Bug 582974 (dnsenum) - Review Request: dnsenum - DNSenum is a penetration testing tool created to enumerate DNS info about domains
Summary: Review Request: dnsenum - DNSenum is a penetration testing tool created to e...
Alias: dnsenum
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Parag AN(पराग)
QA Contact: Fedora Extras Quality Assurance
URL: https://fedorahosted.org/security-spin
Depends On:
TreeView+ depends on / blocked
Reported: 2010-04-16 10:28 UTC by Mohammed Imran
Modified: 2014-09-11 19:32 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-06-22 04:45:33 UTC
Type: ---
panemade: fedora-review+
gwync: fedora-cvs+

Attachments (Terms of Use)
Patch to fix few more cleanups of SPEC as per guidelines. (1.24 KB, patch)
2010-04-27 10:40 UTC, Parag AN(पराग)
no flags Details | Diff

Description Mohammed Imran 2010-04-16 10:28:14 UTC
Spec URL: http://filebin.ca/bkpuxt/dnsenum.spec
SRPM URL: http://filebin.ca/gsxuzr/dnsenum-1.2-1.fc11.src.rpm

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently capable of getting A,MX,NS records,extra domain names and subomains via google scrapping and Brute force submains from file.Can perfrom whois and reverse lookups on netranges and writes the ip-blocks to domain_ips.txt. 

rpmlint output is here:

[imran@localhost SPECS]$ rpmlint dnsenum.spec
0 packages and 1 specfiles checked; 0 errors, 0 warnings.

Need Sponsor

Comment 1 Howard Ning 2010-04-19 12:19:43 UTC
Let me do a informal review.

Package Review

- = N/A
x = Check
! = Problem
? = Not evaluated

[x]  Package is named according to the Package Naming Guidelines.
[x]  Spec file name must match the base package %{name}, in the format %{name}.spec.
[x]  Package meets the Packaging Guidelines.
[X]  Package successfully compiles and builds into binary rpms on at least one supported architecture. http://koji.fedoraproject.org/koji/taskinfo?taskID=2124782
Tested on:
[!]  Rpmlint output:
dnsenum.src: E: summary-too-long C DNSenum is a penetration testing tool created to enumerate DNS info about domains
dnsenum.src: W: name-repeated-in-summary C DNSenum
[x]  Package is not relocatable.
[x]  Buildroot is correct (%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n))
[x]  Package is licensed with an open-source compatible license and meets other legal requirements as defined in the legal section of Packaging Guidelines.
[x]  License field in the package spec file matches the actual license.
License type:
[x]  If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc.
[!]  Spec file is legible and written in American English.
There are several grammar problem in the description:
The program currently capable: capable --> is capable
 writes the ip-blocks to domain_ips. writes --> write
[x]  Sources used to build the package matches the upstream source, as provided in the spec URL.
MD5SUM this package    :36d9150bd266ccf5eb55edf0e79f4ea8
MD5SUM upstream package:36d9150bd266ccf5eb55edf0e79f4ea8
[x]  Package is not known to require ExcludeArch, OR:
Arches excluded:
[!]  All build dependencies are listed in BuildRequires, except for any that are listed in the exceptions section of Packaging Guidelines.
Should at least add perl(Readonly) to the Requires 
[-]  The spec file handles locales properly.
[-]  ldconfig called in %post and %postun if required.
[-]  Package must own all directories that it creates.
[-]  Package requires other packages for directories it uses.
[x]  Package does not contain duplicates in %files.
[!]  Permissions on files are set properly. 
Executables should set executable attribute.http://fedoraproject.org/wiki/Packaging/Guidelines#FilePermissions
[x]  Package has a %clean section, which contains rm -rf %{buildroot} (or $RPM_BUILD_ROOT).
[x]  Package consistently uses macros.
[x]  Package contains code, or permissable content.
[-]  Large documentation files are in a -doc subpackage, if required.
[x]  Package uses nothing in %doc for runtime.
[-]  Header files in -devel subpackage, if present.
[-]  Static libraries in -devel subpackage, if present.
[-]  Package requires pkgconfig, if .pc files are present.
[-]  Development .so files in -devel subpackage, if present.
[-]  Fully versioned dependency in subpackages, if present.
[x]  Package does not contain any libtool archives (.la).
[-]  Package contains a properly installed %{name}.desktop file if it is a GUI application.
[x]  Package does not own files or directories owned by other packages.

[x]  Latest version is packaged.
[x]  Package does not include license text files separate from upstream.
[-]  Description and summary sections in the package spec file contains translations for supported Non-English languages, if available.
[x]  Reviewer should test that the package builds in mock.
Tested on:
[x]  Package should compile and build into binary rpms on all supported architectures.
Tested on: i686, x86-64
[x]  Package functions as described.
[-]  Scriptlets must be sane, if used.
[-]  The placement of pkgconfig(.pc) files are correct.
[-]  File based requires are sane.

=== Issues ===
1. There are some grammar problems in the description.
2. Several perl related problems. Please read http://fedoraproject.org/wiki/Packaging:Perl 
3. rpmlint should be run on every rpms generated, not just spec.

Comment 2 Parag AN(पराग) 2010-04-22 10:20:14 UTC
Welcome to Fedora Project and Thanks for submitting this package.

You first need to install fedora-packager rpm on your Fedora system.
New contributors need to show that they have an understanding      
of http://fedoraproject.org/wiki/Package_Review_Process and of the Fedora packaging guidelines.
See http://fedoraproject.org/wiki/PackageMaintainers/HowToGetSponsored

Sponsorship can be obtained either by 
Submitting few more packages that follows Fedora packaging guidelines.
Doing an un-official(informal) package reviews for other people's package submission.
(Note: you can not do official package reviews and approve others packages in Fedora till you get sponsored)

So, start reviewing packages and post the review bug number here. 
This will show that you are doing some review work
and people who can check your review and sponsor you accordingly.

References that you can use for this process are

Use above links for reviewing others packages. Also, Good if you will review in detail.
Make sure you are checking scratch build is successful and rpmlint output in review.

For scratch build on koji use command
koji build --scratch dist-f14 <SRPM_file>

Find new packages from http://fedoraproject.org/PackageReviewStatus/NEW.html

Comment 3 Mohammed Imran 2010-04-23 09:23:13 UTC
Here is my informal review of mashpodder

Comment 4 Howard Ning 2010-04-23 11:52:17 UTC
Good job on your informal review. How about updating your own package?

Comment 5 Mohammed Imran 2010-04-24 10:47:37 UTC
I will update the spec file soon

Few more Review Requests

1.mozilla-googlesharing - Anonymizing proxy service for google sharing system

2.rktime - Multi-zone time display utility

Comment 6 R P Herrold 2010-04-24 15:34:00 UTC
The binary  /usr/sbin/dnsenum  is placed in /usr/sbin/  but I do not see that it needs to run as root at all.   Why is it there?

Also, as it is only a perl script, it seems it is a 'noarch' package

-- Russ herrold

Comment 7 Mohammed Imran 2010-04-26 09:24:03 UTC
Thanks Liberty, Parag and Russ Herrold

Revised SPEC and SRPMS

Spec URL: http://github.com/downloads/matriux/fedora/dnsenum.spec
SRPM URL: http://github.com/downloads/matriux/fedora/mozilla-googlesharing-0.18-3.fc11.src.rpm

-Fixed English grammer errors
-permissions and rpmlint warnings are fixed

Comment 8 Mohammed Imran 2010-04-26 09:30:01 UTC
Above url is of different src
the correct URL of dnsenum is 

Comment 9 Parag AN(पराग) 2010-04-27 10:40:12 UTC
Created attachment 409430 [details]
Patch to fix few more cleanups of SPEC as per guidelines.

Few more things you need to do in SPEC are

1)  Usage of macro style for install should be dropped or macros should be written for rm command also.
2) /usr/bin should be replaced with its macro %{_bindir}
==> See https://fedoraproject.org/wiki/Packaging/Guidelines#Macros

3) we generally don't want to keep file extension to files being copied to /usr/bin so install dnsenum.pl as dnsenum only

Add Changelog and submit new SPEC and SRPM for review.

Comment 11 Mohammed Imran 2010-04-28 10:42:58 UTC

Comment 13 Parag AN(पराग) 2010-05-04 06:39:30 UTC
+ package builds in mock (rawhide i686).
koji Build =>http://koji.fedoraproject.org/koji/taskinfo?taskID=2157346
+ rpmlint is silent for SRPM and for RPM.
dnsenum.src: W: spelling-error %description -l en_US axfr -> ax fr, ax-fr, axon
dnsenum.src: W: spelling-error %description -l en_US subdomains -> sub domains, sub-domains, domains
dnsenum.src: W: spelling-error %description -l en_US google -> Google, goggle, googly
dnsenum.src: W: spelling-error %description -l en_US bruteforces -> brute forces, brute-forces, reinforces
dnsenum.src: W: spelling-error %description -l en_US whois -> whops, who's, who is
dnsenum.src: W: spelling-error %description -l en_US lookups -> lockups, hookups, look ups
dnsenum.src: W: spelling-error %description -l en_US netranges -> net ranges, net-ranges, estranges
dnsenum.src: W: spelling-error %description -l en_US ip -> pi, up, op
dnsenum.src: W: spelling-error %description -l en_US ips -> pis, ups, ops
dnsenum.src: W: spelling-error %description -l en_US txt -> text, ext, tit
dnsenum.src: W: invalid-url Source0: http://dnsenum.googlecode.com/files/dnsenum1.2.tar.gz HTTP Error 404: Not Found
dnsenum.noarch: W: spelling-error %description -l en_US axfr -> ax fr, ax-fr, axon
dnsenum.noarch: W: spelling-error %description -l en_US subdomains -> sub domains, sub-domains, domains
dnsenum.noarch: W: spelling-error %description -l en_US google -> Google, goggle, googly
dnsenum.noarch: W: spelling-error %description -l en_US bruteforces -> brute forces, brute-forces, reinforces
dnsenum.noarch: W: spelling-error %description -l en_US whois -> whops, who's, who is
dnsenum.noarch: W: spelling-error %description -l en_US lookups -> lockups, hookups, look ups
dnsenum.noarch: W: spelling-error %description -l en_US netranges -> net ranges, net-ranges, estranges
dnsenum.noarch: W: spelling-error %description -l en_US ip -> pi, up, op
dnsenum.noarch: W: spelling-error %description -l en_US ips -> pis, ups, ops
dnsenum.noarch: W: spelling-error %description -l en_US txt -> text, ext, tit
2 packages and 0 specfiles checked; 0 errors, 21 warnings.
== >Ignore these messages.

+ source files match upstream url (sha1sum)
3a34814ec04a9fd651799753b851a1ae837e89f3  dnsenum1.2.tar.gz
+ package meets naming and packaging guidelines.
+ specfile is properly named, is cleanly written
+ Spec file is written in American English.
+ Spec file is legible.
+ dist tag is present.
+ license is open source-compatible.
+ License text is included in package.
+ %doc is present.
+ BuildRequires are proper.
+ %clean is present.
+ package installed properly.
+ Macro use appears rather consistent.
+ Package contains code, not content.
+ no headers or static libraries.
+ no .pc file present.
+ no -devel subpackage
+ no .la files.
+ no translations are available
+ Does owns the directories it creates.
+ no scriptlets present.
+ no duplicates in %files.
+ file permissions are appropriate.
+ Not a GUI application


Comment 14 Parag AN(पराग) 2010-05-04 06:45:56 UTC
I will sponsor you once you finish some more reviews.

Comment 15 Parag AN(पराग) 2010-05-04 10:50:41 UTC
I see you have done good reviews. So I am going to sponsor you now and therefore removing FE-NEEDSPONSOR.

Comment 16 Mohammed Imran 2010-05-04 11:18:57 UTC
Thanks alot Parag :)

Comment 17 Mohammed Imran 2010-05-05 05:15:21 UTC
New Package CVS Request
Package Name: dnsenum
Short Description: A tool to enumerate DNS info about domains
Owners: matriux
Branches: F-12 F-13

Comment 18 Kevin Fenzi 2010-05-06 15:43:38 UTC
CVS done (by process-cvs-requests.py).

Comment 19 Parag AN(पराग) 2010-06-18 03:21:14 UTC
I think this package is already built for requested branches. Any reason for not closing this review?

Comment 20 Mohammed Imran 2010-06-22 04:45:33 UTC
Hi Parag,

    Closing the review,thanks

Comment 21 Fabian Affolter 2014-09-11 18:19:43 UTC
Package Change Request
Package Name: dnsenum
New Branches: el6 epel7
Owners: fab 

Comment 22 Gwyn Ciesla 2014-09-11 19:32:26 UTC
Git done (by process-git-requests).

Note You need to log in before you can comment on or make changes to this bug.