Spec URL: http://www.softwarelibre777.com/volp/fail2ba.spec SRPM URL: http://www.softwarelibre777.com/volp/fail2ban-0.6.1-2.fc5.src.rpm Description: Fail2Ban scans log files like /var/log/pwdfail and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. This is my first Packages. I'm looking for a Sponsor
Interestig package, however, I have to say that there are not a few issues to be fixed before accepting this package. Please read and be familliar with the following URL. http://fedoraproject.org/wiki/Packaging/Guidelines http://fedoraproject.org/wiki/Packaging/ReviewGuidelines Especially, please use 'rpmlint' (this is in Fedora Extras and Maintained by Ville Skyttä) to check if your package got shaped to Fedora Extras packaging criteria. For this package, you also have to read the following: http://fedoraproject.org/wiki/Packaging/ScriptletSnippets http://fedoraproject.org/wiki/Packaging/Python Not a full review, however: A. For srpm, rpmlint complains about the following. E: fail2ban no-changelogname-tag W: fail2ban strange-permission fail2ban.spec 0444 W: fail2ban hardcoded-packager-tag Walter W: fail2ban prereq-use /sbin/chkconfig /sbin/service * Add changelog * Change the permission of spec file to 0644. * Don't write 'Packager'. This should be written in Changelog. * Don't use Prereq. The correct usage of requirements are in http://fedoraproject.org/wiki/Packaging/ScriptletSnippets . Also: * Don't use hardcoded dist tag to release number. * pyo bytecompiled python binary are not ghosted any longer because of SELinux issue. * Use 'cp -p' or 'install -p' to keep timestamps. * BuildRoot is not the format recommended by Fedora Extras. B. For binary rpm, rpmlint complains as following. E: fail2ban no-changelogname-tag E: fail2ban only-non-binary-in-usr-lib W: fail2ban service-default-enabled /etc/rc.d/init.d/fail2ban E: fail2ban subsys-not-used /etc/rc.d/init.d/fail2ban * No binary files are installed in /usr/lib, which is generally regarded as wrong. Consider to move all the files in %{_libdir} to %{_datadir} NOTE: /usr/bin/fail2ban has a hardcoded directory setting of /usr/lib/fail2ban and your spec file says some files should be installed under %{_libdir}/%{name}. This is anyway incorrect because for x86_64 system, %{_libdir} is /usr/lib64. * This package enables fail2ban daemon when installed by default (see init script), which is usually unwilling. Check if this is the expected behavior (usually it is not). * fail2ban init script does not use subsys lock file (for this package, this is usually /var/lock/subsys/fail2ban). Rewrite the init script to use subsys file. (Usually this is done correctly by using 'daemon' function in /etc/rc.d/init.d/function. Init scripts in other rpms are good examples.)
ping?
Again ping?
Well, again ping? I will close this bug as NOTABUG if I cannot receive any response within one week according to http://fedoraproject.org/wiki/Extras/Policy/StalledReviews
Note also http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6302
I will wait 2 days before closing this bug as NOTABUG.
I regard this bug as stalled review. I mark this bug as NOTABUG and make this bug block FE-DEADREVIEW.
Mamoru, do you want to continue on this package as a new submitter? I would review it if you like to.
(In reply to comment #8) > Mamoru, do you want to continue on this package as a new submitter? I would > review it if you like to. No, I don't.....
I took a look at the package submitted in comment 0. This is just the upstream provided package with the changelog trimmed and the Packager field replaced, this isn't quite what it considered packaging for Fedora. ;) I'll submit a new package, then - Mamoru, hope you haven't lost your patience on fail2ban and will be willing to review :)
(In reply to comment #10) > I'll submit a new package, then - Mamoru, hope > you haven't lost your patience on > fail2ban and will be willing to review :) Well, when you submit a new package, I will review your package.
Thanks Mamoru, the new package is under bug #220789
*** This bug has been marked as a duplicate of 220789 ***