MainInclusionReportSshFs

Revision 1 as of 2008-08-04 10:53:08

Clear message

Main Inclusion Report for sshfs

Requirements

  1. Availability: [http://archive.ubuntu.com/ubuntu/pool/universe/s/sshfs]; is available for all supported architectures ?

  2. Rationale:

    • With the support for local applications on thin clients in LTSP a way was needed to make the ltsp login manager (LDM) mount the homedir of the logged in user on the client. Since LDM uses ssh to connect to the server and already puts an ssh communication socket in place, the natural choice was to re-use this socket to establish an sshfs mount. To provide the localapps functionality out of the box as planned the ltsp-client package will have to depend on sshfs which means sshfs has to move to main and onto the Ubuntu alternate CD.
  3. Security:

    • [http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=sshfs CVE entries]: ...

    • [http://secunia.com/search/?search=sshfs Secunia history]: ...

    • No binaries are running as root or suid/sgid, sshfs wraps around the fuse filesystem and sftp.
    • Network activity: sshfs establishes a fuse network mount on top of a ssh connection. It is a client application, does not run any daemons and operates on the ssh standard ports.
    • Sshfs does not process binary (video, audio, etc) or structured (PDF, etc) data ?
    • Any source code review performed ? (The approver will do a quick and shallow check.)
  4. Quality assurance:

    • In what situations does the package not work out of the box without configuration ?
    • Does the package ask any debconf questions higher than priority 'medium' ?
    • [http://bugs.debian.org/src:SOURCE_PACKAGE_NAME Debian bugs]: (mention any that are particularly relevant, and any showstoppers)

    • [http://packages.qa.debian.org/S/SOURCE_PACKAGE_NAME.html Maintenance in Debian] is frenetic/vigorous/calm/dead ?

    • [http:// Upstream] is frenetic/vigorous/calm/dead ?

    • [http:// Upstream bug tracker]: (mention any particularly relevant or critical)

    • Hardware: Does this package deal with hardware and if so how exotic is it ?
    • Is there a test suite in the upstream source or packaging ? Is it enabled to run in the build ?
  5. Standards compliance:

  6. Dependencies:

    • ...
    • Are these all in main ?
  7. Background information:

    • The general purpose and context of the package should be clear from the package's debian/control file. If it isn't then please explain.
    • What do upstream call this software ? Has it had different names in the past ?

Reviewers

MIR bug: [https://launchpad.net/bugs/BUGNUMBER]

The author of this report should put their name here; reviewers will add comments etc. too