Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
Summary: Review Request: maradns - security-aware DNS server Product: Fedora Version: devel Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: Package Review AssignedTo: nobody@fedoraproject.org ReportedBy: fedora@theholbrooks.org QAContact: extras-qa@fedoraproject.org CC: fedora-package-review@redhat.com,notting@redhat.com
Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.2.12.06-1.src.rpm
Description: MaraDNS is a package that implements the Domain Name Service (DNS), an essential internet service. MaraDNS has the following advantages: * Secure. * Supported. * Easy to use. * Small. * Open Source.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
ruben@rubenkerkhof.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |ruben@rubenkerkhof.com
------- Additional Comments From ruben@rubenkerkhof.com 2007-06-24 05:51 EST ------- Hi Brandon,
Nice, another dns server ;-)
Some initial comments:
rpmlint of maradns: W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/pt_br/source/compile.ej W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/pt_br/source/authoritative.ej W: maradns spurious-executable-perm /usr/share/doc/maradns-1.2.12.06/en/man/make.pdf W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/pt_br/source/dangling.ej W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/en/misc/compression/decompress_api.html W: maradns spurious-executable-perm /usr/share/doc/maradns-1.2.12.06/en/tutorial/make.index W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/pt_br/source/zoneserver.ej W: maradns spurious-executable-perm /usr/share/doc/maradns-1.2.12.06/en/webpage/make.page W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/pt_br/source/csv2.ej W: maradns wrong-file-end-of-line-encoding /usr/share/doc/maradns- 1.2.12.06/en/misc/private_rrs.html E: maradns no-status-entry /etc/rc.d/init.d/maradns W: maradns no-reload-entry /etc/rc.d/init.d/maradns E: maradns subsys-not-used /etc/rc.d/init.d/maradns E: maradns no-status-entry /etc/rc.d/init.d/maradns-zoneserver W: maradns no-reload-entry /etc/rc.d/init.d/maradns-zoneserver E: maradns subsys-not-used /etc/rc.d/init.d/maradns-zoneserver
- The FAQ etc are installed twice, once as FAQ and once as FAQ.txt - Missing dependancy on chkconfig for %post (package chkconfig) - Missing dependancy on chkconfig for %preun (package chkconfig) - Missing dependancy on service for %postun (package initscripts) - Missing dependancy on service for %preun (package initscripts)
The way of building this package is a bit strange. The Makefile calls ./compile.sh, which in turn calls ./configure and then make again. This way, $RPM_OPT_FLAGS are not used.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From mfleming+rpm@enlartenment.com 2007-06-24 09:22 EST ------- I had a crack at this previously for my own repository (it was more a test and I'm using BIND myself, but keep it up-to-date for those that want it. This one is in better shape IMHO) and found that skipping the ./compile.sh item entirely a better solution re: ensuring the optimisation flags are honoured.
I used:
./configure make FLAGS="%{optflags} -DSELECT_PROBLEM"
...and it compiled and worked fine for me.
Michael.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2007-06-24 16:00 EST ------- Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.2.12.06-2.src.rpm
I liked Michael's idea of calling configure and make manually. Note that introduced an rpmlint error on the srpm "configure-without-libdir-spec" because I have to run "./configure" instead of the "%configure" macro (since this is a homebrew configure and not an autoconf one). I also made a comment along those lines in the spec file.
I also added requirements for chkconfig and initscripts, which didn't affect rpmlint's output. The initscripts rpmlint is complaining about are the ones included with the upstream package, and are obviously missing a 'status' and 'reload' section (and whatever 'subsys-not-used' means). Is it my responsibility to augment these init scripts to play nicer in Fedoraland?
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2007-06-24 16:04 EST ------- I also just now added a disttag to Release after pushing these RPMs, in case somebody notices it was missing :)
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From ruben@rubenkerkhof.com 2007-06-24 19:00 EST ------- Attached patch fixes most of the rpmlint warnings, but please consider reporting these fixes upstream as well.
The subsys-not-used means that you should create a lock file in /var/lock/zoneserver when you start up the server. rpmlint -i gives you more info.
Personally, I think it's the same amount of work patching the initscripts, as it is to create new ones in Fedora style. I did one for pdns-recursor, you can take that as a template.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From ruben@rubenkerkhof.com 2007-06-24 19:01 EST ------- Created an attachment (id=157727) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=157727&action=vie...) Fix rpmlint warnings
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2007-06-29 02:45 EST ------- Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.2.12.06-3.fc7.src.rpm
Applied Ruben's patch and wrote some new init scripts. rpmlint is much quieter now. tarball permissions and dos line endings have all been reported to upstream.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From ruben@rubenkerkhof.com 2007-06-29 14:10 EST ------- rpmlint of maradns: E: maradns incoherent-subsys /etc/rc.d/init.d/maradns-zoneserver zoneserver E: maradns incoherent-subsys /etc/rc.d/init.d/maradns-zoneserver zoneserver E: maradns incoherent-subsys /etc/rc.d/init.d/maradns-zoneserver zoneserver
This one is simple to solve, use /var/lock/subsys/maradns-zoneserver instead of zoneserver in the init file.
Patch0: initscripts.patch can now be removed
# copy symlinked docs to the real thing %{__rm} FAQ CHANGELOG CREDITS %{__cp} doc/en/faq.txt FAQ %{__cp} doc/en/changelog.txt CHANGELOG %{__cp} doc/en/credits.txt CREDITS
Why not use a symlink? Shipping the same document twice seems like a waste of diskspace.
The condrestart in %postun should only happen on upgrades, not on installs or uninstalls.
By default, maradns runs as root, while it has the option to run as normal user in a chroot. I think it would be nice if you could : - add a user and group - add that user to /etc/mararc
Have a look at Pound or pdns for examples There's also a draft at http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroups you can look at.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2007-08-24 02:02 EST ------- Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.2.12.07-1.fc7.src.rpm
Updated to 1.2.12.07 Fixed the incorrect symlinks (rather than copy the files) make condrestart happen only on upgrades Added a maradns user/group
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2007-10-01 23:38 EST ------- Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.2.12.08-1.fc7.src.rpm
Updated to 1.2.12.08 Converted non-UTF8-encoded files to UTF8
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
------- Additional Comments From s-t-rhbugzilla@wwwdotorg.org 2007-11-19 01:03 EST ------- Ping Ruben. Are you able to review the latest version of the package?
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
bugzilla@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Version|devel |rawhide
ruben@rubenkerkhof.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|nobody@fedoraproject.org |ruben@rubenkerkhof.com Status|NEW |ASSIGNED
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
------- Additional Comments From ruben@rubenkerkhof.com 2008-01-20 09:08 EST ------- Brandon, two comments: -There's a new version out - The following doesn't work in the %install section: echo maradns_uid=%(id -u maradns) >> build/rpm.mararc echo maradns_gid=%(id -g maradns) >> build/rpm.mararc
I think that's because %install runs in a chroot, and %pre runs when you install the rpm.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
------- Additional Comments From tibbs@math.uh.edu 2008-01-27 15:37 EST ------- Ruben, please set fedora-review to '?' if you're reviewing this.
I see that Brandon has made CVS commits recently so hopefully he's still willing to work on this package.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
ruben@rubenkerkhof.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag| |fedora-review?
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
------- Additional Comments From fedora@theholbrooks.org 2008-01-29 01:24 EST ------- Spec URL: http://theholbrooks.org/RPMS/maradns.spec SRPM URL: http://theholbrooks.org/RPMS/maradns-1.3.07.08-1.fc8.src.rpm
maradns 1.3 has been officially declared stable, so I have updated these RPMs to the latest in the 1.3 series. I also fixed the issue with the echo statements not working in %install (they didn't even belong in %install anyway, they belonged in %post).
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
ruben@rubenkerkhof.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag|fedora-review? |fedora-review+
------- Additional Comments From ruben@rubenkerkhof.com 2008-02-16 08:20 EST ------- Hello Brendon,
Apart from the Source0 line, which should be http://www.maradns.org/download/1.3/%%7Bversion%7D/%%7Bname%7D-%%7Bversion%7... instead of http://www.maradns.org/download/1.2/%%7Bversion%7D/%%7Bname%7D-%%7Bversion%7...
the package looks good. Approved.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
fedora@theholbrooks.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag| |fedora-cvs?
------- Additional Comments From fedora@theholbrooks.org 2008-03-07 22:34 EST ------- New Package CVS Request ======================= Package Name: maradns Short Description: Security-aware DNS Server Owners: static Branches: F-8, EL-5 InitialCC: Cvsextras Commits: yes
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
kevin@tummy.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Flag|fedora-cvs? |fedora-cvs+
------- Additional Comments From kevin@tummy.com 2008-03-08 14:33 EST ------- cvs done.
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: maradns - security-aware DNS server
https://bugzilla.redhat.com/show_bug.cgi?id=245488
fedora@theholbrooks.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |NEXTRELEASE
------- Additional Comments From fedora@theholbrooks.org 2008-03-10 00:05 EST ------- Uploaded and building now. Thanks Ruben!
package-review@lists.fedoraproject.org