============================ rpmlint session starts ============================ rpmlint: 2.6.1 configuration: /opt/testing/lib/python3.11/rpmlint/configdefaults.toml /opt/testing/share/rpmlint/cron-whitelist.toml /opt/testing/share/rpmlint/dbus-services.toml /opt/testing/share/rpmlint/device-files-whitelist.toml /opt/testing/share/rpmlint/licenses.toml /opt/testing/share/rpmlint/opensuse.toml /opt/testing/share/rpmlint/pam-modules.toml /opt/testing/share/rpmlint/permissions-whitelist.toml /opt/testing/share/rpmlint/pie-executables.toml /opt/testing/share/rpmlint/polkit-rules-whitelist.toml /opt/testing/share/rpmlint/scoring.toml /opt/testing/share/rpmlint/security.toml /opt/testing/share/rpmlint/sudoers-whitelist.toml /opt/testing/share/rpmlint/sysctl-whitelist.toml /opt/testing/share/rpmlint/systemd-tmpfiles.toml /opt/testing/share/rpmlint/users-groups.toml /opt/testing/share/rpmlint/world-writable-whitelist.toml /opt/testing/share/rpmlint/zypper-plugins.toml /etc/xdg/rpmlint/scoring-strict.override.toml checks: 41, packages: 25 sssd.armv6hl: W: zero-perms-ghost Suggestion: "%ghost %attr(0644,root,root) /etc/alternatives/cifs-idmap-plugin" Your package contains a file with no permissions. This is usually an error because the file won't be accessible by any user. You should check the file permissions and ensure that are correct or fix it using "%attr" macro in %files section. http://ftp.rpm.org/max-rpm/s1-rpm-anywhere-specifying-file-attributes.html sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-autofs.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-autofs.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-nss.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-nss.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-pac.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-pac.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-pam-priv.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-pam.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-pam.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-ssh.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-ssh.socket sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-sudo.service sssd.armv6hl: E: systemd-service-without-service_del_preun sssd-sudo.socket The package contains a systemd service but doesn't contain a %preun with a call to service_del_preun. sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-autofs.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-autofs.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-nss.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-nss.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-pac.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-pac.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-pam-priv.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-pam.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-pam.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-ssh.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-ssh.socket sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-sudo.service sssd.armv6hl: E: systemd-service-without-service_del_postun sssd-sudo.socket The package contains a systemd service but doesn't contain a %postun with a call to service_del_postun. sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-autofs.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-autofs.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-nss.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-nss.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-pac.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-pac.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-pam-priv.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-pam.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-pam.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-ssh.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-ssh.socket sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-sudo.service sssd.armv6hl: E: systemd-service-without-service_add_pre sssd-sudo.socket The package contains a systemd service but doesn't contain a %pre with a call to service_add_pre. sssd.armv6hl: E: systemd-service-without-service_add_post sssd-autofs.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-autofs.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-nss.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-nss.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-pac.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-pac.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-pam-priv.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-pam.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-pam.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-ssh.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-ssh.socket sssd.armv6hl: E: systemd-service-without-service_add_post sssd-sudo.service sssd.armv6hl: E: systemd-service-without-service_add_post sssd-sudo.socket The package contains a systemd service but doesn't contain a %post with a call to service_add_post. python3-sssd-config.armv6hl: E: python-egg-info-distutils-style /usr/lib/python3.11/site-packages/SSSDConfig-2.9.5-py3.11.egg-info The Python package's egg-info is a distutils style file. Please update to dist-info standardized core metadata. sssd.armv6hl: I: package-supports-update-alternatives sssd.armv6hl: W: non-etc-or-var-file-marked-as-conffile /usr/etc/sssd/sssd.conf A file not in /etc or /var is marked as being a configuration file (%config). Please put your configuration files in /etc or /var. libipa_hbac-devel.armv6hl: E: no-binary libsss_certmap-devel.armv6hl: E: no-binary libsss_idmap-devel.armv6hl: E: no-binary libsss_nss_idmap-devel.armv6hl: E: no-binary The package should be of the noarch architecture because it doesn't contain any binaries. sssd.armv6hl: E: missing-call-to-setgroups-before-setuid /usr/libexec/sssd/selinux_child sssd-ipa.armv6hl: E: missing-call-to-setgroups-before-setuid /usr/lib/sssd/libsss_ipa.so This executable is calling setuid and setgid without setgroups or initgroups. This means it didn't relinquish all groups, and this would be a potential security issue. sssd-tools.armv6hl: E: env-script-interpreter (Badness: 9) /usr/libexec/sssd/sss_analyze /usr/bin/env python This script uses 'env' as an interpreter. For the rpm runtime dependency detection to work, the shebang #!/usr/bin/env needs to be patched into #!/usr/bin/ otherwise the package dependency generator merely adds a dependency on /usr/bin/env rather than the actual interpreter /usr/bin/. Alternatively, if the file should not be executed, then ensure that it is not marked as executable or don't install it in a path that is reserved for executables. libsss_certmap-devel.armv6hl: W: description-shorter-than-summary The package description should be longer than the summary. sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf sssd-dbus.armv6hl: E: dbus-policy-allow-without-destination /usr/share/dbus-1/system.d/org.freedesktop.sssd.infopipe.conf 'allow' directives must always specify a 'send_destination'. sssd.armv6hl: E: alternative-link-missing /etc/alternatives/idmap-plugin The file %{_sysconfdir}/alternatives/$(basename generic-name) is missing in the file list. Mark it as %ghost and add it to the file list. Check time report (>1% & >0.1s): Check Duration (in s) Fraction (in %) Checked files BinariesCheck 1.6 46.6 ExtractRpm 0.8 22.1 SignatureCheck 0.4 10.7 BashismsCheck 0.2 6.2 TOTAL 3.4 100.0 25 packages and 0 specfiles checked; 71 errors, 3 warnings, 184 filtered, 79 badness; has taken 3.5 s