https://bugzilla.redhat.com/show_bug.cgi?id=1304882 --- Comment #11 from Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> --- %{?systemd_requires} is forbidden by the guidelines. I don't think we gain anything by that rule, but it's on the books. What about parallel build? I think user/group creation scriptlets should be suffixed with "|| :". They should not be fatal to installation. Also emitting message from %post is a bit unusual. Strictly speaking, the generator is wrong, because generators cannot rely on /var being mounted. It will not operate correctly if someone has a system with separate /var partitions. It seems a bit strange to use both the tmpfiles mechanism and explicit creation of files in a script (the log file). I think it would be cleaner to use a tmpfile also for the log file. %config(noreplace) %attr(-,geekotest,root) %{_sysconfdir}/openqa/openqa.ini %config(noreplace) %attr(-,geekotest,root) %{_sysconfdir}/openqa/database.ini Why are those owned by the user? Can they be updated dynamically at runtime? I don't understand this part: %defattr(-,geekotest,root) # attention: never package subdirectories owned by a user other # than root as that opens a security hole! %dir %{_localstatedir}/lib/openqa/db Doesn't this do just that: create a directory owned by geekotest? Worker package should not own %{_unitdir} or %{_prefix}/lib/systemd/system-generators, just the contents. Similarly for the apache dirs, they are owned by httpd-filesystem. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review