Hello community, here is the log from the commit of package rpmlint for openSUSE:Factory checked in at Fri Jan 9 01:55:06 CET 2009. -------- --- rpmlint/rpmlint.changes 2008-12-17 14:27:08.000000000 +0100 +++ /mounts/work_src_done/STABLE/rpmlint/rpmlint.changes 2009-01-08 11:14:56.000000000 +0100 @@ -1,0 +2,6 @@ +Thu Jan 8 11:05:50 CET 2009 - lnussel@suse.de + +- prefix dbus check with suse- +- add filelist check + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- CheckFilelist.py ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rpmlint.spec ++++++ --- /var/tmp/diff_new_pack.GA3991/_old 2009-01-09 01:54:29.000000000 +0100 +++ /var/tmp/diff_new_pack.GA3991/_new 2009-01-09 01:54:29.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package rpmlint (Version 0.84) # -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ BuildRequires: rpm-python Summary: Rpm correctness checker Version: 0.84 -Release: 6 +Release: 7 Source0: %{name}-%{version}.tar.bz2 Source1: config Source1001: config.in @@ -41,6 +41,7 @@ Source14: CheckSUIDPermissions.py Source15: CheckPolkitPrivs.py Source16: CheckDBUSServices.py +Source17: CheckFilelist.py Source100: syntax-validator.py Url: http://rpmlint.zarb.org/ License: GPL v2 or later @@ -192,6 +193,7 @@ cp -p %{SOURCE14} . cp -p %{SOURCE15} . cp -p %{SOURCE16} . +cp -p %{SOURCE17} . %build make @@ -218,6 +220,9 @@ /usr/share/man/man1/rpmlint.1.gz %changelog +* Thu Jan 08 2009 lnussel@suse.de +- prefix dbus check with suse- +- add filelist check * Wed Dec 17 2008 dmueller@suse.de - add whitelist entry for libieee1284 * Thu Dec 11 2008 lnussel@suse.de ++++++ CheckDBUSServices.py ++++++ --- /var/tmp/diff_new_pack.GA3991/_old 2009-01-09 01:54:29.000000000 +0100 +++ /var/tmp/diff_new_pack.GA3991/_new 2009-01-09 01:54:29.000000000 +0100 @@ -15,54 +15,11 @@ import string _services_whitelist = ( -# "avahi-dbus.conf", -# "backup-manager.conf", -# "bluetooth.conf", -# "com.google.code.BackupManager.service", -# "com.novell.Pkcs11Monitor.conf", "ConsoleKit.conf", -# "cups.conf", -# "fi.epitest.hostap.WPASupplicant.service", -# "galago-daemon.conf", -# "gdm.conf", "hal.conf", -# "kerneloops.dbus", -# "knetworkmanager.conf", -# "NetworkManager.conf", -# "newprinternotification.conf", -# "nm-applet.conf", -# "nm-avahi-autoipd.conf", -# "nm-dhcp-client.conf", -# "nm-dispatcher.conf", -# "nm-novellvpn-service.conf", -# "nm-openvpn-service.conf", -# "nm-pptp-service.conf", -# "nm-system-settings.conf", -# "nm-vpnc-service.conf", -# "org.bluez.service", "org.freedesktop.ConsoleKit.service", -# "org.freedesktop.ModemManager.conf", -# "org.freedesktop.ModemManager.service", -# "org.freedesktop.NetworkManagerSystemSettings.service", -# "org.freedesktop.nm_dispatcher.service", -# "org.freedesktop.PackageKit.conf", -# "org.freedesktop.PackageKit.service", "org.freedesktop.PolicyKit.conf", "org.freedesktop.PolicyKit.service", -# "org.gnome.ClockApplet.Mechanism.conf", -# "org.gnome.ClockApplet.Mechanism.service", -# "org.gnome.GConf.Defaults.conf", -# "org.gnome.GConf.Defaults.service", -# "org.opensuse.CupsPkHelper.Mechanism.conf", -# "org.opensuse.CupsPkHelper.Mechanism.service", -# "org.opensuse.yast.SCR.conf", -# "org.opensuse.yast.SCR.service", -# "pommed.conf", -# "powersave.conf", -# "upsd.conf", -# "wpa_supplicant.conf", -# "xorg-server.conf", -# "yum-updatesd.conf", ) # need to end with / so we don't catch directories @@ -93,13 +50,13 @@ bn = f[len(p):] if not bn in _services_whitelist: - printError(pkg, "dbus-unauthorized-service", f) + printError(pkg, "suse-dbus-unauthorized-service", f) check=DBUSServiceCheck() if Config.info: addDetails( -'dbus-unauthorized-service', +'suse-dbus-unauthorized-service', """The package installs an unauthorized DBUS service. Please contact security@suse.de for review.""", ) ++++++ CheckFilelist.py ++++++ # vim:sw=4:et ############################################################################# # File : CheckFilelist.py # Package : rpmlint # Author : Ludwig Nussel # Purpose : Check for wrongly packaged files ############################################################################# from Filter import * import AbstractCheck import re import os import string import fnmatch _defaulterror = 'suse-filelist-forbidden' _defaultmsg = '%(file)s is not allowed anymore in SUSE Linux' def notnoarch(pkg): return pkg.arch != 'noarch' def isdebuginfo(pkg): if pkg.name.endswith('-debuginfo') \ or pkg.name.endswith('-debuginfo-32bit') \ or pkg.name.endswith('-debuginfo-64bit') \ or pkg.name.endswith('-debugsource') \ or pkg.name.endswith('-debug'): return True _checks = [ { 'good': [ '/etc/sysconfig/cbq', '/etc/sysconfig/scripts', '/etc/sysconfig/scripts/*', '/etc/sysconfig/network', '/etc/sysconfig/network/*', '/etc/sysconfig/hardware', '/etc/sysconfig/hardware/*', '/etc/sysconfig/isdn', '/etc/sysconfig/isdn/scripts', '/etc/sysconfig/isdn/scripts/*', '/etc/sysconfig/SuSEfirewall2.d', '/etc/sysconfig/SuSEfirewall2.d/*', '/etc/sysconfig/uml', ], 'bad': [ '/usr/share/info/dir', '*~', '*/CV', '*/CVS/', '*/.cvsignor', '*/.svn', '*/RC', '*/RCS/', '*,v', '*.ba', '*/.xvpic', '*.ori', '*.orig.gz', '/usr/share/*/.libs*', '/usr/share/*/.deps*', '/var/adm/fillup-templates/rc.config.*', '/var/adm/setup', '/etc/httpd/*', '/etc/sysconfig/*', '/etc/rc.config.d/*', '/etc/init.d/*/*', '/usr/share/locale/LC_MESSAGES', '/usr/X11R6/lib/locale', '/usr/X11R6/lib/X11/locale/LC_MESSAGES*', '/opt/gnome', '/usr/lib/perl5/site_perl/*', '/usr/lib/perl5/vendor_perl/5.*/auto', '/usr/lib/perl5/vendor_perl/5.*/*-linux-*/auto', ], }, { 'error': 'suse-filelist-forbidden-devel-in-lib', 'details': 'please move la files, static libs and .so symlinks out of /', 'bad': [ "/lib/*.so", "/lib/*.la", "/lib/*.a", "/lib64/*.la", "/lib64/*.a", "/lib64/*.so", ] }, { 'error': 'suse-filelist-forbidden-fhs22', 'msg': '%(file)s is not allowed in FHS 2.2', 'details': 'see http://www.pathname.com/fhs/ to find a better location', 'bad': [ "/usr/dict", "/var/locale", "/var/locale/*", "/etc/X11/app-defaults/*", "/usr/local/man/*/*", "/var/lib/games", "/var/lib/games/*", "/usr/sbin/*/*", "/sbin/init.d", "/sbin/init.d/*", "/bin/*/*", ] }, { 'error': 'suse-filelist-forbidden-yast2', 'msg': '%(file)s is not allowed anymore in YaST2', 'bad': [ '/usr/lib/YaST2/*.ycp', '/usr/lib/YaST2/*.y2cc', '/usr/lib/YaST2/*.*.scr', ], }, { 'error': 'suse-filelist-forbidden-srv', 'details': """Please use /srv for ftp and http data""", 'bad': [ '/usr/local/ftp', '/usr/local/http', ], }, { 'error': 'suse-filelist-forbidden-games', 'details': """static data has to be in /usr/share/games, variable in /var/games""", 'bad': [ '/usr/games/bin', '/usr/games/lib', '/usr/games/*/*', ], }, { 'error': 'suse-filelist-forbidden-noarch', 'msg': '%(file)s is not allowed in a noarch package', 'bad': [ '/lib64', '/lib64/*', '/usr/lib64', '/usr/lib64/*', '/usr/X11R6/lib64', '/usr/X11R6/lib64/*', '/opt/gnome/lib64', '/opt/gnome/lib64/*', '/opt/kde3/lib64', '/opt/kde3/lib64/*', '/usr/lib/pkgconfig/*', ], 'ignoreif': notnoarch, }, { 'error': 'suse-filelist-forbidden-debuginfo', 'msg': '%(file)s may only be packaged in the -debuginfo subpackage', 'bad': [ '/usr/lib/debug/*', ], 'ignoreif': isdebuginfo, }, { 'error': 'suse-filelist-forbidden-locale', 'details': """Please use nb or nb_NO (and nn for nynorsk)""" """see https://bugzilla.novell.com/show_bug.cgi?id=42748""", 'bad': [ '/opt/gnome/share/locale/no', '/opt/gnome/share/locale/no/*', '/opt/kde3/share/locale/no', '/opt/kde3/share/locale/no/*', '/usr/share/locale/no', '/usr/share/locale/no/*', '/usr/share/vim/*/lang/no', '/usr/share/vim/*/lang/no/*', ], }, { 'error': 'suse-filelist-forbidden-xorg', 'details': """Please use the updated paths for Xorg 7.1 and above""", 'bad': [ '/usr/X11R6/include/X11', '/usr/X11R6/include/X11/*', '/usr/X11R6/lib/X11', '/usr/X11R6/lib/X11/*', '/usr/X11R6/lib/modules', '/usr/X11R6/lib/modules/*', '/usr/X11R6/lib64/modules', '/usr/X11R6/lib64/modules/*', '/usr/X11R6/lib/X11/app-defaults', '/usr/X11R6/lib/X11/app-defaults/*', '/usr/X11R6/lib64/X11/app-defaults', '/usr/X11R6/lib64/X11/app-defaults/*', ], }, { 'error': 'suse-filelist-forbidden-suseconfig', 'details': """Adding new SuSEconfig scripts is not accepted for openSUSE 10.2 and newer""", 'good': [ '/sbin/conf.d/SuSEconfig.automake', '/sbin/conf.d/SuSEconfig.cjk-latex', '/sbin/conf.d/SuSEconfig.desktop-file-utils', '/sbin/conf.d/SuSEconfig.fonts', '/sbin/conf.d/SuSEconfig.gdm', '/sbin/conf.d/SuSEconfig.ghostscript-cjk', '/sbin/conf.d/SuSEconfig.glib2', '/sbin/conf.d/SuSEconfig.gnome-vfs2', '/sbin/conf.d/SuSEconfig.groff', '/sbin/conf.d/SuSEconfig.gtk2', '/sbin/conf.d/SuSEconfig.guile', '/sbin/conf.d/SuSEconfig.icu', '/sbin/conf.d/SuSEconfig.isdn', '/sbin/conf.d/SuSEconfig.ispell', '/sbin/conf.d/SuSEconfig.kde', '/sbin/conf.d/SuSEconfig.kdm3', '/sbin/conf.d/SuSEconfig.libxml2', '/sbin/conf.d/SuSEconfig.lyx-cjk', '/sbin/conf.d/SuSEconfig.mailman', '/sbin/conf.d/SuSEconfig.news', '/sbin/conf.d/SuSEconfig.pango', '/sbin/conf.d/SuSEconfig.pbs', '/sbin/conf.d/SuSEconfig.perl', '/sbin/conf.d/SuSEconfig.permissions', '/sbin/conf.d/SuSEconfig.postfix', '/sbin/conf.d/SuSEconfig.prelink', '/sbin/conf.d/SuSEconfig.scim', '/sbin/conf.d/SuSEconfig.scpm', '/sbin/conf.d/SuSEconfig.scrollkeeper', '/sbin/conf.d/SuSEconfig.sendmail', '/sbin/conf.d/SuSEconfig.sgml-skel', '/sbin/conf.d/SuSEconfig.susehelp', '/sbin/conf.d/SuSEconfig.syslog-ng', '/sbin/conf.d/SuSEconfig.tetex', '/sbin/conf.d/SuSEconfig.texlive', '/sbin/conf.d/SuSEconfig.tuxpaint', '/sbin/conf.d/SuSEconfig.wdm', '/sbin/conf.d/SuSEconfig.words', '/sbin/conf.d/SuSEconfig.xdm', '/sbin/conf.d/SuSEconfig.xjdic', '/sbin/conf.d/SuSEconfig.xpdf', '/sbin/conf.d/SuSEconfig.zmessages', ], 'bad': [ '/sbin/conf.d/*', ], }, { 'error': 'suse-filelist-forbidden-fhs22', 'good': [ '/bin', '/bin/*', '/boot', '/boot/*', '/cdrom', '/dev', '/dev/*', '/etc', '/etc/*', '/floppy', '/home', '/lib', '/lib/*', '/lib64', '/lib64/*', '/media', '/media/*', '/mnt', '/opt', '/proc', '/root', '/root/.exrc', '/root/.gnupg', '/root/.gnupg/*', '/root/.kbackrc', '/root/.xinitrc', '/root/bin', '/sbin', '/sbin/*', '/subdomain', '/sys', '/tmp', '/tmp/.X11-unix', '/tmp/.ICE-unix', '/usr', '/usr/*-linux-libc5', '/usr/*-linux-libc5/*', '/usr/*-linux', '/usr/*-linux/*', '/usr/X11', '/usr/X11R6', '/usr/X11R6/*', '/usr/bin', '/usr/bin/*', '/usr/games', '/usr/games/*', '/usr/include', '/usr/include/*', '/usr/lib', '/usr/lib/*', '/usr/lib64', '/usr/lib64/*', '/usr/local', '/usr/local/bin', '/usr/local/games', '/usr/local/include', '/usr/local/lib', '/usr/local/lib64', '/usr/local/man', '/usr/local/man/*', '/usr/local/sbin', '/usr/local/share', '/usr/local/src', '/usr/sbin', '/usr/sbin/*', '/usr/share', '/usr/share/*', '/usr/spool', '/usr/src', '/usr/src/debug*', '/usr/src/linux*', '/usr/src/kernel-modules*', '/usr/src/packages', '/usr/src/packages/*', '/usr/src/bxform*', '/usr/src/dicts', '/usr/src/dicts/*', '/usr/tmp', '/var', '/var/X11R6', '/var/X11R6/*', '/var/account', '/var/account/*', '/var/agentx', '/var/agentx/*', '/var/cache', '/var/cache/*', '/var/crash', '/var/crash/*', '/var/games', '/var/games/*', '/var/lib', '/var/lib/*', '/var/local', '/var/lock', '/var/lock/*', '/var/log', '/var/log/*', '/var/mail', '/var/mail/*', '/var/opt', '/var/opt/*', '/var/preserve', '/var/run', '/var/run/*', '/var/spool', '/var/spool/*', '/var/tmp', '/var/tmp/vi.recover', '/var/yp', '/var/yp/*', # we have these below /var, but not nice to have: '/var/adm', '/var/adm/*', '/var/db', '/var/db/*', '/var/nis', '/var/nis/*', '/var/heimdal', # allowed, but not nice to have: '/afs', '/afs/*', '/emul', '/emul/*', '/srv', '/srv/*', ], 'bad': [ '*', ] }, ] class FilelistCheck(AbstractCheck.AbstractCheck): def __init__(self): AbstractCheck.AbstractCheck.__init__(self, "CheckFilelist") import re for check in _checks: if 'good' in check: for i in range(len(check['good'])): pattern = check['good'][i] if '*' in pattern: r = fnmatch.translate(pattern) check['good'][i] = re.compile(r) for i in range(len(check['bad'])): pattern = check['bad'][i] if '*' in pattern: r = fnmatch.translate(pattern) check['bad'][i] = re.compile(r) def check(self, pkg): global _checks global _defaultmsg global _defaulterror if pkg.isSource(): return files = pkg.files() if not files: printError(pkg, 'suse-filelist-empty', 'packages without any files are not allowed anymore in SUSE Linux') return for check in _checks: if 'ignoreif' in check: if check['ignoreif'](pkg): continue if 'msg' in check: msg = check['msg'] else: msg = _defaultmsg if 'error' in check: error = check['error'] else: error = _defaulterror for f in files: ok = False if 'good' in check: for g in check['good']: if (not isinstance(g, str)) and g.match(f) or g == f: ok = True break if ok: continue for b in check['bad']: if (not isinstance(b, str)) and b.match(f) or b == f: msg = msg % { 'file':f } printError(pkg, error, msg) check=FilelistCheck() if Config.info: for check in _checks: if not 'details' in check: continue if not 'error' in check: continue addDetails(check['error'], check['details']) ++++++ config ++++++ --- /var/tmp/diff_new_pack.GA3991/_old 2009-01-09 01:54:29.000000000 +0100 +++ /var/tmp/diff_new_pack.GA3991/_new 2009-01-09 01:54:29.000000000 +0100 @@ -29,6 +29,7 @@ # polkit-default-privs would need to be installed always #addCheck("CheckPolkitPrivs") addCheck("CheckDBUSServices") +addCheck("CheckFilelist") addCheck("CheckKDE4Deps") addCheck("KMPPolicyCheck") ++++++ config.in ++++++ --- /var/tmp/diff_new_pack.GA3991/_old 2009-01-09 01:54:29.000000000 +0100 +++ /var/tmp/diff_new_pack.GA3991/_new 2009-01-09 01:54:29.000000000 +0100 @@ -29,6 +29,7 @@ # polkit-default-privs would need to be installed always #addCheck("CheckPolkitPrivs") addCheck("CheckDBUSServices") +addCheck("CheckFilelist") # stuff autobuild takes care about addFilter(".*invalid-version.*") ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org