Spec URL: http://maxamillion.fedorapeople.org/autopsy.spec SRPM URL: http://maxamillion.fedorapeople.org/autopsy-2.21-1.fc10.src.rpm Description: The Autopsy Forensic Browser is a graphical interface to utilities found in The Sleuth Kit (TSK). TSK is a collection of command line tools that allow you to investigate a Windows or Unix system by examining the hard disk contents. TSK and Autopsy will show you the files, data units, and metadata of NTFS, FAT, EXTxFS, and UFS file system images in a read-only environment. Autopsy allows you to search for specific types of evidence based on keywords, MAC times, hash values, and file types. Autopsy is HTML-based and uses a client-server model. The Autopsy server runs on many UNIX systems and the client can be any platform with an HTML browser. This enables one to create a flexible environment with a central Autopsy server and several remote clients. For incident response scenarios, a CD with The Sleuth Kit and Autopsy can be created to allow the responder read-only remote access to a live suspect system from an HTML-browser on a trusted system. Refer to the README-live.txt file for more details. Autopsy will not modify the original images and the integrity of the images can be verified in Autopsy using MD5 values. There are help pages for the main analysis modes and The Sleuth Kit Informer is a newsletter that adds additional documentation.
This is an unofficial review. - rpmlint -iv /root/rpmbuild/RPMS/noarch/autopsy-2.21-1.fc10.noarch.rpm autopsy.noarch: I: checking autopsy.noarch: W: log-files-without-logrotate /var/log/autopsy This package contains files in /var/log/ without adding logrotate configuration for them. autopsy.noarch: E: file-in-usr-marked-as-conffile /usr/share/autopsy/conf.pl A file in /usr is marked as being a configuration file. Store your conf files in /etc/ instead. autopsy.noarch: E: file-in-usr-marked-as-conffile /usr/share/autopsy/lib/define.pl A file in /usr is marked as being a configuration file. Store your conf files in /etc/ instead. 1 packages and 0 specfiles checked; 2 errors, 1 warnings. - Source0 has typo. Original http://download.sourceforge.net/autopsy/%{name}-%{version}.tar.gz Should be http://downloads.sourceforge.net/autopsy/%{name}-%{version}.tar.gz - Build has warning: warning: File listed twice: /usr/share/autopsy/conf.pl warning: File listed twice: /usr/share/autopsy/lib/define.pl - Installation failed rpm -Uvh ~/rpmbuild/RPMS/noarch/autopsy-2.21-1.fc10.noarch.rpm error: Failed dependencies: perl(Main) is needed by autopsy-2.21-1.fc10.noarch perl(conf.pl) is needed by autopsy-2.21-1.fc10.noarch perl(define.pl) is needed by autopsy-2.21-1.fc10.noarch perl(lib::define.pl) is needed by autopsy-2.21-1.fc10.noarch perl(search.pl) is needed by autopsy-2.21-1.fc10.noarch RECOMMENDS: - Please see http://fedoraproject.org/wiki/Packaging/Perl - Typo at the end of %description ("documentatio.n") - In %install, instead of install -d %{buildroot}%{_sbindir} install -m0755 autopsy %{buildroot}%{_sbindir}/autopsy uses install -D -m0755 autopsy %{buildroot}%{_sbindir}/autopsy - In %files, may I suggest the following: %defattr(-,root,root,-) %doc CHANGES.txt COPYING docs/*.txt INSTALL.txt README-LIVE.txt README.txt TODO.txt %dir %{_datadir}/autopsy %{_datadir}/autopsy/* %{_sbindir}/autopsy %{_sbindir}/make-live-cd %dir /var/log/autopsy %dir %{_localstatedir}/lib/morgue %{_mandir}/man1/* OKAYS: - Match latest upstream code 835938086e4ebec628408faa624c48927f261b7df4eeb2b041a293867ba79f5f autopsy-2.21.tar.gz 835938086e4ebec628408faa624c48927f261b7df4eeb2b041a293867ba79f5f /root/rpmbuild/SOURCES/autopsy-2.21.tar.gz
(In reply to comment #1) > - Installation failed > rpm -Uvh ~/rpmbuild/RPMS/noarch/autopsy-2.21-1.fc10.noarch.rpm > error: Failed dependencies: > perl(Main) is needed by autopsy-2.21-1.fc10.noarch > perl(conf.pl) is needed by autopsy-2.21-1.fc10.noarch > perl(define.pl) is needed by autopsy-2.21-1.fc10.noarch > perl(lib::define.pl) is needed by autopsy-2.21-1.fc10.noarch > perl(search.pl) is needed by autopsy-2.21-1.fc10.noarch Suravee, please use "yum install" when testing if packages can be installed. "rpm -Uvh" might lead to false conclusions due to the fact that it does not try to pull in dependencies from the repositories.
Spec URL: http://maxamillion.fedorapeople.org/autopsy.spec SRPM URL: http://maxamillion.fedorapeople.org/autopsy-2.21-2.fc10.src.rpm I have fixed that which was commented on. Thank you for your review, looking forward to further critique.
(In reply to comment #2) > (In reply to comment #1) > > > - Installation failed > > rpm -Uvh ~/rpmbuild/RPMS/noarch/autopsy-2.21-1.fc10.noarch.rpm > > error: Failed dependencies: > > perl(Main) is needed by autopsy-2.21-1.fc10.noarch > > perl(conf.pl) is needed by autopsy-2.21-1.fc10.noarch > > perl(define.pl) is needed by autopsy-2.21-1.fc10.noarch > > perl(lib::define.pl) is needed by autopsy-2.21-1.fc10.noarch > > perl(search.pl) is needed by autopsy-2.21-1.fc10.noarch > > Suravee, please use "yum install" when testing if packages can be installed. > "rpm -Uvh" might lead to false conclusions due to the fact that it does not > try to pull in dependencies from the repositories. In this case, these are false provides/requires of private perl files from autopsys, that should not be provided/required by rpm: https://fedoraproject.org/wiki/Packaging/Perl#Filtering_Requires:_and_Provides This needs to be fixed. Here is a list of problematic files and the requires/provides: http://fpaste.org/paste/7441 Another issue is, that "-p" is not used with install to preserve timestamps.
Spec URL: http://maxamillion.fedorapeople.org/autopsy.spec SRPM URL: http://maxamillion.fedorapeople.org/autopsy-2.21-3.fc10.src.rpm I have fixed the -p and added the scripts to fix the requires/provides issue. Thank you for your comments, looking forward to more.
You have to adjust the filter scripts to the autopsy package, i.e. instead of literally writing "sed -e '/perl(unwanted_require)/d'", you have to add one sed command for each unwanted provides/requires entry, e.g. sed -e '/perl(Main)/d' -d '/perl(conf.pl)/d' and so on. Also it is better to prefix the filter scripts with the name of the package, i.e. autopsy: Source98: autopsy-filter-provides.sh Or you use the prefered way and create the filter scripts in %prep, as there is suggested in the Perl Packaging Guidelines. Also is sleuthkit really required at buildtime? It seems to build without any problems if it is not present.
I have unfortunately hit the reality that I would do this package no justice as I have far too little experience with the source of the upstream project. I'm closing this package review as I would not be a good maintainer. I would like to thank the package reviewers for their time and apologize for having wasted it. -Adam