[Bug 995045] Review Request: wildfly - WildFly Application Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=995045



--- Comment #5 from Marek Goldmann <mgoldman@xxxxxxxxxx> ---
(In reply to Mikolaj Izdebski from comment #4)
> Patches look OK (sanity check only).
> 
> Problem 1:
> wildfly uses jboss-as user (as explained in a comment in the spec),
> but that user points to jboss-as home, not wildfly.
> You should file a bug against setup package to update
> /usr/share/doc/setup/uidgid (or contact ovasik directly).

I contacted ovasik.

> Problem 2:
> It is a good idea to check if all JARs were replaced by symlinks
> and faild the build if not. Not doing so may have a secutity
> implications. For example if some JAR is not replaced with symlink
> and it has a security bug, updating the dependency wouldn't be enough
> -- wildfly would be left with old, vulnerable version of dependency.

I'm removing the jars that were not replaced by symlinking later in the spec
file. After that I'm manually linking these exceptions. After the build I check
if there are some missing symlinks or if the symlinks are broken.

> Problem 3:
> %preun scriplet calls "rm -rf" without checking what is being removed.
> Users could theoretically replace these symlinks with directory and put
> some data there.  Uninstalling wildfly could cause data loss.

Is this an issue? This directory is created by the wildfly package and
shouldn't be used by anyone else, never. If you have a better idea how could I
symlink it - please share it with me.

> Problem 4:
> Some directories are created as linux-x86_64 and linux-i686.
> What about ARM? it's also a primary architecture.

Upstream does not ship any ARM binaries. These directories exist in the
upstream binary package:

linux-i686/    linux-x86_64/  macosx-i686/   macosx-x86_64/ win-i686/     
win-x86_64/

I'm not sure if upstream even considered running on ARM. I need to consirm it
and find the proper directory structure if it should be linked on ARM too.

> Problem 5:
> Why there is strict requirement on JDK7 (java-1.7.0-openjdk-devel)?
> We also have JDK8 in Fedora, which could be used to run Wildfly.
> IMO change this to java-devel or java-devel >= 1:1.7

I'll change it.

> Problem 6:
> Documentation should be installed into /usr/share/doc/wildfly,
> not /usr/share/wildfly/docs.  Files like copyright.txt, LICENSE.txt,
> README.txt should also be installed into /usr/share/doc/wildfly
> (unless they are needed at runtime, which I doubt).

I'll fix it.

> Problem 7:
> Configuration files should be marked as %config(noreplace) or %config
> and put in /etc.  This includes appclient/configuration,
> domain/configuration, standalone/configuration, bin/jboss-cli.xml

I'll fix it.

> Problem 8:
> I think that some directories form /usr/share/wildfly should be symlinked to
> /var/lib/..., for example /usr/share/wildfly/standalone/data ->
> /var/lib/wildfly/standalone/data

I'll look at it.

> Problem 9:
> Documentation takes 4.8 MiB of disk space.  It is big enough to be
> moved to separate wildfly-doc subpackage.

I'll fix it.

> Problem 10:
> There are multiple dangling symlinks. Some dependencies are probably
> broken. I suggest installing wildfly in minimal chroot
> (with yum --installroot) and checking dangling symlinks.

Yes, I forgot to do this before I submitted the review.

> rpmlint:
>   binary package: 25 rpmlint errors, 317 warnings
>   SRPM: 22 warnings
> 
> I'm not postring full rpmlint outout yet -- it's too long.
> There are certainly some false-positives, but there are multiple
> justified warnings and errors, which should be fixed.

I'll try to fix all required stuff.

Thanks!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=NRwQBJUNBY&a=cc_unsubscribe
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review




[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]