https://bugzilla.redhat.com/show_bug.cgi?id=2025751 Robbie Harwood <rharwood@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(rharwood@redhat.c |needinfo?(dcantrell@redhat. |om) |com) --- Comment #5 from Robbie Harwood <rharwood@xxxxxxxxxx> --- Updated spec and srpm - note new locations: - https://rharwood.fedorapeople.org/libptytty.spec - https://rharwood.fedorapeople.org/libptytty-2.0-1.fc36.src.rpm > The %{?_isa} part was missing from the Requires on the devel package. Fixed, thanks. > Upstream appears to have a .sig file, so this package could probably do the gpgverify thing. Thanks for helping offline with this. signify verification added. I'll add it to rxvt-unicode during the update, and possibly send a PR to libev as well. (signify doesn't seem to exist for fc34, so I've moved to doing this with a rawhide VM.) Note though that all of this is still being fetched over plain HTTP because schmorp doesn't work over HTTPS. So it's basically all moot anyway: > * libptytty.x86_64: E: missing-call-to-setgroups-before-setuid /usr/lib64/libptytty.so.0 Also assumed this was an rpmlint bug. Looking at it more, I think it's complaining about actual function calls in the library, which seems like not rpmlint's problem. The code in question is pttytty::drop_privileges() in proxy.C - I don't know whether this is an actual bug, since I'm not sure where it would *get* ancillary groups, given nothing's setuid. Or to put it differently: this particular code is copied wholesale out of rxvt-unicode, so any issue here is pre-existing unless there's some interaction with it being a library now that I'm not immediately seeing. > And not required, but kind of convention... Changes and README could go in %doc Done. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2025751 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
