https://bugzilla.redhat.com/show_bug.cgi?id=1670656 --- Comment #9 from Xavier Bachelot <xavier@xxxxxxxxxxxx> --- I've tried my first build of the rpm then ran rpmlint. - There are a lot of files which are shipped with exec bit set, triggering lots of spurious script-without-shebang and wrong-script-end-of-line-encoding errors. - I believe most if not all of /usr/share/grafana/scripts/build/ is not needed. Fixing these 2 items should shorten rpmlint output quite a lot. Other rpmlint stuff : grafana.x86_64: E: non-readable /etc/grafana/grafana.ini 640 grafana.x86_64: E: non-readable /etc/grafana/ldap.toml 640 In the spec, there is : install -p -m 644 conf/distro-defaults.ini %{buildroot}/%{_sysconfdir}/%{name}/grafana.ini install -p -m 644 conf/ldap.toml %{buildroot}/%{_sysconfdir}/%{name}/ldap.toml but later %config(noreplace) %attr(0640, root, %{GRAFANA_GROUP}) %{_sysconfdir}/%{name}/grafana.ini %config(noreplace) %attr(0640, root, %{GRAFANA_GROUP}) %{_sysconfdir}/%{name}/ldap.toml So, 640 or 644 ? Choose one and make the spec consistent. 640 should be choosen if there is any security sensitive information in the file, 644 if not. Also, if the perms on a file or dir are already correct you don't need to specify it again in %attr and can use '-' instead. eg.: %attr(-,root,grafana) Now, parsing the specfile again. %define GRAFANA_USER %{name} %define GRAFANA_GROUP %{name} %define GRAFANA_HOME %{_datadir}/%{name} --> use %global # license and other package docs, but not APP docs (they're online) install -p -m 644 LICENSE.md %{buildroot}/%{_defaultlicensedir}/%name install -p -m 644 README.md ROADMAP.md CHANGELOG.md PLUGIN_DEV.md %{buildroot}/%{_docdir}/%{name} install -p -m 644 CODE_OF_CONDUCT.md CONTRIBUTING.md NOTICE.md %{buildroot}/%{_docdir}/%{name} then in %files : # other docs and license %doc %{_datadir}/doc/%{name} %license %{_defaultlicensedir}/%name/LICENSE.md --> Just use the following in %files, the %doc and %license macro take care of installing the files in the proper location : %license LICENSE.md %doc CHANGELOG.md CODE_OF_CONDUCT.md CONTRIBUTING.md NOTICE.md %doc PLUGIN_DEV.md README.md ROADMAP.md UPGRADING_DEPENDENCIES.md %pre/%post/%postun don't need the '||:' safeguard, this is already taken care of by the %systemd_* macros Also, usually, the scriptlet sections are before the %files section. Also, about the run dir, I just checked again and /run is on tmpfs, hence the need for using tmpfiles.d. # other shared files, public html, webpack and scripts cp -rpa conf public scripts %{buildroot}/%{_datadir}/%{name} --> -a implies recursive and preserve so 'cp -a' should be enough. Source1: grafana_webpack-%{?version}.tar.gz --> spurious ? in macro, version is always set. %global __brp_ldconfig /bin/true # no libs --> what is the purpose of this line ? Sorry for the quite messy comment, it started clean, but then I started to raw dump any potential issue. I hope it makes sense and is useful anyway. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
