TODO: check for non-executable binaries in /bin /sbin /usr/bin /usr/sbin. probably also non-executable shared libs. Future options: -e Only log errors, not warnings (right now, everything is a warning). Future test ideas: - more forbidden files. for fonts.{dir|scale}, we need the doinst.sh test (doinst can and should create these; they should *not* just be files in the package). - noarch could recommend a package be made noarch, if it contains no ELF files and doesn't use lib or lib64 dirs. Should this just be a recommendation, or should it count as a failed test? - static libraries? some packages ship these because upstream doesn't support shared libs, though. maybe only complain if libfoo.so.* and libfoo.a both exist (if we have a shared lib, we shouldn't also have a static one). Maybe this should be a disable-able warning? - icons. Make sure they are what their filename says (I've run into .png files named .svg, and .gif files named .png, etc). If they're in /usr/share/icons/x/, make sure they actually are the correct size (or that they're SVG, if they're in scalable/). Really large icons in /usr/share/pixmaps are probably useless (most stuff that uses the old-style icons expects them to be 48x48 or 64x64). Icons must be readable by everyone, non-executable, and owned by root:root. - duplicate files, maybe the error message could suggest a "ln -s" command to use if the file really does need to appear in multiple dirs. - fonts. make sure they are what their filename says, and are installed to the correct /usr/share/fonts/* or /usr/share/kbd/consolefonts dir. Other ideas: When linting multiple packages, print a summary: 100 packages checked, 10 failed, 90 passed. Maybe with percentages too. Clean up the output. Make it easier to grep.