[Bug 507053] Review Request: latrace - glibc 2.4+ LD_AUDIT feature frontend

Fri Jul 3 07:56:46 UTC 2009

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.

https://bugzilla.redhat.com/show_bug.cgi?id=507053

--- Comment #3 from Dan Horák <dan at danny.cz>  2009-07-03 03:56:45 EDT ---
formal review is here, see the notes below:

BAD source files match upstream:
OK package meets naming and versioning guidelines.
OK specfile is properly named, is cleanly written and uses macros consistently.
OK dist tag is present.
OK license field matches the actual license.
OK license is open source-compatible (GPLv3+). License text included in
package.
OK latest version is being packaged.
OK BuildRequires are proper.
OK compiler flags are appropriate.
OK %clean is present.
OK package builds in mock (Rawhide/x86_64).
OK debuginfo package looks complete.
BAD rpmlint is silent.
OK final provides and requires look sane.
N/A %check is present and all tests pass.
OK no shared libraries are added to the regular linker search paths.
OK owns the directories it creates.
OK doesn't own any directories it shouldn't.
OK no duplicates in %files.
BAD file permissions are appropriate.
OK correct scriptlets present.
OK code, not content.
OK documentation is small, so no -docs subpackage is necessary.
OK %docs are not necessary for the proper functioning of the package.
OK no headers.
OK no pkgconfig files.
OK no libtool .la droppings.
OK not a GUI app.

- source archives differs - a newer one is packaged in srpm, you should never
change a publicly released archive, but release a new one with increased
version
- rpmlint complains a bit:
latrace.src: W: no-version-in-last-changelog
latrace.x86_64: W: no-version-in-last-changelog
  - https://fedoraproject.org/wiki/Packaging/Guidelines#Changelogs
latrace.x86_64: W: no-soname /usr/lib64/libltaudit.so
  - can be ignored here
latrace.x86_64: W: shared-lib-calls-exit /usr/lib64/libltaudit.so
exit at GLIBC_2.2.5
  - hint when rpmlint is run with "-i"
This library package calls exit() or _exit(), probably in a non-fork()
context. Doing so from a library is strongly discouraged - when a library
function calls exit(), it prevents the calling program from handling the
error, reporting it to the user, closing files properly, and cleaning up any
state that the program has. It is preferred for the library to return an
actual error code and let the calling program decide how to handle the
situation.
  - requires a comment why this is correct

latrace.x86_64: E: non-standard-executable-perm /usr/bin/latrace 0555
latrace.x86_64: E: non-standard-executable-perm /usr/lib64/libltaudit.so 0555
  - should be 0755
- config files in /etc should be writable by owner (0644)

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.