Bug 2124546 - Review Request: duo_unix - Duo two-factor authentication for UNIX systems
Summary: Review Request: duo_unix - Duo two-factor authentication for UNIX systems
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Michel Lind
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-09-06 13:11 UTC by Davide Cavalca
Modified: 2022-11-10 22:17 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-10-11 10:28:49 UTC
Type: ---
Embargoed:
michel: fedora-review+


Attachments (Terms of Use)

Description Davide Cavalca 2022-09-06 13:11:48 UTC
Spec URL: https://dcavalca.fedorapeople.org/review/duo_unix/duo_unix.spec
SRPM URL: https://dcavalca.fedorapeople.org/review/duo_unix/duo_unix-1.12.1-1.fc38.src.rpm

Description:
Duo provides simple two-factor authentication as a service via:

    1.  Phone callback
    2.  SMS-delivered one-time passcode
    3.  Duo mobile app to generate one-time passcode
    4.  Duo mobile app for smartphone push authentication
    5.  Duo hardware token to generate one-time passcode

This package allows an admin (or ordinary user) to quickly add Duo
authentication to any UNIX login without setting up secondary user
accounts, directory synchronization, servers, or hardware.

Fedora Account System Username: dcavalca

Comment 1 Davide Cavalca 2022-09-06 13:11:51 UTC
This package built on koji:  https://koji.fedoraproject.org/koji/taskinfo?taskID=91699155

Comment 2 Davide Cavalca 2022-09-06 13:12:31 UTC
This is an updated version of https://bugzilla.redhat.com/show_bug.cgi?id=1953243

Comment 3 Michel Lind 2022-09-28 01:24:57 UTC
Issues:
=======
- Package does not contain duplicates in %files.
  Note: warning: File listed twice: /usr/share/doc/duo_unix/LICENSE
  See: https://docs.fedoraproject.org/en-US/packaging-
  guidelines/#_duplicate_files
  => harmless. though maybe just do '%license LICENSE' and delete the file in %{_defaultdocdir}/%{name}/ ?

- Package must not depend on deprecated() packages.
  Note: openssl1.1-devel is deprecated, you must not depend on it.
  See: https://docs.fedoraproject.org/en-US/packaging-
  guidelines/deprecating-packages/
  => oh this can be an issue

Comment 4 Michel Lind 2022-10-07 18:43:07 UTC
- please update to depending on openssl-devel, I just checked locally and it works fine
- please add a %check section. `sudo make check` seems to work fine (yes it fails if sudo is not used, sigh) so you might want to disable the tests that involve writing to pam.d - the crypto tests don't require it

Exception: Permission denied opening pam.d make sure you run tests with elevated permissions

Comment 5 Davide Cavalca 2022-10-07 20:55:55 UTC
Spec URL: https://dcavalca.fedorapeople.org/review/duo_unix/duo_unix.spec
SRPM URL: https://dcavalca.fedorapeople.org/review/duo_unix/duo_unix-1.12.1-2.fc38.src.rpm

Changelog:
- Update openssl BR
- Fix duplicate license file
- Add check section and conditionally run tests

Comment 6 Michel Lind 2022-10-07 20:59:00 UTC
Changes look good. APPROVED

Comment 7 Gwyn Ciesla 2022-10-07 21:01:12 UTC
(fedscm-admin):  The Pagure repository was created at https://src.fedoraproject.org/rpms/duo_unix

Comment 8 Fedora Update System 2022-10-07 22:15:55 UTC
FEDORA-2022-04897a2ade has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-04897a2ade

Comment 9 Fedora Update System 2022-10-07 22:25:37 UTC
FEDORA-2022-502a017a92 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-502a017a92

Comment 10 Fedora Update System 2022-10-07 23:03:12 UTC
FEDORA-2022-4207a7acd1 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-4207a7acd1

Comment 11 Fedora Update System 2022-10-07 23:29:32 UTC
FEDORA-EPEL-2022-0af92cee1f has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0af92cee1f

Comment 12 Fedora Update System 2022-10-07 23:39:25 UTC
FEDORA-EPEL-2022-4d49b7dddf has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4d49b7dddf

Comment 13 Fedora Update System 2022-10-08 12:40:55 UTC
FEDORA-2022-04897a2ade has been pushed to the Fedora 37 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-04897a2ade \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-04897a2ade

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 14 Fedora Update System 2022-10-08 16:50:57 UTC
FEDORA-EPEL-2022-4d49b7dddf has been pushed to the Fedora EPEL 9 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-4d49b7dddf

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 15 Fedora Update System 2022-10-08 17:49:49 UTC
FEDORA-2022-4207a7acd1 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-4207a7acd1 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-4207a7acd1

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 16 Fedora Update System 2022-10-08 18:00:15 UTC
FEDORA-EPEL-2022-0af92cee1f has been pushed to the Fedora EPEL 8 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-0af92cee1f

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 17 Fedora Update System 2022-10-08 18:00:53 UTC
FEDORA-2022-502a017a92 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf install --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-502a017a92 \*`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-502a017a92

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 18 Fedora Update System 2022-10-11 10:28:49 UTC
FEDORA-EPEL-2022-0af92cee1f has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 19 Fedora Update System 2022-10-11 10:53:43 UTC
FEDORA-EPEL-2022-4d49b7dddf has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 20 Fedora Update System 2022-10-11 11:13:11 UTC
FEDORA-2022-4207a7acd1 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 21 Fedora Update System 2022-10-11 11:33:08 UTC
FEDORA-2022-502a017a92 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 22 Mark Bishop 2022-10-12 15:47:16 UTC
Removing `pam_duo` from the `duo_unix` package is a divergence from the original Duo package. Since both packages are named `duo_unix` and EPEL packages have a higher priority than third-party repositories, this `duo_unix` will override one from Duo causing unexpected behavior and possibly a system lockout if a user is protecting logins with `pam_duo`.

Suggested solutions are:
Include `pam_duo` as a part of this package.
Rename this package to `login_duo` to avoid conflicting with the upstream package repository

Comment 23 Davide Cavalca 2022-10-12 16:04:01 UTC
Thanks for the report Mark, I've moved that to https://bugzilla.redhat.com/show_bug.cgi?id=2134160 for ease of tracking.

Comment 24 Fedora Update System 2022-11-10 22:17:40 UTC
FEDORA-2022-0c3d3eca33 has been pushed to the Fedora 37 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.