[Bug 226214] Merge Review: openldap
bugzilla at redhat.com
bugzilla at redhat.com
Wed Jan 23 20:46:20 UTC 2008
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Merge Review: openldap
https://bugzilla.redhat.com/show_bug.cgi?id=226214
limb at jcomserv.net changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|nobody at fedoraproject.org |limb at jcomserv.net
Status|NEW |ASSIGNED
Flag| |fedora-review?
------- Additional Comments From limb at jcomserv.net 2008-01-23 15:46 EST -------
rpmlint on SRPM:
openldap.src:351: E: use-of-RPM_SOURCE_DIR
You use $RPM_SOURCE_DIR or %{_sourcedir} in your spec file. If you have to
use a directory for building, use $RPM_BUILD_ROOT instead.
openldap.src:750: W: macro-in-%changelog _sbindir
Macros are expanded in %changelog too, which can in unfortunate cases lead
to the package not building at all, or other subtle unexpected conditions that
affect the build. Even when that doesn't happen, the expansion results in
possibly "rewriting history" on subsequent package revisions and generally
odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros
in %changelog altogether, or use two '%'s to escape them, like '%%foo'.
openldap.src:821: W: macro-in-%changelog _sysconfdir
Macros are expanded in %changelog too, which can in unfortunate cases lead
to the package not building at all, or other subtle unexpected conditions that
affect the build. Even when that doesn't happen, the expansion results in
possibly "rewriting history" on subsequent package revisions and generally
odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros
in %changelog altogether, or use two '%'s to escape them, like '%%foo'.
openldap.src:1073: W: macro-in-%changelog _prefix
Macros are expanded in %changelog too, which can in unfortunate cases lead
to the package not building at all, or other subtle unexpected conditions that
affect the build. Even when that doesn't happen, the expansion results in
possibly "rewriting history" on subsequent package revisions and generally
odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros
in %changelog altogether, or use two '%'s to escape them, like '%%foo'.
openldap.src: W: mixed-use-of-spaces-and-tabs (spaces: line 158, tab: line 177)
The specfile mixes use of spaces and tabs for indentation, which is a
cosmetic annoyance. Use either spaces or tabs for indentation, not both.
All easily correctable.
rpmlint on rpms:
openldap.i386: W: obsolete-not-provided compat-openldap
If a package is obsoleted by a compatible replacement, the obsoleted package
must also be provided in order to provide clean upgrade paths and not cause
unnecessary dependency breakage. If the obsoleting package is not a compatible
replacement for the old one, leave out the provides.
Fix.
openldap-clients.i386: W: summary-ended-with-dot Client programs for OpenLDAP.
Summary ends with a dot.
openldap-devel.i386: W: file-not-utf8
/usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-ldapv3-vlv-xx.txt
The character encoding of this file is not UTF-8. Consider converting it
in the specfile for example using iconv(1).
openldap-devel.i386: W: file-not-utf8
/usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-acl-model-xx.txt
The character encoding of this file is not UTF-8. Consider converting it
in the specfile for example using iconv(1).
openldap-devel.i386: W: summary-ended-with-dot OpenLDAP development libraries
and header files.
Summary ends with a dot.
All fixable.
openldap-devel.i386: W: one-line-command-in-%post /sbin/ldconfig
You should use %post -p <command> instead of using:
%post
<command>
It will avoid the fork of a shell interpreter to execute your command as
well as allows rpm to automatically mark the dependency on your command
for the excecution of the scriptlet.
openldap-devel.i386: W: one-line-command-in-%postun /sbin/ldconfig
You should use %postun -p <command> instead of using:
%postun
<command>
It will avoid the fork of a shell interpreter to execute your command as
well as allows rpm to automatically mark the dependency on your command
for the excecution of the scriptlet.
Should fix.
openldap-servers.i386: W: non-conffile-in-etc /etc/openldap/schema/README
A non-executable file in your package is being installed in /etc, but is not
a configuration file. All non-executable files in /etc should be configuration
files. Mark the file as %config in the spec file.
Possibly move to %doc, rename schema-README?
openldap-servers.i386: E: non-readable /etc/sysconfig/ldap 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).
openldap-servers.i386: E: non-standard-gid /etc/openldap/slapd.conf ldap
A file in this package is owned by a non standard group.
Standard groups are:
root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail,
news, uucp, man, games, gopher, dip, ftp, lock, nobody, users
openldap-servers.i386: E: non-readable /etc/openldap/slapd.conf 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).
Not problems.
openldap-servers.i386: E: executable-marked-as-config-file /etc/rc.d/init.d/ldap
Executables must not be marked as config files because that may
prevent upgrades from working correctly. If you need to be able to
customize an executable, make it for example read a config file in
/etc/sysconfig.
Problem.
openldap-servers.i386: E: non-standard-gid /etc/openldap/DB_CONFIG.example ldap
A file in this package is owned by a non standard group.
Standard groups are:
root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail,
news, uucp, man, games, gopher, dip, ftp, lock, nobody, users
openldap-servers.i386: E: non-readable /etc/openldap/DB_CONFIG.example 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).
Ok.
openldap-servers.i386: W: non-conffile-in-etc /etc/openldap/DB_CONFIG.example
A non-executable file in your package is being installed in /etc, but is not
a configuration file. All non-executable files in /etc should be configuration
files. Mark the file as %config in the spec file.
Move to %doc?
openldap-servers.i386: E: non-standard-uid /var/lib/ldap ldap
A file in this package is owned by a non standard user.
Standard users are:
root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp,
operator, games, gopher, ftp, nobody
openldap-servers.i386: E: non-standard-gid /var/lib/ldap ldap
A file in this package is owned by a non standard group.
Standard groups are:
root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail,
news, uucp, man, games, gopher, dip, ftp, lock, nobody, users
openldap-servers.i386: E: non-standard-dir-perm /var/lib/ldap 0700
A standard directory should have permission set to 0755. If you get this
message, it means that you have wrong directory permissions in some dirs
included in your package.
openldap-servers.i386: E: non-standard-uid /var/run/openldap ldap
A file in this package is owned by a non standard user.
Standard users are:
root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp,
operator, games, gopher, ftp, nobody
openldap-servers.i386: E: non-standard-gid /var/run/openldap ldap
A file in this package is owned by a non standard group.
Standard groups are:
root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail,
news, uucp, man, games, gopher, dip, ftp, lock, nobody, users
Ok.
openldap-servers.i386: W: summary-ended-with-dot OpenLDAP servers and related files.
Summary ends with a dot.
Fix.
openldap-servers.i386: W: conffile-without-noreplace-flag
/etc/pki/tls/certs/slapd.pem
A configuration file is stored in your package without the noreplace flag.
A way to resolve this is to put the following in your SPEC file:
%config(noreplace) /etc/your_config_file_here
openldap-servers.i386: W: conffile-without-noreplace-flag /etc/rc.d/init.d/ldap
A configuration file is stored in your package without the noreplace flag.
A way to resolve this is to put the following in your SPEC file:
%config(noreplace) /etc/your_config_file_here
Fix.
openldap-servers.i386: E: file-in-usr-marked-as-conffile
/usr/share/openldap/migration/migrate_common.ph
A file in /usr is marked as being a configuration file.
Store your conf files in /etc/ instead.
Why is this marked conf and not in etc?
openldap-servers.i386: W: spurious-bracket-in-%pre
The %pre scriptlet contains an "if []" construct without a space before
the "]".
Fix.
openldap-servers.i386: W: dangerous-command-in-%pre chown
openldap-servers.i386: W: dangerous-command-in-%post rm
openldap-servers.i386: W: spurious-bracket-in-%preun
The %preun scriptlet contains an "if []" construct without a space before
the "]".
openldap-servers.i386: W: dangerous-command-in-%preun rm
openldap-servers.i386: W: no-reload-entry /etc/rc.d/init.d/ldap
In your init script (/etc/rc.d/init.d/your_file), you don't
have a 'reload' entry, which is necessary for good functionality.
Could be replaced by %exclude and %attr in %files.
openldap-servers.i386: W: incoherent-init-script-name ldap
The init script name should be the same as the package name in lower case,
or one with 'd' appended if it invokes a process by that name.
What would be broken if this was fixed?
openldap-servers-sql.i386: W: spurious-executable-perm
/usr/share/doc/openldap-servers-sql-2.4.7/rdbms_depend/timesten/create_schema.sh
The file is installed with executable permissions, but was identified as one
that probably should not be executable. Verify if the executable bits are
desired, and remove if not.
openldap-servers-sql.i386: W: spurious-executable-perm
/usr/share/doc/openldap-servers-sql-2.4.7/rdbms_depend/timesten/ttcreate_schema.sh
The file is installed with executable permissions, but was identified as one
that probably should not be executable. Verify if the executable bits are
desired, and remove if not.
openldap-servers-sql.i386: W: summary-ended-with-dot OpenLDAP server SQL support
module.
Summary ends with a dot.
Fix.
Should .a files be in a -static subpackage?
Otherwise, no blockers.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list