lintian: r605 - in trunk: checks debian testset testset/maintainer-scripts/debian

To: debian-lint-maint@lists.debian.org
Subject: lintian: r605 - in trunk: checks debian testset testset/maintainer-scripts/debian
From: rra@debian.org
Date: Mon, 03 Apr 2006 07:33:20 +0200
Message-id: <[🔎] E1FQHgm-0005QV-Br@mordor.wolffelaar.nl>
Author: rra
Date: 2006-04-03 07:33:13 +0200 (Mon, 03 Apr 2006)
New Revision: 605

Modified:
   trunk/checks/scripts
   trunk/checks/scripts.desc
   trunk/debian/changelog
   trunk/testset/maintainer-scripts/debian/postinst
   trunk/testset/maintainer-scripts/debian/postrm
   trunk/testset/tags.maintainer-scripts
Log:
  + [RA] Find missing ucf dependencies and restructure the code to allow
    easier addition of similar checks.  (Closes: #261891)

Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/checks/scripts	2006-04-03 05:33:13 UTC (rev 605)
@@ -151,6 +151,16 @@
 				'zsh' => 'zsh'
 			       );
 
+# Appearance of one of these regexes in a maintainer script means that there
+# must be a dependency (or pre-dependency) on the given package.  The tag
+# reported is maintainer-script-needs-depends-on-%s, so be sure to update
+# scripts.desc when adding a new rule.
+my @depends_needed = (
+        [ adduser => '\badduser\b' ],
+        [ netbase => '\bupdate-inetd\b' ],
+        [ ucf => '\bucf\s' ],
+);
+
 my %executable = ();
 my %suid = ();
 my %ELF = ();
@@ -415,7 +425,7 @@
     open C, "$filename"
 	or fail("cannot open maintainer script $filename for reading: $!");
 
-    my ($warned_tmp, $warned_killall, $warned_netbase, $warned_adduser);
+    my %warned;
     my ($saw_init, $saw_invoke);
     my $cat_string = "";
 
@@ -425,13 +435,13 @@
 	chomp();
 	if (m,[^\w=](/var)?/tmp\b, and not m/\bmktemp\b/ and not m/\btempfile\b/ and not m/\bmkdir\b/) {
 	    tag "possibly-insecure-handling-of-tmp-files-in-maintainer-script", "$file:$."
-		unless $warned_tmp;
-	    $warned_tmp = 1;
+		unless $warned{tmp};
+	    $warned{tmp} = 1;
 	}
 	if (m/^\s*killall(?:\s|$)/) {
 	    tag "killall-is-dangerous", "$file:$."
-		unless $warned_killall;
-	    $warned_killall = 1;
+		unless $warned{killall};
+	    $warned{killall} = 1;
 	}
 	if (m/^\s*mknod(?:\s|$)/ and not m/\sp\s/) {
 	    tag "mknod-in-maintainer-script", "$file:$.";
@@ -554,24 +564,21 @@
 	if (m,\bsuidregister\b,) {
 	    tag "suidregister-used-in-maintainer-script", "$file";
 	}
-	if (m,\bupdate-inetd\b, && !$warned_netbase) {
-	    my $type = $deps{'netbase'};
-	    unless ($type and ($type eq 'depends' or $type eq 'pre-depends')) {
-		tag "maintainer-script-needs-depends-on-netbase", "$file";
-		$warned_netbase = 1;
-	    }
-	}
-	if (m,\badduser\b, && !$warned_adduser) {
-	    my $type = $deps{'adduser'};
-	    unless ($type and ($type eq 'depends' or $type eq 'pre-depends')) {
-		tag "maintainer-script-needs-depends-on-adduser", "$file";
-		$warned_adduser = 1;
-	    }
-	}
 	if ($file eq 'postrm') {
 	    if (m,update\-alternatives \-\-remove,) {
 		tag "update-alternatives-remove-called-in-postrm", "";
 	    }
+	} else {
+	    for my $rule (@depends_needed) {
+		my ($package, $regex) = @$rule;
+		if (/$regex/ && ! $warned{$package}) {
+		    my $type = $deps{$package};
+		    unless ($type and ($type eq 'depends' or $type eq 'pre-depends')) {
+			tag "maintainer-script-needs-depends-on-$package", "$file";
+			$warned{$package} = 1;
+		    }
+		}
+	    }
 	}
 	if (/invoke-rc.d.*\|\| exit 0/) {
 	    tag "maintainer-script-hides-init-failure", "$file:$.";

Modified: trunk/checks/scripts.desc
===================================================================
--- trunk/checks/scripts.desc	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/checks/scripts.desc	2006-04-03 05:33:13 UTC (rev 605)
@@ -266,6 +266,11 @@
 Info: This script calls adduser, but the package does not depend or
  pre-depend on the adduser package.
 
+Tag: maintainer-script-needs-depends-on-ucf
+Type: warning
+Info: This script calls ucf, but the package does not depend or pre-depend
+ on the ucf package.
+
 Tag: update-alternatives-remove-called-in-postrm
 Type: warning
 Info: 'update-alternatives --remove &lt;alternative&gt; foo' is called in the

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/debian/changelog	2006-04-03 05:33:13 UTC (rev 605)
@@ -41,6 +41,8 @@
       a typo.  Thanks, Marc Haber.  (Closes: #360214, #360216)
     + [RA] Warn when maintainer scripts run init scripts directly and
       don't use invoke-rc.d.  Thanks, Lars Wirzenius.  (Closes: #353659)
+    + [RA] Find missing ucf dependencies and restructure the code to allow
+      easier addition of similar checks.  (Closes: #261891)
 
   * collection/objdump-info:
     + [RA] Unset CDPATH before running cd to avoid strange effects from
@@ -50,7 +52,7 @@
   * lib/Util.pm:
     + [RA] Add system_env, like system but sanitizing the environment.
 
- -- Russ Allbery <rra@debian.org>  Sun,  2 Apr 2006 15:40:00 -0700
+ -- Russ Allbery <rra@debian.org>  Sun,  2 Apr 2006 22:32:37 -0700
 
 lintian (1.23.16) unstable; urgency=low
 

Modified: trunk/testset/maintainer-scripts/debian/postinst
===================================================================
--- trunk/testset/maintainer-scripts/debian/postinst	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/testset/maintainer-scripts/debian/postinst	2006-04-03 05:33:13 UTC (rev 605)
@@ -60,3 +60,6 @@
 else
     /etc/init.d/package start
 fi
+
+# Example ucf invocation.
+ucf /usr/share/foo/configuration /etc/foo.conf

Modified: trunk/testset/maintainer-scripts/debian/postrm
===================================================================
--- trunk/testset/maintainer-scripts/debian/postrm	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/testset/maintainer-scripts/debian/postrm	2006-04-03 05:33:13 UTC (rev 605)
@@ -23,3 +23,10 @@
 
 # Shouldn't provoke an error despite no invoke-rc.d.
 echo "/etc/init.d/package stop to stop something"
+
+# Shouldn't require a ucf dependency.  Unfortunately, right now that's
+# just because postrm isn't checked, not because we ensure that the
+# invocation is conditional.
+if which ucf >/dev/null; then
+    ucf --purge /etc/foo.conf
+fi    

Modified: trunk/testset/tags.maintainer-scripts
===================================================================
--- trunk/testset/tags.maintainer-scripts	2006-04-03 04:34:23 UTC (rev 604)
+++ trunk/testset/tags.maintainer-scripts	2006-04-03 05:33:13 UTC (rev 605)
@@ -27,6 +27,7 @@
 W: maintainer-scripts: maintainer-script-calls-deprecated-wm-menu-config postinst:31
 W: maintainer-scripts: maintainer-script-calls-init-script-directly prerm:54
 W: maintainer-scripts: maintainer-script-hides-init-failure postinst:55
+W: maintainer-scripts: maintainer-script-needs-depends-on-ucf postinst
 W: maintainer-scripts: missing-debconf-dependency
 W: maintainer-scripts: no-debconf-templates
 W: maintainer-scripts: possible-bashism-in-maintainer-script postinst:15 '. /usr/share/lintian/shell foo'
Reply to:
Prev by Date: Processed: Lintian bugs fixed in revision r604
Next by Date: Processed: Lintian bugs fixed in revision r605
Previous by thread: Processed: Lintian bugs fixed in revision r604
Next by thread: Processed: Lintian bugs fixed in revision r605
Index(es):
- Date
- Thread