On Sun, Apr 14, 2013 at 12:26 AM, Dhiru Kholia <dhiru.kholia(a)gmail.com> wrote:
On Sat, Apr 13, 2013 at 11:16 PM, Steve Grubb
<sgrubb(a)redhat.com> wrote:
> On Saturday, April 13, 2013 12:19:42 PM Rahul Sundaram wrote:
>> Is there a tracker bug? Proven packagers can help
>
> I have a tracker bug for issues identified on the core set of packages that
> would be part of a common criteria certification:
>
> I have not run the script that checks a distribution on F19 yet, so maybe
> there are more?
>
I have analyzed all F9 packages and have already published a list of
packages violating packaging guidelines.
See
http://dl.dropbox.com/u/1522424/probable-violations-F19.csv
(I made some last minute changes which might be buggy. Feedback and
corrections are welcome!)
Also note that all this analysis stuff has been *automated*.
Additionally, my code works for all RHEL and Fedora versions (and even
deb based distributions).
The analysis code doesn't install any packages on the system, is host
OS agnostic and is quite fast (scales linearly).
See
https://github.com/kholia/checksec (currently only the interactive
tools are described in the README, bulk analysis tools are hopefully
intuitive enough).
My analysis code combines the original checksec (bash script),
rpm-chksec (Steve's script) and Grant's Go port into one Python code
base.
I am planning to extend it with more checks and ideas. Your tips are welcome!
--
Dhiru