176943 – Review Request: rootsh : Shell wrapper for auditing

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 176943 - Review Request: rootsh : Shell wrapper for auditing

Summary: Review Request: rootsh : Shell wrapper for auditing

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jef Spaleta
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FE-ACCEPT
TreeView+	depends on / blocked

Reported:	2006-01-04 16:30 UTC by Tom "spot" Callaway
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-01-08 17:57:48 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Tom "spot" Callaway 2006-01-04 16:30:17 UTC

Spec Name or Url: http://www.auroralinux.org/people/spot/review/rootsh.spec
SRPM Name or Url: http://www.auroralinux.org/people/spot/review/rootsh-1.5.2-1.src.rpm
Description: 
Rootsh is a wrapper for shells which logs all echoed keystrokes and
terminal output to a file and/or to syslog. Its main purpose is the
auditing of users who need a shell with root privileges. They start
rootsh through the sudo mechanism.

Comment 1 Jef Spaleta 2006-01-06 22:01:48 UTC

Okay builds in mock against development.
I'll see if I can get to the formal review tonite after battlestar.

Comment 2 Jef Spaleta 2006-01-07 04:36:45 UTC

Formal review
Summary: 1 blocker
- BAD: Forgot to include the COPYING file in the %docs section
Get that fixed and you have approval.


- GOOD: rpmlint on mock built binary returns clean.
- GOOD: package named according to the PackageNamingGuidelines.
- GOOD: The spec file name matches %{name}, in the format %{name}.spec
- GOOD: The package meets the PackagingGuidelines.
- GOOD: The package is licensed GPL
- GOOD: The License field in the package spec file matches the actual license.
- GOOD: The spec written in American English.
- GOOD: The spec file is legible. 
- GOOD: The sources used to build matches the upstream source
        md5sum  39e3a876b991fe235af3150335d1a0f8
- GOOD: The package successfully compile and build into binary rpms on atleast x86
- GOOD: No BuildRequires and it still builds in mock
- GOOD: No locales 
- GOOD: No shared library files 
- GOOD: own all directories that it creates. uses /usr/bin/ and
/usr/share/man/man1  which are explicitly listed in the FHS and owned by
filesystem package
- GOOD: no duplicates in %files listing.
- GOOD: Permissions on files are set properly. 
- GOOD: Each package must have a %clean section, which contains rm -rf
%{buildroot} (or $RPM_BUILD_ROOT).
- GOOD: Each package must consistently use macros, as described in the macros
section of PackagingGuidelines.
- GOOD: The package must contain code, or permissable content. This is described
in detail in the code vs. content section of PackagingGuidelines.
- GOOD: If a package includes something as %doc, it must not affect the runtime
of the application. To summarize: If it is in %doc, the program must run
properly if it is not present.

Comment 3 Tom "spot" Callaway 2006-01-07 15:18:27 UTC

COPYING added as %doc in -2:

SRPM: http://www.auroralinux.org/people/spot/review/rootsh-1.5.2-2.src.rpm
SPEC: http://www.auroralinux.org/people/spot/review/rootsh.spec

Comment 4 Jef Spaleta 2006-01-07 20:25:31 UTC

rootsh-1.5.2-2.src.rpm   APPROVED

Note You need to log in before you can comment on or make changes to this bug.