Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: sepostgresql - Security-Enhanced PostgreSQL
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522
------- Additional Comments From mtasaka@ioa.s.u-tokyo.ac.jp 2007-08-05 03:47 EST ------- Created an attachment (id=160709) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=160709&action=vie...) mock build log of 8.2.4-0.409.beta on rawhide i386
Just from packaging issue:
* Patch0 -------------------------------------------------- Patch0: sepostgresql-%{version}-%{release}.patch -------------------------------------------------- - Please don't write in this way. This surely fails on F-7 FC-6 (i.e. except for rawhide) because release is defined as: -------------------------------------------------- Release: 0.409%{?sepgextension}%{?dist} --------------------------------------------------
* BuildRequires - rebuild fails at least on rawhide i386. At least autoconf is missing for BuildRequires.
Even after adding autoconf to BuildRequiers, rebuild still fails (build log attached). I cannot proceed review without making srpm rebuilt..
* AutoProv: no - Why is this needed?
* CFLAGS -------------------------------------------------- CFLAGS=`echo $CFLAGS|xargs -n 1|grep -v ffast-math|xargs -n 100` -------------------------------------------------- - This is redundant because Fedora's CFLAGS does not contain -ffast-math
* Macros - Please use macros correctly. /var -> %_localstatedir /usr/sbin -> %_sbindir
* Install usage - Please make sure that "install" "cp" commands keep timestamp. i.e. Use "-p" option when using "install" or "cp".
* For group/user adding scripts: (from http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroups : this is ratified and now this is not a draft)
(In reply to comment #8)
Your patch intended to add "Requires(pre): shadow-utils", but it is not necessary because we can assume some fundamental packages are installed. See, http://fedoraproject.org/wiki/Packaging/FullExceptionList The shadow-utils is also contained the list.
- FullExceptionList is for BuildRequires, not for Requires. So adding "Requires(pre): shadow-utils" is still needed
* Initscripts Conventions (check the section "Services" http://fedoraproject.org/wiki/Packaging/ScriptletSnippets ) - Add some Requires(pre) or so on according to the description written on above.
* Directory ownership - Please make it sure that all the directories newly creted by installing this package are surely owned by this package. Currently the following directories are not owned. ----------------------------------------------------------- %{_datadir}/sepgsql/ %{_libdir}/sepgsql/ ------------------------------------------------------------
* From the brief check of sepostgresql.init: - Usually the commands which are not within normal users' paths must be specified with full path (otherwith this will cause problems when invoked with sudo rpm -Fvh , for example)