[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[lintian] 01/03: Service is reserved to system admin

This is an automated email from the git hooks/post-receive script.

broucaries-guest pushed a commit to branch master
in repository lintian.

commit cd33695a6bf7af50d9a5c2cd3d31360b08144528
Author: Bastien ROUCARIÈS <roucaries.bastien@gmail.com>
Date:   Mon Dec 23 12:05:51 2013 +0100

    Service is reserved to system admin
    
    Closes: #656229
    
    Signed-off-by: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
---
 checks/scripts.desc                                       | 8 ++++++++
 data/scripts/maintainer-script-bad-command                | 1 +
 debian/changelog                                          | 3 +++
 t/tests/scripts-maintainer-general/debian/debian/postinst | 3 +++
 t/tests/scripts-maintainer-general/desc                   | 1 +
 t/tests/scripts-maintainer-general/tags                   | 1 +
 6 files changed, 17 insertions(+)

diff --git a/checks/scripts.desc b/checks/scripts.desc
index f297519..6e03135 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -593,6 +593,14 @@ Info: The maintainer script apparently runs install-sgmlcatalog.
  Given how long ago this transition was, consider removing it
  entirely.
 
+Tag: maintainer-script-should-not-use-service
+Severity: important
+Certainty: certain
+Experimental: yes
+Info: The maintainer script apparently runs service command.
+ This command is reserved for local
+ administrators and must never be used by a Debian package.
+
 Tag: maintainer-script-should-not-use-adduser-system-without-home
 Severity: serious
 Certainty: certain
diff --git a/data/scripts/maintainer-script-bad-command b/data/scripts/maintainer-script-bad-command
index 14c2306..d9af342 100644
--- a/data/scripts/maintainer-script-bad-command
+++ b/data/scripts/maintainer-script-bad-command
@@ -37,6 +37,7 @@ maintainer-script-should-not-use-dpkg-status-directly           ~~ 1 ~~^(base-fi
 maintainer-script-should-not-use-fc-cache                       ~~ 0 ~~^(fontconfig)$      ~~          ~~${LEADIN}(?:/usr/bin/)?fc-cache(?:\s|\Z)
 maintainer-script-should-not-use-gconftool                      ~~ 1 ~~^(gconf\d)$         ~~          ~~(?:/usr/bin/)?gconftool(?:-\d)?(?:\s|\Z)
 maintainer-script-should-not-use-install-sgmlcatalog            ~~ 1 ~~                    ~~          ~~\binstall-sgmlcatalog\b
+maintainer-script-should-not-use-service                        ~~ 1 ~~                    ~~          ~~${LEADIN}service\b
 maintainer-script-should-not-use-start-stop-daemon              ~~ 0 ~~                    ~~          ~~\bstart-stop-daemon(?=\s)(?!.*\s--stop\b)
 maintainer-script-should-not-use-update-alternatives-remove     ~~ 1 ~~                    ~~^postrm$  ~~\b update\-alternatives\s+\-\-remove\b
 maintainer-script-should-not-use-update-alternatives-set        ~~ 1 ~~                    ~~          ~~\b update\-alternatives\s+\-\-(?:set|set\-selections|config)\b
diff --git a/debian/changelog b/debian/changelog
index a264fa7..410bcde 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -26,6 +26,9 @@ lintian (2.5.21) UNRELEASED; urgency=medium
       to debian-rules-should-not-use-or-modify-user-only-variable.
     + [BR] Warn about the wrong dh --with autotools-dev (Closes: #731248).
 
+  * data/scripts/maintainer-script-bad-command:
+    + [BR] Service is reserved to system admin (Closes: #656229).
+
   * debian/control:
     + [NT] Add relevant relations on libyaml-perl, which is
       now used by harness.
diff --git a/t/tests/scripts-maintainer-general/debian/debian/postinst b/t/tests/scripts-maintainer-general/debian/debian/postinst
index d2c67c4..e1b4abe 100755
--- a/t/tests/scripts-maintainer-general/debian/debian/postinst
+++ b/t/tests/scripts-maintainer-general/debian/debian/postinst
@@ -152,4 +152,7 @@ adduser --system bar --home /var/lib/bar
 # other test case for gconftool
 /usr/bin/gconftool-2 --makefile-install-rule foo.schema
 
+# service
+service apache2 start
+
 #DEBHELPER#
diff --git a/t/tests/scripts-maintainer-general/desc b/t/tests/scripts-maintainer-general/desc
index 6d6fa52..c35a552 100644
--- a/t/tests/scripts-maintainer-general/desc
+++ b/t/tests/scripts-maintainer-general/desc
@@ -27,6 +27,7 @@ Test-For:
  maintainer-script-should-not-modify-ld-so-conf
  maintainer-script-should-not-modify-netbase-managed-file
  maintainer-script-should-not-use-start-stop-daemon
+ maintainer-script-should-not-use-service
  maintainer-script-should-not-use-update-alternatives-remove
  maintainer-script-should-not-use-update-alternatives-set
  mknod-in-maintainer-script
diff --git a/t/tests/scripts-maintainer-general/tags b/t/tests/scripts-maintainer-general/tags
index e2a5f36..67f1e93 100644
--- a/t/tests/scripts-maintainer-general/tags
+++ b/t/tests/scripts-maintainer-general/tags
@@ -37,3 +37,4 @@ W: scripts-maintainer-general: maintainer-script-should-not-use-start-stop-daemo
 W: scripts-maintainer-general: maintainer-script-should-not-use-update-alternatives-remove postrm:7
 W: scripts-maintainer-general: maintainer-script-should-not-use-update-alternatives-set postinst:129
 W: scripts-maintainer-general: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:26
+X: scripts-maintainer-general: maintainer-script-should-not-use-service postinst:156

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: