[Bug 210424] Review Request: fail2ban - scan log files and ban IPs with too many password failures
bugzilla at redhat.com
bugzilla at redhat.com
Sun Nov 12 14:25:57 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: fail2ban - scan log files and ban IPs with too many password failures
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210424
mtasaka at ioa.s.u-tokyo.ac.jp changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
AssignedTo|nobody at fedoraproject.org |mtasaka at ioa.s.u-tokyo.ac.jp
OtherBugsDependingO|163776 |163778
nThis| |
------- Additional Comments From mtasaka at ioa.s.u-tokyo.ac.jp 2006-11-12 09:25 EST -------
Interestig package, however, I have to say that there
are not a few issues to be fixed before accepting this
package.
Please read and be familliar with the following URL.
http://fedoraproject.org/wiki/Packaging/Guidelines
http://fedoraproject.org/wiki/Packaging/ReviewGuidelines
Especially, please use 'rpmlint' (this is in Fedora Extras
and Maintained by Ville Skyttä) to check if your package
got shaped to Fedora Extras packaging criteria.
For this package, you also have to read the following:
http://fedoraproject.org/wiki/Packaging/ScriptletSnippets
http://fedoraproject.org/wiki/Packaging/Python
Not a full review, however:
A.
For srpm, rpmlint complains about the following.
E: fail2ban no-changelogname-tag
W: fail2ban strange-permission fail2ban.spec 0444
W: fail2ban hardcoded-packager-tag Walter
W: fail2ban prereq-use /sbin/chkconfig /sbin/service
* Add changelog
* Change the permission of spec file to 0644.
* Don't write 'Packager'. This should be written in Changelog.
* Don't use Prereq. The correct usage of requirements are in
http://fedoraproject.org/wiki/Packaging/ScriptletSnippets .
Also:
* Don't use hardcoded dist tag to release number.
* pyo bytecompiled python binary are not ghosted any longer
because of SELinux issue.
* Use 'cp -p' or 'install -p' to keep timestamps.
* BuildRoot is not the format recommended by Fedora Extras.
B. For binary rpm, rpmlint complains as following.
E: fail2ban no-changelogname-tag
E: fail2ban only-non-binary-in-usr-lib
W: fail2ban service-default-enabled /etc/rc.d/init.d/fail2ban
E: fail2ban subsys-not-used /etc/rc.d/init.d/fail2ban
* No binary files are installed in /usr/lib, which is generally
regarded as wrong. Consider to move all the files in %{_libdir}
to %{_datadir}
NOTE: /usr/bin/fail2ban has a hardcoded directory setting of
/usr/lib/fail2ban and your spec file says some files should be
installed under %{_libdir}/%{name}. This is anyway incorrect
because for x86_64 system, %{_libdir} is /usr/lib64.
* This package enables fail2ban daemon when installed by default
(see init script), which is usually unwilling. Check if this
is the expected behavior (usually it is not).
* fail2ban init script does not use subsys lock file (for this
package, this is usually /var/lock/subsys/fail2ban). Rewrite
the init script to use subsys file.
(Usually this is done correctly by using 'daemon' function
in /etc/rc.d/init.d/function. Init scripts in other rpms are
good examples.)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Fedora-package-review
mailing list