https://bugzilla.redhat.com/show_bug.cgi?id=1491492 --- Comment #5 from Robert-André Mauchin <zebob.m@xxxxxxxxx> --- - Shouldn't be marked as %config: %config %{_tmpfilesdir}/coturn.conf - Manpages are wrongly marked as executables, remove the executable bits and notify upstream: coturn.x86_64: W: spurious-executable-perm /usr/share/man/man1/coturn.1.gz coturn.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnadmin.1.gz coturn.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnserver.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils_natdiscovery.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils_oauth.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils_peer.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils_stunclient.1.gz coturn-utils.x86_64: W: spurious-executable-perm /usr/share/man/man1/turnutils_uclient.1.gz - Remove Rpath: coturn.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnadmin ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnserver ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn-utils.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnutils_natdiscovery ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn-utils.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnutils_oauth ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn-utils.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnutils_peer ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn-utils.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnutils_stunclient ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] coturn-utils.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnutils_uclient SSL_CTX_set_cipher_list coturn-utils.x86_64: E: binary-or-shlib-defines-rpath /usr/bin/turnutils_uclient ['/usr/lib/', '/usr/local/lib/', '/usr/lib64/', '/usr/local/lib64/', '/usr/lib64/pgsql', '/usr/local/lib'] %configure --confdir=%{_sysconfdir}/%{name} \ --examplesdir=%{_datadir}/%{name} \ --schemadir=%{_datadir}/%{name} \ --manprefix=%{_datadir} \ --docdir=%{_docdir}/%{name} \ --disable-rpath - I find curious to install the examples in %{_datadir}/%{name} They generally are included in %doc. - Read this bit about shipping static library and act accordingly: https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#Packaging_Static_Libraries_2 - Should not be executable either: coturn-client-libs.x86_64: W: spurious-executable-perm /usr/lib64/libturnclient.a - Rpmlint gives more error which I don't really know how to solve, might ask some help on -devel: missing-call-to-setgroups-before-setuid: This executable is calling setuid and setgid without secoturn.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnadmin SSL_CTX_set_cipher_list coturn.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnserver SSL_CTX_set_cipher_list coturn-utils.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnutils_uclient SSL_CTX_set_cipher_listtgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. coturn.x86_64: E: missing-call-to-setgroups-before-setuid /usr/bin/turnadmin coturn.x86_64: E: missing-call-to-setgroups-before-setuid /usr/bin/turnserver - Another error crypto-policy-non-compliance-openssl: This application package calls a function to explicitly set crypto ciphers for SSL/TLS. That may cause the application not to use the system-wide set cryptographic policy and should be modified in accordance to: https://fedoraproject.org/wiki/Packaging:CryptoPolicies coturn.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnadmin SSL_CTX_set_cipher_list coturn.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnserver SSL_CTX_set_cipher_list coturn-utils.x86_64: W: crypto-policy-non-compliance-openssl /usr/bin/turnutils_uclient SSL_CTX_set_cipher_list -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
