Author: rra Date: 2006-07-26 02:25:21 +0200 (Wed, 26 Jul 2006) New Revision: 705
Modified: trunk/checks/changelog-file trunk/checks/changelog-file.desc trunk/collection/changelog-file trunk/debian/changelog trunk/testset/filenames/debian/rules trunk/testset/libbaz/debian/rules trunk/testset/tags.filenames trunk/testset/tags.libbaz Log: * checks/changelog-file{.desc,}: + [RA] Diagnose changelog files that are symlinks, using the new way the changelog-file collection script processes them. * collection/changelog-file: + [RA] Be much more careful about changelog files that are symlinks. Don't skip over changelog symlinks just because they point to non-existant files, mark unsafe symlinks or symlinks to non-existent files by creating copyright as a symlink to a non-existent file in the lab, and don't create an empty dummy changelog if we couldn't find a changelog. Correctly handle changelog files that are symlinks to other files in the same directory. Modified: trunk/checks/changelog-file =================================================================== --- trunk/checks/changelog-file 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/checks/changelog-file 2006-07-26 00:25:21 UTC (rev 705) @@ -212,6 +212,19 @@ } } +# Everything below involves opening and reading the changelog file, so bail +# with a warning at this point if all we have is a symlink. +if (-l 'changelog') { + tag "debian-changelog-file-is-a-symlink", ""; + return 0; +} + +# Bail at this point if the changelog file doesn't exist. We will have +# already warned about this. +unless (-f 'changelog') { + return 0; +} + # check that changelog is UTF-8 encoded my $line = file_is_encoded_in_non_utf8("changelog", $type, $pkg); if ($line) { Modified: trunk/checks/changelog-file.desc =================================================================== --- trunk/checks/changelog-file.desc 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/checks/changelog-file.desc 2006-07-26 00:25:21 UTC (rev 705) @@ -78,6 +78,19 @@ /usr/share/doc/<i>pkg</i>/changelog.Debian.gz Ref: policy 12.7 +Tag: debian-changelog-file-is-a-symlink +Type: warning +Info: The Debian changelog file is a symlink to a file in a different + directory or not found in this package. Please don't do this. It makes + package checking and manipulation unnecessarily difficult. Because it was + a symlink, the Debian changelog file was not checked for other + problems. (Symlinks to another file in /usr/share/doc/<i>pkg</i> or a + subdirectory thereof are fine and should not trigger this warning.) + . + To refer to the changelog, copyright, and other documentation files of + another package that this one depends on, please symlink the entire + /usr/share/doc/<i>pkg</i> directory rather than individual files. + Tag: debian-changelog-file-missing-or-wrong-name Type: error Info: Each Debian package (which provides a /usr/share/doc/<i>pkg</i> Modified: trunk/collection/changelog-file =================================================================== --- trunk/collection/changelog-file 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/collection/changelog-file 2006-07-26 00:25:21 UTC (rev 705) @@ -46,22 +46,47 @@ my $chl; for (@changelogs) { - if (-f $_) { + if (-l $_ || -f $_) { $chl = $_; last; } } +# If the changelog file we found was a symlink, we have to be careful. It +# could be a symlink to some file outside of the laboratory and we don't want +# to end up reading that file by mistake. Relative links within the same +# directory or to a subdirectory we accept; anything else is replaced by an +# intentinally broken symlink so that checks can do the right thing. +if (defined ($chl) && -l $chl) { + my $link = readlink $chl or fail("cannot readlink $chl: $!"); + if ($link =~ /\.\./ || ($link =~ m%/% && $link !~ m%^[^/]+(/+[^/]+)*\z%)) { + symlink('file-is-in-another-package', 'changelog') + or fail("cannot create changelog symlink: $!"); + undef $chl; + } elsif (! -f $chl) { + undef $chl; + } +} + +# If the changelog was a broken symlink, it will be undefined and we'll now +# treat it the same as if we didn't find a changelog and do nothing. If it +# was a symlink, copy the file, since otherwise the relative symlinks are +# going to break things. if (not defined $chl) { # no changelog found - open(DUMMY, ">changelog"); - close(DUMMY); } elsif ($chl =~ /\.gz$/) { use lib "$ENV{'LINTIAN_ROOT'}/lib"; use Pipeline; pipeline((sub { exec 'gzip', '-dc', $chl }), "changelog") == 0 or fail("error in gzip"); +} elsif (-f $chl && -l $chl) { + local $_; + open (CHL, "< $chl") or fail("cannot open $chl: $!"); + open (COPY, '> changelog') or fail("cannot create changelog: $!"); + print COPY while <CHL>; + close CHL; + close COPY; } else { link($chl, "changelog") or fail("cannot link $chl to changelog: $!"); Modified: trunk/debian/changelog =================================================================== --- trunk/debian/changelog 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/debian/changelog 2006-07-26 00:25:21 UTC (rev 705) @@ -1,5 +1,8 @@ lintian (1.23.23) UNRELEASED; urgency=low + * checks/changelog-file{.desc,}: + + [RA] Diagnose changelog files that are symlinks, using the new way + the changelog-file collection script processes them. * checks/deb-format{.desc,}: + [RA] Remove deb-created-with-broken-tar; the bug was actually in dpkg, and the dpkg in stable has been fixed. Thanks Jari Aalto and @@ -26,6 +29,15 @@ + [RA] Except mkstemp from possibly-insecure-handling-of-tmp-files for maintainer scripts written in Perl. + * collection/changelog-file: + + [RA] Be much more careful about changelog files that are symlinks. + Don't skip over changelog symlinks just because they point to + non-existant files, mark unsafe symlinks or symlinks to non-existent + files by creating copyright as a symlink to a non-existent file in + the lab, and don't create an empty dummy changelog if we couldn't + find a changelog. Correctly handle changelog files that are + symlinks to other files in the same directory. + * debian/copyright: + [RA] Add Subversion repository location. @@ -38,7 +50,7 @@ therefore cause lintian to exit with non-zero status. Thanks, Andree Leidenfrost and Martin F. Krafft. (Closes: #377182, #374314) - -- Russ Allbery <[EMAIL PROTECTED]> Tue, 25 Jul 2006 15:41:51 -0700 + -- Russ Allbery <[EMAIL PROTECTED]> Tue, 25 Jul 2006 17:20:15 -0700 lintian (1.23.22) unstable; urgency=low Modified: trunk/testset/filenames/debian/rules =================================================================== --- trunk/testset/filenames/debian/rules 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/testset/filenames/debian/rules 2006-07-26 00:25:21 UTC (rev 705) @@ -91,8 +91,7 @@ install -d debian/tmp/usr/include/X11 touch debian/tmp/usr/include/X11/foo.h - touch debian/tmp/usr/share/doc/filenames/Changes - chmod 644 debian/tmp/usr/share/doc/filenames/Changes + install -m 644 debian/changelog debian/tmp/usr/share/doc/filenames/Changes gzip -9 debian/tmp/usr/share/doc/filenames/Changes ln -s Changes.gz debian/tmp/usr/share/doc/filenames/changelog.gz Modified: trunk/testset/libbaz/debian/rules =================================================================== --- trunk/testset/libbaz/debian/rules 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/testset/libbaz/debian/rules 2006-07-26 00:25:21 UTC (rev 705) @@ -27,10 +27,16 @@ chmod a-x debian/libbaz2/usr/lib/* # General stuff that is tested in other testsets: - dh_installchangelogs -plibbaz2 -plibbaz2-dev dh_installdocs -plibbaz2 -plibbaz2-dev dh_compress -plibbaz2 -plibbaz2-dev + # Mess up the libbaz2 changelog files to test the symlink handling. + ln -s /usr/share/doc/lintian/changelog.gz \ + debian/libbaz2/usr/share/doc/libbaz2/changelog.gz + install -m 644 debian/changelog \ + debian/libbaz2-dev/usr/share/doc/libbaz2-dev/foo + ln -s foo debian/libbaz2-dev/usr/share/doc/libbaz2-dev/changelog + # Okay, if either line is omitted, it should be noted dh_strip -plibbaz2 -plibbaz2-dev dh_makeshlibs -plibbaz2 -plibbaz2-dev Modified: trunk/testset/tags.filenames =================================================================== --- trunk/testset/tags.filenames 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/testset/tags.filenames 2006-07-26 00:25:21 UTC (rev 705) @@ -70,8 +70,6 @@ W: filenames: symlink-is-self-recursive usr/lib/filenames/symlink5ok+warn .. W: filenames: symlink-is-self-recursive usr/lib/filenames/symlink6ok+warn . W: filenames: symlink-is-self-recursive usr/lib/filenames/symlink7ok+warn / -W: filenames: syntax-error-in-debian-changelog line 0 "found eof where expected first heading" -W: filenames: zero-byte-file-in-doc-directory usr/share/doc/filenames/Changes.gz W: filenames: zero-byte-file-in-doc-directory usr/share/doc/filenames/README.macosx W: filenames: zero-byte-file-in-doc-directory usr/share/doc/filenames/examples/very_interesting_example W: filenames: zero-byte-file-in-doc-directory usr/share/doc/filenames/examples/very_interesting_example2.gz Modified: trunk/testset/tags.libbaz =================================================================== --- trunk/testset/tags.libbaz 2006-07-25 22:42:56 UTC (rev 704) +++ trunk/testset/tags.libbaz 2006-07-26 00:25:21 UTC (rev 705) @@ -12,7 +12,9 @@ E: libbaz1: shlib-with-non-pic-code usr/lib/libbaz1.so.1.0.3b E: libbaz1: unstripped-binary-or-object ./usr/lib/libbaz1.so.1.0.3b E: libbaz1: unstripped-binary-or-object ./usr/lib/libfoo2.so.1.0.3b +E: libbaz2-dev: changelog-file-not-compressed changelog E: libbaz2: postinst-must-call-ldconfig usr/lib/libbaz2.so.1.0.3b +E: libbaz2: symlink-should-be-relative usr/share/doc/libbaz2/changelog.gz /usr/share/doc/lintian/changelog.gz I: libbaz1: possible-non-posix-code-in-maintainer-script postinst:6 '[ -d /usr/doc -a ! -e /usr/doc/$PKG -a ' I: libbaz1: possible-non-posix-code-in-maintainer-script prerm:5 '[ \( "$1" = "upgrade" -o "$1" = "remove" \) -a ' W: libbaz source: ancient-standards-version 3.2.1 (current is 3.7.2) @@ -26,4 +28,5 @@ W: libbaz1: unused-shlib-entry-in-control-file libdoesntexist2 1.0 W: libbaz1: unused-shlib-entry-in-control-file udeb: libdoesntexist2 1.0 W: libbaz1: zero-byte-file-in-doc-directory usr/share/doc/README.Debian +W: libbaz2: debian-changelog-file-is-a-symlink W: libbaz2: package-name-doesnt-match-sonames libbaz2-1.0 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]