lintian: r884 - in trunk: checks debian testset testset/maintainer-scripts/debian
Author: rra
Date: 2007-05-03 06:05:47 +0200 (Thu, 03 May 2007)
New Revision: 884
Modified:
trunk/checks/scripts
trunk/checks/scripts.desc
trunk/debian/changelog
trunk/testset/maintainer-scripts/debian/postrm
trunk/testset/tags.maintainer-scripts
Log:
+ [RA] Diagnose removal of device files in maintainer scripts per
Policy 10.6. (Closes: #268688)
Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts 2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/checks/scripts 2007-05-03 04:05:47 UTC (rev 884)
@@ -471,12 +471,12 @@
unless $warned{tmp};
$warned{tmp} = 1;
}
- if (m/^\s*killall(?:\s|$)/) {
+ if (m/^\s*killall(?:\s|\z)/) {
tag "killall-is-dangerous", "$file:$."
unless $warned{killall};
$warned{killall} = 1;
}
- if (m/^\s*mknod(?:\s|$)/ and not m/\sp\s/) {
+ if (m/^\s*mknod(?:\s|\z)/ and not m/\sp\s/) {
tag "mknod-in-maintainer-script", "$file:$.";
}
@@ -624,9 +624,12 @@
if (m,/usr/share/debconf/confmodule,) {
$saw_debconf = 1;
}
- if (m/^\s*read(?:\s|$)/ && !$saw_debconf && !$cat_string) {
+ if (m/^\s*read(?:\s|\z)/ && !$saw_debconf && !$cat_string) {
tag "read-in-maintainer-script", "$file:$.";
}
+ if (m,^\s*rm\s+(.*\s)?/dev/, && !$cat_string) {
+ tag "maintainer-script-removes-device-files", "$file:$.";
+ }
}
if ($saw_init && ! $saw_invoke) {
Modified: trunk/checks/scripts.desc
===================================================================
--- trunk/checks/scripts.desc 2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/checks/scripts.desc 2007-05-03 04:05:47 UTC (rev 884)
@@ -248,6 +248,12 @@
Info: Maintainer scripts must not create device files directly. They
should call MAKEDEV instead.
+Tag: maintainer-script-removes-device-files
+Type: error
+Ref: policy 10.6
+Info: Maintainer scripts must not remove device files. This is left to
+ the system administrator.
+
Tag: read-in-maintainer-script
Type: warning
Ref: policy 3.9.1
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/debian/changelog 2007-05-03 04:05:47 UTC (rev 884)
@@ -13,8 +13,10 @@
Beckwith. (Closes: #421549)
* checks/scripts:
+ [RA] Add pagsh, provided by openafs-client and heimdal-clients.
+ + [RA] Diagnose removal of device files in maintainer scripts per
+ Policy 10.6. (Closes: #268688)
- -- Russ Allbery <rra@debian.org> Wed, 2 May 2007 20:52:55 -0700
+ -- Russ Allbery <rra@debian.org> Wed, 2 May 2007 21:05:30 -0700
lintian (1.23.30) unstable; urgency=low
Modified: trunk/testset/maintainer-scripts/debian/postrm
===================================================================
--- trunk/testset/maintainer-scripts/debian/postrm 2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/testset/maintainer-scripts/debian/postrm 2007-05-03 04:05:47 UTC (rev 884)
@@ -34,3 +34,7 @@
if which ucf >/dev/null; then
ucf --purge /etc/foo.conf
fi
+
+# This isn't allowed.
+rm /tmp/foo /dev/device
+rm /dev/device1
Modified: trunk/testset/tags.maintainer-scripts
===================================================================
--- trunk/testset/tags.maintainer-scripts 2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/testset/tags.maintainer-scripts 2007-05-03 04:05:47 UTC (rev 884)
@@ -8,6 +8,8 @@
E: maintainer-scripts: interpreter-without-predep control/config #!/usr/bin/python
E: maintainer-scripts: maintainer-script-calls-init-script-directly prerm:54
E: maintainer-scripts: maintainer-script-does-not-check-for-existence-of-wm-menu-config postinst:31
+E: maintainer-scripts: maintainer-script-removes-device-files postrm:39
+E: maintainer-scripts: maintainer-script-removes-device-files postrm:40
E: maintainer-scripts: maintainer-shell-script-fails-syntax-check prerm
E: maintainer-scripts: no-copyright-file
E: maintainer-scripts: postrm-contains-additional-updaterc.d-calls /etc/init.d/bar
@@ -48,6 +50,7 @@
W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:34 ' kill -HUP'
W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:51 '${line:3:1}'
W: maintainer-scripts: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:50
+W: maintainer-scripts: possibly-insecure-handling-of-tmp-files-in-maintainer-script postrm:39
W: maintainer-scripts: postinst-does-not-load-confmodule
W: maintainer-scripts: postinst-should-not-set-usr-doc-link
W: maintainer-scripts: postrm-does-not-purge-debconf
Reply to: