[SCM] Debian package checker branch, master, updated. 2.5.8-19-g1dc73da
The following commit has been merged in the master branch:
commit 1dc73da5bd0da8679a568abe5a493fe57abb08c0
Author: Niels Thykier <niels@thykier.net>
Date: Thu Jun 14 19:21:39 2012 +0200
coll/hardening-info: Skip kernel modules (.ko)
hardening-check is not really geared towards kernel modules and
Lintian does not even use the hardening-check output for kernel
modules anyway.
Signed-off-by: Niels Thykier <niels@thykier.net>
diff --git a/collection/hardening-info b/collection/hardening-info
index 4227359..763fad2 100755
--- a/collection/hardening-info
+++ b/collection/hardening-info
@@ -62,6 +62,9 @@ $opts{pipe_in}->blocking(1);
foreach my $bin ($info->sorted_index) {
next unless $info->index->{$bin}->is_file;
+ # Skip kernel modules - most of the checks do not apply to the
+ # kernel.
+ next if $bin =~ m/\.ko/o;
my $finfo = $file_info->{$bin};
next unless $finfo =~ m/\bELF\b/o;
printf {$opts{pipe_in}} "%s\0", $bin;
diff --git a/collection/hardening-info.desc b/collection/hardening-info.desc
index 5494aaf..82b5838 100644
--- a/collection/hardening-info.desc
+++ b/collection/hardening-info.desc
@@ -3,5 +3,5 @@ Author: Kees Cook <kees@debian.org>
Info: This script runs hardening-check(1) over all ELF binaries of a binary
package.
Type: binary, udeb
-Version: 2
+Version: 3
Needs-Info: bin-pkg-control, file-info, index, unpacked
diff --git a/debian/changelog b/debian/changelog
index 418f5b9..59ad0c0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -30,6 +30,7 @@ lintian (2.5.9) UNRELEASED; urgency=low
greatly reduces the processing time for packages with many
binaries (like some of the linux binaries). Thanks to
Bastian Blank for the heads up.
+ + [NT] Skip kernel modules (.ko files).
* collection/hardening-info-helper:
+ [NT] New file.
--
Debian package checker
Reply to: