[Bug 280541] Review Request: setools - SELinux policy analysis tools
bugzilla at redhat.com
bugzilla at redhat.com
Fri Sep 14 17:16:37 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: setools - SELinux policy analysis tools
https://bugzilla.redhat.com/show_bug.cgi?id=280541
------- Additional Comments From mtasaka at ioa.s.u-tokyo.ac.jp 2007-09-14 13:16 EST -------
For 3.3.1-3:
- Please check your rpms by rpmlint (in rpmlint package)
before submitting.
- And also consider to reduce total spec file. For example
* Use glob (*) in %files entry when possible.
This surely makes spec files more readable and
reduces many mistakes.
* Also, you can use %exclude macro
Then:
* Redundant Requires
- Please consider if explicit version requirements
are really required.
Currently we only support FC6+, and
---------------------------------------------------
Package requirement by FC6 version
ths package
autoconf 2.59 2.59-12
gtk2 2.8 2.10.13-1.fc6
bwidegt 1.8 1.8.0-1.fc6
python 2.3 2.4.4-1.fc6
libsepol 1.12.27 1.15.3-1.fc6
libselinux 1.30 1.33.4-2.fc6
sqlite 3.2.0 3.3.6-2
swig 1.3.28 1.3.31-0.fc6
tcl 8.4.9 8.4.13-3.fc6
----------------------------------------------------
* Other requires issue
----------------------------------------------------
Requires: setools-libs >= %{version}-%{release}
----------------------------------------------------
- Why is this >= ?
* unstripped ELF binaries
- Still lots of ELF binaries are not stripped.
For example
-----------------------------------------------------
[tasaka1 at localhost ~]$ rpmlint setools-gui
setools-gui.i386: W: unstripped-binary-or-object
/usr/lib/setools/apol_tcl/libapol_tcl.so.4.1.1
-----------------------------------------------------
And these binaries does not have executable permission,
which must be fixed.
As I said in my comment 4,
- The permission of these binaries have to be fixed
*manually* before %install stage finishes, like:
-----------------------------------------------------
chmod 0755 $RPM_BUILD_ROOT%_libdir/%name/apol_tcl/libapol_tcl.so.*.*.*
-----------------------------------------------------
* Unowned directories
- Please check directory ownership again.
For example, %_libdir/setools is not owned by any package.
NOTE:
- Please consider to write just directory name like:
------------------------------------------------------
%files
foo/
-------------------------------------------------------
when possible. This means
- the directory foo/ itself
- and all files/directories/etc under foo/
so this automatically checks directory ownership issue and
this format surely reduces mistakes for directory ownership
issue.
* python directories macro
-------------------------------------------------------
%define pkgpyexecdir %{_libdir}/python?.?/site-packages/setools
%define pkgpythondir %{_exec_prefix}/lib*/python?.?/site-packages/setools
-------------------------------------------------------
- Use %python_sitelib or %python_sitearch.
Check:
http://fedoraproject.org/wiki/Packaging/Python
* files in setools metapackage
- These files cannot be installed when setools package is explicitly
excluded and in this case COPYING file and so on is not installed.
All files in setools metapackage should be moved to other subpackages
(mostly in -libs subpackage).
* desktop file check
- Rebuild fails on desktop-file-install (as said in previous comment).
* libdir in pkgconfig .pc file
- For example, even on x86_64, %_libdir/pkgconfig/libapol.pc says:
---------------------------------------------------------
prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
----------------------------------------------------------
On 64bits, libdir must be /usr/lib64, not /usr/lib.
* Macros
- Still /usr/share is used on -gui %files entry.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Fedora-package-review
mailing list