Hide Forgot
Spec URL: https://comzeradd.fedorapeople.org/specs/dnscrypt-proxy.spec SRPM URL: https://comzeradd.fedorapeople.org/srpms/dnscrypt-proxy-1.6.1-1.fc23.src.rpm Description: DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered with. Fedora Account System Username: comzeradd
Nicos, using the specfile and sources you provide, my build failed as the compiler was unable to make the target configure: + cd /builddir/build/BUILD + cd dnscrypt-proxy-1.6.1 + make configure make: *** No rule to make target 'configure'. Stop. Please try to build your package in KOJI and publish the URL here. Ralf
Thanks. It seems that I uploaded an old spec. SPEC: https://comzeradd.fedorapeople.org/specs/dnscrypt-proxy.spec SRPM: https://comzeradd.fedorapeople.org/srpms/dnscrypt-proxy-1.6.1-2.fc24.src.rpm
- rpmlint checks return: dnscrypt-proxy.src: W: spelling-error %description -l en_US cryptographic -> cryptography, cryptographer, crystallographic The value of this tag appears to be misspelled. Please double-check. Ignore. dnscrypt-proxy.src: W: invalid-url URL: https://dnscrypt.org/ <urlopen error timed out> The value should be a valid, public HTTP, HTTPS, or FTP URL. Please fix. - package meets naming guidelines - package meets packaging guidelines ! license says GPLv2 but I see LGPLv2, and COPYING references BSD, please revisit. - spec file legible, in am. english - source matches upstream - package compiles on devel (x86) - no missing BR - no unnecessary BR - no locales - not relocatable - owns all directories that it creates - no duplicate files - permissions ok - %clean ok - macro use consistent - code, not content - no need for -docs - nothing in %doc affects runtime - no need for .desktop file So just the URL and license tag.
Thanks. I fixed the license. It's MIT. The URL seems correct. Probably the site was down a few hours ago. SPEC: https://comzeradd.fedorapeople.org/specs/dnscrypt-proxy.spec SRPM: https://comzeradd.fedorapeople.org/srpms/dnscrypt-proxy-1.6.1-3.fc24.src.rpm
Looks good, but I missed two rpmlint errors: dnscrypt-proxy.x86_64: E: missing-call-to-setgroups-before-setuid /usr/sbin/dnscrypt-proxy This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. dnscrypt-proxy.x86_64: E: missing-call-to-chdir-with-chroot /usr/sbin/dnscrypt-proxy This executable appears to call chroot without using chdir to change the current directory. This is likely an error and permits an attacker to break out of the chroot by using fchdir. While that's not always a security issue, this has to be checked.
Yes, I have open relevant bugs upstream. missing-call-to-chdir-with-chroot This seems to be wrong reporting from rpmlint. https://github.com/jedisct1/dnscrypt-proxy/issues/422 missing-call-to-setgroups-before-setuid This is now fixed upstream and will be included on the next release. https://github.com/jedisct1/dnscrypt-proxy/issues/421
Ok, great! APPROVED.
Package request has been approved: https://admin.fedoraproject.org/pkgdb/package/rpms/dnscrypt-proxy
dnscrypt-proxy-1.6.1-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad1cee380b
dnscrypt-proxy-1.6.1-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad1cee380b
dnscrypt-proxy-1.6.1-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.