[SCM] Debian package checker branch, master, updated. 2.5.11-10-g28e7012
The following commit has been merged in the master branch:
commit 28e7012073e6b14dee4f63ecf35a02a0c5ce7921
Author: Bastien ROUCARIÈS <roucaries.bastien@gmail.com>
Date: Sun Dec 16 20:29:20 2012 +0100
c/files: Add a few new path forbidden
[nthykier:
- Do not emit file-in-unusual-dir for /root and /home paths
with a stronger tag emitted for those.
- Fix Test-For list in test desc.
}
Signed-off-by: Niels Thykier <niels@thykier.net>
diff --git a/checks/files b/checks/files
index 3d5ee97..01a3ac0 100644
--- a/checks/files
+++ b/checks/files
@@ -336,6 +336,10 @@ foreach my $file ($info->sorted_index) {
elsif ($file =~ m,^etc/modprobe\.d/(.+)$, and $1 !~ m,\.conf$, and !$index_info->is_dir) {
tag 'non-conf-file-in-modprobe.d', $file;
}
+ #---------------- /etc/opt
+ elsif ($file =~ m,^etc/opt/.,) {
+ tag 'dir-or-file-in-etc-opt', $file;
+ }
#----------------- /etc/pam.conf
elsif ($file =~ m,^etc/pam.conf, and $pkg ne 'libpam-runtime' ) {
tag 'config-file-reserved', "$file by libpam-runtime";
@@ -639,6 +643,13 @@ foreach my $file ($info->sorted_index) {
} elsif ($file =~ m,^servers/.,) {
next;
}
+ # -------------- /home
+ elsif ($file =~ m,^home/.,) {
+ tag 'dir-or-file-in-home', $file;
+ }
+ elsif ($file =~ m,^root/.,) {
+ tag 'dir-or-file-in-home', $file;
+ }
# ---------------- /tmp, /var/tmp, /usr/tmp
elsif ($file =~ m,^tmp/., or $file =~ m,^(?:var|usr)/tmp/.,) {
tag 'dir-or-file-in-tmp', $file;
@@ -657,6 +668,10 @@ foreach my $file ($info->sorted_index) {
elsif ($file =~ m,^srv/.,) {
tag 'dir-or-file-in-srv', $file;
}
+ # build directory
+ elsif ($file =~ m,^var/cache/pbuilder/build/., or $file =~ m,^var/lib/sbuild/., or $file =~ m,^var/lib/buildd/.,) {
+ tag 'dir-or-file-in-build-tree', $file;
+ }
# ---------------- FHS directory?
elsif ($file =~ m,^[^/]+/$,o and
$file !~ m,^(?:bin|boot|dev|etc|home|lib(?:64|32)?|mnt|opt|root|run|sbin|selinux|srv|sys|tmp|usr|var)/,o) {
@@ -700,7 +715,7 @@ foreach my $file ($info->sorted_index) {
or $file =~ m,^usr/[^/]+-linux[^/]*/,
or $file =~ m,^usr/iraf/,
# not allowed, but tested indivudually
- or $file =~ m,^(?:mnt|opt|run|srv|(?:(?:usr|var)/)?tmp)|var/www/,) {
+ or $file =~ m,^(?:home|mnt|opt|root|run|srv|(?:(?:usr|var)/)?tmp)|var/www/,) {
tag 'file-in-unusual-dir', $file;
}
}
diff --git a/checks/files.desc b/checks/files.desc
index 11ad8b4..ce8b683 100644
--- a/checks/files.desc
+++ b/checks/files.desc
@@ -424,6 +424,13 @@ Info: Debian packages should not install into <tt>/opt</tt>, because it
is reserved for add-on software.
Ref: fhs optaddonapplicationsoftwarepackages
+Tag: dir-or-file-in-etc-opt
+Severity: serious
+Certainty: certain
+Info: Debian packages should not install into <tt>/etc/opt</tt>, because it
+ is reserved for add-on software.
+Ref: fhs optaddonapplicationsoftwarepackages
+
Tag: dir-or-file-in-srv
Severity: serious
Certainty: certain
@@ -1273,3 +1280,14 @@ Info: The gzip file contains a timestamp that will differ between
byte-for-byte identical.
.
This can usually be fixed by passing -n to gzip.
+
+Tag: dir-or-file-in-home
+Severity: serious
+Certainty: certain
+Info: Debian packages should not install into <tt>/home</tt>, because it
+ is reserved for users.
+
+Tag: dir-or-file-in-build-tree
+Severity: serious
+Certainty: possible
+Info: Your package install file in our build tree.
diff --git a/debian/changelog b/debian/changelog
index 3d334d3..cff35c4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,17 @@
lintian (2.5.12) UNRELEASED; urgency=low
+ * Summary of tag changes:
+ + Added:
+ - dir-or-file-in-build-tree
+ - dir-or-file-in-etc-opt
+ - dir-or-file-in-home
+
* checks/cruft:
+ [NT] Do not emit the license-problem-json-evil tag for
non-free packages.
+ * checks/files{,.desc}:
+ + [NT] Apply patch from Bastien Roucariès to catch paths
+ in (common) build dirs. (Closes: #678857)
* lib/Lintian/Collect.pm:
+ [NT] Add "is_non_free" method to easily check of a given
diff --git a/t/tests/files-foo-in-bar/debian/debian/install b/t/tests/files-foo-in-bar/debian/debian/install
index 961eddd..6aca91d 100644
--- a/t/tests/files-foo-in-bar/debian/debian/install
+++ b/t/tests/files-foo-in-bar/debian/debian/install
@@ -28,6 +28,12 @@ bar var/foo
bar var/lock/foo
bar var/run/foo
bar var/www/foo
+bar home/johndoe
+bar root
+bar etc/opt
+bar var/cache/pbuilder/build
+bar var/lib/sbuild
+bar var/lib/buildd
Bar.pm usr/lib/perl5/Foo
bar.png usr/lib/files-foo-in-bar
diff --git a/t/tests/files-foo-in-bar/desc b/t/tests/files-foo-in-bar/desc
index 5d4f9c0..712bfb2 100644
--- a/t/tests/files-foo-in-bar/desc
+++ b/t/tests/files-foo-in-bar/desc
@@ -4,6 +4,9 @@ Version: 1.0
Description: Test tags about files or dirs in given paths
Test-For:
dir-in-usr-local
+ dir-or-file-in-build-tree
+ dir-or-file-in-etc-opt
+ dir-or-file-in-home
dir-or-file-in-mnt
dir-or-file-in-run
dir-or-file-in-srv
diff --git a/t/tests/files-foo-in-bar/tags b/t/tests/files-foo-in-bar/tags
index d980b09..b5ff6c5 100644
--- a/t/tests/files-foo-in-bar/tags
+++ b/t/tests/files-foo-in-bar/tags
@@ -1,4 +1,11 @@
E: files-foo-in-bar: dir-in-usr-local usr/local/foo/
+E: files-foo-in-bar: dir-or-file-in-build-tree var/cache/pbuilder/build/bar
+E: files-foo-in-bar: dir-or-file-in-build-tree var/lib/buildd/bar
+E: files-foo-in-bar: dir-or-file-in-build-tree var/lib/sbuild/bar
+E: files-foo-in-bar: dir-or-file-in-etc-opt etc/opt/bar
+E: files-foo-in-bar: dir-or-file-in-home home/johndoe/
+E: files-foo-in-bar: dir-or-file-in-home home/johndoe/bar
+E: files-foo-in-bar: dir-or-file-in-home root/bar
E: files-foo-in-bar: dir-or-file-in-mnt mnt/foo/
E: files-foo-in-bar: dir-or-file-in-mnt mnt/foo/bar
E: files-foo-in-bar: dir-or-file-in-run run/foo/
@@ -43,6 +50,7 @@ W: files-foo-in-bar: executable-not-elf-or-script bin/foo/bar
W: files-foo-in-bar: executable-not-elf-or-script usr/bin/foo/bar
W: files-foo-in-bar: file-in-unusual-dir usr/foo/bar
W: files-foo-in-bar: file-in-unusual-dir usr/local/foo/bar
+W: files-foo-in-bar: file-in-unusual-dir var/cache/pbuilder/build/bar
W: files-foo-in-bar: file-in-unusual-dir var/foo/bar
W: files-foo-in-bar: file-in-unusual-dir var/lock/foo/bar
W: files-foo-in-bar: file-in-unusual-dir var/run/foo/bar
--
Debian package checker
Reply to: