Bug 469317
| Summary: | Review request: lynis - Security and system auditing tool | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Rakesh Pandit <rpandit> |
| Component: | Package Review | Assignee: | Lucian Langa <lucilanga> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | fedora-package-review, i, lucilanga, notting |
| Target Milestone: | --- | Flags: | lucilanga:
fedora-review+
gwync: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | lynis-1.3.7-1.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-11-08 05:18:24 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Please fix this using macros instead of hard coded path. mkdir -p $RPM_BUILD_ROOT/etc/lynis # profile install -m 644 -p default.prf $RPM_BUILD_ROOT/etc/lynis Thanks, Updated: http://rakesh.fedorapeople.org/spec/lynis.spec http://rakesh.fedorapeople.org/srpm/lynis-1.2.1-2.fc10.src.rpm There are a few issues:
%{_datadir}/%{name}/include/*
%{_datadir}/%{name}/plugins/*
%{_datadir}/%{name}/db/*
will result in unowned directories.
Suggestion: simply drop those and modify:
%dir %{_datadir}/%{name} -> %{_datadir}/%{name}
lynis.noarch: W: non-conffile-in-etc /etc/lynis/default.prf
Also you have to decide if you should mark this file noreplace.
https://fedoraproject.org/wiki/Packaging/Guidelines#Configuration_files
.. if so, header needs to be adapted.
Note: Not seeing any differences in previous release.
Thanks - Done http://rakesh.fedorapeople.org/spec/lynis.spec http://rakesh.fedorapeople.org/srpm/lynis-1.2.1-3.fc10.src.rpm lynis.noarch: W: non-conffile-in-etc /etc/lynis/default.prf I will keep default.prf in /etc, as it a conf file. Thank you.
Review:
OK source files match upstream :
4f8db3c524c1014db5842ca2dbd575aa lynis-1.2.1.tar.gz
OK package meets naming and versioning guidelines.
OK specfile is properly named, is cleanly written and uses macros consistently.
OK summary is OK.
OK description is OK.
OK dist tag is present.
OK build root
OK license field matches the actual license.
OK license is open source-compatible.
OK license text included in package.
N/A BuildRequires are proper.
N/A compiler flags are appropriate.
OK %clean is present.
OK package builds in mock (rawhide, x86_64).
OK package installs properly.
N/A debuginfo package looks complete.
OK rpmlint is silent.
OK final provides and requires are sane:
config(lynis) = 1.2.1-2.fc10
lynis = 1.2.1-2.fc10
=
/bin/sh
config(lynis) = 1.2.1-2.fc10
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
N/A no shared libraries are added to the regular linker search paths.
OK owns the directories it creates.
OK doesn't own any directories it shouldn't.
OK no duplicates in %files.
OK file permissions are appropriate.
OK no scriptlets present.
OK code, not content.
OK documentation is small, so no -doc subpackage is necessary.
OK no headers.
OK no pkgconfig files.
OK no static libraries.
OK no libtool .la files.
N/A not GUI application.
Suggestion:
Please consider doing something about header of /etc/lynis/default.prf as it might seem confusing
#
# Do NOT change this file, as it will be overwritten while upgrading. Instead
# make a copy of this file and adjust it.
#
I think is should be changed upstream.
APPROVED.
Thanks - I will check with upstream also. New Package CVS Request ======================= Package Name: lynis Short Description: Security and system auditing tool Owners: rakesh Branches: F-8 F-9 F-10 InitialCC: Cvsextras Commits: yes cvs done. lynis-1.2.1-3.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/lynis-1.2.1-3.fc8 lynis-1.2.1-3.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/lynis-1.2.1-3.fc9 lynis-1.2.1-3.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/lynis-1.2.1-3.fc10 lynis-1.2.1-3.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. lynis-1.2.1-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. Package Change Request ====================== Package Name: lynis New Branches: el6 Owners: bar cicku Git done (by process-git-requests). lynis-1.3.5-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/lynis-1.3.5-1.el6 lynis-1.3.6-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/lynis-1.3.6-1.el6 lynis-1.3.6-1.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc19 lynis-1.3.6-1.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc18 lynis-1.3.6-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc20 lynis-1.3.6-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. lynis-1.3.6-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report. lynis-1.3.7-1.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/lynis-1.3.7-1.fc20 lynis-1.3.7-1.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/lynis-1.3.7-1.fc19 lynis-1.3.7-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/lynis-1.3.7-1.el6 lynis-1.3.7-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. lynis-1.3.7-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. lynis-1.3.7-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. Package Change Request ====================== Package Name: lynis New Branches: epel7 Owners: cicku Git done (by process-git-requests). |
Description: Lynis is a security and system auditing tool. It scans a system on the most interesting parts useful for audits, like: - Security enhancements - Logging and auditing options - Banner identification - Software availability SRPM: http://rakesh.fedorapeople.org/srpm/lynis-1.2.1-1.fc10.src.rpm SPEC: http://rakesh.fedorapeople.org/spec/lynis.spec