Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Merge Review: openldap https://bugzilla.redhat.com/show_bug.cgi?id=226214 ------- Additional Comments From jsafrane@xxxxxxxxxx 2008-01-25 10:08 EST ------- Thanks for review! > rpmlint on SRPM: > > openldap.src:351: E: use-of-RPM_SOURCE_DIR > You use $RPM_SOURCE_DIR or %{_sourcedir} in your spec file. If you have to > use a directory for building, use $RPM_BUILD_ROOT instead. Fixed > openldap.src:750: W: macro-in-%changelog _sbindir > Macros are expanded in %changelog too, which can in unfortunate cases lead All macros in changelog are fixed. > openldap.src: W: mixed-use-of-spaces-and-tabs Fixed > rpmlint on rpms: > > openldap.i386: W: obsolete-not-provided compat-openldap > If a package is obsoleted by a compatible replacement, the obsoleted package > must also be provided in order to provide clean upgrade paths and not cause > unnecessary dependency breakage. If the obsoleting package is not a compatible > replacement for the old one, leave out the provides. > The compat-openldap is *not* obsoleted by compatible replacement. It just does not exists anymore and I want it to be removed on update (otherwise openldap cannot be updated by yum, because compat-openldap will require the same version of openldap to be installed). > openldap-clients.i386: W: summary-ended-with-dot Client programs for OpenLDAP. > Summary ends with a dot. > > openldap-devel.i386: W: summary-ended-with-dot OpenLDAP development libraries > and header files. > Summary ends with a dot. Both fixed. > openldap-devel.i386: W: file-not-utf8 > /usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-ldapv3-vlv-xx.txt > The character encoding of this file is not UTF-8. > > openldap-devel.i386: W: file-not-utf8 > /usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-acl-model-xx.txt > The character encoding of this file is not UTF-8. It's some sort of official document and I dont' think it's appropriate to convert it to UTF-8. Apart from that, there are only 3 non-UTF-* characters in these documents. > openldap-devel.i386: W: one-line-command-in-%post /sbin/ldconfig > You should use %post -p <command> Fixed > openldap-servers.i386: W: non-conffile-in-etc /etc/openldap/schema/README > A non-executable file in your package is being installed in /etc, but is not > a configuration file. All non-executable files in /etc should be configuration > files. Mark the file as %config in the spec file. > > Possibly move to %doc, rename schema-README? Moved to %doc as README.schema > openldap-servers.i386: E: non-readable /etc/sysconfig/ldap 0640 > The file can't be read by everybody. It is readable now. > openldap-servers.i386: E: non-standard-gid /etc/openldap/slapd.conf ldap > A file in this package is owned by a non standard group. Filed bug #430206 (together with other guid/uid reports) > openldap-servers.i386: E: executable-marked-as-config-file /etc/rc.d/init.d/ldap > Executables must not be marked as config files because that may > prevent upgrades from working correctly. Fixed > openldap-servers.i386: W: non-conffile-in-etc /etc/openldap/DB_CONFIG.example > A non-executable file in your package is being installed in /etc, but is not > a configuration file. All non-executable files in /etc should be configuration > files. Mark the file as %config in the spec file. > > Move to %doc? Not sure about this. People are used that this file is in /etc. I'll keep it there as %config. > openldap-servers.i386: E: non-standard-dir-perm /var/lib/ldap 0700 > A standard directory should have permission set to 0755. If you get this > message, it means that you have wrong directory permissions in some dirs > included in your package. > > Ok. I'd like to keep it 0700 too, users should not read ldap database files unless admin explicitly allows it > openldap-servers.i386: W: summary-ended-with-dot OpenLDAP servers and related files. > Summary ends with a dot. Fixed > openldap-servers.i386: W: conffile-without-noreplace-flag > /etc/pki/tls/certs/slapd.pem > A configuration file is stored in your package without the noreplace flag. > A way to resolve this is to put the following in your SPEC file: Fixed. > %config(noreplace) /etc/your_config_file_here > > openldap-servers.i386: W: conffile-without-noreplace-flag /etc/rc.d/init.d/ldap > A configuration file is stored in your package without the noreplace flag. > A way to resolve this is to put the following in your SPEC file: > > %config(noreplace) /etc/your_config_file_here Not fixed - init.d/ldap is not config file anymore. > openldap-servers.i386: E: file-in-usr-marked-as-conffile > /usr/share/openldap/migration/migrate_common.ph > A file in /usr is marked as being a configuration file. > Store your conf files in /etc/ instead. > > Why is this marked conf and not in etc? It contains configuration of migration tools. Whole concept of migration tools stored in /usr/share is somewhat weird, see bug #236697. I'll remove the %config for now and try to separate it to standalone package later. > openldap-servers.i386: W: spurious-bracket-in-%pre > The %pre scriptlet contains an "if []" construct without a space before > the "]". > openldap-servers.i386: W: spurious-bracket-in-%preun > The %preun scriptlet contains an "if []" construct without a space before > the "]". Can't find it - %pre/%preun servers has all brackets correct. Rpmlint is maybe confused by '/var/lib/ldap/[a]lock'??? > openldap-servers.i386: W: dangerous-command-in-%pre chown > openldap-servers.i386: W: dangerous-command-in-%post rm > openldap-servers.i386: W: dangerous-command-in-%preun rm This is ok, there is some magic to upgrade database to new version when the package is being updated. > openldap-servers.i386: W: no-reload-entry /etc/rc.d/init.d/ldap > In your init script (/etc/rc.d/init.d/your_file), you don't > have a 'reload' entry, which is necessary for good functionality. To be fixed as part of bug #247012. > openldap-servers.i386: W: incoherent-init-script-name ldap > The init script name should be the same as the package name in lower case, > or one with 'd' appended if it invokes a process by that name. > > What would be broken if this was fixed? It would probably break nothing, but people are used to it. I'd like to keep it as it is. > openldap-servers-sql.i386: W: spurious-executable-perm > /usr/share/doc/openldap-servers-sql-2.4.7/rdbms_depend/timesten/create_schema.sh > /usr/share/doc/openldap-servers-sql-2.4.7/rdbms_depend/timesten/ttcreate_schema.sh > The file is installed with executable permissions, but was identified as one > that probably should not be executable. Verify if the executable bits are > desired, and remove if not. Executability removed. > openldap-servers-sql.i386: W: summary-ended-with-dot OpenLDAP server SQL support > module. > Summary ends with a dot. Fixed. > Should .a files be in a -static subpackage? Is there any .a file? I hope not. If you mean .la files, these are necessary to load openldap modules. I did not find any way how to make modules work without them :(. I fixed the glitches mentioned above and created openldap-2.4.7-4, which has following rpmlint problems, all commented above. openldap.i386: W: obsolete-not-provided compat-openldap openldap-devel.i386: W: file-not-utf8 /usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-ldapv3-vlv-xx.txt openldap-devel.i386: W: file-not-utf8 /usr/share/doc/openldap-devel-2.4.7/drafts/draft-ietf-ldapext-acl-model-xx.txt openldap-servers.i386: E: non-standard-gid /etc/openldap/slapd.conf ldap openldap-servers.i386: E: non-readable /etc/openldap/slapd.conf 0640 openldap-servers.i386: E: non-standard-uid /var/lib/ldap ldap openldap-servers.i386: E: non-standard-gid /var/lib/ldap ldap openldap-servers.i386: E: non-standard-dir-perm /var/lib/ldap 0700 openldap-servers.i386: E: non-standard-uid /var/run/openldap ldap openldap-servers.i386: E: non-standard-gid /var/run/openldap ldap openldap-servers.i386: W: spurious-bracket-in-%pre openldap-servers.i386: W: dangerous-command-in-%pre chown openldap-servers.i386: W: dangerous-command-in-%post rm openldap-servers.i386: W: spurious-bracket-in-%preun openldap-servers.i386: W: dangerous-command-in-%preun rm openldap-servers.i386: W: no-reload-entry /etc/rc.d/init.d/ldap openldap-servers.i386: W: incoherent-init-script-name ldap -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review