Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=767985 --- Comment #11 from Michael Schwendt <mschwendt@xxxxxxxxx> 2012-05-10 08:34:27 EDT --- So, here are a couple of findings not limited to the items on the ReviewGuidelines page. This thing is non-trivial to review, but I had expected that. [...] * The debian/NEWS file mentions a "man2html-base" package instead of "man2html-core". Indeed, the Debian packages search lists it as "man2html-base". That suggests following https://fedoraproject.org/wiki/Packaging:NamingGuidelines#General_Naming * Licensing, minor issues: Files man2html/man2html.c and debian/sources/man2html.cgi.c do not explicitly refer to GPL, just: > Permission is granted to distribute, modify and use this program > as long as this comment is not removed or changed. The utils.c file only mentions "GPL". Following https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#GPL_and_LGPL and https://fedoraproject.org/wiki/Licensing#Good_Licenses that would result in a license tag: GPL+ File manwhatis.c contains a GPLv2 (or later) header. So, no big issue. License clarification would be NTH: https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License_Clarification * Format string warnings in build output! More often than not these are worth taking a look at, also to avoid surprises on big endian platforms. * Run-time testing: $ hman 7 locale /usr/bin/hman: line 90: lynx: command not found So, if "lynx" isn't a requirement, the browser ought to be configurable. Let's see: $ export MANHTMLPAGER=firefox ; hman 7 locale --> http://localhost/cgi-bin/man/man2html?7+locale "The requested URL /cgi-bin/man/man2html was not found on this server." Now returning to lynx after a "yum -y install lynx": $ hman 7 locale "Alert!: Executable link rejected due to location or path. lynx: Can't access startfile lynxcgi:/usr/lib/man2html/cgi-bin/man/man2html?7+locale" * Fedora related patches and explanations don't seem to be accurate. For example: man2html-dirs.patch +sharedir = $(DESTDIR)$(PREFIX)/usr/share/man2html A path that is not used anywhere in the package. The spec file comment mentions /var/www/cgi-bin for cgi. * As expected, due to SELinux, httpd is confined as much as not to allow the CGI scripts to access the MAN search paths. That's a blocker, but still only a SHOULD in the Review Guidelines: | SHOULD: The reviewer should test that the package functions as | described. A package should not segfault instead of running, for example. Currently, the only way to get the scripts to work at all is to change their file context to httpd_unconfined_script_exec_t. Neither the Packaging Guidelines nor the Review Guidelines contain any section on SELinux. I've found just: https://fedoraproject.org/wiki/PackagingDrafts/SELinux Comments/suggestions? -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review