Bug 813594

$ rpmlint pwauth.spec 
0 packages and 1 specfiles checked; 0 errors, 0 warnings.
$ rpmlint pwauth-2.3.10-0.el6.src.rpm 
pwauth.src: W: spelling-error Summary(en_US) plugin -> plug in, plug-in, plugging
pwauth.src: W: spelling-error Summary(en_US) authnz -> author, authentic, autobahn
pwauth.src: W: spelling-error Summary(en_US) authenticator -> authentication, authenticated, authenticate
pwauth.src: W: spelling-error %description -l en_US authenticator -> authentication, authenticated, authenticate
pwauth.src: W: spelling-error %description -l en_US auth -> auto, Ruth, author
pwauth.src: W: spelling-error %description -l en_US authnz -> author, authentic, autobahn
1 packages and 0 specfiles checked; 0 errors, 6 warnings.
$

A few small issues

- remove execute bits from /etc/pam.d/pwauth
- add -p to install targets to preserve timestamps

- I believe it is preferred not to use macros for rm,mkdir,sed, etc

You have the EL5 requirements in there, which preferably are removed if not building for the EL5 branch.

Perhaps poke upstream for  --help/-h and/or man page? especially since it just quietly listens for input and might confuse people.

Since this is a setgid program, can you see about getting an SElinux policy 
update to limit this program to reading /etc/shadow? Talk to dwalsh?

With the above first two issues addressed, PASS



Package Review
==============

Key:
- = N/A
x = Pass
! = Fail
? = Not evaluated



==== C/C++ ====
[-]: MUST Header files in -devel subpackage, if present.
[x]: MUST Package does not contain any libtool archives (.la)
[-]: MUST Package does not contain kernel modules.
[x]: MUST Package contains no static executables.
[x]: MUST Rpath absent or only used for internal libs.
[x]: MUST Package is not relocatable.


==== Generic ====
[x]: MUST Package is licensed with an open-source compatible license and meets
     other legal requirements as defined in the legal section of Packaging
     Guidelines.
[x]: MUST Package successfully compiles and builds into binary rpms on at
     least one supported primary architecture.
[x]: MUST %build honors applicable compiler flags or justifies otherwise.
[x]: MUST All build dependencies are listed in BuildRequires, except for any
     that are listed in the exceptions section of Packaging Guidelines.
[!]: MUST Buildroot is not present
     Note: Buildroot is not needed unless packager plans to package for EPEL5
[x]: MUST Package contains no bundled libraries.
[x]: MUST Changelog in prescribed format.
[!]: MUST Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
     Note: Clean is needed only if supporting EPEL
[x]: MUST Sources contain only permissible code or content.
[!]: MUST Each %files section contains %defattr if rpm < 4.4
     Note: defattr(....) present in %files section. This is OK if packaging
     for EPEL5. Otherwise not needed
[x]: MUST Macros in Summary, %description expandable at SRPM build time.
[x]: MUST Package requires other packages for directories it uses.
[x]: MUST Package uses nothing in %doc for runtime.
[x]: MUST Package is not known to require ExcludeArch.
[x]: MUST Permissions on files are set properly.
[x]: MUST Package does not contain duplicates in %files.
[x]: MUST Spec file lacks Packager, Vendor, PreReq tags.
[!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf is only needed if supporting EPEL5
[x]: MUST Large documentation files are in a -doc subpackage, if required.
[-]: MUST If (and only if) the source package includes the text of the
     license(s) in its own file, then that file, containing the text of the
     license(s) for the package is included in %doc.
[x]: MUST License field in the package spec file matches the actual license.
[x]: MUST Package consistently uses macros (instead of hard-coded directory
     names).
[x]: MUST Package is named according to the Package Naming Guidelines.
[x]: MUST Package does not generate any conflict.
[x]: MUST Package obeys FHS, except libexecdir and /usr/target.
[x]: MUST Package must own all directories that it creates.
[x]: MUST Package does not own files or directories owned by other packages.
[x]: MUST Package installs properly.
[x]: MUST Requires correct, justified where necessary.
[!]: MUST Rpmlint output is silent.

rpmlint pwauth-debuginfo-2.3.10-0.fc18.i686.rpm

1 packages and 0 specfiles checked; 0 errors, 0 warnings.


rpmlint pwauth-2.3.10-0.fc18.src.rpm

pwauth.src: W: spelling-error Summary(en_US) authnz -> autobahn
pwauth.src: W: spelling-error Summary(en_US) authenticator -> authentication, authenticate, authentic
pwauth.src: W: spelling-error %description -l en_US authenticator -> authentication, authenticate, authentic
pwauth.src: W: spelling-error %description -l en_US auth -> auto, Ruth, author
pwauth.src: W: spelling-error %description -l en_US authnz -> autobahn
1 packages and 0 specfiles checked; 0 errors, 5 warnings.


rpmlint pwauth-2.3.10-0.fc18.i686.rpm
pwauth.i686: W: spelling-error Summary(en_US) authnz -> autobahn
pwauth.i686: W: spelling-error Summary(en_US) authenticator -> authentication, authenticate, authentic
pwauth.i686: W: spelling-error %description -l en_US authenticator -> authentication, authenticate, authentic
pwauth.i686: W: spelling-error %description -l en_US auth -> auto, Ruth, author
pwauth.i686: W: spelling-error %description -l en_US authnz -> autobahn
pwauth.i686: E: setuid-binary /usr/bin/pwauth root 04750L
pwauth.i686: E: non-standard-executable-perm /usr/bin/pwauth 04750L
pwauth.i686: E: non-standard-executable-perm /usr/bin/pwauth 04750L
pwauth.i686: E: script-without-shebang /etc/pam.d/pwauth
pwauth.i686: W: no-manual-page-for-binary pwauth
pwauth.i686: W: install-file-in-docs /usr/share/doc/pwauth-2.3.10/INSTALL
1 packages and 0 specfiles checked; 4 errors, 7 warnings.


[x]: MUST Sources used to build the package match the upstream source, as
     provided in the spec URL.
/vol/home/paul/813594/pwauth-2.3.10.tar.gz :
  MD5SUM this package     : 4f2e860ebc8f7f7c17743156b03659b0
  MD5SUM upstream package : 4f2e860ebc8f7f7c17743156b03659b0

[x]: MUST Spec file is legible and written in American English.
[x]: MUST Spec file name must match the spec package %{name}, in the format
     %{name}.spec.
[-]: MUST Package contains a SysV-style init script if in need of one.
[x]: MUST File names are valid UTF-8.
[x]: MUST Useful -debuginfo package or justification otherwise.
[x]: SHOULD Reviewer should test that the package builds in mock.
[?]: SHOULD If the source package does not include license text(s) as a
     separate file from upstream, the packager SHOULD query upstream to
     include it.
[x]: SHOULD Dist tag is present.
[x]: SHOULD No file requires outside of /etc, /bin, /sbin, /usr/bin,
     /usr/sbin.
[x]: SHOULD Final provides and requires are sane (rpm -q --provides and rpm -q
     --requires).
[x]: SHOULD Package functions as described.
[x]: SHOULD Latest version is packaged.
[x]: SHOULD Package does not include license text files separate from
     upstream.
[?]: SHOULD Patches link to upstream bugs/comments/lists or are otherwise
     justified.
[x]: SHOULD SourceX / PatchY prefixed with %{name}.
     Note: Source1: pwauth.pam (pwauth.pam) Patch1: pwauth-strchr.patch
     (pwauth-strchr.patch)
[x]: SHOULD SourceX is a working URL.
[?]: SHOULD Description and summary sections in the package spec file contains
     translations for supported Non-English languages, if available.
[x]: SHOULD Package should compile and build into binary rpms on all supported
     architectures.
x]: SHOULD %check is present and all tests pass.
[!]: SHOULD Packages should try to preserve timestamps of original installed
     files.
[x]: SHOULD Spec use %global instead of %define.

Issues:
[!]: MUST Buildroot is not present
     Note: Buildroot is not needed unless packager plans to package for EPEL5
See: http://fedoraproject.org/wiki/Packaging/Guidelines#BuildRoot_tag
[!]: MUST Package has no %clean section with rm -rf %{buildroot} (or
     $RPM_BUILD_ROOT)
     Note: Clean is needed only if supporting EPEL
See: http://fedoraproject.org/wiki/Packaging/Guidelines#.25clean
[!]: MUST Each %files section contains %defattr if rpm < 4.4
     Note: defattr(....) present in %files section. This is OK if packaging
     for EPEL5. Otherwise not needed
See: http://fedoraproject.org/wiki/Packaging/Guidelines#FilePermissions
[!]: MUST Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the
     beginning of %install.
     Note: rm -rf is only needed if supporting EPEL5
See: None
[!]: MUST Rpmlint output is silent.

rpmlint pwauth-debuginfo-2.3.10-0.fc18.i686.rpm

1 packages and 0 specfiles checked; 0 errors, 0 warnings.


rpmlint pwauth-2.3.10-0.fc18.src.rpm

pwauth.src: W: spelling-error Summary(en_US) authnz -> autobahn
pwauth.src: W: spelling-error Summary(en_US) authenticator -> authentication, authenticate, authentic
pwauth.src: W: spelling-error %description -l en_US authenticator -> authentication, authenticate, authentic
pwauth.src: W: spelling-error %description -l en_US auth -> auto, Ruth, author
pwauth.src: W: spelling-error %description -l en_US authnz -> autobahn
1 packages and 0 specfiles checked; 0 errors, 5 warnings.

rpmlint pwauth-2.3.10-0.fc18.i686.rpm

pwauth.i686: W: spelling-error Summary(en_US) authnz -> autobahn
pwauth.i686: W: spelling-error Summary(en_US) authenticator -> authentication, authenticate, authentic
pwauth.i686: W: spelling-error %description -l en_US authenticator -> authentication, authenticate, authentic
pwauth.i686: W: spelling-error %description -l en_US auth -> auto, Ruth, author
pwauth.i686: W: spelling-error %description -l en_US authnz -> autobahn
pwauth.i686: E: setuid-binary /usr/bin/pwauth root 04750L
pwauth.i686: E: non-standard-executable-perm /usr/bin/pwauth 04750L
pwauth.i686: E: non-standard-executable-perm /usr/bin/pwauth 04750L
pwauth.i686: E: script-without-shebang /etc/pam.d/pwauth
pwauth.i686: W: no-manual-page-for-binary pwauth
pwauth.i686: W: install-file-in-docs /usr/share/doc/pwauth-2.3.10/INSTALL
1 packages and 0 specfiles checked; 4 errors, 7 warnings.


See: http://fedoraproject.org/wiki/Packaging/Guidelines#rpmlint


Generated by fedora-review 0.1.3
External plugins:

Please include an SCM request when setting the SCM flag.  Thanks!

http://fedoraproject.org/wiki/Package_SCM_admin_requests

New Package SCM Request
=======================
Package Name: pwauth
Short Description: External plugin for mod_authnz_external authenticator
Owners: philipp rdieter
Branches: f16 f17 el6
InitialCC: pwouters

Git done (by process-git-requests).

Paul, please take ownership of review BZs, thanks!

pwauth-2.3.10-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/pwauth-2.3.10-1.fc17

pwauth-2.3.10-1.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/pwauth-2.3.10-1.fc16

pwauth-2.3.10-1.fc17 has been pushed to the Fedora 17 testing repository.

pwauth-2.3.10-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/pwauth-2.3.10-1.el6

pwauth-2.3.10-1.fc16 has been pushed to the Fedora 16 stable repository.

pwauth-2.3.10-1.el6 has been pushed to the Fedora EPEL 6 stable repository.

pwauth-2.3.10-1.fc17 has been pushed to the Fedora 17 stable repository.