Bug 484735 - Review Request: fipscheck - A library for integrity verification of FIPS validated modules
Review Request: fipscheck - A library for integrity verification of FIPS vali...
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Marcela Mašláňová
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-02-09 13:26 EST by Tomas Mraz
Modified: 2009-02-11 08:34 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-02-11 08:34:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
mmaslano: fedora‑review+
kevin: fedora‑cvs+


Attachments (Terms of Use)

  None (edit)
Description Tomas Mraz 2009-02-09 13:26:19 EST
Spec URL: http://people.redhat.com/tmraz/fipscheck/fipscheck.spec
SRPM URL: http://people.redhat.com/tmraz/fipscheck/fipscheck-1.0.4-1.fc11.src.rpm
Description: 
FIPSCheck is a library for integrity verification of FIPS validated
modules. The package also provides helper binaries for creation and
verification of the HMAC-SHA256 checksum files.

This package will be a dependency of openssh and possibly other packages which will have testing support for future FIPS 140-2 validation.
Comment 1 Marcela Mašláňová 2009-02-10 03:28:19 EST
OK source files match upstream: 6626b490c5b62a796e6272126e4ff6e8
OK package meets naming and versioning guidelines.
OK specfile is properly named, is cleanly written and uses macros consistently.
OK dist tag is present.
OK build root is correct.
OK license field matches the actual license.
OK license is open source-compatible. License text not included upstream.
OK latest version is being packaged.
OK BuildRequires are proper.
OK %clean is present.
OK package builds in mock (Rawhide/x86_64).
OK debuginfo package is need and ok.
OK rpmlint is silent.
    fipscheck-devel.x86_64: W: no-documentation
    - The devel package don't have to contain documentation.
OK final provides and requires look sane.
OK no shared libraries are added to the regular linker search paths.
OK owns the directories it creates.
OK no duplicates in %files.
OK file permissions are appropriate.
OK no scriptlets present.
OK documentation is small, so no -docs subpackage is necessary.
OK %docs are not necessary for the proper functioning of the package.
OK no headers.
OK no pkgconfig files.
OK no libtool .la droppings.

The script ltmain.sh is under GPLv2+ but you are not installing this file, so the licence is ok as is.

Could you please explain the line below? Couldn't you change automake to install it in right place?
mv $RPM_BUILD_ROOT%{_libdir}/libfipscheck.so.* $RPM_BUILD_ROOT/%{_lib}
Comment 2 Tomas Mraz 2009-02-10 03:32:45 EST
(In reply to comment #1)
> The script ltmain.sh is under GPLv2+ but you are not installing this file, so
> the licence is ok as is.

Of course.
 
> Could you please explain the line below? Couldn't you change automake to
> install it in right place?
> mv $RPM_BUILD_ROOT%{_libdir}/libfipscheck.so.* $RPM_BUILD_ROOT/%{_lib}
I could probably use --libdir in %configure, but I'd have to move the devel .so symlink to _libdir then so I don't think it make much sense to do that. This library is very small and it can be potential dependency of binaries which will reside in /sbin so I have to put it in /%{_lib}.
Comment 3 Marcela Mašláňová 2009-02-10 03:47:23 EST
ACCEPT
Comment 4 Tomas Mraz 2009-02-10 04:13:49 EST
New Package CVS Request
=======================
Package Name: fipscheck
Short Description: A library for integrity verification of FIPS validated modules
Owners: tmraz
Branches:
InitialCC:
Comment 5 Kevin Fenzi 2009-02-10 17:26:38 EST
cvs done. 

You may want to consider a fedorahosted space for upstream development of this.

Note You need to log in before you can comment on or make changes to this bug.