Bug#543873: [checks/scripts] check example scripts too
Package: lintian
Version: 2.2.14
Severity: wishlist
Tags: patch
Hi,
Attached is a patch that enables most of the checks in 'scripts' for scripts
shipped as examples (in /usr/share/doc/<package>/examples/).
It adds some new tags that mimic the 'main' tags, but are of pedantic severity.
In order to avoid clutter in the main flow, the patch adds a wrapper function,
script_tag(), which checks if the filename looks like an example and uses the
"example-" tag prefix if it does. This required a swap of the informational
arguments when tagging as "wrong-path-for-interpreter".
I was not sure if 'pedantic' or 'info' is more suitable for Severity and
decided to err on the less annoying side :) Feel free to adjust.
Thanks for considering,
dam
-- System Information:
Debian Release: squeeze/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (450, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages lintian depends on:
ii binutils 2.19.51.20090805-1 The GNU assembler, linker and bina
ii diffstat 1.47-1 produces graph of changes introduc
ii dpkg-dev 1.15.3.1 Debian package development tools
ii file 5.03-1 Determines file type using "magic"
ii gettext 0.17-7 GNU Internationalization utilities
ii intltool-debian 0.35.0+20060710.1 Help i18n of RFC822 compliant conf
ii libapt-pkg-perl 0.1.24 Perl interface to libapt-pkg
ii libdigest-sha-perl 5.47-1 Perl extension for SHA-1/224/256/3
ii libipc-run-perl 0.84-1 Perl module for running processes
ii libparse-debianchange 1.1.1-2 parse Debian changelogs and output
ii libtimedate-perl 1.1600-9 Time and date functions for Perl
ii liburi-perl 1.37+dfsg-1 Manipulates and accesses URI strin
ii man-db 2.5.6-1 on-line manual pager
ii perl [libdigest-sha-p 5.10.0-25 Larry Wall's Practical Extraction
lintian recommends no packages.
Versions of packages lintian suggests:
pn binutils-multiarch <none> (no description available)
ii libtext-template-perl 1.45-1 Text::Template perl module
ii man-db 2.5.6-1 on-line manual pager
-- no debconf information
diff --git a/checks/scripts b/checks/scripts
index eb1785b..b7f9250 100644
--- a/checks/scripts
+++ b/checks/scripts
@@ -276,6 +276,15 @@ our @bashism_regexs = (
$LEADIN . qr'(sh|\$\{?SHELL\}?) [-+]O', # sh [-+]O
);
+# a local function to help use separate tags for example scripts
+sub script_tag {
+ my( $tag, $filename, @rest ) = @_;
+
+ $tag = "example-$tag"
+ if $filename and $filename =~ m,usr/share/doc/[^/]+/examples/,;
+
+ tag( $tag, $filename, @rest );
+}
sub run {
@@ -323,8 +332,12 @@ for my $filename (sort keys %{$info->scripts}) {
$filename = './' . $filename;
$scripts{$filename} = 1;
+ my $in_docs = $filename =~ m,usr/share/doc/,;
+ my $in_examples = $filename =~ m,usr/share/doc/[^/]+/examples/,;
+
# no checks necessary at all for scripts in /usr/share/doc/
- next if $filename =~ m,usr/share/doc/,;
+ # unless they are examples
+ next if $in_docs and !$in_examples;
my ($base) = $interpreter =~ m,([^/]*)$,;
@@ -337,15 +350,15 @@ for my $filename (sort keys %{$info->scripts}) {
# an absolute path and are not in a bin/ directory (/usr/bin, /bin etc)
# They are probably not scripts after all.
next if ($filename !~ m,(bin/|etc/init\.d/), and !$executable{$filename}
- and !$is_absolute);
+ and !$is_absolute and !$in_examples);
if ($interpreter eq "") {
- tag("script-without-interpreter", $filename);
+ script_tag("script-without-interpreter", $filename);
next;
}
# Either they use an absolute path or they use '/usr/bin/env interp'.
- tag("interpreter-not-absolute", $filename, "#!$interpreter")
+ script_tag("interpreter-not-absolute", $filename, "#!$interpreter")
unless $is_absolute;
tag("script-not-executable", $filename)
unless ($executable{$filename}
@@ -356,13 +369,15 @@ for my $filename (sort keys %{$info->scripts}) {
or $filename =~ m,\.ex$,
or $filename eq './etc/init.d/skeleton'
or $filename =~ m,^\./etc/menu-methods,
- or $filename =~ m,^\./etc/X11/Xsession\.d,);
+ or $filename =~ m,^\./etc/X11/Xsession\.d,)
+ or $in_docs;
# Warn about csh scripts.
tag("csh-considered-harmful", $filename)
if (($base eq 'csh' or $base eq 'tcsh')
and $executable{$filename}
- and $filename !~ m,^\./etc/csh/login\.d/,);
+ and $filename !~ m,^\./etc/csh/login\.d/,)
+ and !$in_docs;
# Syntax-check most shell scripts, but don't syntax-check scripts that end
# in .dpatch. bash -n doesn't stop checking at exit 0 and goes on to blow
@@ -375,7 +390,7 @@ for my $filename (sort keys %{$info->scripts}) {
and $base !~ m/^(z|t?c)sh$/) {
if (check_script_syntax($interpreter, "unpacked/$filename")) {
- tag("shell-script-fails-syntax-check", $filename);
+ script_tag("shell-script-fails-syntax-check", $filename);
}
}
}
@@ -398,20 +413,20 @@ for my $filename (sort keys %{$info->scripts}) {
if ($data) {
my $expected = $data->[0] . '/' . $base;
unless ($interpreter eq $expected or defined $calls_env) {
- tag("wrong-path-for-interpreter",
- "#!$interpreter != $expected", "($filename)");
+ script_tag("wrong-path-for-interpreter", $filename,
+ "(#!$interpreter != $expected)");
}
} elsif ($interpreter =~ m,/usr/local/,) {
- tag("interpreter-in-usr-local", $filename, "#!$interpreter");
+ script_tag("interpreter-in-usr-local", $filename, "#!$interpreter");
} elsif ($executable{'.' . $interpreter}) {
# Package installs the interpreter itself, so it's probably ok. Don't
# emit any tag for this.
} elsif ($base eq 'suidperl') {
tag("calls-suidperl-directly", $filename);
} elsif ($interpreter eq '/bin/env') {
- tag("script-uses-bin-env", $filename);
+ script_tag("script-uses-bin-env", $filename);
} else {
- tag("unusual-interpreter", $filename, "#!$interpreter");
+ script_tag("unusual-interpreter", $filename, "#!$interpreter");
}
# Do some additional checks on shell scripts in /etc. This should
@@ -452,7 +467,7 @@ for my $filename (sort keys %{$info->scripts}) {
# If we found the interpreter and the script is executable, check
# dependencies. This should be the last thing we do in the loop so that
# we can use next for an early exit and reduce the nesting.
- next unless ($data && $executable{$filename});
+ next unless ($data && $executable{$filename} and !$in_docs);
if (!$versioned) {
my $depends = $data->[1];
if (not defined $depends) {
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 21a4e5c..27932c4 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -12,6 +12,12 @@ Certainty: certain
Info: This file starts with the #! sequence that identifies scripts, but
it does not name an interpreter.
+Tag: example-script-without-interpreter
+Severity: pedantic
+Certainty: certain
+Info: This file starts with the #! sequence that identifies scripts, but
+ it does not name an interpreter.
+
Tag: executable-not-elf-or-script
Severity: normal
Certainty: certain
@@ -33,6 +39,13 @@ Info: This script uses a relative path to locate its interpreter.
This path will be taken relative to the caller's current directory, not
the script's, so it is not likely to be what was intended.
+Tag: example-interpreter-not-absolute
+Severity: pedantic
+Certainty: certain
+Info: This script uses a relative path to locate its interpreter.
+ This path will be taken relative to the caller's current directory, not
+ the script's, so it is not likely to be what was intended.
+
Tag: unusual-interpreter
Severity: normal
Certainty: possible
@@ -41,6 +54,14 @@ Info: This package contains a script for an interpreter that the Lintian
interpreter. If not, please file a wishlist bug on lintian so that the
Lintian maintainers can add this interpreter to their list.
+Tag: example-unusual-interpreter
+Severity: pedantic
+Certainty: possible
+Info: This package contains an example script for an interpreter that the
+ Lintian maintainers have not heard of. It could be a typo for a common
+ interpreter. If not, please file a wishlist bug on lintian so that the
+ Lintian maintainers can add this interpreter to their list.
+
Tag: script-uses-bin-env
Severity: normal
Certainty: certain
@@ -49,6 +70,13 @@ Info: This script uses /bin/env as its interpreter (used to find the
systems; env is instead installed as /usr/bin/env. Usually, the path to
env in the script should be changed.
+Tag: example-script-uses-bin-env
+Severity: pedantic
+Certainty: certain
+Info: This example script uses /bin/env as its interpreter (used to find
+ the actual interpreter on the user's path). There is no /bin/env on
+ Debian systems; env is instead installed as /usr/bin/env.
+
Tag: forbidden-config-interpreter
Severity: important
Certainty: certain
@@ -90,6 +118,13 @@ Info: This package contains a script that looks for an interpreter in a
directory in /usr/local. Since Debian does not install anything in
/usr/local, this is the wrong place to look.
+Tag: example-interpreter-in-usr-local
+Severity: pedantic
+Certainty: certain
+Info: This package contains an example script that looks for an
+ interpreter in a directory in /usr/local. Since Debian does not install
+ anything in /usr/local, this is the wrong place to look.
+
Tag: control-interpreter-in-usr-local
Severity: serious
Certainty: certain
@@ -153,6 +188,12 @@ Certainty: certain
Info: The interpreter you used is installed at another location on Debian
systems.
+Tag: example-wrong-path-for-interpreter
+Severity: pedantic
+Certainty: certain
+Info: The interpreter used is installed at another location on Debian
+ systems.
+
Tag: gawk-script-but-no-gawk-dep
Severity: important
Certainty: certain
@@ -258,6 +299,14 @@ Info: Running this shell script with the shell's -n option set fails,
.
Run e.g. <tt>sh -n yourscript</tt> to see the errors yourself.
+Tag: example-shell-script-fails-syntax-check
+Severity: pedantic
+Certainty: certain
+Info: Running this shell script with the shell's -n option set fails,
+ which means that the script has syntax errors.
+ .
+ Run e.g. <tt>sh -n yourscript</tt> to see the errors yourself.
+
Tag: maintainer-shell-script-fails-syntax-check
Severity: serious
Certainty: certain
Reply to: