[Bug 737735] Review Request: google-authenticator - One-time passcode support using open standards
bugzilla at redhat.com
bugzilla at redhat.com
Sun Sep 18 19:58:52 UTC 2011
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=737735
--- Comment #2 from Kevin Fenzi <kevin at scrye.com> 2011-09-18 15:58:51 EDT ---
OK - Package meets naming and packaging guidelines
OK - Spec file matches base package name.
OK - Spec has consistant macro usage.
OK - Meets Packaging Guidelines.
See below - License
OK - License field in spec matches
See below - License file included in package
OK - Spec in American English
OK - Spec is legible.
OK - Sources match upstream md5sum:
OK - BuildRequires correct
OK - Package has %defattr and permissions on files is good.
OK - Package has a correct %clean section.
OK - Package has correct buildroot
OK - Package is code or permissible content.
OK - Packages %doc files don't affect runtime.
OK - Package has rm -rf RPM_BUILD_ROOT at top of %install
OK - Package compiles and builds on at least one arch.
OK - Package has no duplicate files in %files.
See below - Package doesn't own any directories other packages own.
OK - Package owns all the directories it creates.
OK - Package obey's FHS standard (except for 2 exceptions)
See below - No rpmlint output.
See below - final provides and requires are sane.
SHOULD Items:
OK - Should build in mock.
OK - Should build on all supported archs
OK - Should function as described.
OK - Should have dist tag
OK - Should package latest version
OK - Should not use file requires outside of /etc, /bin, /sbin, /usr/bin, or
/usr/sbin
Issues:
1. You might re-word the summary some to note that this package is the pam
module and
command line tool, not any of the mobile applications? Also, is it worth
excluding the
mobile apps source from the checkout since it's not ever used?
2. Might ask upstream to ship a copy of the ASL with the project.
3. Can you please add a spec comment on how to generate the Source0?
http://fedoraproject.org/wiki/Packaging:SourceURL#Using_Revision_Control
4. rpmlint says:
google-authenticator.src: W: spelling-error Summary(en_US) passcode -> pass
code, pass-code, postcode
google-authenticator.src: W: spelling-error %description -l en_US passcode ->
pass code, pass-code, postcode
google-authenticator.src: W: spelling-error %description -l en_US pluggable ->
plug gable, plug-gable, plugged
google-authenticator.src: W: spelling-error %description -l en_US passcodes ->
pass codes, pass-codes, compasses
google-authenticator.src: W: invalid-url Source0:
google-authenticator-0.20110830.hgd525a9bab875.tar.gz
google-authenticator.x86_64: W: spelling-error Summary(en_US) passcode -> pass
code, pass-code, postcode
google-authenticator.x86_64: W: spelling-error %description -l en_US passcode
-> pass code, pass-code, postcode
google-authenticator.x86_64: W: spelling-error %description -l en_US pluggable
-> plug gable, plug-gable, plugged
google-authenticator.x86_64: W: spelling-error %description -l en_US passcodes
-> pass codes, pass-codes, compasses
google-authenticator.x86_64: W: no-manual-page-for-binary google-authenticator
3 packages and 0 specfiles checked; 0 errors, 10 warnings.
All are bogus. A man page would be nice, but clearly not a blocker.
5. You shouldn't own
/%{_lib}/security
as thats owned by pam.
6. you should Require pam? I guess it dlopens, but for the above directory, and
just to be usable? ;)
7. Worth running pam_google_authenticator_unittest in %check?
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list