[lintian] 01/01: Dectect more problem for adduser
This is an automated email from the git hooks/post-receive script.
broucaries-guest pushed a commit to branch master
in repository lintian.
commit 0cbf8db678598f6bc835e32db9015604bc6afebf
Author: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
Date: Fri Jul 31 11:29:24 2015 +0200
Dectect more problem for adduser
Signed-off-by: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
---
checks/scripts.desc | 7 ++++++-
data/scripts/maintainer-script-bad-command | 2 +-
debian/changelog | 8 ++++++++
t/tests/scripts-maintainer-general/debian/debian/postinst | 4 ++++
t/tests/scripts-maintainer-general/tags | 6 ++++--
5 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 155b5cc..c2c0178 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -621,7 +621,12 @@ Info: The maintainer script apparently runs 'adduser --system'
is clearly a site-specific filesystem. The setup will differ
from host to host. Therefore, no program should rely on this
location.
-Ref: fhs homeuserhomedirectories
+ .
+ Note that passing --no-create-home alone does not solve the issue
+ because home field of passwd file point to a non existing
+ /home subdirectory. Please use
+ <tt>adduser --no-create-home --home /nonexistant</tt> instead.
+Ref: fhs homeuserhomedirectories, adduser(8)
Tag: maintainer-script-empty
Severity: minor
diff --git a/data/scripts/maintainer-script-bad-command b/data/scripts/maintainer-script-bad-command
index efd3168..b0794a6 100644
--- a/data/scripts/maintainer-script-bad-command
+++ b/data/scripts/maintainer-script-bad-command
@@ -29,7 +29,7 @@ maintainer-script-removes-device-files ~~ 0 ~~
maintainer-script-should-not-hide-init-failure ~~ 0 ~~ ~~ ~~invoke-rc.d.*\|\| \s+ exit \s+ 0
maintainer-script-should-not-modify-ld-so-conf ~~ 0 ~~^libc ~~ ~~(?:\A\s*(?:cp|mv)\s+.*\s+|>\s*)/etc/ld\.so\.conf\s*(?:\s|\Z)
maintainer-script-should-not-modify-netbase-managed-file ~~ 0 ~~ ~~ ~~(?:\A\s*(?:cp|mv)\s+.*\s+|>\s*)(/etc/(?:services|protocols|rpc))\s*(?:\s|\Z)
-maintainer-script-should-not-use-adduser-system-without-home ~~ 1 ~~ ~~ ~~adduser\s+--system(?=\s)(?!.*\s--home\s+(?:["']?/(?!home/)|"?\$[\(\[\{]?))
+maintainer-script-should-not-use-adduser-system-without-home ~~ 1 ~~ ~~ ~~(adduser(?:\s.*)?\s--system(?=\s)(?!.*\s--home\s+(?:["']?/(?!home/)|"?\$[\(\[\{]?)).*)
maintainer-script-should-not-use-ancient-dpkg-epoch-check ~~ 0 ~~ ~~ ~~${LEADIN}dpkg\s+--assert-working-epoch\b
maintainer-script-should-not-use-ancient-dpkg-multi-conrep-check~~ 0 ~~ ~~ ~~${LEADIN}dpkg\s+--assert-multi-conrep\b
maintainer-script-should-not-use-deprecated-chown-usage ~~ 0 ~~ ~~ ~~(chown(?:\s+--?[A-Za-z-]+)*\s+[-_A-Za-z0-9]+\.[-_A-Za-z0-9]+)\s+
diff --git a/debian/changelog b/debian/changelog
index 9d29de6..1854504 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,9 +10,17 @@ lintian (2.5.35) UNRELEASED; urgency=medium
Jover for the report. (Closes: #787853)
* checks/fields.desc:
+ [JW] Fix spelling of the word "indicate".
+ * checks/scripts.desc:
+ + [BR] Document why adduser --no-create-home
+ is a bad idea for system user. (Closes: #793613).
* data/cruft/warn-file-type:
+ [BR] Detect pascal ressource file source. (Closes: #793908).
+ * data/scripts/maintainer-script-bad-command:
+ + [BR] Detect more case of
+ maintainer-script-should-not-use-adduser-system-without-home.
+ + [BR] Print offending line for
+ maintainer-script-should-not-use-adduser-system-without-home.
* data/spelling/corrections*:
+ [JW] Fix correction for "acknowldegement".
+ [JW] Document that the lists should be sorted.
diff --git a/t/tests/scripts-maintainer-general/debian/debian/postinst b/t/tests/scripts-maintainer-general/debian/debian/postinst
index 2fa1973..39c4731 100755
--- a/t/tests/scripts-maintainer-general/debian/debian/postinst
+++ b/t/tests/scripts-maintainer-general/debian/debian/postinst
@@ -193,4 +193,8 @@ dpkg-maintscript-helper symlink_to_dir \
../../autoconf-archive/html \
20111221-2~ -- "$@"
+# true positive
+adduser --system --quiet --ingroup ntp --no-create-home ntp
+adduser festival --quiet --system --ingroup audio --no-create-home
+
#DEBHELPER#
diff --git a/t/tests/scripts-maintainer-general/tags b/t/tests/scripts-maintainer-general/tags
index 77c15b7..39a2f55 100644
--- a/t/tests/scripts-maintainer-general/tags
+++ b/t/tests/scripts-maintainer-general/tags
@@ -7,8 +7,10 @@ E: scripts-maintainer-general: maintainer-script-should-not-modify-ld-so-conf po
E: scripts-maintainer-general: maintainer-script-should-not-modify-netbase-managed-file postinst:59 '/etc/services'
E: scripts-maintainer-general: maintainer-script-should-not-modify-netbase-managed-file postinst:60 '/etc/protocols'
E: scripts-maintainer-general: maintainer-script-should-not-modify-netbase-managed-file postinst:61 '/etc/rpc'
-E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:148
-E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:149
+E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:148 'adduser --system foo'
+E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:149 'adduser --system foo2 --home /home/foo2'
+E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:197 'adduser --system --quiet --ingroup ntp --no-create-home ntp'
+E: scripts-maintainer-general: maintainer-script-should-not-use-adduser-system-without-home postinst:198 'adduser festival --quiet --system --ingroup audio --no-create-home'
E: scripts-maintainer-general: maintainer-script-should-not-use-dpkg-status-directly postinst:56
E: scripts-maintainer-general: maintainer-script-should-not-use-install-sgmlcatalog postinst:74
E: scripts-maintainer-general: maintainer-script-should-not-use-install-sgmlcatalog postinst:75
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: