sbopkglint: complain if anything is owned by UID or GID >= 1000.

2 files changed, 3 insertions, 4 deletions

diff --git a/TODO b/TODO
index 8b6d1ef..a52beb9 100644
--- a/TODO
+++ b/TODO
@@ -1,7 +1,3 @@
-TODO: locale issues break the 'grep -P' in the info check. two
-      things: (1) use a more reliable way to detect gz files, and
-      (2) possibly force LANG and LC_* to "C". Or else en_US.UTF-8.
-TODO: check ownership of executables? fail if >1000 uid or gid?
 TODO: if package contains any static libs, don't suggest noarch.
 TODO: stop checking shared libs for +x and being stripped if they're not
       directly in /lib /lib64 /usr/lib /usr/lib64. too many packages
diff --git a/sbopkglint.d/05-basic-sanity.t.sh b/sbopkglint.d/05-basic-sanity.t.sh
index 04d5ef9..d172cf9 100644
--- a/sbopkglint.d/05-basic-sanity.t.sh
+++ b/sbopkglint.d/05-basic-sanity.t.sh
@@ -201,3 +201,6 @@ find_warnfiles "package contains broken relative symlinks:" \
 # we ignore any empty dirs under /var because lots of packages need these.
 find_warnfiles --note "package contains empty dirs, are these necessary?" \
 	. -type d -a -empty -a \! -path "./var/*"
+
+find_warnfiles "package contains files owned by UID/GID >= 1000" \
+	. \( -uid +999 -o -gid +999 \)