Request for review / approval: mod_security.
Michael Fleming
mfleming at enlartenment.com
Sat Jul 9 00:38:48 UTC 2005
On Fri, 08 Jul 2005 16:20:01 +0200. Oliver Falk waffled thusly:
> Hi Michael!
>
> On 07/08/2005 03:56 PM, Michael Fleming wrote:
> > Hi folks,
> >
> > I've undoubtedly put this one up before a while back, but I've made a
> > couple of small changes and added some useful rules in the default
> > config.
> >
> > Therefore I'm putting this up for further review and approval (I don't
> > recall seeing much last time - I felt such a package would generate more
> > interest :-)).
<snip>
> > SRPM:
> > http://www.enlartenment.com/extras/mod_security/mod_security-1.8.7-2.src.rpm
> >
> > Please have a look and feel free to send feedback or improvements.
>
> You don't need an approval if the package was allready approved and is
> in cvs... Spec looks OK for me and and it seems you havn't change very
> much...
I've also been running it locally for quite a while so it does work as
advertised :-D
> But OK, I'd like to mention a few things:
> - BuildRoot, as described in the PackagingGuidelines, pls.
> (http://fedoraproject.org/wiki/PackagingGuidelines).
> %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
D'oh! Fixed :-)
> - Why does the new package not depend on http(/-devel) >= 2.0.38, as
> the old package in CVS does?
I'm a little torn on this one - httpd-devel is indeed needed (and is listed
in the BR unless my brain has completely gone to mush) but the explicit
version I could probably drop.
There are some packages out there that are actually httpd 1.3.x branch (for
old-schoolers who just don't want to upgrade to Apache 2 yet. Each to their
own I guess) and the version check would stop attempts to use it resulting
in their Apache 1.3 install blowing up on them.
On the other hand if they're particular enough to downgrade it they can pay
attention to the version this package is actually intended for.
> - Don't forget the %{dist} tag in the release, if you intend to cvs
> commit this.
Fixed. (%{?dist})
>
> - setup can be written as setup -q (the -n modsecurity-%{version} is
> not needed)
Unfortunately the upstream developer has recently been using modsecurity (as
opposed to mod_security) in the tarball and directory structure, thus it's
use (I'd prefer to maintain the standard mod_<mumble> naming convention
used by Apache modules). It's not given me any trouble even if it looks a
bit out- of-place.
> Best,
> Oliver
Updated SRPM
http://www.enlartenment.com/extras/mod_security/mod_security-1.8.7-3.src.rpm
I do have a CVS branch in -devel for this, I'll ensure it's synced so I
don't confuse myself and others :-) (I'd requested review before but never
got formal build approval)
Cheers,
Michael
--
Michael Fleming <mfleming at enlartenment.com>
"Bother" said the Borg, "We've assimilated Pooh!"
More information about the fedora-extras-list
mailing list