============================ rpmlint session starts ============================ rpmlint: 2.6.1 configuration: /opt/testing/lib/python3.11/rpmlint/configdefaults.toml /opt/testing/share/rpmlint/cron-whitelist.toml /opt/testing/share/rpmlint/dbus-services.toml /opt/testing/share/rpmlint/device-files-whitelist.toml /opt/testing/share/rpmlint/licenses.toml /opt/testing/share/rpmlint/opensuse.toml /opt/testing/share/rpmlint/pam-modules.toml /opt/testing/share/rpmlint/permissions-whitelist.toml /opt/testing/share/rpmlint/pie-executables.toml /opt/testing/share/rpmlint/polkit-rules-whitelist.toml /opt/testing/share/rpmlint/scoring.toml /opt/testing/share/rpmlint/security.toml /opt/testing/share/rpmlint/sudoers-whitelist.toml /opt/testing/share/rpmlint/sysctl-whitelist.toml /opt/testing/share/rpmlint/systemd-tmpfiles.toml /opt/testing/share/rpmlint/users-groups.toml /opt/testing/share/rpmlint/world-writable-whitelist.toml /opt/testing/share/rpmlint/zypper-plugins.toml /etc/xdg/rpmlint/scoring-strict.override.toml checks: 41, packages: 4 cifs-utils.armv7hl: W: zero-perms-ghost Suggestion: "%ghost %attr(0644,root,root) /etc/alternatives/cifs-idmap-plugin" Your package contains a file with no permissions. This is usually an error because the file won't be accessible by any user. You should check the file permissions and ensure that are correct or fix it using "%attr" macro in %files section. http://ftp.rpm.org/max-rpm/s1-rpm-anywhere-specifying-file-attributes.html cifs-utils.armv7hl: I: package-supports-update-alternatives cifs-utils.spec:62: E: obsolete-suse-version-check 1221 cifs-utils.spec:68: E: obsolete-suse-version-check 1221 cifs-utils.spec:74: E: obsolete-suse-version-check 1140 cifs-utils.spec:80: E: obsolete-suse-version-check 1120 cifs-utils.spec:86: E: obsolete-suse-version-check 1110 The specfile contains a comparison of %suse_version against a suse release that is no longer in maintenance. Consider removing obsolete parts of your spec file to make it more readable. cifs-utils-devel.armv7hl: E: no-binary The package should be of the noarch architecture because it doesn't contain any binaries. cifs-utils.spec: W: no-%check-section The spec file does not contain an %check section. Please check if the package has a testsuite and what it takes to enable the testsuite as part of the package build. If it is not possible to run it in the build environment (OBS/koji) or no testsuite exists, then please ignore this warning. You should not insert an empty %check section. cifs-utils.armv7hl: E: missing-call-to-setgroups-before-setuid /usr/sbin/mount.cifs cifs-utils.armv7hl: E: missing-call-to-setgroups-before-setuid /usr/sbin/mount.smb3 This executable is calling setuid and setgid without setgroups or initgroups. This means it didn't relinquish all groups, and this would be a potential security issue. cifs-utils.armv7hl: E: call-to-mktemp /usr/sbin/mount.cifs cifs-utils.armv7hl: E: call-to-mktemp /usr/sbin/mount.smb3 This executable calls mktemp. As advised by the manpage (mktemp(3)), this function should be avoided. cifs-utils.armv7hl: E: alternative-link-missing /etc/alternatives/idmap-plugin The file %{_sysconfdir}/alternatives/$(basename generic-name) is missing in the file list. Mark it as %ghost and add it to the file list. Check time report (>1% & >0.1s): Check Duration (in s) Fraction (in %) Checked files BinariesCheck 0.2 38.8 SpecCheck 0.1 20.3 TOTAL 0.6 100.0 4 packages and 0 specfiles checked; 11 errors, 2 warnings, 17 filtered, 11 badness; has taken 0.6 s