[Bug 219972] Review Request: poker-network - A poker server, client and abstract user interface library
bugzilla at redhat.com
bugzilla at redhat.com
Wed Jan 24 22:22:01 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: poker-network - A poker server, client and abstract user interface library
Alias: poker-network
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219972
------- Additional Comments From chris.stone at gmail.com 2007-01-24 17:21 EST -------
> MUSTFIX
> =======
> * Upstream bug #1454 that will allow this to be a noarch package.
Should be fixed.
> * Create a 'poker' user for running the server for better security
I used user "games" instead.
> * /usr/share/doc/poker-network-1.0.33/NIHPHOBIA is cute, but not really
> necessary, is it?
Removed.
> * Don't use %{version} in the patch filenames. The version in a patch
> filename is supposed to reflect the package version when the patch
> was first introduced, not the current package version.
Fixed.
>
> SHOULD
> ======
> * Add selinux policies to poker-server for better security
Need help from you on this.
> * Patch tests/Makefile.in and configure in poker-network-1.0.33-config.patch
> so that you don't have to call 'autoreconf' during %build. Hopefully
> upstream will adopt this patch in a new release so that it becomes a
> moot point.
They will, not sure it's worth the effort since the patch will be in the next
release.
> * Use %{_initrddir} instead of %{_sysconfdir}/init.d
Done.
> * Use double quotes around the sed regsub pattern to avoid potential
> problems if %{python_sitelib} were to ever contain a space.
There already are double quotes around this path in the init file.
>
> NOTES and Questions
> ===================
> * poker-network and poker2d (BZ #222612) use the same upstream source
> tarball, but different spec files. My understanding is that this is
> so that poker-network can be marked as 'noarch', while poker2d will contain
> arch-specific bits. As far as I am aware, there are no problems
> using the same source file for two different spec files, aside from
> duplication in the resulting srpm.
No, the packages are seperated because they need to use different %configure
options. The fact that it allows us to make one package noarch is a beneficial
side-effect.
> * Why does the package contain a x509 certificate for 'webmaster at localhost'?
>
09:38:57 XulChris | dachary: reviewer wants to know: "Why does the package
contain a x509 certificate for 'webmaster at localhost'?"
09:38:57 dachary | :-)
09:39:12 dachary | for the SSL conx to the poker server
09:39:46 XulChris | dachary: i dont know anything about x509 certificates,
but what if you dont have a webmaster user name or use "localhost"?
09:40:12 dachary | it's a self signed certificate
09:40:21 dachary | the email does not matter much
09:40:33 XulChris | so its nothing i have to generate at build time then?
09:40:41 dachary | it's a place holder that must be replaced if you're
serious about security
09:40:47 dachary | no
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list