Bug#853903: RFS: scap-security-guide/0.1.31-6 [ITP] -- security guides and conformity checks using SCAP standard
control: owner -1 !
control: tags -1 moreinfo
control: forcemerge 853903 852415
Hello
lets see a preliminary review:
1) one single changelog entry, targeting sid and initial release (Closes: #ITP)
2) debian/rules, lots of comented out noise, please remove
3) copyright not in dep-5 format, and some stuff is LGPL-2+ e.g.
shared/transforms/pcidss/something
some other is MIT (Ubuntu/16.04 some subdirs), something else CC-BY-SA, JQuery license,
Public domain, GPL and probably something more
4) compat is now 10, please bump also debhelper to >=10
5) how do you use libopenscap8? dynamic loading or linking?
if you link it, just build-depend on the -dev package and add shlibs:Depends to the runtime dependencies
(avoiding nightmares on libopenscap8 SONAME changes)
6) quilt dependency is useless, and probably also some others, e.g. coreutils, part of Essentials packages
(you can't remove it on a system)
also probably sed and not sure about the others (to find them I usually try to remove them on my system)
7) ssg-base depends on libopenscap8
everything else depends on ssg-base, so transitively also against libopenscap8 making it useless to be replicated,
right?
8) does not build twice in a row (not a real issue)
9) debian/ssg-base.prerm what???
10) debian/README <--- useless?
11) debian/README.Debian might be made more aware of directories, e.g. /usr/share/ssg" might save some sed'ing before running the command,
unless you want to change packagename in the near future
http://debomatic-amd64.debian.net/distribution#unstable/scap-security-guide/0.1.31-6/buildlog
since this is just some xml files that are needed by libopenscap8...
what about suggesting this new package or merging it on that above tool?
I don't undestand why the tool and the profiles have to be kept separate
it is mostly all for now :)
G.
Reply to: