Source: openconnect
Version: 9.12-3.3+b1
Usertags: pidof-without-procps
Dear maintainer(s) of openconnect,
it appears that openconnect uses `pidof` in its testsuite, or that
at least one of its binary packages uses `pidof` at runtime.
Historically, `pidof` was provided by the Essential package
`sysvinit-tools`, making an explicit dependency unnecessary. However
`pidof` will soon be moved to `procps` and will no longer be part of
the Essential set.
Please add an explicit dependency on `procps`:
* via the `Depends:` field of all binary packages of openconnect
that use `pidof` at runtime;
* via the `Build-Depends:` field of openconnect, if `pidof` is
used in tests run at build-time;
* via the `Depends:` field of `debian/control/tests`, if `pidof` is
used in autopkgtests.
To prevent any disruption for users of openconnect, please add
this dependency now, before `pidof` is moved from `sysvinit-utils` to
`procps`. Alternatively, you could remove all uses of `pidof`.
It is believed that openconnect uses `pidof` due to the following
code snippets:
```
path: openconnect_9.12-3.3/trojans/csd-post.sh
Process)
if pidof "$VALUE" &> /dev/null; then
EXISTS=true
else
```
Feel free to close this issue if this is a false positive (for example
if this code is in an unreachable code path).
Regards,
--
Gioele Barabucci
