https://bugzilla.redhat.com/show_bug.cgi?id=1162234 --- Comment #15 from Sinny Kumari <ksinny@xxxxxxxxx> --- This is un-official review of the package Complete review of this package using fedora-review tool Rpmlint issues --------------- * Explicit Require of libcurl is not needed https://fedoraproject.org/wiki/Packaging:Guidelines#Explicit_Requires * Encoding of file LICENSE_APACHE2 and LICENSE_MIT are wrong. Maybe create it on Linux http://fedoraproject.org/wiki/Common_Rpmlint_issues#wrong-script-end-of-line-encoding * Files LICENSE LICENSE_APACHE2 LICENSE_GNUGPL LICENSE_MIT have execute permission. Execute permission from these files from actual source source tarball needs to be removed. * libnss_sp.so has been packaged with main package. It should go into devel sub-pacakge. Check http://fedoraproject.org/wiki/Packaging:Guidelines#Devel_Packages Other issues ------------ * spec file shouldn't be added in source tarball. * Does Source tarball is created for a particular commit id or for a released version? If created for a particular commit ID then Release field and Changelog needs to be updated https://fedoraproject.org/wiki/Packaging:NamingGuidelines#Snapshot_packages * %defattr is not needed in rpm 4.4 or later version in beginning of %file section https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#File_Permissions * %attr(0755,root,root) %{_libdir}/*.so* No need to specify explicitly %attr(0755,root,root) default value. Keeping %{_libdir}/*.so* should be fine. Also, better to specify explicitly which all shared libraries are getting installed. It will avoid adding unwanted .so files being added. * Don't use BuildRoot tag becasue it will be ignored in Fedora > 10 and EPEL > 5 * make should be used with macro %{?_smp_mflags} Note: Few issues mentioned by me are not valid for EPEL5 or older Fedora version. If you have plan to build your package also for EPEL5 then I think "if" condition for EPEL version needs to be added or such issues mentioned by me can be ignored. Can any existing packagers confirm this? Package Review ============== Legend: [x] = Pass, [!] = Fail, [-] = Not applicable, [?] = Not evaluated [ ] = Manual review needed Issues: ======= - Development (unversioned) .so files in -devel subpackage, if present. Note: Unversioned so-files directly in %_libdir. See: http://fedoraproject.org/wiki/Packaging/Guidelines#DevelPackages ===== MUST items ===== C/C++: [x]: ldconfig called in %post and %postun if required. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. Generic: [x]: Package successfully compiles and builds into binary rpms on at least one supported primary architecture. [x]: Package installs properly. [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x]: Package requires other packages for directories it uses. [x]: Package must own all directories that it creates. [x]: Package does not own files or directories owned by other packages. [x]: All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [x]: Package uses either %{buildroot} or $RPM_BUILD_ROOT [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Package does not contain duplicates in %files. [x]: Permissions on files are set properly. [x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package do not use a name that already exist [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local ===== SHOULD items ===== Generic: [!]: Buildroot is not present Note: Invalid buildroot found: %{_tmppath}/%{name}-root See: http://fedoraproject.org/wiki/Packaging/Guidelines#BuildRoot_tag [!]: Uses parallel make %{?_smp_mflags} macro. [x]: Packager, Vendor, PreReq, Copyright tags should not be in spec file [x]: Sources can be downloaded from URI in Source: tag [x]: Reviewer should test that the package builds in mock. [x]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) [x]: Dist tag is present (not strictly required in GL). [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SourceX is a working URL. [x]: Spec use %global instead of %define unless justified. ===== EXTRA items ===== Generic: [x]: Rpmlint is run on all installed packages. Note: There are rpmlint messages (see attachment). [x]: Large data in /usr/share should live in a noarch subpackage if package is arched. [x]: Spec file according to URL is the same as in SRPM. Rpmlint ------- Checking: nss-securepass-0.2-3.fc21.x86_64.rpm nss-securepass-0.2-3.fc21.src.rpm nss-securepass.x86_64: E: explicit-lib-dependency libcurl nss-securepass.x86_64: W: spurious-executable-perm /usr/share/doc/nss-securepass/LICENSE_APACHE2 nss-securepass.x86_64: E: wrong-script-end-of-line-encoding /usr/share/doc/nss-securepass/LICENSE_APACHE2 nss-securepass.x86_64: W: spurious-executable-perm /usr/share/doc/nss-securepass/LICENSE_GNUGPL nss-securepass.x86_64: E: non-readable /etc/securepass.conf 0600L nss-securepass.x86_64: W: devel-file-in-non-devel-package /usr/lib64/libnss_sp.so nss-securepass.x86_64: W: spurious-executable-perm /usr/share/doc/nss-securepass/LICENSE nss-securepass.x86_64: W: spurious-executable-perm /usr/share/doc/nss-securepass/LICENSE_MIT nss-securepass.x86_64: E: wrong-script-end-of-line-encoding /usr/share/doc/nss-securepass/LICENSE_MIT 2 packages and 0 specfiles checked; 4 errors, 5 warnings. Rpmlint (installed packages) ---------------------------- Cannot parse rpmlint output: Requires -------- nss-securepass (rpmlib, GLIBC filtered): /sbin/ldconfig config(nss-securepass) libc.so.6()(64bit) libcurl libcurl.so.4()(64bit) libnss_sp.so.2()(64bit) rtld(GNU_HASH) Provides -------- nss-securepass: config(nss-securepass) libnss_sp.so.2()(64bit) nss-securepass nss-securepass(x86-64) Unversioned so-files -------------------- nss-securepass: /usr/lib64/libnss_sp.so Source checksums ---------------- https://github.com/garlsecurity/nss_securepass/archive/c1bf10da1873bc212caa857653bef0b1e899703a/nss_securepass-c1bf10da1873bc212caa857653bef0b1e899703a.tar.gz : CHECKSUM(SHA256) this package : d5879f3afbad52fa2fa722a2913d5e04373a93ab9b2b1a651a623bfe28d67b36 CHECKSUM(SHA256) upstream package : d5879f3afbad52fa2fa722a2913d5e04373a93ab9b2b1a651a623bfe28d67b36 Generated by fedora-review 0.5.2 (63c24cb) last change: 2014-07-14 Command line :/bin/fedora-review -n nss-securepass Buildroot used: fedora-21-x86_64 Active plugins: Generic, Shell-api, C/C++ Disabled plugins: Java, Python, fonts, SugarActivity, Ocaml, Perl, Haskell, R, PHP, Ruby Disabled flags: EXARCH, EPEL5, BATCH, DISTTAG -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review