[Bug 796462] Review Request: rampartc - Security module for Apache Axis2/C

bugzilla at redhat.com bugzilla at redhat.com
Mon Mar 19 15:35:31 UTC 2012 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=796462

--- Comment #2 from Andy Grimm <agrimm at gmail.com> 2012-03-19 11:35:28 EDT ---
Key: + = OK, - = N/A, ! = Problem

 + rpmlint output:
rampartc.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/axis2c/modules/rahas/libmod_rahas.so
rampartc.x86_64: W: devel-file-in-non-devel-package
/usr/lib64/axis2c/modules/rampart/libmod_rampart.so
rampartc-devel.x86_64: W: no-documentation
5 packages and 0 specfiles checked; 0 errors, 3 warnings.

rampartc-devel depends on rampartc, which includes a license and other docs, so
the no-documentation warning is fine.

the devel-file-in-non-devel-package errors are due to the same issue noted in
BZ 735225 with respect to axis2c's plugin loading.

 + Package meets naming guidelines
 + Spec file name matches base package name
 + License is acceptable (ASL 2.0)
 + License field in spec is correct
 + License files included in package %docs or not included in upstream source
 + License files installed when any subpackage combination is installed
 + Spec written in American English
 + Spec is legible
 + Sources match upstream unless altered to fix permissibility issues
   Upstream MD5:  3420fd8cdd4c70e6f18c27c94ba86384
   Your MD5:      3420fd8cdd4c70e6f18c27c94ba86384
 + Build succeeds on all supported platforms or has ExcludeArch + bugs filed
 + BuildRequires correct
 - Package handles locales with %find_lang
 + %post, %postun call ldconfig if package contains shared .so files
 + No bundled system libs
 - Relocatability is justified
 ! Package owns all directories it creates
 ! Package requires other packages for directories it uses but does not own
 + No duplicate files in %files unless necessary for license files
 + File permissions are sane
 + Consistent use of macros
 + Sources contain only permissible code or content
 + Large documentation files go in -doc package
 + Missing %doc files do not affect runtime
 + Headers go in -devel package
 - Static libs go in -static package
 + Unversioned .so files go in -devel package

Note: As mentioned earlier, exception is being made for webserver modules

 + Devel packages require base with fully-versioned dependency
 + Package contains no .la files
 - GUI app uses desktop-file-install/desktop-file-validate for .desktop files
 + Package's files and directories don't conflict with others' or justified
 + File names are valid UTF-8

Optional review guidelines:
 + Builds in mock
 + Builds on all supported platforms
 + Functions as described
 + Scriptlets are sane
 + Non-devel subpackage Requires are sane
 + No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin

Packaging guidelines:
 + Has dist tag
 + Useful without external bits
 + Package obeys FHS, except libexecdir, /usr/target, /run
 + No file in /bin, /sbin, /lib* on >= F17
 - Programs launched before FS mounting use /run instead of /var/run
 - Binaries in /bin, /sbin do not depend on files in /usr on < F17
 + Changelog in prescribed format
 + Spec file lacks Packager, Vendor, PreReq tags
 + Correct BuildRoot tag on < F10/EL6
 + Correct %clean section on < F13/EL6
 + Requires correct, justified where necessary
 + Summary, description do not use trademarks incorrectly
 + All relevant documentation is packaged, tagged appropriately
 + Documentation files do not have executable permissions
 + %build honors applicable compiler flags or justifies otherwise
 - Package with .pc files Requires pkgconfig on < EL6
 + Useful -debuginfo package or disabled and justified
 + No static executables
 + Rpath absent or only used for internal libs
 - Config files marked with %config
 - %config files marked noreplace or justified
 + No %config files under /usr
 - Systemd units/init scripts are sane
 + Spec uses macros instead of hard-coded directory names where appropriate
 + Spec uses macros for executables only when configurability is needed
 + %makeinstall used only when ``make install DESTDIR=...'' doesn't work
 + Macros in Summary, %description expandable at SRPM build time
 - Spec uses %{SOURCE#} instead of $RPM_SOURCE_DIR or %{sourcedir}
 - %global instead of %define where appropriate
 - Package containing translations BuildRequires gettext
 + File timestamps preserved by file ops
 + Parallel make
 + Spec does not use Requires(pre,post) notation
 - User, group creation handled correctly (See Packaging:UsersAndGroups)
 - Web app files go in /usr/share/%{name}, not /var/www
 - Conflicts are justified
 + No external kernel modules
 + No files in /srv, /opt, /usr/local
 + One project per package
 + Patches link to upstream bugs/comments/lists or are otherwise justified
 - Packages needing dirs in /var/run or /var/lock use tmpfiles.d on >= F15


=== ISSUES ===

1. The doc package owns /usr/share/rampartc/docs, but nothing owns
/usr/share/rampartc 
2. The rampartc package must Require axis2c for %{axis2c_home}/modules/

Please fix these and I will approve this package.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the package-review mailing list