diff options
Diffstat (limited to 'sbopkglint.d')
-rw-r--r-- | sbopkglint.d/05-basic-sanity.t.sh | 14 | ||||
-rw-r--r-- | sbopkglint.d/15-noarch.t.sh | 12 | ||||
-rw-r--r-- | sbopkglint.d/20-arch.t.sh | 5 |
3 files changed, 25 insertions, 6 deletions
diff --git a/sbopkglint.d/05-basic-sanity.t.sh b/sbopkglint.d/05-basic-sanity.t.sh index 612b107..3b98c74 100644 --- a/sbopkglint.d/05-basic-sanity.t.sh +++ b/sbopkglint.d/05-basic-sanity.t.sh @@ -112,10 +112,11 @@ for i in $baddirs; do fi done +# 20220414 bkw: don't complain about broken symlinks here, they get checked elsewhere. for i in $fileonlydirs; do [ -d "$i" ] || continue dir_ok "$i" || warn_badperms "$i" - badstuff="$( find -L "$i" -mindepth 1 -maxdepth 1 \! -type f )" + badstuff="$( find -L "$i" -mindepth 1 -maxdepth 1 \! \( -type l -o -type f \) )" [ -n "$badstuff" ] && warn "$i should only contain files, not:" && ls -ld $badstuff done @@ -151,8 +152,15 @@ for i in $badfiles; do [ -e "$i" ] && warn "forbidden file: $i" done +# 20220414 bkw: absolute symlinks used to be an error, but there are just +# too many packages that use them. so only flag them if they're broken links. abslinks="$( find . -type l -lname '/*' )" +[ -n "$abslinks" ] && for i in $abslinks; do + target="$( readlink $i | sed 's,^/*,,' )" + [ -e "$target" ] || brokenabslinks+="$i " +done + brokenlinks="$( find -L . -type l \! -lname '/*' )" -[ -n "$abslinks" ] && warn "package contains absolute symlinks (should be relative):" && ls -ld $abslinks -[ -n "$brokenlinks" ] && warn "package contains broken symlinks:" && ls -ld $brokenlinks +[ -n "$brokenabslinks" ] && warn "package contains broken absolute symlinks:" && ls -ld $brokenabslinks +[ -n "$brokenlinks" ] && warn "package contains broken relative symlinks:" && ls -ld $brokenlinks diff --git a/sbopkglint.d/15-noarch.t.sh b/sbopkglint.d/15-noarch.t.sh index 55c17f6..7480ba8 100644 --- a/sbopkglint.d/15-noarch.t.sh +++ b/sbopkglint.d/15-noarch.t.sh @@ -7,8 +7,16 @@ ######################################################################## # makes sure "noarch" packages really are noarch. +# for packages that aren't noarch, recommend noarch if it looks like one. +# the recommendation is not an error! + +elfbins="$( find * -type f -print0 | xargs -0 file -m /etc/file/magic/elf | grep ELF | cut -d: -f1 )" if [ "$ARCH" = "noarch" ]; then - elfbins="$( find * -type f -print0 | xargs -0 file -m /etc/file/magic/elf | grep ELF | cut -d: -f1 )" - [ -n "$elfbins" ] && warn "package claims to be noarch, but contains ELF binaries:" && ls -l $elfbins + [ -n "$elfbins" ] && \ + warn "package claims to be noarch, but contains ELF binaries:" && \ + ls -l $elfbins +elif [ -z "$elfbins" ] && [ ! -e usr/lib ] && [ ! -e usr/lib64 ]; then + x="$( find usr/share/pkgconfig -type f -exec grep 'usr/lib' {} \+ 2>/dev/null )" + [ -z "$x" ] && note "package might be a good candidate for noarch" fi diff --git a/sbopkglint.d/20-arch.t.sh b/sbopkglint.d/20-arch.t.sh index a6b9265..376074d 100644 --- a/sbopkglint.d/20-arch.t.sh +++ b/sbopkglint.d/20-arch.t.sh @@ -39,7 +39,10 @@ if [ -n "$WRONGDIR" ]; then file="$( echo $line | cut -d: -f1 )" filetype="$( echo $line | cut -d: -f2 )" case "$file" in - lib/firmware/*) continue ;; + # 20220414 bkw: only check for libs directly in the dir. + # this avoids e.g. lib/udev/<executable> and usr/lib/prgnam/plugins/*.so. + # had to relax this check; it was too strict. + $WRONGDIR/*/*|usr/$WRONGDIR/*/*) continue ;; $WRONGDIR/*|usr/$WRONGDIR/*) INWRONGDIR+="$file " ;; esac |