[Bug 689056] Review Request: lmd - Linux Malware Detecter

bugzilla at redhat.com bugzilla at redhat.com
Thu Aug 4 15:42:00 UTC 2011 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=689056

--- Comment #3 from Mark McKinstry <mmckinst at nexcess.net> 2011-08-04 11:41:58 EDT ---
Sergio,

Thank you for the review.

> 1 - Firstly, please add a line between each new entry of changelog, I mean:

Done.

> 2 - Why is included a tmp file in datadir...?

I'll make a request to the author to make the location of tmp tunable.

> 3 - What's wrong with md5sum? (See below) It's not a minor issue in a software that pretends to detect malware!

Thank you for finding this. The tarball is continually updated with new
signatures of malware which is why the md5sum differs. I've included a comment
in the spec file on how to delete the signatures and verify the integrity of
the rest of the tarball.



Martin,

> - "lmd" seems to be the abbreviation of the project name. However, upstream 
>    uses "maldetect" for the tarball and all related files/folders. Therefore, 
>    I personally would tend to name the package "maldetect" as well.


I agreee. The package name is now maldetect.

> - You should drop Requires: perl as this dependency is detected automatically.

Done.

> - Please use plain rm, cp, and sed instead of the corresponding macros. See 
>   also: http://fedoraproject.org/wiki/Packaging/Guidelines#Macros

Done

> - The package currently doesn't own the folders %{_datadir}/maldetect, 
>   %{_var}/lib/maldetect, and %{_libexecdir}/maldetect but only their contents. 
>   Just remove the asterisks in the %file section to get it right.

Fixed.


spec: http://mmckinst.fedorapeople.org/packages/maldetect/maldetect.spec
SRPM:
http://mmckinst.fedorapeople.org/packages/maldetect/maldetect-1.4.0-1.fc14.src.rpm
scratch: http://koji.fedoraproject.org/koji/taskinfo?taskID=3252300

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list