[gentoo-commits] proj/portage:master commit in: bin/install-qa-check.d/

Mon, 27 Oct 2014 12:29:41 -0700 

commit:     01e148aac631a0d1c78968dea96ebd9ed94e5918
Author:     Michael Palimaka <kensington <AT> gentoo <DOT> org>
AuthorDate: Sun Oct 26 15:16:16 2014 +0000
Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Mon Oct 27 19:21:29 2014 +0000
URL:        
http://sources.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=01e148aa

install-qa-check.d/90world-writable: Write log and general cleanup.

Use eqawarn instead of __vecho for visibility.

Present the list of offending files newline-delimitered for consistency
with other checks.

Signed-off-by: Zac Medico <zmedico <AT> gentoo.org>
Acked-by: Alexander Berntsen <bernalex <AT> gentoo.org>

---
 bin/install-qa-check.d/90world-writable | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/bin/install-qa-check.d/90world-writable 
b/bin/install-qa-check.d/90world-writable
index 771027e..490aaee 100644
--- a/bin/install-qa-check.d/90world-writable
+++ b/bin/install-qa-check.d/90world-writable
@@ -2,21 +2,37 @@
 
 world_writable_check() {
        # Now we look for all world writable files.
-       local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:- 
:")
+       local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e 
"s:^${ED}:/:")
+       local OLDIFS x prev_shopts=$-
+
+       OLDIFS=$IFS
+       IFS=$'\n'
+       set -f
+
        if [[ -n ${unsafe_files} ]] ; then
-               __vecho "QA Security Notice: world writable file(s):"
-               __vecho "${unsafe_files}"
-               __vecho "- This may or may not be a security problem, most of 
the time it is one."
-               __vecho "- Please double check that $PF really needs a world 
writeable bit and file bugs accordingly."
-               sleep 1
+               eqawarn "QA Security Notice: world writable file(s):"
+
+               for x in $unsafe_files ; do
+                       __eqawarnlog world-writable "$x"
+               done
+
+               eqawarn "This may or may not be a security problem, most of the 
time it is one."
+               eqawarn "Please double check that $PF really needs a world 
writeable bit and file bugs accordingly."
+               eqawarn
        fi
 
        local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm 
-4002 ')' | sed -e "s:^${ED}:/:")
        if [[ -n ${unsafe_files} ]] ; then
                eqawarn "QA Notice: Unsafe files detected (set*id and world 
writable)"
-               eqawarn "${unsafe_files}"
+
+               for x in $unsafe_files ; do
+                       __eqawarnlog world-writable-setid "$x"
+               done
                die "Unsafe files found in \${D}.  Portage will not install 
them."
        fi
+
+       IFS=OLDIFS
+       [[ ${prev_shopts} == *f* ]] || set +f
 }
 
 world_writable_check

Reply via email to