[MIR] libsecret

* debian/rules:
# Disable tests as they don't work for some reason
override_dh_auto_test:
Can you please check why they are not working? I would love packages in main getting upstream tests running when we have some, if possible (or in the QA DC if it needs the full environment).

Bonus point if you override dh_install with --fail-missing but that's not a requirement :)

You need to use --with gir right now to have the dep automagic detection of the gir package. We are discussing with seb about having that run by default, but for now, please, add it.

* debian/copyright:
in the LGPL2.1+ and GPL3+ stenzas, there are a missing space before Comment: (this can break the hopefully coming automagic parser)
This file is listing the sources and not the binary, consequently all licences should be listed separately. In that case, there are some LGPL2+ files and LGPL2.1+ files. Please separate them in debian/copyright.
COPYING is LPGL2+ anyway. So the LGPL2.1+ requirement isn't met. I checked with upstream about it and will submit a patch (everything will be LPGL2.1+, so prepare for that change)

I stopped checking that file and will check again after next submission, so maybe there are other dragons here ;)

* debian/libsecret-1-dev.install:
Any reason to ship the static library?

* debian/control:
libsecret-1-0 and libsecret-common have exactly the same short and long description. They should be different for apt-cache to be able to search and differentiate them.
the long description of gir1.2-secret-1 is the same than the one from libsecret-1-0 and
libsecret-1-dev will be able to be arch:all (but that's not compulsory) if you remove the .a

The code looks good IMHO, but I prefer the security team to give another look meanwhile.

the bug I was discussing about for the copyright is: https://bugzilla.gnome.org/show_bug.cgi?id=680781

the packaging issues and license problems should be mostly addressed with libsecret 0.8-0ubuntu1 in quantal, the test suit is still not running because the dbus tests don't like to be run by the packaging system (they work fine locally run though)

 * Builds with only main enabled
 * Has a small test suite but it is disabled due to dbus requirement
 * This package does not exist in Debian yet
 * It has a symbols file
 * Should have a bug subscriber
 * It has a watch file
 * Lintian warnings (lintian ../source/*dsc ../binary/*.deb). Two lintian warnings:
libsecret-tools_0.8-0ubuntu1_amd64.deb:
W: libsecret-tools: copyright-refers-to-deprecated-bsd-license-file
W: libsecret-tools: binary-without-manpage usr/bin/secret-tool
 * debian/rules is clean
 * It has some compiler warnings:
secret-methods.c:369:9: warning: 'items' may be used uninitialized in this function [-Wmaybe-uninitialized]
secret-tool.c:182:9: warning: ignoring return value of 'write', declared with attribute warn_unused_result [-Wunused-result]
 * No CVE history (the package is new). No initscripts or upstart jobs, no setuid, no use of fscaps, no use of sudo/su/pkexec, no installed dbus services (though it is designed to connect over dbus to a SecretService like gnome keyring daemon) and no cron jobs. It is built with hardening options (found 'Stack protected: no, not found!' but looks like no strings on the stack, so ok).
 * memory operations seem ok. there was some pretty hairy memory operations in egg/egg-secure-memory.c, but these are almost identical to what we have in gnome-keyring (which is also good for maintenance)

ACK, but please add a bug subscriber.

Moved to main.