Bug 176943 - Review Request: rootsh : Shell wrapper for auditing
Review Request: rootsh : Shell wrapper for auditing
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jef Spaleta
David Lawrence
:
Depends On:
Blocks: FE-ACCEPT
  Show dependency treegraph
 
Reported: 2006-01-04 11:30 EST by Tom "spot" Callaway
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-01-08 12:57:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tom "spot" Callaway 2006-01-04 11:30:17 EST
Spec Name or Url: http://www.auroralinux.org/people/spot/review/rootsh.spec
SRPM Name or Url: http://www.auroralinux.org/people/spot/review/rootsh-1.5.2-1.src.rpm
Description: 
Rootsh is a wrapper for shells which logs all echoed keystrokes and
terminal output to a file and/or to syslog. Its main purpose is the
auditing of users who need a shell with root privileges. They start
rootsh through the sudo mechanism.
Comment 1 Jef Spaleta 2006-01-06 17:01:48 EST
Okay builds in mock against development.
I'll see if I can get to the formal review tonite after battlestar.

Comment 2 Jef Spaleta 2006-01-06 23:36:45 EST
Formal review
Summary: 1 blocker
- BAD: Forgot to include the COPYING file in the %docs section
Get that fixed and you have approval.


- GOOD: rpmlint on mock built binary returns clean.
- GOOD: package named according to the PackageNamingGuidelines.
- GOOD: The spec file name matches %{name}, in the format %{name}.spec
- GOOD: The package meets the PackagingGuidelines.
- GOOD: The package is licensed GPL
- GOOD: The License field in the package spec file matches the actual license.
- GOOD: The spec written in American English.
- GOOD: The spec file is legible. 
- GOOD: The sources used to build matches the upstream source
        md5sum  39e3a876b991fe235af3150335d1a0f8
- GOOD: The package successfully compile and build into binary rpms on atleast x86
- GOOD: No BuildRequires and it still builds in mock
- GOOD: No locales 
- GOOD: No shared library files 
- GOOD: own all directories that it creates. uses /usr/bin/ and
/usr/share/man/man1  which are explicitly listed in the FHS and owned by
filesystem package
- GOOD: no duplicates in %files listing.
- GOOD: Permissions on files are set properly. 
- GOOD: Each package must have a %clean section, which contains rm -rf
%{buildroot} (or $RPM_BUILD_ROOT).
- GOOD: Each package must consistently use macros, as described in the macros
section of PackagingGuidelines.
- GOOD: The package must contain code, or permissable content. This is described
in detail in the code vs. content section of PackagingGuidelines.
- GOOD: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.
Comment 4 Jef Spaleta 2006-01-07 15:25:31 EST
rootsh-1.5.2-2.src.rpm   APPROVED


Note You need to log in before you can comment on or make changes to this bug.