Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=456182 --- Comment #7 from Debarshi Ray <debarshi.ray@xxxxxxxxx> 2008-08-10 13:12:45 EDT --- Created an attachment (id=313897) --> (https://bugzilla.redhat.com/attachment.cgi?id=313897) Patch to incorporate Spec file fixes. (In reply to comment #6) > http://sundaram.fedorapeople.org/packages/rssh.spec > http://sundaram.fedorapeople.org/packages/rssh-2.3.2-3.fc10.src.rpm + The example scripts provided as documentation should not have their executable bits set. + https://fedoraproject.org/wiki/Packaging/Guidelines#Libexecdir suggests that files be put into package-specific subdirectories. Can this be done? + The %pre scriptlet does not follow the guidelines for users and groups (https://fedoraproject.org/wiki/Packaging/UsersAndGroups). You need to add 'Requires(pre): shadow-utils' and the scriptlet needs to end with an 'exit 0'. I think '|| :' also has the same effect as 'exit 0', but you might want to be pedantic and be safe. + You have mistakenly put fish instead of rssh in the Spec comments. + You might want to split the %doc in multiple lines to achieve the 72/80 character rule. But it is a matter of style and upto you. + As I had mentioned earlier, the rssh(1) manual recommends: # chown root:rsshuser rssh rssh_chroot_helper # chmod 550 rssh # chmod 4550 rssh_chroot_helper Please find attached a patch which incorporates these changes. I have deliberately not bumped the release and added a %changelog. It is your package update them as you deem fit. These changes lead to the following rpmlint issues (which can be ignored): $ rpmlint rssh rssh.x86_64: E: non-standard-gid /usr/bin/rssh rsshusers rssh.x86_64: E: non-readable /usr/bin/rssh 0750 rssh.x86_64: E: non-standard-executable-perm /usr/bin/rssh 0750 rssh.x86_64: E: non-standard-gid /usr/libexec/rssh_chroot_helper rsshusers rssh.x86_64: E: setuid-binary /usr/libexec/rssh_chroot_helper root 04750 rssh.x86_64: E: non-standard-executable-perm /usr/libexec/rssh_chroot_helper 04750 rssh.x86_64: E: non-standard-executable-perm /usr/libexec/rssh_chroot_helper 04750 rssh.x86_64: E: no-binary rssh.x86_64: W: dangerous-command-in-%postun mv $ However using -i reveals some interesting avenues: + You might want to add /usr/bin/rssh to the list of files which are not readable by everyone in Fedora. rssh.x86_64: E: non-readable /usr/bin/rssh 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). + Can we have rssusers as a standard group in Fedora? rssh.x86_64: E: non-standard-gid /usr/bin/rssh rsshusers A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users rssh.x86_64: E: non-standard-gid /usr/libexec/rssh_chroot_helper rsshusers A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review