[Bug 528108] Review Request: Vuurmuur - Firewall manager built on top of iptables

bugzilla at redhat.com bugzilla at redhat.com
Mon Oct 12 15:17:59 UTC 2009 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=528108


Dave Ludlow <dave at adsllc.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dave at adsllc.com




--- Comment #1 from Dave Ludlow <dave at adsllc.com>  2009-10-12 11:17:58 EDT ---
### I'm looking for a sponsor.  Submitted as a comment only as suggested by
http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group#Reviewing_Packages.

*************************
*** Possible Problems ***
*************************

MUST: rpmlint must be run on every package. The output should be posted in the
review.
 $ rpmlint Vuurmuur-0.7-0.fc11.src.rpm Vuurmuur.spec
 1 packages and 1 specfiles checked; 0 errors, 0 warnings.

 $ rpmlint *.rpm 
 Vuurmuur.x86_64: W: incoherent-version-in-changelog 0.7-1 ['0.7-0.fc11',
'0.7-0']
 Vuurmuur-daemon.x86_64: E: incoherent-logrotate-file /etc/logrotate.d/vuurmuur
 Vuurmuur-daemon.x86_64: W: service-default-enabled /etc/rc.d/init.d/vuurmuur
 Vuurmuur-daemon.x86_64: E: no-status-entry /etc/rc.d/init.d/vuurmuur
 Vuurmuur-daemon.x86_64: E: subsys-not-used /etc/rc.d/init.d/vuurmuur
 Vuurmuur-daemon.x86_64: W: incoherent-init-script-name vuurmuur
('vuurmuur-daemon', 'vuurmuur-daemond')
 Vuurmuur-devel.x86_64: W: no-dependency-on Vuurmuur/Vuurmuur-libs/libVuurmuur
 Vuurmuur-devel.x86_64: W: no-documentation
 5 packages and 0 specfiles checked; 3 errors, 5 warnings.

MUST: The package must meet the Packaging Guidelines.
 http://fedoraproject.org/wiki/Packaging/Guidelines#Tags
  The Vendor tag should not be used. It is set automatically by the build
system.
  Consider replacing 0.7 in the Source0 tag to %{version}.

http://fedoraproject.org/wiki/Packaging/Guidelines#All_patches_should_have_an_upstream_bug_link_or_comment

MUST: In the vast majority of cases, devel packages must require the base
package using a fully versioned dependency: Requires: %{name} =
%{version}-%{release}
 It does not

MUST: All build dependencies must be listed in BuildRequires, except for any
that are listed in the exceptions section of the Packaging Guidelines ;
inclusion of those as BuildRequires is optional. Apply common sense.
 An automake reference is missing, possibly others.  See SHOULD: run in mock

SHOULD: The reviewer should test that the package builds in mock.
 It does not.  /var/tmp/rpm-tmp.ZPXJhA: line 43: aclocal: command not found

SHOULD: The reviewer should test that the package functions as described. A
package should not segfault instead of running, for example.
 A quick test seems OK, other than the TUI seems to have "Yes" and "No" swapped
in the exit confirmation dialog.  Looks like an upstream issue.

*************************
*** Items not checked ***
*************************

MUST: If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the spec in
ExcludeArch.
 Unknown, other than x86_64.

**************************
*** Items that look OK ***
**************************

MUST: The package must be named according to the Package Naming Guidelines.
 It is.

MUST: The spec file name must match the base package %{name}, in the format
%{name}.spec unless your package has an exemption.
 It does.

MUST: The package must be licensed with a Fedora approved license and meet the
Licensing Guidelines.
 GPLv2

MUST: The License field in the package spec file must match the actual license.
 GPLv2

MUST: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s) for the
package must be included in %doc.
 It does, and it is.

MUST: The spec file must be written in American English.
 It is.

MUST: The spec file for the package MUST be legible.
 It is.

MUST: The sources used to build the package must match the upstream source, as
provided in the spec URL. Reviewers should use md5sum for this task.
 md5sum=bad91aafcbea5e3a434440f88d722778 for both packaged and upstream
sources.

MUST: The package MUST successfully compile and build into binary rpms on at
least one primary architecture.
 Built on my x86_64 without issue.

MUST: The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
 It does.

MUST: Every binary RPM package (or subpackage) which stores shared library
files (not just symlinks) in any of the dynamic linker's default paths, must
call ldconfig in %post and %postun.
 It does.

MUST: Packages must NOT bundle copies of system libraries.
 It doesn't.

MUST: If the package is designed to be relocatable, the packager must state
this fact in the request for review, along with the rationalization for
relocation of that specific package. Without this, use of Prefix: /usr is
considered a blocker.
 It's not.

MUST: A package must own all directories that it creates. If it does not create
a directory that it uses, then it should require a package which does create
that directory.
 No directories are created by the spec file outside of the build root.

MUST: A Fedora package must not list a file more than once in the spec file's
%files listings.
 It doesn't

MUST: Permissions on files must be set properly. Executables should be set with
executable permissions, for example. Every %files section must include a
%defattr(...) line.
 They aren't set explicitly by the .spec file, but the default inherited perms
should do.

MUST: Each package must have a %clean section, which contains rm -rf
%{buildroot} (or $RPM_BUILD_ROOT).
 It does.

MUST: Each package must consistently use macros.
 Other than the 0.7 in the Source0 line, it does

MUST: The package must contain code, or permissable content.
 It does

MUST: Large documentation files must go in a -doc subpackage.
 The docs aren't large.

MUST: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.
 The skel and zones info appears to be required configuration, not
documentation.

MUST: Header files must be in a -devel package.
 They are

MUST: Static libraries must be in a -static package.
 None exist

MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for
directory ownership and usability).
 No .pc files

MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1),
then library files that end in .so (without suffix) must go in a -devel
package.
 They do

MUST: Packages must NOT contain any .la libtool archives, these must be removed
in the spec if they are built.
 Packages contain no such files.

MUST: Packages containing GUI applications must include a %{name}.desktop file,
and that file must be properly installed with desktop-file-install in the
%install section.
 Not a GUI

MUST: Packages must not own files or directories already owned by other
packages.
 OK

MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot}
(or $RPM_BUILD_ROOT).
 It does

MUST: All filenames in rpm packages must be valid UTF-8.
 They are

SHOULD: If the source package does not include license text(s) as a separate
file from upstream, the packager SHOULD query upstream to include it.
 Included.

SHOULD: The description and summary sections in the package spec file should
contain translations for supported Non-English languages, if available.
 No translations appear to be available. (vuurmuur_conf-0.7/po/* scanned
without success)

SHOULD: The package should compile and build into binary rpms on all supported
architectures.
 Unable to test, but it doesn't appear to be arch dependent.

SHOULD: If scriptlets are used, those scriptlets must be sane. This is vague,
and left up to the reviewers judgement to determine sanity.
 Sane.

SHOULD: Usually, subpackages other than devel should require the base package
using a fully versioned dependency.
 These are caught by library dependencies automagically.

SHOULD: The placement of pkgconfig(.pc) files depends on their usecase, and
this is usually for development purposes, so should be placed in a -devel pkg.
 Unused.

SHOULD: If the package has file dependencies outside of /etc, /bin, /sbin,
/usr/bin, or /usr/sbin consider requiring the package which provides the file
instead of the file itself.
 It doesn't.

### I'm looking for a sponsor.  Submitted as a comment only as suggested by
http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group#Reviewing_Packages.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list