https://bugzilla.redhat.com/show_bug.cgi?id=2376217 Maxwell G <maxwell@xxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |POST Flags|fedora-review? |fedora-review+ --- Comment #60 from Maxwell G <maxwell@xxxxxxx> --- Okay, this looks good. I double checked the licenses, also, and those look good, but rpmlint is complaining about file permissions, and I also noticed one other thing. Pending those fixes, the review is APPROVED. > openbao.x86_64: W: non-standard-uid /etc/openbao.d/tls openbao > openbao.x86_64: W: non-standard-uid /var/lib/openbao openbao > openbao.x86_64: W: non-standard-gid /etc/openbao.d/tls openbao > openbao.x86_64: W: non-standard-gid /var/lib/openbao openbao > %attr(0700,%{name},%{name}) %dir %{_sysconfdir}/%{name}.d/tls and > %attr(0700,%{name},%{name}) %dir %{_sharedstatedir}/%{name} For the tls directory, can the directory be owned by root:openbao with file permissions 0750 instead so the service user cannot change its contents? For /var/lib/openbao, I think the permissions are correct; I assume the service needs to write there. > %verify(not caps) %{_bindir}/bao %verify(no caps) can also be removed since you removed the scriptlet. Please look at those two issues before importing the package -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2376217 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202376217%23c60 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
