============================ rpmlint session starts ============================ rpmlint: 2.6.1 configuration: /opt/testing/lib/python3.11/rpmlint/configdefaults.toml /opt/testing/share/rpmlint/cron-whitelist.toml /opt/testing/share/rpmlint/dbus-services.toml /opt/testing/share/rpmlint/device-files-whitelist.toml /opt/testing/share/rpmlint/licenses.toml /opt/testing/share/rpmlint/opensuse.toml /opt/testing/share/rpmlint/pam-modules.toml /opt/testing/share/rpmlint/permissions-whitelist.toml /opt/testing/share/rpmlint/pie-executables.toml /opt/testing/share/rpmlint/polkit-rules-whitelist.toml /opt/testing/share/rpmlint/scoring.toml /opt/testing/share/rpmlint/security.toml /opt/testing/share/rpmlint/sudoers-whitelist.toml /opt/testing/share/rpmlint/sysctl-whitelist.toml /opt/testing/share/rpmlint/systemd-tmpfiles.toml /opt/testing/share/rpmlint/users-groups.toml /opt/testing/share/rpmlint/world-writable-whitelist.toml /opt/testing/share/rpmlint/zypper-plugins.toml /etc/xdg/rpmlint/scoring-strict.override.toml checks: 41, packages: 9 openssh-fips.i586: E: wrong-script-end-of-line-encoding /usr/bin/ssh.hmac This script has wrong end-of-line encoding, usually caused by creation or modification on a non-Unix system. It will prevent its execution. openssh-fips.i586: E: script-without-shebang /usr/bin/ssh.hmac openssh-fips.i586: E: script-without-shebang /usr/sbin/sshd.hmac This text file has executable bits set or is located in a path dedicated for executables, but lacks a shebang and cannot thus be executed. If the file is meant to be an executable script, add the shebang, otherwise remove the executable bits or move the file elsewhere. openssh-fips.i586: W: obsolete-not-provided openssh-hmac If a package is obsoleted by a compatible replacement, the obsoleted package should also be provided in order to not cause unnecessary dependency breakage. If the obsoleting package is not a compatible replacement for the old one, leave out the Provides. openssh-fips.i586: W: non-executable-in-bin /usr/bin/ssh.hmac 444 openssh-fips.i586: W: non-executable-in-bin /usr/sbin/sshd.hmac 444 A file is being installed in /usr/bin, but is not an executable. Be sure that the file is an executable or that it has executable permissions. openssh-server.i586: W: non-etc-or-var-file-marked-as-conffile /usr/etc/ssh/sshd_config openssh-server.i586: W: non-etc-or-var-file-marked-as-conffile /usr/etc/ssh/sshd_config.d/40-suse-crypto-policies.conf A file not in /etc or /var is marked as being a configuration file (%config). Please put your configuration files in /etc or /var. openssh.i586: E: no-binary openssh-fips.i586: E: no-binary openssh-server-config-rootlogin.i586: E: no-binary The package should be of the noarch architecture because it doesn't contain any binaries. openssh.spec: W: no-%check-section The spec file does not contain an %check section. Please check if the package has a testsuite and what it takes to enable the testsuite as part of the package build. If it is not possible to run it in the build environment (OBS/koji) or no testsuite exists, then please ignore this warning. You should not insert an empty %check section. openssh-clients.i586: E: missing-call-to-setgroups-before-setuid /usr/libexec/ssh/ssh-keysign This executable is calling setuid and setgid without setgroups or initgroups. This means it didn't relinquish all groups, and this would be a potential security issue. Check time report (>1% & >0.1s): Check Duration (in s) Fraction (in %) Checked files BinariesCheck 0.3 27.8 ExtractRpm 0.2 19.7 BashismsCheck 0.2 18.5 SpecCheck 0.1 12.3 SignatureCheck 0.1 8.6 TOTAL 1.2 100.0 9 packages and 0 specfiles checked; 7 errors, 6 warnings, 39 filtered, 7 badness; has taken 1.2 s