intetsim review (Re: ITP: inetsim)

Lukas Schwaighofer lukas at schwaighofer.name
Mon Oct 16 21:43:48 UTC 2017 

Hi GenYu,

On Mon, 9 Oct 2017 03:04:37 +0000
yoo z <zouyoo at outlook.com> wrote:

> I created two fake .exe files under the debian/samples, these files
> are just txt files and i put a README.Debian with them.

Good, sorry for the delay.  As I already told you privately, I had a
quite busy week.  Anyways, here we go:

* Please always check the package using lintian before requesting a
  review.  For the version of inetsim currently in your git repository
  it reports:
  - W: inetsim: script-in-etc-init.d-not-registered-via-update-rc.d
    etc/init.d/inetsim
  - E: inetsim: init.d-script-needs-depends-on-lsb-base
    etc/init.d/inetsim (line 31)
  - I: inetsim: init.d-script-does-not-implement-optional-option
    etc/init.d/inetsim status

  Since policy recommends implementing the status option [1], it's a
  good idea to do so it.  Copy the init script to debian/inetsim.init
  and then modify it to support the status option.  This will also
  automatically fix the first of the reported issue (since it is then
  installed by dh_installinit).
  → This also means you no longer need dh-exec, more cleanup :)

* debian/control: Now that you are a pkg-security member, please move
  the repository to alioth as documented our wiki and add the
  correct/add the Vcs-{Git,Browser} control fields.

* debian/rules: There is no need to remove the two executable files,
  they are not installed anyways since you removed the corresponding
  lines from debian/inetsim.install.  You can remove everything after
  the `dh $@` line.

  Unfortunately the situation with the two .exe files is even a bit
  messier.  I just asked on #debian-mentors in irc whether we have to
  remove them from the source package as well.  The result of the short
  conversation was that a repack is preferred, because there is no easy
  way to prove that these executables were actually compiled from the
  provided source, so distributing them may violate the DFSG.

* README.Debian:
  - move directly to debian/ and remove from the install file, users
    should be able to find this in /usr/share/doc/inetsim
  - please keep the line width to 80 characters and start the sentences
    with uppercase letters; also don't use abbreviations like PE, spell
    it out (also in debian/changelog)
  - the file usually includes your name, e-mail and timestamp as last
    entry in the same format as debian/changelog; just look at a few of
    the README.Debian files installed in your system


I will continue the review by actually trying out inetsim later this
week.

Regards
Lukas

[1] https://www.debian.org/doc/debian-policy/#writing-the-scripts

More information about the Pkg-security-team mailing list