Bug#704197: marked as done (Please review: systemd checks)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Mon, 22 Jul 2013 21:33:40 +0000
with message-id <E1V1Njg-00042Z-ML@franck.debian.org>
and subject line Bug#704197: fixed in lintian 2.5.15
has caused the Debian Bug report #704197,
regarding Please review: systemd checks
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
704197: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704197
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: Please review: systemd checks
• From: Michael Stapelberg <stapelberg@debian.org>
• Date: Fri, 29 Mar 2013 11:11:21 +0100
• Message-id: <20130329101121.24594.84797.reportbug@midna.zekjur.net>

Package: lintian
Version: 2.5.10.4
Severity: wishlist

Attached you can find my first stab at systemd-related checks for
lintian. While some details in parsing the service files are not
implemented (see the TODOs in the code), I’d like you to have a look at
the checks in general. Is there anything that needs to be improved
before these can be shipped with lintian?

Thanks!

Check-Script: systemd
Author: Michael Stapelberg <stapelberg@debian.org>
Abbrev: systemd
Type: binary
Info: Checks various systemd policy things
Needs-Info: scripts, index, unpacked, file-info

Tag: systemd-service-file-outside-lib
Severity: serious
Certainty: certain
Info: The package ships a systemd service file outside
 <tt>/lib/systemd/system/</tt>
 .
 System administrators should have the possibility to overwrite a service file
 (or parts of it, in newer systemd versions) by placing a file in
 <tt>/etc/systemd/system</tt>, so the canonical location we use for service
 files is <tt>/lib/systemd/system/</tt>.

Tag: systemd-tmpfiles.d-outside-usr-lib
Severity: serious
Certainty: certain
Info: The package ships a systemd tmpfiles.d(5) conf file outside
 <tt>/usr/lib/tmpfiles.d/</tt>

Tag: systemd-service-file-refers-to-obsolete-target
Severity: normal
Certainty: certain
Info: The systemd service file refers to an obsolete target.
 .
 Some targets are obsolete by now, e.g. syslog.target or dbus.target. For
 example, declaring <tt>After=syslog.target</tt> is unnecessary by now because
 syslog is socket-activated and will therefore be started when needed.

Tag: systemd-no-service-for-init-script
Severity: serious
Certainty: certain
Info: The listed init.d script has no systemd equivalent.
 .
 Systemd has a SysV init.d script compatibility mode. It provides access to
 each SysV init.d script as long as there is no native service file with the
 same name (e.g. <tt>/lib/systemd/system/rsyslog.service</tt> corresponds to
 <tt>/etc/init.d/rsyslog</tt>).
 .
 Your package ships a service file, but for the listed init.d script, there is
 no corresponding systemd service file.

Tag: init.d-script-does-not-source-init-functions
Severity: normal
Certainty: certain
Info: The <tt>/etc/init.d</tt> script does not source
 <tt>/lib/lsb/init-functions</tt>. The <tt>systemd</tt> package provides
 <tt>/lib/lsb/init-functions.d/40-systemd</tt> to redirect
 <tt>/etc/init.d/$script</tt> calls to systemctl.
 .
 Please add a line like this to your <tt>/etc/init.d</tt> script:
 .
  . /lib/lsb/init-functions

Tag: maintainer-script-calls-systemctl
Severity: normal
Certainty: certain
Info: The maintainer script calls systemctl directly. Actions such as enabling
 or starting a service have to be done via <tt>update-rc.d</tt> or
 <tt>invoke-rc.d</tt>, respectively, which both do the right thing when systemd
 is installed/running.

# systemd -- lintian check script -*- perl -*-
#
# Copyright © 2013 Michael Stapelberg
#
# based on the apache2 checks file by:
# Copyright © 2012 Arno Töll
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, you can find it on the World Wide
# Web at http://www.gnu.org/copyleft/gpl.html, or write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
# MA 02110-1301, USA.

package Lintian::systemd;

use strict;
use warnings;

use File::Basename;
use Lintian::Collect::Binary ();
use Lintian::Tags qw(tag);
use Lintian::Relation qw(:constants);
use Lintian::Util qw(fail);
use Data::Dumper;

sub run {
    my ($pkg, $type, $info) = @_;

    if ($type eq 'binary') {
        # Figure out whether the maintainer of this package did any effort to
        # make the package work with systemd. If not, we will not warn in case
        # of an init script that has no systemd equivalent, for example.
        my $ships_systemd_file = (scalar ( grep { m,/systemd/, } $info->sorted_index ) > 0);

        # An array of names which are provided by the service files.
        # This includes Alias= directives, so after parsing
        # NetworkManager.service, it will contain NetworkManager and
        # network-manager.
        my @systemd_targets;

        for my $file ($info->sorted_index) {
            if ($file =~ m,^etc/tmpfiles\.d/.*\.conf$,) {
                tag('systemd-tmpfiles.d-outside-usr-lib', $file);
            }
            if ($file =~ m,^etc/systemd/system/.*\.service$,) {
                tag('systemd-service-file-outside-lib', $file);
            }
            if ($file =~ m,/systemd/system/.*\.service$,) {
                check_systemd_service_file($pkg, $info, $file);
                for my $name (extract_service_file_names($pkg, $info, $file)) {
                    push @systemd_targets, $name;
                }
            }
        }

        my @init_scripts = grep(m,^etc/init\.d/.+,, $info->sorted_index);

        # Verify that each init script includes /lib/lsb/init-functions,
        # because that is where the systemd diversion happens.
        for my $init_script (@init_scripts) {
            check_init_script($pkg, $info, $init_script);
        }

        @init_scripts = map { basename($_) } @init_scripts;

        if ($ships_systemd_file) {
            for my $init_script (@init_scripts) {
                if (grep(/\Q$init_script\E\.service/, @systemd_targets) == 0) {
                    tag('systemd-no-service-for-init-script', $init_script);
                }
            }
        }

        check_maintainer_scripts($info);
    }
}

sub check_init_script {
    my ($pkg, $info, $file) = @_;
    
    my $lsb_source_seen;
    open(my $fh, '<', $info->unpacked($file));
    while (<$fh>) {
        s/^\s+//;
        next if /^#/;
        if (m,^(?:\.|source)\s+/lib/lsb/init-functions,) {
            $lsb_source_seen = 1;
            last;
        }
    }
    close($fh);

    if (!$lsb_source_seen) {
        tag('init.d-script-does-not-source-init-functions', $file);
    }
}

sub check_systemd_service_file {
    my ($pkg, $info, $file) = @_;

    my $filename =  $info->unpacked ($file);
    open(my $fh, '<', $filename);
    while (<$fh>) {
        if (/After.*((?:syslog|dbus).target)/) {
            tag('systemd-service-file-refers-to-obsolete-target', $file, $1);
        }
    }
    close($fh);
}

sub split_quoted {
    my ($input) = @_;

    my @result;

    while ($input ne '') {
        $input =~ s/^[ \t\n\r]+//;

        # by default, capture until whitespace
        my $end = "[ \t\n\r]";

        # or a specific delimiter, if present
        my ($begin) = ($input =~ /^([\'\"]?)/);
        $end = $begin if $begin ne '';

        $input =~ s/^$begin(.*?[^\\])(?:$end|$)//;
        push @result, $1;
    }

    return @result;
}

sub extract_service_file_names {
    my ($pkg, $info, $file) = @_;

    my @aliases;
    my $section;
    open(my $fh, '<', $info->unpacked($file));
    while (<$fh>) {
# TODO: continuation handling
        # equivalent of strstrip(l)
        $_ =~ s,[ \t\n\r]+$,,g;

        next if $_ eq '';

        next if /^[#;\n]/;

        # TODO: .include

        # section header
        if (/^\[([^\]]+)\]$/) {
            $section = $1;
            next;
        }

        if (!defined($section)) {
            # Assignment outside of section. Ignoring.
            next;
        }

        my ($key, $value) = ($_ =~ m,^(.*)=(.*)$,);
# TODO: where is the key comparison?
        if ($key eq 'Alias') {
            if ($value eq '') {
                # Empty assignment resets the list
                @aliases = ();
            }

            @aliases = (@aliases, split_quoted($value));
        }
    }
    close($fh);

    return (basename($file), @aliases);
}

sub check_maintainer_scripts {
    my ($info) = @_;

# TODO: use lab_data_path before submitting
    open my $fd, '<', $info->base_dir . '/control-scripts'
        or fail "cannot open lintian control-scripts file: $!";

    while (<$fd>) {
        m/^(\S*) (.*)$/ or fail("bad line in control-scripts file: $_");
        my $interpreter = $1;
        my $file = $2;
        my $filename = $info->control ($file);

        # Don't follow links
        next if -l $filename;
        # Don't try to parse the file if it does not appear to be a shell script
        next if $interpreter !~ m/sh\b/;

        open my $sfd, '<', $filename or fail "cannot open maintainer script $filename: $!";
        while (<$sfd>) {
            # skip comments
            next if substr ($_, 0, $-[0]) =~ /#/;

            # systemctl should not be called in maintainer scripts at all.
            if (m/\bsystemctl\b/) {
                tag('maintainer-script-calls-systemctl', $file);
            }
        }
        close $sfd;
    }

    close $fd;
}

1;

# Local Variables:
# indent-tabs-mode: nil
# cperl-indent-level: 4
# End:
# vim: syntax=perl sw=4 sts=4 sr et

--- End Message ---

--- Begin Message ---

• To: 704197-close@bugs.debian.org
• Subject: Bug#704197: fixed in lintian 2.5.15
• From: Niels Thykier <niels@thykier.net>
• Date: Mon, 22 Jul 2013 21:33:40 +0000
• Message-id: <E1V1Njg-00042Z-ML@franck.debian.org>

Source: lintian
Source-Version: 2.5.15

We believe that the bug you reported is fixed in the latest version of
lintian, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 704197@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Niels Thykier <niels@thykier.net> (supplier of updated lintian package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 22 Jul 2013 22:53:25 +0200
Source: lintian
Binary: lintian
Architecture: source all
Version: 2.5.15
Distribution: unstable
Urgency: low
Maintainer: Debian Lintian Maintainers <lintian-maint@debian.org>
Changed-By: Niels Thykier <niels@thykier.net>
Description: 
 lintian    - Debian package checker
Closes: 700502 701177 704197 707534 707906 708367 708551 710919 712607 712641 712932 713884 714191 714437
Changes: 
 lintian (2.5.15) unstable; urgency=low
 .
   "use less qw(memory);"
 .
   * Summary of tag changes:
     + Added:
       - composer-package-without-pkg-php-tools-builddep
       - init-script-is-not-a-file
       - init.d-script-does-not-source-init-functions
       - maintainer-script-calls-systemctl
       - manpage-named-after-build-path
       - missing-pkg-php-tools-addon
       - missing-pkg-php-tools-buildsystem
       - pear-channel-without-pkg-php-tools-builddep
       - pear-package-but-missing-dependency
       - pear-package-feature-requires-newer-pkg-php-tools
       - pear-package-not-using-substvar
       - pear-package-without-pkg-php-tools-builddep
       - pecl-package-requires-build-dependency
       - service-file-is-not-a-file
       - systemd-no-service-for-init-script
       - systemd-service-file-outside-lib
       - systemd-service-file-refers-to-obsolete-target
       - systemd-tmpfiles.d-outside-usr-lib
 .
   * checks/*.pm:
     + [NT] Add final return to all subs in checks and ensure
       that the "run" sub complies with Lintian's own
       recommendation.
   * checks/binary.pm:
     + [NT] Apply patch from Bastien Roucariès to fix false-
       negatives for debug files in usr/lib/debug/.build-id.
       (Closes: #714191)
     + [NT] Apply patch from Bastien Roucariès to fix false-
       positive debug-file-with-no-debug-symbols for files
       using compressed debug sections.
   * checks/fields.pm:
     + [NT] Apply patch from Niko Tyni to fix false-positive
       package-superseded-by-perl for packages with epochs.
       (Closes: #710919)
   * checks/files.pm:
     + [NT] Fix some false-negative extra-license-file.
       Thanks to Helmut Grohne for the report and the advices.
       (Closes: #701177)
   * checks/manpages.{desc,pm}:
     + [NT] Apply patch from Bastien Roucariès to test for
       manpages named after their build path.
       (Closes: #713884)
     + [NT] Skip some checks on empty manpages.
       (Closes: #700502)
   * checks/phppear.{desc,pm}:
     + [NT] New check based on patches from Mathieu Parent.
       (Closes: #708551)
   * checks/source-copyright.pm:
     + [NT] Some tags now refer to the line number of the field
       with an issue instead of the line number of the paragraph.
   * checks/systemd.{desc,pm}:
     + [NT] New check for systemd related files.  Thanks to
       Michael Stapelberg for providing the check and the
       tests.  (Closes: #704197)
 .
   * collection/copyright-file:
     + [NT] Avoid creating an empty copyright file when it is
       not needed.
   * collection/unpacked:
     + [NT] Skip signature checking of source packages.
       (Closes: #707534)
 .
   * data/binary/embedded-libs:
     + [NT] Rename libgd2 to libgd.  (Closes: #708367)
   * data/fields/virtual-packages:
     + [NT] Refresh.  Thanks to Laurent Bigonville for the
       reminder.  (Closes: #712641)
   * data/files/{fonts,locale-codes}:
     + [NT] Refresh.
   * data/menu-format/add-categories:
     + [NT] Apply patch from Bastien Roucariès to include newer
       categories.  Thanks to Yves-Alexis Perez for the report.
       (Closes: #712932)
   * data/output/manual-references:
     + [NT] Refresh.
   * data/scripts/interpreters:
     + [NT] Apply patch from Bastien Roucariès to include gjs.
       Thanks to Andreas Henriksson for the report.
       (Closes: #712607)
 .
   * debian/control:
     + [NT] Add Build-Depends on pkg-php-tools for a new test.
   * debian/dirs:
     + [NT] Remove /var/lib/lintian, we no longer use it.
   * debian/docs:
     + [NT] Add auto-generated API documentation.
   * debian/lintian.examples:
     + [NT] New file to install examples.  (Closes: #707906)
   * debian/rules:
     + [NT] Generate API documentation during build.
     + [NT] Call dh_installexamples.
 .
   * doc/examples/*:
     + [NT] New example files.
   * doc/lintian.xml:
     + [NT] Add small example vendor profile to the user
       manual.
 .
   * frontend/lintian:
     + [NT] Add information about memory usage with -ddd if
       Devel::Size is available.  A more detailed breakdown
       of the memory usage with -dddd.
 .
   * lib/Lintian/Collect/Package.pm:
     + [NT] Share some string values in the file_info and in
       the (X_)index methods.  This reduces memory usage a bit.
   * lib/Lintian/Collect/Source.pm:
     + [NT] "binaries" and "binary_field" now only exposes data
       about entries in d/control with a valid package name.
     + [NT] Document that "binaries" return an unorderd list.
     + [NT] relation and relation_noarch now recognises
       "Build-Depends-Arch".
   * lib/Lintian/Path.pm:
     + [NT] Fix bug in the overloaded qr// operator.
   * lib/Lintian/ProcessablePool.pm:
     + [NT] Fix a bug that could cause .changes files to be
       silently skipped.  This only occured if a related package
       was passed on the command line before the .changes file.
       Thanks to Salvo Tomaselli for reporting the bug.
       (Closes: #714437)
   * lib/Lintian/Relation.pm:
     + [NT] Apply some memory optimisations to some common cases.
   * lib/Lintian/Tags.pm:
     + [NT] Use croak instead of die when a check emits an
       unknown tag.  This gives the check writer a better chance
       of finding where the problem occured.
   * lib/Lintian/Util.pm:
     + [NT] Have parse_dpkg_control and visit_dpkg_control
       give a more detailed line number information about
       paragraphs.
 .
   * reporting/harness:
     + [NT] Clear some variables before running Lintian in the
       hope it will reduce the memory pressure on "long runs".
     + [NT] Remove support for "$LINTIAN_GPG_CHECK" config
       variable.  Lintian no longer checks any signatures.
Checksums-Sha1: 
 e287a6c3f71ffb151170b925d831aa360713a02a 2573 lintian_2.5.15.dsc
 a1cced0033a98ffa348904ad0167b5134a22d7ab 1244089 lintian_2.5.15.tar.gz
 b4481d88cde6dc77eb1622451606a6fb9284577b 853838 lintian_2.5.15_all.deb
Checksums-Sha256: 
 dbd26cb1a540189585bb7e8099bdb992059a634427755ff034a1d67703d9179b 2573 lintian_2.5.15.dsc
 56718df28df44e74f255457d6bcc26133e669de7e74d2ab582884bd03f6c3159 1244089 lintian_2.5.15.tar.gz
 6e7a2c6fcb6d562f24f065de257462ad96db658033ab7d8285153cf550ed2477 853838 lintian_2.5.15_all.deb
Files: 
 d55eff6b4298cda9788a04da4c11e59e 2573 devel optional lintian_2.5.15.dsc
 fa5189c93322387403d555237e952a1d 1244089 devel optional lintian_2.5.15.tar.gz
 0c968de4cbf2d910ad5987d6e7a58fc3 853838 devel optional lintian_2.5.15_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJR7aQGAAoJEAVLu599gGRC4yMP/i2du8G9LgWuETMt15GDaBjg
B6fy1h4flZ9UIufshA8VHLVpimn+Kv2TQ2IKHDL3uoAu/cOCCwu+bXWeICzT4elU
ZLT7y0r54MPAzY8WluKdPfka1cgXdRlqUmfvYJFesiF4crTbmW3lJhVg+/pYKPal
fYpFygp3HHfVCNDdqAcuDVChXrxwYVCatXED5EL0p1+uFOLHK8cCzdnLYX6hVZeN
raXRGv4g4U+HsJzQ62/0jPGvnrnexQom/tdkHkcUfMnly4QjqbAoqoKTtOt3DJf8
WJ7Q9tQyGH3Fb9AO4Y6D1tCnmeDt7D9lVEhz3evBsztPtPbbDCG7Xvvgg5BIH3l5
8cqlrULGtd2Cc04QNF3rMf3/axmI58J+qryJKmuGwcYZ3vdjd1puetl6qOCnHgc3
1Avs5BObXuk86bI7EKOD+r9LyYhTAkAgku4v0fHbSIjkpJB5otNeke5MIv/hK1JD
SggpROPJld4vVCKsxKe3UeKXjondapMutLLxXVQvQojGpg/uZqai7dHre23DSGy2
1rt5OJ5ROwRLnoFkk+CvwMz1jF6a8JBR3bm4VEVkg2gmc3lgK5yM+6OLO4A/9nvq
hPS0w4cpJd/AxDMD8Pgvp0vnwIxCDXp11S17OgkVK9dt7xDZ71PWpoPMltuwa0aM
IJk2GL9xWL0Zz00dD9Hu
=RqOv
-----END PGP SIGNATURE-----

--- End Message ---