> > > > I'm not sure if the handling of the ":amd64" architecture suffixes is
> > > > ideal. Thoughts?
> > Okay, so what would you prefer? To have --except=foo match both
> > foo and foo:bar for any value of bar? (and 'foo' documented as
> > a bare package name without a ":arch" suffix)
>
> yes, that.
Here you go:
[[[
diff --git a/check-support-status.in b/check-support-status.in
index a5437c4..7296360 100755
--- a/check-support-status.in
+++ b/check-support-status.in
@@ -28,6 +28,7 @@ fi
LIST=
NOHEADING=
STATUSDB_FILE=
+EXCEPT=
TYPE=
NAME="$(basename "$0")"
@@ -37,7 +38,7 @@ TODAY="$(date +"%Y%m%d")"
TEMP=$( \
getopt \
--options h,V \
- --long help,list:,no-heading,semaphore:,status-db:,type:,version,Version \
+ --long
help,list:,no-heading,semaphore:,status-db:,except:,type:,version,Version \
-n "$NAME" \
-- "$@"
)
@@ -52,6 +53,7 @@ Options:
--list FILE database of packages under specific support
conditions
--no-heading skips printing headlines
--status-db FILE database about already reported packages
+ --except PACKAGES exempt given binary packages (comma-separated
list)
--type SECURITY_SUPPORT_TYPE earlyend, ended or limited
-V, --version display version and exit"; echo
}
@@ -86,6 +88,16 @@ while true ; do
STATUSDB_FILE="$2"
shift 2
;;
+ --except)
+ EXCEPT="$2"
+ case "$EXCEPT" in
+ *:*)
+ gettext 'E: --except=<package name> does not allow :<arch>
suffixes'; echo
+ exit 1
+ ;;
+ esac
+ shift 2
+ ;;
--type)
TYPE="$2"
shift 2
@@ -104,17 +116,17 @@ done
case "$TYPE" in
'')
if [ -z "$LIST" ] ; then
- REPORT="$($0 --type ended --list [% ENDED %] --status-db
"$STATUSDB_FILE" $NOHEADING)"
+ REPORT="$($0 --type ended --list [% ENDED %] --status-db
"$STATUSDB_FILE" --except "$EXCEPT" $NOHEADING)"
if [ -n "$REPORT" ] ; then
echo "$REPORT"
echo
fi
- REPORT="$($0 --type limited --list [% LIMITED %] --status-db
"$STATUSDB_FILE" $NOHEADING)"
+ REPORT="$($0 --type limited --list [% LIMITED %] --status-db
"$STATUSDB_FILE" --except "$EXCEPT" $NOHEADING)"
if [ -n "$REPORT" ] ; then
echo "$REPORT"
echo
fi
- $0 --type earlyend --list [% ENDED %] --status-db "$STATUSDB_FILE"
$NOHEADING
+ $0 --type earlyend --list [% ENDED %] --status-db "$STATUSDB_FILE"
--except "$EXCEPT" $NOHEADING
exit 0
fi
gettext 'E: Need a --type if --list is given'; echo
@@ -240,6 +252,14 @@ cat "$INTERSECTION_LIST" | while read SRC_NAME ; do
[% AWK %] '($3=="'"$SRC_NAME"'"){print $1" "$2}' "$INSTALLED_LIST" | \
while read BIN_NAME BIN_VERSION ; do
+ case ",$EXCEPT," in
+ *,"$BIN_NAME",*) # plain match (e.g., "binutils")
+ continue
+ ;;
+ *,"${BIN_NAME%:*}",*) # match with arch suffix (e.g.,
"libbinutils:amd64")
+ continue
+ ;;
+ esac
# for earlyend and ended, check packages actually affected (if
TMP_WHEN not null)
if [ -n "$TMP_WHEN" ] || [ "$TYPE" = limited ] ; then
if \
diff --git a/man/check-support-status.txt b/man/check-support-status.txt
index a16ef9a..066e042 100644
--- a/man/check-support-status.txt
+++ b/man/check-support-status.txt
@@ -83,6 +83,12 @@ reported only once.
+
Default: No records, any affected package will be reported every time.
+*--except* 'PACKAGES'::
+
+Do not alert for the given binary packages (comma-separated list).
++
+Default: Alert for all packages (no exceptions).
+
*--type* 'TYPE'::
One of the following:
diff --git a/t/check-support-status.t b/t/check-support-status.t
index 784d947..af7c082 100644
--- a/t/check-support-status.t
+++ b/t/check-support-status.t
@@ -855,6 +855,76 @@ __EOS__
);
}
+diag ('exempt packages from listing');
+
+foreach my $awk (@AWKs) {
+ diag ("exempt ($awk)");
+
+ my $tb = Testbed->new ($dpkg_version);
+ my ($list_ended, $list_limited, $query_list, $statusdb_file) = $tb->files;
+ my $exe = $tb->exe (
+ $awk,
+ [
+ '--type', 'limited',
+ '--no-heading',
+ '--list', $list_limited,
+ '--status-db', $statusdb_file,
+ '--except', 'hello,binutils-common',
+ ],
+ );
+
+ write_file ($list_limited, <<__EOS__);
+binutils lorem ipsum dolor sit amet
+php5 See README.Debian.security for the PHP security policy
+__EOS__
+ mock_query_list (
+ $query_list,
+ [
+ [ 'ioi', 'binutils', '2.34-2' ],
+ [ 'ioi', 'binutils-common:amd64', '2.34-2', 'binutils' ],
+ [ 'ioi', 'php5', '5.3.3-7+squeeze19' ],
+ ],
+ );
+
+ # run a first time
+ my $run = Test::Command->new ('cmd' => $exe);
+ $run->run;
+ $run->exit_is_num (0);
+
+ my ($stdout, $stderr) = stdout_n_stderr ($run);
+ $stderr and diag ("stderr:\n" . $stderr);
+ my $expect_stdout = <<__EOS__;
+
+* Source:binutils
+ Details: lorem ipsum dolor sit amet
+ Affected binary package:
+ - binutils (installed version: 2.34-2)
+
+* Source:php5
+ Details: See README.Debian.security for the PHP security policy
+ Affected binary package:
+ - php5 (installed version: 5.3.3-7+squeeze19)
+__EOS__
+ eq_or_diff (
+ $stdout,
+ $expect_stdout,
+ 'stdout'
+ );
+
+ if (ok (-f $statusdb_file, 'status db file was created')) {
+ my $got = read_file ($statusdb_file);
+ my $expect = <<__EOS__;
+binutils/2.34-2
+php5/5.3.3-7+squeeze19
+__EOS__
+ eq_or_diff (
+ $got,
+ $expect,
+ 'status db file content',
+ );
+ }
+}
+
done_testing;
exit 0;
]]]
(Normally I'd add an interdiff alongside the new diff, but I'll skip
that since you said you only skimmed the original.)
> thanks!
You're welcome!
Daniel
P.S. Separate issue: in cases such as —
% check-support-status --type foo
E: Unknown --type 'foo'
%
— it would be nice to have "check-support-status: " prefixed to the
error message. (Shall I open a separate bug for this?)
