============================ rpmlint session starts ============================ rpmlint: 2.6.1 configuration: /opt/testing/lib/python3.11/rpmlint/configdefaults.toml /opt/testing/share/rpmlint/cron-whitelist.toml /opt/testing/share/rpmlint/dbus-services.toml /opt/testing/share/rpmlint/device-files-whitelist.toml /opt/testing/share/rpmlint/licenses.toml /opt/testing/share/rpmlint/opensuse.toml /opt/testing/share/rpmlint/pam-modules.toml /opt/testing/share/rpmlint/permissions-whitelist.toml /opt/testing/share/rpmlint/pie-executables.toml /opt/testing/share/rpmlint/polkit-rules-whitelist.toml /opt/testing/share/rpmlint/scoring.toml /opt/testing/share/rpmlint/security.toml /opt/testing/share/rpmlint/sudoers-whitelist.toml /opt/testing/share/rpmlint/sysctl-whitelist.toml /opt/testing/share/rpmlint/systemd-tmpfiles.toml /opt/testing/share/rpmlint/users-groups.toml /opt/testing/share/rpmlint/world-writable-whitelist.toml /opt/testing/share/rpmlint/zypper-plugins.toml /etc/xdg/rpmlint/scoring-strict.override.toml rpmlintrc: /home/abuild/rpmbuild/SOURCES/brltty.rpmlintrc checks: 41, packages: 19 brltty.i586: W: zero-perms-ghost Suggestion: "%ghost %attr(0644,root,root) /var/adm/update-messages/brltty-6.7-1.2-something" Your package contains a file with no permissions. This is usually an error because the file won't be accessible by any user. You should check the file permissions and ensure that are correct or fix it using "%attr" macro in %files section. http://ftp.rpm.org/max-rpm/s1-rpm-anywhere-specifying-file-attributes.html brltty.src: E: unused-rpmlintrc-filter "static-library-without-debuginfo" brltty.i586: W: tmpfile-not-in-filelist /run/brltty brltty.i586: W: tmpfile-not-in-filelist /var/lib/brltty brltty.i586: W: tmpfile-not-in-filelist /var/lib/BrlAPI Please add the specified file to your %files section as %ghost so users can easily query who created the file, it gets uninstalled on package removal and finally other rpmlint checks see it. ocaml-brlapi.i586: E: spurious-executable-perm (Badness: 50) /usr/lib/ocaml/brlapi/brlapi.cmxa ocaml-brlapi.i586: E: spurious-executable-perm (Badness: 50) /usr/lib/ocaml/brlapi/brlapi.mli ocaml-brlapi.i586: E: spurious-executable-perm (Badness: 50) /usr/lib/ocaml/brlapi/libbrlapi_stubs.a The file is installed with executable permissions, but was identified as one that probably should not be executable. Verify if the executable bits are desired, and remove if not. brltty.i586: E: script-without-shebang /usr/bin/brltty-prologue.lua brltty.i586: E: script-without-shebang /usr/bin/brltty-prologue.tcl ocaml-brlapi.i586: E: script-without-shebang /usr/lib/ocaml/brlapi/META This text file has executable bits set or is located in a path dedicated for executables, but lacks a shebang and cannot thus be executed. If the file is meant to be an executable script, add the shebang, otherwise remove the executable bits or move the file elsewhere. brltty.i586: W: potential-bashisms /usr/bin/brltty-mkuser brltty.i586: W: potential-bashisms /usr/bin/brltty-genkey brltty.i586: W: potential-bashisms /usr/bin/brltty-prologue.sh checkbashisms reported potential bashisms in a /bin/sh shell script, you might want to manually check this script for bashisms. brltty-lang.noarch: W: package-with-huge-docs 85% More than half the size of your package is documentation. Consider splitting it into a -doc subpackage. brltty.i586: W: non-standard-dir-in-var adm Your package is creating a non-standard subdirectory in /var. The standard directories are: cache, lib, local, lock, log, opt, run, spool, tmp, account, crash, games, mail, yp. brltty.i586: E: non-executable-script /usr/bin/brltty-prologue.bash 644 /bin/bash brltty.i586: E: non-executable-script /usr/bin/brltty-prologue.sh 644 /bin/sh This text file contains a shebang or is located in a path dedicated for executables, but lacks the executable bits and cannot thus be executed. If the file is meant to be an executable script, add the executable bits, otherwise remove the shebang or move the file elsewhere. brltty.i586: W: non-executable-in-bin /usr/bin/brltty-prologue.bash 644 brltty.i586: W: non-executable-in-bin /usr/bin/brltty-prologue.lua 644 brltty.i586: W: non-executable-in-bin /usr/bin/brltty-prologue.sh 644 brltty.i586: W: non-executable-in-bin /usr/bin/brltty-prologue.tcl 644 A file is being installed in /usr/bin, but is not an executable. Be sure that the file is an executable or that it has executable permissions. brlapi-devel.i586: E: no-binary brltty-udev-generic.i586: E: no-binary The package should be of the noarch architecture because it doesn't contain any binaries. brltty.spec: W: no-%check-section The spec file does not contain an %check section. Please check if the package has a testsuite and what it takes to enable the testsuite as part of the package build. If it is not possible to run it in the build environment (OBS/koji) or no testsuite exists, then please ignore this warning. You should not insert an empty %check section. brltty.i586: E: missing-call-to-setgroups-before-setuid /usr/bin/brltty This executable is calling setuid and setgid without setgroups or initgroups. This means it didn't relinquish all groups, and this would be a potential security issue. brltty.i586: W: binary-or-shlib-calls-gethostbyname /usr/lib/brltty/libbrlttybvr.so The binary calls gethostbyname. Please port the code to use getaddrinfo. brltty.i586: W: bin-sh-syntax-error /usr/bin/brltty-mkuser A /bin/sh shell script contains a POSIX shell syntax error. This might indicate a potential bash-specific feature being used, try dash -n for more detailed error message. Check time report (>1% & >0.1s): Check Duration (in s) Fraction (in %) Checked files BinariesCheck 1.7 42.9 ExtractRpm 0.8 21.0 BashismsCheck 0.7 16.6 SignatureCheck 0.3 7.1 FilesCheck 0.1 3.6 SUIDPermissionsCheck 0.1 2.9 TOTAL 4.0 100.0 19 packages and 0 specfiles checked; 12 errors, 16 warnings, 67 filtered, 159 badness; has taken 4.1 s