Hello community, here is the log from the commit of package rpmlint.12305 for openSUSE:Leap:15.1:Update checked in at 2020-04-14 08:03:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/rpmlint.12305 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.rpmlint.12305.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rpmlint.12305" Tue Apr 14 08:03:38 2020 rev:1 rq:793408 version:1.10 Changes: -------- New Changes file: --- /dev/null 2020-04-01 01:12:57.297512941 +0200 +++ /work/SRC/openSUSE:Leap:15.1:Update/.rpmlint.12305.new.3248/rpmlint-tests.changes 2020-04-14 08:03:41.739917119 +0200 @@ -0,0 +1,339 @@ +------------------------------------------------------------------- +Mon Apr 15 12:14:50 UTC 2019 - [email protected] + +- fix rpmlint-tests build by reverting changes to reference output that do not + apply on SLE15 (boo#1132530) + (rpmlint-tests-sle15-Revert-Adjust-order-of-output-as-well.patch, + rpmlint-tests-sle15-Revert-adjust-reference-testoutput-for-removal-of-ba.patch, + renamed rpmlint-tests-sle15.patch -> + rpmlint-tests-sle15-Revert-polkit-adjust-reference-output-to-match-corre.patch) + +------------------------------------------------------------------ +Wed Jan 09 19:02:01 UTC 2019 - [email protected] + +- Update to version 84.87+git20181018.60e0249: + * Add test for %tmpfiles_create foo.conf with no full path + +------------------------------------------------------------------- +Tue Jul 03 12:53:18 UTC 2018 - [email protected] + +- Update to version 84.87+git20180703.88daa4e: + * Adjust order of output as well + +------------------------------------------------------------------- +Tue Jul 03 12:45:14 UTC 2018 - [email protected] + +- Update to version 84.87+git20180703.03176da: + * adjust reference testoutput for removal of badness + +------------------------------------------------------------------- +Wed May 9 11:48:47 UTC 2018 - [email protected] + +- add rpmlint-tests-sle15.patch to fix rpmlint-tests build for + sle/leap 15 + +------------------------------------------------------------------- +Tue Feb 20 14:13:28 UTC 2018 - [email protected] + +- Update to version 84.87+git20180220.6f1f0aa: + * polkit: adjust reference output to match corresponding change in rpmlint-checks + +------------------------------------------------------------------- +Sun Feb 18 14:56:22 UTC 2018 - [email protected] + +- Update to version 84.87+git20180218.1142fcc: + * Update polkit ref tests + +------------------------------------------------------------------- +Thu Feb 08 13:49:46 UTC 2018 - [email protected] + +- Update to version 84.87+git20180202.3df4ae7: + * Add testcases for MenuXDGCheck.py + +------------------------------------------------------------------- +Wed Oct 11 11:29:25 UTC 2017 - [email protected] + +- Update to version 84.87+git20171011.8b163ac: + * Trying to fixup the erlang check + +------------------------------------------------------------------- +Wed Oct 11 06:43:46 UTC 2017 - [email protected] + +- Update to version 84.87+git20171011.856375f: + * Add unit test for ErlangCheck + +------------------------------------------------------------------- +Tue Oct 10 12:21:50 UTC 2017 - [email protected] + +- Update to version 84.87+git20171010.a53d9bd: + * Remove appdata related tests, those are upstream now + +------------------------------------------------------------------- +Tue Oct 10 09:19:30 UTC 2017 - [email protected] + +- Update to version 84.87+git20171009.dfac67b: + * Adjust output for enabled non-std group checks + +------------------------------------------------------------------- +Sat Sep 30 16:19:07 UTC 2017 - [email protected] + +- Update to version 84.87+git20170930.921e051: + * Update reference files against rpmlint 1.10 + +------------------------------------------------------------------- +Thu Sep 28 21:16:42 UTC 2017 - [email protected] + +- Update to version 84.87+git20170928.27b6cb3: + * Adjustments for newer rpmlint + drop 0001-Update-varrun-test-for-Leap-42.2-severity-reduction.patch + rpmlint-pie-factory.patch, rpmlint-pie-leap42.patch: + this belongs into git + +------------------------------------------------------------------- +Thu Sep 28 12:47:02 UTC 2017 - [email protected] + +- Update to version 84.87+git20170928.d2c55ee: + * Remove some outdated sysv init check, we have switched to systemd + +------------------------------------------------------------------- +Sun Jul 2 16:30:01 UTC 2017 - [email protected] + +- rpmlint-pie-leap42.patch, rpmlint-pie-factory.patch: + adjust testsuite to match new PIE warning, for both + Leap 42.3 and Factory. + +------------------------------------------------------------------- +Tue Apr 18 13:49:18 UTC 2017 - [email protected] + +- Update to version master: + * remote unused/outdated checks + +------------------------------------------------------------------- +Tue Apr 18 13:49:16 UTC 2017 - [email protected] + +- Update to version 84.87+git20170418.092177d: + * Remove initscript related tests, systemd FTW! + +------------------------------------------------------------------- +Mon Mar 20 14:20:12 UTC 2017 - [email protected] + +- Update to version 84.87+git20170320.f92cea5: + * Adjust for new init script check + +------------------------------------------------------------------- +Thu Mar 09 15:16:52 UTC 2017 - [email protected] + +- Update to version 84.87+git20161214.5500838 + * add checks for shlib-policy-name-error and "no dependency on *lib*" +- remove + 0002-Update-license1-test-for-Leap-42.2-severity-reductio.patch as + rpmlint-Factory-strict is pulled in always. + +------------------------------------------------------------------- +Tue Oct 25 18:32:52 UTC 2016 - [email protected] + +- Patch lint severity reductions for >= Leap 42.2: + 0001-Update-varrun-test-for-Leap-42.2-severity-reduction.patch + 0002-Update-license1-test-for-Leap-42.2-severity-reductio.patch + +------------------------------------------------------------------- +Mon Jul 25 14:27:40 UTC 2016 - [email protected] + +- Update to version 13.2+git20160725.8d99488: + * add check for calls to gethostbyname and similar + * add check for correct invocation of chroot +- remove rpmlint-check-gethostbyname.patch + +------------------------------------------------------------------- +Fri Jul 8 10:54:14 UTC 2016 - [email protected] + +- BuildRequire rpmlint-Factory-strict to have same config on all + releases, fixes failed tests on Tumbleweed + +------------------------------------------------------------------- +Tue Mar 8 22:57:31 UTC 2016 - [email protected] + +- add regression test for boo#970170 + +------------------------------------------------------------------- +Mon Nov 30 14:58:36 UTC 2015 - [email protected] + +- Update to version 13.2+git20151130.b31588d: + + add shared library tests + +------------------------------------------------------------------- +Fri Nov 13 12:27:11 UTC 2015 - [email protected] + +- Update to version 13.2+git20151113.ff9879a: + + adjust for tmpfiles fix + +------------------------------------------------------------------- +Tue Nov 10 12:39:01 UTC 2015 - [email protected] + +- Update to version 13.2+git20151110.e8d6260: + + fixed two new warnings + +------------------------------------------------------------------- +Wed May 20 08:02:15 UTC 2015 - [email protected] + +- Update to version 13.2+git20150520.a374c88: + + add tmpfiles.d checks + +------------------------------------------------------------------- +Tue May 19 12:21:46 UTC 2015 - [email protected] + +- Update to version 13.2+git20150519.278efdf: + + add ghost file checks + + print names of failed tests + +------------------------------------------------------------------- +Tue Apr 21 08:59:43 UTC 2015 - [email protected] + +- Update to version 13.2+git20150410.6161e60: + + build our own non-PIE binaries, as the distribution slowly gets converted to all PIE binaries + (removed rpmlint-pie-fixes.patch) + +------------------------------------------------------------------- +Thu Apr 9 14:00:19 UTC 2015 - [email protected] ++++ 142 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.1:Update/.rpmlint.12305.new.3248/rpmlint-tests.changes New Changes file: --- /dev/null 2020-04-01 01:12:57.297512941 +0200 +++ /work/SRC/openSUSE:Leap:15.1:Update/.rpmlint.12305.new.3248/rpmlint.changes 2020-04-14 08:03:41.775917146 +0200 @@ -0,0 +1,3446 @@ +------------------------------------------------------------------- +Thu Nov 28 11:58:21 UTC 2019 - Malte Kraus <[email protected]> + +- whitelist sssd infopipe (bsc#1157663) +- whitelist sysprof3 D-Bus services (bsc#1151418) + +------------------------------------------------------------------- +Wed Jan 09 19:02:04 UTC 2019 - [email protected] + +- Update rpmlint-checks to version master (bsc#1116686): + * Ignore decoding errors as we're not sure we know the encoding + * Use UTF-8 encoding when opening .pc file (#42) + * whitelist otrs permission file (#41) + * Relax various flake8 warnings + * Handle '-n' option for %service_del_preun %service_del_postun + * There isn't a good standard, whether the directory should be called 'tests/' or 'test/' + +------------------------------------------------------------------- +Wed Jan 2 08:43:03 UTC 2019 - Martin Liška <[email protected]> + +- Add 0001-Backport-d8f423b575e8be387d33bc3af176baf978efacbb.patch + +------------------------------------------------------------------- +Fri Dec 21 17:08:47 UTC 2018 - [email protected] + +- whitelist boltd dbus service (bsc#1119975) + +------------------------------------------------------------------- +Wed Dec 12 20:14:29 UTC 2018 - [email protected] + +- Add user/group 'bird' for package bird (network/bird) + +------------------------------------------------------------------- +Fri Dec 7 17:45:26 UTC 2018 - Todd R <[email protected]> + +- Add xrootd gid and uid whitelist. + This is needed by the latest versions of xrootd. + +------------------------------------------------------------------- +Mon Dec 3 17:12:01 UTC 2018 - [email protected] + +- whitelist pam_slurm_adopt (bsc#1116758) + +------------------------------------------------------------------- +Tue Nov 20 07:53:27 UTC 2018 - [email protected] + +- Add group 'singularity', remove user 'singularity' which was + added mistakenly. + +------------------------------------------------------------------- +Tue Nov 20 07:46:32 UTC 2018 - [email protected] + +- Add user/group 'slurm' for package slurm + (See network:cluster/slurm) (FATE#316379). + +------------------------------------------------------------------- +Fri Nov 16 12:16:18 UTC 2018 - Antonio Larrosa <[email protected]> + +- Add mpd user + +------------------------------------------------------------------- +Fri Nov 16 10:02:30 UTC 2018 - Dirk Mueller <[email protected]> + +- update libtool-wrapper-check.diff to handle inaccessible files + +------------------------------------------------------------------- +Thu Nov 8 12:59:15 UTC 2018 - [email protected] + +- whitelist keepalived dbus service (bsc#1015141) + +------------------------------------------------------------------- +Tue Oct 23 15:15:42 UTC 2018 - [email protected] + +- remove openswan whitelisting (deleted from Factory, replaced by libreswan, + boo#1089340) + +------------------------------------------------------------------- +Wed Oct 17 11:36:51 UTC 2018 - [email protected] + +- whitelist systemd-timesyncd (bsc#1111254) + +------------------------------------------------------------------- +Tue Oct 16 15:31:13 UTC 2018 - [email protected] + +- Update rpmlint-checks to version master: + * Use only one pattern that covers both cases + * Add support to identify tmpfiles_create used with just a basename + +------------------------------------------------------------------- +Mon Oct 08 11:06:11 UTC 2018 - [email protected] + +- Update to version master: + * security checks: add link to openSUSE wiki to error message details + +------------------------------------------------------------------- +Fri Oct 5 16:27:31 UTC 2018 - [email protected] + +- whitelist NetworkManager-fortisslvpn (bsc#1109938) + +------------------------------------------------------------------- +Mon Sep 24 14:37:19 UTC 2018 - [email protected] + +- whitelist iwd D-Bus service (bsc#1108037) + +------------------------------------------------------------------- +Wed Sep 12 19:32:02 UTC 2018 - [email protected] + +- Add new zkeyadm group + +------------------------------------------------------------------- +Mon Sep 3 08:53:06 UTC 2018 - Markos Chandras <[email protected]> + +- Add new firejail group + +------------------------------------------------------------------- +Mon Aug 20 08:53:17 UTC 2018 - [email protected] + +- whitelist xpra D-Bus service (bsc#1102836) + +------------------------------------------------------------------- +Wed Aug 8 08:34:23 UTC 2018 - [email protected] + +- adjust maximum valid suse_version to 1550 (boo#1104110) + +------------------------------------------------------------------- +Fri Jul 20 15:56:52 UTC 2018 - [email protected] + +- whitelist ratbagd D-Bus service (bsc#1076467) + +------------------------------------------------------------------- +Thu Jul 12 14:05:01 UTC 2018 - [email protected] + +- remove unnecessary suse-check-optional-dependencies.diff +- drop CheckBuildDate - does not produce hits and is + relatively slow + +------------------------------------------------------------------- +Wed Jul 11 09:06:31 UTC 2018 - [email protected] + +- add suse-rpmlint-all-pie.patch: refresh to handle the pie-executable + case (rename from rpmlint-all-pie.patch) + +------------------------------------------------------------------- +Mon Jul 9 19:37:57 UTC 2018 - [email protected] + +- drop obsolete suse-no-run-ldconfig.diff, + suse-manpages-for-rc-scripts.diff + +------------------------------------------------------------------- +Thu Jul 5 16:48:30 UTC 2018 - [email protected] + +- whitelist pam_oath PAM module after audit (bsc#1089114) + +------------------------------------------------------------------- +Tue Jul 3 14:09:19 UTC 2018 - [email protected] + +- Add update-magic-values-python-37.patch + Neccessary for update of Python to 3.7 + https://github.com/rpm-software-management/rpmlint/commit/52b715763217 + +------------------------------------------------------------------- +Tue Jul 03 12:30:20 UTC 2018 - [email protected] + +- Update rpmlint-checks to version master: + * New file 5.33 does identify pie executables now (bsc#1097339) +- add 0001-Fix-compatibility-with-file-5.33.patch + +------------------------------------------------------------------- +Mon Jul 2 10:01:36 UTC 2018 - [email protected] + +- Add 'sogo' user and group (used in server:SOGo) + +------------------------------------------------------------------- +Mon Jun 11 16:44:30 UTC 2018 - [email protected] + +- whitelisting NetworkManager-libreswan plugin (bnc#1089340) + +------------------------------------------------------------------- +Mon Jun 4 09:20:38 UTC 2018 - [email protected] + +- add Lua/NodeJS related groups to list of valid groups (bsc#1095769) + +------------------------------------------------------------------- +Mon Jun 04 09:16:19 UTC 2018 - [email protected] + +- Update rpmlint-checks to version master: + * Blacklist python test folder in python packages + * Error out on /etc/bash_completion.d in packages + * Do not use otherproviders() SUSEism + +------------------------------------------------------------------- +Wed May 16 03:26:14 UTC 2018 - [email protected] + +- Add Development/Languages/OCaml group. + +------------------------------------------------------------------- +Fri May 4 17:06:53 UTC 2018 - [email protected] ++++ 3249 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.1:Update/.rpmlint.12305.new.3248/rpmlint.changes New: ---- 0001-Accept-python-abi-as-a-valid-versioned-python-depend.patch 0001-Always-import-XDG-desktop-files-as-utf8.patch 0001-Avoid-calling-close-on-undefined-fd-variable.patch 0001-Avoid-false-positives-on-is_elf-check.patch 0001-Backport-d8f423b575e8be387d33bc3af176baf978efacbb.patch 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch 0001-Execute-chroot-tests-also-on-x86-rpms.patch 0001-Extend-scm_regex-to-capture-more-SCM-system-files.patch 0001-Fix-compatibility-with-file-5.33.patch 0001-Handle-post-scripts-that-contain-non-ascii-character.patch 0001-Improve-XDG-Menu-checks-stability.patch 0001-Tighten-wrong-script-interpreter-check-to-lower-fals.patch 0001-split-wrong-script-interpreter-into-env-script-inter.patch 0003-Tighten-lib_regex-to-avoid-false-positive-in-python-.patch 0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch README.packaging.txt _service _servicedata better-wrong-script.diff buildroot-doc.diff buildroot-in-scripts.diff check-for-self-provides.diff compressed-backup-regex.diff config confusing-invalid-spec-name.diff description-check.diff devel-provide-is-devel-package.diff docdata-examples.diff drop-unicodedata-dep.diff extend-suse-conffiles-check.diff fix-diag-sortorder.diff ignore-readelf-ar-error.diff invalid-filerequires.diff libtool-wrapper-check.diff licenses.config no-badness-return.diff no-doc-for-lib.diff noarch-lib64.diff omit_BUILDROOT_from_pyo_files.patch only-reg-files-are-scripts.diff pie.config remove-ghostfile-checks.diff rpmgroup-checks.diff rpmlint-1.10.tar.gz rpmlint-checks-master.tar.xz rpmlint-slpp-NUM-NUM.patch rpmlint-suse.diff rpmlint-tests-84.87+git20181018.60e0249.tar.xz rpmlint-tests-sle15-Revert-Adjust-order-of-output-as-well.patch rpmlint-tests-sle15-Revert-adjust-reference-testoutput-for-removal-of-ba.patch rpmlint-tests-sle15-Revert-polkit-adjust-reference-output-to-match-corre.patch rpmlint-tests.changes rpmlint-tests.spec rpmlint.changes rpmlint.spec selfconflicts-provide.diff stricter-interpreter-check.diff suse-binarieschecks.diff suse-checks.diff suse-filter-exception.diff suse-filter-more-verbose.diff suse-ignore-specfile-errors.diff suse-pkg-config-check.diff suse-python3-naming-policy.diff suse-rpmlint-all-pie.patch suse-shlib-devel-dependency.diff suse-skip-macro-expansion.diff suse-spdx-license-exceptions.patch suse-speccheck-utf8.diff suse-tests-without-badness.patch suse-url-check.diff suse-version.diff suse-whitelist-opensuse.diff syntax-validator.py update-magic-values-python-37.patch usr-arch.diff yast-provides.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rpmlint-tests.spec ++++++ # # spec file for package rpmlint-tests # # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # # icecream 0 #!BuildIgnore: post-build-checks brp-check-suse BuildRequires: erlang BuildRequires: rpmlint-Factory-strict BuildRequires: rpmlint-mini Name: rpmlint-tests Version: 84.87+git20181018.60e0249 Release: 0 Summary: rpmlint regression tests License: SUSE-Public-Domain Group: Development/Tools/Building BuildRoot: %{_tmppath}/%{name}-%{version}-build Url: http://www.opensuse.org/ Source: rpmlint-tests-%version.tar.xz Patch0: rpmlint-tests-sle15-Revert-polkit-adjust-reference-output-to-match-corre.patch Patch1: rpmlint-tests-sle15-Revert-Adjust-order-of-output-as-well.patch Patch2: rpmlint-tests-sle15-Revert-adjust-reference-testoutput-for-removal-of-ba.patch %description This package doesn't actually contain any files and is not meant to be installed. It's only useful in the opensuse build service to run regression tests against rpmlint(-mini). %prep %autosetup -p1 %build mkdir rpms make test %install %changelog ++++++ rpmlint.spec ++++++ # # spec file for package rpmlint # # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: rpmlint Version: 1.10 Release: 0 Summary: RPM file correctness checker License: GPL-2.0-or-later Group: System/Packages Url: https://github.com/rpm-software-management/rpmlint Source0: https://github.com/rpm-software-management/rpmlint/archive/rpmlint-%{version}.tar.gz Source1: rpmlint-checks-master.tar.xz Source2: config Source11: pie.config Source12: licenses.config Source99: README.packaging.txt Source100: syntax-validator.py Patch00: rpmlint-suse.diff Patch01: suse-checks.diff Patch02: suse-version.diff Patch03: suse-url-check.diff Patch04: suse-python3-naming-policy.diff Patch05: suse-tests-without-badness.patch Patch06: suse-pkg-config-check.diff Patch07: suse-binarieschecks.diff Patch08: no-doc-for-lib.diff Patch09: suse-filter-exception.diff Patch10: suse-spdx-license-exceptions.patch Patch11: suse-skip-macro-expansion.diff Patch20: usr-arch.diff Patch23: suse-filter-more-verbose.diff Patch24: docdata-examples.diff Patch25: yast-provides.diff Patch27: better-wrong-script.diff Patch28: buildroot-doc.diff Patch29: rpmgroup-checks.diff Patch30: devel-provide-is-devel-package.diff Patch31: only-reg-files-are-scripts.diff Patch32: buildroot-in-scripts.diff Patch33: libtool-wrapper-check.diff Patch35: noarch-lib64.diff Patch37: description-check.diff Patch38: 0001-Tighten-wrong-script-interpreter-check-to-lower-fals.patch Patch39: selfconflicts-provide.diff Patch40: no-badness-return.diff Patch41: suse-shlib-devel-dependency.diff Patch42: 0001-Improve-XDG-Menu-checks-stability.patch Patch43: stricter-interpreter-check.diff Patch44: confusing-invalid-spec-name.diff Patch48: suse-whitelist-opensuse.diff Patch49: extend-suse-conffiles-check.diff Patch50: compressed-backup-regex.diff Patch51: suse-speccheck-utf8.diff Patch52: 0001-Accept-python-abi-as-a-valid-versioned-python-depend.patch Patch54: suse-ignore-specfile-errors.diff Patch55: invalid-filerequires.diff Patch57: check-for-self-provides.diff Patch58: remove-ghostfile-checks.diff Patch59: 0001-Extend-scm_regex-to-capture-more-SCM-system-files.patch Patch60: 0003-Tighten-lib_regex-to-avoid-false-positive-in-python-.patch Patch61: 0001-Execute-chroot-tests-also-on-x86-rpms.patch Patch62: ignore-readelf-ar-error.diff Patch63: fix-diag-sortorder.diff Patch64: drop-unicodedata-dep.diff Patch65: 0001-split-wrong-script-interpreter-into-env-script-inter.patch Patch66: 0001-Handle-post-scripts-that-contain-non-ascii-character.patch Patch67: omit_BUILDROOT_from_pyo_files.patch Patch68: 0001-Avoid-false-positives-on-is_elf-check.patch Patch69: 0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch Patch71: 0001-Avoid-calling-close-on-undefined-fd-variable.patch Patch72: rpmlint-slpp-NUM-NUM.patch Patch73: 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch Patch74: 0001-Always-import-XDG-desktop-files-as-utf8.patch Patch75: 0001-Fix-compatibility-with-file-5.33.patch Patch76: update-magic-values-python-37.patch Patch77: suse-rpmlint-all-pie.patch Patch78: 0001-Backport-d8f423b575e8be387d33bc3af176baf978efacbb.patch BuildRequires: obs-service-format_spec_file BuildRequires: python3-flake8 BuildRequires: python3-pytest BuildRequires: python3-rpm BuildRequires: xz #!BuildIgnore: rpmlint-mini Requires: %{_bindir}/readelf Requires: bash Requires: checkbashisms Requires: cpio Requires: dash Requires: desktop-file-utils Requires: file Requires: findutils Requires: python3-magic Requires: python3-pybeam Requires: python3-rpm Requires: python3-xml BuildArch: noarch %description rpmlint is a tool to check common errors on RPM packages. Binary and source packages can be checked. %prep %autosetup -n rpmlint-rpmlint-%{version} -a1 -p1 cp -p %{SOURCE2} . chmod a-x rpmlint-checks-master/*.py # Only move top-level python files mv rpmlint-checks-master/*.py . %build make %{?_smp_mflags} PYTHON=%{_bindir}/python3 %install %make_install PYTHON=%{_bindir}/python3 # the provided bash-completion does not work and only prints bash errors rm -rf %{buildroot}%{_sysconfdir}/bash_completion.d mv %{buildroot}%{_sysconfdir}/rpmlint/config %{buildroot}%{_datadir}/rpmlint/config head -n 8 %{buildroot}%{_datadir}/rpmlint/config > %{buildroot}%{_sysconfdir}/rpmlint/config # make sure that the package is sane for f in %{buildroot}%{_datadir}/rpmlint/*.py %{buildroot}%{_datadir}/rpmlint/config; do echo $f env LC_ALL=C.utf8 python3 -tt %{SOURCE100} $f done install -m 644 %{SOURCE11} %{buildroot}/%{_sysconfdir}/rpmlint/ cp %{SOURCE12} licenses.config # note there is a tab character behind the -d, so don't copy&paste lightly cut '-d ' -f1 %{_prefix}/lib/obs/service/format_spec_file.files/licenses_changes.txt | tail -n +2 | sort -u | while read l; do sed -i -e "s/\(#VALIDLICENSES\)/\1\n '$l',/" licenses.config done # add some deprecated licenses we allow for now for l in AGPL-3.0 AGPL-3.0+ GFDL-1.1 GFDL-1.1+ GFDL-1.2 GFDL-1.2+ GFDL-1.3 GFDL-1.3+ GPL-3.0-with-GCC-exception \ GPL-2.0-with-classpath-exception GPL-2.0-with-font-exception SUSE-LGPL-2.1+-with-GCC-exception SUSE-NonFree \ GPL-1.0+ GPL-1.0 GPL-2.0+ GPL-2.0 GPL-3.0+ GPL-3.0 LGPL-2.0 LGPL-2.0+ LGPL-2.1+ LGPL-2.1 LGPL-3.0+ LGPL-3.0; do sed -i -e "s/\(#VALIDLICENSES\)/\1\n '$l',/" licenses.config done install -m 644 licenses.config %{buildroot}/%{_sysconfdir}/rpmlint/ %check env PYTHON=%{_bindir}/python3 ./test.sh %files %license COPYING %doc README* %{_bindir}/rpmlint %{_bindir}/rpmdiff %{_datadir}/rpmlint %config(noreplace) %{_sysconfdir}/rpmlint/config %config %{_sysconfdir}/rpmlint/pie.config %config %{_sysconfdir}/rpmlint/licenses.config %dir %{_sysconfdir}/rpmlint %{_mandir}/man1/rpmlint.1%{ext_man} %{_mandir}/man1/rpmdiff.1%{ext_man} %changelog ++++++ 0001-Accept-python-abi-as-a-valid-versioned-python-depend.patch ++++++ >From 534ce885e7a1529e0729dc0ae3ef75a64324583b Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sat, 21 Oct 2017 19:24:09 +0200 Subject: [PATCH] Accept python(abi) as a valid versioned python dependency On (open)SUSE the build environment properly generates a requires python(abi) = x.y, so accept that to silence the warning. --- FilesCheck.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/FilesCheck.py b/FilesCheck.py index abb3fa7..2ece474 100644 --- a/FilesCheck.py +++ b/FilesCheck.py @@ -717,10 +717,10 @@ class FilesCheck(AbstractCheck.AbstractCheck): if not python_dep_error: res = python_regex.search(f) - if res and not (pkg.check_versioned_dep('python-base', - res.group(1)) or - pkg.check_versioned_dep('python', - res.group(1))): + if (res and not + any((pkg.check_versioned_dep(dep, res.group(1)) + for dep in ( + 'python', 'python-base', 'python(abi)')))): printError(pkg, 'no-dependency-on', 'python-base', res.group(1)) python_dep_error = True -- 2.14.2 ++++++ 0001-Always-import-XDG-desktop-files-as-utf8.patch ++++++ >From e090267a175d2f2d52128c780108835f36d1ef1e Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sun, 18 Feb 2018 15:23:39 +0100 Subject: [PATCH] Always import XDG desktop files as utf8 Don't rely on them being entirely ASCII or the system locale. --- MenuXDGCheck.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/MenuXDGCheck.py b/MenuXDGCheck.py index 66912ea..d4418a9 100644 --- a/MenuXDGCheck.py +++ b/MenuXDGCheck.py @@ -6,6 +6,7 @@ # http://standards.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html # +import codecs import os try: import ConfigParser as cfgparser @@ -30,7 +31,7 @@ class MenuXDGCheck(AbstractCheck.AbstractFilesCheck): def parse_desktop_file(self, pkg, root, f, filename): cfp = cfgparser.RawConfigParser() try: - with open(f, 'rb') as inputf: + with codecs.open(f, encoding='utf-8') as inputf: cfp.readfp(inputf, filename) except cfgparser.DuplicateSectionError as e: printError( -- 2.16.1 ++++++ 0001-Avoid-calling-close-on-undefined-fd-variable.patch ++++++ >From 49611f900047d5397ebbbdb0ed5299580337ea34 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Wed, 1 Nov 2017 13:59:01 +0100 Subject: [PATCH] Avoid calling close on undefined fd variable It can happen that open did through an OSError but then the corresponding close UnknownVariableError wasn't caught. we can fix that by putting both in the same try/exception block, which also cleans up the code a bit. --- Pkg.py | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/Pkg.py b/Pkg.py index 47197c9..2622f9a 100644 --- a/Pkg.py +++ b/Pkg.py @@ -719,16 +719,11 @@ class Pkg(AbstractPkg): # use descriptor() method instead try: fd = os.open(pkgfile.path, os.O_RDONLY) - except OSError: - if not pkgfile.is_ghost: - raise - else: pkgfile.magic = b2s(_magic.descriptor(fd)) - # libmagic up to 5.18 already closes the descriptor - try: os.close(fd) except OSError: - pass + if not pkgfile.is_ghost: + raise if pkgfile.magic is None: pkgfile.magic = '' elif Pkg._magic_from_compressed_re.search(pkgfile.magic): -- 2.14.2 ++++++ 0001-Avoid-false-positives-on-is_elf-check.patch ++++++ >From 5a0f99a9f522944a0933cd06f9010a96bef9b7b3 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Tue, 10 Oct 2017 11:02:57 +0200 Subject: [PATCH] Avoid false positives on is_elf check "symbolic link to `SELF-WE-PD-XXL.wings'" matched the "ELF" in magic logic. So make it more strict by enforcing that the magic needs to start with "ELF " which seems to match everywhere (PIE executables, normal executables, ELF libs). --- BinariesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -372,7 +372,7 @@ class BinariesCheck(AbstractCheck.Abstra (fname.startswith("/usr/lib64") or fname.startswith("/lib64")): file_in_lib64 = True - is_elf = 'ELF' in pkgfile.magic + is_elf = pkgfile.magic.startswith('ELF ') is_ar = 'current ar archive' in pkgfile.magic is_ocaml_native = 'Objective caml native' in pkgfile.magic is_lua_bytecode = 'Lua bytecode' in pkgfile.magic ++++++ 0001-Backport-d8f423b575e8be387d33bc3af176baf978efacbb.patch ++++++ >From 790482dbc83f6cd67d29697ce6904dfc962bf576 Mon Sep 17 00:00:00 2001 From: marxin <[email protected]> Date: Wed, 2 Jan 2019 13:22:40 +0100 Subject: [PATCH] Backport d8f423b575e8be387d33bc3af176baf978efacbb: Come up with lto-bytecode check for ELF files. --- BinariesCheck.py | 14 +++++++++++++- .../libreiserfscore-devel-3.6.27-0.x86_64.rpm | Bin 0 -> 1005964 bytes test/test_binaries.py | 5 +++++ 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 test/binary/libreiserfscore-devel-3.6.27-0.x86_64.rpm Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -71,6 +71,7 @@ class BinaryInfo(object): chdir_call_regex = create_regexp_call('chdir') mktemp_call_regex = create_regexp_call('mktemp') + lto_section_name_prefix = '.gnu.lto_.' def __init__(self, pkg, path, file, is_ar, is_shlib): self.readelf_error = False @@ -90,6 +91,7 @@ class BinaryInfo(object): self.debuginfo = False self.symtab = False self.tail = '' + self.lto_sections = False self.setgid = False self.setuid = False @@ -116,6 +118,9 @@ class BinaryInfo(object): if not res[0]: lines = res[1].splitlines() for l in lines: + if BinaryInfo.lto_section_name_prefix in l: + self.lto_sections = True + r = BinaryInfo.needed_regex.search(l) if r: self.needed.append(r.group(1)) @@ -513,6 +518,9 @@ class BinariesCheck(AbstractCheck.Abstra for ec in bin_info.exit_calls: printWarning(pkg, 'shared-lib-calls-exit', fname, ec) + if bin_info.lto_sections: + printError(pkg, 'lto-bytecode', fname) + for ec in bin_info.forbidden_calls: printWarning(pkg, ec, fname, BinaryInfo.forbidden_functions[ec]['f_name']) @@ -835,7 +843,11 @@ upstream to have this issue fixed.''', '''This executable should be stripped from debugging symbols, in order to take less space and be loaded faster. This is usually done automatically at buildtime by rpm. Check the build logs and the permission on the file (some -implementations only strip if the permission is 0755).''' +implementations only strip if the permission is 0755).''', + +'lto-bytecode', +'''This executable contains a LTO section. LTO bytecode is not portable +and should not be distributed in static libraries or e.g. Python modules.''', ) # BinariesCheck.py ends here ++++++ 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch ++++++ >From 5237c197f56698d55fd1d18f8127f6e947350d80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <[email protected]> Date: Wed, 11 Oct 2017 16:29:21 +0200 Subject: [PATCH] Binariescheck: Check for chroot/chdir on ARM, PPC The assembly on ARM looks almost the same as the x86 assembly, but with a branch mnemonic (bl) instead of an explicit call. On PPC, library function calls use jump tables, so the vicinity check does not work, but we can at least detect a sole chroot without chdir. --- BinariesCheck.py | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/BinariesCheck.py b/BinariesCheck.py index bd75558..8d224a8 100644 --- a/BinariesCheck.py +++ b/BinariesCheck.py @@ -54,8 +54,6 @@ class BinaryInfo(object): setuid_call_regex = create_regexp_call(r'set(?:res|e)?uid') setgroups_call_regex = create_regexp_call(r'(?:ini|se)tgroups') chroot_call_regex = create_regexp_call('chroot') - # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> - objdump_call_regex = re.compile(br'callq?\s(.*)') debuginfo_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.debug_.*\s+') symtab_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.symtab\s+') gethostbyname_call_regex = create_regexp_call(r'(gethostbyname|gethostbyname2|gethostbyaddr|gethostbyname_r|gethostbyname2_r|gethostbyaddr_r)') @@ -96,6 +94,16 @@ class BinaryInfo(object): self.mktemp = False is_debug = path.endswith('.debug') + # Currently this implementation works only on specific + # architectures due to reliance on arch specific assembly. + if pkg.arch in ['armv6hl', 'armv7hl', 'aarch64']: + # 10450: ebffffec bl 10408 <chroot@plt> + BinaryInfo.objdump_call_regex = re.compile(br'\sbl\s+(.*)') + elif (pkg.arch.endswith('86') or pkg.arch == 'x86_64'): + # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> + BinaryInfo.objdump_call_regex = re.compile(br'callq?\s(.*)') + else: + BinaryInfo.objdump_call_regex = None res = Pkg.getstatusoutput( ('readelf', '-W', '-S', '-l', '-d', '-s', path)) @@ -204,10 +212,13 @@ class BinaryInfo(object): # check if chroot is near chdir (since otherwise, chroot is called # without chdir) - # Currently this implementation works only on x86_64 due to reliance - # on x86_64 specific assembly. Skip it on other architectures - if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and - self.chroot and self.chdir): + if not BinaryInfo.objdump_call_regex and self.chroot and self.chdir: + # On some architectures, e.g. PPC, it is to difficult to + # find the actual invocations of chroot/chdir, if both + # exist assume chroot is fine + self.chroot_near_chdir = True + + elif self.chroot and self.chdir: p = subprocess.Popen(('objdump', '-d', path), stdout=subprocess.PIPE, bufsize=-1, env=dict(os.environ, LC_ALL="C")) @@ -537,9 +548,8 @@ class BinariesCheck(AbstractCheck.AbstractCheck): printError(pkg, 'missing-call-to-setgroups-before-setuid', fname) - if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and bin_info.chroot): - if not bin_info.chdir or not bin_info.chroot_near_chdir: - printError(pkg, 'missing-call-to-chdir-with-chroot', fname) + if bin_info.chroot and not bin_info.chroot_near_chdir: + printError(pkg, 'missing-call-to-chdir-with-chroot', fname) if bin_info.mktemp: printError(pkg, 'call-to-mktemp', fname) -- 2.14.2 ++++++ 0001-Execute-chroot-tests-also-on-x86-rpms.patch ++++++ >From 9140901be1ab2c41df6ec7b21bd68e2e695b201f Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Thu, 28 Sep 2017 23:59:34 +0200 Subject: [PATCH] Execute chroot tests also on x86 rpms x86 and x86_64 are reasonably similar, so this is safe to do. --- BinariesCheck.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -223,7 +223,8 @@ class BinaryInfo(object): # without chdir) # Currently this implementation works only on x86_64 due to reliance # on x86_64 specific assembly. Skip it on other architectures - if pkg.arch == 'x86_64' and self.chroot and self.chdir: + if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and + self.chroot and self.chdir): p = subprocess.Popen(('objdump', '-d', path), stdout=subprocess.PIPE, bufsize=-1, env=dict(os.environ, LC_ALL="C")) @@ -578,7 +579,7 @@ class BinariesCheck(AbstractCheck.Abstra printError(pkg, 'missing-call-to-setgroups-before-setuid', fname) - if pkg.arch == 'x86_64' and bin_info.chroot: + if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and bin_info.chroot): if not bin_info.chdir or not bin_info.chroot_near_chdir: printError(pkg, 'missing-call-to-chdir-with-chroot', fname) ++++++ 0001-Extend-scm_regex-to-capture-more-SCM-system-files.patch ++++++ >From 1d70b641e5f755de72b0fa0059d4979a79f9553c Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Thu, 28 Sep 2017 22:16:30 +0200 Subject: [PATCH 1/3] Extend scm_regex to capture more SCM system files Also add unit test coverage for it. --- FilesCheck.py | 4 +++- test/test_files.py | 10 ++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -202,7 +202,9 @@ ldconfig_regex = re.compile(r'^[^#]*ldco depmod_regex = re.compile(r'^[^#]*depmod', re.MULTILINE) install_info_regex = re.compile(r'^[^#]*install-info', re.MULTILINE) perl_temp_file_regex = re.compile(r'.*perl.*/(\.packlist|perllocal\.pod)$') -scm_regex = re.compile(r'/CVS/[^/]+$|/\.(bzr|cvs|git|hg)ignore$|/\.hgtags$|/\.(bzr|git|hg|svn)/|/(\.arch-ids|{arch})/') +scm_regex = re.compile( + r'/(?:RCS|CVS)/[^/]+$|/\.(?:bzr|cvs|git|hg|svn)ignore$|' + r',v$|/\.hgtags$|/\.(?:bzr|git|hg|svn)/|/(?:\.arch-ids|{arch})/') games_path_regex = re.compile(r'^/usr(/lib(64)?)?/games/') games_group_regex = re.compile(Config.getOption('RpmGamesGroups', DEFAULT_GAMES_GROUPS)) dangling_exceptions = Config.getOption('DanglingSymlinkExceptions', DEFAULT_DANGLING_EXCEPTIONS) Index: rpmlint-rpmlint-1.10/test/test_files.py =================================================================== --- rpmlint-rpmlint-1.10.orig/test/test_files.py +++ rpmlint-rpmlint-1.10/test/test_files.py @@ -52,3 +52,13 @@ def test_script_interpreter(): assert se(b"#! /usr/bin/perl -wT \n") == ("/usr/bin/perl", "-wT") assert se(b"#!/usr/bin/env python3 foo") == ("/usr/bin/env", "python3 foo") assert se(b"# something here\n#!not a shebang") == (None, "") + + +def test_scm_regex(): + from FilesCheck import scm_regex + + assert scm_regex.search('/foo/CVS/bar') + assert scm_regex.search('/foo/RCS/bar') + assert scm_regex.search('/bar/foo,v') + assert scm_regex.search('bar/.svnignore') + assert scm_regex.search('bar/.git/refs') ++++++ 0001-Fix-compatibility-with-file-5.33.patch ++++++ >From 6497ac4806c2178a19d23203016cbdb6f7f45825 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Tue, 3 Jul 2018 14:24:01 +0200 Subject: [PATCH] Fix compatibility with file 5.33+ In file 5.33 the pkgfile magic output for pie executables changed from ELF 64-bit LSB shared object to ELF 64-bit LSB pie executable x86-64 So we need to treat "pie executable" as an equivalent file magic type for the purpose of PIE executable detection. --- BinariesCheck.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -525,6 +525,7 @@ class BinariesCheck(AbstractCheck.Abstra is_exec = 'executable' in pkgfile.magic is_shobj = 'shared object' in pkgfile.magic + is_pie_exec = 'pie executable' in pkgfile.magic if not is_exec and not is_shobj: continue @@ -542,7 +543,8 @@ class BinariesCheck(AbstractCheck.Abstra if ocaml_mixed_regex.search(bin_info.tail): printWarning(pkg, 'ocaml-mixed-executable', fname) - if not is_shobj and pie_exec_re and pie_exec_re.search(fname): + if ((not is_shobj and not is_pie_exec) and + pie_exec_re and pie_exec_re.search(fname)): printError(pkg, 'non-position-independent-executable', fname) ++++++ 0001-Handle-post-scripts-that-contain-non-ascii-character.patch ++++++ >From 53b868fcaba87016c623f47e8d40e09f4fccaafa Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Wed, 4 Oct 2017 14:40:02 +0200 Subject: [PATCH] Handle %post scripts that contain non-ascii characters when running LC_ALL=C and python3 this otherwise traces with: File "rpmlint/PostCheck.py", line 83, in check_syntax_script tmpfile.write(script) UnicodeEncodeError: 'ascii' codec can't encode character '\xfc' in position 16: ordinal not in range(128) Add test coverage. --- PostCheck.py | 31 +++++++++++++++++------------ test/binary/Nonutfpostcheck-0-0.x86_64.rpm | Bin 0 -> 6028 bytes 2 files changed, 18 insertions(+), 13 deletions(-) create mode 100644 test/binary/Nonutfpostcheck-0-0.x86_64.rpm Index: rpmlint-rpmlint-1.10/PostCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/PostCheck.py +++ rpmlint-rpmlint-1.10/PostCheck.py @@ -10,6 +10,7 @@ import os import re +import tempfile import rpm @@ -78,7 +79,8 @@ def check_syntax_script(prog, commandlin if not script: return False # TODO: test that "prog" is available/executable - tmpfile, tmpname = Pkg.mktemp() + tmpfd, tmpname = tempfile.mkstemp(prefix='rpmlint.') + tmpfile = os.fdopen(tmpfd, 'wb') try: tmpfile.write(script) tmpfile.close() @@ -105,35 +107,38 @@ class PostCheck(AbstractCheck.AbstractCh prog = pkg.scriptprog(tag[1]) if prog: prog = prog.split()[0] - self.check_aux(pkg, files, prog, script, tag[2], prereq) + self.check_aux(pkg, files, prog, pkg.header[tag[0]], + tag[2], prereq) else: prog = pkg[tag[1]] for idx in range(0, len(prog)): self.check_aux( - pkg, files, prog[idx], script[idx], tag[2], prereq) + pkg, files, prog[idx], + pkg.header[tag[0]][idx], tag[2], prereq) def check_aux(self, pkg, files, prog, script, tag, prereq): if script: + script_str = Pkg.b2s(script) if prog: if prog not in valid_shells: printError(pkg, 'invalid-shell-in-' + tag, prog) if prog in empty_shells: printError(pkg, 'non-empty-' + tag, prog) if prog in syntaxcheck_shells or prog == '/usr/bin/perl': - if percent_regex.search(script): + if percent_regex.search(script_str): printWarning(pkg, 'percent-in-' + tag) - if bracket_regex.search(script): + if bracket_regex.search(script_str): printWarning(pkg, 'spurious-bracket-in-' + tag) - res = dangerous_command_regex.search(script) + res = dangerous_command_regex.search(script_str) if res: printWarning(pkg, 'dangerous-command-in-' + tag, res.group(2)) - res = selinux_regex.search(script) + res = selinux_regex.search(script_str) if res: printError(pkg, 'forbidden-selinux-command-in-' + tag, res.group(2)) - if 'update-menus' in script: + if 'update-menus' in script_str: menu_error = True for f in files: if menu_regex.search(f): @@ -142,10 +147,10 @@ class PostCheck(AbstractCheck.AbstractCh if menu_error: printError(pkg, 'update-menus-without-menu-file-in-' + tag) - if tmp_regex.search(script): + if tmp_regex.search(script_str): printError(pkg, 'use-tmp-in-' + tag) for c in prereq_assoc: - if c[0].search(script): + if c[0].search(script_str): found = False for p in c[1]: if p in prereq or p in files: @@ -157,9 +162,9 @@ class PostCheck(AbstractCheck.AbstractCh if prog in syntaxcheck_shells: if incorrect_shell_script(prog, script): printError(pkg, 'shell-syntax-error-in-' + tag) - if home_regex.search(script): + if home_regex.search(script_str): printError(pkg, 'use-of-home-in-' + tag) - res = bogus_var_regex.search(script) + res = bogus_var_regex.search(script_str) if res: printWarning(pkg, 'bogus-variable-use-in-' + tag, res.group(1)) @@ -168,7 +173,7 @@ class PostCheck(AbstractCheck.AbstractCh if incorrect_perl_script(prog, script): printError(pkg, 'perl-syntax-error-in-' + tag) elif prog.endswith('sh'): - res = single_command_regex.search(script) + res = single_command_regex.search(script_str) if res: printWarning(pkg, 'one-line-command-in-' + tag, res.group(1)) ++++++ 0001-Improve-XDG-Menu-checks-stability.patch ++++++ >From 8de78fa8b0cd9a2fe4156b841429ac8d55b39909 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Fri, 29 Sep 2017 09:12:33 +0200 Subject: [PATCH] Improve XDG Menu checks stability Running RawConfigParser on untrusted input can cause a lot of exceptions. Handle them gracefully and raise appropriate rpmlint errors. Also separate the code a little and cleaning it up. --- MenuXDGCheck.py | 84 ++++++++++++++++++++++++++---------- test/binary/menuxdg1-0-0.noarch.rpm | Bin 0 -> 6555 bytes test/test_menuxdg.py | 17 ++++++++ 3 files changed, 78 insertions(+), 23 deletions(-) create mode 100644 test/binary/menuxdg1-0-0.noarch.rpm create mode 100644 test/test_menuxdg.py Index: rpmlint-rpmlint-1.10/MenuXDGCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/MenuXDGCheck.py +++ rpmlint-rpmlint-1.10/MenuXDGCheck.py @@ -8,9 +8,9 @@ import os try: - from ConfigParser import RawConfigParser -except: - from configparser import RawConfigParser + import ConfigParser as cfgparser +except ImportError: + import configparser as cfgparser import AbstractCheck from Filter import addDetails, printError, printWarning @@ -25,7 +25,52 @@ class MenuXDGCheck(AbstractCheck.Abstrac # $ echo $XDG_DATA_DIRS/applications # /var/lib/menu-xdg:/usr/share AbstractCheck.AbstractFilesCheck.__init__( - self, "MenuXDGCheck", r"/usr/share/applications/.*\.desktop$") + self, "MenuXDGCheck", r'(?:/usr|/etc/opt|/opt/.*)/share/applications/.*\.desktop$') + + def parse_desktop_file(self, pkg, root, f, filename): + cfp = cfgparser.RawConfigParser() + try: + with open(f, 'rb') as inputf: + cfp.readfp(inputf, filename) + except cfgparser.DuplicateSectionError as e: + printError( + pkg, 'desktopfile-duplicate-section', filename, + '[%s]' % e.section) + except cfgparser.MissingSectionHeaderError: + printError( + pkg, 'desktopfile-missing-header', filename) + except cfgparser.Error as e: + # Only in Python >= 3.2 + if (hasattr(cfgparser, 'DuplicateOptionError') and + isinstance(e, cfgparser.DuplicateOptionError)): + printError( + pkg, 'desktopfile-duplicate-option', filename, + '[%s]/%s' % (e.section, e.option)) + else: + printWarning( + pkg, 'invalid-desktopfile', filename, + e.message.partition(':')[0]) + except UnicodeDecodeError as e: + printWarning( + pkg, 'invalid-desktopfile', filename, 'No valid Unicode') + else: + binary = None + if cfp.has_option('Desktop Entry', 'Exec'): + binary = cfp.get('Desktop Entry', 'Exec').partition(' ')[0] + if binary: + found = False + if binary.startswith('/'): + found = os.path.exists(root + binary) + else: + for i in STANDARD_BIN_DIRS: + if os.path.exists(root + i + '/' + binary): + # no need to check if the binary is +x, rpmlint does it + # in another place + found = True + break + if not found: + printWarning( + pkg, 'desktopfile-without-binary', filename, binary) def check_file(self, pkg, filename): root = pkg.dirName() @@ -43,25 +88,7 @@ class MenuXDGCheck(AbstractCheck.Abstrac if not is_utf8(f): printError(pkg, 'non-utf8-desktopfile', filename) - cfp = RawConfigParser() - cfp.read(f) - binary = None - if cfp.has_option('Desktop Entry', 'Exec'): - binary = cfp.get('Desktop Entry', 'Exec').split(' ', 1)[0] - if binary: - found = False - if binary.startswith('/'): - found = os.path.exists(root + binary) - else: - for i in STANDARD_BIN_DIRS: - if os.path.exists(root + i + binary): - # no need to check if the binary is +x, rpmlint does it - # in another place - found = True - break - if not found: - printWarning(pkg, 'desktopfile-without-binary', filename, - binary) + self.parse_desktop_file(pkg, root, f, filename) check = MenuXDGCheck() @@ -76,4 +103,15 @@ addDetails( 'desktopfile-without-binary', '''the .desktop file is for a file not present in the package. You should check the requires or see if this is not a error''', + +'desktopfile-duplicate-section', +'''The .desktop file contains the mentioned section name twice, which +can trigger parsing ambiguities. Remove the duplicate.''', + +'desktopfile-duplicate-option', +'''The .desktop file contains the mentioned option key twice, +which can trigger parsing ambiguities. Remove the duplicate.''', + +'desktopfile-missing-header', +'''The .desktop file should start with a section header.''', ) ++++++ 0001-Tighten-wrong-script-interpreter-check-to-lower-fals.patch ++++++ >From 3433a3cc77a05af3a7e0588899f61028b5546e64 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sun, 1 Oct 2017 14:00:26 +0200 Subject: [PATCH] Tighten wrong-script-interpreter check to lower false positives The check wasn't looking if the file is actually marked as executable or in one of the known-scripts-only directories. Without this patch, the check will fire on documentation examples that just happen to be detected as script, but where the shebang isn't actually captured by the find_requires rpm scripts. Omit warning about those, as there are more likely legitimate reasons. --- FilesCheck.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -861,7 +861,10 @@ class FilesCheck(AbstractCheck.AbstractC elif interpreter or mode_is_exec or script_regex.search(f): if interpreter: res = interpreter_regex.search(interpreter) - if (res and res.group(1) == 'env') or not res: + is_wrong_interpreter = (not res or (res and + res.group(1) == 'env')) + if ((mode_is_exec or script_regex.search(f)) and + is_wrong_interpreter): printError(pkg, 'wrong-script-interpreter', f, interpreter, interpreter_args) elif not nonexec_file and not \ ++++++ 0001-split-wrong-script-interpreter-into-env-script-inter.patch ++++++ >From a4618650898aece5c4838e71853310b54f6e29fa Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sun, 1 Oct 2017 22:08:20 +0200 Subject: [PATCH] split wrong-script-interpreter into env-script-interpreter For mere mortals, details message for wrong-script-interpreter does not explain why the env as shebang is an issue. Splitting that case into a separate diagnostic allows a more detailed info message alongside that gives a better rationale. --- FilesCheck.py | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -863,12 +863,15 @@ class FilesCheck(AbstractCheck.AbstractC elif interpreter or mode_is_exec or script_regex.search(f): if interpreter: res = interpreter_regex.search(interpreter) - is_wrong_interpreter = (not res or (res and - res.group(1) == 'env')) - if ((mode_is_exec or script_regex.search(f)) and - is_wrong_interpreter): - printError(pkg, 'wrong-script-interpreter', - f, interpreter, interpreter_args) + if (mode_is_exec or script_regex.search(f)): + if res and res.group(1) == 'env': + printError(pkg, 'env-script-interpreter', + f, interpreter, + interpreter_args) + elif not res: + printError(pkg, 'wrong-script-interpreter', + f, interpreter, + interpreter_args) elif not nonexec_file and not \ (lib_path_regex.search(f) and f.endswith('.la')): @@ -1303,6 +1306,22 @@ Alternatively, if the file isn't suppose it is not marked as being executable. ''', +'env-script-interpreter', +'''This script uses 'env' as an interpreter. +For the rpm runtime dependency detection to work, the shebang +#!/usr/bin/env python + +needs to be patched into +#!/usr/bin/python + +otherwise the package dependency generator merely adds a dependency +on /usr/bin/env rather than the actual interpreter /usr/bin/python. + +Alternatively, if the file should not be executed, then ensure that +it is not marked as executable or don't install it in a path that +is reserved for executables. +''', + 'non-executable-script', '''This text file contains a shebang or is located in a path dedicated for executables, but lacks the executable bits and cannot thus be executed. If ++++++ 0003-Tighten-lib_regex-to-avoid-false-positive-in-python-.patch ++++++ >From bcc9a315dae3aacf27854f16328c59e32eab2816 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Thu, 28 Sep 2017 23:04:22 +0200 Subject: [PATCH 3/3] Tighten lib_regex to avoid false positive in python bindings Also add unit test coverage for it. --- FilesCheck.py | 2 +- test/test_files.py | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -197,7 +197,7 @@ devel_regex = re.compile(r'(.*)-(debug(i debuginfo_package_regex = re.compile(r'-debug(info)?$') debugsource_package_regex = re.compile(r'-debugsource$') use_debugsource = Config.getOption('UseDebugSource', False) -lib_regex = re.compile(r'lib(64)?/lib[^/]*(\.so\..*|-[0-9.]+\.so)') +lib_regex = re.compile(r'/lib(?:64)?/lib[^/]+(?:\.so\.[\d\.]+|-[\d\.]+\.so)$') ldconfig_regex = re.compile(r'^[^#]*ldconfig', re.MULTILINE) depmod_regex = re.compile(r'^[^#]*depmod', re.MULTILINE) install_info_regex = re.compile(r'^[^#]*install-info', re.MULTILINE) Index: rpmlint-rpmlint-1.10/test/test_files.py =================================================================== --- rpmlint-rpmlint-1.10.orig/test/test_files.py +++ rpmlint-rpmlint-1.10/test/test_files.py @@ -62,3 +62,22 @@ def test_scm_regex(): assert scm_regex.search('/bar/foo,v') assert scm_regex.search('bar/.svnignore') assert scm_regex.search('bar/.git/refs') + + +def test_lib_regex(): + from FilesCheck import lib_regex + + # true matches + assert all( + lib_regex.search(x) for x in + ('/lib/libnsl-2.26.so', + '/usr/lib64/libgnomeui.so.3', + '/lib64/libgcc_s.so.1')) + + # false positives + assert not any( + lib_regex.search(x) for x in + ('/usr/share/gdb/auto-load/usr/lib/libglib-2.0.so.0.4600.1-gdb.py', + '/usr/share/doc/findlib/lib-1.0.so', + '/usr/lib64/libvulkan_radeon.so', + '/usr/lib64/rsocket/binary',)) ++++++ 0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch ++++++ >From 33b3aab641f6f71f33fd87f1e1b41ea2e74f48e3 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sun, 1 Oct 2017 14:36:40 +0200 Subject: [PATCH] Validate Appdata also when appstream-util is unavailable When the dependency isn't installed, we can at least still validate whether the input is valid XML or not. As we're not printing any validation results anyway this is good enough. --- AppDataCheck.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) Index: rpmlint-rpmlint-1.10/AppDataCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/AppDataCheck.py +++ rpmlint-rpmlint-1.10/AppDataCheck.py @@ -10,6 +10,7 @@ import AbstractCheck import Config from Filter import addDetails, printError from Pkg import getstatusoutput +import xml.etree.ElementTree as ET STANDARD_BIN_DIRS = ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'] DEFAULT_APPDATA_CHECKER = ('appstream-util', 'validate-relax') @@ -28,12 +29,18 @@ class AppDataCheck(AbstractCheck.Abstrac def check_file(self, pkg, filename): root = pkg.dirName() f = root + filename + validation_failed = False try: st = getstatusoutput(appdata_checker + (f,)) + # Return code nonzero? + validation_failed = (st[0] != 0) except OSError: - # ignore if the checker is not installed - return - if st[0]: + # checker is not installed, do a validation manually + try: + ET.parse(pkg.dirName() + filename) + except ET.ParseError: + validation_failed = True + if validation_failed: printError(pkg, 'invalid-appdata-file', filename) ++++++ README.packaging.txt ++++++ = rpmlint-checks, rpmlint-tests = The files from rpmlint-checks and rpmlint-tests managed in git. If you need to make changes, you have the following options: * Make them in git and update the package from git (you can file pull requests if you don't have write access) * Create a patch, add the patch to the package and let one of the maintainers commit it for you The online repos are at: https://github.com/openSUSE/rpmlint-checks https://github.com/openSUSE/rpmlint-tests For building the package from git run the service directly: osc service disabledrun The services may mess up versions and changes files a bit. Needs some manual tweaking. ++++++ _service ++++++ <services> <service name="tar_scm" mode="disabled"> <param name="version">1</param> <param name="versionformat">84.87+git%cd.%h</param> <param name="url">https://github.com/openSUSE/rpmlint-tests.git</param> <param name="scm">git</param> <param name="changesgenerate">enable</param> </service> <service name="tar_scm" mode="disabled"> <param name="version">1</param> <param name="versionformat">master</param> <param name="url">https://github.com/openSUSE/rpmlint-checks.git</param> <param name="scm">git</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> <param name="compression">xz</param> <param name="file">*.tar</param> </service> <service name="set_version" mode="disabled"> <param name="file">rpmlint-tests.spec</param> </service> </services> ++++++ _servicedata ++++++ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/openSUSE/rpmlint-tests.git</param> <param name="changesrevision">cc70cb42af4668cbd27bbdd69dc6f0c56fe05d52</param></service><service name="tar_scm"> <param name="url">https://github.com/openSUSE/rpmlint-checks.git</param> <param name="changesrevision">7574d87664a3b23189ca57309915cc079e3e55ac</param></service></servicedata>++++++ better-wrong-script.diff ++++++ Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -1278,7 +1278,10 @@ executed.''', 'wrong-script-interpreter', '''This script uses an interpreter which is either an inappropriate one -or located in an inappropriate directory for packaged system software.''', +or located in an inappropriate directory for packaged system software. +Alternatively, if the file isn't supposed to be executed, then ensure that +it is not marked as being executable. +''', 'non-executable-script', '''This text file contains a shebang or is located in a path dedicated for ++++++ buildroot-doc.diff ++++++ --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -670,7 +670,7 @@ versions you can ignore this warning.''' 'hardcoded-path-in-buildroot-tag', '''A path is hardcoded in your Buildroot tag. It should be replaced -by something like %{_tmppath}/%name-root.''', +by %{_tmppath}/%{name}-%{version}-build.''', 'hardcoded-packager-tag', '''The Packager tag is hardcoded in your spec file. It should be removed, so ++++++ buildroot-in-scripts.diff ++++++ --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -235,7 +235,9 @@ class SpecCheck(AbstractCheck.AbstractCh continue - if current_section in ('prep', 'build') and \ + if current_section in ('prep', 'build','pre', 'post', 'postun', + 'trigger', 'triggerin', 'triggerprein', 'triggerun', 'triggerpostun', + 'pretrans', 'posttrans') and \ contains_buildroot(line): printWarning(pkg, 'rpm-buildroot-usage', '%' + current_section, line[:-1].strip()) ++++++ check-for-self-provides.diff ++++++ From: Ludwig Nussel <[email protected]> Date: Fri, 10 Apr 2015 14:54:18 +0200 Subject: [PATCH] check for self provides --- TagsCheck.py | 6 ++++++ 1 file changed, 6 insertions(+) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -891,6 +891,8 @@ class TagsCheck(AbstractCheck.AbstractCh for p in pkg.provides(): value = Pkg.formatRequire(*p) self._unexpanded_macros(pkg, 'Provides %s' % (value,), value) + if p[0] == pkg.name and not p[1]: + printError(pkg, 'unversioned-explicit-self-provides', p[0]) for c in pkg.conflicts(): value = Pkg.formatRequire(*c) @@ -1215,6 +1217,10 @@ objects should thus not be depended on a in the containing package. Get rid of the provides if appropriate, for example by filtering it out during build. Note that in some cases this may require disabling rpmbuild's internal dependency generator.''', + +'unversioned-explicit-self-provides', +'''This package provides it's own name explicitely, which might break +upgrade path. self-provides are autogenerated. Remove the provide.''', ) for i in ("obsoletes", "conflicts", "provides", "recommends", "suggests", ++++++ compressed-backup-regex.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:40 +0200 Subject: [PATCH] compressed-backup-regex.diff =================================================================== --- FilesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -179,7 +179,7 @@ DEFAULT_DISALLOWED_DIRS = ( ) sub_bin_regex = re.compile(r'^(/usr)?/s?bin/\S+/') -backup_regex = re.compile(r'(~|\#[^/]+\#|\.orig|\.rej)$') +backup_regex = re.compile(r'(~|\#[^/]+\#|\.orig|\.orig\.gz|\.rej)$') compr_regex = re.compile(r'\.(gz|z|Z|zip|bz2|lzma|xz)$') absolute_regex = re.compile(r'^/([^/]+)') absolute2_regex = re.compile(r'^/?([^/]+)') ++++++ config ++++++ ++++ 1449 lines (skipped) ++++++ confusing-invalid-spec-name.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] confusing-invalid-spec-name # Confusing message. The problem is not that the file does not end # with ".spec", but that there is a mismatch of specname and pkg name. --- SpecCheck.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/SpecCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -644,8 +644,8 @@ addDetails( SPEC file to build a valid RPM package.''', 'invalid-spec-name', -'''Your spec filename must end with '.spec'. If it's not the case, rename your -file and rebuild your package.''', +'''The spec file name (without the .spec suffix) must match the package name +("Name:" tag). Either rename your package or the specfile.''', 'non-utf8-spec-file', '''The character encoding of the spec file is not UTF-8. Convert it for ++++++ description-check.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] description-check.diff =================================================================== --- TagsCheck.py | 7 +++++++ 1 file changed, 7 insertions(+) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -736,6 +736,9 @@ class TagsCheck(AbstractCheck.AbstractCh else: for lang in langs: self.check_description(pkg, lang, ignored_words) + + if len(Pkg.b2s(pkg[rpm.RPMTAG_DESCRIPTION]).partition('Authors:')[0]) - 4 < len(pkg[rpm.RPMTAG_SUMMARY]): + printWarning(pkg, 'description-shorter-than-summary') else: printError(pkg, 'no-description-tag') @@ -1028,6 +1031,10 @@ Name tag.''', '''The major number of the library isn't included in the package's name. ''', +'description-shorter-than-summary', +'''The package description should be longer than the summary. be a bit more +verbose, please.''', + 'no-provides', '''Your library package doesn't provide the -devel name without the major version included.''', ++++++ devel-provide-is-devel-package.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] devel-provide-is-devel-package.diff =================================================================== --- FilesCheck.py | 4 ++++ 1 file changed, 4 insertions(+) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -422,6 +422,10 @@ class FilesCheck(AbstractCheck.AbstractC # Check if the package is a development package devel_pkg = devel_regex.search(pkg.name) + for p in pkg.provides(): + if not devel_pkg and devel_regex.search(p[0]): + devel_pkg = True + config_files = pkg.configFiles() ghost_files = pkg.ghostFiles() doc_files = pkg.docFiles() ++++++ docdata-examples.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] docdata-examples.diff =================================================================== --- FilesCheck.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -189,6 +189,7 @@ bin_regex = re.compile(r'^/(?:usr/(?:s?b includefile_regex = re.compile(r'\.(c|h)(pp|xx)?$', re.IGNORECASE) develfile_regex = re.compile(r'\.(a|cmxa?|mli?|gir)$') buildconfigfile_regex = re.compile(r'(\.pc|/bin/.+-config)$') +docdir_examples_regex = re.compile('^/usr/(?:share/doc/packages|lib(?:64))/[^/]+/(?:example|demo|script|contrib)') # room for improvement with catching more -R, but also for false positives... buildconfig_rpath_regex = re.compile(r'(?:-rpath|Wl,-R)\b') sofile_regex = re.compile(r'/lib(64)?/(.+/)?lib[^/]+\.so$') @@ -785,7 +786,7 @@ class FilesCheck(AbstractCheck.AbstractC includefile_regex.search(f) or \ develfile_regex.search(f) or \ logrotate_regex.search(f) - if nonexec_file: + if nonexec_file and not docdir_examples_regex.search(f): printWarning(pkg, 'spurious-executable-perm', f) elif f.startswith('/etc/') and f not in config_files and \ f not in ghost_files: @@ -1154,7 +1155,10 @@ included in your package.''', 'spurious-executable-perm', '''The file is installed with executable permissions, but was identified as one that probably should not be executable. Verify if the executable bits are -desired, and remove if not.''', +desired, and remove if not. +NOTE: example scripts should be packaged under %docdir/examples, which will avoid +this warning. +''', 'world-writable', '''A file or directory in the package is installed with world writable ++++++ drop-unicodedata-dep.diff ++++++ Index: rpmlint-rpmlint-1.10/SpecCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -9,7 +9,6 @@ import re import sys -import unicodedata try: from urlparse import urlparse except ImportError: # Python 3 @@ -107,7 +106,7 @@ filelist_regex = re.compile(r'\s+-f\s+\S pkgname_regex = re.compile(r'\s+(?:-n\s+)?(\S+)') tarball_regex = re.compile(r'\.(?:t(?:ar|[glx]z|bz2?)|zip)\b', re.IGNORECASE) -UNICODE_NBSP = unicodedata.lookup('NO-BREAK SPACE') +UNICODE_NBSP = u'\xa0' def unversioned(deps): ++++++ extend-suse-conffiles-check.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:40 +0200 Subject: [PATCH] extend-suse-conffiles-check.diff =================================================================== --- FilesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -803,7 +803,7 @@ class FilesCheck(AbstractCheck.AbstractC if nonexec_file and not docdir_examples_regex.search(f): printWarning(pkg, 'spurious-executable-perm', f) elif f.startswith('/etc/') and f not in config_files and \ - f not in ghost_files: + f not in ghost_files and not f.endswith(".desktop"): printWarning(pkg, 'non-conffile-in-etc', f) if pkg.arch == 'noarch' and f.startswith('/usr/lib64/python'): ++++++ fix-diag-sortorder.diff ++++++ --- a/Filter.py +++ b/Filter.py @@ -43,15 +43,15 @@ else: def printInfo(pkg, reason, *details): - _print("I", pkg, reason, details) + _print('I', pkg, reason, details) def printWarning(pkg, reason, *details): - _print("W", pkg, reason, details) + _print('W', pkg, reason, details) def printError(pkg, reason, *details): - _print("E", pkg, reason, details) + _print('E', pkg, reason, details) def _print(msgtype, pkg, reason, details): @@ -111,8 +111,10 @@ def printDescriptions(reason): def _diag_sortkey(x): - xs = x.split() - return (xs[2], xs[1]) + xs = x.split(maxsplit=2) + # Sort Category (Info/Warnings/Errors), Diagnostic, Name + # ['game.x86_64:', 'W:', 'call-to-mktemp /usr/games/lib/blub\n'] + return (str('IWE'.find(xs[1][0])), xs[2], xs[0]) def printAllReasons(): @@ -121,7 +123,7 @@ def printAllReasons(): return False global _diagnostic - _diagnostic.sort(key=_diag_sortkey, reverse=True) + _diagnostic.sort(key=_diag_sortkey) last_reason = '' for diag in _diagnostic: if Config.info: ++++++ ignore-readelf-ar-error.diff ++++++ Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -255,8 +255,11 @@ class BinaryInfo(object): else: self.readelf_error = True - printWarning(pkg, 'binaryinfo-readelf-failed', - file, re.sub('\n.*', '', res[1])) + # Go and others are producing ar archives that don't have ELF + # headers, so don't complain about it + if not is_ar: + printWarning(pkg, 'binaryinfo-readelf-failed', + file, re.sub('\n.*', '', res[1])) try: with open(path, 'rb') as fobj: ++++++ invalid-filerequires.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:40 +0200 Subject: [PATCH] invalid-filerequires.diff =================================================================== --- TagsCheck.py | 10 ++++++++++ 1 file changed, 10 insertions(+) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -452,6 +452,7 @@ invalid_version_regex = re.compile(r'([0 # () are here for grouping purpose in the regexp forbidden_words_regex = re.compile(r'(%s)' % Config.getOption('ForbiddenWords'), re.IGNORECASE) valid_buildhost_regex = re.compile(Config.getOption('ValidBuildHost')) +valid_filedep_regex = re.compile(r'(?:/s?bin/|^/etc/|^/usr/lib/sendmail$)') use_epoch = Config.getOption('UseEpoch', False) use_utf8 = Config.getOption('UseUTF8', Config.USEUTF8_DEFAULT) max_line_len = Config.getOption('MaxLineLength', 79) @@ -632,6 +633,9 @@ class TagsCheck(AbstractCheck.AbstractCh if d[0].startswith('/usr/local/'): printError(pkg, 'invalid-dependency', d[0]) + if d[0].startswith('/') and not valid_filedep_regex.search(d[0]): + printWarning(pkg, 'invalid-filepath-dependency', d[0]) + if is_source: if lib_devel_number_regex.search(d[0]): printError(pkg, 'invalid-build-requires', d[0]) @@ -1162,6 +1166,12 @@ unneeded explicit Requires: tags.''', '''This package provides 2 times the same capacity. It should only provide it once.''', +'invalid-filepath-dependency', +'''A package has a file or path based dependency that is not resolveable for +package solvers because it is not in the whitelist for path based dependencies +and therefore not available in repository metadata. Please use a symbolic requires +instead or require a file in bin or /etc.''', + 'tag-not-utf8', '''The character encoding of the value of this tag is not UTF-8.''', ++++++ libtool-wrapper-check.diff ++++++ Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -367,8 +367,21 @@ class BinariesCheck(AbstractCheck.Abstra is_ar = 'current ar archive' in pkgfile.magic is_ocaml_native = 'Objective caml native' in pkgfile.magic is_lua_bytecode = 'Lua bytecode' in pkgfile.magic + is_shell = "shell script" in pkgfile.magic is_binary = is_elf or is_ar or is_ocaml_native or is_lua_bytecode + if is_shell: + file_start = None + try: + with open(pkgfile.path, 'rb') as inputf: + file_start = inputf.read(2048) + except IOError: + pass + if (file_start and + b'This wrapper script should never ' + b'be moved out of the build directory' in file_start): + printError(pkg, 'libtool-wrapper-in-package', fname) + if not is_binary: if reference_regex.search(fname): lines = pkg.grep(invalid_dir_ref_regex, fname) @@ -637,6 +650,15 @@ to list code compiled without -fPIC. Another common mistake that causes this problem is linking with ``gcc -Wl,-shared'' instead of ``gcc -shared''.''', +'libtool-wrapper-in-package', +'''Your package contains a libtool wrapper shell script. This +will not work. Instead of install'ing the libtool wrapper file, +run + +libtool --mode=install install -m perm <file> <dest> + +to install the relinked file.''', + 'binary-or-shlib-defines-rpath', '''The binary or shared library defines `RPATH'. Usually this is a bad thing because it hardcodes the path to search libraries and so ++++++ licenses.config ++++++ # -*- python -*- # vim: syntax=python sw=4 et # This line is mandatory to access the configuration functions from Config import * from Filter import addDetails addDetails('invalid-license', """The specified license string is not recognized. Please refer to https://spdx.org/licenses/ for the list of known licenses and their exact spelling.""") # from http://www.spdx.org/licenses/ setOption('ValidLicenses', ( # generated in spec file #VALIDLICENSES )) ++++++ no-badness-return.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] no-badness-return.diff =================================================================== --- Filter.py | 2 +- rpmlint | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/Filter.py =================================================================== --- rpmlint-rpmlint-1.10.orig/Filter.py +++ rpmlint-rpmlint-1.10/Filter.py @@ -130,7 +130,7 @@ def printAllReasons(): if len(last_reason): printDescriptions(last_reason) last_reason = reason - __print(diag) + __print(diag[:-1]) if Config.info and len(last_reason): printDescriptions(last_reason) _diagnostic = list() Index: rpmlint-rpmlint-1.10/rpmlint =================================================================== --- rpmlint-rpmlint-1.10.orig/rpmlint +++ rpmlint-rpmlint-1.10/rpmlint @@ -206,7 +206,7 @@ def main(): % (packages_checked, specfiles_checked, printed_messages["E"], printed_messages["W"])) - if printed_messages["E"] > 0: + if badnessThreshold() < 0 and printed_messages["E"] > 0: sys.exit(64) sys.exit(0) ++++++ no-doc-for-lib.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] no-doc-for-lib.diff =================================================================== --- FilesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -440,7 +440,7 @@ class FilesCheck(AbstractCheck.AbstractC debuginfo_srcs = False debuginfo_debugs = False - if not doc_files: + if not lib_package and not doc_files: printWarning(pkg, 'no-documentation') if files: ++++++ noarch-lib64.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] noarch-lib64.diff =================================================================== --- BinariesCheck.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -345,6 +345,7 @@ class BinariesCheck(AbstractCheck.Abstra binary = False binary_in_usr_lib = False has_usr_lib_file = False + file_in_lib64 = False multi_pkg = False srpm = pkg[rpm.RPMTAG_SOURCERPM] @@ -363,6 +364,10 @@ class BinariesCheck(AbstractCheck.Abstra # only-non-binary-in-usr-lib false positives binary_in_usr_lib = True + if stat.S_ISREG(pkgfile.mode) and \ + (fname.startswith("/usr/lib64") or fname.startswith("/lib64")): + file_in_lib64 = True + is_elf = 'ELF' in pkgfile.magic is_ar = 'current ar archive' in pkgfile.magic is_ocaml_native = 'Objective caml native' in pkgfile.magic @@ -592,9 +597,12 @@ class BinariesCheck(AbstractCheck.Abstra if version and version != -1 and version not in pkg.name: printError(pkg, 'incoherent-version-in-name', version) - if not binary and not multi_pkg and pkg.arch != 'noarch': + if not binary and not multi_pkg and not file_in_lib64 and pkg.arch != 'noarch': printError(pkg, 'no-binary') + if pkg.arch == 'noarch' and file_in_lib64: + printError(pkg, 'noarch-with-lib64') + if has_usr_lib_file and not binary_in_usr_lib: printWarning(pkg, 'only-non-binary-in-usr-lib') @@ -619,6 +627,11 @@ FHS and the FSSTND forbid this.''', # 'non-sparc32-binary', # '', +'noarch-with-lib64', +'''This package is marked as noarch but installs files into lib64. +Not all architectures have this in path, so the package can't be +noarch.''', + 'invalid-soname', '''The soname of the library is neither of the form lib<libname>.so.<major> or lib<libname>-<major>.so.''', ++++++ omit_BUILDROOT_from_pyo_files.patch ++++++ diff -u rpmlint-rpmlint-1.8.orig/Makefile rpmlint-rpmlint-1.8/Makefile --- rpmlint-rpmlint-1.8.orig/Makefile 2016-05-03 18:21:47.823504438 +0200 +++ rpmlint-rpmlint-1.8/Makefile 2016-05-03 18:25:11.746636047 +0200 @@ -39,9 +39,7 @@ $(DESTDIR)$(LIBDIR)/[A-Z]*.py \ $(DESTDIR)$(LIBDIR)/__*__.py ; \ fi - $(PYTHON) -O -m py_compile \ - $(DESTDIR)$(LIBDIR)/[A-Z]*.py \ - $(DESTDIR)$(LIBDIR)/__*__.py ; \ + $(PYTHON) -O -m compileall -d $(LIBDIR) $(DESTDIR)$(LIBDIR) for file in rpmlint rpmdiff ; do \ sed -e "s,#!/usr/bin/python ,#!$(PYTHON) ," $$file > $(DESTDIR)$(BINDIR)/$$file ; \ chmod +x $(DESTDIR)$(BINDIR)/$$file ; \ ++++++ only-reg-files-are-scripts.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] only-reg-files-are-scripts.diff =================================================================== --- InitScriptCheck.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/InitScriptCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/InitScriptCheck.py +++ rpmlint-rpmlint-1.10/InitScriptCheck.py @@ -17,7 +17,7 @@ import AbstractCheck import Config from Filter import addDetails, printError, printWarning import Pkg - +import stat chkconfig_content_regex = re.compile(r'^\s*#\s*chkconfig:\s*([-0-9]+)\s+[-0-9]+\s+[-0-9]+') subsys_regex = re.compile(r'/var/lock/subsys/([^/"\'\s;&|]+)', re.MULTILINE) @@ -49,6 +49,9 @@ class InitScriptCheck(AbstractCheck.Abst not fname.startswith('/etc/rc.d/init.d/'): continue + if not stat.S_ISREG(pkgfile.mode): + continue + basename = os.path.basename(fname) initscript_list.append(basename) if pkgfile.mode & 0o500 != 0o500: ++++++ pie.config ++++++ from Config import * # This file should list daemons and programs that are likely to be set setuid # by users. Files listed in permissions.eays are automatically checked. pie_execs = ( "/bin/ping", "/usr/bin/ping", "/bin/ping6", "/usr/bin/ping6", "/bin/su", "/usr/bin/su", "/usr/bin/pidgin", "/sbin/arping", "/sbin/clockdiff", "/sbin/dhclient", "/sbin/dhcpcd", "/sbin/klogd", "/sbin/rpcbind", "/sbin/syslogd", "/sbin/tracepath", "/sbin/tracepath6", "/usr/bin/uniconv", "/usr/bin/achfile", "/usr/bin/adv1tov2", "/usr/bin/aecho", "/usr/bin/afile", "/usr/bin/afppasswd", "/usr/bin/at", "/usr/bin/cadaver", "/usr/bin/chage", "/usr/bin/chfn", "/usr/bin/chsh", "/usr/bin/ciptool", "/usr/bin/cnid_index", "/usr/bin/dig", "/usr/bin/dund", "/usr/bin/expiry", "/usr/bin/finger", "/usr/bin/getzones", "/usr/bin/gpasswd", "/usr/bin/gpg", "/usr/bin/gpgsplit", "/usr/bin/gpgv", "/usr/bin/hcitool", "/usr/bin/hidd", "/usr/bin/host", "/usr/bin/htpasswd", "/usr/bin/l2ping", "/usr/bin/lppasswd", "/usr/bin/megatron", "/usr/bin/nbplkup", "/usr/bin/nbprgstr", "/usr/bin/nbpunrgstr", "/usr/bin/ncplogin", "/usr/bin/ncpmap", "/usr/bin/net", "/usr/bin/newgrp", "/usr/bin/nmblookup", "/usr/bin/nslookup", "/usr/bin/nsupdate", "/usr/bin/nwsfind", "/usr/bin/omshell", "/usr/bin/pand", "/usr/bin/pap", "/usr/bin/papstatus", "/usr/bin/passwd", "/usr/bin/pdbedit", "/usr/bin/profiles", "/usr/bin/psorder", "/usr/bin/rcp", "/usr/bin/rexec", "/usr/bin/rfcomm", "/usr/bin/rlogin", "/usr/bin/rpcclient", "/usr/bin/rsh", "/usr/bin/scp", "/usr/bin/sdptool", "/usr/bin/sftp", "/usr/bin/showppd", "/usr/bin/smbcacls", "/usr/bin/smbclient", "/usr/bin/smbcontrol", "/usr/bin/smbcquotas", "/sbin/mount.cifs", "/usr/bin/smbpasswd", "/usr/bin/smbspool", "/usr/bin/smbstatus", "/usr/bin/smbtree", "/usr/bin/ssh", "/usr/bin/ssh-add", "/usr/bin/ssh-agent", "/usr/bin/ssh-keygen", "/usr/bin/ssh-keyscan", "/usr/bin/svn", "/usr/bin/svnadmin", "/usr/bin/svndumpfilter", "/usr/bin/svnlook", "/usr/bin/svnserve", "/usr/bin/svnversion", "/usr/bin/talk", "/usr/bin/telnet", "/usr/bin/testparm", "/usr/bin/testprns", "/usr/bin/timeout", "/usr/bin/wbinfo", "/usr/lib/mit/bin/ftp", "/usr/lib/mit/bin/gss-client", "/usr/lib/mit/bin/kdestroy", "/usr/lib/mit/bin/kinit", "/usr/lib/mit/bin/klist", "/usr/lib/mit/bin/kpasswd", "/usr/lib/mit/bin/krb524init", "/usr/lib/mit/bin/ksu", "/usr/lib/mit/bin/kvno", "/usr/lib/mit/bin/rcp", "/usr/lib/mit/bin/rlogin", "/usr/lib/mit/bin/rsh", "/usr/lib/mit/bin/sclient", "/usr/lib/mit/bin/sim_client", "/usr/lib/mit/bin/telnet", "/usr/lib/mit/bin/uuclient", "/usr/lib/mit/bin/v4rcp", "/usr/lib/mit/sbin/ftpd", "/usr/lib/mit/sbin/gss-server", "/usr/lib/mit/sbin/kadmin", "/usr/lib/mit/sbin/kadmin.local", "/usr/lib/mit/sbin/kadmind", "/usr/lib/mit/sbin/kdb5_util", "/usr/lib/mit/sbin/klogind", "/usr/lib/mit/sbin/kprop", "/usr/lib/mit/sbin/kpropd", "/usr/lib/mit/sbin/krb524d", "/usr/lib/mit/sbin/krb5kdc", "/usr/lib/mit/sbin/kshd", "/usr/lib/mit/sbin/ktutil", "/usr/lib/mit/sbin/login.krb5", "/usr/lib/mit/sbin/sim_server", "/usr/lib/mit/sbin/sserver", "/usr/lib/mit/sbin/telnetd", "/usr/lib/mit/sbin/uuserver", "/usr/lib/news/bin/innd", "/usr/lib/news/bin/innbind", "/usr/lib/news/bin/rnews", "/usr/sbin/afpd", "/usr/sbin/amcheck", "/usr/sbin/amdd", "/usr/sbin/atalkd", "/usr/sbin/atd", "/usr/sbin/automount", "/usr/sbin/chat", "/usr/sbin/cnid_dbd", "/usr/sbin/cnid_metad", "/usr/sbin/cron", "/usr/sbin/cupsd", "/usr/sbin/dhcpd", "/usr/sbin/dhcrelay", "/usr/sbin/dnssec-keygen", "/usr/sbin/dnssec-signzone", "/usr/sbin/exim", "/usr/sbin/hciattach", "/usr/sbin/bluetoothd", "/usr/sbin/hciconfig", "/usr/sbin/hid2hci", "/usr/sbin/httpd2", "/usr/sbin/httpd2-prefork", "/usr/sbin/httpd2-worker", "/usr/sbin/in.fingerd", "/usr/sbin/in.ntalkd", "/usr/sbin/in.rexecd", "/usr/sbin/in.rlogind", "/usr/sbin/in.rshd", "/usr/sbin/in.telnetd", "/usr/sbin/irqbalance", "/usr/sbin/lwresd", "/usr/sbin/mailstats", "/usr/sbin/makemap", "/usr/sbin/named", "/usr/sbin/named-checkconf", "/usr/sbin/named-checkzone", "/usr/sbin/nmbd", "/usr/sbin/nscd", "/usr/sbin/ntlm_auth", "/usr/sbin/ntp-keygen", "/usr/sbin/ntpd", "/usr/sbin/ntpdc", "/usr/sbin/ntpq", "/usr/sbin/ntptime", "/usr/sbin/openvpn", "/usr/sbin/papd", "/usr/sbin/postfix", "/usr/sbin/pppd", "/usr/sbin/praliases", "/usr/sbin/radiusd", "/usr/sbin/rarpd", "/usr/sbin/rndc", "/usr/sbin/rndc-confgen", "/usr/sbin/rotatelogs2", "/usr/sbin/rpc.mountd", "/usr/sbin/rpc.nfsd", "/usr/sbin/rpc.rquotad", "/usr/sbin/rpc.rwalld", "/usr/sbin/rpc.yppasswdd", "/usr/sbin/rpc.ypxfrd", "/usr/sbin/safe_finger", "/usr/sbin/sendmail", "/usr/lib/sudo/sesh", "/usr/lib/openldap/slapd", "/usr/sbin/smartctl", "/usr/sbin/smartd", "/usr/sbin/smbd", "/usr/sbin/snmpd", "/usr/sbin/snmptrapd", "/usr/sbin/squid", "/usr/sbin/squidclient", "/usr/sbin/sshd", "/usr/sbin/stunnel", "/usr/sbin/suexec2", "/usr/sbin/tcpd", "/usr/sbin/tickadj", "/usr/sbin/traceroute", "/usr/sbin/traceroute6", "/usr/sbin/try-from", "/usr/sbin/utempter", "/usr/sbin/visudo", "/usr/sbin/vsftpd", "/usr/sbin/winbindd", "/usr/sbin/xinetd", "/usr/sbin/yppush", "/usr/sbin/ypserv", "/usr/bin/zone2ldap", ) setOption('PieExecutables', '^(?:%s)$' % '|'.join(pie_execs)) ++++++ remove-ghostfile-checks.diff ++++++ --- rpmlint-rpmlint-1.10.orig/PostCheck.py +++ rpmlint-rpmlint-1.10/PostCheck.py @@ -112,20 +112,6 @@ class PostCheck(AbstractCheck.AbstractCh self.check_aux( pkg, files, prog[idx], script[idx], tag[2], prereq) - ghost_files = pkg.ghostFiles() - if ghost_files: - postin = pkg[rpm.RPMTAG_POSTIN] - prein = pkg[rpm.RPMTAG_PREIN] - for f in ghost_files: - if f in pkg.missingOkFiles(): - continue - if not postin and not prein: - printWarning(pkg, 'ghost-files-without-postin') - if (not postin or f not in postin) and \ - (not prein or f not in prein): - printWarning(pkg, - 'postin-without-ghost-file-creation', f) - def check_aux(self, pkg, files, prog, script, tag, prereq): if script: if prog: @@ -195,10 +181,6 @@ class PostCheck(AbstractCheck.AbstractCh check = PostCheck() # Add information about checks -addDetails( -'postin-without-ghost-file-creation', -'''A file tagged as ghost is not created during %prein nor during %postin.''', -) for scriptlet in map(lambda x: '%' + x, RPM_SCRIPTLETS): addDetails( 'one-line-command-in-%s' % scriptlet, ++++++ rpmgroup-checks.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] rpmgroup-checks.diff =================================================================== --- TagsCheck.py | 6 ++++++ 1 file changed, 6 insertions(+) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -743,6 +743,8 @@ class TagsCheck(AbstractCheck.AbstractCh self._unexpanded_macros(pkg, 'Group', group) if not group: printError(pkg, 'no-group-tag') + elif pkg.name.endswith('-devel') and not group.startswith('Development/'): + printWarning(pkg, 'devel-package-with-non-devel-group', group) elif VALID_GROUPS and group not in VALID_GROUPS: printWarning(pkg, 'non-standard-group', group) @@ -1067,6 +1069,10 @@ won't fool the specfile parser, and rebu '''There is no Group tag in your package. You have to specify a valid group in your spec file using the Group tag.''', +'devel-package-with-non-devel-group', +'''The package ends with -devel but does not have a RPM group starting with +Development/''', + 'non-standard-group', '''The value of the Group tag in the package is not valid. Valid groups are: "%s".''' % '", "'.join(VALID_GROUPS), ++++++ rpmlint-slpp-NUM-NUM.patch ++++++ Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -673,7 +673,7 @@ class TagsCheck(AbstractCheck.AbstractCh base_or_libs = base + '*' + '/' + base + '-libs/lib' + base + '*' # try to match *%_isa as well (e.g. "(x86-64)", "(x86-32)") base_or_libs_re = re.compile( - r'^(lib)?%s(-libs)?[\d_]*(\(\w+-\d+\))?$' % re.escape(base)) + r'^(lib)?%s(-libs)?[\d_-]*(\(\w+-\d+\))?$' % re.escape(base)) for d in deps: if base_or_libs_re.match(d[0]): dep = d ++++++ rpmlint-suse.diff ++++++ --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -184,7 +184,7 @@ compr_regex = re.compile(r'\.(gz|z|Z|zip absolute_regex = re.compile(r'^/([^/]+)') absolute2_regex = re.compile(r'^/?([^/]+)') points_regex = re.compile(r'^\.\./(.*)') -doc_regex = re.compile(r'^/usr(/share|/X11R6)?/(doc|man|info)/') +doc_regex = re.compile(r'^/usr(/share|/X11R6)?/(doc|man|info)/|^/opt/kde3/share/doc|^/usr/share/gnome/help') bin_regex = re.compile(r'^/(?:usr/(?:s?bin|games)|s?bin)/(.*)') includefile_regex = re.compile(r'\.(c|h)(pp|xx)?$', re.IGNORECASE) develfile_regex = re.compile(r'\.(a|cmxa?|mli?|gir)$') Index: rpmlint-rpmlint-1.10/I18NCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/I18NCheck.py +++ rpmlint-rpmlint-1.10/I18NCheck.py @@ -30,7 +30,7 @@ INCORRECT_LOCALES = { 'en_UK': 'en_GB'} package_regex = re.compile('-(' + '|'.join(LANGUAGES) + ')$') -locale_regex = re.compile('^(/usr/share/locale/([^/]+))/') +locale_regex = re.compile(r'^(/(usr|opt/kde3|opt/gnome)/share/locale/([^/]+))/') correct_subdir_regex = re.compile('^(([a-z][a-z]([a-z])?(_[A-Z][A-Z])?)([.@].*$)?)$') lc_messages_regex = re.compile('/usr/share/locale/([^/]+)/LC_MESSAGES/.*(mo|po)$') man_regex = re.compile('/usr(?:/share)?/man/([^/]+)/man[0-9n][^/]*/[^/]+$') ++++++ rpmlint-tests-sle15-Revert-Adjust-order-of-output-as-well.patch ++++++ >From 3b871b5dc8789e97ddaacfd7ff20e6a21e5372b6 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Mon, 15 Apr 2019 14:01:55 +0200 Subject: [PATCH] Revert "Adjust order of output as well" This reverts commit 88daa4ecc60c092a31c0d3839ef936ddc16503ff. --- tests/shlib1.ref | 4 ++-- tests/shlib2-devel.ref | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/shlib1.ref b/tests/shlib1.ref index e5fcd43..83b6c9c 100644 --- a/tests/shlib1.ref +++ b/tests/shlib1.ref @@ -1,7 +1,7 @@ +shlib1: W: unstripped-binary-or-object /usr/lib/libfoo-2.so +shlib1: E: devel-file-in-non-devel-package (Badness: 50) /usr/lib/libfoo.so shlib1: W: library-without-ldconfig-postin /usr/lib/libfoo-2.so shlib1: W: library-without-ldconfig-postin /usr/lib/libfoo.so.1 shlib1: W: library-without-ldconfig-postun /usr/lib/libfoo-2.so shlib1: W: library-without-ldconfig-postun /usr/lib/libfoo.so.1 -shlib1: W: unstripped-binary-or-object /usr/lib/libfoo-2.so -shlib1: E: devel-file-in-non-devel-package (Badness: 50) /usr/lib/libfoo.so 1 packages and 0 specfiles checked; 1 errors, 5 warnings. diff --git a/tests/shlib2-devel.ref b/tests/shlib2-devel.ref index 47f30e1..1e91686 100644 --- a/tests/shlib2-devel.ref +++ b/tests/shlib2-devel.ref @@ -1,9 +1,9 @@ -shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo-2.so -shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo.so.1 -shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo-2.so -shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo.so.1 shlib2-devel: W: no-dependency-on shlib2*/shlib2-libs/libshlib2* shlib2-devel: W: non-devel-file-in-devel-package /usr/lib/libfoo-2.so shlib2-devel: W: non-devel-file-in-devel-package /usr/lib/libfoo.so.1 shlib2-devel: W: unstripped-binary-or-object /usr/lib/libfoo-2.so +shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo-2.so +shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo.so.1 +shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo-2.so +shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo.so.1 1 packages and 0 specfiles checked; 0 errors, 8 warnings. -- 2.16.4 ++++++ rpmlint-tests-sle15-Revert-adjust-reference-testoutput-for-removal-of-ba.patch ++++++ >From c2ff2ef89e4a65019e04d94ef52f1f73ff13744f Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Mon, 15 Apr 2019 14:02:02 +0200 Subject: [PATCH] Revert "adjust reference testoutput for removal of badness" This reverts commit 03176da8f243e5922a2f744dfa5baddb6bcc6a34. --- tests/shlib1.ref | 10 +++++----- tests/shlib2-devel.ref | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/shlib1.ref b/tests/shlib1.ref index 83b6c9c..3cb7dd4 100644 --- a/tests/shlib1.ref +++ b/tests/shlib1.ref @@ -1,7 +1,7 @@ shlib1: W: unstripped-binary-or-object /usr/lib/libfoo-2.so shlib1: E: devel-file-in-non-devel-package (Badness: 50) /usr/lib/libfoo.so -shlib1: W: library-without-ldconfig-postin /usr/lib/libfoo-2.so -shlib1: W: library-without-ldconfig-postin /usr/lib/libfoo.so.1 -shlib1: W: library-without-ldconfig-postun /usr/lib/libfoo-2.so -shlib1: W: library-without-ldconfig-postun /usr/lib/libfoo.so.1 -1 packages and 0 specfiles checked; 1 errors, 5 warnings. +shlib1: E: library-without-ldconfig-postin (Badness: 300) /usr/lib/libfoo-2.so +shlib1: E: library-without-ldconfig-postin (Badness: 300) /usr/lib/libfoo.so.1 +shlib1: E: library-without-ldconfig-postun (Badness: 300) /usr/lib/libfoo-2.so +shlib1: E: library-without-ldconfig-postun (Badness: 300) /usr/lib/libfoo.so.1 +1 packages and 0 specfiles checked; 5 errors, 1 warnings. diff --git a/tests/shlib2-devel.ref b/tests/shlib2-devel.ref index 1e91686..fbff519 100644 --- a/tests/shlib2-devel.ref +++ b/tests/shlib2-devel.ref @@ -2,8 +2,8 @@ shlib2-devel: W: no-dependency-on shlib2*/shlib2-libs/libshlib2* shlib2-devel: W: non-devel-file-in-devel-package /usr/lib/libfoo-2.so shlib2-devel: W: non-devel-file-in-devel-package /usr/lib/libfoo.so.1 shlib2-devel: W: unstripped-binary-or-object /usr/lib/libfoo-2.so -shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo-2.so -shlib2-devel: W: library-without-ldconfig-postin /usr/lib/libfoo.so.1 -shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo-2.so -shlib2-devel: W: library-without-ldconfig-postun /usr/lib/libfoo.so.1 -1 packages and 0 specfiles checked; 0 errors, 8 warnings. +shlib2-devel: E: library-without-ldconfig-postin (Badness: 300) /usr/lib/libfoo-2.so +shlib2-devel: E: library-without-ldconfig-postin (Badness: 300) /usr/lib/libfoo.so.1 +shlib2-devel: E: library-without-ldconfig-postun (Badness: 300) /usr/lib/libfoo-2.so +shlib2-devel: E: library-without-ldconfig-postun (Badness: 300) /usr/lib/libfoo.so.1 +1 packages and 0 specfiles checked; 4 errors, 4 warnings. -- 2.16.4 ++++++ rpmlint-tests-sle15-Revert-polkit-adjust-reference-output-to-match-corre.patch ++++++ >From af1ec4e64647ec4b6bf550ba822165c563a40ad6 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Wed, 9 May 2018 13:50:54 +0200 Subject: [PATCH] Revert "polkit: adjust reference output to match corresponding change in rpmlint-checks" This reverts commit f4dfbdc2cc367245537df410353a64d67cbcc519. --- tests/polkit.ref | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/polkit.ref b/tests/polkit.ref index fb214ea..22dd180 100644 --- a/tests/polkit.ref +++ b/tests/polkit.ref @@ -1,6 +1,6 @@ polkit: I: polkit-cant-acquire-privilege org.opensuse.test.bar (no:auth_admin:auth_admin) +polkit: W: polkit-untracked-privilege org.opensuse.test.bar (no:auth_admin:auth_admin) +polkit: W: polkit-untracked-privilege org.opensuse.test.foo (auth_admin:auth_admin:auth_admin) polkit: E: polkit-unauthorized-privilege (Badness: 10000) org.opensuse.test.baz (auth_admin:auth_admin:auth_self) polkit: E: polkit-unauthorized-privilege (Badness: 10000) org.opensuse.test.baz2 (auth_admin:auth_admin:yes) -polkit: E: polkit-untracked-privilege (Badness: 10000) org.opensuse.test.bar (no:auth_admin:auth_admin) -polkit: E: polkit-untracked-privilege (Badness: 10000) org.opensuse.test.foo (auth_admin:auth_admin:auth_admin) -1 packages and 0 specfiles checked; 4 errors, 0 warnings. +1 packages and 0 specfiles checked; 2 errors, 2 warnings. -- 2.16.3 ++++++ selfconflicts-provide.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] selfconflicts-provide.diff =================================================================== --- TagsCheck.py | 7 +++++++ 1 file changed, 7 insertions(+) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -865,6 +865,7 @@ class TagsCheck(AbstractCheck.AbstractCh obs_names = [x[0] for x in pkg.obsoletes()] prov_names = [x[0].split(':/')[0] for x in pkg.provides()] + conf_names = map(lambda x: x[0].split(':/')[0], pkg.conflicts()) for o in (x for x in obs_names if x not in prov_names): printWarning(pkg, 'obsolete-not-provided', o) @@ -876,6 +877,8 @@ class TagsCheck(AbstractCheck.AbstractCh # https://bugzilla.redhat.com/460872 useless_provides = [] for p in prov_names: + if p in conf_names: + printWarning(pkg, 'conflicts-with-provides', p) if prov_names.count(p) != 1 and p not in useless_provides: useless_provides.append(p) for p in useless_provides: @@ -1011,6 +1014,10 @@ the Release tag.''', '''There is no Name tag in your package. You have to specify a name using the Name tag.''', +'conflicts-with-provides', +'''The same symbolic name is provided and conflicted. This package might be +uninstallable, if versioning matches''', + 'non-coherent-filename', '''The file which contains the package should be named <NAME>-<VERSION>-<RELEASE>.<ARCH>.rpm.''', ++++++ stricter-interpreter-check.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] stricter-interpreter-check.diff =================================================================== --- FilesCheck.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/FilesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/FilesCheck.py +++ rpmlint-rpmlint-1.10/FilesCheck.py @@ -872,7 +872,8 @@ class FilesCheck(AbstractCheck.AbstractC f.endswith('.la')): printError(pkg, 'script-without-shebang', f) - if not mode_is_exec and not is_doc: + if not mode_is_exec and not is_doc and \ + interpreter and interpreter.startswith("/"): printError(pkg, 'non-executable-script', f, "%o" % perm, interpreter, interpreter_args) ++++++ suse-binarieschecks.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] suse-binarieschecks.diff =================================================================== --- BinariesCheck.py | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 56 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -16,7 +16,7 @@ import rpm import AbstractCheck import Config -from Filter import addDetails, printError, printWarning +from Filter import addDetails, printError, printWarning, printInfo import Pkg @@ -56,6 +56,9 @@ class BinaryInfo(object): chroot_call_regex = create_regexp_call('chroot') # 401eb8: e8 c3 f0 ff ff callq 400f80 <chdir@plt> objdump_call_regex = re.compile(br'callq?\s(.*)') + debuginfo_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.debug_.*\s+') + symtab_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.symtab\s+') + gethostbyname_call_regex = create_regexp_call(r'(gethostbyname|gethostbyname2|gethostbyaddr|gethostbyname_r|gethostbyname2_r|gethostbyaddr_r)') forbidden_functions = Config.getOption("WarnOnFunction") if forbidden_functions: @@ -84,7 +87,10 @@ class BinaryInfo(object): self.exec_stack = False self.exit_calls = [] self.forbidden_calls = [] + self.calls_gethostbyname = False fork_called = False + self.debuginfo = False + self.symtab = False self.tail = '' self.setgid = False @@ -121,6 +127,14 @@ class BinaryInfo(object): self.non_pic = False continue + if BinaryInfo.debuginfo_regex.search(l): + self.debuginfo = True + continue + + if BinaryInfo.symtab_regex.search(l): + self.symtab = True + continue + r = BinaryInfo.soname_regex.search(l) if r: self.soname = r.group(1) @@ -161,6 +175,9 @@ class BinaryInfo(object): if BinaryInfo.chroot_call_regex.search(l): self.chroot = True + if BinaryInfo.gethostbyname_call_regex.search(l): + self.calls_gethostbyname = True + if BinaryInfo.forbidden_functions: for r_name, func in BinaryInfo.forbidden_functions.items(): ret = func['f_regex'].search(l) @@ -392,13 +409,26 @@ class BinariesCheck(AbstractCheck.Abstra continue # stripped ? - if 'not stripped' in pkgfile.magic: + if ('not stripped' in pkgfile.magic and + (os.environ.get('BUILD_DIR', '') == '' or + os.environ.get('BUILD_DEBUG', '') != '')): printWarning(pkg, 'unstripped-binary-or-object', fname) # inspect binary file is_shlib = so_regex.search(fname) bin_info = BinaryInfo(pkg, pkgfile.path, fname, is_ar, is_shlib) + # stripped static library + if is_ar: + if bin_info.readelf_error: + pass + elif not bin_info.symtab: + printError(pkg, 'static-library-without-symtab', fname) + elif (not bin_info.debuginfo and + (os.environ.get('BUILD_DIR', '') == '' or + os.environ.get('BUILD_DEBUG', '') != '')): + printWarning(pkg, 'static-library-without-debuginfo', fname) + if is_shlib: has_lib = True @@ -453,6 +483,10 @@ class BinariesCheck(AbstractCheck.Abstra printWarning(pkg, ec, fname, BinaryInfo.forbidden_functions[ec]['f_name']) + # gethostbyname ? + if bin_info.calls_gethostbyname: + printInfo(pkg, 'binary-or-shlib-calls-gethostbyname', fname) + # rpath ? if bin_info.rpath: for p in bin_info.rpath: @@ -666,6 +700,14 @@ with the intended shared libraries only. 'ldd-failed', '''Executing ldd on this file failed, all checks could not be run.''', +'static-library-without-symtab', +'''The static library doesn't contain any symbols and therefore can't be linked +against. This may indicated that it was strip.''', + +'static-library-without-debuginfo', +'''The static library doesn't contain any debuginfo. Binaries linking against +this static library can't be properly debugged.''', + 'executable-stack', '''The binary declares the stack as executable. Executable stack is usually an error as it is only needed if the code contains GCC trampolines or similar @@ -678,6 +720,10 @@ don\'t define a proper .note.GNU-stack s make the stack executable. Usual suspects include use of a non-GNU linker or an old GNU linker version.''', +'binary-or-shlib-calls-gethostbyname', +'''The binary calls gethostbyname(). Please port the code to use +getaddrinfo().''', + 'shared-lib-calls-exit', '''This library package calls exit() or _exit(), probably in a non-fork() context. Doing so from a library is strongly discouraged - when a library @@ -696,6 +742,12 @@ that use prelink, make sure that prelink placing a blacklist file in /etc/prelink.conf.d. For more information, see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=256900#49''', +'unstripped-binary-or-object', +'''stripping debug info from binaries happens automatically according to global +project settings. So there's normally no need to manually strip binaries. +Left over unstripped binaries could therefore indicate a bug in the automatic +stripping process.''', + 'non-position-independent-executable', '''This executable must be position independent. Check that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''', ++++++ suse-checks.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:37 +0200 Subject: [PATCH] suse-checks.diff =================================================================== --- Config.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Config.py b/Config.py index ac3c5ea..f27607c 100644 --- a/Config.py +++ b/Config.py @@ -16,14 +16,13 @@ try: except ImportError: __version__ = 'devel' -DEFAULT_CHECKS = ("DistributionCheck", +DEFAULT_CHECKS = ( "TagsCheck", "BinariesCheck", "ConfigCheck", "FilesCheck", "DocFilesCheck", "FHSCheck", - "SignatureCheck", "I18NCheck", "MenuCheck", "PostCheck", ++++++ suse-filter-exception.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] suse-filter-exception.diff =================================================================== --- Config.py | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 54 insertions(+), 7 deletions(-) Index: rpmlint-rpmlint-1.10/Config.py =================================================================== --- rpmlint-rpmlint-1.10.orig/Config.py +++ rpmlint-rpmlint-1.10/Config.py @@ -114,12 +114,23 @@ def getOption(name, default=""): _filters = [] _filters_re = None +_filters_non_except = [] +_filters_non_except_re = None + +_filters_except = [] +_filters_except_re = None def addFilter(s): global _filters_re + global _filters_except + + if len(_filters_except): + _filters.append(s) + _filters_re = None + else: + _filters_non_except.append(s) + _filters_non_except_re = None - _filters.append(s) - _filters_re = None def removeFilter(s): @@ -137,8 +148,13 @@ _scoring = {} def setBadness(s, score): + global _scoring _scoring[s] = score +def setFilterException(s): + global _filters_except + + _filters_except.append(s) def badness(s): return _scoring.get(s, 0) @@ -149,11 +165,24 @@ _non_named_group_re = re.compile(r'[^\\] def isFiltered(s): global _filters_re + global _filters_except + global _filters_except_re + global _filters_non_except + global _filters_non_except_re - if _filters_re is None: - # no filter - if len(_filters) == 0: - return False + if _filters_non_except_re == None and len(_filters_non_except): + _filters_non_except_re = '(?:' + _filters_non_except[0] + ')' + + for idx in range(1, len(_filters_non_except)): + # to prevent named group overflow that happen when there is too + # many () in a single regexp: AssertionError: sorry, but this + # version only supports 100 named groups + if '(' in _filters_non_except[idx]: + _non_named_group_re.subn('(:?', _filters_non_except[idx]) + _filters_non_except_re = _filters_non_except_re + '|(?:' + _filters_non_except[idx] +')' + _filters_non_except_re = re.compile(_filters_non_except_re) + + if _filters_re == None and len(_filters): _filters_re = '(?:' + _filters[0] + ')' for idx in range(1, len(_filters)): @@ -165,9 +194,27 @@ def isFiltered(s): _filters_re = _filters_re + '|(?:' + _filters[idx] + ')' _filters_re = re.compile(_filters_re) + if _filters_except_re == None and len(_filters_except): + _filters_except_re = '(?:' + _filters_except[0] + ')' + + for idx in range(1, len(_filters_except)): + # to prevent named group overflow that happen when there is too + # many () in a single regexp: AssertionError: sorry, but this + # version only supports 100 named groups + if '(' in _filters_except[idx]: + _non_named_group_re.subn('(:?', _filters_except[idx]) + _filters_except_re = _filters_except_re + '|(?:' + _filters_except[idx] +')' + _filters_except_re = re.compile(_filters_except_re) + if not no_exception: - if _filters_re.search(s): + + if _filters_non_except_re and _filters_non_except_re.search(s): return True + if _filters_except_re and _filters_except_re.search(s): + return False + if _filters_re and _filters_re.search(s): + return True + return False # Config.py ends here ++++++ suse-filter-more-verbose.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] suse-filter-more-verbose.diff =================================================================== --- Config.py | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/Config.py =================================================================== --- rpmlint-rpmlint-1.10.orig/Config.py +++ rpmlint-rpmlint-1.10/Config.py @@ -10,6 +10,7 @@ import locale import os.path import re +import sys try: from __version__ import __version__ @@ -180,7 +181,17 @@ def isFiltered(s): if '(' in _filters_non_except[idx]: _non_named_group_re.subn('(:?', _filters_non_except[idx]) _filters_non_except_re = _filters_non_except_re + '|(?:' + _filters_non_except[idx] +')' - _filters_non_except_re = re.compile(_filters_non_except_re) + try: + _filters_non_except_re = re.compile(_filters_non_except_re) + except Exception: + # Try to figure out which filter caused the error + for f in _filters_non_except[1:]: + try: + re.compile(f) + except Exception as e: + # can't use Pkg.error/warn here, as that would recurse + print >> sys.stderr, "(none): E: %s in filter '%s'" % (e.message, f) + sys.exit(2) if _filters_re == None and len(_filters): _filters_re = '(?:' + _filters[0] + ')' @@ -192,7 +203,17 @@ def isFiltered(s): if '(' in _filters[idx]: _non_named_group_re.subn('(:?', _filters[idx]) _filters_re = _filters_re + '|(?:' + _filters[idx] + ')' - _filters_re = re.compile(_filters_re) + try: + _filters_re = re.compile(_filters_re) + except Exception: + # Try to figure out which filter caused the error + for f in _filters[1:]: + try: + re.compile(f) + except Exception as e: + # can't use Pkg.error/warn here, as that would recurse + print >> sys.stderr, "(none): E: %s in filter '%s'" % (e.message, f) + sys.exit(2) if _filters_except_re == None and len(_filters_except): _filters_except_re = '(?:' + _filters_except[0] + ')' ++++++ suse-ignore-specfile-errors.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:40 +0200 Subject: [PATCH] suse-ignore-specfile-errors.diff =================================================================== --- SpecCheck.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) Index: rpmlint-rpmlint-1.10/SpecCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -559,9 +559,8 @@ class SpecCheck(AbstractCheck.AbstractCh printWarning(pkg, "patch-not-applied", "Patch%d:" % pnum, pfile) - # Rest of the checks require a real spec file - if not self._spec_file: - return + # Skip rest of the checks + return # We'd like to parse the specfile only once using python bindings, # but it seems errors from rpmlib get logged to stderr and we can't ++++++ suse-pkg-config-check.diff ++++++ --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -416,6 +416,7 @@ lib_devel_number_regex = re.compile(r'^l invalid_url_regex = re.compile(Config.getOption('InvalidURL'), re.IGNORECASE) lib_package_regex = re.compile(r'(?:^(?:compat-)?lib.*?(\.so.*)?|libs?[\d-]*)$', re.IGNORECASE) leading_space_regex = re.compile(r'^\s+') +pkg_config_regex = re.compile(r'^/usr/(?:lib\d*|share)/pkgconfig/') license_regex = re.compile(r'\(([^)]+)\)|\s(?:and|or|AND|OR)\s') invalid_version_regex = re.compile(r'([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE) # () are here for grouping purpose in the regexp @@ -635,10 +636,12 @@ class TagsCheck(AbstractCheck.AbstractCh base = is_devel.group(1) dep = None has_so = False + has_pc = False for fname in pkg.files(): if fname.endswith('.so'): has_so = True - break + if pkg_config_regex.match(fname) and fname.endswith('.pc'): + has_pc = True if has_so: base_or_libs = base + '/' + base + '-libs/lib' + base # try to match *%_isa as well (e.g. "(x86-64)", "(x86-32)") @@ -675,6 +678,15 @@ class TagsCheck(AbstractCheck.AbstractCh if prov not in (x[0] for x in pkg.provides()): printWarning(pkg, 'no-provides', prov) + if has_pc: + found_pkg_config_dep = False + for p in (x[0] for x in pkg.provides()): + if (p.startswith("pkgconfig(")): + found_pkg_config_dep = True + break + if not found_pkg_config_dep: + printWarning(pkg, 'no-pkg-config-provides') + # List of words to ignore in spell check ignored_words = set() for pf in pkg.files(): @@ -1108,6 +1120,11 @@ once.''', 'no-url-tag', '''The URL tag is missing. Please add a http or ftp link to the project location.''', +'no-pkg-config-provides', +'''The package installs a .pc file but does not provide pkgconfig(..) provides. +The most likely reason for that is that it was built without BuildRequires: pkg-config. +Please double check your build dependencies.''', + 'name-repeated-in-summary', '''The name of the package is repeated in its summary. This is often redundant information and looks silly in various programs' output. Make the summary ++++++ suse-python3-naming-policy.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:37 +0200 Subject: [PATCH] suse-python3-naming-policy.diff =================================================================== --- NamingPolicyCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/NamingPolicyCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/NamingPolicyCheck.py +++ rpmlint-rpmlint-1.10/NamingPolicyCheck.py @@ -89,7 +89,7 @@ check = NamingPolicyCheck() # if somone as a elegant solution, I will be happy to implement and test it. check.add_check('xmms', '^xmms(-|$)', '^/usr/lib(64)?/xmms/') -check.add_check('python', '^python(-|$)', '^/usr/lib(64)?/python[1-9](-[1-9])?') +#check.add_check('python', '^python(2|3)?(-|$)', '^/usr/lib(64)?/python[1-9](-[1-9])?') check.add_check('perl5', '^perl(-|$)', '^/usr/lib(64)?/perl5/vendor_perl') check.add_check('apache2', '^apache2-mod_', '^/usr/lib(64)?/apache2-') check.add_check('fortune', '^fortune(-|$)', '^/usr/share/games/fortunes/') ++++++ suse-rpmlint-all-pie.patch ++++++ Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -549,10 +549,14 @@ class BinariesCheck(AbstractCheck.Abstra if ocaml_mixed_regex.search(bin_info.tail): printWarning(pkg, 'ocaml-mixed-executable', fname) - if ((not is_shobj and not is_pie_exec) and - pie_exec_re and pie_exec_re.search(fname)): - printError(pkg, 'non-position-independent-executable', - fname) + if (not is_shobj and not is_pie_exec): + if pie_exec_re and pie_exec_re.search(fname): + printError( + pkg, 'non-position-independent-executable', fname) + else: + printWarning( + pkg, 'position-independent-executable-suggested', + fname) if bin_info.readelf_error: continue @@ -804,6 +808,10 @@ stripping process.''', '''This executable must be position independent. Check that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''', +'position-independent-executable-suggested', +'''This executable should be position independent (all binaries should). Check +that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''', + 'missing-call-to-setgroups-before-setuid', '''This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all ++++++ suse-shlib-devel-dependency.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:39 +0200 Subject: [PATCH] suse-shlib-devel-dependency.diff =================================================================== --- TagsCheck.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -663,10 +663,10 @@ class TagsCheck(AbstractCheck.AbstractCh if pkg_config_regex.match(fname) and fname.endswith('.pc'): has_pc = True if has_so: - base_or_libs = base + '/' + base + '-libs/lib' + base + base_or_libs = base + '*' + '/' + base + '-libs/lib' + base + '*' # try to match *%_isa as well (e.g. "(x86-64)", "(x86-32)") base_or_libs_re = re.compile( - r'^(lib)?%s(-libs)?(\(\w+-\d+\))?$' % re.escape(base)) + r'^(lib)?%s(-libs)?[\d_]*(\(\w+-\d+\))?$' % re.escape(base)) for d in deps: if base_or_libs_re.match(d[0]): dep = d ++++++ suse-skip-macro-expansion.diff ++++++ Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -462,16 +462,6 @@ so_dep_regex = re.compile(r'\.so(\.[0-9a # we assume that no rpm packages existed before rpm itself existed... oldest_changelog_timestamp = calendar.timegm(time.strptime("1995-01-01", "%Y-%m-%d")) -private_so_paths = set() -for path in ('%perl_archlib', '%perl_vendorarch', '%perl_sitearch', - '%python_sitearch', '%python2_sitearch', '%python3_sitearch', - '%ruby_sitearch', '%php_extdir'): - epath = rpm.expandMacro(path) - if epath and epath != path: - private_so_paths.add(epath) - private_so_paths.add(re.sub(r'/lib64(?=/|$)', '/lib', epath)) - private_so_paths.add(re.sub(r'/lib(?=/|$)', '/lib64', epath)) - _enchant_checkers = {} @@ -921,14 +911,6 @@ class TagsCheck(AbstractCheck.AbstractCh res = Pkg.b2s(pkg[getattr(rpm, 'RPMTAG_%s' % tag.upper())]) self._unexpanded_macros(pkg, tag, res) - for path in private_so_paths: - for fname, pkgfile in pkg.files().items(): - if fname.startswith(path): - for prov in pkgfile.provides: - if so_dep_regex.search(prov[0]): - printWarning(pkg, "private-shared-object-provides", - fname, Pkg.formatRequire(*prov)) - def check_description(self, pkg, lang, ignored_words): description = pkg.langtag(rpm.RPMTAG_DESCRIPTION, lang) if use_utf8: ++++++ suse-spdx-license-exceptions.patch ++++++ >From a7e8eca225a09c08742627af7b0c9bc7db9f44b3 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Wed, 6 Apr 2016 11:29:40 +0200 Subject: [PATCH] Handle SPDX style license exceptions --- TagsCheck.py | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -139,6 +139,34 @@ DEFAULT_VALID_LICENSES = ( 'Shareware', ) +DEFAULT_VALID_LICENSE_EXCEPTIONS = ( + '389-exception', + 'Autoconf-exception-2.0', + 'Autoconf-exception-3.0', + 'Bison-exception-2.2', + 'CLISP-exception-2.0', + 'Classpath-exception-2.0', + 'DigiRule-FOSS-exception', + 'FLTK-exception', + 'Fawkes-Runtime-exception', + 'Font-exception-2.0', + 'GCC-exception-2.0', + 'GCC-exception-3.1', + 'LZMA-exception', + 'Libtool-exception', + 'Nokia-Qt-exception-1.1', + 'OCCT-exception-1.0', + 'Qwt-exception-1.0', + 'WxWindows-exception-3.1', + 'eCos-exception-2.0', + 'freertos-exception-2.0', + 'gnu-javamail-exception', + 'i2p-gpl-java-exception', + 'mif-exception', + 'openvpn-openssl-exception', + 'u-boot-exception-2.0', +) + BAD_WORDS = { 'alot': 'a lot', 'accesnt': 'accent', @@ -404,6 +432,7 @@ VALID_GROUPS = Config.getOption('ValidGr if VALID_GROUPS is None: # get defaults from rpm package only if it's not set VALID_GROUPS = Pkg.get_default_valid_rpmgroups() VALID_LICENSES = Config.getOption('ValidLicenses', DEFAULT_VALID_LICENSES) +VALID_LICENSE_EXCEPTIONS = Config.getOption('ValidLicenseExceptions', DEFAULT_VALID_LICENSE_EXCEPTIONS) INVALID_REQUIRES = map(re.compile, Config.getOption('InvalidRequires', DEFAULT_INVALID_REQUIRES)) packager_regex = re.compile(Config.getOption('Packager')) changelog_version_regex = re.compile(r'[^>]([^ >]+)\s*$') @@ -418,6 +447,7 @@ lib_package_regex = re.compile(r'(?:^(?: leading_space_regex = re.compile(r'^\s+') pkg_config_regex = re.compile(r'^/usr/(?:lib\d*|share)/pkgconfig/') license_regex = re.compile(r'\(([^)]+)\)|\s(?:and|or|AND|OR)\s') +license_exception_regex = re.compile(r'(\S+)\sWITH\s(\S+)') invalid_version_regex = re.compile(r'([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE) # () are here for grouping purpose in the regexp forbidden_words_regex = re.compile(r'(%s)' % Config.getOption('ForbiddenWords'), re.IGNORECASE) @@ -788,6 +818,10 @@ class TagsCheck(AbstractCheck.AbstractCh # printWarning(pkg, 'package-provides-itself') # break + def split_license_exception(license): + x, y = license_exception_regex.split(license)[1:3] or (license, "") + return x.strip(), y.strip() + def split_license(license): return (x.strip() for x in (l for l in license_regex.split(license) if l)) @@ -798,7 +832,17 @@ class TagsCheck(AbstractCheck.AbstractCh else: valid_license = True if rpm_license not in VALID_LICENSES: - for l1 in split_license(rpm_license): + license_string = rpm_license + + l1, lexception = split_license_exception(rpm_license) + # SPDX allows "<license> WITH <license-exception>" + if lexception: + license_string = l1 + if lexception not in VALID_LICENSE_EXCEPTIONS: + printWarning(pkg, 'invalid-license-exception', lexception) + valid_license = False + + for l1 in split_license(license_string): if l1 in VALID_LICENSES: continue for l2 in split_license(l1): @@ -1074,6 +1118,11 @@ your specfile.''', '''The value of the License tag was not recognized. Known values are: "%s".''' % '", "'.join(VALID_LICENSES), +'invalid-license-exception', +'''The ' WITH <x> ' license exception of the License tag was not recognized. +Known values are: +"%s".''' % '", "'.join(VALID_LICENSE_EXCEPTIONS), + 'obsolete-not-provided', '''If a package is obsoleted by a compatible replacement, the obsoleted package should also be provided in order to not cause unnecessary dependency breakage. ++++++ suse-speccheck-utf8.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:40 +0200 Subject: [PATCH] suse-speccheck-utf8.diff =================================================================== --- SpecCheck.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.10/SpecCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -648,8 +648,8 @@ SPEC file to build a valid RPM package.' ("Name:" tag). Either rename your package or the specfile.''', 'non-utf8-spec-file', -'''The character encoding of the spec file is not UTF-8. Convert it for -example using iconv(1).''', +'''The character encoding of the spec file (or the merged bits from the .changes file) +is not UTF-8. Convert it for example using iconv(1).''', 'use-of-RPM_SOURCE_DIR', '''You use $RPM_SOURCE_DIR or %{_sourcedir} in your spec file. If you have to ++++++ suse-tests-without-badness.patch ++++++ Index: rpmlint-rpmlint-1.10/test.sh =================================================================== --- rpmlint-rpmlint-1.10.orig/test.sh +++ rpmlint-rpmlint-1.10/test.sh @@ -19,7 +19,10 @@ for i in $TESTPATH/test.*.py; do fi done -run_rpmlint="$PYTHON ./rpmlint -C $(pwd)" +export RPMLINT_SKIP_GLOBAL=1 + +run_rpmlint="$PYTHON ./rpmlint -f config -C $(pwd)" + echo "Check that rpmlint executes with no unexpected errors" echo "...in default locale" @@ -40,10 +46,6 @@ $PYTEST -v || exit $? unset PYTHONWARNINGS -echo "$FLAKE8 tests" -$FLAKE8 --version -$FLAKE8 . ./rpmdiff ./rpmlint || exit $? - echo "man page tests" if man --help 2>&1 | grep -q -- --warnings; then tmpfile=$(mktemp) || exit 1 Index: rpmlint-rpmlint-1.10/rpmlint =================================================================== --- rpmlint-rpmlint-1.10.orig/rpmlint +++ rpmlint-rpmlint-1.10/rpmlint @@ -269,8 +269,10 @@ if not os.path.exists(os.path.expanduser info_error = set() # load global config files -configs = glob.glob('/etc/rpmlint/*config') -configs.sort() +configs = [] +if 'RPMLINT_SKIP_GLOBAL' not in os.environ: + configs = glob.glob('/etc/rpmlint/*config') + configs.sort() # Was rpmlint invoked as a prefixed variant? m = re.match(r"(?P<prefix>[\w-]+)-rpmlint(\.py)?", argv0) ++++++ suse-url-check.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:37 +0200 Subject: [PATCH] suse-url-check.diff =================================================================== --- TagsCheck.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: rpmlint-rpmlint-1.9/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.9.orig/TagsCheck.py +++ rpmlint-rpmlint-1.9/TagsCheck.py @@ -796,7 +796,7 @@ class TagsCheck(AbstractCheck.AbstractCh if not valid_license: self._unexpanded_macros(pkg, 'License', rpm_license) - for tag in ('URL', 'DistURL', 'BugURL'): + for tag in ('URL', 'BugURL'): if hasattr(rpm, 'RPMTAG_%s' % tag.upper()): url = Pkg.b2s(pkg[getattr(rpm, 'RPMTAG_%s' % tag.upper())]) self._unexpanded_macros(pkg, tag, url, is_url=True) @@ -1106,7 +1106,7 @@ once.''', '''This rpm requires a specific release of another package.''', 'no-url-tag', -'''The URL tag is missing.''', +'''The URL tag is missing. Please add a http or ftp link to the project location.''', 'name-repeated-in-summary', '''The name of the package is repeated in its summary. This is often redundant ++++++ suse-version.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:37 +0200 Subject: [PATCH] suse-version.diff =================================================================== --- SpecCheck.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) Index: rpmlint-rpmlint-1.10/SpecCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/SpecCheck.py +++ rpmlint-rpmlint-1.10/SpecCheck.py @@ -51,6 +51,7 @@ packager_regex = re_tag_compile('Package buildarch_regex = re_tag_compile('BuildArch(?:itectures)?') buildprereq_regex = re_tag_compile('BuildPreReq') prereq_regex = re_tag_compile(r'PreReq(\(.*\))') +suse_version_regex = re.compile(r'%suse_version\s*[<>=]+\s*(\d+)') make_check_regex = re.compile(r'(^|\s|%{?__)make}?\s+(check|test)') rm_regex = re.compile(r'(^|\s)((.*/)?rm|%{?__rm}?) ') @@ -391,6 +392,12 @@ class SpecCheck(AbstractCheck.AbstractCh if not res.group(1).startswith('%'): printWarning(pkg, 'hardcoded-prefix-tag', res.group(1)) + res = suse_version_regex.search(line) + if res and int(res.group(1)) > 0 and int(res.group(1)) < 1315: + printWarning(pkg, "obsolete-suse-version-check", res.group(1)) + elif res and int(res.group(1)) > 1550: + printError(pkg, "invalid-suse-version-check", res.group(1)) + res = prereq_regex.search(line) if res: printError(pkg, 'prereq-use', res.group(2)) @@ -806,6 +813,15 @@ architecture independent or if some othe in some editors but can lead to obscure errors. It should be replaced by a regular space.''', +'obsolete-suse-version-check', +'''The specfile contains a comparison of %suse_version against a suse release +that is no longer in maintenance. Consider removing obsolete parts of your +spec file to make it more readable.''', + +'invalid-suse-version-check', +'''The specfile contains a comparison of %suse_version against a suse release +that does not exist. Please double check.''', + 'non-standard-group', '''The value of the Group tag in the package is not valid. Valid groups are: "%s".''' % '", "'.join(VALID_GROUPS), ++++++ suse-whitelist-opensuse.diff ++++++ >From ceebc0de2c3a9bb1663418d75a4b0de1d15740b2 Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Sun, 1 Oct 2017 14:06:31 +0200 Subject: [PATCH] Lower false-positives on summary-not-capitalized Allow some 'names' at the beginning of the summary to be non-capitalized. --- TagsCheck.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/TagsCheck.py b/TagsCheck.py index ea131e3..d3da24c 100644 --- a/TagsCheck.py +++ b/TagsCheck.py @@ -397,6 +397,9 @@ BAD_WORDS = { 'xwindows': 'X' } +CAPITALIZED_IGNORE_LIST = ( + 'jQuery', 'openSUSE', 'wxWidgets', 'a', 'an', 'uWSGI') + DEFAULT_INVALID_REQUIRES = ('^is$', '^not$', '^owned$', '^by$', '^any$', '^package$', r'^libsafe\.so\.') @@ -911,7 +914,8 @@ class TagsCheck(AbstractCheck.AbstractCheck): spell_check(pkg, summary, 'Summary(%s)', lang, ignored_words) if '\n' in summary: printError(pkg, 'summary-on-multiple-lines', lang) - if summary[0] != summary[0].upper(): + if (summary[0] != summary[0].upper() and + summary.partition(' ')[0] not in CAPITALIZED_IGNORE_LIST): printWarning(pkg, 'summary-not-capitalized', lang, summary) if summary[-1] == '.': printWarning(pkg, 'summary-ended-with-dot', lang, summary) -- 2.14.1 ++++++ syntax-validator.py ++++++ #!/usr/bin/python # vim:sw=4:et import sys for filename in sys.argv[1:]: try: compile(open(filename).read(), filename, 'exec') except Exception as e: print(e) exit(1) ++++++ update-magic-values-python-37.patch ++++++ >From 52b715763217bbc1cfcad9bba8e6a446e820690e Mon Sep 17 00:00:00 2001 From: Dirk Mueller <[email protected]> Date: Tue, 13 Feb 2018 13:42:27 +0100 Subject: [PATCH] Update Magic values for Python 3.7 (Fixes #123) --- FilesCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FilesCheck.py b/FilesCheck.py index 2ece474..232a918 100644 --- a/FilesCheck.py +++ b/FilesCheck.py @@ -331,7 +331,7 @@ def peek(filename, pkg, length=1024): '3.4': [3310], '3.5': [3350, 3351], # 3350 for < 3.5.2 '3.6': [3379], - '3.7': [3390], + '3.7': [3390, 3391, 3392, 3393], } ++++++ usr-arch.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] usr-arch.diff =================================================================== --- BinariesCheck.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/BinariesCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/BinariesCheck.py +++ rpmlint-rpmlint-1.10/BinariesCheck.py @@ -321,6 +321,7 @@ usr_lib_exception_regex = re.compile(Con srcname_regex = re.compile(r'(.*?)-[0-9]') invalid_dir_ref_regex = re.compile(r'/(home|tmp)(\W|$)') ocaml_mixed_regex = re.compile(r'^Caml1999X0\d\d$') +usr_arch_share_regex = re.compile(r'/share/.*/(?:x86|i.86|x86_64|ppc|ppc64|s390|s390x|ia64|m68k|arm|aarch64)') def dir_base(path): @@ -394,7 +395,7 @@ class BinariesCheck(AbstractCheck.Abstra # arch dependent packages only from here on # in /usr/share ? - if fname.startswith('/usr/share/'): + if fname.startswith('/usr/share/') and not usr_arch_share_regex.search(fname): printError(pkg, 'arch-dependent-file-in-usr-share', fname) # in /etc ? ++++++ yast-provides.diff ++++++ From: Some One <[email protected]> Date: Thu, 9 Apr 2015 14:55:38 +0200 Subject: [PATCH] yast-provides.diff =================================================================== --- TagsCheck.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: rpmlint-rpmlint-1.10/TagsCheck.py =================================================================== --- rpmlint-rpmlint-1.10.orig/TagsCheck.py +++ rpmlint-rpmlint-1.10/TagsCheck.py @@ -859,7 +859,7 @@ class TagsCheck(AbstractCheck.AbstractCh printWarning(pkg, 'no-url-tag') obs_names = [x[0] for x in pkg.obsoletes()] - prov_names = [x[0] for x in pkg.provides()] + prov_names = [x[0].split(':/')[0] for x in pkg.provides()] for o in (x for x in obs_names if x not in prov_names): printWarning(pkg, 'obsolete-not-provided', o)
