The game is setgid games, but doesn't appear to completely drop setgid
privileges after starting up, according to /proc/<pid>/status.  In fact, there
are two processes created when atomix runs, one without setgid privileges, and
one with.  This seems to use gnome functions to handle the scoreboard file, so
I'd be curious to learn how gnome deals with security for setgid + scoreboard files.

You're missing find-langs from the spec file - there are a lot of translation
files in there.

rpmlint throws up two errors for the rpm package

zero-length /var/lib/games/atomix.scores
non-standard-executable-perm /usr/bin/atomix 02755

builds fine in mock with no real hiccups. rpmlint obviously gives the same results.

As soon as you fix the two errors from rpmlint and address #1, I'll do the full
review.

(In reply to comment #2)
> You're missing find-langs from the spec file - there are a lot of translation
> files in there.
> 
> rpmlint throws up two errors for the rpm package
> 
> zero-length /var/lib/games/atomix.scores

The directory /var/lib/games is not writable by the 'games' group.  In order for
the application to write to its own scoreboard file, it must create the
scoreboard file (and make it group writable) as part of the install process. 
This is acceptable.

> non-standard-executable-perm /usr/bin/atomix 02755

This is acceptable for a game that is setgid 'games' for writing to a shared
scoreboard file.

Okay, give #4

Review
------

Good :

Spec file readable and in US English
No ownership problems with directories
No devel package (so that bit can be ignored!)
Upstream md5sum = package md5sum
Builds cleanly in mock (i386)
No dupes in rpms
Package includes documentation
Correctly creates it's own localdir instead of polluting
Consistent use of macros
Uses dist and smp_flags
Software actually works
No suprious permissions in the rpms

Needs work
Needs to include find-lang

Once the needs work has been attended to, I'm happy for this to go in.

(In reply to comment #1)
> The game is setgid games, but doesn't appear to completely drop setgid
> privileges after starting up, according to /proc/<pid>/status. [...]

Yes, sorry, I wanted to comment on this. Citing
http://www.fedoraproject.org/wiki/Extras/SIGs/Games
"If necessary, a game can be made setgid 'games' in order to allow a shared
scoreboard file. But only if necessary, and care should be taken to drop setgid
privileges when not needed. The following example shows how to properly drop
setuid/setgid privileges. [...]"

I'm not a real C-Programmer (never found time for it :-/ and these days my work
around Fedora consumes all of my free time) so I can't integrate above or
comment closer on what Wart noticed in Comment #1. I'd be glad if someone from
the Games SIG (or someone else) could look closer into this whole stuff.

(In reply to comment #2)
> You're missing find-langs from the spec file - there are a lot of translation
> files in there.

/me looks closer -- yes, seems so, but they didn't get installed. (even with
gettext around on the system). Ahh, seems it's a upstream problem. See GNOME
bz#334319 . I worked around this bug with running
sed  -i 's!^SOURCES = !&\n'"$(grep "^CATALOGS" po/Makefile.in)"'!' po/Makefile
after configure. There are probably better ways do do that. Suggestion welcomed.

Latest package now atomix-2.14.0-2

Spec URL: 
  http://www.leemhuis.info/files/fedorarpms/SPECS.fdr/atomix.spec
Diff URL: 
  http://www.leemhuis.info/files/fedorarpms/SPECS.fdr/atomix.spec.diff
SRPM URL: 
  http://www.leemhuis.info/files/fedorarpms/SRPMS.fdr/atomix-2.14.0-2.src.rpm

Okay, now that the langs are there, I can see no problem why this shouldn't be
in extras. The setgid is an issue, so before I FE-ACCEPT this, I'll seek guidance.

Guidance has pretty much not occured :-(

I'll stick out my neck on this (as it's the same as other games I've checked
which do the same as this) and say

ACCEPTED

Paul, thx for the review.

(In reply to comment #8)
> Guidance has pretty much not occured :-(

I waited another week and tried two times to ping the games SIG in #fedora-games
-- no reaction. So I went forward and imported atomix. We can fix this later if
we reqally want to.

Build for devel succeed, FC-5 branch requested.