> Didn't have time for a through review yet, but a couple of things I'd > like to comment on:
Thanks a lot for your remarks. I fixed some of them. >* debian/copyright appears to be a mix between free-form and DEP-5. I > would recommend using either, but not a mix between the two, as that > looks just awkward. I have not aimed to support DEP5. Such form of writing just seems more human readable for me. Maybe I will update copyright file according the DEP-5 spec later. > It would also be nice if you'd describe how exactly the .orig.tar.bz2 > is generated: is it downloaded from the specified location as-is? Is > it repackaged in one way or the other? (I suppose so, the debian/ dir > is not present in the .orig.tar.gz) All necessary information available in debian/copyright file: https://github.com/tehnick/uhub-debian/blob/master/debian/copyright#L7 The GitHub has no possibility to make bzip tarballs from git tags automatically. So only zip archive and gzip tarballs are available there. debian/ dir in upstream was made by program developer. It has no relation to me and it don't conform to Debian Policy. So .orig.tar.bz2 formed in such way: https://github.com/tehnick/deb_packages/blob/master/Debian/uhub/automatic_update_uhub#L77 >* debian/uhub.docs > > AUTHORS is already documented in the copyright file, BUGS is - in my > opinion - not useful in a Debian package, TODO is an empty file, and > README does not contain all that much information, either. > > debian/doc/getstarted.txt also contains a lot of useless information, > stuff that's not relevant for users of the Debian binary package. > > Not having a clue about what uhub is, though, there might be things in > it that users DO need, so this is the only file I'd leave in > debian/uhub.docs. And add the WiKi link from README to it. Updated. Thanks. >* debian/uhub.postrm, debian/uhub.prerm > > These files can be safely removed, as they only includes a #DEBHELPER# > tag. Deleted. Thanks. >* debian/uhub.postinst > > The postinst unconditionally chmods /var/log/uhub to 750 on every > upgrade. This is important security issue. I think this logs shouldn't be available for reading by others. > I would suggestshipping the directory in the deb with that > permission already, and drop the postinst. This is bad idea: W: uhub: non-standard-dir-perm var/log/uhub/ 0750 != 0755 N: N: The directory has a mode different from 0755, and it's not one of the N: known exceptions. N: N: Refer to Debian Policy Manual section 10.9 (Permissions and owners) for N: details. N: N: Severity: normal, Certainty: possible N: N: Check: files, Type: binary, udeb >* debian/rules > > Please do NOT set SILENT=YES! We do want to see the exact commandline, > together with command-line options and whatnot, so that any possible > build failiures or miscompilations can be tracked easier. Yes, this was my fault. Fixed. >* Other notes > > Since uhub seems to have the option of being compiled with SSL > support, it might be a good idea to enable that, perhaps? In this stable release SSL support is very experimental on my opinion. But in current developing version it is quite good. So I will enable this option in the next stable release.
