[Bug 249522] Review Request: sepostgresql - Security-Enhanced PostgreSQL

bugzilla at redhat.com bugzilla at redhat.com
Sun Aug 5 07:47:19 UTC 2007 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request:  sepostgresql - Security-Enhanced PostgreSQL


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522





------- Additional Comments From mtasaka at ioa.s.u-tokyo.ac.jp  2007-08-05 03:47 EST -------
Created an attachment (id=160709)
 --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=160709&action=view)
mock build log of 8.2.4-0.409.beta on rawhide i386

Just from packaging issue:

* Patch0
--------------------------------------------------
Patch0: sepostgresql-%{version}-%{release}.patch
--------------------------------------------------
  - Please don't write in this way. This surely
    fails on F-7 FC-6 (i.e. except for rawhide) because
    release is defined as:
--------------------------------------------------
Release: 0.409%{?sepgextension}%{?dist}
--------------------------------------------------

* BuildRequires
  - rebuild fails at least on rawhide i386. At least 
    autoconf is missing for BuildRequires.

    Even after adding autoconf to BuildRequiers, rebuild
    still fails (build log attached). 
    I cannot proceed review without making srpm rebuilt..

* AutoProv: no
  - Why is this needed?

* CFLAGS
--------------------------------------------------
CFLAGS=`echo $CFLAGS|xargs -n 1|grep -v ffast-math|xargs -n 100`
--------------------------------------------------
  - This is redundant because Fedora's CFLAGS does not contain
    -ffast-math

* Macros
  - Please use macros correctly.
    /var -> %_localstatedir
    /usr/sbin -> %_sbindir

* Install usage
  - Please make sure that "install" "cp" commands keep timestamp.
    i.e. Use "-p" option when using "install" or "cp".

* For group/user adding scripts:
  (from http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroups :
   this is ratified and now this is not a draft)

(In reply to comment #8)
> Your patch intended to add "Requires(pre): shadow-utils", but it is not 
> necessary because we can assume some fundamental packages are installed.
> See, http://fedoraproject.org/wiki/Packaging/FullExceptionList
> The shadow-utils is also contained the list.
  - FullExceptionList is for BuildRequires, not for Requires.
    So adding "Requires(pre): shadow-utils" is still needed

* Initscripts Conventions
  (check the section "Services"
   http://fedoraproject.org/wiki/Packaging/ScriptletSnippets )
  - Add some Requires(pre) or so on according to the description
    written on above.

* Directory ownership
  - Please make it sure that all the directories newly creted
    by installing this package are surely owned by this package.
    Currently the following directories are not owned.
-----------------------------------------------------------
%{_datadir}/sepgsql/
%{_libdir}/sepgsql/
------------------------------------------------------------

* From the brief check of sepostgresql.init:
  - Usually the commands which are not within normal users' paths
    must be specified with full path (otherwith this will cause
    problems when invoked with sudo rpm -Fvh , for example)

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the package-review mailing list