Hello community, here is the log from the commit of package rpmlint for openSUSE:Factory checked in at 2017-02-06 15:04:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rpmlint (Old) and /work/SRC/openSUSE:Factory/.rpmlint.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rpmlint" Changes: -------- --- /work/SRC/openSUSE:Factory/rpmlint/rpmlint.changes 2017-01-25 22:40:23.483830970 +0100 +++ /work/SRC/openSUSE:Factory/.rpmlint.new/rpmlint.changes 2017-02-06 15:04:54.788524641 +0100 @@ -1,0 +2,25 @@ +Tue Jan 31 15:55:45 UTC 2017 - [email protected] + +- Add gdm to StandardGroups. +- Add polkitd to StandardUsers. + +------------------------------------------------------------------- +Tue Jan 31 14:55:48 UTC 2017 - [email protected] + +- suse-spdx-license-exceptions.patch: removed fuzziness from patch. + +- issue_68_BinariesCheck_lower_memory.patch: split into seperate patches + + issue_68_BinariesCheck_lower_memory-1.patch + issue_68_BinariesCheck_lower_memory-2.patch + issue_68_BinariesCheck_lower_memory-3.patch + issue_68_BinariesCheck_lower_memory-4.patch + + and unfuzzed patch number 3. + +------------------------------------------------------------------- +Tue Jan 31 14:18:03 UTC 2017 - [email protected] + +- Whitelisting rebootmgr (bsc#1019644) + +------------------------------------------------------------------- Old: ---- issue_68_BinariesCheck_lower_memory.patch New: ---- issue_68_BinariesCheck_lower_memory-1.patch issue_68_BinariesCheck_lower_memory-2.patch issue_68_BinariesCheck_lower_memory-3.patch issue_68_BinariesCheck_lower_memory-4.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rpmlint.spec ++++++ --- /var/tmp/diff_new_pack.q1P1Gm/_old 2017-02-06 15:04:57.528131059 +0100 +++ /var/tmp/diff_new_pack.q1P1Gm/_new 2017-02-06 15:04:57.528131059 +0100 @@ -116,7 +116,10 @@ Patch64: omit_BUILDROOT_from_pyo_files.patch # PATCH-FIX-UPSTREAM 0001-Fix-resolving-Python-source-from-3.5-.opt-12.pyc.patch [email protected] -- Fixes resolving python source from files generated following PEP0488 Patch65: 0001-Fix-resolving-Python-source-from-3.5-.opt-12.pyc.patch -Patch66: issue_68_BinariesCheck_lower_memory.patch +Patch661: issue_68_BinariesCheck_lower_memory-1.patch +Patch662: issue_68_BinariesCheck_lower_memory-2.patch +Patch663: issue_68_BinariesCheck_lower_memory-3.patch +Patch664: issue_68_BinariesCheck_lower_memory-4.patch # Fix a regression introduced by suse-shlib-devel-dependency.diff Patch67: suse-readd_terminator_in_regex.patch # PATCHLIST END ++++++ config ++++++ --- /var/tmp/diff_new_pack.q1P1Gm/_old 2017-02-06 15:04:57.680109226 +0100 +++ /var/tmp/diff_new_pack.q1P1Gm/_new 2017-02-06 15:04:57.680109226 +0100 @@ -114,6 +114,7 @@ 'fonehome', 'ftp', 'games', + 'gdm', 'geronimo', 'guixbuild', 'haclient', @@ -352,6 +353,7 @@ 'pdns', 'pegasus', 'polipo', + 'polkitd', 'polkituser', 'pop', 'postfix', @@ -722,7 +724,10 @@ "org.freedesktop.resolve1.service", # powerdevil discretegpuhelper (bsc#1019748) "org.kde.powerdevil.discretegpuhelper.conf", - "org.kde.powerdevil.discretegpuhelper.service" + "org.kde.powerdevil.discretegpuhelper.service", + # rebootmgr (bsc#1019644) + "org.opensuse.RebootMgr.conf", + "rebootmgr.service" )) setOption("PAMModules.WhiteList", ( ++++++ issue_68_BinariesCheck_lower_memory-1.patch ++++++ >From c5871542684bf1439d96f2430fe4f0010070e4db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= <[email protected]> Date: Sun, 7 Feb 2016 10:10:51 +0200 Subject: [PATCH] BinariesCheck: avoid false chroot w/o chdir when objdump fails https://bugzilla.redhat.com/show_bug.cgi?id=1305302 --- BinariesCheck.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/BinariesCheck.py b/BinariesCheck.py index b2c030e..33dfae5 100644 --- a/BinariesCheck.py +++ b/BinariesCheck.py @@ -210,7 +210,10 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): # on a server like postfix res = Pkg.getstatusoutput( ('env', 'LC_ALL=C', 'objdump', '-d', path)) - if not res[0]: + if res[0]: + printWarning(pkg, 'binaryinfo-objdump-failed', file) + self.chroot_near_chdir = True # avoid false positive + else: call = [] # we want that : # 401eb8: e8 c3 f0 ff ff callq 400f80 <free@plt> @@ -645,6 +648,9 @@ def check_binary(self, pkg): 'binaryinfo-readelf-failed', '''Executing readelf on this file failed, all checks could not be run.''', +'binaryinfo-objdump-failed', +'''Executing objdump on this file failed, all checks could not be run.''', + 'binaryinfo-tail-failed', '''Reading trailing bytes of this file failed, all checks could not be run.''', ++++++ issue_68_BinariesCheck_lower_memory-2.patch ++++++ >From be76ea6216987eefe9e863b193657318720bca51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <[email protected]> Date: Sun, 13 Mar 2016 16:01:37 +0100 Subject: [PATCH 1/3] BinariesCheck: lower memory requirements, fix chroot/chdir detection Do not read whole output of objdump -d into memory, but read and process the output while it is created (issue #67). Also correct expression to find 'chdir@plt' in output (issue #66) --- BinariesCheck.py | 49 ++++++++++++++++++++++++++++++------------------- 1 file changed, 30 insertions(+), 19 deletions(-) diff --git a/BinariesCheck.py b/BinariesCheck.py index 33dfae5..ee6d00b 100644 --- a/BinariesCheck.py +++ b/BinariesCheck.py @@ -10,6 +10,7 @@ import re import stat import sys +import subprocess import rpm @@ -205,27 +206,37 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): # check if chroot is near chdir (since otherwise, chroot is called # without chdir) if self.chroot and self.chdir: - # FIXME this check is too slow, because forking for objdump is - # quite slow according to a quick test and that's quite visible - # on a server like postfix - res = Pkg.getstatusoutput( - ('env', 'LC_ALL=C', 'objdump', '-d', path)) - if res[0]: + p = subprocess.Popen( + ['env', 'LC_ALL=C', 'objdump', '-d', path], + stdout=subprocess.PIPE, bufsize=1) + with p.stdout: + # we want that : + # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> + objdump_call_regex = re.compile(b'callq?\s(.*)') + index = 0 + chroot_index = -99 + chdir_index = -99 + for line in p.stdout: + r = objdump_call_regex.search(line) + if not r: + continue + if b'@plt' not in r.group(1): + pass + elif b'chroot@plt' in r.group(1): + chroot_index = index + if abs(chroot_index - chdir_index) <= 2: + self.chroot_near_chdir = True + break + elif b'chdir@plt' in r.group(1): + chdir_index = index + if abs(chroot_index - chdir_index) <= 2: + self.chroot_near_chdir = True + break + index += 1 + if p.wait(): printWarning(pkg, 'binaryinfo-objdump-failed', file) self.chroot_near_chdir = True # avoid false positive - else: - call = [] - # we want that : - # 401eb8: e8 c3 f0 ff ff callq 400f80 <free@plt> - for l in res[1].splitlines(): - # call is for x86 32 bits, callq for x86_64 - if l.find('callq ') >= 0 or l.find('call ') >= 0: - call.append(l.rpartition(' ')[2]) - for index, c in enumerate(call): - if c.find('chroot@plt') >= 0: - for i in call[index-2:index+2]: - if i.find('chdir@plt'): - self.chroot_near_chdir = True + else: self.readelf_error = True printWarning(pkg, 'binaryinfo-readelf-failed', ++++++ issue_68_BinariesCheck_lower_memory-3.patch ++++++ >From f61aab52fdcbdc9096f2346ee4ecf9668d8a0fbc Mon Sep 17 00:00:00 2001 From: StefanBruens <[email protected]> Date: Wed, 29 Jun 2016 18:28:55 +0200 Subject: [PATCH 2/3] Use default bufsize, move regex compile to common place --- BinariesCheck.py | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) Index: rpmlint-rpmlint-1.8/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.8.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.8/BinariesCheck.py @@ -64,6 +64,8 @@ class BinaryInfo: setuid_call_regex = create_regexp_call(['setresuid', 'seteuid', 'setuid']) setgroups_call_regex = create_regexp_call(['initgroups', 'setgroups']) chroot_call_regex = create_regexp_call('chroot') + # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> + objdump_call_regex = re.compile(b'callq?\s(.*)') forbidden_functions = Config.getOption("WarnOnFunction") if forbidden_functions: @@ -234,11 +236,8 @@ class BinaryInfo: if self.chroot and self.chdir: p = subprocess.Popen( ['env', 'LC_ALL=C', 'objdump', '-d', path], - stdout=subprocess.PIPE, bufsize=1) + stdout=subprocess.PIPE, bufsize=-1) with p.stdout: - # we want that : - # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> - objdump_call_regex = re.compile(b'callq?\s(.*)') index = 0 chroot_index = -99 chdir_index = -99 ++++++ issue_68_BinariesCheck_lower_memory-4.patch ++++++ >From 643f42c51f46ed1f377fc099cca818fba2d5a7d0 Mon Sep 17 00:00:00 2001 From: StefanBruens <[email protected]> Date: Wed, 29 Jun 2016 18:38:51 +0200 Subject: [PATCH 3/3] Fix last commit --- BinariesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BinariesCheck.py b/BinariesCheck.py index f19ae29..89517c2 100644 --- a/BinariesCheck.py +++ b/BinariesCheck.py @@ -216,7 +216,7 @@ def __init__(self, pkg, path, file, is_ar, is_shlib): chroot_index = -99 chdir_index = -99 for line in p.stdout: - r = objdump_call_regex.search(line) + r = BinaryInfo.objdump_call_regex.search(line) if not r: continue if b'@plt' not in r.group(1): ++++++ suse-spdx-license-exceptions.patch ++++++ --- /var/tmp/diff_new_pack.q1P1Gm/_old 2017-02-06 15:04:57.872081646 +0100 +++ /var/tmp/diff_new_pack.q1P1Gm/_new 2017-02-06 15:04:57.876081072 +0100 @@ -7,13 +7,13 @@ TagsCheck.py | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) -diff --git a/TagsCheck.py b/TagsCheck.py -index f5b7516..ada84f7 100644 ---- a/TagsCheck.py -+++ b/TagsCheck.py +Index: rpmlint-rpmlint-1.8/TagsCheck.py +=================================================================== +--- rpmlint-rpmlint-1.8.orig/TagsCheck.py ++++ rpmlint-rpmlint-1.8/TagsCheck.py @@ -139,6 +139,34 @@ DEFAULT_VALID_LICENSES = ( 'Shareware', - ) + ) +DEFAULT_VALID_LICENSE_EXCEPTIONS = ( + '389-exception', @@ -46,7 +46,7 @@ BAD_WORDS = { 'alot': 'a lot', 'accesnt': 'accent', -@@ -404,6 +432,7 @@ VALID_GROUPS = Config.getOption('ValidGroups', None) +@@ -404,6 +432,7 @@ VALID_GROUPS = Config.getOption('ValidGr if VALID_GROUPS is None: # get defaults from rpm package only if it's not set VALID_GROUPS = Pkg.get_default_valid_rpmgroups() VALID_LICENSES = Config.getOption('ValidLicenses', DEFAULT_VALID_LICENSES) @@ -54,15 +54,15 @@ INVALID_REQUIRES = map(re.compile, Config.getOption('InvalidRequires', DEFAULT_INVALID_REQUIRES)) packager_regex = re.compile(Config.getOption('Packager')) changelog_version_regex = re.compile('[^>]([^ >]+)\s*$') -@@ -417,6 +446,7 @@ invalid_url_regex = re.compile(Config.getOption('InvalidURL'), re.IGNORECASE) - lib_package_regex = re.compile('(?:^(?:compat-)?lib.*?(\.so.*)?|libs?[\d-]*)$', re.IGNORECASE) +@@ -418,6 +447,7 @@ lib_package_regex = re.compile('(?:^(?:c leading_space_regex = re.compile('^\s+') + pkg_config_regex = re.compile('^/usr/(?:lib\d*|share)/pkgconfig/') license_regex = re.compile('\(([^)]+)\)|\s(?:and|or)\s') +license_exception_regex = re.compile('(\S+)\sWITH\s(\S+)') invalid_version_regex = re.compile('([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE) # () are here for grouping purpose in the regexp forbidden_words_regex = re.compile('(' + Config.getOption('ForbiddenWords') + ')', re.IGNORECASE) -@@ -776,6 +806,10 @@ class TagsCheck(AbstractCheck.AbstractCheck): +@@ -787,6 +817,10 @@ class TagsCheck(AbstractCheck.AbstractCh # printWarning(pkg, 'package-provides-itself') # break @@ -73,7 +73,7 @@ def split_license(license): return (x.strip() for x in (l for l in license_regex.split(license) if l)) -@@ -786,7 +820,17 @@ class TagsCheck(AbstractCheck.AbstractCheck): +@@ -797,7 +831,17 @@ class TagsCheck(AbstractCheck.AbstractCh else: valid_license = True if rpm_license not in VALID_LICENSES: @@ -92,7 +92,7 @@ if l1 in VALID_LICENSES: continue for l2 in split_license(l1): -@@ -1062,6 +1106,11 @@ your specfile.''', +@@ -1073,6 +1117,11 @@ your specfile.''', '''The value of the License tag was not recognized. Known values are: "%s".''' % '", "'.join(VALID_LICENSES), @@ -104,6 +104,3 @@ 'obsolete-not-provided', '''If a package is obsoleted by a compatible replacement, the obsoleted package should also be provided in order to not cause unnecessary dependency breakage. --- -2.7.4 -
