rw-r-- 0 keithl keithl 3084 Mar 25 2008 dirvish-runall.pl -rw-rw-r-- 0 keithl keithl 21481 Mar 25 2008 FAQ.html -rw-rw-r-- 0 keithl keithl 3426 Mar 25 2008 INSTALL -rwxrwxr-x 0 keithl keithl 3894 Mar 25 2008 install.sh -rw-rw-r-- 0 keithl keithl 5038 Mar 25 2008 loadconfig.pl -rw-rw-r-- 0 keithl keithl 1059 Mar 25 2008 RELEASE.html -rw-rw-r-- 0 keithl keithl 6897 Mar 25 2008 TODO.html dirvish-copy drwxr-xr-x 0 root root 0 Jan 6 2012 dirvish-1.2.1/ -rw-rw-r-- 0 postgrey postgrey 23385 Mar 25 2008 dirvish-1.2.1/dirvish.pl -rw-rw-r-- 0 postgrey postgrey 3426 Mar 25 2008 dirvish-1.2.1/INSTALL -rw-rw-r-- 0 postgrey postgrey 3387 Mar 25 2008 dirvish-1.2.1/dirvish-expire.8 -rw-rw-r-- 0 postgrey postgrey 5038 Mar 25 2008 dirvish-1.2.1/loadconfig.pl -rw-rw-r-- 0 postgrey postgrey 5413 Mar 25 2008 dirvish-1.2.1/dirvish-locate.pl -rw-rw-r-- 0 postgrey postgrey 8140 Mar 25 2008 dirvish-1.2.1/dirvish.8 -rw-rw-r-- 0 postgrey postgrey 3084 Mar 25 2008 dirvish-1.2.1/dirvish-runall.pl -rw-rw-r-- 0 postgrey postgrey 21481 Mar 25 2008 dirvish-1.2.1/FAQ.html -rw-rw-r-- 0 postgrey postgrey 39118 Mar 25 2008 dirvish-1.2.1/CHANGELOG -rw-rw-r-- 0 postgrey postgrey 9910 Mar 25 2008 dirvish-1.2.1/COPYING -rw-rw-r-- 0 postgrey postgrey 6897 Mar 25 2008 dirvish-1.2.1/TODO.html -rw-rw-r-- 0 postgrey postgrey 5656 Mar 25 2008 dirvish-1.2.1/dirvish-expire.pl -rw-rw-r-- 0 postgrey postgrey 2350 Mar 25 2008 dirvish-1.2.1/dirvish-runall.8 -rw-rw-r-- 0 postgrey postgrey 1059 Mar 25 2008 dirvish-1.2.1/RELEASE.html -rw-rw-r-- 0 postgrey postgrey 21480 Jan 6 2012 dirvish-1.2.1/dirvish.conf.5 -rw-rw-r-- 0 postgrey postgrey 3060 Mar 25 2008 dirvish-1.2.1/dirvish-locate.8 -rwxrwxr-x 0 postgrey postgrey 3894 Mar 25 2008 dirvish-1.2.1/install.sh As we can see. There are only 2 differences 1) the copy from dirvish.org adds the dirvish-1.2.1 directory 2) dirvish.conf.5 was changed on 2012-01-06 OK, 3; the group and owner are different. Lets see what's different about dirvish.conf.5 --- freebsd-copy/dirvish.conf.5 2008-03-25 08:35:43.000000000 -0700 +++ dirvish-copy/dirvish-1.2.1/dirvish.conf.5 2012-01-06 19:26:00.000000000 -0800 @@ -786,7 +786,7 @@ .ta +.5i +36m wd { sun } +3 months wd { sun } md { 1\-7 } +1 year - wd { 1 } md { 1\-7 } mo { 1,4,7,10 } never + wd { 1 } md { 1\-7 } mo { 1 4 7 10 } never hr { 10\-20 } +10 days .ft R .fi CLEARLY the difference in the official copy from dirvish.org won't be injecting any virii, or backdoor. It only affects (corrects) the dirvish.conf(5) man(1) page. The proposed svn diff provided by Nathan tested fine on my 12 && 13 amd64 boxes. Given that this port is on the chopping block. Can we *please* commit Nathan work? :) Thanks! --Chris A commit references this bug: Author: rene Date: Wed May 20 18:24:25 UTC 2020 New revision: 536009 URL: https://svnweb.freebsd.org/changeset/ports/536009 Log: sysutils/dirvish: update distinfo and unexpire, verified by submitter. PR: 243309 Submitted by: Nathan Robertson MFH: 2020Q2 Changes: head/sysutils/dirvish/Makefile head/sysutils/dirvish/distinfo A commit references this bug: Author: rene Date: Fri May 22 19:46:59 UTC 2020 New revision: 536239 URL: https://svnweb.freebsd.org/changeset/ports/536239 Log: MFH: r536009 sysutils/dirvish: update distinfo and unexpire, verified by submitter. PR: 243309 Submitted by: Nathan Robertson Approved by: ports-secteam (joneum) Changes: _U branches/2020Q2/ branches/2020Q2/sysutils/dirvish/Makefile branches/2020Q2/sysutils/dirvish/distinfo |
Created attachment 210681 [details] Remove the BROKEN unfetchable line from the sysutils/dirvish Makefile r516897 updated sysutils/dirvish/Makefile on line 13 to: BROKEN= unfetchable The source is fetchable, and I've commented out that line and tested it, and dirvish installs fine on my machine.