[Bug 707199] Review Request: openstack-nova - OpenStack Compute (nova)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=707199

--- Comment #16 from Matt Domsch <matt_domsch@xxxxxxxx> 2011-08-28 22:51:31 EDT ---
Formal review:

* rpmlint appended at bottom
* naming: OK
* spec file name matches: OK
* Packaging Guidelines: OK
* Licensed: OK (ASL 2.0)
* License tag: OK
* License included: OK
* Spec in English: OK
* Source matches: OK (manually downloaded)
* Builds on at least one arch: OK (built for noarch on on x86_64)
* ExcludeArch: unneeded, as it's noarch: OK
* BRs ok: Built in Koji. OK.
  Failed to build in koji against dist-rawhide due to sphinx segfault.
http://koji.fedoraproject.org/koji/getfile?taskID=3307949&name=build.log
  Successfully built in koji against dist-f14
http://koji.fedoraproject.org/koji/taskinfo?taskID=3307950

* spec locales: N/A. OK.
* ldconfig: N/A. OK.
* no system libs: OK
* relocateable: N/A.  OK.
* own directories: needs to add Requires: logrotate polkit
* no duplicate files: OK
* file permissions: mostly OK.  Oddness, may be explained away though...
/etc/nova/* owned by root:nova, but not writeable by group.
-rw-r--r--    1 root    nova                     4101 Aug 28 20:43
/etc/nova/api-paste.ini
-rw-r-----    1 root    nova                      453 Aug 26 14:39
/etc/nova/nova.conf

/var/lib/nova and subdirs owned by nova:nobody.
drwxr-xr-x    2 nova    nobody                      0 Aug 28 20:44
/var/lib/nova

* consistent use of macros: OK
* code or content: OK
* large docs in subpackage: OK
* nothing in %doc critical: OK
* headers in -devel: N/A. OK
* static libs in -static: N/A. OK
* libs in -devel: N/A. OK
* -devel requires base: N/A. OK
* no libtool archives: OK
* GUI with .desktop: N/A. OK
* directory ownership: see above for logrotate and polkit
* filenames UTF-8: OK

SHOULDs:
* source has license: OK
* Translations in spec: N/A. OK
* builds in mock: OK on F14 x86_64.  Didn't try other arches.  koji build fails
in rawhide (see above).
* build into binary arches: OK (via koji)
* test the package: not done.
* scriptlets must be sane: mostly OK.  The only real problem is in the creation
of the CA Cert in %post, which cannot happen in %post and must be moved to an
initscript.  The author notes this is problematic too, but you cannot assume
that at %post time the kernel has enough entropy to be able to generate
cryptographically secure keys.  At least as an initscript there's a chance for
interaction to ensure sufficient entropy.
* require base package fully versioned: N/A. OK
* pkgconfig files: N/A. OK
* require package not file: N/A OK
* manpages: none provided by upstream.  Boo.


rpmlint:
$ rpmlint SPECS/openstack-nova.spec
SRPMS/openstack-nova-2011.3-0.3.d4.fc14.src.rpm RPMS/noarch/*
SPECS/openstack-nova.spec:365: W: macro-in-%changelog %config
openstack-nova.src: W: spelling-error %description -l en_US hypervisor -> hyper
visor, hyper-visor, supervisory
openstack-nova.src: W: spelling-error %description -l en_US hypervisors ->
hyper visors, hyper-visors, supervisors
openstack-nova.src:365: W: macro-in-%changelog %config
openstack-nova.noarch: W: spelling-error %description -l en_US hypervisor ->
hyper visor, hyper-visor, supervisory
openstack-nova.noarch: W: spelling-error %description -l en_US hypervisors ->
hyper visors, hyper-visors, supervisors
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf nova
openstack-nova.noarch: W: non-standard-uid /var/run/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl.pem nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private/cakey.pem
nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genvpn.sh nova
openstack-nova.noarch: W: non-standard-gid /etc/nova/nova.conf nova
openstack-nova.noarch: E: non-readable /etc/nova/nova.conf 0640L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/crl nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/buckets nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/serial nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/certs nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/reqs nova
openstack-nova.noarch: W: non-standard-gid /etc/nova/api-paste.ini nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/newcerts nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/images nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/instances nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/private nova
openstack-nova.noarch: E: non-standard-dir-perm /var/lib/nova/CA/private 0750L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/openssl.cnf.tmpl
nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/index.txt nova
openstack-nova.noarch: W: non-standard-uid /var/log/nova nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/tmp nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/geninter.sh nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/cacert.pem nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/networks nova
openstack-nova.noarch: E: non-readable /etc/sudoers.d/nova 0440L
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/projects nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/keys nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/CA/genrootca.sh nova
openstack-nova.noarch: W: non-standard-uid /var/lib/nova/nova.sqlite nova
openstack-nova.noarch: W: no-manual-page-for-binary nova-clear-rabbit-queues
openstack-nova.noarch: W: no-manual-page-for-binary nova-dhcpbridge
openstack-nova.noarch: W: no-manual-page-for-binary nova-manage
openstack-nova.noarch: W: no-manual-page-for-binary nova-console
openstack-nova.noarch: W: no-manual-page-for-binary nova-compute
openstack-nova.noarch: W: no-manual-page-for-binary nova-api
openstack-nova.noarch: W: no-manual-page-for-binary nova-volume
openstack-nova.noarch: W: no-manual-page-for-binary nova-logspool
openstack-nova.noarch: W: no-manual-page-for-binary nova-network
openstack-nova.noarch: W: no-manual-page-for-binary nova-spoolsentry
openstack-nova.noarch: W: no-manual-page-for-binary nova-vncproxy
openstack-nova.noarch: W: no-manual-page-for-binary nova-api-ec2
openstack-nova.noarch: W: no-manual-page-for-binary nova-debug
openstack-nova.noarch: W: no-manual-page-for-binary nova-api-os
openstack-nova.noarch: W: no-manual-page-for-binary nova-direct-api
openstack-nova.noarch: W: no-manual-page-for-binary nova-ajax-console-proxy
openstack-nova.noarch: W: no-manual-page-for-binary nova-stack
openstack-nova.noarch: W: no-manual-page-for-binary nova-scheduler
openstack-nova.noarch: W: no-manual-page-for-binary nova-objectstore
openstack-nova.noarch: W: no-manual-page-for-binary nova-instance-usage-audit
openstack-nova.noarch: W: dangerous-command-in-%post chmod
openstack-nova-doc.noarch: W: wrong-file-end-of-line-encoding
/usr/share/doc/openstack-nova-doc-2011.3/html/_sources/vmwareapi_readme.txt
4 packages and 1 specfiles checked; 3 errors, 57 warnings.

nothing hugely incorrect here, these warnings and errors can be ignored.

Thanks for getting a static uid/gid assignment.

with minor fixes noted above, happy to approve thereafter.

Thanks,
Matt

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review


[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]