[Bug 226560] Merge Review: xinetd

bugzilla at redhat.com bugzilla at redhat.com
Wed Sep 17 17:15:17 UTC 2008 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=226560


Jon Ciesla <limb at jcomserv.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |limb at jcomserv.net
         AssignedTo|nobody at fedoraproject.org    |limb at jcomserv.net




--- Comment #1 from Jon Ciesla <limb at jcomserv.net>  2008-09-17 13:15:15 EDT ---
rpmlint on SRPM:

xinetd.src:24: E: prereq-use /sbin/chkconfig /etc/init.d /sbin/service
The use of PreReq is deprecated. In the majority of cases, a plain Requires is
enough and the right thing to do. Sometimes Requires(pre), Requires(post),
Requires(preun) and/or Requires(postun) can also be used instead of PreReq.

xinetd.src:27: W: unversioned-explicit-provides inetd
The specfile contains an unversioned Provides: token, which will match all
older, equal, and newer versions of the provided thing.  This may cause update
problems and will make versioned dependencies, obsoletions and conflicts on
the provided thing useless -- make the Provides versioned if possible.

xinetd.src:29: W: unversioned-explicit-obsoletes inetd
The specfile contains an unversioned Obsoletes: token, which will match all
older, equal and newer versions of the obsoleted thing.  This may cause update
problems, restrict future package/provides naming, and may match something it
was originally not inteded to match -- make the Obsoletes versioned if
possible.

xinetd.src:29: W: unversioned-explicit-obsoletes netkit-base
The specfile contains an unversioned Obsoletes: token, which will match all
older, equal and newer versions of the obsoleted thing.  This may cause update
problems, restrict future package/provides naming, and may match something it
was originally not inteded to match -- make the Obsoletes versioned if
possible.

Fix.

xinetd.src: W: %ifarch-applied-patch Patch0: xinetd-2.3.11-pie.patch
A patch is applied inside an %ifarch block. Patches must be applied on all
architectures and may contain necessary configure and/or code patch to be
effective only on a given arch.

xinetd.src: W: %ifarch-applied-patch Patch7: xinetd-2.3.11-PIE.patch
A patch is applied inside an %ifarch block. Patches must be applied on all
architectures and may contain necessary configure and/or code patch to be
effective only on a given arch.

Fine.

xinetd.src: W: summary-ended-with-dot A secure replacement for inetd.
Summary ends with a dot.

Fix.

rpmlint on RPMS:

xinetd.i386: E: executable-marked-as-config-file /etc/rc.d/init.d/xinetd
Executables must not be marked as config files because that may prevent
upgrades from working correctly. If you need to be able to customize an
executable, make it for example read a config file in /etc/sysconfig.

xinetd.i386: W: summary-ended-with-dot A secure replacement for inetd.
Summary ends with a dot.

Fix.

xinetd.i386: W: obsolete-not-provided netkit-base
If a package is obsoleted by a compatible replacement, the obsoleted package
must also be provided in order to provide clean upgrade paths and not cause
unnecessary dependency breakage.  If the obsoleting package is not a
compatible replacement for the old one, leave out the provides.

Fix or document.

xinetd.i386: W: conffile-without-noreplace-flag /etc/rc.d/init.d/xinetd
A configuration file is stored in your package without the noreplace flag. A
way to resolve this is to put the following in your SPEC file:
%config(noreplace) /etc/your_config_file_here

Fix.

xinetd.i386: W: service-default-enabled /etc/rc.d/init.d/xinetd
The service is enabled by default after "chkconfig --add"; for security
reasons, most services should not be. Use "-" as the default runlevel in the
init script's "chkconfig:" line and/or remove the "Default-Start:" LSB keyword
to fix this if appropriate for this service.

xinetd.i386: W: service-default-enabled /etc/rc.d/init.d/xinetd
The service is enabled by default after "chkconfig --add"; for security
reasons, most services should not be. Use "-" as the default runlevel in the
init script's "chkconfig:" line and/or remove the "Default-Start:" LSB keyword
to fix this if appropriate for this service.

Fine, it's xinetd FFS. . .:)

xinetd-debuginfo.i386: E: non-readable
/usr/src/debug/xinetd-2.3.14/libs/include/pset.h 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).

xinetd-debuginfo.i386: E: non-readable
/usr/src/debug/xinetd-2.3.14/libs/include/xlog.h 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).

xinetd-debuginfo.i386: E: non-readable
/usr/src/debug/xinetd-2.3.14/libs/include/sio.h 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).

xinetd-debuginfo.i386: E: non-readable
/usr/src/debug/xinetd-2.3.14/libs/include/str.h 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).

xinetd-debuginfo.i386: E: non-readable
/usr/src/debug/xinetd-2.3.14/libs/include/m_env.h 0640
The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).

Not really a concern, but should be documented in spec, filed against rpmlint
or fixed, your call.


Otherwise, full review looks great, no other blockers.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the Fedora-package-review mailing list