https://bugzilla.redhat.com/show_bug.cgi?id=2168538 --- Comment #11 from Benson Muite <benson_muite@xxxxxxxxxxxxx> --- $ rpmlint -e missing-call-to-setgroups-before-setuid missing-call-to-setgroups-before-setuid: This executable is calling setuid and setgid without setgroups or initgroups. This means it didn't relinquish all groups, and this would be a potential security issue. Maybe the file minidlna.c should be modified? It uses setgid and setuid but does not get all the associated group ids see https://www.gnu.org/software/libc/manual/html_node/Setting-Groups.html $ rpmlint -e non-standard-uid non-standard-uid: A file in this package is owned by an unregistered user id. To register the user, please make a pull request to the rpmlint config file configs/Fedora/fedora.toml in the rpmlint repository. $ rpmlint -e non-standard-gid non-standard-gid: A file in this package is owned by an unregistered group id. To register the group, please make a pull request to the rpmlint config file configs/Fedora/fedora.toml in the rpmlint repository. Not clear what to change at: https://github.com/rpm-software-management/rpmlint/blob/main/configs/Fedora/fedora.toml Should minidlna have a directory instead of dev/null ? useradd -r -g minidlna -d /dev/null Might it be possible to use dynamic allocation: https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation Nginx recommends logrotate: https://src.fedoraproject.org/rpms/nginx/blob/rawhide/f/nginx.spec -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2168538 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
