[SCM] Debian package checker branch, master, updated. 2.1.3-17-g3dc5876

2008-12-29 Thread Russ Allbery 
The following commit has been merged in the master branch:
commit a969085f2a78d2caffd8b07efa483ee666bdc877
Author: Russ Allbery r...@debian.org
Date:   Mon Dec 29 14:57:51 2008 -0800

Process the archive in sorted order

* frontend/lintian:
  + [RA] When processing the entire archive, do so in sorted order.

This helps when watching the full archive lintian.d.o run to tell where it
is in the archive.

Also remove some debugging code that doesn't make sense to me.

diff --git a/debian/changelog b/debian/changelog
index 55ab596..d485642 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -36,6 +36,9 @@ lintian (2.1.4) UNRELEASED; urgency=low
 + [RA] New check-tag target which runs all test cases in the new test
   suite that check for or against a particular tag.
 
+  * frontend/lintian:
++ [RA] When processing the entire archive, do so in sorted order.
+
   * private/update-never-seen:
 + [RA] Merge data from both test suites and use the tag files for the
   old test suite rather than relying on runtests -v.
diff --git a/frontend/lintian b/frontend/lintian
index 4b96d52..ea4bc34 100755
--- a/frontend/lintian
+++ b/frontend/lintian
@@ -1251,26 +1251,23 @@ if ($check_everything) {
 read_udeb_list($LINTIAN_LAB/info/udeb-packages, 0);
 
 debug_msg(2, pkg_mode = $pkg_mode);
-for my $arg (keys %source_info) {
-   debug_msg(2, keys %source_info);
-}
 
 if (($pkg_mode eq 'a') or ($pkg_mode eq 's')) {
-   for my $arg (keys %source_info) {
+   for my $arg (sort keys %source_info) {
debug_msg(1, doing stuff with 
$LINTIAN_ARCHIVEDIR/$source_info{$arg}-{'file'});
$schedule-add_file('s', 
$LINTIAN_ARCHIVEDIR/$source_info{$arg}-{'file'},
%{$source_info{$arg}});
}
 }
 if (($pkg_mode eq 'a') or ($pkg_mode eq 'b')) {
-   for my $arg (keys %binary_info) {
+   for my $arg (sort keys %binary_info) {
debug_msg(1, doing stuff with 
$LINTIAN_ARCHIVEDIR/$binary_info{$arg}-{'file'});
$schedule-add_file('b', 
$LINTIAN_ARCHIVEDIR/$binary_info{$arg}-{'file'},
%{$binary_info{$arg}});
}
 }
 if (($pkg_mode eq 'a') or ($pkg_mode eq 'u')) {
-   for my $arg (keys %udeb_info) {
+   for my $arg (sort keys %udeb_info) {
debug_msg(1, doing stuff with 
$LINTIAN_ARCHIVEDIR/$udeb_info{$arg}-{'file'});
$schedule-add_file('u', 
$LINTIAN_ARCHIVEDIR/$udeb_info{$arg}-{'file'},
%{$udeb_info{$arg}});

-- 
Debian package checker


-- 
To UNSUBSCRIBE, email to debian-lint-maint-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

[SCM] Debian package checker branch, master, updated. 2.1.3-17-g3dc5876

2008-12-29 Thread Russ Allbery 
The following commit has been merged in the master branch:
commit 3dc58767f21fec9df9f0f40cf1ea66175483e257
Author: Russ Allbery r...@debian.org
Date:   Mon Dec 29 16:25:38 2008 -0800

Check for scripts in /etc calling init scripts directly

* checks/scripts{,.desc}:
  + [RA] Check for scripts in /etc that call init scripts directly
without using invoke-rc.d.  Based on a patch by Raphael Geissert.
(Closes: #381485)

diff --git a/checks/scripts b/checks/scripts
index 2085b06..919f92d 100644
--- a/checks/scripts
+++ b/checks/scripts
@@ -185,6 +185,11 @@ our @depends_needed = (
[ 'xml-core'= '\bupdate-xmlcatalog\s' ],
 );
 
+# When detecting commands inside shell scripts, use this regex to match the
+# beginning of the command rather than checking whether the command is at the
+# beginning of a line.
+our $LEADIN = qr'(?:(?:^|[`;(|{])\s*|(?:if|then|do|while)\s+)';
+
 sub run {
 
 my %executable = ();
@@ -327,6 +332,41 @@ for my $filename (sort keys %{$info-scripts}) {
tag(unusual-interpreter, $filename, #!$interpreter);
 }
 
+# Do some additional checks on shell scripts in /etc.  This should
+# probably be extended eventually to any script in a public directory.
+# This also needs smarter processing of multiline quoted strings,
+# heredocs, and so forth.  Hopefully it will do for right now.
+if ($filename =~ m,^./etc/, and $base =~ /^$known_shells_regex$/) {
+   my ($saw_init, $saw_invoke);
+   local $.;
+   open(FH, '', 'unpacked/' . $filename);
+   while (FH) {
+   next if m,^\s*$,;  # skip empty lines
+   next if m,^\s*\#,; # skip comment lines
+   s/\#.*$//; # eat comments
+   chomp;
+
+   # Check for running init scripts directly instead of via
+   # invoke-rc.d.  Scripts are allowed to reinvoke themselves with a
+   # different argument; some init scripts implement actions that
+   # way.  Scripts are also allowed to do this for actions other than
+   # those defined for invoke-rc.d.
+   if (m,$LEADIN/etc/init.d/(\S+)\s+[\\']?(\S+)[\\']?,) {
+   my ($script, $action) = ($1, $2);
+   next if ./etc/init.d/$script eq $filename;
+   next unless $action =~ 
/^(force-)?(start|stop|restart|reload|status)$/;
+   $saw_init = $.;
+   }
+   if (m%^\s*invoke-rc\.d\s+%) {
+   $saw_invoke = 1;
+   }
+   }
+   close(FH);
+   if ($saw_init and not $saw_invoke) {
+   tag 'script-calls-init-script-directly', $filename:$saw_init;
+   }
+}
+
 # If we found the interpreter and the script is executable, check
 # dependencies.  This should be the last thing we do in the loop so that
 # we can use next for an early exit and reduce the nesting.
@@ -491,7 +531,6 @@ while (SCRIPTS) {
 my %warned;
 my ($saw_init, $saw_invoke, $saw_debconf, $saw_sete, $has_code);
 my $cat_string = ;
-my $LEADIN = qr'(?:(?:^|[`;(|{])\s*|(?:if|then|do|while)\s+)';
 
 my $previous_line = ;
 while (C) {
@@ -547,7 +586,7 @@ while (SCRIPTS) {
}
 
# Collect information about init script invocations to catch running
-   # init scripts directory rather than through invoke-rc.d.  Since the
+   # init scripts directly rather than through invoke-rc.d.  Since the
# script is allowed to run the init script directly if invoke-rc.d
# doesn't exist, only tag direct invocations where invoke-rc.d is
# never used in the same script.  Lots of false negatives, but
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 5889046..c215f5d 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -425,6 +425,15 @@ Info: This script apparently runs an init script directly 
rather than
  available.
 Ref: policy 9.3.3.2
 
+Tag: script-calls-init-script-directly
+Severity: normal
+Certainty: possible
+Info: This script apparently runs an init script directly rather than
+ using ttinvoke-rc.d/tt.  While use of ttinvoke-rc.d/tt is only
+ required for maintainer scripts, supporting the policy layer that it
+ implements is a good idea in any script.
+Ref: policy 9.3.3.2
+
 Tag: gconftool-used-in-maintainer-script
 Severity: normal
 Certainty: possible
diff --git a/debian/changelog b/debian/changelog
index d485642..2a11e8a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ lintian (2.1.4) UNRELEASED; urgency=low
   - desktop-mimetype-without-update-call
   - forbidden-postrm-interpreter
   - preinst-interpreter-without-predepends
+  - script-calls-init-script-directly
   - unknown-control-interpreter (split from unusual-interpreter)
 + Removed
   - desktop-file-but-no-dh_desktop-call
@@ -31,6 +32,9 @@ lintian (2.1.4) UNRELEASED; urgency=low
 interpreter-in-usr-local since the severity is higher.
   - unusual-control-interpreter is certain, not