Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=226352 --- Comment #5 from Vojtech Vitek <vvitek@xxxxxxxxxx> 2010-10-07 06:47:53 EDT --- Sources used when checking: $ git log | head -n 7 commit bf8ff1430a11c72162ab5d9d0e8e3967915470a7 Author: Jiri Skala <jskala@xxxxxxxxxxxxxxxxxxxxx> Date: Tue Aug 31 17:22:38 2010 +0200 * Tue Aug 31 2010 Jiri Skala <jskala@xxxxxxxxxx> - 0.99.17-1 - update to latest upstream - fixes #628981 - CVE-2010-2948 and CVE-2010-2949 $ md5sum quagga.spec 75e2780c6fa1f062edc10c91ca45604e quagga.spec Legend: + = PASSED, - = FAILED, 0 = Not Applicable + MUST: rpmlint must be run on every package. The output should be posted in the review $ rpmlint -v quagga.spec quagga.spec:242: W: macro-in-comment %if quagga.spec:242: W: macro-in-comment %with_ipv6 quagga.spec:244: W: macro-in-comment %endif quagga.spec:247: W: macro-in-comment %if quagga.spec:247: W: macro-in-comment %with_ipv6 quagga.spec:249: W: macro-in-comment %endif quagga.spec:250: W: macro-in-comment %if quagga.spec:250: W: macro-in-comment %with_ospfapi quagga.spec:252: W: macro-in-comment %endif Could be ignored, but I would propose to delete those commented lines completely. For example: #zebra_spec_add_service ospfapi 2607/tcp "OSPF-API" is imho out-of-date, as /etc/services lists connection 2607/tcp # Dell Connection instead. quagga.spec:2: W: mixed-use-of-spaces-and-tabs (spaces: line 2, tab: line 2) Ignored. (The space-tabs mess is everywhere, not just on this line.) quagga.spec: I: checking-url http://www.quagga.net/download/quagga-0.99.17.tar.gz (timeout 10 seconds) 0 packages and 1 specfiles checked; 0 errors, 10 warnings. $ rpmlint quagga-0.99.17-1.fc15.src.rpm quagga.src: W: spelling-error %description -l en_US multi -> mulch, mufti quagga.src: W: strange-permission quagga-filter-perl-requires.sh 0755L quagga.src:242: W: macro-in-comment %if quagga.src:242: W: macro-in-comment %with_ipv6 quagga.src:244: W: macro-in-comment %endif quagga.src:247: W: macro-in-comment %if quagga.src:247: W: macro-in-comment %with_ipv6 quagga.src:249: W: macro-in-comment %endif quagga.src:250: W: macro-in-comment %if quagga.src:250: W: macro-in-comment %with_ospfapi quagga.src:252: W: macro-in-comment %endif quagga.src:2: W: mixed-use-of-spaces-and-tabs (spaces: line 2, tab: line 2) 1 packages and 0 specfiles checked; 0 errors, 12 warnings. Ignored. + MUST: package named according to the Package Naming Guidelines + MUST: The spec file name must match the base package %{name} + MUST: The package must meet the Packaging Guidelines . + MUST: The package licensed with a Fedora approved license and meets the Licensing Guidelines + MUST: The License field in the package spec file matches the actual license + MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc. + MUST: The spec file must be written in American English. + MUST: The spec file for the package MUST be legible. + MUST: The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task >From sources: $ cat sources 37b9022adca04b03863d2d79787e643f quagga-0.99.17.tar.gz >From upstream: $ md5sum quagga-0.99.17.tar.gz 37b9022adca04b03863d2d79787e643f quagga-0.99.17.tar.gz = MATCHES + MUST: The package successfully compiles and builds into binary rpms on at least one primary architecture - tested on x86_64, no problems 0 MUST: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch + MUST: All build dependencies must be listed in BuildRequires, except for any that are listed in the exceptions section of the Packaging Guidelines 0 MUST: The spec file handles locales properly. This is done by using the %find_lang macro 0 MUST: Every binary RPM package (or subpackage) which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. %define _libdir %{_exec_prefix}/%{_lib}/quagga %files %{_libdir}/*.so.* It's not in linker's default paths, so I believe there is no need to run ldconfig. 0 MUST: Packages must NOT bundle copies of system libraries + MUST: If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker + MUST: Package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory + MUST: Package must not list a file more than once in the spec file's %files listings + MUST: Permissions on files must be set properly. Every %files section must include a %defattr(...) line. + MUST: Each package must have a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT). + MUST: Each package must consistently use macros + MUST: The package must contain code, or permissable content + MUST: Large documentation files must go in a -doc subpackage + MUST: If a package includes something as %doc, it must not affect the runtime of the application + MUST: Header files must be in a -devel package 0 MUST: Static libraries must be in a -static package 0 MUST: Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' + MUST: If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package + MUST: devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release} + MUST: Packages must NOT contain any .la libtool archives, these must be removed in the spec if they are built 0 MUST: Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section + MUST: Packages must not own files or directories already owned by other packages + MUST: At the beginning of %install, each package MUST run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) + MUST: All filenames in rpm packages must be valid UTF-8 All MUST things passed. I need just one clarification before I'll set review+ : qugga.spec:226: # /etc/services is already populated, so skip this So there is /etc/services dependency, shouldn't we set Requires to setup package as well? $ rpmquery --whatprovides /etc/services setup-2.8.20-1.fc13.noarch -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review