https://bugzilla.redhat.com/show_bug.cgi?id=1297274 Randy Barlow <rbarlow@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |admiller@xxxxxxxxxx Flags| |needinfo?(admiller@redhat.c | |om) --- Comment #3 from Randy Barlow <rbarlow@xxxxxxxxxx> --- Adam, I now have a beta of the package, and I believe I have worked out a number of spec file issues that were present in the first link I provided. Here is an updated package: Spec URL: https://rbarlow.fedorapeople.org/pulp.spec SRPM URL: https://rbarlow.fedorapeople.org/pulp-2.8.0-0.1.beta.fc24.src.rpm There are still a number of rpmlint issues. Most I think we can ignore, but perhaps you can provide some insight about a few of them. I'll comment inline as I did before: $ rpmlint ~/rpmbuild/RPMS/noarch/p* ~/rpmbuild/SRPMS/pulp-2.8.0-0.1.beta.fc24.src.rpm pulp-admin-client.noarch: W: conffile-without-noreplace-flag /etc/bash_completion.d/pulp-admin pulp-consumer-client.noarch: W: conffile-without-noreplace-flag /etc/bash_completion.d/pulp-consumer IMO, the bash_completion isn't really a config file so it doesn't need noreplace. Do you agree? pulp-agent.noarch: E: zero-length /etc/pulp/agent/agent.conf I filed this upstream: https://pulp.plan.io/issues/1497 pulp-consumer-client.noarch: E: non-readable /etc/pki/pulp/consumer/rsa.key 640 pulp-nodes-child.noarch: E: non-readable /etc/pulp/server/plugins.conf.d/nodes/importer/http.conf 640 pulp-nodes-common.noarch: E: non-readable /etc/pulp/nodes.conf 640 pulp-server.noarch: E: non-readable /etc/pki/pulp/ca.key 640 pulp-server.noarch: E: non-readable /etc/pki/pulp/rsa.key 640 pulp-server.noarch: E: non-readable /etc/pulp/server.conf 640 These files all contain secrets (cryptographic keys or passwords) and so I think being unreadable by world is required. pulp-nodes-common.noarch: W: no-manual-page-for-binary pulp-gen-nodes-certificate pulp-server.noarch: W: no-manual-page-for-binary pulp-gen-ca-certificate pulp-server.noarch: W: no-manual-page-for-binary pulp-manage-db pulp-server.noarch: W: no-manual-page-for-binary pulp-qpid-ssl-cfg I filed an issue for these upstream: https://pulp.plan.io/issues/1499 pulp-nodes-parent.noarch: W: dangling-symlink /var/www/pulp/nodes/content /var/lib/pulp/content pulp-server.noarch: W: dangling-symlink /var/www/pulp/nodes/https /var/lib/pulp/nodes/published/https pulp-server.noarch: W: dangling-symlink /var/www/pulp/nodes/http /var/lib/pulp/nodes/published/http I am puzzled by these. AFAICT, these symlinks are from one subpackage's owned directory to another subpackage's directories. Does rpmlint not allow symlinks across subpackages? Do you have any advice about this? pulp-server.noarch: E: explicit-lib-dependency python-httplib2 I think this might just be a linter mistake due to this package having "lib" in its name. pulp-server.noarch: E: non-standard-dir-perm /var/log/pulp 750 We have had a number of bugs where secret information has gotten logged. We decided that it was safest to make the logs as non-world readable. Is that acceptable? pulp-server.noarch: W: log-files-without-logrotate ['/var/log/pulp'] I've filed this issue upstream: https://pulp.plan.io/issues/1498 python2-pulp-streamer.noarch: W: empty-%postun We used the %systemd_postun macro here, which seems to be empty. I didn't write that part of our original spec, so I'm not 100% sure what it is there for. Do you think I should just drop the %postun section since it's empty anyway? 20 packages and 0 specfiles checked; 9 errors, 11 warnings. Thanks for your review, and sorry it was a little later than expected! -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review