REJECT: openerp-desktop

Jamie Strandboge jamie at canonical.com
Sat May 26 14:38:13 UTC 2012 

Hi,

I'm sorry to inform you that this package is being rejected for the
following:
 * the packaging uses native versioning. Usually this is a mistake. 
   The packaging should instead use an orig.tar.gz and a version of the
   form 1-0ubuntu1. This doesn't seem to ship any actual code, so this
   might be intentional.
 * debian/openerp-desktop.postinst sets the openerp database password in
   an insecure manner which allows other users to see it via /proc. 
   Both the 'psql' and the 'sed' command have this problem.
 * debian/openerp-desktop.postrm removes the openerp db user on package
   removal, which is not common. Normally users are removed on 'purge' 
   instead of 'remove' and often there is a debconf question to ask if
   the user should be removed when the package is purged
 * debian/openerp-desktop.templates: the Description field is ambiguous.
   I suggest something like "Create the OpenERP PostgreSQL user?"
 * debian/control list python* in Build-Depends, but there is no python
   code being shipped. These should be removed and the Build-Depends 
   should include the minimum requirements to build the package
 * debian/rules uses '--with python2', but there are no python files to
   ship
 * debian/copyright lists many files that are not included in this 
   package. It looks like the license was based on what was in
   openerp-core, but the files included in the openerp-desktop package
   are all packaging files. Perhaps this should be updated to have only
   the packager's information? (Guessing since I don't know the origin 
   of the package, but from debian/changelog, this seems to be the case)
 * The binaries are not lintian clean:
   $ lintian openerp-desktop_1_i386.changes:
   E: openerp-desktop: no-debconf-config
   W: openerp-desktop: postinst-uses-db-input

After making these changes, please feel free to reupload.

Thanks

-- 
Jamie Strandboge             | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-archive/attachments/20120526/2f80e7b1/attachment.pgp>

More information about the ubuntu-archive mailing list