[Bug 689056] Review Request: lmd - Linux Malware Detecter
bugzilla at redhat.com
bugzilla at redhat.com
Thu Aug 4 15:42:00 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=689056
--- Comment #3 from Mark McKinstry <mmckinst at nexcess.net> 2011-08-04 11:41:58 EDT ---
Sergio,
Thank you for the review.
> 1 - Firstly, please add a line between each new entry of changelog, I mean:
Done.
> 2 - Why is included a tmp file in datadir...?
I'll make a request to the author to make the location of tmp tunable.
> 3 - What's wrong with md5sum? (See below) It's not a minor issue in a software that pretends to detect malware!
Thank you for finding this. The tarball is continually updated with new
signatures of malware which is why the md5sum differs. I've included a comment
in the spec file on how to delete the signatures and verify the integrity of
the rest of the tarball.
Martin,
> - "lmd" seems to be the abbreviation of the project name. However, upstream
> uses "maldetect" for the tarball and all related files/folders. Therefore,
> I personally would tend to name the package "maldetect" as well.
I agreee. The package name is now maldetect.
> - You should drop Requires: perl as this dependency is detected automatically.
Done.
> - Please use plain rm, cp, and sed instead of the corresponding macros. See
> also: http://fedoraproject.org/wiki/Packaging/Guidelines#Macros
Done
> - The package currently doesn't own the folders %{_datadir}/maldetect,
> %{_var}/lib/maldetect, and %{_libexecdir}/maldetect but only their contents.
> Just remove the asterisks in the %file section to get it right.
Fixed.
spec: http://mmckinst.fedorapeople.org/packages/maldetect/maldetect.spec
SRPM:
http://mmckinst.fedorapeople.org/packages/maldetect/maldetect-1.4.0-1.fc14.src.rpm
scratch: http://koji.fedoraproject.org/koji/taskinfo?taskID=3252300
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list