https://bugzilla.redhat.com/show_bug.cgi?id=851279
Bug ID: 851279
QA Contact: [email protected]
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: [email protected],
[email protected]
Assignee: [email protected]
Summary: Review Request: eucalyptus - Elastic Utility Computing
Architecture
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: [email protected]
Type: Bug
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: Package Review
Product: Fedora
Name : eucalyptus
Version : 3.1.0
License : GPLv3
URL : http://www.eucalyptus.com
Summary : Elastic Utility Computing Architecture
Description :
Eucalyptus is a service overlay that implements elastic computing
using existing resources. The goal of Eucalyptus is to allow sites
with existing clusters and server infrastructure to co-host an elastic
computing service that is interface-compatible with Amazon AWS.
SPEC:
http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-16/eucalyptus.spec
SRPM:
http://arg.fedorapeople.org/reviews/eucalyptus/3.1.0-16/eucalyptus-3.1.0-16.fc18.src.rpm
There are a number of lint warnings. I'll go through my rationale on them:
1) eucalyptus.x86_64: W: dangerous-command-in-%pre tar
This could be changed to copy commands if that's deemed "safer" ... this is how
upstream packages currently work, though.
2) dangling-symlink (many of these)
Eucalyptus relies on all jars being in a common directory. jetty does
something similar in /usr/share/jetty/lib. All symlink targets are unversioned
jar filenames and are contained in Requires.
3) explicit-lib-dependency (json-lib and cglib)
Bogus. These are java packages
4) install-file-in-docs
The install file does also contain some setup instructions, but I could get rid
of it.
5) log-files-without-logrotate
We use log4j to rotate almost all of our logs. We may instate logrotate for
the remaining logs
6) no-documentation
Subpackages depend on the eucalyptus package, which contains docs. The only
exception is the python admin tools, which are actually licensed separately (as
BSD) but do not ship a license file at this time.
7) no-manual-page-for-binary
Eucalyptus does not create manual pages for most binaries. End-user binaries
have help text, and I've used help2man for some of those. The service binaries
are not really intended to be run by an end user in most cases, and could
perhaps be moved into libexec
8) non-conffile-in-etc
We may simply need to relocate /etc/eucalyptus/cloud.d entirely. I'm just not
certain of the right place, and would like advice on this. In some cases,
these are files that users may want/need to modify (jrxml templates for
jasperreports, for example). Generally they won't be modified, though.
The file not in /etc/eucalyptus should likely be config files. I'll talk to
our developers about this.
9) non-standard-dir-perm 0700
I'm not sure why 0700 is strange. The instances of this are mainly sensitive
data which should only be readable by the eucalyptus user.
10) non-standard-executable-perm / setuid-binary (these are related)
The "rootwrap" and "mountwrap" binaries, unfortunately, are used to give
eucalyptus root privileges for specific operations. I wish this were better,
but this is how eucalyptus currently works
11) non-standard-gid / non-standard-uid
eucalyptus owns a number of directories, usually so that permissions can be set
to 0700
12) only-non-binary-in-usr-lib
This is RHBZ 794777
13) spelling-error
This is due to our acronyms (NC, CC, SC)
Sorry, that's a lot to work through. Hopefully some brave reviewer can take
this on.
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
package-review mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-review
