Spec URL: http://www.guthrie.info/RPMS/f9/checkdns.spec SRPM URL: http://www.guthrie.info/RPMS/f9/checkdns-0.5-4.fc9.src.rpm Description: This program is a domain name server analysis and reporting tool. It checks and reports whether a domain name, hosted by your organization, is still in use, and if so, reports whether your name servers are still the delegated name servers of the domain name in question. Reports are generated both to the console and as HTML output. HTMLs also include information about the MX and WWW records of the domain name. The tool is expected to be of great use for Internet Service Providers who are in need of keeping track of lame dns records.
I would like to note at the outset that rpmlint does give me some grief about some of the permissions that I have set: john@hopf_1031% rpmlint ../RPMS/i386/checkdns-0.5-4.fc9.i386.rpm checkdns.i386: W: non-standard-gid /usr/sbin/checkdns checkdns checkdns.i386: E: setgid-binary /usr/sbin/checkdns checkdns 02755 checkdns.i386: E: non-standard-executable-perm /usr/sbin/checkdns 02755 checkdns.i386: W: non-standard-gid /var/www/html/checkdns checkdns checkdns.i386: E: non-standard-dir-perm /var/www/html/checkdns 02775 And, yes I actually do create the group checkdns, and I have the binary setgid so that it can write to the directory that I have created. I am open to any more reasonable suggestions about how I should set this up.
Just a comment, unable to downloaded spec file or src.rpm. Please, update your links.
(In reply to comment #2) > Just a comment, unable to downloaded spec file or src.rpm. > Please, update your links. Sorry, I had a domain issue to clear up. Could you please try the links again? Thanks.
(In reply to comment #3) > (In reply to comment #2) > > Just a comment, unable to downloaded spec file or src.rpm. > > Please, update your links. > > Sorry, I had a domain issue to clear up. Could you please try the links again? I can, but still same problem. :-) Is it working for you?
(In reply to comment #4) > (In reply to comment #3) > > (In reply to comment #2) > > > Just a comment, unable to downloaded spec file or src.rpm. > > > Please, update your links. > > > > Sorry, I had a domain issue to clear up. Could you please try the links again? > > I can, but still same problem. :-) > > Is it working for you? It is. I can even get the links to work from a site external to me. Could I ask you to check one more time. If it doesn't work, then I'll post a alternate URL. Thanks.
Well, forks for me now. Just I am not interested in review (no time). Will be helpful for someone else.
A couple of remarks, before the full review - the correct license is GPLv2+. All files that include a license in the header specify, and I quote: This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - the compilation flags which are mandatory for Fedora are ignored. Please make sure that the make process uses %{optflags} - I did not examine carefully the program, but I think that you can eliminate the need of suid group for the checkdns folder if - in %post - you create a checkdns user and use chown checkdns.apache /var/www/html/checkdns chmod 755 /var/www/html/checkdns make sure that the checkdns program is run as the checkdns user (which is extremely easy to do in cron) The only drawback is that if the program is run by another user (in a console), the HTML files will not be created with the correct ownership. But as the output is sent to the console, it can be redirected anywhere. - in addition to the above, I urge you to install an example cron file, either in /var/spool/cron/checkdns (make sure you match the user created above) or in /etc/cron.d (in which case make sure you specify the user that the script runs as, for instance: # Runs the chkdns periodic check 17 01 * * * checkdns /bin/checkdns 1> /dev/null 2> /dev/null once again, the user after the time fields must match the one created in %post - feel free to drop the TODO file, it's useless in the current form. However, leave it in if you think that it might contain something useful in the foreseeable future
John, do you want to submit a new version or should I review the existing one (which we already know that has at least two blockers) ?
I apologize for the late reply. Life stepped in and I wasn't able to look at this when you started looking at it. I am going to submit a new version to correct the blockers. One quick question though. When I was going through all of the Fedora packaging guidelines, I don't recall seeing anything about the %{optflags} variable. Could you refer me to the page that discusses this variable, so I can make certain that I use it correctly? Thank you very much.
(In reply to comment #7) > - I did not examine carefully the program, but I think that you can eliminate > the need of suid group for the checkdns folder if - in %post - you create a > checkdns user and use > chown checkdns.apache /var/www/html/checkdns > chmod 755 /var/www/html/checkdns > make sure that the checkdns program is run as the checkdns user (which is > extremely easy to do in cron) > The only drawback is that if the program is run by another user (in a console), > the HTML files will not be created with the correct ownership. But as the > output is sent to the console, it can be redirected anywhere. I'm a little confused. Why would I want to do all of that in %post? Why not in %pre, and just set the ownership and permissions in the %files section? Unless I'm mistaken, what you are proposing would require changing perms/ownership after they have been placed into the RPM database, with the result that rpm -V will always flag them as having been changed. Am I missing something? (In addition, every other package that I have seen add users or groups has done so in %pre.)
You are right, %pre is more suitable
http://fedoraproject.org/wiki/Packaging/Guidelines#Compiler_flags is the answer to comment #9
I have just uploaded new versions of the spec file and srpm that should satisfy all of your concerns: Spec URL: http://www.guthrie.info/RPMS/f9/checkdns.spec SRPM URL: http://www.guthrie.info/RPMS/f9/checkdns-0.5-6.fc9.src.rpm - License tag should be fixed - I have adjusted ownership and permissions of stuff in /var/www/html - %{optflags} is now being used - I have installed a cron file Let me know what you think. Thanks.
Package Review ============== Key: - = N/A x = Check ! = Problem ? = Not evaluated === REQUIRED ITEMS === [x] Package is named according to the Package Naming Guidelines. [x] Spec file name must match the base package %{name}, in the format %{name}.spec. [x] Package meets the Packaging Guidelines. [x] Package successfully compiles and builds into binary rpms on at least one supported architecture. Tested on: devel/x86_64 [x] Rpmlint output: source RPM: checkdns.src: E: unknown-key GPG#84490216 --> ignorable binary RPM: checkdns.x86_64: W: non-standard-uid /var/www/html/checkdns checkdns checkdns.x86_64: W: non-standard-gid /var/www/html/checkdns apache --> both are intended and hence ignorable checkdns.x86_64: W: dangerous-command-in-%postun userdel --> see Note 1 [x] Package is not relocatable. [x] Buildroot is correct (%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)) [x] Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines. [x] License field in the package spec file matches the actual license. License type:GPLv2+ [x] If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x] Spec file is legible and written in American English. [x] Sources used to build the package match the upstream source, as provided in the spec URL. SHA1SUM of package: cb6b51995f44857427f4467d815405b978bba1f7 checkdns-0.5.tar.gz [x] Package is not known to require ExcludeArch [x] All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines. [-] The spec file handles locales properly. [-] ldconfig called in %post and %postun if required. [x] Package must own all directories that it creates. [x] Package requires other packages for directories it uses. [x] Package does not contain duplicates in %files. [x] Permissions on files are set properly. [x] Package has a %clean section, which contains rm -rf $RPM_BUILD_ROOT. [!] Package consistently uses macros. --> see note 2 [x] Package contains code, or permissable content. [-] Large documentation files are in a -doc subpackage, if required. [x] Package uses nothing in %doc for runtime. [-] Header files in -devel subpackage, if present. [-] Static libraries in -devel subpackage, if present. [-] Package requires pkgconfig, if .pc files are present. [-] Development .so files in -devel subpackage, if present. [-] Fully versioned dependency in subpackages, if present. [x] Package does not contain any libtool archives (.la). [-] Package contains a properly installed %{name}.desktop file if it is a GUI application. [x] Package does not own files or directories owned by other packages. [x] Final provides and requires are sane: === SUGGESTED ITEMS === [x] Latest version is packaged. [x] Package does not include license text files separate from upstream. [-] Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [x] Reviewer should test that the package builds in mock. Tested on: devel/x86_64 [?] Package should compile and build into binary rpms on all supported architectures. Tested on: [x] Package functions as described. [!] Scriptlets must be sane, if used. -> see note 1 [-] The placement of pkgconfig(.pc) files is correct. [-] File based requires are sane. [-] %check is present and the test passes. === Final Notes === 1. Please do not use userdel in %post. The Fedora policy is to allow the sysadmin to clean at will, if/when needed. 2. Since you are using RPM_BUILD_ROOT in a lot of places, please replace %{optflags} with its uppercase equivalent. Technically we are OK, but estethically we are not. Please make the above mentioned 2 modifications and we are good to go.
(In reply to comment #14) > === Final Notes === > 1. Please do not use userdel in %post. The Fedora policy is to allow the > sysadmin to clean at will, if/when needed. > 2. Since you are using RPM_BUILD_ROOT in a lot of places, please replace > %{optflags} with its uppercase equivalent. Technically we are OK, but > estethically we are not. > > Please make the above mentioned 2 modifications and we are good to go. I have made both of these modifications: Spec URL: http://www.guthrie.info/RPMS/f9/checkdns.spec SRPM URL: http://www.guthrie.info/RPMS/f9/checkdns-0.5-7.fc9.src.rpm Thank you very much.
great job. APPROVED.
New Package CVS Request ======================= Package Name: checkdns Short Description: A Domain Name Server analysis and reporting tool Owners: guthrie Branches: F-9 F-10 InitialCC:
New Package CVS Request ======================= Package Name: checkdns Short Description: A Domain Name Server analysis and reporting tool Owners: guthrie Branches: F-9 F-10 InitialCC: guthrie I am adding myself to the InitialCC list.
cvs done. No need to add yourself to InitialCC, the owner gets all bugs anyway as they are assigned them.
I've submitted the builds, and they have all built successfully. Closing this bug.
Package Change Request ====================== Package Name: checkdns New Branches: F-11 Owners: guthrie
Never mind. I was trying to check the F-11 branch out incorrectly. I figured it out now.