TODO: check for non-executable binaries in /bin /sbin /usr/bin /usr/sbin.
probably also non-executable shared libs.

Future options:

-e  Only log errors, not warnings (right now, everything is a warning).

Future test ideas:

- more forbidden files. for fonts.{dir|scale}, we need the doinst.sh
  test (doinst can and should create these; they should *not* just be
  files in the package).

- noarch could recommend a package be made noarch, if it contains no
  ELF files and doesn't use lib or lib64 dirs. Should this just
  be a recommendation, or should it count as a failed test?

- static libraries? some packages ship these because upstream doesn't
  support shared libs, though. maybe only complain if libfoo.so.* and
  libfoo.a both exist (if we have a shared lib, we shouldn't also have
  a static one). Maybe this should be a disable-able warning?

- icons. Make sure they are what their filename says (I've run into .png
  files named .svg, and .gif files named .png, etc). If they're in
  /usr/share/icons/<size>x<size>/, make sure they actually are the correct
  size (or that they're SVG, if they're in scalable/). Really large icons
  in /usr/share/pixmaps are probably useless (most stuff that uses the
  old-style icons expects them to be 48x48 or 64x64). Icons must be
  readable by everyone, non-executable, and owned by root:root.

- duplicate files, maybe the error message could suggest a "ln -s" command
  to use if the file really does need to appear in multiple dirs.

- fonts. make sure they are what their filename says, and are installed to
  the correct /usr/share/fonts/* or /usr/share/kbd/consolefonts dir.

Other ideas:

When linting multiple packages, print a summary: 100 packages checked,
10 failed, 90 passed. Maybe with percentages too.

Clean up the output. Make it easier to grep.