Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=707199 --- Comment #16 from Matt Domsch <matt_domsch@xxxxxxxx> 2011-08-28 22:51:31 EDT --- Formal review: * rpmlint appended at bottom * naming: OK * spec file name matches: OK * Packaging Guidelines: OK * Licensed: OK (ASL 2.0) * License tag: OK * License included: OK * Spec in English: OK * Source matches: OK (manually downloaded) * Builds on at least one arch: OK (built for noarch on on x86_64) * ExcludeArch: unneeded, as it's noarch: OK * BRs ok: Built in Koji. OK. Failed to build in koji against dist-rawhide due to sphinx segfault. http://koji.fedoraproject.org/koji/getfile?taskID=3307949&name=build.log Successfully built in koji against dist-f14 http://koji.fedoraproject.org/koji/taskinfo?taskID=3307950 * spec locales: N/A. OK. * ldconfig: N/A. OK. * no system libs: OK * relocateable: N/A. OK. * own directories: needs to add Requires: logrotate polkit * no duplicate files: OK * file permissions: mostly OK. Oddness, may be explained away though... /etc/nova/* owned by root:nova, but not writeable by group. -rw-r--r-- 1 root nova 4101 Aug 28 20:43 /etc/nova/api-paste.ini -rw-r----- 1 root nova 453 Aug 26 14:39 /etc/nova/nova.conf /var/lib/nova and subdirs owned by nova:nobody. drwxr-xr-x 2 nova nobody 0 Aug 28 20:44 /var/lib/nova * consistent use of macros: OK * code or content: OK * large docs in subpackage: OK * nothing in %doc critical: OK * headers in -devel: N/A. OK * static libs in -static: N/A. OK * libs in -devel: N/A. OK * -devel requires base: N/A. OK * no libtool archives: OK * GUI with .desktop: N/A. OK * directory ownership: see above for logrotate and polkit * filenames UTF-8: OK SHOULDs: * source has license: OK * Translations in spec: N/A. OK * builds in mock: OK on F14 x86_64. Didn't try other arches. koji build fails in rawhide (see above). * build into binary arches: OK (via koji) * test the package: not done. * scriptlets must be sane: mostly OK. The only real problem is in the creation of the CA Cert in %post, which cannot happen in %post and must be moved to an initscript. The author notes this is problematic too, but you cannot assume that at %post time the kernel has enough entropy to be able to generate cryptographically secure keys. At least as an initscript there's a chance for interaction to ensure sufficient entropy. * require base package fully versioned: N/A. OK * pkgconfig files: N/A. OK * require package not file: N/A OK * manpages: none provided by upstream. Boo. rpmlint: $ rpmlint SPECS/openstack-nova.spec SRPMS/openstack-nova-2011.3-0.3.d4.fc14.src.rpm RPMS/noarch/* SPECS/openstack-nova.spec:365: W: macro-in-%changelog %config openstack-nova.src: W: spelling-error %description -l en_US hypervisor -> hyper visor, hyper-visor, supervisory openstack-nova.src: W: spelling-error %description -l en_US hypervisors -> hyper visors, hyper-visors, supervisors openstack-nova.src:365: W: macro-in-%changelog %config openstack-nova.noarch: W: spelling-error %description -l en_US hypervisor -> hyper visor, hyper-visor, supervisory openstack-nova.noarch: W: spelling-error %description -l en_US hypervisors -> hyper visors, hyper-visors, supervisors openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf nova openstack-nova.noarch: W: non-standard-uid /var/run/nova nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl.pem nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private/cakey.pem nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genvpn.sh nova openstack-nova.noarch: W: non-standard-gid /etc/nova/nova.conf nova openstack-nova.noarch: E: non-readable /etc/nova/nova.conf 0640L openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/buckets nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/serial nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/certs nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/reqs nova openstack-nova.noarch: W: non-standard-gid /etc/nova/api-paste.ini nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/newcerts nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/images nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/instances nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private nova openstack-nova.noarch: E: non-standard-dir-perm /var/lib/nova/CA/private 0750L openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf.tmpl nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/index.txt nova openstack-nova.noarch: W: non-standard-uid /var/log/nova nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/tmp nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/geninter.sh nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/cacert.pem nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/networks nova openstack-nova.noarch: E: non-readable /etc/sudoers.d/nova 0440L openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/projects nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/keys nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genrootca.sh nova openstack-nova.noarch: W: non-standard-uid /var/lib/nova/nova.sqlite nova openstack-nova.noarch: W: no-manual-page-for-binary nova-clear-rabbit-queues openstack-nova.noarch: W: no-manual-page-for-binary nova-dhcpbridge openstack-nova.noarch: W: no-manual-page-for-binary nova-manage openstack-nova.noarch: W: no-manual-page-for-binary nova-console openstack-nova.noarch: W: no-manual-page-for-binary nova-compute openstack-nova.noarch: W: no-manual-page-for-binary nova-api openstack-nova.noarch: W: no-manual-page-for-binary nova-volume openstack-nova.noarch: W: no-manual-page-for-binary nova-logspool openstack-nova.noarch: W: no-manual-page-for-binary nova-network openstack-nova.noarch: W: no-manual-page-for-binary nova-spoolsentry openstack-nova.noarch: W: no-manual-page-for-binary nova-vncproxy openstack-nova.noarch: W: no-manual-page-for-binary nova-api-ec2 openstack-nova.noarch: W: no-manual-page-for-binary nova-debug openstack-nova.noarch: W: no-manual-page-for-binary nova-api-os openstack-nova.noarch: W: no-manual-page-for-binary nova-direct-api openstack-nova.noarch: W: no-manual-page-for-binary nova-ajax-console-proxy openstack-nova.noarch: W: no-manual-page-for-binary nova-stack openstack-nova.noarch: W: no-manual-page-for-binary nova-scheduler openstack-nova.noarch: W: no-manual-page-for-binary nova-objectstore openstack-nova.noarch: W: no-manual-page-for-binary nova-instance-usage-audit openstack-nova.noarch: W: dangerous-command-in-%post chmod openstack-nova-doc.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/openstack-nova-doc-2011.3/html/_sources/vmwareapi_readme.txt 4 packages and 1 specfiles checked; 3 errors, 57 warnings. nothing hugely incorrect here, these warnings and errors can be ignored. Thanks for getting a static uid/gid assignment. with minor fixes noted above, happy to approve thereafter. Thanks, Matt -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review