Bug 566403 (dnsmap)

Builds successfully in mock on Fedora 11 with i386/x86_64 architectures.

Builds successfully in mock on Fedora 13 with i386/x86_64 architectures.

* Sat Mar 13 2010 Nikolay Ulyanitsky <lystor AT lystor.org.ua> - 0.30-1
- Update to 0.30
- Fix the license
- Remove dnsmap-0.25-Makefile.patch (included by the upstream)
- Replace generally useful macros by regular commands


Spec URL: http://repo.lystor.org.ua/fedora/12/SPECS/dnsmap.spec
SRPM URL: http://repo.lystor.org.ua/fedora/12/SRPMS/dnsmap-0.30-1.fc12.src.rpm

Hello,
I am not authorized to do a review, but I was gonna to try submit the package review request so it makes sense I would do at least comments (review) of the package to help it to het to Fedora.

Generally the package seems to be aligned with the packaging guidelines and I have not found any issues.

1) rpmlint OK - no errors
Spelling warnings - all referenced words are comonly used in the industry
Warning about download is not relevant - link is ok, spectool was able to download the source file based on the spec file. Probably some race condition in my environment + rpmlint.

$rpmlint dnsmap-0.30-1.fc12.i686.rpm dnsmap-debuginfo-0.30-1.fc12.i686.rpm dnsmap-0.30-1.fc12.src.rpm 

dnsmap.i686: W: spelling-error Summary(en_US) subdomains -> sub domains, sub-domains, domains
dnsmap.i686: W: spelling-error Summary(en_US) bruteforcer -> Wilberforce, enforcer, brutishness
dnsmap.i686: W: spelling-error %description -l en_US pentesters -> pen testers, pen-testers, pent esters
dnsmap.i686: W: spelling-error %description -l en_US subdomains -> sub domains, sub-domains, domains
dnsmap.i686: W: spelling-error %description -l en_US bruteforcer -> Wilberforce, enforcer, brutishness
dnsmap.i686: W: spelling-error %description -l en_US wordlist -> word list, word-list, wordless
dnsmap.i686: W: spelling-error %description -l en_US txt -> text, ext, tit
dnsmap.i686: W: spelling-error %description -l en_US csv -> cs, cs v, CST
dnsmap.src: W: spelling-error Summary(en_US) subdomains -> sub domains, sub-domains, domains
dnsmap.src: W: spelling-error Summary(en_US) bruteforcer -> Wilberforce, enforcer, brutishness
dnsmap.src: W: spelling-error %description -l en_US pentesters -> pen testers, pen-testers, pent esters
dnsmap.src: W: spelling-error %description -l en_US subdomains -> sub domains, sub-domains, domains
dnsmap.src: W: spelling-error %description -l en_US bruteforcer -> Wilberforce, enforcer, brutishness
dnsmap.src: W: spelling-error %description -l en_US wordlist -> word list, word-list, wordless
dnsmap.src: W: spelling-error %description -l en_US txt -> text, ext, tit
dnsmap.src: W: spelling-error %description -l en_US csv -> cs, cs v, CST
dnsmap.src: W: invalid-url Source0: http://dnsmap.googlecode.com/files/dnsmap-0.30.tar.gz HTTP Error 404: Not Found
3 packages and 0 specfiles checked; 0 errors, 17 warnings.

2) package name OK, specname OK, 
3) license ok - gplv2+ is the license of code, is in spec and attached in package
6) spec file is legible and consistent in usage of (17) macros and formating
7) package compiled and running on i686 without issues found
code in srpm matches the upstream code - md5sum used for checksum
15) defattr is present, Executable permissions are not explicitly set by spec file, but they are  explicitly set by the makefile
16) clean section ok

Best regards
Michal Ambroz

Hello Nikolay,
please would you be able to polish the package summary/description 
so it does'n trigger the rpmlint attention? 

Summary field: ... it could be quite missleading. The tool is not so much passive - it is brute-forcing DNS. (I know it is comming from the home site). Please could you reword to something better describing the situation?

Description field: ... one too long sentence makes it hard to read. Please could you split and make it more readable?

I know that words like pentester are quite common in the given industry.
Anyway please could you to change it to something acceptable by spell-checker without loosing meaning.

I propose these changes:
subdomains  -> sub-domains
wordlist    -> word-list
pentesters  -> pen-testers or penetration testers
txt/csv     -> TXT/CSV
bruteforcer -> I don't know ... may be something like tool performing sub-domain guessing / brute-forcing 

Attached is the review checklist.

Best regards
Michal Ambroz

Created attachment 406019 [details]
dnsmap-review-checklist

Hi Michal

Spec diff:
@@ -1,7 +1,7 @@
-Release:        1%{?dist}
-Summary:        Passive DNS network mapper a.k.a. subdomains bruteforcer
+Release:        2%{?dist}
+Summary:        Sub-domains bruteforcer


@@ -11,10 +11,9 @@
 %description
-dnsmap is mainly meant to be used by pentesters during the information 
-gathering/enumeration phase of infrastructure security assessments
-as subdomains bruteforcer tool which reads subdomains from built-in list
-or wordlist file and saves output to txt/csv format.
+dnsmap is a small tool that perform brute-forcing of domains.
+It can use a built-in list or an external dictionary file and
+saves output to TXT/CSV format.

@@ -41,6 +40,9 @@
 %changelog
+* Sat Apr 17 2010 Nikolay Ulyanitsky <lystor AT lystor.org.ua> - 0.30-2
+- Fix description and summary


Spec URL: http://repo.lystor.org.ua/fedora/12/SPECS/dnsmap.spec
SRPM URL: http://repo.lystor.org.ua/fedora/12/SRPMS/dnsmap-0.30-2.fc12.src.rpm

Hello Nikolay,
I am sorry for my delay. I bit forgot to post feedback about this package.
Please do not hesitate to ping me if I fail again.

rpmlint dnsmap-0.30-2.fc12.src.rpm  dnsmap-0.30-2.fc12.i686.rpm dnsmap-debuginfo-0.30-2.fc12.i686.rpm 
dnsmap.src: W: spelling-error Summary(en_US) bruteforcer -> Wilberforce, enforcer, brutishness
dnsmap.i686: W: spelling-error Summary(en_US) bruteforcer -> Wilberforce, enforcer, brutishness
3 packages and 0 specfiles checked; 0 errors, 2 warnings.

Word bruteforcer comes from the original description on the upstream website. I would not consider it error.

Package works as expected. 

Package is APPROVED.

Best regards
Michal Ambroz

Hi Michal

Thank you for reviewing the package.

New Package CVS Request
=======================
Package Name: dnsmap
Short Description: Sub-domains bruteforcer
Owners: lystor
Branches: F-11 F-12 F-13
InitialCC:

CVS done (by process-cvs-requests.py).

Ping. 
Looking forward to test the nem package.
Michal Ambroz

Ping.
Hello Nikolay - AYT?
Michal Ambroz

dnsmap-0.30-2.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/dnsmap-0.30-2.fc14

dnsmap-0.30-2.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/dnsmap-0.30-2.fc13

dnsmap-0.30-2.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update dnsmap'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/dnsmap-0.30-2.fc14

I think that this package can be pushed to stable and this review closed.

Can you please push that package to stable?

Is there a problem with pushing that package to stable? We would like to add it the Fedora Security Lab.

dnsmap-0.30-2.fc13 has been pushed to the Fedora 13 stable repository.

dnsmap-0.30-2.fc14 has been pushed to the Fedora 14 stable repository.

Package Change Request
======================
Package Name: dnsmap
New Branches: el6 epel7
Owners: fab rebus
InitialCC:

Git done (by process-git-requests).