[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

lintian: r884 - in trunk: checks debian testset testset/maintainer-scripts/debian

Author: rra
Date: 2007-05-03 06:05:47 +0200 (Thu, 03 May 2007)
New Revision: 884

Modified:
   trunk/checks/scripts
   trunk/checks/scripts.desc
   trunk/debian/changelog
   trunk/testset/maintainer-scripts/debian/postrm
   trunk/testset/tags.maintainer-scripts
Log:
  + [RA] Diagnose removal of device files in maintainer scripts per
    Policy 10.6.  (Closes: #268688)

Modified: trunk/checks/scripts
===================================================================
--- trunk/checks/scripts	2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/checks/scripts	2007-05-03 04:05:47 UTC (rev 884)
@@ -471,12 +471,12 @@
 		unless $warned{tmp};
 	    $warned{tmp} = 1;
 	}
-	if (m/^\s*killall(?:\s|$)/) {
+	if (m/^\s*killall(?:\s|\z)/) {
 	    tag "killall-is-dangerous", "$file:$."
 		unless $warned{killall};
 	    $warned{killall} = 1;
 	}
-	if (m/^\s*mknod(?:\s|$)/ and not m/\sp\s/) {
+	if (m/^\s*mknod(?:\s|\z)/ and not m/\sp\s/) {
 	    tag "mknod-in-maintainer-script", "$file:$.";
 	}
 
@@ -624,9 +624,12 @@
 	if (m,/usr/share/debconf/confmodule,) {
 	    $saw_debconf = 1;
 	}
-	if (m/^\s*read(?:\s|$)/ && !$saw_debconf && !$cat_string) {
+	if (m/^\s*read(?:\s|\z)/ && !$saw_debconf && !$cat_string) {
 	    tag "read-in-maintainer-script", "$file:$.";
 	}
+	if (m,^\s*rm\s+(.*\s)?/dev/, && !$cat_string) {
+	    tag "maintainer-script-removes-device-files", "$file:$.";
+	}
     }
 
     if ($saw_init && ! $saw_invoke) {

Modified: trunk/checks/scripts.desc
===================================================================
--- trunk/checks/scripts.desc	2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/checks/scripts.desc	2007-05-03 04:05:47 UTC (rev 884)
@@ -248,6 +248,12 @@
 Info: Maintainer scripts must not create device files directly.  They
  should call MAKEDEV instead.
 
+Tag: maintainer-script-removes-device-files
+Type: error
+Ref: policy 10.6
+Info: Maintainer scripts must not remove device files.  This is left to
+ the system administrator.
+
 Tag: read-in-maintainer-script
 Type: warning
 Ref: policy 3.9.1 

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/debian/changelog	2007-05-03 04:05:47 UTC (rev 884)
@@ -13,8 +13,10 @@
       Beckwith.  (Closes: #421549)
   * checks/scripts:
     + [RA] Add pagsh, provided by openafs-client and heimdal-clients.
+    + [RA] Diagnose removal of device files in maintainer scripts per
+      Policy 10.6.  (Closes: #268688)
 
- -- Russ Allbery <rra@debian.org>  Wed,  2 May 2007 20:52:55 -0700
+ -- Russ Allbery <rra@debian.org>  Wed,  2 May 2007 21:05:30 -0700
 
 lintian (1.23.30) unstable; urgency=low
 

Modified: trunk/testset/maintainer-scripts/debian/postrm
===================================================================
--- trunk/testset/maintainer-scripts/debian/postrm	2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/testset/maintainer-scripts/debian/postrm	2007-05-03 04:05:47 UTC (rev 884)
@@ -34,3 +34,7 @@
 if which ucf >/dev/null; then
     ucf --purge /etc/foo.conf
 fi    
+
+# This isn't allowed.
+rm /tmp/foo /dev/device
+rm	/dev/device1

Modified: trunk/testset/tags.maintainer-scripts
===================================================================
--- trunk/testset/tags.maintainer-scripts	2007-05-03 03:55:55 UTC (rev 883)
+++ trunk/testset/tags.maintainer-scripts	2007-05-03 04:05:47 UTC (rev 884)
@@ -8,6 +8,8 @@
 E: maintainer-scripts: interpreter-without-predep control/config #!/usr/bin/python
 E: maintainer-scripts: maintainer-script-calls-init-script-directly prerm:54
 E: maintainer-scripts: maintainer-script-does-not-check-for-existence-of-wm-menu-config postinst:31
+E: maintainer-scripts: maintainer-script-removes-device-files postrm:39
+E: maintainer-scripts: maintainer-script-removes-device-files postrm:40
 E: maintainer-scripts: maintainer-shell-script-fails-syntax-check prerm
 E: maintainer-scripts: no-copyright-file
 E: maintainer-scripts: postrm-contains-additional-updaterc.d-calls /etc/init.d/bar
@@ -48,6 +50,7 @@
 W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:34 '    kill -HUP'
 W: maintainer-scripts: possible-bashism-in-maintainer-script prerm:51 '${line:3:1}'
 W: maintainer-scripts: possibly-insecure-handling-of-tmp-files-in-maintainer-script postinst:50
+W: maintainer-scripts: possibly-insecure-handling-of-tmp-files-in-maintainer-script postrm:39
 W: maintainer-scripts: postinst-does-not-load-confmodule
 W: maintainer-scripts: postinst-should-not-set-usr-doc-link
 W: maintainer-scripts: postrm-does-not-purge-debconf
Reply to: