From Fedora Project Wiki

< Join the package collection maintainers

Revision as of 12:50, 18 May 2013 by Zerng07 (talk | contribs) (在 Bodhi 提交軟體包更新)




Join OSDeveloper.png
OS 開發者

如何成為 Fedora 軟體包集合的維護者?

哦,你已決定要成為一位 Fedora 專案中的軟體包維護者?那麼本篇指引會帶你走過第一次提交軟體包的流程。


成為一位 Fedora 軟體包集合的維護者


若你還不知道如何建立 RPM 軟體包,請參考 How_to_create_a_GNU_Hello_RPM_package 教程,或是另一份更深入且有更多細節的 how to create an RPM package

請閱讀 打包規約 軟體包命名規約

你需要對這些規約仔細且澈底的熟悉,因為所有的軟體包都受這些規約規範。如果你有任何問題,請在 Fedora Packaging 郵遞清單上詢問。

建立 Bugzilla 帳號

請先確認你有 Red Hat Bugzilla 的帳號。

你在 bugzilla 帳號中使用的電子郵件位址應該要和你在 Fedora Account System 中使用的相同,而且任何與 Fedora 打包相關的事務都應該使用同個帳號。

如果你已經有 電子郵件位址,請不要使用它!
你不應該在 Bugzilla 中使用你的 電子郵件。如果你用了該帳號,一旦得到他人的支助後便無法取得你的 bugzilla 特別權限。如果你真的很想使用你的 郵件位址,你大概得向 Fedora Infrastructure Ticket System 提出申請,請管理員手動用設定凌駕與你 Fedora 帳號連結的 bugzilla 電子信箱。

建立 Fedora 帳號

Fedora Account System 中建立帳號 (這「不是」bugzilla 帳號)

  1. 請先造訪帳號系統主頁:
  2. 點按「New account」,並填入對應資料。注意,你給的電子郵件應該要與 bugzilla 上申請的郵件相同。這樣系統才可以將相關權力在兩帳號之間相互連接起來。
  3. 在你建立帳號之後,請確認有簽署 CLA (若您點按右上方的「My Account」連結,應該可以看到 CLA: CLA Done)。CLA 是 Contributors License Agreement,代表你身為一位貢獻者,對於本專案相關授權協議同意之書。
  4. 你也需要上傳一份公開的 RSA SSH 金鑰。你需要使用相對應的私人金鑰以透過 SSH 存取 Fedora 機器。你可以前往 此處 閱讀其他相關資料。


你必須訂閱 fedora devel-announce 郵遞清單。這是個低流量的郵遞清單,僅供發布消息之用,重要的開發資訊都會張貼到這裡。

你可以訂閱 fedora devel 郵遞清單,Fedora 的主要開發討論都在這裡。這是高流量的郵遞清單。

你可以考慮訂閱 package-announce 郵遞清單 -- 本郵遞清單提供 Fedora 軟體庫中任何軟體包相關的所有提交通知。這是超高流量的郵遞清單。當你是軟體包的維護者 (或共同維護者) 時,若有提交動作,Fedora 軟體包資料庫便會寄送郵件給你。

另一個你可以考慮 (至少看看過去的封存內容) 的郵遞清單是 packaging。這是 Fedora 打包委員會 的郵遞清單,他們訂立了 Fedora 專案的官方打包規約。


請注意,除了提交新軟體包的方式之外,還可以藉由其他方式獲得打包者群組的支助。請看看 如何取得支助 了解更多相關資訊。

你打算提交的軟體包必須是 Fedora 中尚未打包的任何自由與開源軟體專案。在你建立出軟體包之前,請確認該軟體是否真的不在軟體庫中,又或者其實已經進到等候校閱的階段但尚未發布而已。


Fedora 納入的軟體組件都需要勤於維護,至於臭蟲,尤其是安全性議題相關的臭蟲更需要即時修正。身為一位 Fedora 軟體包維護員,你的首要 責任 就是確保上述事情能確實施行。我們鼓勵你找一些 共同維護員 來維護軟體包,並透過開發用郵遞清單適時尋求幫助。



達成此事的方式之機就是參與 package-review 郵遞論壇;所有的 Fedora 軟體包校閱評註都會一併寄送到此 (從你的角度來看應該是唯讀) 清單。

安裝客戶端工具 (Koji) 並設置你的憑證

若要為 Fedora Collection (Fedora 軟體集) 或是為 Fedora 建置系統中的 EPEL 建置軟體包,你需要採用 Koji

Package-x-generic-16.pngfedora-packager 軟體包提供一些可幫助你設置好 fedora 上相關打包工作的工具;它會幫你帶入一般打包所需的每樣必備工具。請以 root 身份執行下列指令:

yum install fedora-packager

After installation run the following as your user (not root) to setup your certificates and koji client configuration:

Certificate Expiration
The certificate this generates will expire after 6 months. Then you have to request another one by re-running fedora-packager-setup. Also every time you request a new certificate, the old one is invalidated and cannot be used anymore.

You can now use "koji" to try to build your RPM packages in the Fedora build system, even on platforms or Fedora versions you don't have. Note that you can (and definitely should) test out builds ("scratch" builds) even before your package has been approved and you have been sponsored. A simple way to do a scratch build using koji is to do this at the command line:

koji build --scratch TARGET path_to_source_RPM


  • TARGET is a distribution keyword such as f17 (for Fedora 17). You can run "koji list-targets" to see all targets. To build for the next release (rawhide), don't use "dist-rawhide" - use "fX" where X is one more than the latest stable or branched release.
  • Note that you need to supply the path to the source RPM (which ends in .src.rpm), and not a URL. (If you only have the spec file, use rpmbuild --nodeps -bs SPECFILE to create the new source RPM).

Your koji builds can only depend on packages that are actually in the TARGET distribution repository. Thus, you can't use koji to build for released distributions if your package depends on other new packages that Bodhi hasn't released yet. You can use koji to build for rawhide (the next unreleased version), even if it depends on other new packages, as long as the other packages were built for the "rawhide" as described below. If you need to build against a package that is not yet a stable released update, you can file a ticket with rel-eng at: and request that that package be added as a buildroot override. For packages in EPEL, you have to use the component epel to get the request to the right persons.

You can learn more about koji via:

koji --help            # General help
koji --help-commands   # list of koji commands
koji COMMAND --help    # help on command COMMAND

Using the Koji build system has more information about using Koji.



Upload your SRPM and SPEC files onto the Internet somewhere so that others can retrieve them. This can be anywhere accessible by a URL, but it is important that the files be directly accessible, not hidden behind some service that makes people wait to download things or redirects through advertising pages. If you are in at least one project group then you can use your storage at for this. If you have not done anything with your account besides set it up and sign the CLA then you can request sufficient access to use fedorapeople space by visiting the sponsors trac instance and filing a ticket in the "Initial package hosting request" component.


Fill out this form:

  • Before submitting your request, be sure there’s not a previous request for the same package. There is a convenient search box on the package review status page.
  • Make sure that you put the name of the package (excluding version and release numbers) in the 'Review Summary' field, along with a very brief summary of what the package is.
  • Put a description of your package (usually, this can be the same thing as what you put in the spec %description) in the 'Review Description' field. Include the URLs to your SRPM and SPEC files.
  • Explain in the ticket that this is your first package and you need a sponsor. Also include any information that may help prospective sponsors. If you've been active in other review work, include links. If you're the upstream maintainer, be sure to say so.
  • For bonus points, include a link to a successful koji build so that everyone knows you did all of your homework.
Make sure that you mention in the 'Review Description' field that this is your first package, and you are seeking a sponsor. In Fedora Package Collection, all new contributors must be sponsored. Some potential sponsors will look at the FE-NEEDSPONSOR bug in bugzilla to find packages to review. You can add your package to this list by editing your review request bug and adding FE-NEEDSPONSOR in the 'Bug xyz blocks' field (where xyz is the bug number for your review request).

The review process is described in detail on the Package Review Process page.


Fedora as a project prefers to stay close to upstream. Inform the developers that you are packaging the software. You can do that by sending them an email introducing yourself and pointing out the review request. This sets up the stage for future conversations. They will usually advertise the fact that their software is now part of Fedora or might want to inform you of important bugs in the existing release, future roadmaps etc.


When a new package maintainer joins the Fedora Project, we request that he/she introduces themselves on the Fedora Devel mailing list. To sign up for the list, visit the devel list's signup page . The primary purpose of this is to begin the process of building trust by learning about the package maintainer and increase the chances of your review request being processed sooner.

The purpose of all this is to break anonymity and foster real-world community within the project. You are under no obligation to reveal personal secrets. The objective is to establish a level of trust with yourself and the other members of the project.

Subject: Self Introduction

Body: Add any information you believe is applicable including past experience, a link to the review request you have filed and a brief description of yourself. You can also post your GPG key information if you want to.


關注你第一個軟體包的 Bugzilla 回報。你應該會透過電子郵件收到通知。修正任何檢閱者指出的發行阻擋議題 (blocker,即未經修正則不應發行的阻擋關卡)。


When the package is APPROVED by the reviewer, you must separately obtain member sponsorship in order to check in and build your package. Sponsorship is not automatic and may require that you further participate in other ways in order to demonstrate your understanding of the packaging guidelines. Key to becoming sponsored is to convince an existing sponsor-level member that you understand and follow the project's guidelines and processes.

See how to get sponsored into the packager group for more information on the process of becoming sponsored.

Review and approval for the first package for new packagers must be done by registered sponsors. Subsequent reviews can be done by any package maintainer. Informal reviews can always be done by anyone interested.

Your sponsor can add you to the packager group. You should receive email confirmation of your sponsorship.

將軟體包加入源碼管理 (SCM, Source Code Management) 系統中並設定擁有者

If you are becoming a maintainer for a new package, instead of being a co-maintainer, follow Package SCM admin requests to get a module for your new package and branches for recent releases.

This will be used to set up the proper records in the owners database, which is used for access to build the package, bugzilla population, and other features. This step creates a module in the repository your new package, with branches for each requested distribution.


You could check out your module now, but before doing that, consider doing "mkdir ~/fedora-scm ; cd ~/fedora-scm" - that way, all your files are inside that. Also, run ssh-add, so that you won't have to keep typing in your key password.

Running ssh-add before doing any SCM operations is a very good idea. It will save you from having to type your key password for every operation. You only have to run ssh-add once per session, it will remember it until you log out or reboot. If "ssh-add" reports "Could not open a connection to your authentication agent.", start a new shell under it using "exec ssh-agent bash".

Now you are ready to checkout your module from the SCM:

 fedpkg clone <packagename>

Where <packagename> should be replaced with the name of your package.

Stop (medium size).png
If this step fails, be sure your private ssh key (~/.ssh/id_rsa) mode is set to 0400. You might have to wait for up to an hour after your request for a new git module has been approved to get write access. Make sure your public key is the same as in the Fedora Accounts System (FAS). Key propagation may take an hour or so after uploading into FAS
Note that fedpkg does not set the user config for your new git repo automatically. Make sure to have these set globally or locally in your new repo before you do your first commit (see Configure your global git settings).
Note: If you are not a member of the fedora packager group, you will receive a "permission denied" error. Use the -a flag to clone anonymously.


請參考 Using_Mock_to_test_package_builds 以及 Using_the_Koji_build_system#Scratch_Builds 瞭解更多測試軟體包的相關資訊。Mock 使用的是你的本地端系統,而 Koji 命令列工具則使用 Fedora 建置系統伺服器。


Now that you've checked out your (empty) package module with fedpkg, cd into the module's master branch:

cd <packagename>

Run fedpkg to import the contents of the SRPM into the SCM:

fedpkg import PATH_TO_SRPM
# Review Changes, press 'q' to stop; Revert with: git reset --hard HEAD
git commit -m "Initial import (#XXXXXX)."
git push
fedpkg build

Obviously, replace PATH_TO_SRPM with the full path (not URL) to your approved SRPM, and XXXXXX with the package review bug number.

This imports into, commits, and builds only the master (rawhide) branch.

If the commit fails with this kind of message:

W access for why DENIED to YOUR_ACCOUNT
fatal: The remote end hung up unexpectedly
Could not push: Command '['git', 'push']' returned non-zero exit status 128

Then you don't have the necessary rights to modify that package branch; view to request those rights.

更新你的分支 (如果想要的話)

Branches are f# (formerly F-# and before that FC-#), master, etc. So f28 is the branch for Fedora 28.

To switch to a branch first:

fedpkg switch-branch BRANCH (e.g. f28)

Merge the initial commit from master, creating an identical commit in the branch:

git merge master

Push the changes to the server:

git push

Build the package:

fedpkg build

If there is another branch to work with repeat "To switch to a branch" and import and commit to each branch

Be sure that you build for rawhide (master) branch before pushing updates for any other branches! Otherwise, those updates will get inherited into rawhide, which is almost certainly not what you want.
Sync to buildsys is an hourly thing. So, sometimes you might have to wait for an hour to get access of the build server to give "fedpkg build"

If everything goes well, it should queue up your branch for building, the package will cleanly build, and you're done!

If it fails to build, the build system will send you an email to report the failure and show you to the logs. Commit any needed changes to git, bump the SPEC release number, and request a new build.

用 Bodhi 提交軟體包更新

Fedora 更新系統稱為 Bodhi (即中文之菩提),用於推送更新、分類軟體包等。 請不要透過 bodhi 提交「master」版的 (即 rawhide 版) 軟體包。

你可以透過下列指令使用 Bodhi 來推送任何 branch 分支中的更新:

 fedpkg update

You can also use "bodhi" command directly as described in the Bodhi Instruction.

You can also use the Web interface for Bodhi to request enhancement updates for each released Fedora you are bringing a new package to.

The first field asks for the name of the "Package". This field will auto-complete the package name found in the Koji build system, e.g. <package-name>-<version>-<release>.fc28. If completion doesn't work, just enter the package build name yourself.

For new packages, choose "newpackage" as the "type" of update.

Put the "Request" as "testing" if you want to put the package through testing first, see Fedora Quality Assurance . Put "stable" if you want to push the package directly to stable.

For new packages, put the bug number of the package's Review Request in the "Bugs" field blank. Bodhi will automatically close it as NEXTRELEASE when it gets pushed to the requested update status.

For new packages, add a copy of the package's description in the "Notes" section, so end users will know what the package is.

Here is the Bodhi Instruction.

After you have submitted an upgrade through bodhi, your package is placed in a queue. Periodically, an administrator will check the queue and push all of the packages into the appropriate repositories.


如果軟體包適當,讓它列在「comps」檔案中,這樣一來就可以在安裝時選擇該軟體包,而且也可納入 yum 的軟體包群組操作中。請見 How to use and edit comps.xml for package groups 以瞭解更多資訊。


Fedora 有可用的基礎設施可監控你打包的軟體是否有新的上游發行版本。請參考 上游發行監控 瞭解更多細節資訊。若要學習如何處理更新,請閱讀 軟體包更新指南


我們了解這套流程有時可能讓你如入五里霧中,但我們總試著讓情況變得更好。如果你遇到任何問題,或是有任何疑問,請不要遲疑前往 devel 郵遞清單發問,或是上 的 #fedora-devel[?] 頻道上討論。

Fedora Mentors Project 中有許多願意幫助新手打包的導師。請查看 Mentors 頁面了解更多相關資訊。

也請見 Using_git_FAQ_for_package_maintainers

若你已是維護者且還想要製作新的軟體包推入 Fedora 軟體包集合

若你已有維護 Fedora 的軟體包,並且想要維護新的一個,請遵循 既有貢獻者的新軟體包流程