Bug 1310901

Summary: Review Request: libmodsecurity - A library that loads/interprets rules written in the ModSecurity SecRules
Product: [Fedora] Fedora Reporter: Othman Madjoudj <athmanem>
Component: Package ReviewAssignee: Robert-André Mauchin 🐧 <zebob.m>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: mail, package-review, zebob.m
Target Milestone: ---Flags: zebob.m: fedora-review+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-05-19 09:57:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1311288, 1485912    

Description Othman Madjoudj 2016-02-22 23:10:58 UTC
Spec URL: https://athmane.fedorapeople.org/pkgs/libmodsecurity.spec
SRPM URL: https://athmane.fedorapeople.org/pkgs/libmodsecurity-3.0-0.gitf44143.fc23.src.rpm
Description:
Libmodsecurity is one component of the ModSecurity v3 project.
The library codebase serves as an interface to ModSecurity Connectors 
taking in web traffic and applying traditional ModSecurity processing.
In general, it provides the capability to load/interpret rules written 
in the ModSecurity SecRules format and apply them to HTTP content provided
by your application via Connectors.

Fedora Account System Username: athmane

Comment 1 Othman Madjoudj 2016-02-22 23:15:46 UTC
Notes:

- There's couple of issues with a workaround in the spec that were reported upstream

- Libinjection  is supposed to be bundled (same as with mod_security 2.x): https://github.com/client9/libinjection#embedding

Comment 3 Robert-André Mauchin 🐧 2017-09-01 14:53:41 UTC
Hello,

 - Your Release: is missing the dist tag:

Release: 0.%{extra_rel}%{?dist}

 - It is not necessary to add make to the BR.

 - The versioning is wrong, the release tag should start at 0.1 (Cf https://fedoraproject.org/wiki/Package_Versioning_Examples ):

Release: 0.1.%{extra_rel}%{?dist}

  And:

* Wed Aug 30 2017 Athmane Madjoudj <athmane> - 3.0.0-0.1.rc1


 - Koji is not very happy, your package fails on all arches besides i386 and x86_64:

https://koji.fedoraproject.org/koji/taskinfo?taskID=21607088

This package won't be accepted until this is solved. Report bugs upstream/fix the bugs/add ExclusiveArch with valid reasons as to why you need specific arches only.

Comment 4 Othman Madjoudj 2017-09-01 18:41:37 UTC
Thank you for your input.

Release tag fixed, I'll check the build on non-x86 archs

Regarding make, it does not harm, plus it might be needed with minimal Buildroot [1]

[1] https://pagure.io/packaging-committee/issue/490


SPEC: https://athmane.fedorapeople.org/review/libmodsecurity.spec
SRPM: https://athmane.fedorapeople.org/review/libmodsecurity-3.0.0-0.1.rc1.fc26.src.rpm

Comment 6 Robert-André Mauchin 🐧 2017-10-22 14:44:46 UTC
Perfect, package accepted.

Comment 7 Gwyn Ciesla 2017-10-23 12:31:09 UTC
(fedrepo-req-admin):  The Pagure repository was created at https://src.fedoraproject.org/rpms/libmodsecurity