[Bug 458391] Review Request: Bro - Open-source, Unix-based Network Intrusion Detection System

Sun Aug 10 10:47:10 UTC 2008

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.

https://bugzilla.redhat.com/show_bug.cgi?id=458391

--- Comment #2 from Dan Kopeček <dkopecek at redhat.com>  2008-08-10 06:47:09 EDT ---
> Miloslav Trmač <mitr at redhat.com> wrote:
>
> This is not a formal review: I didn't go through Packaging/Guidelines,
> and I won't be able to reply during the next week.
>
> rpmlint output:
> bro.i386: E:  
> wrong-script-interpreter /usr/share/bro/capture-events.bro "$Id:"
> bro.i386: E: non-executable-script /usr/share/bro/capture-events.bro  
> 0644
>> bro.i386: E:  
> wrong-script-interpreter /usr/share/bro/capture-state-updates.bro "$Id:"
>> bro.i386: E:  
> non-executable-script /usr/share/bro/capture-state-updates.bro 0644
> The .bro files are not scripts, so this is not a problem.
>> bro.i386: E: zero-length /usr/share/bro/ftp-safe-words.bro  
> Shipped that way, OK.
>> bro.i386: W: log-files-without-logrotate /var/log/bro  
> Have you checked this is OK?

I think this is ok because Bro periodically creates new log files (this can be
set in /etc/sysconfig/bro). But it ships some archiving script too that are not
installed now - I will fix that after I rewrite this scripts as they are not
usable in our environment now.

> bro.i386: W: incoherent-subsys /etc/rc.d/init.d/bro $prog
>> rpmlint can not expand $prog, this is OK.  
>
> * blocker: The Release: field does not follow
> https://fedoraproject.org/wiki/Packaging/NamingGuidelines#Snapshot_packages

Changed to: 0.1.%{snapshot}svn%{?dist}

> * blocker: License: should be "BSD with advertising"
> * Why is the "Requires: perl openssl zlib ncurses" line necessary?
>  - I can't see anything that requires perl
>  - libssl dependency is discovered automatically; nothing uses the
>    command-line utility
>  - libz dependency is discovered automatically
>  - Only "shtool", which is not shipped at all, uses the command-line
>    programs from ncurses.

Fixed. (removed)

> * blocker: bro seems to ship its own copy of libedit.  If it's true, bro
>  needs to be patched to link to the package shipped in the libedit rpm.

Yes, it ships its own libedit but it is not installed nor linked with any
installed executables, so this should be ok.

Thanks for review

New SRPM: http://mildew.pfy.cz/redhat/bro/bro-1.4-0.1.20080804svn.fc8.src.rpm
New spec: http://mildew.pfy.cz/redhat/bro/bro.spec

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.