[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Paulo Roma Cavalcanti pro...@gmail.com changed:

   What|Removed |Added

 Status|ASSIGNED|CLOSED
 Resolution||CURRENTRELEASE




-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Kevin Fenzi [EMAIL PROTECTED] changed:

   What|Removed |Added

   Flag|fedora-cvs? |fedora-cvs+




--- Comment #26 from Kevin Fenzi [EMAIL PROTECTED]  2008-12-03 19:46:35 EDT 
---
We are no longer doing F-8 branches. 

cvs done without F-8.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #17 from Jon Ciesla [EMAIL PROTECTED]  2008-12-02 09:24:23 EDT ---
MUST: rpmlint must be run on every package. The output should be posted in the
review.

partimage.src: W: strange-permission create_certificates.sh 0775
A file that you listed to include in your package has strange permissions.
Usually, a file should have 0644 permissions.

partimage.src: W: strange-permission partimaged-passwd 0755
A file that you listed to include in your package has strange permissions.
Usually, a file should have 0644 permissions.

Why are these runnable by non-root users?

RPMS: addressed above.

- MUST: The package must be named according to the Package Naming Guidelines .

OK.

- MUST: The spec file name must match the base package %{name}, in the format
%{name}.spec unless your package has an exemption on Package Naming Guidelines
.

OK.

- MUST: The package must meet the Packaging Guidelines .

Generally OK, but drop the image location macro, and remove the user created in
the preun conditional.

- MUST: The package must be licensed with a Fedora approved license and meet
the Licensing Guidelines .

OK.

- MUST: The License field in the package spec file must match the actual
license.

OK.

- MUST: If (and only if) the source package includes the text of the license(s)
in its own file, then that file, containing the text of the license(s) for the
package must be included in %doc.

OK.

- MUST: The spec file must be written in American English.

OK.

- MUST: The spec file for the package MUST be legible. If the reviewer is
unable to read the spec file, it will be impossible to perform a review. Fedora
is not the place for entries into the Obfuscated Code Contest
(http://www.ioccc.org/).

OK.

- MUST: The sources used to build the package must match the upstream source,
as provided in the spec URL. Reviewers should use md5sum for this task. If no
upstream URL can be specified for this package, please see the Source URL
Guidelines for how to deal with this.

Source URL still uses shortened SourceForge name, fix.

- MUST: The package must successfully compile and build into binary rpms on at
least one supported architecture.

OK.

- MUST: If the package does not successfully compile, build or work on an
architecture, then those architectures should be listed in the spec in
ExcludeArch. Each architecture listed in ExcludeArch needs to have a bug filed
in bugzilla, describing the reason that the package does not compile/build/work
on that architecture. The bug number should then be placed in a comment, next
to the corresponding ExcludeArch line. New packages will not have bugzilla
entries during the review process, so they should put this description in the
comment until the package is approved, then file the bugzilla entry, and
replace the long explanation with the bug number. The bug should be marked as
blocking one (or more) of the following bugs to simplify tracking such issues:
FE-ExcludeArch-x86 , FE-ExcludeArch-x64 , FE-ExcludeArch-ppc ,
FE-ExcludeArch-ppc64

OK.

- MUST: All build dependencies must be listed in BuildRequires, except for any
that are listed in the exceptions section of the Packaging Guidelines ;
inclusion of those as BuildRequires is optional. Apply common sense.

OK.

- MUST: The spec file MUST handle locales properly. This is done by using the
%find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.

OK.

- MUST: Every binary RPM package which stores shared library files (not just
symlinks) in any of the dynamic linker's default paths, must call ldconfig in
%post and %postun. If the package has multiple subpackages with libraries, each
subpackage should also have a %post/%postun section that calls /sbin/ldconfig.
An example of the correct syntax for this is:

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

NA.

- MUST: If the package is designed to be relocatable, the packager must state
this fact in the request for review, along with the rationalization for
relocation of that specific package. Without this, use of Prefix: /usr is
considered a blocker.

NA.

- MUST: A package must own all directories that it creates. If it does not
create a directory that it uses, then it should require a package which does
create that directory. Refer to the Guidelines for examples.

Needs to own %{_datadir}/partimaged.

- MUST: A package must not contain any duplicate files in the %files listing.

OK.

- MUST: Permissions on files must be set properly. Executables should be set
with executable permissions, for example. Every %files section must include a
%defattr(...) line.

See above.

- MUST: Each package must have a %clean section, which contains rm -rf
%{buildroot} ( or $RPM_BUILD_ROOT ).

OK.

- MUST: Each package must consistently use macros, as described in the macros
section of Packaging Guidelines .

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #18 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-12-02 
11:15:21 EDT ---
 Summary: Script perms, macro, Source URL, remove generated user, own
 %{_datadir}/partimaged.


1) I changed the script perms in the .src.rpm to 644 and in the rpm
to 744.

2) Removed home macro.

3) Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2

4) Deleted created user in the postun section.

5) %dir %{_datadir}/partimaged


Spec: http://orion.lcg.ufrj.br/RPMS/SPECS/partimage.spec

SRPM: http://orion.lcg.ufrj.br/RPMS/src/partimage-0.6.7-5.fc8.src.rpm



Thanks.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #20 from Jon Ciesla [EMAIL PROTECTED]  2008-12-02 13:11:24 EDT ---
Oh, might also want to add partimage- to the man.tar.gz and
create_certificates.sh and rename at install, to avoid SRPM clobber.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Jon Ciesla [EMAIL PROTECTED] changed:

   What|Removed |Added

   Flag|fedora-review?  |fedora-review+




--- Comment #19 from Jon Ciesla [EMAIL PROTECTED]  2008-12-02 13:07:53 EDT ---
Excellent.

APPROVED.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #21 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-12-02 
13:41:24 EDT ---
You mean, putting Source1, Source3, Source4, Source5,
in, say, scripts.tar.gz and uncompressing them in the source tree?

I was intending to do that, but during the review, it would have complicated 
the access to the scripts.

I also have this small text with the guidelines I use for cloning
my installations. Even for laptops, I always use a pre-created image.

Maybe you would like to read it (of course, this text cannot be included in the
rpm).


http://orion.lcg.ufrj.br/roma/LCG_partimage.html

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #22 from Jon Ciesla [EMAIL PROTECTED]  2008-12-02 14:08:19 EDT ---
No, simply rename man.tar.gz partimage-man.tar.gz and rename
create_certificates.sh partimage-create_certificates.sh, and rename them when
they are installed in the spec.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #23 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-12-02 
14:35:52 EDT ---
(In reply to comment #22)
 No, simply rename man.tar.gz partimage-man.tar.gz and rename
 create_certificates.sh partimage-create_certificates.sh, and rename them when
 they are installed in the spec.

I did what you asked, but I also compressed the scripts in

partimage-scripts.tar.gz

Same links.

What do you think?

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #24 from Jon Ciesla [EMAIL PROTECTED]  2008-12-02 14:44:43 EDT ---
No need, but no harm either.  Looks OK.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Paulo Roma Cavalcanti [EMAIL PROTECTED] changed:

   What|Removed |Added

   Flag||fedora-cvs?




--- Comment #25 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-12-02 
15:37:37 EDT ---

Thanks a lot, Jon.


New Package CVS Request
===
Package Name: partimage
Short Description: Partition imaging utility, much like Ghost
Owners: roma
Branches: F-8 F-9 F-10 devel

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #15 from Jon Ciesla [EMAIL PROTECTED]  2008-12-01 14:51:38 EDT ---
Sounds to me like just using local pam auth would be the best, simplest and
safest.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #16 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-12-01 
16:09:42 EDT ---
(In reply to comment #15)
 Sounds to me like just using local pam auth would be the best, simplest and
 safest.

No problem. I changed the default to login and pam enabled.

Even if one (like myself) wants to use partimage from SistemRescuedCD,
which comes with login disabled, it is just a question of adding
--nologin to the server configuration file and restart partimaged.
Really easy ...

I also added s short explanation about the use of partimaged-passwd to our
README.partimage.html.


Spec: http://orion.lcg.ufrj.br/RPMS/SPECS/partimage.spec

SRPM: http://orion.lcg.ufrj.br/RPMS/src/partimage-0.6.7-4.fc8.src.rpm

If you can try it, it would be really good.

Thanks.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #14 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-27 
05:13:40 EDT ---
I understood why the authentication using partimaged-passwd was not working.

The rpm has to be created with login and pam enabled and the 
rule pam_unix.so has to be removed. Doing this, the server authenticates using
the db45 database created by the script. The authentication is logged in the
file /var/log/secure.

On the other hand, compiling with pam disabled and login enabled makes the
authentication work using only the /etc/partimaged/patimagedusers file.
Partimage does not use pam for this type of authentication.

Therefore, the files 

/etc/pam.d/partimaged
/usr/share/man/man8/partimaged-passwd.8.gz
/usr/share/partimaged/partimaged-passwd

are only included in the package when pam support is on.

One has to rebuild the package for getting pam support,
and as a consequence, get a (weaker) non-local user type of authentication.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #11 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-26 
04:38:37 EDT ---
 Therefore, my pam rules are not working the way I wanted, 
 but I do not know how to fix them ...
 For now, only local users can authenticate.
 
 Any suggestion? Do you know how pam works?

 Not sure. Is this something you're adding on, or functionality of the original
 code?

I borrowed the idea from Gentoo and Ubuntu. They created this script so people
do not need to have a local account on the server. By what I have read about
Pam, it can use this scheme. 

# partimaged user database
auth sufficient   pam_userdb.so db=/etc/partimaged/passwd

But I always get a password mismatch.


I added a README.Fedora.html (I chose html, because it has some useful links).

I have updated the release:

Spec: http://orion.lcg.ufrj.br/RPMS/SPECS/partimage.spec

SRPM: http://orion.lcg.ufrj.br/RPMS/src/partimage-0.6.7-3.fc8.src.rpm

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #12 from Jon Ciesla [EMAIL PROTECTED]  2008-11-26 14:37:25 EDT ---
(In reply to comment #11)
  Therefore, my pam rules are not working the way I wanted, 
  but I do not know how to fix them ...
  For now, only local users can authenticate.
  
  Any suggestion? Do you know how pam works?
 
  Not sure. Is this something you're adding on, or functionality of the 
  original
  code?
 
 I borrowed the idea from Gentoo and Ubuntu. They created this script so people
 do not need to have a local account on the server. By what I have read about
 Pam, it can use this scheme. 
 
 # partimaged user database
 auth sufficient   pam_userdb.so db=/etc/partimaged/passwd
 
 But I always get a password mismatch.

I'm not sure I like the security implications of this.  This would mean that if
you run partimage-server on your network, anyone on your network with a Fedora
LiveCD with this installed can dump images on your server.

 
 I added a README.Fedora.html (I chose html, because it has some useful links).

Good idea.  But rename to partimage.README.html to avoid use of the word Fedora
and SRPM clobbering.

 I have updated the release:
 
 Spec: http://orion.lcg.ufrj.br/RPMS/SPECS/partimage.spec
 
 SRPM: http://orion.lcg.ufrj.br/RPMS/src/partimage-0.6.7-3.fc8.src.rpm

Also, for partimaged-certs.cnf, you should mention in the README that this file
should be customized.  Not everyone is in Rio. :)

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #13 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-26 
18:40:51 EDT ---

   Not sure. Is this something you're adding on, or functionality of the 
   original
   code?
  
  I borrowed the idea from Gentoo and Ubuntu. They created this script so 
  people
  do not need to have a local account on the server. By what I have read about
  Pam, it can use this scheme. 
  
  # partimaged user database 
  auth sufficient   pam_userdb.so db=/etc/partimaged/passwd
  
  But I always get a password mismatch.
 
 I'm not sure I like the security implications of this.  This would mean that 
 if
 you run partimage-server on your network, anyone on your network with a Fedora
 LiveCD with this installed can dump images on your server.

Not really. This script has to be run as root on the server. Therefore,
only an administrator can add users. It is like using pserver authentication
for CVS. But without any protection, you are right. 

Furthermore, without login enabled (on the server it is just a question of
removing --nologin from/etc/sysconfig/patimage), and using the default port 
(and no firewall), anyone knowing the name of the image can download it. 
I have downloaded in the past a whole fedora image from a server in another
city. It took some time, but worked.  


 
  
  I added a README.Fedora.html (I chose html, because it has some useful 
  links).
 
 Good idea.  But rename to partimage.README.html to avoid use of the word 
 Fedora
 and SRPM clobbering.

Done


 
 Also, for partimaged-certs.cnf, you should mention in the README that this 
 file
 should be customized.  Not everyone is in Rio. :)

Changed the README. 
Also, I changed the name of the default city to Smallville. :)

(I kept the same releae).

Spec: http://orion.lcg.ufrj.br/RPMS/SPECS/partimage.spec

SRPM: http://orion.lcg.ufrj.br/RPMS/src/partimage-0.6.7-3.fc8.src.rpm

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #6 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-25 
07:40:00 EDT ---
(In reply to comment #5)
 Is maintaining arch parity a requirement documented by upstream, or something
 you observed in testing?  If it's not upstream, you'll want to include it in a
 partimage-README.txt

Yes, Jon. According to my tests, the interface hangs when I use a 32 bit client
(from system-rescuecd) connected to a 64 bit server. Since the normal usage is
booting from a CD, so all partitions are unmounted (and making the image) the
server, in general, will have to be 32 bits.


Also, the server options have to match the client compilation options.
Since the client from system-rescuecd use no login and no ssl, the server has
to disable those options in /etc/sysconfi/partimaged.

Note that partimage is developed by the team from System-rescuecd.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Jon Ciesla [EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 AssignedTo|[EMAIL PROTECTED]|[EMAIL PROTECTED]
   Flag||fedora-review?




--- Comment #7 from Jon Ciesla [EMAIL PROTECTED]  2008-11-25 08:44:05 EDT ---
Ok.  Also, probably best to use NoArch instead of BuildArch, so sparc, alpha,
etc can take a crack at it later.

rpmlint on SRPM:
partimage.src: W: strange-permission create_certificates.sh 0775
A file that you listed to include in your package has strange permissions.
Usually, a file should have 0644 permissions.

partimage.src: W: strange-permission partimaged-passwd 0755
A file that you listed to include in your package has strange permissions.
Usually, a file should have 0644 permissions.


Should these not be 700, or at least 744?

rpmlint on RPMS:

partimage-server.i386: W: non-standard-uid /etc/partimaged partimag
partimage-server.i386: W: non-standard-gid /etc/partimaged partimag
partimage-server.i386: W: non-standard-uid /home/images partimag
partimage-server.i386: W: non-standard-gid /home/images partimag
partimage-server.i386: W: non-standard-uid /var/log/partimaged partimag
partimage-server.i386: W: non-standard-gid /var/log/partimaged partimag
partimage-server.i386: W: non-standard-uid
/etc/partimaged/create_certificates.sh partimag
partimage-server.i386: W: non-standard-gid
/etc/partimaged/create_certificates.sh partimag
partimage-server.i386: W: non-standard-uid /etc/partimaged/partimagedusers
partimag
partimage-server.i386: W: non-standard-gid /etc/partimaged/partimagedusers
partimag
partimage-server.i386: W: non-standard-uid /etc/partimaged/partimage-certs.cnf
partimag
partimage-server.i386: W: non-standard-gid /etc/partimaged/partimage-certs.cnf
partimag

OK.

partimage-server.i386: E: dir-or-file-in-home /home/images

What's going on here?  This cannot be in /home, maybe
/usr/share/partimage-server or /var/lib/partimage-server.

partimage-server.i386: E: incoherent-logrotate-file /etc/logrotate.d/partimaged
partimage-server.i386: W: incoherent-init-script-name partimaged

Probably fine, but could be patched to be partimage-server, or possibly the
sub-package renamed partimaged.

partimage-server.i386: E: executable-marked-as-config-file
/etc/partimaged/create_certificates.sh

Should be in /usr/share/partimaged/

partimage-server.i386: E: non-readable /etc/partimaged/partimagedusers 0600

Probably fine.


Full review in progress. . .

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #8 from Jon Ciesla [EMAIL PROTECTED]  2008-11-25 09:32:58 EDT ---
License is GPLv2+.

Fix Source0 URL. . .
https://fedoraproject.org/wiki/Packaging/SourceURL

Send gcc-4.3 patch upstream if not already done, document that you did and how
in the spec.

The DOCS are duplicated in the main and server packages.  Usually redundant,
but since they don't require each other, it's OK here.

Need to BuildRequires zlib-devel.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #9 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-25 
14:05:37 EDT ---
 rpmlint on SRPM:
 partimage.src: W: strange-permission create_certificates.sh 0775
 A file that you listed to include in your package has strange permissions.
 Usually, a file should have 0644 permissions.

I put the script that creates the certificates in the same directory 
the certificates are going to be. It has been moved to /usr/share/partimaged.


 
 partimage.src: W: strange-permission partimaged-passwd 0755
 A file that you listed to include in your package has strange permissions.
 Usually, a file should have 0644 permissions.
 

The idea behind this script is that users do not need to have a local account
on the server in case a login is needed. It has been moved to
/usr/share/partimaged.

This script creates a db file (user, passwd), which can be used by pam for
authentication purposes. The problem is that pam is ignoring this file
and using only the /etc/partimaged/partimagedusers, which lists only 
local users (no passwords).

Therefore, my pam rules are not working the way I wanted, 
but I do not know how to fix them ...
For now, only local users can authenticate.

Any suggestion? Do you know how pam works?

 
 Should these not be 700, or at least 744?
 
 rpmlint on RPMS:
 
 partimage-server.i386: W: non-standard-uid /etc/partimaged partimag
 partimage-server.i386: W: non-standard-gid /etc/partimaged partimag
 partimage-server.i386: W: non-standard-uid /home/images partimag
 partimage-server.i386: W: non-standard-gid /home/images partimag
 partimage-server.i386: W: non-standard-uid /var/log/partimaged partimag
 partimage-server.i386: W: non-standard-gid /var/log/partimaged partimag
 partimage-server.i386: W: non-standard-uid
 /etc/partimaged/create_certificates.sh partimag
 partimage-server.i386: W: non-standard-gid
 /etc/partimaged/create_certificates.sh partimag
 partimage-server.i386: W: non-standard-uid /etc/partimaged/partimagedusers
 partimag
 partimage-server.i386: W: non-standard-gid /etc/partimaged/partimagedusers
 partimag
 partimage-server.i386: W: non-standard-uid /etc/partimaged/partimage-certs.cnf
 partimag
 partimage-server.i386: W: non-standard-gid /etc/partimaged/partimage-certs.cnf
 partimag
 
 OK.
 
 partimage-server.i386: E: dir-or-file-in-home /home/images
 
 What's going on here?  This cannot be in /home, maybe
 /usr/share/partimage-server or /var/lib/partimage-server.

I used a 

%bcond_without home

because it is where I save my images (all my free space is always in /home). 

This has been changed to

%bcond_with home

which makes the spec to put the images in /var/partimaged.


 
 partimage-server.i386: E: incoherent-logrotate-file 
 /etc/logrotate.d/partimaged
 partimage-server.i386: W: incoherent-init-script-name partimaged
 
 Probably fine, but could be patched to be partimage-server, or possibly the
 sub-package renamed partimaged.
 

The process name is partimaged. I think is counter-intuitive to use
partimage-server. The sub-package could be renamed, but everybody else uses
partimage-server. Only Fedora would be different ...

 partimage-server.i386: E: executable-marked-as-config-file
 /etc/partimaged/create_certificates.sh
 
 Should be in /usr/share/partimaged/

Already moved.

 
 partimage-server.i386: E: non-readable /etc/partimaged/partimagedusers 0600
 
 Probably fine.



 License is GPLv2+.

Fixed.

 Fix Source0 URL. . .
 https://fedoraproject.org/wiki/Packaging/SourceURL

Changed.

 Send gcc-4.3 patch upstream if not already done, document that you did and how
 in the spec.

It is in the changelog section. 
The patch is very simple, and just changed some include files for C++:

-#include iostream.h
+#include iostream


 The DOCS are duplicated in the main and server packages.  Usually redundant,
 but since they don't require each other, it's OK here.

 Need to BuildRequires zlib-devel.

Done.


Links updated. A README.fedora will be added.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #10 from Jon Ciesla [EMAIL PROTECTED]  2008-11-25 14:33:27 EDT ---
(In reply to comment #9)
  rpmlint on SRPM:
  partimage.src: W: strange-permission create_certificates.sh 0775
  A file that you listed to include in your package has strange permissions.
  Usually, a file should have 0644 permissions.
 
 I put the script that creates the certificates in the same directory 
 the certificates are going to be. It has been moved to /usr/share/partimaged.
 
 
  
  partimage.src: W: strange-permission partimaged-passwd 0755
  A file that you listed to include in your package has strange permissions.
  Usually, a file should have 0644 permissions.
  
 
 The idea behind this script is that users do not need to have a local account
 on the server in case a login is needed. It has been moved to
 /usr/share/partimaged.

Good.

 This script creates a db file (user, passwd), which can be used by pam for
 authentication purposes. The problem is that pam is ignoring this file
 and using only the /etc/partimaged/partimagedusers, which lists only 
 local users (no passwords).
 
 Therefore, my pam rules are not working the way I wanted, 
 but I do not know how to fix them ...
 For now, only local users can authenticate.
 
 Any suggestion? Do you know how pam works?

Not sure. Is this something you're adding on, or functionality of the original
code?

  
  Should these not be 700, or at least 744?
  
  rpmlint on RPMS:
  
  partimage-server.i386: W: non-standard-uid /etc/partimaged partimag
  partimage-server.i386: W: non-standard-gid /etc/partimaged partimag
  partimage-server.i386: W: non-standard-uid /home/images partimag
  partimage-server.i386: W: non-standard-gid /home/images partimag
  partimage-server.i386: W: non-standard-uid /var/log/partimaged partimag
  partimage-server.i386: W: non-standard-gid /var/log/partimaged partimag
  partimage-server.i386: W: non-standard-uid
  /etc/partimaged/create_certificates.sh partimag
  partimage-server.i386: W: non-standard-gid
  /etc/partimaged/create_certificates.sh partimag
  partimage-server.i386: W: non-standard-uid /etc/partimaged/partimagedusers
  partimag
  partimage-server.i386: W: non-standard-gid /etc/partimaged/partimagedusers
  partimag
  partimage-server.i386: W: non-standard-uid 
  /etc/partimaged/partimage-certs.cnf
  partimag
  partimage-server.i386: W: non-standard-gid 
  /etc/partimaged/partimage-certs.cnf
  partimag
  
  OK.
  
  partimage-server.i386: E: dir-or-file-in-home /home/images
  
  What's going on here?  This cannot be in /home, maybe
  /usr/share/partimage-server or /var/lib/partimage-server.
 
 I used a 
 
 %bcond_without home
 
 because it is where I save my images (all my free space is always in /home). 
 
 This has been changed to
 
 %bcond_with home
 
 which makes the spec to put the images in /var/partimaged.

Good.

 
  
  partimage-server.i386: E: incoherent-logrotate-file 
  /etc/logrotate.d/partimaged
  partimage-server.i386: W: incoherent-init-script-name partimaged
  
  Probably fine, but could be patched to be partimage-server, or possibly the
  sub-package renamed partimaged.
  
 
 The process name is partimaged. I think is counter-intuitive to use
 partimage-server. The sub-package could be renamed, but everybody else uses
 partimage-server. Only Fedora would be different ...

Then we can leave it -server.

  partimage-server.i386: E: executable-marked-as-config-file
  /etc/partimaged/create_certificates.sh
  
  Should be in /usr/share/partimaged/
 
 Already moved.
 
  
  partimage-server.i386: E: non-readable /etc/partimaged/partimagedusers 0600
  
  Probably fine.
 
 
 
  License is GPLv2+.
 
 Fixed.
 
  Fix Source0 URL. . .
  https://fedoraproject.org/wiki/Packaging/SourceURL
 
 Changed.
 
  Send gcc-4.3 patch upstream if not already done, document that you did and 
  how
  in the spec.
 
 It is in the changelog section. 
 The patch is very simple, and just changed some include files for C++:
 
 -#include iostream.h
 +#include iostream

Should be commented next to patch in spec.  Changelog is good to have as well.

 
  The DOCS are duplicated in the main and server packages.  Usually redundant,
  but since they don't require each other, it's OK here.
 
  Need to BuildRequires zlib-devel.
 
 Done.
 
 
 Links updated. A README.fedora will be added.

Probably best to update the release and repost new links, as an additional
indicator of exactly when the above has been completed.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676


Jon Ciesla [EMAIL PROTECTED] changed:

   What|Removed |Added

 CC||[EMAIL PROTECTED]




--- Comment #1 from Jon Ciesla [EMAIL PROTECTED]  2008-11-24 09:10:40 EDT ---
Will it build on x86_64?

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #2 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-24 
09:27:35 EDT ---
(In reply to comment #1)
 Will it build on x86_64?

Yes, it does. No problem.

But according to upstream, the (listed) architectures are only i386+ and ppc.

Last time I tried the x86_64 version, the server hanged, and I never tried it
again.  But maybe it worth a new testing ...

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #3 from Jon Ciesla [EMAIL PROTECTED]  2008-11-24 09:37:46 EDT ---
Definitely test and retry.  No reason to only to 32-bit if it works.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #4 from Paulo Roma Cavalcanti [EMAIL PROTECTED]  2008-11-24 
16:15:09 EDT ---
(In reply to comment #3)
 Definitely test and retry.  No reason to only to 32-bit if it works.

Yes, it seems to work. I saved an unmounted /boot partition of a second disk,
and had no problem. I think as long as people do not mix client x server
architectures (e.g., when booting from a rescue CD), it should work
(and without any patch, as was necessary in the past).

I have updated the links.

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review

[Bug 472676] Review Request: partimage

[bugzilla]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=472676





--- Comment #5 from Jon Ciesla [EMAIL PROTECTED]  2008-11-24 16:19:36 EDT ---
Is maintaining arch parity a requirement documented by upstream, or something
you observed in testing?  If it's not upstream, you'll want to include it in a
partimage-README.txt

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
Fedora-package-review mailing list
Fedora-package-review@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-review