[Bug 1185662] New: Review Request: shadowd - Shadow Daemon web application firewall server
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
Bug ID: 1185662 Summary: Review Request: shadowd - Shadow Daemon web application firewall server Product: Fedora Version: rawhide Component: Package Review Severity: medium Assignee: nobody@fedoraproject.org Reporter: hb@zecure.org QA Contact: extras-qa@fedoraproject.org CC: package-review@lists.fedoraproject.org
Spec URL: https://shadowd.zecure.org/files/redhat/shadowd.spec SRPM URL: https://shadowd.zecure.org/files/redhat/shadowd-1.0.0-1.fc21.src.rpm Description: Shadow Daemon is a collection of tools to detect, protocol and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. This component is the background server that handles the analysis and storage of requests. Fedora Account System Username: zithb
This is my first package and I need a sponsor. I am also the upstream maintainer of the project.
A Koji report can be found here: http://koji.fedoraproject.org/koji/taskinfo?taskID=8719873
Thanks in advance!
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
Hendrik Buchwald hb@zecure.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |177841 (FE-NEEDSPONSOR)
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=177841 [Bug 177841] Tracker: Review requests from new Fedora packagers who need a sponsor
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
Pranav Kant pranav913@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |pranav913@gmail.com
--- Comment #1 from Pranav Kant pranav913@gmail.com --- This is an unofficial review.
Skimming through the spec file and a quick review made me point out following problems. Please have a look at points below.
- You should either macro style (%{buildroot}) or variable style ($RPM_BUILD_ROOT) consistently throughout the spec file. Mixing both of these is bad from usability point of view. Please use one style throughout the spec file.
See : http://fedoraproject.org/wiki/Packaging:Guidelines#Using_.25.7Bbuildroot.7D_...
- defattr is not needed for rpm >=4.4. See : http://fedoraproject.org/wiki/Packaging:Guidelines#File_Permissions
- rpmlint output :
Checking: shadowd-1.0.0-1.fc21.x86_64.rpm shadowd-1.0.0-1.fc21.src.rpm shadowd.x86_64: E: explicit-lib-dependency libdbi-dbd-mysql shadowd.x86_64: E: explicit-lib-dependency libdbi-dbd-pgsql shadowd.x86_64: W: spelling-error %description -l en_US expandability -> expand ability, expand-ability, dependability shadowd.x86_64: W: non-standard-gid /etc/shadowd/shadowd.ini shadowd shadowd.x86_64: E: non-readable /etc/shadowd/shadowd.ini 0640L shadowd.src: W: spelling-error %description -l en_US expandability -> expand ability, expand-ability, dependability shadowd.src: W: strange-permission shadowd.spec 0666L shadowd.src: W: strange-permission shadowd.service 0666L shadowd.src: W: strange-permission shadowd-1.0.0.tar.gz 0666L 2 packages and 0 specfiles checked; 3 errors, 6 warnings.
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
--- Comment #2 from Hendrik Buchwald hb@zecure.org --- Okay, I updated it.
Some of the rpmlint output will remain: * libdbi-dbd-mysql and libdbi-dbd-pgsql are runtime dependencies that are not detected automatically * expandability is not in this dictionary, but it is not an uncommon word either * the permissions and owner of shadowd.ini are security requirements
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
--- Comment #3 from Pranav Kant pranav913@gmail.com --- Also it would be better to have each BR in a separate line. That is easier to review in git when there is a change.
https://bugzilla.redhat.com/show_bug.cgi?id=1185662
--- Comment #4 from Pranav Kant pranav913@gmail.com --- Also, please increase the release next time you adjust the SPEC, it makes it easier to compare SRPMS.
package-review@lists.fedoraproject.org
-
Red Hat Bugzilla