[Bug 1283296] Review Request: pam-u2f - PAM authentication over U2F

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=1283296

Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           See Also|                            |https://bugzilla.redhat.com
                   |                            |/show_bug.cgi?id=1292687
              Flags|fedora-review?              |fedora-review+



--- Comment #12 from Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> ---
INFO: No upstream for (Source2): gpgkey-D3994701.gpg
It would be nice to provide a full URL.

General recommendation is to have BuildRequires on separate lines, because this
makes later diffs much easier to read.

%autosetup macro would be nice here (%autosetup -n ... -p1), because then you
can remove the %patchN lines.

%description should end in a dot (repeated from comment #5).

The key verification checking fails, see linked bug.

- license is OK (BSD)
- license file is present, %license is used
- license matches headers
- latest version
- no scriptlets
- provides/requires look sane
- I did some small testing and it seems to work as expected (I don't have the
hardware, but it seems to be trying to do the right things...)

rpmlint:
Checking: pam-u2f-1.0.3-4.fc24.x86_64.rpm
          pamu2fcfg-1.0.3-4.fc24.x86_64.rpm
          pam-u2f-debuginfo-1.0.3-4.fc24.x86_64.rpm
          pam-u2f-1.0.3-4.fc24.src.rpm
pam-u2f.x86_64: W: spelling-error %description -l en_US authenticators ->
authentication, authenticates, authenticate
pam-u2f.src: W: spelling-error %description -l en_US authenticators ->
authentication, authenticates, authenticate
4 packages and 0 specfiles checked; 0 errors, 2 warnings.

So the packaging side looks OK. There are some small issues pointed out above.
Package is APPROVED.

I think it would be worthwhile to have someone from the security team look this
code over. This is normally not part of a review, but I strongly recommend
contacting
the security team [https://fedoraproject.org/wiki/Security_Team].

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review
[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]