Bug 458391

(In reply to comment #0)
New SRPM url:
SRPM URL: http://mildew.pfy.cz/redhat/bro/bro-1.4-0.1.pre.fc8.src.rpm

Added disttag and smp flags.

> Miloslav Trmač <mitr> wrote:
>
> This is not a formal review: I didn't go through Packaging/Guidelines,
> and I won't be able to reply during the next week.
>
> rpmlint output:
> bro.i386: E:  
> wrong-script-interpreter /usr/share/bro/capture-events.bro "$Id:"
> bro.i386: E: non-executable-script /usr/share/bro/capture-events.bro  
> 0644
>> bro.i386: E:  
> wrong-script-interpreter /usr/share/bro/capture-state-updates.bro "$Id:"
>> bro.i386: E:  
> non-executable-script /usr/share/bro/capture-state-updates.bro 0644
> The .bro files are not scripts, so this is not a problem.
>> bro.i386: E: zero-length /usr/share/bro/ftp-safe-words.bro  
> Shipped that way, OK.
>> bro.i386: W: log-files-without-logrotate /var/log/bro  
> Have you checked this is OK?

I think this is ok because Bro periodically creates new log files (this can be set in /etc/sysconfig/bro). But it ships some archiving script too that are not installed now - I will fix that after I rewrite this scripts as they are not usable in our environment now.

> bro.i386: W: incoherent-subsys /etc/rc.d/init.d/bro $prog
>> rpmlint can not expand $prog, this is OK.  
>
> * blocker: The Release: field does not follow
> https://fedoraproject.org/wiki/Packaging/NamingGuidelines#Snapshot_packages

Changed to: 0.1.%{snapshot}svn%{?dist}

> * blocker: License: should be "BSD with advertising"
> * Why is the "Requires: perl openssl zlib ncurses" line necessary?
>  - I can't see anything that requires perl
>  - libssl dependency is discovered automatically; nothing uses the
>    command-line utility
>  - libz dependency is discovered automatically
>  - Only "shtool", which is not shipped at all, uses the command-line
>    programs from ncurses.

Fixed. (removed)

> * blocker: bro seems to ship its own copy of libedit.  If it's true, bro
>  needs to be patched to link to the package shipped in the libedit rpm.

Yes, it ships its own libedit but it is not installed nor linked with any installed executables, so this should be ok.

Thanks for review

New SRPM: http://mildew.pfy.cz/redhat/bro/bro-1.4-0.1.20080804svn.fc8.src.rpm
New spec: http://mildew.pfy.cz/redhat/bro/bro.spec

> * blocker: License: should be "BSD with advertising"

See: http://mailman.icsi.berkeley.edu/pipermail/bro/2008-August/003606.html

New SRPM: http://mildew.pfy.cz/redhat/bro/bro-1.4-0.1.20080804svn.fc9.src.rpm

Latest bro package looks good. Problems reported by rpmlint are more caused due to the presence of #! sequence in the begining of some bro conf files. Bro successfully builds on i386/x86_64 and runs on both of those.

New Package CVS Request
=======================
Package Name: bro
Short Description: Open-source, Unix-based Network Intrusion Detection System
Owners: dkopecek
Branches:
InitialCC: pvrabec
Cvsextras Commits: yes

When reviewing, please remember to assign the bug to the reviewer, and set it to ASSIGNED. 

Please use your FAS name for Owners. 

cvs done.

I find that the .spec file as issued, has a (disabled) option which causes a ./configure to fail on older systems.  This patch fixes that issue:

[herrold@centos-5 bro]$ diff -u bro.spec-ORIG bro.spec
--- bro.spec-ORIG       2008-09-04 12:50:54.000000000 -0400
+++ bro.spec    2008-09-04 12:49:50.000000000 -0400
@@ -43,6 +43,10 @@

 %build
 ./autogen.sh
+# fix up ./configure to elide unsuppoted option
+for i in `find . -name configure `; do
+       sed -i -e 's@^enable_option_checking@# enable_option_checking@g' $i
+done
 %configure --enable-brov6 --disable-broccoli
 %{__make} %{?_smp_mflags} CFLAGS+="-I/usr/include/ncurses"

[herrold@centos-5 bro]$

-- Russ herrold