Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Merge Review: openssh
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=226218
mastahnke(a)gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mastahnke(a)gmail.com
------- Additional Comments From mastahnke(a)gmail.com 2007-02-15 01:37 EST -------
Template I am using for review -- thanks KevinFenzi
OK - Package meets naming and packaging guidelines
OK - Spec file matches base package name.
OK - Spec has consistant macro usage.
OK - Meets Packaging Guidelines.
OK - License
OK - License field in spec matches
OK - License file included in package
OK - Spec in American English
OK - Spec is legible.
XX - Sources match upstream md5sum --sources do not match. Explanation is
provided and acceptable, IMO.
OK - BuildRequires correct
OK - Spec handles locales/find_lang
OK - Package has %defattr and permissions on files is good.
OK - Package has a correct %clean section.
XX Package has correct buildroot -- package has incorrect build root. See
FESCO meeting minutes from this week or last.
%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
OK - Package is code or permissible content.
OK - Packages %doc files don't affect runtime.
OK - Package compiles and builds on at least one arch.
XX - Package has no duplicate files in %files. -- /etc/ssh is provided by
openssh-server and openssh-clients
OK - Package doesn't own any directories other packages own.
OK - Package owns all the directories it creates.
XX (see below) - No rpmlint output.
SHOULD Items:
OK - Should build in mock.
OK - Should function as described.
OK - Should have sane scriptlets.
OK - Should have subpackages require base package with fully versioned depend.
OK - Should have dist tag
OK - Should package latest version
XX- check for outstanding bugs on package. (For core merge reviews) Several
other bugs exists, however most appear to be RFEs for items not seen in
upstream, so I don't consider them problems for merge. (and wow some of those
RFEs don't look fun)
Most of the rpmlint output makes perfect sense to me, but I am not
all-authoratative. My biggest concern is no documentation for openssh-askpass
rpmlint output for binary packagees
openssh-4.5p1-2.i386.rpm
E: openssh setuid-binary /usr/libexec/openssh/ssh-keysign root 04755
E: openssh non-standard-executable-perm /usr/libexec/openssh/ssh-keysign 04755
E: openssh non-readable /etc/ssh/moduli 0600
openssh-askpass-4.5p1-2.i386.rpm
W: openssh-askpass conffile-without-noreplace-flag
/etc/profile.d/gnome-ssh-askpass.csh
W: openssh-askpass conffile-without-noreplace-flag
/etc/profile.d/gnome-ssh-askpass.sh
W: openssh-askpass no-documentation
E: openssh-askpass executable-marked-as-config-file
/etc/profile.d/gnome-ssh-askpass.sh
E: openssh-askpass executable-sourced-script /etc/profile.d/gnome-ssh-askpass.sh
0755
E: openssh-askpass executable-marked-as-config-file
/etc/profile.d/gnome-ssh-askpass.csh
E: openssh-askpass executable-sourced-script
/etc/profile.d/gnome-ssh-askpass.csh 0755
openssh-clients-4.5p1-2.i386.rpm
E: openssh-clients setgid-binary /usr/bin/ssh-agent nobody 02755
E: openssh-clients non-standard-executable-perm /usr/bin/ssh-agent 02755
openssh-debuginfo-4.5p1-2.i386.rpm
openssh-server-4.5p1-2.i386.rpm
E: openssh-server non-standard-dir-perm /var/empty/sshd 0711
E: openssh-server non-readable /etc/ssh/sshd_config 0600
W: openssh-server non-standard-dir-in-var empty
W: openssh-server dangerous-command-in-%trigger rm
W: openssh-server service-default-enabled /etc/rc.d/init.d/sshd
W: openssh-server incoherent-init-script-name sshd
Please fix space/tab issue
Perms on openssh-nukeacss.sh could also probably be changed.
rpmlint openssh-4.5p1-2.src.rpm
W: openssh strange-permission openssh-nukeacss.sh 0775
W: openssh unversioned-explicit-obsoletes openssh-askpass-gnome
W: openssh unversioned-explicit-provides openssh-askpass-gnome
W: openssh mixed-use-of-spaces-and-tabs (spaces: line 10, tab: line 239)
Note: I am not a member of FedoraBugs yet (still waiting) so I can't claim the
ticket and pass it on.
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.