Bug#623031: lintian: Please add check for packages using /run and /run/lock
Package: lintian
Version: 2.5.0~rc2
Severity: normal
Tags: patch
Hi,
Lintian currently warns about packages putting files in /var/run
and /var/lock. The attached patch does the same for /run and
/run/lock. [This could be simplified to be just for /run since
any file in any subdirectory is a bug]
Note that while I updated the testsuite, I'm not sufficiently
familiar with lintian to do this properly, so it might need
some tweaking. Hopefully it's useful as a starting point
though.
Many thanks,
Roger
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (550, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages lintian depends on:
ii binutils 2.21.0.20110327-3 The GNU assembler, linker and bina
ii diffstat 1.54-1 produces graph of changes introduc
ii dpkg-dev 1.16.0.1 Debian package development tools
ii file 5.04-5+b1 Determines file type using "magic"
ii gettext 0.18.1.1-3 GNU Internationalization utilities
ii intltool-debian 0.35.0+20060710.1 Help i18n of RFC822 compliant conf
ii libapt-pkg-perl 0.1.24+b1 Perl interface to libapt-pkg
ii libclass-accessor-perl 0.34-1 Perl module that automatically gen
ii libdigest-sha-perl 5.61-1 Perl extension for SHA-1/224/256/3
ii libemail-valid-perl 0.184-1 Perl module for checking the valid
ii libipc-run-perl 0.89-1 Perl module for running processes
ii libparse-debianchangel 1.2.0-1 parse Debian changelogs and output
ii libtimedate-perl 1.2000-1 collection of modules to manipulat
ii liburi-perl 1.58-1 module to manipulate and access UR
ii locales 2.11.2-13 Embedded GNU C Library: National L
ii man-db 2.6.0.2-1 on-line manual pager
ii perl [libdigest-sha-pe 5.10.1-19 Larry Wall's Practical Extraction
lintian recommends no packages.
Versions of packages lintian suggests:
pn binutils-multiarch <none> (no description available)
ii libtext-template-perl 1.45-2 Text::Template perl module
ii man-db 2.6.0.2-1 on-line manual pager
-- no debconf information
diff --git a/checks/files b/checks/files
index bc0545e..a2ce0b3 100644
--- a/checks/files
+++ b/checks/files
@@ -614,6 +614,12 @@ foreach my $file (@{$info->sorted_index}) {
tag 'non-standard-dir-in-var', $file;
}
# ---------------- /var/lock, /var/run
+ elsif ($type ne 'udeb' and $file =~ m,^run/lock/.,) {
+ tag 'dir-or-file-in-run-lock', $file;
+ }
+ elsif ($type ne 'udeb' and $file =~ m,^run/.,) {
+ tag 'dir-or-file-in-run', $file;
+ }
elsif ($type ne 'udeb' and $file =~ m,^var/lock/.,) {
tag 'dir-or-file-in-var-lock', $file;
}
diff --git a/checks/files.desc b/checks/files.desc
index 76dbf9f..0362442 100644
--- a/checks/files.desc
+++ b/checks/files.desc
@@ -404,6 +404,20 @@ Severity: important
Certainty: certain
Info: Documentation files should be owned by <tt>root/root</tt>.
+Tag: dir-or-file-in-run-lock
+Severity: serious
+Certainty: possible
+Info: <tt>/run/lock</tt> may be a temporary filesystem, so any directories
+ or files needed there must be created dynamically at boot time.
+Ref: policy 9.3.2
+
+Tag: dir-or-file-in-run
+Severity: serious
+Certainty: possible
+Info: <tt>/run</tt> may be a temporary filesystem, so any directories
+ or files needed there must be created dynamically at boot time.
+Ref: policy 9.3.2
+
Tag: dir-or-file-in-var-lock
Severity: serious
Certainty: possible
diff --git a/t/tests/files-foo-in-bar/debian/debian/dirs b/t/tests/files-foo-in-bar/debian/debian/dirs
index 28789e8..fe22a7b 100644
--- a/t/tests/files-foo-in-bar/debian/debian/dirs
+++ b/t/tests/files-foo-in-bar/debian/debian/dirs
@@ -1,5 +1,7 @@
bin/foo
mnt/foo
+run/foo
+run/lock/foo
tmp/foo
usr/bin/foo
usr/foo
diff --git a/t/tests/files-foo-in-bar/debian/debian/install b/t/tests/files-foo-in-bar/debian/debian/install
index 14646e2..4d2fb4d 100644
--- a/t/tests/files-foo-in-bar/debian/debian/install
+++ b/t/tests/files-foo-in-bar/debian/debian/install
@@ -2,6 +2,7 @@ bar bin/foo
bar etc/udev/rules.d
bar mnt/foo
bar run/foo
+bar run/lock/foo
bar srv/foo
bar tmp/foo
bar usr/bin/foo
diff --git a/t/tests/files-foo-in-bar/desc b/t/tests/files-foo-in-bar/desc
index 5c235b6..224d9cb 100644
--- a/t/tests/files-foo-in-bar/desc
+++ b/t/tests/files-foo-in-bar/desc
@@ -6,6 +6,7 @@ Test-For:
dir-in-usr-local
dir-or-file-in-mnt
dir-or-file-in-run
+ dir-or-file-in-run-lock
dir-or-file-in-srv
dir-or-file-in-tmp
dir-or-file-in-var-lock
diff --git a/t/tests/files-foo-in-bar/tags b/t/tests/files-foo-in-bar/tags
index 38c342b..e55d282 100644
--- a/t/tests/files-foo-in-bar/tags
+++ b/t/tests/files-foo-in-bar/tags
@@ -7,6 +7,10 @@ E: files-foo-in-bar: dir-or-file-in-srv srv/foo/
E: files-foo-in-bar: dir-or-file-in-srv srv/foo/bar
E: files-foo-in-bar: dir-or-file-in-tmp tmp/foo/
E: files-foo-in-bar: dir-or-file-in-tmp tmp/foo/bar
+E: files-foo-in-bar: dir-or-file-in-run-lock run/lock/foo/
+E: files-foo-in-bar: dir-or-file-in-run-lock run/lock/foo/bar
+E: files-foo-in-bar: dir-or-file-in-run run/foo/
+E: files-foo-in-bar: dir-or-file-in-run run/foo/bar
E: files-foo-in-bar: dir-or-file-in-var-lock var/lock/foo/
E: files-foo-in-bar: dir-or-file-in-var-lock var/lock/foo/bar
E: files-foo-in-bar: dir-or-file-in-var-run var/run/foo/
@@ -29,6 +33,8 @@ W: files-foo-in-bar: executable-not-elf-or-script usr/bin/foo/bar
W: files-foo-in-bar: file-in-unusual-dir usr/foo/bar
W: files-foo-in-bar: file-in-unusual-dir usr/local/foo/bar
W: files-foo-in-bar: file-in-unusual-dir var/foo/bar
+W: files-foo-in-bar: file-in-unusual-dir run/lock/foo/bar
+W: files-foo-in-bar: file-in-unusual-dir run/foo/bar
W: files-foo-in-bar: file-in-unusual-dir var/lock/foo/bar
W: files-foo-in-bar: file-in-unusual-dir var/run/foo/bar
W: files-foo-in-bar: file-in-usr-lib-sgml usr/lib/sgml/bar
diff --git a/t/tests/files-general/debian/debian/dirs b/t/tests/files-general/debian/debian/dirs
index 666af36..6cc45cc 100644
--- a/t/tests/files-general/debian/debian/dirs
+++ b/t/tests/files-general/debian/debian/dirs
@@ -1,3 +1,5 @@
+run/lintian
+run/lock/lintian
usr/share/man/man1/random
var/lock/lintian
var/run/lintian
diff --git a/t/tests/files-general/desc b/t/tests/files-general/desc
index 3a83141..1f16830 100644
--- a/t/tests/files-general/desc
+++ b/t/tests/files-general/desc
@@ -3,6 +3,8 @@ Sequence: 6000
Version: 1.0
Description: Test tags for file paths, names, and modes
Test-For:
+ dir-or-file-in-run-lock
+ dir-or-file-in-run
dir-or-file-in-var-lock
dir-or-file-in-var-run
duplicated-compressed-file
diff --git a/t/tests/files-general/tags b/t/tests/files-general/tags
index 7b7d278..122b169 100644
--- a/t/tests/files-general/tags
+++ b/t/tests/files-general/tags
@@ -1,3 +1,5 @@
+E: files-general: dir-or-file-in-run-lock run/lock/lintian/
+E: files-general: dir-or-file-in-run run/lintian/
E: files-general: dir-or-file-in-var-lock var/lock/lintian/
E: files-general: dir-or-file-in-var-run var/run/lintian/
E: files-general: executable-manpage usr/share/man/man5/foo.5.gz
diff --git a/t/tests/lintian-display-level/debian/debian/dirs b/t/tests/lintian-display-level/debian/debian/dirs
index 055295f..7f2c281 100644
--- a/t/tests/lintian-display-level/debian/debian/dirs
+++ b/t/tests/lintian-display-level/debian/debian/dirs
@@ -1,2 +1,3 @@
+run/lock/lintian
usr/local/share/lintian
var/lock/lintian
diff --git a/t/tests/lintian-display-level/tags b/t/tests/lintian-display-level/tags
index db3043a..4921df4 100644
--- a/t/tests/lintian-display-level/tags
+++ b/t/tests/lintian-display-level/tags
@@ -1,5 +1,6 @@
E: lintian-display-level: dir-in-usr-local usr/local/share/
E: lintian-display-level: dir-in-usr-local usr/local/share/lintian/
+E: lintian-display-level: dir-or-file-in-run-lock run/lock/lintian/
E: lintian-display-level: dir-or-file-in-var-lock var/lock/lintian/
E: lintian-display-level: new-essential-package
E: lintian-display-level: possible-gpl-code-linked-with-openssl
diff --git a/t/tests/lintian-ftp-rejects/debian/debian/dirs b/t/tests/lintian-ftp-rejects/debian/debian/dirs
index db81444..258ded5 100644
--- a/t/tests/lintian-ftp-rejects/debian/debian/dirs
+++ b/t/tests/lintian-ftp-rejects/debian/debian/dirs
@@ -1,3 +1,4 @@
+run/lock/lintian
usr/local/share/lintian
var/lock/lintian
opt/lintian
diff --git a/t/tests/lintian-output-colons/debian/debian/dirs b/t/tests/lintian-output-colons/debian/debian/dirs
index 055295f..7f2c281 100644
--- a/t/tests/lintian-output-colons/debian/debian/dirs
+++ b/t/tests/lintian-output-colons/debian/debian/dirs
@@ -1,2 +1,3 @@
+run/lock/lintian
usr/local/share/lintian
var/lock/lintian
diff --git a/t/tests/lintian-output-colons/tags b/t/tests/lintian-output-colons/tags
index 3f382e4..7b7f6a4 100644
--- a/t/tests/lintian-output-colons/tags
+++ b/t/tests/lintian-output-colons/tags
@@ -1,6 +1,7 @@
tag:E:important:possible::lintian-output-colons:1.0+dsfg-1.1:all:binary:new-essential-package::
tag:E:serious:certain::lintian-output-colons:1.0+dsfg-1.1:all:binary:dir-in-usr-local:usr/local/share/:
tag:E:serious:certain::lintian-output-colons:1.0+dsfg-1.1:all:binary:dir-in-usr-local:usr/local/share/lintian/:
+tag:E:serious:possible::lintian-output-colons:1.0+dsfg-1.1:all:binary:dir-or-file-in-run-lock:run/lock/lintian/:
tag:E:serious:possible::lintian-output-colons:1.0+dsfg-1.1:all:binary:dir-or-file-in-var-lock:var/lock/lintian/:
tag:E:serious:wild-guess::lintian-output-colons:1.0+dsfg-1.1:all:binary:possible-gpl-code-linked-with-openssl::
tag:I:minor:possible::lintian-output-colons:1.0+dsfg-1.1:all:binary:description-synopsis-might-not-be-phrased-properly::
diff --git a/t/tests/lintian-output-letter/debian/debian/dirs b/t/tests/lintian-output-letter/debian/debian/dirs
index 055295f..7f2c281 100644
--- a/t/tests/lintian-output-letter/debian/debian/dirs
+++ b/t/tests/lintian-output-letter/debian/debian/dirs
@@ -1,2 +1,3 @@
+run/lock/lintian
usr/local/share/lintian
var/lock/lintian
diff --git a/t/tests/lintian-output-letter/tags b/t/tests/lintian-output-letter/tags
index cc91809..a9be614 100644
--- a/t/tests/lintian-output-letter/tags
+++ b/t/tests/lintian-output-letter/tags
@@ -1,4 +1,5 @@
E[I ]: lintian-output-letter: new-essential-package
+E[S ]: lintian-output-letter: dir-or-file-in-run-lock run/lock/lintian/
E[S ]: lintian-output-letter: dir-or-file-in-var-lock var/lock/lintian/
E[S!]: lintian-output-letter: dir-in-usr-local usr/local/share/
E[S!]: lintian-output-letter: dir-in-usr-local usr/local/share/lintian/
diff --git a/t/tests/lintian-output-xml/debian/debian/dirs b/t/tests/lintian-output-xml/debian/debian/dirs
index 055295f..7f2c281 100644
--- a/t/tests/lintian-output-xml/debian/debian/dirs
+++ b/t/tests/lintian-output-xml/debian/debian/dirs
@@ -1,2 +1,3 @@
+run/lock/lintian
usr/local/share/lintian
var/lock/lintian
diff --git a/t/tests/lintian-output-xml/tags b/t/tests/lintian-output-xml/tags
index a6f9fe2..df3653d 100644
--- a/t/tests/lintian-output-xml/tags
+++ b/t/tests/lintian-output-xml/tags
@@ -17,6 +17,7 @@
<tag severity="pedantic" certainty="wild-guess" flags="overridden" name="no-upstream-changelog"></tag>
<tag severity="serious" certainty="certain" flags="" name="dir-in-usr-local">usr/local/share/</tag>
<tag severity="serious" certainty="certain" flags="" name="dir-in-usr-local">usr/local/share/lintian/</tag>
+<tag severity="serious" certainty="possible" flags="" name="dir-or-file-in-run-lock">var/lock/lintian/</tag>
<tag severity="serious" certainty="possible" flags="" name="dir-or-file-in-var-lock">var/lock/lintian/</tag>
<tag severity="serious" certainty="wild-guess" flags="" name="possible-gpl-code-linked-with-openssl"></tag>
<tag severity="wishlist" certainty="certain" flags="" name="binary-control-field-duplicates-source">field "section" in package lintian-output-xml</tag>
Reply to: