Comment # 2 on bug 4647 from 
(In reply to Nicolas Chauvet from comment #1)
> I expect you talked about the nonfree section since it's proprietary
> (the namespace is set as appropriate).
> 
> 
> You can use NoSource: 0 (After Source0) instead of using with conditional to
> avoid producing src.rpm with the Source0 in it. (it will be named nosrc.rpm
> instead).

I changed the conditional to by default have the source within the SRPM.
Initially I had to default the other way until I was given permission to
distribute. I plan to remove the conditionals but some may find it useful to
upgrade sooner than I would update the package in RPM Fusion so it still has
some value.


> About pre-built binaries. 
> You only need to use:
> %define debug_package %{nil}
> %define __strip /bin/true
> 
> Please avoid to redefine  __os_install_post

I'm sure I added that for a reason but I can't remember at this point. I'll
test without it.


> Please drop # Selinux versioned requires

I got this from here:
https://fedoraproject.org/wiki/SELinux_Policy_Modules_Packaging_Draft#Runtime_Dependencies

I understand it's a draft, but does it not apply?


> ExclusiveArch:  x86_64 armv7hl
> 
> Uses: Requires: java > 1:1.8.0
> https://fedoraproject.org/wiki/Packaging:Java#BuildRequires_and_Requires

Updated to:
Requires:       java--headless >= 1:1.8.0


> Why Conflicts: unifi-controller ? Can this be avoided ?

There is another person providing unofficial packages which installs into /opt
and I don't want anyone to accidentally install both packages.


> %ghost is availabe with EL6. I don't understand why you think it was not.
> What is available with newer OS is that it does not require the file to be
> pre-created (so you need to use touch for EL6).

I'm sure I tried it and it didn't seem to work. I'll try again.


> %pre , you are probably missing the proper consition to only move the logs
> files only on upgrade on installation. Why this move is needed probably need
> to be stated as a comment.

In one of my earlier versions of the packages I didn't realize the logs were
being written to /usr/share/unifi/logs hence the migration logic. Since the
files won't be deleted on package removal I don't want to depend on only
running the script on upgrade.


> It doesn't look acceptable to edit the selinux configuration on post
> installation. First you need not to assume selinux might not run at all on
> the end-user system. Second you should better the needed changes to the
> targeted policy instead.

So if I move that to install the policy changes will make it into the resultant
RPM? I'm assuming restorecon still needs to be in %post?


> execstack need to be modified in %install step, not %post or you will break
> rpm -V

Again, same question. This will make it into the RPM? 


> About the init_t in permissive, this is not at all acceptable either. You
> are really changing a system wide setting in the back of end-users. 
> https://bugzilla.redhat.com/show_bug.cgi?id=1358476#c20

What's the alternative? Seems better than telling everyone they have to run
selinux in permissive mode.

You are receiving this mail because: