[Availability]
The package v4l2-relayd builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64 arm64 amrhf ppc64el riscv64 s390x
Link to package https://launchpad.net/ubuntu/+source/v4l2-relayd/0.1.2-0ubuntu1
[Rationale]
- Additional reasons: This will be used to enable Intel MIPI camera by LP: #1958108.
[Security]
- No CVEs/security issues in this software in the past
- no `suid` or `sgid` binaries
- Package does install services, timers or recurring jobs
v4l2-relayd.service
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
(filters, scanners, plugins, UI skins, ...)
[Quality assurance - function/usage]
- The package works well right after install but you need to reboot the system to load v4l2loopback kernel module
[Quality assurance - maintenance]
- The package didn't appear in Debian before because it needs the patched v4l2loopback-dkms that is not existing in Debian yet.
[Quality assurance - testing]
- The package does not run a test suite at build time because it needs to work with the patched v4l2loopback-dkms.
- The package does not run an autopkgtest because it needs to load the patched v4l2loopback kernel module.
- This package is minimal and will be tested in a more wide reaching
solution context of LP: #1958108, details about this testing are here using Firefox to visit https://webrtc.github.io/samples/src/content/getusermedia/gum/ to check the virtual camera.
[Quality assurance - packaging]
- debian/watch is present and works
- This package does not yield massive lintian Warnings, Errors
- $ # lintian --pedantic
W: v4l2-relayd: no-manual-page usr/bin/v4l2-relayd
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will not be installed by default
- Packaging and build is easy, link to d/rules https://git.launchpad.net/~fourdollars/+git/v4l2-relayd/tree/debian/rules
[UI standards]
- Application is not end-user facing (does not need translation)
- End-user applications without desktop file, not needed because it is to set up a virtual camera in the kernel space.
[Dependencies]
- v4l2-relayd depends on v4l2loopback-dkms in universe, but linux-image-5.15.0-17-generic in main also provides v4l2loopback-dkms
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be canonical-mainstream
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
[Background information]
The Package description explains the package well
Upstream Name is v4l2-relayd
Link to upstream project https://launchpad.net/v4l2-relayd
Review for Package: src: v4l2-relayd
[Summary]
We have a very new application (and package) here that can be used to capture
video of MIPI cameras and transform/relay it into a standard v4l2 format, so it
can be used by the usual desktop applications.
Thank you for preparing the packaging and getting it into universe already!
I think there is a bit of work to do in order to get this package in shape to
fulfill the quality criteria required in main with a focus on 3 primary topics:
+ Dependencies to be MIRed
+ Security hardening
+ Testing
MIR team ACK under the constraint to resolve the below listed
required TODOs and as much as possible having a look at the
recommended TODOs.
This does not need a security review
List of specific binary packages to be promoted to main: 4vl2-relayd
Specific binary packages built, but NOT to be promoted to main: <None>
Notes:
- Please improve the rationale a bit, is there any other way you tried enabling
those MIPI cameras with tools that are already available?
- This is looking good security wise (except the daemon being run as root
without any systemd service hardening). I expect we do not need security
review, if we improve the systemd service security a bit.
Required TODOs:
- The v4l2loopback-dkms dependency needs to be MIRed, too – NO linux-image-
- The daemon is run as root. Its systemd service should use hardening features.
See below and http://
security concerns.
- In addition to basic automatic testing, the manual test-plan/script should be
improved to show individual steps (for setup & running of the test) and
expected outcome (see below)
- Consider dropping the Ubuntu delta, or explain why it is needed (see below)
- Fix certain lintian hints (see below):
+ v4l2-relayd: systemd-
+ v4l2-relayd source: quilt-patch-
+ v4l2-relayd: no-manual-page
Recommended TODOs:
- The package should get a team bug subscriber before being promoted
- the testing situation should be improved either during build or at autopkgtest
stage (loading of the v4l2loopback-dkms kernel module shouldn't be a blocker
inside autopkgtest's qemu environments).
- Provide basic upstream documentation (README.md)
- The current maintainer/uploader could consider applying for PPU to avoid
sponsored maintenance
[Duplication]
There is no other package in main providing the same functionality.
I found uv4l/mjpegstream, which seems to provide similar functionality,
but that is not currently packaged in Ubuntu.
https:/
[Dependencies]
OK:
- no -dev/-debug/-doc packages that need exclusion
- No dependencies in main that are only superficially tested requiring
more tests now.
Problems:
- depends on v4l2loopback-dkms (in universe)
[Embedded sources and static linking]
OK:
- no embedded source present
- no static linking
- does not have odd Built-Using entries
- not a go package, no extra constraints to consider in that regard
Problems: None
[Security]
OK:
- hist...