[Bug 571816] Review Request: clamav-unofficial-sigs - Scripts to download unoffical clamav signatures
bugzilla at redhat.com
bugzilla at redhat.com
Thu Dec 23 18:29:25 UTC 2010
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=571816
Jason Tibbitts <tibbs at math.uh.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
AssignedTo|nobody at fedoraproject.org |tibbs at math.uh.edu
Flag| |fedora-review?
--- Comment #6 from Jason Tibbitts <tibbs at math.uh.edu> 2010-12-23 13:29:23 EST ---
Sure, I can review it.
There's not really much to this package; it builds fine and rpmlint has only
the expected complaints about nonstandard uid and gits, as well as two
complaints about missing manpages. There is actually a manpage, but for some
reason it has a different name than the actual executable. Is there any
specific reason for that? Seems to be something of a mistake by upstream.
I'm pretty sure I traced down the clamav dependencies properly to make sure
that the user will be present before this package is installed. The clamav
package is so terrible, however, that I might have missed something.
I'm not entirely sure why the executables in /usr/bin need to be owned by the
clamupdate user. Can you clarify? The current situation leads to them being
writable by clamupdate, which I don't think is a particularly good idea.
The %post scriptlet is decidedly not sane. Every time this package is updated,
a file which you've explicitly marked as %config(noreplace) will be modified if
it includes the string "45". Why not use the existing random wait
functionality already in the software?
* source files match upstream. sha256sum:
7f8de46da43d8edd06ee1dcd1bc4563e61b23c9bbd368ccf0265576e46f4d90c
clamav-unofficial-sigs-3.7.1.tar.gz
* package meets naming and versioning guidelines.
* specfile is properly named, is cleanly written and uses macros consistently.
* summary is OK.
* description is OK.
* dist tag is present.
* license field matches the actual license.
* license is open source-compatible.
* license text included in package.
* latest version is being packaged.
* BuildRequires are proper.
* package builds in mock (rawhide, x86_64).
* package installs properly.
* rpmlint has acceptable complaints.
* final provides and requires are sane:
config(clamav-unofficial-sigs) = 3.7.1-1.fc15
clamav-unofficial-sigs = 3.7.1-1.fc15
=
/bin/sh
bind-utils
clamav
config(clamav-unofficial-sigs) = 3.7.1-1.fc15
curl
diffutils
gnupg
rsync
* no bundled libraries.
* owns the directories it creates.
* doesn't own any directories it shouldn't.
* no duplicates in %files.
* file permissions are appropriate.
* no generically named files
X scriptlets are not sane.
* code, not content.
* documentation is small, so no -doc subpackage is necessary.
* %docs are not necessary for the proper functioning of the package.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list