[Bug 473972] Review Request: nufw - Authentication Firewall Suite for Linux

bugzilla at redhat.com bugzilla at redhat.com
Thu Dec 11 17:57:58 UTC 2008 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=473972





--- Comment #8 from Dan Horák <dan at danny.cz>  2008-12-11 12:57:57 EDT ---
Please update release for every published iteration of the spec file (assuming
the upstream version is still the same, new version starts with release 1) and
put the description changes made into the ChangeLog section. It makes easier
for the reviewer to track the changes.

The submitter should run rpmlint on its packages. The output of rpmlint run on
all rpms (source + binary) is here:

libnuclient.x86_64: W: no-documentation
- can be ignored

libnuclient.x86_64: E: library-without-ldconfig-postin
/usr/lib64/libnuclient.so.3.0.0
libnuclient.x86_64: E: library-without-ldconfig-postun
/usr/lib64/libnuclient.so.3.0.0
- the ldconfig calls are now attached to the main package, but they must exist
for the libnuclient subpackage

libnuclient.x86_64: E: useless-provides libnuclient
- no need to manually provide "libnuclient"

libnuclient.x86_64: W: shared-lib-calls-exit /usr/lib64/libnuclient.so.3.0.0
exit at GLIBC_2.2.5
- should not be an issue, but a statement or explanation (e.g. from upstream)
would be nice
rpmlint has a hint:
"This library package calls exit() or _exit(), probably in a non-fork()
context. Doing so from a library is strongly discouraged - when a library
function calls exit(), it prevents the calling program from handling the
error, reporting it to the user, closing files properly, and cleaning up any
state that the program has. It is preferred for the library to return an
actual error code and let the calling program decide how to handle the
situation."

libnuclient-devel.x86_64: E: useless-provides libnuclient-devel
- no need to manually provide "libnuclient-devel"

nufw.src: W: strange-permission setup-python_nufw.py 0755
- can be ignored

nufw.x86_64: W: file-not-utf8 /usr/share/doc/nufw-2.2.20/acls
- non-ASCII content must re-encoded in UTF-8
- see
http://cvs.fedoraproject.org/viewvc/rpms/ultimatestunts/devel/ultimatestunts.spec?revision=1.5&view=markup
for an example

nufw.x86_64: E: executable-marked-as-config-file /etc/rc.d/init.d/nufw
- initscript must not be marked as %config

nufw.x86_64: W: service-default-enabled /etc/rc.d/init.d/nufw
- only the most important system service can be enabled by default
- you can find all about initscripts at
https://fedoraproject.org/wiki/Packaging/SysVInitScript

nufw.x86_64: W: incoherent-subsys /etc/rc.d/init.d/nufw $prog
- no problem
nufw.x86_64: W: service-default-enabled /etc/rc.d/init.d/nufw
- see above

nufw-nuauth.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/nuauth/modules/libxml_defs.so
nufw-nuauth.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/nuauth/modules/libsession_expire.so
nufw-nuauth.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/nuauth/modules/libsession_authtype.so
- there are still 3 modules that are not using -avoid-version
- all patched should be sent to upstream and a notice should be present in the
the spec
(https://fedoraproject.org/wiki/Packaging/Guidelines#All_patches_should_have_an_upstream_bug_link_or_comment)

nufw-nuauth.x86_64: W: dangerous-command-in-%postun userdel
- it is not allowed to delete the user
(https://fedoraproject.org/wiki/Packaging/UsersAndGroups)

nufw-nuauth.x86_64: E: executable-marked-as-config-file /etc/rc.d/init.d/nuauth
nufw-nuauth.x86_64: W: service-default-enabled /etc/rc.d/init.d/nuauth
nufw-nuauth.x86_64: W: incoherent-subsys /etc/rc.d/init.d/nuauth $prog
nufw-nuauth.x86_64: W: service-default-enabled /etc/rc.d/init.d/nuauth
nufw-nuauth.x86_64: W: incoherent-init-script-name nuauth
- see above (nufw)

nufw-nuauth-log-prelude.x86_64: W: no-documentation
- can be ignored

nufw-nutcpc.x86_64: W: non-standard-group Networking/Other
- perhaps forgotten from previous update, I suggest Applications/Internet

nufw-nutcpc.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/nutcpc
['/usr/lib64']
pam_nufw.x86_64: E: binary-or-shlib-defines-rpath /lib64/security/pam_nufw.so
['/usr/lib64']
- there are few tricks, how to block rpath - see
https://fedoraproject.org/wiki/Packaging/Guidelines#Beware_of_Rpath
- but because rpath affect only these 2 files, it can be a little bug in the
makefiles (explicit using of -rpath), so it could be patched

nufw-utils.x86_64: E: wrong-script-end-of-line-encoding /usr/bin/nutop
- can be fixed with "dos2unix --keepdate $the_file", do not forget to add
dos2unix as BuildRequires
- see above in the non-utf-content

python-nufw.x86_64: W: no-documentation
- can be ignored

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the Fedora-package-review mailing list