Bug 502919
| Summary: | Review Request: polkit - PolicyKit Authorization Framework | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Zeuthen <davidz> | ||||||||
| Component: | Package Review | Assignee: | Matthias Clasen <mclasen> | ||||||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | rawhide | CC: | fedora-package-review, mclasen, notting, rdieter | ||||||||
| Target Milestone: | --- | Flags: | mclasen:
fedora-review+
j: fedora-cvs+ |
||||||||
| Target Release: | --- | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2009-06-11 05:40:10 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
|
Description
David Zeuthen
2009-05-27 19:15:03 UTC
missing BuildRequires: gtk-doc here as well and intltool Created attachment 345772 [details]
spec that builds
Here is a spec file that has the missing BRs added. I'm going to base my review on this.
[mclasen@planemask rpmbuild]$ rpmlint /var/lib/mock/fedora-rawhide-x86_64/result/*.rpm polkit.src: W: non-standard-group Unspecified polkit.src: W: no-url-tag polkit.x86_64: W: non-standard-group Unspecified polkit.x86_64: W: no-url-tag polkit.x86_64: W: non-conffile-in-etc /etc/pam.d/polkit-1 polkit.x86_64: E: non-standard-dir-perm /var/lib/polkit-1 0700 polkit.x86_64: W: non-conffile-in-etc /etc/polkit-1/nullbackend.conf.d/50-nullbackend.conf polkit.x86_64: E: setuid-binary /usr/libexec/polkit-agent-helper-1 root 04755 polkit.x86_64: E: non-standard-executable-perm /usr/libexec/polkit-agent-helper-1 04755 polkit.x86_64: E: setuid-binary /usr/bin/pkexec root 04755 polkit.x86_64: E: non-standard-executable-perm /usr/bin/pkexec 04755 polkit.x86_64: W: non-conffile-in-etc /etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf polkit.x86_64: W: non-conffile-in-etc /etc/polkit-1/localauthority.conf.d/50-localauthority.conf polkit-debuginfo.x86_64: W: no-url-tag polkit-devel.x86_64: W: no-url-tag polkit-devel.x86_64: W: no-documentation polkit-docs.noarch: E: devel-dependency polkit-devel polkit-docs.noarch: W: no-url-tag 5 packages and 0 specfiles checked; 6 errors, 12 warnings. The no-url and non-standard-group warnings should be easy enough to fix. The non-conffile-in-etc ones are probably ignorable. The setuid and executable-perm ones should perhaps get a comment in the %files section, explaining why things are the way they are Not sure what the devel-dependency error is about, doesn't make sense to me. Created attachment 345787 [details]
more fixes
This spec file has some more fixes, like directory ownership, etc.
rpmlint output based on this spec file: [mclasen@planemask rpmbuild]$ rpmlint /var/lib/mock/fedora-rawhide-x86_64/result/*.rpm polkit.x86_64: W: non-conffile-in-etc /etc/pam.d/polkit-1 polkit.x86_64: E: non-standard-dir-perm /var/lib/polkit-1 0700 polkit.x86_64: W: non-conffile-in-etc /etc/polkit-1/nullbackend.conf.d/50-nullbackend.conf polkit.x86_64: E: setuid-binary /usr/libexec/polkit-agent-helper-1 root 04755 polkit.x86_64: E: non-standard-executable-perm /usr/libexec/polkit-agent-helper-1 04755 polkit.x86_64: E: setuid-binary /usr/bin/pkexec root 04755 polkit.x86_64: E: non-standard-executable-perm /usr/bin/pkexec 04755 polkit.x86_64: W: non-conffile-in-etc /etc/dbus-1/system.d/org.freedesktop.PolicyKit1.conf polkit.x86_64: W: non-conffile-in-etc /etc/polkit-1/localauthority.conf.d/50-localauthority.conf polkit-devel.x86_64: W: no-documentation polkit-docs.noarch: E: devel-dependency polkit-devel 5 packages and 0 specfiles checked; 6 errors, 5 warnings. I see that you already had the comment about permissions, so thats good checklist: rpmlint: see above package name: follows tarball name, ok spec file name: ok packaging guidelines: ok license: ok license field: ok license file: ok spec file language: ok spec legible: ok upstream sources: ok buildable: ok excludearch: n/a build deps: ok locales: ok shared libs: ok relocatable: n/a directory ownership: needs to own /usr/lib64/polkit-1/ and the backends/ subdir might want to add an explicit dbus dep for /usr/share/dbus-1/ (even though ConsoleKit pulls it in) duplicate files: ok file permissions: ok %clean: ok macro use: ok content: ok large docs: ok %doc content: ok headers: ok static libs: n/a pc files: ok shared libs: ok devel deps: ok libtool archives: ok gui apps: n/a file ownership: ok %install: must run rm -rf $RPM_BUILD_ROOT utf8 filenames: ok I wonder why pkexec is in the main package, but the pkexec policy is in -devel. (In reply to comment #7) > I wonder why pkexec is in the main package, but the pkexec policy is in -devel No, the pkexec policy is in the main package as org.freedesktop.policykit.exec the file you are referring to is for the org.freedesktop.policykit.example.pkexec.run-frobnicate action which is used by /usr/bin/pk-example-frobnicate (also in the -devel package). E.g. the example is basically that you can do $ pkexec pk-example-frobnicate and then get a dialog like this http://people.freedesktop.org/~david/pk-example-frobnicate.png instead of e.g. this http://people.freedesktop.org/~david/pkexec-3.png Created attachment 345810 [details]
fixed spec
This spec file fixes the points that came up while running through the checklist.
If you are fine with these changes, this can be approved.
Looks good, thanks. ok, approved New Package CVS Request ======================= Package Name: polkit Short Description: PolicyKit Authorization Framework Owners: davidz Branches: InitialCC: CVS done. packages have been built |
