Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: Review Request: openCryptoki - Implementation of the PKCS#11 (Cryptoki) specification v2.11 https://bugzilla.redhat.com/show_bug.cgi?id=512954 Summary: Review Request: openCryptoki - Implementation of the PKCS#11 (Cryptoki) specification v2.11 Product: Fedora Version: rawhide Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: Package Review AssignedTo: nobody@xxxxxxxxxxxxxxxxx ReportedBy: mschmidt@xxxxxxxxxx QAContact: extras-qa@xxxxxxxxxxxxxxxxx CC: notting@xxxxxxxxxx, fedora-package-review@xxxxxxxxxx Estimated Hours: 0.0 Classification: Fedora Target Release: --- Spec URL: http://michich.fedorapeople.org/openCryptoki/openCryptoki.spec SRPM URL: http://michich.fedorapeople.org/openCryptoki/openCryptoki-2.2.8-2.fc11.src.rpm Description: openCryptoki implements the PKCS#11 specification v2.11. It includes support for cryptographic hardware such as the Trusted Platform Module (TPM) as well as a software token for testing. Scratch build in Koji: http://koji.fedoraproject.org/koji/taskinfo?taskID=1489377 rpmlint output: openCryptoki.src: W: strange-permission pkcs_slot.sh 0755 openCryptoki.src: W: strange-permission pkcs11_startup.sh 0755 -- 0755 is reasonable permission for executable scripts. openCryptoki-devel.x86_64: W: no-documentation -- True, but I don't think it's necessary to include the PKCS#11 specification in the package. openCryptoki.x86_64: W: devel-file-in-non-devel-package /usr/lib64/opencryptoki/stdll/libpkcs11_sw.so openCryptoki.x86_64: W: devel-file-in-non-devel-package /usr/lib64/opencryptoki/libopencryptoki.so openCryptoki.x86_64: W: devel-file-in-non-devel-package /usr/lib64/opencryptoki/stdll/libpkcs11_tpm.so -- The *.so files are needed for openCryptoki to work as expected. The pkcs11_startup script must find /usr/lib64/opencryptoki/stdll/*.so , otherwise the daemon won't run. And the documentation suggests that applications should dlopen PKCS11_API.so (which is a symlink to libopencryptoki.so). openCryptoki.x86_64: W: non-standard-gid /var/lib/opencryptoki pkcs11 openCryptoki.x86_64: E: non-standard-dir-perm /var/lib/opencryptoki 0770 -- /var/lib/opencryptoki is owned by root:pkcs11. The pkcs11 group is created in %pre scriptlet. openCryptoki.x86_64: W: dangling-relative-symlink /usr/lib64/opencryptoki/methods ../../sbin openCryptoki.x86_64: W: dangling-relative-symlink /usr/lib64/pkcs11/methods ../../sbin -- The symlinks point to /usr/sbin, which is always present (owned by the "filesystem" package). openCryptoki.x86_64: W: non-conffile-in-etc /etc/ld.so.conf.d/opencryptoki-x86_64.conf openCryptoki.x86_64: W: incoherent-init-script-name pkcsslotd ('opencryptoki', 'opencryptokid') -- This is intentional, pkcsslotd is the name of the daemon. There was a review request for openCryptoki some time ago, but it was abandoned (bug 426152). BTW, openCryptoki can provide access to interesting cryptographic hardware on s390, but it's not what I'm focusing on for now. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review