Bug 571816
Summary: | Review Request: clamav-unofficial-sigs - Scripts to download unoffical clamav signatures | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Andrew Colin Kissa <andrew> |
Component: | Package Review | Assignee: | Jason Tibbitts <j> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | fedora-package-review, notting |
Target Milestone: | --- | Flags: | j:
fedora-review+
kevin: fedora-cvs+ |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | clamav-unofficial-sigs-3.7.1-3.el5 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-01-21 22:55:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Andrew Colin Kissa
2010-03-09 16:05:07 UTC
Updated: http://www.topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs-3.7-2.fc12.src.rpm http://www.topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs.spec Updated: http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs-3.7-3.fc12.src.rpm http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs.spec Updated: http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs-3.7.1-1.fc13.src.rpm http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs.spec Since you have indicated that you are not going to be working on Fedora, is there any reason for this ticket to stay open? Or, to put it another way, is there any point in reviewing this at this time? I have some free time during the xmas holidays, i will use that time to fix all my outstanding bugs as NO proven packager has taken them up. So if you can review it i will work on it. Sure, I can review it. There's not really much to this package; it builds fine and rpmlint has only the expected complaints about nonstandard uid and gits, as well as two complaints about missing manpages. There is actually a manpage, but for some reason it has a different name than the actual executable. Is there any specific reason for that? Seems to be something of a mistake by upstream. I'm pretty sure I traced down the clamav dependencies properly to make sure that the user will be present before this package is installed. The clamav package is so terrible, however, that I might have missed something. I'm not entirely sure why the executables in /usr/bin need to be owned by the clamupdate user. Can you clarify? The current situation leads to them being writable by clamupdate, which I don't think is a particularly good idea. The %post scriptlet is decidedly not sane. Every time this package is updated, a file which you've explicitly marked as %config(noreplace) will be modified if it includes the string "45". Why not use the existing random wait functionality already in the software? * source files match upstream. sha256sum: 7f8de46da43d8edd06ee1dcd1bc4563e61b23c9bbd368ccf0265576e46f4d90c clamav-unofficial-sigs-3.7.1.tar.gz * package meets naming and versioning guidelines. * specfile is properly named, is cleanly written and uses macros consistently. * summary is OK. * description is OK. * dist tag is present. * license field matches the actual license. * license is open source-compatible. * license text included in package. * latest version is being packaged. * BuildRequires are proper. * package builds in mock (rawhide, x86_64). * package installs properly. * rpmlint has acceptable complaints. * final provides and requires are sane: config(clamav-unofficial-sigs) = 3.7.1-1.fc15 clamav-unofficial-sigs = 3.7.1-1.fc15 = /bin/sh bind-utils clamav config(clamav-unofficial-sigs) = 3.7.1-1.fc15 curl diffutils gnupg rsync * no bundled libraries. * owns the directories it creates. * doesn't own any directories it shouldn't. * no duplicates in %files. * file permissions are appropriate. * no generically named files X scriptlets are not sane. * code, not content. * documentation is small, so no -doc subpackage is necessary. * %docs are not necessary for the proper functioning of the package. * Upstream have named the command with a .sh because its a shell script, would linking /usr/bin/clamav-unofficial-sigs.sh to /usr/bin/clamav-unofficial-sigs be acceptable ? * On the ownership you are correct about that will fix * will fix the post scriptlet Updated the spec and srpm with the fixes rpmlint is now cleaner. http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs.spec http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs-3.7.1-2.fc13.src.rpm Looks OK to me. I didn't save the previous package so I don't know if you were running the original cron job as clamupdate instead of root. That might be something to consider (since it avoids exposing a root-owned process to whatever might come in over the network) but . And just to be clear, my comments relating to ownership were just about the two files in /usr/bin, not the /var/lib and /var/log stuff, and I certainly didn't intend for you to undo any "run as something other than root" setup if that's what was in place originally. Updated. The cron job runs as clamupdate not root. http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs.spec http://topdog-software.com/oss/SRPMS/fedora/clamav-unofficial-sigs/clamav-unofficial-sigs-3.7.1-3.fc13.src.rpm Looks good, thanks. APPROVED New Package SCM Request ======================= Package Name:clamav-unofficial-sigs Short Description:Scripts to download unoffical clamav signatures Owners:topdog Branches:f13 f14 el4 el5 el6 InitialCC Git done (by process-git-requests). clamav-unofficial-sigs-3.7.1-3.el4 has been submitted as an update for Fedora EPEL 4. https://admin.fedoraproject.org/updates/clamav-unofficial-sigs-3.7.1-3.el4 clamav-unofficial-sigs-3.7.1-3.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/clamav-unofficial-sigs-3.7.1-3.fc14 clamav-unofficial-sigs-3.7.1-3.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/clamav-unofficial-sigs-3.7.1-3.el5 clamav-unofficial-sigs-3.7.1-3.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/clamav-unofficial-sigs-3.7.1-3.fc13 clamav-unofficial-sigs-3.7.1-3.el4 has been pushed to the Fedora EPEL 4 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update clamav-unofficial-sigs'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/clamav-unofficial-sigs-3.7.1-3.el4 clamav-unofficial-sigs-3.7.1-3.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. clamav-unofficial-sigs-3.7.1-3.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. clamav-unofficial-sigs-3.7.1-3.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report. clamav-unofficial-sigs-3.7.1-3.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. Package Change Request ====================== Package Name: clamav-unofficial-sigs New Branches: epel7 Owners: topdog ondrejj Git done (by process-git-requests). |