Request for Review: dhcp-forwarder, dietlibc, ip-sentinel, util-vserver + xca
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Wed Mar 30 10:17:32 UTC 2005
kevin-fedora-extras at scrye.com (Kevin Fenzi) writes:
> Enrico> * xca: Graphical X.509 certificate management tool
>
> The FC-3 branch doesn't compile here:
oops, sorry. I worked on the devel branch only; FC-3 should be synced
now.
> Does the %release_func work under fedora-extras?
I do not know a reason why it should not work there ;)
> Or is that a fedora.us thing? I suspec it doesn't as the release seems
> to be be -0 when it compiles here.
It is expected that
| Release: %release_func 0
produces a -0 release.
> Source0: http://download.sourceforge.net/sourceforge/xca/%name-%version.tar.gz
> I think it's prefered to list the exact name-version in there instead
> of macros.
Sorry, I will not change it as it adds redundancy and seduces reviewers
to copy & paste this URL without verifying its correctness.
> BuildRoot: %_tmppath/%name-%version-%release-buildroot
> The prevered value is
> "%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)"
There is no big difference except the '%(%{__id_u} -n)' which does not
make much sense but adds complexity and gives a false feeling about
security. You have always a race between
| %install
| rm -rf $RPM_BUILD_ROOT
and
| make install DESTDIR=$RPM_BUILD_ROOT
where an attacker could create an installation-dir with malicious
content. A better way would be the definition of a userspecific
%_tmppath in ~/.rpmmacros which is writable by the actual user only.
Enrico
More information about the fedora-extras-list
mailing list