lintian: r859 - in trunk: checks debian testset testset/maintainer-scripts/debian
Author: rra
Date: 2007-04-25 06:21:22 +0200 (Wed, 25 Apr 2007)
New Revision: 859
Modified:
trunk/checks/scripts
trunk/checks/scripts.desc
trunk/debian/changelog
trunk/testset/maintainer-scripts/debian/postrm
trunk/testset/tags.maintainer-scripts
Log:
+ [RA] Check for maintainer scripts calling read (but exclude those
that include /usr/share/debconf/confmodule on the grounds that
they're probably only using it as a fallback). Based on a patch by
Luk Claes. (Closes: #231770)
Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts 2007-04-24 23:55:49 UTC (rev 858)
+++ trunk/checks/scripts 2007-04-25 04:21:22 UTC (rev 859)
@@ -452,7 +452,7 @@
or fail("cannot open maintainer script $filename for reading: $!");
my %warned;
- my ($saw_init, $saw_invoke);
+ my ($saw_init, $saw_invoke, $saw_debconf);
my $cat_string = "";
while (<C>) {
@@ -614,6 +614,12 @@
if (/\bgconftool(-2)?(\s|\Z)/) {
tag "gconftool-used-in-maintainer-script", "$file:$.";
}
+ if (m,/usr/share/debconf/confmodule,) {
+ $saw_debconf = 1;
+ }
+ if (m/^\s*read(?:\s|$)/ && !$saw_debconf && !$cat_string) {
+ tag "read-in-maintainer-script", "$file:$.";
+ }
}
if ($saw_init && ! $saw_invoke) {
Modified: trunk/checks/scripts.desc
===================================================================
--- trunk/checks/scripts.desc 2007-04-24 23:55:49 UTC (rev 858)
+++ trunk/checks/scripts.desc 2007-04-25 04:21:22 UTC (rev 859)
@@ -241,6 +241,14 @@
Info: Maintainer scripts must not create device files directly. They
should call MAKEDEV instead.
+Tag: read-in-maintainer-script
+Type: warning
+Ref: policy 3.9.1
+Info: This maintainer script appears to use read to get information from
+ the user. Prompting in maintainer scripts should be done by
+ communicating through a program such as debconf which conforms to the
+ Debian Configuration management specification, version 2 or higher.
+
Tag: possible-bashism-in-maintainer-script
Type: warning
Ref: policy 10.4
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2007-04-24 23:55:49 UTC (rev 858)
+++ trunk/debian/changelog 2007-04-25 04:21:22 UTC (rev 859)
@@ -33,8 +33,12 @@
Also avoid false positives when a package itself provides the
program its maintainer scripts use. Thanks, Daniel Leidert.
(Closes: #419461)
+ + [RA] Check for maintainer scripts calling read (but exclude those
+ that include /usr/share/debconf/confmodule on the grounds that
+ they're probably only using it as a fallback). Based on a patch by
+ Luk Claes. (Closes: #231770)
- -- Russ Allbery <rra@debian.org> Tue, 24 Apr 2007 16:55:44 -0700
+ -- Russ Allbery <rra@debian.org> Tue, 24 Apr 2007 21:18:56 -0700
lintian (1.23.29) unstable; urgency=low
Modified: trunk/testset/maintainer-scripts/debian/postrm
===================================================================
--- trunk/testset/maintainer-scripts/debian/postrm 2007-04-24 23:55:49 UTC (rev 858)
+++ trunk/testset/maintainer-scripts/debian/postrm 2007-04-25 04:21:22 UTC (rev 859)
@@ -2,8 +2,12 @@
update-alternatives --remove dummy /usr/bin/dummy-alternative
-echo "Hit enter"
-read
+# Normally read in a maintainer script is not kosher, but here we're going
+# to do it only if debconf doesn't exist.
+if ! test -f /usr/share/debconf/confmodule ; then
+ echo "Hit enter"
+ read
+fi
# neither of the following should be detected as postrm-unsafe-ldconfig
# intended, without quotes
Modified: trunk/testset/tags.maintainer-scripts
===================================================================
--- trunk/testset/tags.maintainer-scripts 2007-04-24 23:55:49 UTC (rev 858)
+++ trunk/testset/tags.maintainer-scripts 2007-04-25 04:21:22 UTC (rev 859)
@@ -52,4 +52,5 @@
W: maintainer-scripts: postinst-should-not-set-usr-doc-link
W: maintainer-scripts: postrm-does-not-purge-debconf
W: maintainer-scripts: postrm-has-useless-call-to-ldconfig
+W: maintainer-scripts: read-in-maintainer-script postinst:18
W: maintainer-scripts: update-alternatives-remove-called-in-postrm
Reply to: