[Bug 609688] Review Request: secstate - Security requirements reporting and configuration

bugzilla at redhat.com bugzilla at redhat.com
Mon Jul 12 10:25:41 UTC 2010 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=609688

--- Comment #12 from Jan F. Chadima <jchadima at redhat.com> 2010-07-12 06:25:39 EDT ---
rpmlint must be run on every package. The output should be posted in the review
OK
The package must be named according to the Package Naming Guidelines OK
The spec file name must match the base package %{name}, in the format
%{name}.spec  OK
The package must meet the Packaging Guidelines OK
The License field in the package spec file must match the actual license OK
If (and only if) the source package includes the text of the license(s) in its
own file, then that file, containing the text of the license(s) for the package
must be included in %doc OK
The spec file must be written in American English. OK
The spec file for the package MUST be legible. OK
The sources used to build the package must match the upstream source, as
provided in the spec URL OK
The package MUST successfully compile and build into binary rpms on at least
one primary architecture OK
f the package does not successfully compile, build or work on an architecture,
then those architectures should be listed in the spec in ExcludeArch. Each
architecture listed in ExcludeArch MUST have a bug filed in bugzilla,
describing the reason that the package does not compile/build/work on that
architecture. The bug number MUST be placed in a comment, next to the
corresponding ExcludeArch line. N/A
All build dependencies must be listed in BuildRequires, except for any that are
listed in the exceptions section of the Packaging Guidelines  OK
The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden OK
Every binary RPM package (or subpackage) which stores shared library files (not
just symlinks) in any of the dynamic linker's default paths, must call ldconfig
in %post and %postun N/A
Packages must NOT bundle copies of system libraries OK
If the package is designed to be relocatable, the packager must state this fact
in the request for review, along with the rationalization for relocation of
that specific package. Without this, use of Prefix: /usr is considered a
blocker N/A
 A package must own all directories that it creates. If it does not create a
directory that it uses, OK
A Fedora package must not list a file more than once in the spec file's %files
listings. OK
Permissions on files must be set properly. Executables should be set with
executable permissions, OK
Each package must consistently use macros. OK
The package must contain code, or permissable content. OK
Large documentation files must go in a -doc subpackage N/A
If a package includes something as %doc, it must not affect the runtime of the
application. To summarize: If it is in %doc, the program must run properly if
it is not present. OK
Header files must be in a -devel package N/A
Static libraries must be in a -static package N/A
If a package contains library files with a suffix (e.g. libfoo.so.1.1), then
library files that end in .so (without suffix) must go in a -devel package N/A
In the vast majority of cases, devel packages must require the base package
using a fully versioned dependency N/A
Packages must NOT contain any .la libtool archives, these must be removed in
the spec if they are built OK
Packages containing GUI applications must include a %{name}.desktop file, and
that file must be properly installed with desktop-file-install in the %install
section N/A
Packages must not own files or directories already owned by other packages. OK
All filenames in rpm packages must be valid UTF-8 OK
If the source package does not include license text(s) as a separate file from
upstream, the packager SHOULD query upstream to include it. N/A
The description and summary sections in the package spec file should contain
translations for supported Non-English languages, if available N/A
The reviewer should test that the package builds in mock OK
The package should compile and build into binary rpms on all supported
architectures. OK
The reviewer should test that the package functions as described OK
If scriptlets are used, those scriptlets must be sane N/A
Usually, subpackages other than devel should require the base package using a
fully versioned dependency N/A
The placement of pkgconfig(.pc) files depends on their usecase, and this is
usually for development purposes, so should be placed in a -devel pkg N/A
If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or
/usr/sbin consider requiring the package which provides the file instead of the
file itself. N/A
your package should contain man pages for binaries/scripts. If it doesn't, work
with upstream to add them where they make sense   NOT OK

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list