Package Review ============== Key: [x] = Pass [!] = Fail [-] = Not applicable [?] = Not evaluated [ ] = Manual review needed Issues: ======= - Large documentation must go in a -doc subpackage. Note: Documentation size is 1259520 bytes in 69 files. See: http://fedoraproject.org/wiki/Packaging/Guidelines#PackageDocumentation ===== MUST items ===== C/C++: [ ]: Provides: bundled(gnulib) in place as required. Note: Sources not installed [ ]: Package does not contain kernel modules. [ ]: Package contains no static executables. [x]: Package does not contain any libtool archives (.la) [x]: Rpath absent or only used for internal libs. Generic: [ ]: %build honors applicable compiler flags or justifies otherwise. [ ]: Package contains no bundled libraries without FPC exception. [ ]: Changelog in prescribed format. [ ]: Sources contain only permissible code or content. [ ]: Each %files section contains %defattr if rpm < 4.4 Note: %defattr present but not needed [ ]: Package contains desktop file if it is a GUI application. [ ]: Development files must be in a -devel package [ ]: Package requires other packages for directories it uses. [ ]: Package uses nothing in %doc for runtime. [ ]: Package is not known to require ExcludeArch. [ ]: Package does not contain duplicates in %files. [ ]: Fully versioned dependency in subpackages, if present. Note: No Requires: %{name}%{?_isa} = %{version}-%{release} in openswan- doc [ ]: Package complies to the Packaging Guidelines [ ]: License file installed when any subpackage combination is installed. [ ]: Package consistently uses macro is (instead of hard-coded directory names). [ ]: Package is named according to the Package Naming Guidelines. [ ]: Package does not generate any conflict. [ ]: Package obeys FHS, except libexecdir and /usr/target. [ ]: If the package is a rename of another package, proper Obsoletes and Provides are present. [ ]: Package must own all directories that it creates. [ ]: Package does not own files or directories owned by other packages. [ ]: Requires correct, justified where necessary. [ ]: Spec file is legible and written in American English. [ ]: Package contains systemd file(s) if in need. [ ]: Useful -debuginfo package or justification otherwise. [x]: Package does not run rm -rf %{buildroot} (or $RPM_BUILD_ROOT) at the beginning of %install. [x]: Macros in Summary, %description expandable at SRPM build time. [x]: Permissions on files are set properly. [x]: Spec file lacks Packager, Vendor, PreReq tags. [x]: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package is included in %doc. [x]: Package use %makeinstall only when make install' ' DESTDIR=... doesn't work. [x]: Package is named using only allowed ASCII characters. [x]: Package is not relocatable. [x]: Sources used to build the package match the upstream source, as provided in the spec URL. [x]: Spec file name must match the spec package %{name}, in the format %{name}.spec. [x]: File names are valid UTF-8. [x]: Packages must not store files under /srv, /opt or /usr/local [x]: Rpmlint is run on all rpms the build produces. Note: There are rpmlint messages (see attachment). ===== SHOULD items ===== Generic: [!]: Reviewer should test that the package builds in mock. [!]: Spec use %global instead of %define. Note: %define USE_LIBNSS 1 %define USE_FIPSCHECK 1 %define USE_LIBCAP_NG 1 %define USE_NM 1 %define USE_LABELED_IPSEC 1 %define nss_version 3.12.3-2 %define fipscheck_version 1.3.0 %define USE_CRL_FECTCHING 1 %define __spec_install_post %{?__debug_package:%{__debug_install_post}} %{__arch_install_post} %{__os_install_post} fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_libexecdir}/ipsec/* fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_sbindir}/ipsec %{nil} [ ]: Buildroot is not present Note: Buildroot: present but not needed [ ]: Package has no %clean section with rm -rf %{buildroot} (or $RPM_BUILD_ROOT) Note: %clean present but not required [ ]: Final provides and requires are sane (see attachments). [ ]: Package functions as described. [ ]: Latest version is packaged. [ ]: Patches link to upstream bugs/comments/lists or are otherwise justified. [ ]: SourceX tarball generation or download is documented. Note: Package contains tarball without URL, check comments [ ]: Description and summary sections in the package spec file contains translations for supported Non-English languages, if available. [ ]: Package should compile and build into binary rpms on all supported architectures. [ ]: %check is present and all tests pass. [ ]: Packages should try to preserve timestamps of original installed files. [ ]: Files in /run, var/run and /var/lock uses tmpfiles.d when appropriate [x]: Dist tag is present. [x]: No file requires outside of /etc, /bin, /sbin, /usr/bin, /usr/sbin. [x]: SourceX is a working URL. ===== EXTRA items ===== Generic: [ ]: Large data in /usr/share should live in a noarch subpackage if package is arched. Note: Arch-ed rpms have a total of 1433600 bytes in /usr/share 1167360 openswan-doc-2.6.38-10.fc19.x86_64.rpm 266240 openswan-2.6.38-10.fc19.x86_64.rpm Rpmlint ------- Checking: openswan-2.6.38-10.fc19.x86_64.rpm openswan-doc-2.6.38-10.fc19.x86_64.rpm openswan.x86_64: W: spelling-error %description -l en_US IPsec -> Eclipse openswan.x86_64: W: spelling-error %description -l en_US untrusted -> entrusted, trusted, encrusted openswan.x86_64: W: spelling-error %description -l en_US decrypted -> encrypted openswan.x86_64: W: spelling-error %description -l en_US userland -> user land, user-land, slanderous openswan.x86_64: W: only-non-binary-in-usr-lib openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/certs 0700L openswan.x86_64: E: incorrect-fsf-address /usr/share/doc/openswan-2.6.38/COPYING openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/private 0700L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/policies 0700L openswan.x86_64: E: non-readable /etc/ipsec.d/policies/clear-or-private 0600L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/crls 0700L openswan.x86_64: E: non-readable /etc/ipsec.d/policies/private 0600L openswan.x86_64: E: non-standard-dir-perm /var/run/pluto 0700L openswan.x86_64: E: non-readable /etc/ipsec.conf 0600L openswan.x86_64: E: non-readable /etc/ipsec.d/policies/block 0600L openswan.x86_64: E: non-readable /etc/ipsec.d/policies/clear 0600L openswan.x86_64: E: non-readable /etc/ipsec.secrets 0600L openswan.x86_64: E: non-readable /etc/ipsec.d/policies/private-or-clear 0600L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d 0700L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/ocspcerts 0700L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/cacerts 0700L openswan.x86_64: E: non-standard-dir-perm /etc/ipsec.d/aacerts 0700L 2 packages and 0 specfiles checked; 17 errors, 5 warnings. Requires -------- openswan-doc (rpmlib, GLIBC filtered): openswan (rpmlib, GLIBC filtered): /bin/sh /sbin/chkconfig /sbin/service /usr/bin/python bash chkconfig config(openswan) coreutils curl fipscheck(x86-64) initscripts libc.so.6()(64bit) libcap-ng.so.0()(64bit) libcrypt.so.1()(64bit) libcurl.so.4()(64bit) libfipscheck.so.1()(64bit) libgmp.so.10()(64bit) liblber-2.4.so.2()(64bit) libldap-2.4.so.2()(64bit) libnspr4.so()(64bit) libnss3.so()(64bit) libnss3.so(NSS_3.12.3)(64bit) libnss3.so(NSS_3.2)(64bit) libnss3.so(NSS_3.3)(64bit) libnss3.so(NSS_3.4)(64bit) libnss3.so(NSS_3.5)(64bit) libplc4.so()(64bit) libpthread.so.0()(64bit) libresolv.so.2()(64bit) libselinux.so.1()(64bit) nss-tools openldap rtld(GNU_HASH) systemd-sysv systemd-units Provides -------- openswan-doc: openswan-doc openswan-doc(x86-64) openswan: config(openswan) ike openswan openswan(x86-64) Generated by fedora-review 0.4.0 (736af0d) last change: 2013-01-28 Buildroot used: fedora-raw-x86_64 Command line :/home/w0rm/work/projects/fedora-review/try-fedora-review -rpn openswan -m fedora-rawhide-x86_64 -v -x CheckRpmlintInstalled,CheckApprovedLicense,CheckContainsLicenseText,CheckLicenseField,CheckLicenseUpstream,CheckReqPkgConfig,CheckBuildCompleted,CheckPackageInstalls,CheckNoNameConflict,CheckBuild,CheckBuildRequires