New Package BLD - Request for Review
Michael Schwendt
bugs.michael at gmx.net
Wed Jul 27 03:54:40 UTC 2005
On Tue, 26 Jul 2005 13:25:15 -0400, David Cary Hart wrote:
> I fixed the spelling error and a few other minor issues detected by
> lint. I'm also wondering if I should have the install create yas (yet
> another service).
>
> Anyway, the source rpm is at:
> ftp://ftp.tqmcube.com/pub/bld-0.3.3-1.src.rpm
$ rpmlint bld-0.3.3-1.src.rpm
W: bld non-standard-group mail
Suggest "Group: System Environment/Daemons".
> bld-0.3.3-Makefile.in.patch
The patch should delete the execution of "strip", since stripping the
binaries makes rpmbuild's automatic debuginfo packages useless.
> http://www.online.redhate.org/bld/
:) Don't remember having noticed that domain before.
* Package %description is indented in a strange way.
> %doc %_mandir/man5/*
> %doc %_mandir/man8/*
%doc is redundant here. %_mandir is one if the directories which is
marked as %doc implicitly.
The directory /var/run/bld is not included in the package. (also see
further below)
The Perl-based scripts in /usr/sbin could be split off into a
sub-package ("bld-tools"?) as to avoid the dependency on big "perl".
A bigger issue is: I believe the daemon should not run as "root", but include
an initscript which runs the daemon from within an unprivileged account.
The same account would also own the directory /var/run/bld. The README
says:
As of now, it is highly recommended to USE IT IN A SAFE ENVIRONMENT:
access control is based on clients IP addresses. This is why,
by default, BLD binds to localhost and should not accept requests
from a machine where non-trusted users can be logged in or establish
network connections to via other means (PHP for example).
Such a requirement is too weak for a package-based distribution like
Fedora Extras, IMO.
More information about the fedora-extras-list
mailing list