[Bug 1297274] Review Request: pulp - An application for managing software repositories
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jan 12 03:09:14 UTC 2016
https://bugzilla.redhat.com/show_bug.cgi?id=1297274
Randy Barlow <rbarlow at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |admiller at redhat.com
Flags| |needinfo?(admiller at redhat.c
| |om)
--- Comment #3 from Randy Barlow <rbarlow at redhat.com> ---
Adam,
I now have a beta of the package, and I believe I have worked out a number of
spec file issues that were present in the first link I provided. Here is an
updated package:
Spec URL: https://rbarlow.fedorapeople.org/pulp.spec
SRPM URL: https://rbarlow.fedorapeople.org/pulp-2.8.0-0.1.beta.fc24.src.rpm
There are still a number of rpmlint issues. Most I think we can ignore, but
perhaps you can provide some insight about a few of them. I'll comment inline
as I did before:
$ rpmlint ~/rpmbuild/RPMS/noarch/p*
~/rpmbuild/SRPMS/pulp-2.8.0-0.1.beta.fc24.src.rpm pulp-admin-client.noarch: W:
conffile-without-noreplace-flag /etc/bash_completion.d/pulp-admin
pulp-consumer-client.noarch: W: conffile-without-noreplace-flag
/etc/bash_completion.d/pulp-consumer
IMO, the bash_completion isn't really a config file so it doesn't need
noreplace. Do you agree?
pulp-agent.noarch: E: zero-length /etc/pulp/agent/agent.conf
I filed this upstream: https://pulp.plan.io/issues/1497
pulp-consumer-client.noarch: E: non-readable /etc/pki/pulp/consumer/rsa.key 640
pulp-nodes-child.noarch: E: non-readable
/etc/pulp/server/plugins.conf.d/nodes/importer/http.conf 640
pulp-nodes-common.noarch: E: non-readable /etc/pulp/nodes.conf 640
pulp-server.noarch: E: non-readable /etc/pki/pulp/ca.key 640
pulp-server.noarch: E: non-readable /etc/pki/pulp/rsa.key 640
pulp-server.noarch: E: non-readable /etc/pulp/server.conf 640
These files all contain secrets (cryptographic keys or passwords) and so I
think being unreadable by world is required.
pulp-nodes-common.noarch: W: no-manual-page-for-binary
pulp-gen-nodes-certificate
pulp-server.noarch: W: no-manual-page-for-binary pulp-gen-ca-certificate
pulp-server.noarch: W: no-manual-page-for-binary pulp-manage-db
pulp-server.noarch: W: no-manual-page-for-binary pulp-qpid-ssl-cfg
I filed an issue for these upstream: https://pulp.plan.io/issues/1499
pulp-nodes-parent.noarch: W: dangling-symlink /var/www/pulp/nodes/content
/var/lib/pulp/content
pulp-server.noarch: W: dangling-symlink /var/www/pulp/nodes/https
/var/lib/pulp/nodes/published/https
pulp-server.noarch: W: dangling-symlink /var/www/pulp/nodes/http
/var/lib/pulp/nodes/published/http
I am puzzled by these. AFAICT, these symlinks are from one subpackage's owned
directory to another subpackage's directories. Does rpmlint not allow symlinks
across subpackages? Do you have any advice about this?
pulp-server.noarch: E: explicit-lib-dependency python-httplib2
I think this might just be a linter mistake due to this package having "lib" in
its name.
pulp-server.noarch: E: non-standard-dir-perm /var/log/pulp 750
We have had a number of bugs where secret information has gotten logged. We
decided that it was safest to make the logs as non-world readable. Is that
acceptable?
pulp-server.noarch: W: log-files-without-logrotate ['/var/log/pulp']
I've filed this issue upstream: https://pulp.plan.io/issues/1498
python2-pulp-streamer.noarch: W: empty-%postun
We used the %systemd_postun macro here, which seems to be empty. I didn't write
that part of our original spec, so I'm not 100% sure what it is there for. Do
you think I should just drop the %postun section since it's empty anyway?
20 packages and 0 specfiles checked; 9 errors, 11 warnings.
Thanks for your review, and sorry it was a little later than expected!
--
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
More information about the package-review
mailing list