============================ rpmlint session starts ============================
rpmlint: 2.5.0
configuration:
    /opt/testing/lib64/python3.11/rpmlint/configdefaults.toml
    /opt/testing/share/rpmlint/cron-whitelist.toml
    /opt/testing/share/rpmlint/dbus-services.toml
    /opt/testing/share/rpmlint/device-files-whitelist.toml
    /opt/testing/share/rpmlint/licenses.toml
    /opt/testing/share/rpmlint/opensuse.toml
    /opt/testing/share/rpmlint/pam-modules.toml
    /opt/testing/share/rpmlint/permissions-whitelist.toml
    /opt/testing/share/rpmlint/pie-executables.toml
    /opt/testing/share/rpmlint/polkit-rules-whitelist.toml
    /opt/testing/share/rpmlint/scoring.toml
    /opt/testing/share/rpmlint/security.toml
    /opt/testing/share/rpmlint/sudoers-whitelist.toml
    /opt/testing/share/rpmlint/sysctl-whitelist.toml
    /opt/testing/share/rpmlint/systemd-tmpfiles.toml
    /opt/testing/share/rpmlint/users-groups.toml
    /opt/testing/share/rpmlint/world-writable-whitelist.toml
    /opt/testing/share/rpmlint/zypper-plugins.toml
checks: 41, packages: 9

openssh-cavs.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/cavstest-ctr
openssh-cavs.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/cavstest-kdf
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/scp
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/sftp
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/ssh
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/ssh-add
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/ssh-agent
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/bin/ssh-keyscan
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/ssh-keysign
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/ssh-pkcs11-helper
openssh-clients.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/ssh-sk-helper
openssh-common.x86_64: W: unstripped-binary-or-object /usr/bin/ssh-keygen
openssh-helpers.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/ssh-ldap-helper
openssh-server.x86_64: W: unstripped-binary-or-object /usr/libexec/ssh/sftp-server
openssh-server.x86_64: W: unstripped-binary-or-object /usr/sbin/sshd
This executable should be stripped from debugging symbols, in order to take
less space and be loaded faster. This is usually done automatically at
buildtime by rpm.

openssh-fips.x86_64: E: script-without-shebang /usr/bin/ssh.hmac
openssh-fips.x86_64: E: script-without-shebang /usr/sbin/sshd.hmac
This text file has executable bits set or is located in a path dedicated for
executables, but lacks a shebang and cannot thus be executed. If the file is
meant to be an executable script, add the shebang, otherwise remove the
executable bits or move the file elsewhere.

openssh-fips.x86_64: W: obsolete-not-provided openssh-hmac
If a package is obsoleted by a compatible replacement, the obsoleted package
should also be provided in order to not cause unnecessary dependency breakage.
If the obsoleting package is not a compatible replacement for the old one,
leave out the Provides.

openssh-fips.x86_64: W: non-executable-in-bin /usr/bin/ssh.hmac 444
openssh-fips.x86_64: W: non-executable-in-bin /usr/sbin/sshd.hmac 444
A file is being installed in /usr/bin, but is not an executable. Be sure that
the file is an executable or that it has executable permissions.

openssh-server.x86_64: W: non-etc-or-var-file-marked-as-conffile /usr/etc/ssh/sshd_config
openssh-server.x86_64: W: non-etc-or-var-file-marked-as-conffile /usr/etc/ssh/sshd_config.d/40-suse-crypto-policies.conf
A file not in /etc or /var is marked as being a configuration file (%config).
Please put your configuration files in /etc or /var.

openssh.x86_64: E: no-binary
openssh-fips.x86_64: E: no-binary
openssh-server-config-rootlogin.x86_64: E: no-binary
The package should be of the noarch architecture because it doesn't contain
any binaries.

openssh.spec: W: no-%check-section
The spec file does not contain an %check section. Please check if the package
has a testsuite and what it takes to enable the testsuite as part of the
package build. If it is not possible to run it in the build environment
(OBS/koji) or no testsuite exists, then please ignore this warning. You should
not insert an empty %check section.

openssh-clients.x86_64: E: missing-call-to-setgroups-before-setuid /usr/libexec/ssh/ssh-keysign
This executable is calling setuid and setgid without setgroups or initgroups.
This means it didn't relinquish all groups, and this would be a potential
security issue.

openssh.spec:447: W: macro-in-comment %{buildroot}
There is a unescaped macro after a shell style comment in the specfile. Macros
are expanded everywhere, so check if it can cause a problem in this case and
escape the macro with another leading % if appropriate.

Check time report (>1% & >0.1s):
    Check                            Duration (in s)   Fraction (in %)  Checked files
    BinariesCheck                                0.2              26.5               
    BashismsCheck                                0.2              24.2               
    SpecCheck                                    0.1              16.0               
    ExtractRpm                                   0.1              11.7               
    TOTAL                                        0.9             100.0               

 9 packages and 0 specfiles checked; 6 errors, 22 warnings, 48 filtered, 6 badness; has taken 0.9 s