Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: safekeep - simple, centralized configuration for rdiff-backup https://bugzilla.redhat.com/show_bug.cgi?id=241553 ------- Additional Comments From kevin@xxxxxxxxx 2007-10-05 17:17 EST ------- OK - Package meets naming and packaging guidelines OK - Spec file matches base package name. OK - Spec has consistant macro usage. OK - Meets Packaging Guidelines. See below - License (GPLv2+) See below- License field in spec matches See below- License file included in package OK - Spec in American English OK - Spec is legible. OK - Sources match upstream md5sum: d37ae719280f654d5bad27fa23ce79bd safekeep-1.0.2.tar.gz d37ae719280f654d5bad27fa23ce79bd safekeep-1.0.2.tar.gz.1 OK - BuildRequires correct OK - Package has %defattr and permissions on files is good. OK - Package has a correct %clean section. OK - Package has correct buildroot OK - Package is code or permissible content. OK - Packages %doc files don't affect runtime. OK - Package has rm -rf RPM_BUILD_ROOT at top of %install OK - Package compiles and builds on at least one arch. OK - Package has no duplicate files in %files. OK - Package doesn't own any directories other packages own. OK - Package owns all the directories it creates. See below - No rpmlint output. See below - final provides and requires are sane SHOULD Items: OK - Should build in mock. OK - Should build on all supported archs OK - Should have sane scriptlets. OK - Should have subpackages require base package with fully versioned depend. OK - Should have dist tag OK - Should package latest version Issues: 1. What is the license here? The LICENSE file in the source says GPLv2.1 The spec has GPLv2+ The scripts themselves don't have any mention of a license. The web site says GPL http://safekeep.sourceforge.net/license.shtml Ideally can you get upstream to say if it's GPLv2 only, GPLv2+, or GPL+? A comment in the scripts themselves would be good. Also matching up so that all the above say the same thing would be good. 2. This is 1.0.2, but the website seems to have 1.0.1 as latest. Is this a preview release or they just haven't updated the web site yet? 3. rpmlint says: safekeep.src: W: strange-permission safekeep.spec 0600 safekeep-client.noarch: W: no-documentation safekeep-server.noarch: E: non-standard-uid /var/lib/safekeep safekeep safekeep-server.noarch: E: non-standard-gid /var/lib/safekeep safekeep safekeep-server.noarch: E: non-standard-dir-perm /var/lib/safekeep 0750 safekeep-server.noarch: E: non-standard-uid /var/lib/safekeep/.ssh safekeep safekeep-server.noarch: E: non-standard-gid /var/lib/safekeep/.ssh safekeep safekeep-server.noarch: W: hidden-file-or-dir /var/lib/safekeep/.ssh safekeep-server.noarch: E: non-standard-dir-perm /var/lib/safekeep/.ssh 0700 safekeep-server.noarch: W: hidden-file-or-dir /var/lib/safekeep/.ssh All can be ignored. 4. Perhaps you could include a README.fedora in the client subpackage explaining why it's currently empty? 5. The client subpackage has: Requires: openssh-server Requires: coreutils Requires: util-linux Are those really required? Why? -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review