[Bug 711899] Review Request: opendnssec - DNSSEC key and zone management software
bugzilla at redhat.com
bugzilla at redhat.com
Thu Oct 6 03:41:21 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=711899
--- Comment #2 from Paul Wouters <paul at xelerance.com> 2011-10-05 23:41:20 EDT ---
Note rubygems-dnsruby past review and should be available shortly. I've added
softhsm as a dependancy, as the majority of users will not have a hardware HSM.
And for hardware HSM you need opencryptoki. So I opted to make both packages a
dependancy.
softhsm has not yet been reviewed:
https://bugzilla.redhat.com/show_bug.cgi?id=711895
Spec URL: ftp://ftp.xelerance.com/opendnssec/opendnssec.spec
SRPM URL:
ftp://ftp.xelerance.com/opendnssec/opendnssec-1.3.2-1.fc14.src.rpm
Upgraded to 1.3.2
rpmlint output:
[paul at bofh fedora]$ rpmlint /home/paul/SRPMS/opendnssec-1.3.2-1.fc14.src.rpm
/home/paul/RPMS/x86_64/opendnssec-1.3.2-1.fc14.x86_64.rpm
/home/paul/RPMS/x86_64/opendnssec-debuginfo-1.3.2-1.fc14.x86_64.rpm
opendnssec.src: W: spelling-error %description -l en_US crypto -> crypt,
crypts, crypt o
opendnssec.src: W: spelling-error %description -l en_US softhsm -> softhearted,
softness, softwood
opendnssec.x86_64: W: spelling-error %description -l en_US crypto -> crypt,
crypts, crypt o
opendnssec.x86_64: W: spelling-error %description -l en_US softhsm ->
softhearted, softness, softwood
opendnssec.x86_64: W: only-non-binary-in-usr-lib
opendnssec.x86_64: E: non-readable /etc/opendnssec/zonelist.xml 0600L
opendnssec.x86_64: E: non-readable /etc/opendnssec/conf.xml 0600L
opendnssec.x86_64: E: non-readable /etc/opendnssec/zonefetch.xml 0600L
opendnssec.x86_64: E: non-readable /etc/opendnssec/kasp.xml 0600L
opendnssec.x86_64: W: no-manual-page-for-binary ods-kasp2html
3 packages and 0 specfiles checked; 4 errors, 6 warnings.
The only-non-binary-in-usr-lib is a little strange, as opendnssec installs ruby
scripts there. They do not use a she-bang, so they are not executable. But I
guess they are "binaries" in a sense.
The xml files are only readable by root because they can contain pins,
passwords and private keys.
The usage of /usr/bin/ods-kasp2html is indeed weird. I'll double check with
upstream if we should install it or not, as all my attempts at using it is
failing:
[paul at bofh opendnssec-1.3.2]$ ods-kasp2html
usage: /usr/bin/ods-kasp2html [kasp.xml]
[paul at bofh opendnssec-1.3.2]$ sudo ods-kasp2html /etc/opendnssec/kaps.xml
usage: /usr/bin/ods-kasp2html [kasp.xml]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list