Bug 225614
Summary: | Merge Review: bind | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Nobody's working on this, feel free to take it <nobody> | ||||
Component: | Package Review | Assignee: | Gwyn Ciesla <gwync> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Package Reviews List <fedora-package-review> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | CC: | atkac, redhat-bugzilla | ||||
Target Milestone: | --- | Flags: | gwync:
fedora-review+
dennis: fedora-cvs+ |
||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-05-27 13:05:24 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 448277 | ||||||
Bug Blocks: | 426387 | ||||||
Attachments: |
|
Description
Nobody's working on this, feel free to take it
2007-01-31 17:45:19 UTC
Adam, I'm CCing you because you're showing up as the package owner in pkgdb. Sorry if you're not really the owner of this package, but I'd really hate to make a bunch of review comments only to have them go to someone who has nothing to do with the package. bind.src:92: W: unversioned-explicit-obsoletes bind-config The specfile contains an unversioned Obsoletes: token, which will match all older, equal and newer versions of the obsoleted thing. This may cause update problems, restrict future package/provides naming, and may match something it was originally not inteded to match -- make the Obsoletes versioned if possible. bind.src:92: W: unversioned-explicit-obsoletes caching-nameserver The specfile contains an unversioned Obsoletes: token, which will match all older, equal and newer versions of the obsoleted thing. This may cause update problems, restrict future package/provides naming, and may match something it was originally not inteded to match -- make the Obsoletes versioned if possible. bind.src:93: W: unversioned-explicit-provides bind-config The specfile contains an unversioned Provides: token, which will match all older, equal, and newer versions of the provided thing. This may cause update problems and will make versioned dependencies, obsoletions and conflicts on the provided thing useless -- make the Provides versioned if possible. bind.src:93: W: unversioned-explicit-provides caching-nameserver The specfile contains an unversioned Provides: token, which will match all older, equal, and newer versions of the provided thing. This may cause update problems and will make versioned dependencies, obsoletions and conflicts on the provided thing useless -- make the Provides versioned if possible. bind.src:141: W: unversioned-explicit-obsoletes bind-libbind-devel The specfile contains an unversioned Obsoletes: token, which will match all older, equal and newer versions of the obsoleted thing. This may cause update problems, restrict future package/provides naming, and may match something it was originally not inteded to match -- make the Obsoletes versioned if possible. bind.src:167: W: unversioned-explicit-obsoletes bind-libbind-devel The specfile contains an unversioned Obsoletes: token, which will match all older, equal and newer versions of the obsoleted thing. This may cause update problems, restrict future package/provides naming, and may match something it was originally not inteded to match -- make the Obsoletes versioned if possible. Is it feasible to fix these? bind.src:177: W: hardcoded-prefix-tag %{chroot_prefix} The Prefix tag is hardcoded in your spec file. It should be removed, so as to allow package relocation. If intended to be relocatable. bind.src:366: W: make-check-outside-check-section make test Make check or other automated regression test should be run in %check, as they can be disabled with a rpm macro for short circuiting purposes. Fix, if it doesn't break anything. bind.src:980: W: macro-in-%changelog preun Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1028: W: macro-in-%changelog exclude Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1113: W: macro-in-%changelog doc Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1205: W: macro-in-%changelog __cc Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1300: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1302: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1303: W: macro-in-%changelog files Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1327: W: macro-in-%changelog postun Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1333: W: macro-in-%changelog ghost Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1661: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1800: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1882: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1921: W: macro-in-%changelog preun Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1933: W: macro-in-%changelog SOURCE Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1988: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. bind.src:1989: W: macro-in-%changelog post Macros are expanded in %changelog too, which can in unfortunate cases lead to the package not building at all, or other subtle unexpected conditions that affect the build. Even when that doesn't happen, the expansion results in possibly "rewriting history" on subsequent package revisions and generally odd entries eg. in source rpms, which is rarely wanted. Avoid use of macros in %changelog altogether, or use two '%'s to escape them, like '%%foo'. Fix. bind.src: W: mixed-use-of-spaces-and-tabs (spaces: line 2, tab: line 8) The specfile mixes use of spaces and tabs for indentation, which is a cosmetic annoyance. Use either spaces or tabs for indentation, not both. Cosmetic, but easy to fix. bind.src: W: %ifarch-applied-patch Patch72: bind-9.5-dlz-64bit.patch A patch is applied inside an %ifarch block. Patches must be applied on all architectures and may contain necessary configure and/or code patch to be effective only on a given arch. Not a problem. bind.src: W: strange-permission namedSetForwarders 0755 A file that you listed to include in your package has strange permissions. Usually, a file should have 0644 permissions. bind.src: W: strange-permission namedGetForwarders 0755 A file that you listed to include in your package has strange permissions. Usually, a file should have 0644 permissions. bind.src: W: strange-permission named.init 0755 A file that you listed to include in your package has strange permissions. Usually, a file should have 0644 permissions. I think these are OK. rpmlint on rpms: bind.i386: E: non-readable /usr/sbin/rndc 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /usr/sbin/rndc 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: non-standard-gid /etc/sysconfig/named named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /etc/sysconfig/named 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-uid /var/named/dynamic named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind.i386: E: non-standard-gid /var/named/dynamic named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-standard-dir-perm /var/named/dynamic 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind.i386: E: non-standard-uid /var/run/named named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind.i386: E: non-standard-gid /var/run/named named A file in this package is owned by a non standard group. * Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-standard-dir-perm /var/run/named 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind.i386: E: non-standard-gid /var/named/named.localhost named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /var/named/named.localhost 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-gid /var/named/named.ca named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /var/named/named.ca 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-uid /var/named/data named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind.i386: E: non-standard-gid /var/named/data named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-standard-dir-perm /var/named/data 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind.i386: E: non-readable /usr/sbin/rndc-confgen 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /usr/sbin/rndc-confgen 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: non-standard-gid /var/named named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-standard-dir-perm /var/named 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind.i386: E: non-readable /usr/sbin/lwresd 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /usr/sbin/lwresd 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: non-standard-uid /var/log/named.log named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind.i386: E: non-standard-gid /var/log/named.log named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users ############# All fine. bind.i386: E: non-root-user-log-file /var/log/named.log named If you need log files owned by a non-root user, just create a subdir in /var/log and put your log files in it. bind.i386: E: non-root-group-log-file /var/log/named.log named If you need log files owned by a non-root group, just create a subdir in /var/log and put your log files in it. ########## Fix. bind.i386: E: non-standard-gid /var/named/named.loopback named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /var/named/named.loopback 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /etc/rc.d/init.d/named 0754 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: executable-marked-as-config-file /etc/rc.d/init.d/named Executables must not be marked as config files because that may prevent upgrades from working correctly. If you need to be able to customize an executable, make it for example read a config file in /etc/sysconfig. bind.i386: E: non-readable /usr/sbin/named 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /usr/sbin/named 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: non-standard-uid /var/named/slaves named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind.i386: E: non-standard-gid /var/named/slaves named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-standard-dir-perm /var/named/slaves 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind.i386: E: non-standard-gid /var/named/named.empty named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /var/named/named.empty 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-gid /etc/named.conf named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /etc/named.conf 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-gid /etc/rndc.key named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /etc/rndc.key 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-readable /usr/sbin/named-bootconf 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-executable-perm /usr/sbin/named-bootconf 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind.i386: E: non-standard-gid /etc/named.rfc1912.zones named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /etc/named.rfc1912.zones 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-gid /etc/rndc.conf named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind.i386: E: non-readable /etc/rndc.conf 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind.i386: E: non-standard-gid /etc/logrotate.d/named named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users ######## These are fine. bind.i386: E: incoherent-logrotate-file /etc/logrotate.d/named Your logrotate file should be named /etc/logrotate.d/<package name>. ###### Any reason not to fix this? bind.i386: E: non-readable /etc/logrotate.d/named 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). ####### Not a problem. bind.i386: E: explicit-lib-dependency libidn You must let rpm find the library dependencies by itself. Do not put unneeded explicit Requires: tags. ####### Will rpm not do this right? bind.i386: W: conffile-without-noreplace-flag /etc/rc.d/init.d/named A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind.i386: W: conffile-without-noreplace-flag /var/named/named.ca A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind.i386: W: conffile-without-noreplace-flag /var/named/named.empty A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind.i386: W: conffile-without-noreplace-flag /var/named/named.localhost A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind.i386: W: conffile-without-noreplace-flag /var/named/named.loopback A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here ######### Why should these not be noreplace? bind.i386: W: FSSTND-dir-in-var /var/named/dynamic Your package is creating an illegal directory in /var. The FSSTND (illegal) ones are: adm, catman, local, named, nis, preserve ######## Acceptable in this case. bind.i386: W: dangerous-command-in-%post chown bind.i386: W: dangerous-command-in-%trigger chown ###### Should be fixed or explained in spec. bind.i386: W: incoherent-init-script-name named The init script name should be the same as the package name in lower case, or one with 'd' appended if it invokes a process by that name. ##### Not a big problem. bind-chroot.i386: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. ####### WOuld like this fixed, not sure if specific docs exist. bind-chroot.i386: E: non-readable /usr/sbin/bind-chroot-admin 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-executable-perm /usr/sbin/bind-chroot-admin 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/run named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/run 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/etc/rndc.key named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/etc/rndc.key 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/named/dynamic named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/dynamic named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/named/dynamic 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/run/named named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/run/named named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/run/named 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/tmp named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/tmp named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/tmp 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/dev/zero named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/dev/zero named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/dev/zero 0660 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/log/named.log named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/log/named.log named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/var/log/named.log 0660 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-uid /var/named/chroot/dev/null named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/dev/null named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/dev/null 0660 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/var named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/log named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/log named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/log 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/etc named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/etc 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/named.ca named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/var/named/named.ca 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/named/data named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/data named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/named/data 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/dev named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/dev 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-uid /var/named/chroot/dev/random named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/dev/random named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/dev/random 0660 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/etc/named.conf named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/etc/named.conf 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/named.loopback named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/var/named/named.loopback 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-uid /var/named/chroot/var/named/slaves named A file in this package is owned by a non standard user. Standard users are: root, bin, daemon, adm, lp, sync, shutdown, halt, mail, news, uucp, operator, games, gopher, ftp, nobody bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/slaves named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/named/slaves 0770 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/named.localhost named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/var/named/named.localhost 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/etc/named.rfc1912.zones named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/etc/named.rfc1912.zones 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named/named.empty named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-readable /var/named/chroot/var/named/named.empty 0640 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-chroot.i386: E: non-standard-gid /var/named/chroot/var/named named A file in this package is owned by a non standard group. Standard groups are: root, bin, daemon, sys, adm, tty, disk, lp, mem, kmem, wheel, mail, news, uucp, man, games, gopher, dip, ftp, lock, nobody, users bind-chroot.i386: E: non-standard-dir-perm /var/named/chroot/var/named 0750 A standard directory should have permission set to 0755. If you get this message, it means that you have wrong directory permissions in some dirs included in your package. ########## These all make sense. bind-chroot.i386: W: conffile-without-noreplace-flag /var/named/chroot/var/named/named.ca A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind-chroot.i386: W: conffile-without-noreplace-flag /var/named/chroot/var/named/named.empty A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind-chroot.i386: W: conffile-without-noreplace-flag /var/named/chroot/var/named/named.localhost A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind-chroot.i386: W: conffile-without-noreplace-flag /var/named/chroot/var/named/named.loopback A configuration file is stored in your package without the noreplace flag. A way to resolve this is to put the following in your SPEC file: %config(noreplace) /etc/your_config_file_here bind-chroot.i386: W: FSSTND-dir-in-var /var/named/chroot/var/run Your package is creating an illegal directory in /var. The FSSTND (illegal) ones are: adm, catman, local, named, nis, preserve ######### See above. bind-devel.i386: W: spurious-executable-perm /usr/share/doc/bind-devel-9.5.0/rfc/fetch.gz The file is installed with executable permissions, but was identified as one that probably should not be executable. Verify if the executable bits are desired, and remove if not. bind-devel.i386: W: file-not-utf8 /usr/share/doc/bind-devel-9.5.0/draft/draft-ietf-enum-e164-gstn-np-05.txt The character encoding of this file is not UTF-8. Consider converting it in the specfile for example using iconv(1). ######### Fix. bind-devel.i386: W: no-dependency-on bind bind-devel.i386: W: obsolete-not-provided bind-libbind-devel If a package is obsoleted by a compatible replacement, the obsoleted package must also be provided in order to provide clean upgrade paths and not cause unnecessary dependency breakage. If the obsoleting package is not a compatible replacement for the old one, leave out the provides. ########### These should be fixed. bind-libs.i386: W: no-documentation The package contains no documentation (README, doc, etc). You have to include documentation files. ######### Fix if possible. bind-libs.i386: E: description-line-too-long Contains libraries used by both the bind server package as well as the utils packages. Your description lines must not exceed 79 characters. If a line is exceeding this number, cut it to fit in two lines. ########## Fix. bind-libs.i386: W: obsolete-not-provided bind-libbind-devel If a package is obsoleted by a compatible replacement, the obsoleted package must also be provided in order to provide clean upgrade paths and not cause unnecessary dependency breakage. If the obsoleting package is not a compatible replacement for the old one, leave out the provides. ######### Fix. bind-sdb.i386: E: non-readable /usr/sbin/zone2sqlite 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-sdb.i386: E: non-standard-executable-perm /usr/sbin/zone2sqlite 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind-sdb.i386: E: non-readable /usr/sbin/zonetodb 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-sdb.i386: E: non-standard-executable-perm /usr/sbin/zonetodb 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind-sdb.i386: E: non-readable /usr/sbin/named-sdb 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-sdb.i386: E: non-standard-executable-perm /usr/sbin/ldap2zone 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. bind-sdb.i386: E: non-readable /usr/sbin/zone2ldap 0750 The file can't be read by everybody. If this is expected (for security reasons), contact your rpmlint distributor to get it added to the list of exceptions for your distro (or add it to your local configuration if you installed rpmlint from the source tarball). bind-sdb.i386: E: non-standard-executable-perm /usr/sbin/zone2ldap 0750 A standard executable should have permission set to 0755. If you get this message, it means that you have a wrong executable permissions in some files included in your package. ######### Acceptable. bind-sdb.i386: W: spelling-error-in-summary suppport support You made a misspelling in the Summary. Please double-check. ######### Fix. Source: is incorrect, should be: ftp://ftp.isc.org/isc/bind9/%{version}%{RELEASEVER}/bind-%{version}%{RELEASEVER}.tar.gz Not thrilled with the bind/named naming split, but it makes sense. Could also make an argument to handle it like apache/httpd, but I won't make a huge issue out of it. Must Requires: pkgconfig. Otherwise, no other blockers. Any updates? I had more important duties than this one but now I have some free time so let's try fix this one First attempt is located on http://kojiweb.fedoraproject.org/koji/taskinfo?taskID=624485, bind-9.5.0-34.rc1.fc10 Created attachment 306382 [details]
Output from rpmlint, commented
Looks good to me. I agree with all the comments. Not sure what the FSSTND errors are on about. Can't imagine why putting those dirs in var is a problem. Given what they do, that seems logical to me. I'd really like to see the non-utf8 files fixed, since it's so easy to do using iconv. I'm curious about FSSTND, but not enough to block on that, so I guess it's jsut the utf8 bits. Adam, can you please fix ASAP what Jon with his fscking rpmlint'ing package review suggestions broke? Thank you. I'm adding this bug report as MUST for the package review hereby... ;-) FSSTND-dir-in-var seems sane to me, as it suggests named, but the parsing of rpmlint seems to be too broken as always to detect dynamic as subdirectory of named in var. (In reply to comment #8) > Adam, can you please fix ASAP what Jon with his fscking rpmlint'ing package > review suggestions broke? Thank you. I'm adding this bug report as MUST for > the package review hereby... ;-) Jon didn't break anything, he only attached rpmlint output. It was my fault that I overlooked wrong /var/run/named perms ;) Problems written above (comments #7 and #8, non-utf8 file was removed because it is expired draft so it is simply not needed) are fixed in 9.5.0-35.rc1.fc10 (In reply to comment #8) > Adam, can you please fix ASAP what Jon with his fscking rpmlint'ing package > review suggestions broke? Thank you. I'm adding this bug report as MUST for > the package review hereby... ;-) Robert, while I share your frustration with exhaustively long rpmlint output in some package reviews, it is the first MUST in http://fedoraproject.org/wiki/Packaging/ReviewGuidelines At time of this writing there are 457 Merge Reviews in NEW status. Many of the Merge Reviews that block 426387 aka F9MergeReviewTarget are still in progress. I myself have 18 merge reviews open, and am hoping to finish these before taking on more. They're not exactly flying off the shelves. It is highly regrettable that bind broke, however briefly, but seeing as F9 is now GA, I think it's time we finished the process we started for the F7(!) merge. Sorry for the rant, but if you have a suggestion, such as modified review guidelines for Merge Reviews I'm open to discussion. Just trying to assist with a task where I saw a need. Back on topic, looks good now, APPROVED. Package Change Request ====================== Package Name: bind New Branches: F-13 Owners: atkac Reason: I would like to test upcomming major bind release early. im assuming you want early branching i.e. a F-12 branch CVS Done |