From the official packageing guidelines TO BE REFINED
MUST Items:
1. rpmlint must be run on every package. The output should be posted in the review.
1. The package must be named according to the Package Naming Guidelines
1. The spec file name must match the base package %{name}, in the format %{name}.spec
1. The spec file must be written in American English.
1. The spec file for the package MUST be legible.
1. Each package must consistently use macros, as described in the macros section of Packaging Guidelines
1. Each package must have a %clean section, which contains rm -rf %{buildroot}
1. The package must meet the Packaging Guidelines
1. The package must be licensed with an open-source compatible license and meet other legal requirements as defined in the Packaging Guidelines 1. The License field in the package spec file must match the actual license. 1. If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %doc. 1. The package must contain code, or permissable content. This is described in detail in the [wiki:Self:Packaging/Guidelines#CodeVsContent code vs. content section of Packaging Guidelines] .
1. The sources used to build the package must match the upstream source, as provided in the spec URL. Reviewers should use md5sum for this task.
1. The package must successfully compile and build into binary rpms on at least one supported architecture.
1. All build dependencies must be listed in BuildRequires, except for any that are listed in the [wiki:Self:Packaging/Guidelines#Exceptions exceptions section of Packaging Guidelines] ; inclusion of those as BuildRequires is optional. Apply common sense.
1. If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in ExcludeArch.
1. The spec file MUST handle locales properly. This is done by using the %find_lang macro. Using %{_datadir}/locale/* is strictly forbidden.
1. Every binary RPM package which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun. If the package has multiple subpackages with libraries, each subpackage should also have a %post/%postun section that calls /sbin/ldconfig. An example of the correct syntax for this is:
%post -p /sbin/ldconfig %postun -p /sbin/ldconfig
1. If the package is designed to be relocatable, the packager must state this fact in the request for review, along with the rationalization for relocation of that specific package. Without this, use of Prefix: /usr is considered a blocker.
1. A package must own all directories that it creates. If it does not create a directory that it uses, then it should require a package which does create that directory. The exception to this are directories listed explicitly in the Filesystem Hierarchy Standard (http://www.pathname.com/fhs/pub/fhs-2.3.html), as it is safe to assume that those directories exist.
1. A package must not contain any duplicate files in the %files listing.
1. Permissions on files must be set properly. Executables should be set with executable permissions, for example. Every %files section must include a %defattr(...) line.
1. Large documentation files should go in a -doc subpackage. (The definition of large is left up to the packager's best judgement, but is not restricted to size. Large can refer to either size or quantity)
1. If a package includes something as %doc, it must not affect the runtime of the application. To summarize: If it is in %doc, the program must run properly if it is not present.
1. Header files must be in a -devel package.
1. Static libraries must be in a -static package.
1. Packages containing pkgconfig(.pc) files must 'Requires: pkgconfig' (for directory ownership and usability).
1. If a package contains library files with a suffix (e.g. libfoo.so.1.1), then library files that end in .so (without suffix) must go in a -devel package.
1. In the vast majority of cases, devel packages must require the base package using a fully versioned dependency: Requires: %{name} = %{version}-%{release}
1. Packages must NOT contain any .la libtool archives, these should be removed in the spec.
1. Packages containing GUI applications must include a %{name}.desktop file, and that file must be properly installed with desktop-file-install in the %install section.
1. Packages must not own files or directories already owned by other packages.
SHOULD Items: 1. If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. 1. The description and summary sections in the package spec file should contain translations for supported Non-English languages, if available. 1. The reviewer should test that the package builds in mock. 1. The package should compile and build into binary rpms on all supported architectures. 1. The reviewer should test that the package functions as described. A package should not segfault instead of running, for example. 1. If scriptlets are used, those scriptlets must be sane. This is vague, and left up to the reviewers judgement to determine sanity. 1. Usually, subpackages other than devel should require the base package using a fully versioned dependency. 1. The placement of pkgconfig(.pc) files depends on their usecase, and this is usually for development purposes, so should be placed in a -devel pkg. A reasonable exception is that the main pkg itself is a devel tool not installed in a user runtime, e.g. gcc or gdb. 1. If the package has file dependencies outside of /etc, /bin, /sbin, /usr/bin, or /usr/sbin consider requiring the package which provides the file instead of the file itself. Please see File Dependencies in the Guidelines for further information.