From 5fb14a3d73b19a81bc4b638feb009ab04c249e3a Mon Sep 17 00:00:00 2001 From: "B. Watson" Date: Wed, 6 Apr 2022 12:55:13 -0400 Subject: handle gtk4-update-icon cache and usr/doc/HTML, check for executable docs --- .gitignore | 3 +++ TODO | 8 +++----- sbopkglint.d/05-basic-sanity.t.sh | 4 ++-- sbopkglint.d/10-docs.t.sh | 19 ++++++++++++++----- sbopkglint.d/45-doinst.t.sh | 7 ++++++- 5 files changed, 28 insertions(+), 13 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5b106c9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +sbolint.1 +sbopkglint.1 +sbo-maintainer-tools-*.tar.gz diff --git a/TODO b/TODO index 45d013a..a29ddae 100644 --- a/TODO +++ b/TODO @@ -1,14 +1,12 @@ +TODO: check for non-executable binaries in /bin /sbin /usr/bin /usr/sbin. +probably also non-executable shared libs. + Future options: -e Only log errors, not warnings (right now, everything is a warning). Future test ideas: -- extract the doinst.sh separately and check it. If we e.g. have - an icon cache or desktop file cache in $PKG, but no - gtk-update-icon-cache or update-desktop-database command in the - doinst.sh, that's definitely an error. - - more forbidden files. for fonts.{dir|scale}, we need the doinst.sh test (doinst can and should create these; they should *not* just be files in the package). diff --git a/sbopkglint.d/05-basic-sanity.t.sh b/sbopkglint.d/05-basic-sanity.t.sh index 6709203..b621bbe 100644 --- a/sbopkglint.d/05-basic-sanity.t.sh +++ b/sbopkglint.d/05-basic-sanity.t.sh @@ -31,14 +31,14 @@ fileonlydirs="bin usr/bin sbin usr/sbin" # these directories may exist, but must contain only subdirectories # (no files, symlinks, devices, etc). "." (the top-level package dir) # doesn't need to be included here; it's checked separately. -nofiledirs="usr usr/doc usr/share usr/man" +nofiledirs="usr usr/doc usr/share usr/man usr/doc/HTML" # these directories may exist but must not have executable files # anywhere under them. I would put usr/doc and etc here, but too many # packages break that rule. usr/share/applications is listed here, # even though Slackware's KDE packages (erroneously) install .desktop # files +x. -noexecdirs="usr/man usr/share/pixmaps usr/share/icons usr/share/applications usr/share/appdata usr/share/mime usr/share/mime-info usr/share/glib-2.0" +noexecdirs="usr/man usr/share/pixmaps usr/share/icons usr/share/applications usr/share/appdata usr/share/mime usr/share/mime-info usr/share/glib-2.0 usr/doc/HTML" # these files must exist. requiredfiles="usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild" diff --git a/sbopkglint.d/10-docs.t.sh b/sbopkglint.d/10-docs.t.sh index e1bb8d8..830e850 100644 --- a/sbopkglint.d/10-docs.t.sh +++ b/sbopkglint.d/10-docs.t.sh @@ -11,11 +11,12 @@ # be owned by root:root. also checks for empty files or (possibly) # install instructions. - # ideally, we'd require all files under the doc dir to be mode 0644. -# however, too many existing packages (including core Slackware ones) -# break that rule. so check for the minimum set of desired permissions: -# a doc file should be readable by all users (at least 444). +# however, too many existing packages (including core Slackware +# ones) break that rule. so check for the minimum set of desired +# permissions: a doc file should be readable by all users (at least +# 444), and check that any +x file looks like some kind of script +# (perl/shell/python/etc). DOCDIR=usr/doc/$PRGNAM-$VERSION @@ -29,6 +30,12 @@ if [ -d "$DOCDIR" ]; then empty="$( find $DOCDIR -mindepth 1 -empty )" bogus="$( find $DOCDIR -mindepth 1 -maxdepth 1 -type f -a \( -name INSTALL -o -name INSTALL.\* \) )" + files="$( find $DOCDIR -type f -perm /111 )" + for f in $files; do + head -1 $f | grep '^#!' && continue; # script file + badpermfiles+=" $f" + done + [ -n "$badpermfiles" ] && warn "bad file perms (should be 644, or at least 444) in doc dir:" && ls -l $badpermfiles [ -n "$badpermdirs" ] && warn "bad directory perms (should be 755) in doc dir:" && ls -ld $badpermdirs [ -n "$badowners" ] && warn "bad ownership (should be root:root) in doc dir:" && ls -ld $badowners @@ -36,5 +43,7 @@ if [ -d "$DOCDIR" ]; then [ -n "$bogus" ] && [ -z "$INSTALL_DOCS_OK" ] && warn "useless-looking install instructions in doc dir: $bogus" fi -baddocs="$( find usr/doc -mindepth 1 -maxdepth 1 \! -name $PRGNAM-$VERSION )" +# allow /usr/doc/HTML to exist, though we don't check its contents here. +# this is the standard location for KDE5 help files. +baddocs="$( find usr/doc -mindepth 1 -maxdepth 1 \! -name $PRGNAM-$VERSION \! -name HTML )" [ -n "$baddocs" ] && warn "docs outside of $DOCDIR:" && ls -ld $baddocs diff --git a/sbopkglint.d/45-doinst.t.sh b/sbopkglint.d/45-doinst.t.sh index ae47c72..e127189 100644 --- a/sbopkglint.d/45-doinst.t.sh +++ b/sbopkglint.d/45-doinst.t.sh @@ -36,10 +36,15 @@ doinst_warn() { doinst_chk_command() { local cmd="$1" + + # special case here: allow gtk4-update-icon-cache in place of + # gtk-update-icon-cache. they work identically, so it doesn't matter. + [ "$cmd" = "gtk-update-icon-cache" ] && grep_doinst gtk4-update-icon-cache && return + grep_doinst "$cmd" || doinst_warn "$cmd" } -[ "$( find -L usr/share/icons -type f 2>/dev/null )" != "" ] && \ +[ "$( find -L usr/share/icons/hicolor -type f 2>/dev/null )" != "" ] && \ doinst_chk_command "gtk-update-icon-cache" [ "$( find -L usr/share/applications -type f 2>/dev/null )" != "" ] && \ -- cgit v1.2.3