Bug 519073

Summary: Review Request: chrootuid - This tool offers su and chroot fuctionaltity in one program
Product: [Fedora] Fedora Reporter: Jens Kuehnel <bugzilla-redhat>
Component: Package ReviewAssignee: Dominic Hopf <dmaphy>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: cwickert, dmaphy, fedora-package-review, msuchy, notting, pahan
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
See Also: https://bugzilla.redhat.com/show_bug.cgi?id=1150054
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-19 05:53:27 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 201449    

Description Jens Kuehnel 2009-08-24 17:19:37 EDT
Spec URL: http://www.kuehnel.org/chrootuid.spec
SRPM URL: http://www.kuehnel.org/chrootuid-1.3-1.fc11.src.rpm
Chrootuid makes it easy to run a network service at low privilege level and
with restricted file system access. At Eindhoven University we use this program
to run the gopher and www (world-wide web) network daemons in a minimal
environment: the daemons have access only to their own directory tree, and run
under a low-privileged userid. The arrangement greatly reduces the impact of
possible loopholes in daemon software.
Comment 1 Dominic Hopf 2009-08-29 06:44:45 EDT
$ rpmlint chrootuid.spec
0 packages and 1 specfiles checked; 0 errors, 0 warnings.

$ rpmlint chrootuid-1.3-1.fc11.src.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

$ rpmlint chrootuid-1.3-1.fc11.x86_64.rpm chrootuid-debuginfo-1.3-1.fc11.x86_64.rpm
chrootuid-debuginfo.x86_64: E: debuginfo-without-sources
2 packages and 0 specfiles checked; 1 errors, 0 warnings.


OK: packaged is named according to the package naming guidelines
OK: specfile name matches %{name}.spec
OK: package seems to meet packaging guidelines
OK: license in specfile matches actual license and meets licensing guidelines
NOT OK: license file is included in %doc
OK: specfile is written in AE
OK: specfile is legible
OK: sourcefile in the package is the same as provided in the mentioned source
    md5sum fits
OK: package compiles successfully
N/A: all build dependencies are listed in BuildRequires
     there are no build dependencies
N/A: package handles locales properly
     there are no locales installed with this package
N/A: call ldconfig in %post and %postun
     there is no binary installed with this package
OK: package is not designed to be relocatable
OK: package owns directorys it creates
OK: does not list a file more than once in the %files listing
OK: %files section includes %defattr and permissions are set properly
OK: %clean section is there and contains rm -rf %{buildroot}
OK: macros are consistently used
OK: package contains code
N/A: subpackage for large documentation files
     there are no large documentation files
OK: program runs properly without files listed in %doc
N/A: header files are in a -devel package
     there are no header files
N/A: static libraries are in a -static package
     there are no static libs
N/A: require pkgconfig if package contains a pkgconfig(.pc)
     there is no pkgconfig file
N/A: put .so-files into -devel package if there are library files with suffix
     there is no library with suffix, in fact there isn't any library
N/A: devel package includes fully versioned dependency for the base package
     there is no devel package
N/A: any libtool archives are removed
     there are no libtool archives
N/A: contains desktop file if it is a GUI application
     this is a commandline application
OK: package does not own any files or directories owned by other packages
OK: buildroot is removed at beginning of %install
N/A: filenames are encoded in UTF-8
     not necessary since there are no non-ASCII filenames

N/A: non-English translations for description and summary
     there are no other languages supported by this package, in fact it does not
     provide any localization. I assume localizations are not needed for this
OK: package builds in mock
OK: package builds into binary rpms for all supported architectures
N/A: program runs
     I did not test myself if the program works as it should
N/A: subpackages contain fully versioned dependency for the base package
     there are no subpackages
N/A: pkgconfig file is placed in a devel package
     there is no pkgconfig file
N/A: require package providing a file instead of the file itself
     no files outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin are required

 - The summary should be short and pregant, no whole sentence
 - the description could be a bit more general, the 'we use this'-style is definitely
   not the best. You could take the description at the top in file chrootuid.c
   for example, this seems to be fine
 - The license file is missing in the %files-section
 - also a license file named COPYING would be nicer, a license hint in the
   source file itself would be nice too, you may want to contact upstream
   regarding this issues
 - If there are no requires, remove the Requires and BuildRequires completely, not
   just comment them out.
 - the CFLAGS parameter is missing in %build-section, when you add this, this
   should also fix the rpmlint error for the debuginfo package
 - Please use the install command in the %install-section instead of cp, at least
   add the -p to preserve timestamps
 - Please gzip the manpage (you may also want to let upstream know about this)
 - it is not neccessary to tag the manpage as %doc since RPM detects this
   automatically, but it is also ok if you do so
 - I would recommend you to use %{version} in Source0 and in the %prep-section
   (e.g. %{name}%{version}), this would make maintenance work a bit easier
Comment 2 Miroslav Suchý 2012-12-11 17:31:23 EST
Ping? Any progress here? Or we can close this review?
Comment 3 Miroslav Suchý 2013-02-19 05:53:27 EST
Stalled Review. Closing per:
If you ever want to continue with this review, please reopen or
submit new review.