aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TODO2
-rw-r--r--sbopkglint.d/05-basic-sanity.t.sh16
2 files changed, 16 insertions, 2 deletions
diff --git a/TODO b/TODO
index 79b1c8e..eecb7be 100644
--- a/TODO
+++ b/TODO
@@ -1,11 +1,11 @@
TODO: sbolint: exempt github gists URLs from check (actually, only check /archive/).
TODO: sbolint: complain about backticks and chown blah.blah
-TODO: sbopkglint: maybe complain louder if an empty /usr/bin dir exists? aterm...
TODO: sbopkglint: maybe? change "forbidden" to:
--- etc/ld.so.conf not allowed to exist in SBo packages.
TODO: sbopkglint: grep for LD_LIBRARY_PATH in /etc/profile.d/* scripts.
This stuff is implemented, probably works, needs more testing:
+TODO: sbopkglint: complain louder if an empty /bin /usr/bin /sbin /usr/sbin exists.
TODO: sbopkglint: exempt /lib/firmware and /usr/share/alsa/firmware from ELF checks
DONE: sbolint and sbopkglint both: complain if PRGNAM has invalid characters.
DONE: if sbopkglint finds a hardcoded $PKG in /var/lib/pkgtools/scripts/*,
diff --git a/sbopkglint.d/05-basic-sanity.t.sh b/sbopkglint.d/05-basic-sanity.t.sh
index 8267b83..d5d3569 100644
--- a/sbopkglint.d/05-basic-sanity.t.sh
+++ b/sbopkglint.d/05-basic-sanity.t.sh
@@ -203,8 +203,22 @@ find_warnfiles "package contains broken relative symlinks:" \
# 20230320 bkw: empty directories. this isn't an error, just a note, and
# we ignore any empty dirs under /var because lots of packages need these.
+# 20241008 bkw: ignore empty bin sbin usr/bin usr/sbin, these are caught below.
find_warnfiles --note "package contains empty dirs, are these necessary?" \
- . -type d -a -empty -a \! -path "./var/*"
+ . -type d -a -empty \
+ -a \! -path "./var/*" \
+ -a \! -path ./bin \
+ -a \! -path ./sbin \
+ -a \! -path ./usr/bin \
+ -a \! -path ./usr/sbin
+
+# 20241008 bkw: if any of /bin /sbin /usr/bin or /usr/sbin exists, they must
+# not be empty.
+for i in bin sbin usr/bin usr/sbin; do
+ if [ -e $i -a -z "$( ls -bld $i/* 2>/dev/null )" ]; then
+ warn "package contains empty $i directory, this is probably a bug in the script."
+ fi
+done
find_warnfiles "package contains files owned by UID/GID >= 1000" \
. \( -uid +999 -o -gid +999 \)