diff --git a/rpmlint-1.10-flake-cleanups.patch b/rpmlint-1.10-flake-cleanups.patch new file mode 100644 index 0000000..255cf5a --- /dev/null +++ b/rpmlint-1.10-flake-cleanups.patch @@ -0,0 +1,358 @@ +diff -up rpmlint-rpmlint-1.10/AbstractCheck.py.flake rpmlint-rpmlint-1.10/AbstractCheck.py +--- rpmlint-rpmlint-1.10/AbstractCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/AbstractCheck.py 2018-04-17 12:22:20.681609697 -0400 +@@ -11,7 +11,7 @@ import contextlib + import re + try: + import urllib2 +-except: ++except ImportError: + import urllib.request as urllib2 + + import Config +diff -up rpmlint-rpmlint-1.10/BinariesCheck.py.flake rpmlint-rpmlint-1.10/BinariesCheck.py +--- rpmlint-rpmlint-1.10/BinariesCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/BinariesCheck.py 2018-04-17 12:22:52.688880629 -0400 +@@ -101,32 +101,32 @@ class BinaryInfo(object): + ('readelf', '-W', '-S', '-l', '-d', '-s', path)) + if not res[0]: + lines = res[1].splitlines() +- for l in lines: +- r = BinaryInfo.needed_regex.search(l) ++ for line in lines: ++ r = BinaryInfo.needed_regex.search(line) + if r: + self.needed.append(r.group(1)) + continue + +- r = BinaryInfo.rpath_regex.search(l) ++ r = BinaryInfo.rpath_regex.search(line) + if r: + for p in r.group(1).split(':'): + self.rpath.append(p) + continue + +- if BinaryInfo.comment_regex.search(l): ++ if BinaryInfo.comment_regex.search(line): + self.comment = True + continue + +- if BinaryInfo.pic_regex.search(l): ++ if BinaryInfo.pic_regex.search(line): + self.non_pic = False + continue + +- r = BinaryInfo.soname_regex.search(l) ++ r = BinaryInfo.soname_regex.search(line) + if r: + self.soname = r.group(1) + continue + +- r = BinaryInfo.stack_regex.search(l) ++ r = BinaryInfo.stack_regex.search(line) + if r: + self.stack = True + flags = r.group(1) +@@ -134,45 +134,45 @@ class BinaryInfo(object): + self.exec_stack = True + continue + +- if l.startswith("Symbol table"): ++ if line.startswith("Symbol table"): + break + +- for l in lines: +- r = BinaryInfo.call_regex.search(l) ++ for line in lines: ++ r = BinaryInfo.call_regex.search(line) + if not r: + continue +- l = r.group(1) ++ line = r.group(1) + +- if BinaryInfo.mktemp_call_regex.search(l): ++ if BinaryInfo.mktemp_call_regex.search(line): + self.mktemp = True + +- if BinaryInfo.setgid_call_regex.search(l): ++ if BinaryInfo.setgid_call_regex.search(line): + self.setgid = True + +- if BinaryInfo.setuid_call_regex.search(l): ++ if BinaryInfo.setuid_call_regex.search(line): + self.setuid = True + +- if BinaryInfo.setgroups_call_regex.search(l): ++ if BinaryInfo.setgroups_call_regex.search(line): + self.setgroups = True + +- if BinaryInfo.chdir_call_regex.search(l): ++ if BinaryInfo.chdir_call_regex.search(line): + self.chdir = True + +- if BinaryInfo.chroot_call_regex.search(l): ++ if BinaryInfo.chroot_call_regex.search(line): + self.chroot = True + + if BinaryInfo.forbidden_functions: + for r_name, func in BinaryInfo.forbidden_functions.items(): +- ret = func['f_regex'].search(l) ++ ret = func['f_regex'].search(line) + if ret: + self.forbidden_calls.append(r_name) + + if is_shlib: +- r = BinaryInfo.exit_call_regex.search(l) ++ r = BinaryInfo.exit_call_regex.search(line) + if r: + self.exit_calls.append(r.group(1)) + continue +- r = BinaryInfo.fork_call_regex.search(l) ++ r = BinaryInfo.fork_call_regex.search(line) + if r: + fork_called = True + continue +@@ -182,14 +182,14 @@ class BinaryInfo(object): + if self.forbidden_calls: + res = Pkg.getstatusoutput(('strings', path)) + if not res[0]: +- for l in res[1].splitlines(): ++ for line in res[1].splitlines(): + # as we need to remove elements, iterate backwards + for i in range(len(self.forbidden_calls) - 1, -1, -1): + func = self.forbidden_calls[i] + f = BinaryInfo.forbidden_functions[func] + if 'waiver_regex' not in f: + continue +- r = f['waiver_regex'].search(l) ++ r = f['waiver_regex'].search(line) + if r: + del self.forbidden_calls[i] + +@@ -254,8 +254,8 @@ class BinaryInfo(object): + # We could do this with objdump, but it's _much_ simpler with ldd. + res = Pkg.getstatusoutput(('ldd', '-d', '-r', path)) + if not res[0]: +- for l in res[1].splitlines(): +- undef = BinaryInfo.undef_regex.search(l) ++ for line in res[1].splitlines(): ++ undef = BinaryInfo.undef_regex.search(line) + if undef: + self.undef.append(undef.group(1)) + if self.undef: +@@ -263,7 +263,7 @@ class BinaryInfo(object): + res = Pkg.getstatusoutput(['c++filt'] + self.undef) + if not res[0]: + self.undef = res[1].splitlines() +- except: ++ except OSError: + pass + else: + printWarning(pkg, 'ldd-failed', file) +@@ -272,13 +272,13 @@ class BinaryInfo(object): + # Either ldd doesn't grok -u (added in glibc 2.3.4) or we have + # unused direct dependencies + in_unused = False +- for l in res[1].splitlines(): +- if not l.rstrip(): ++ for line in res[1].splitlines(): ++ if not line.rstrip(): + pass +- elif l.startswith('Unused direct dependencies'): ++ elif line.startswith('Unused direct dependencies'): + in_unused = True + elif in_unused: +- unused = BinaryInfo.unused_regex.search(l) ++ unused = BinaryInfo.unused_regex.search(line) + if unused: + self.unused.append(unused.group(1)) + else: +diff -up rpmlint-rpmlint-1.10/Config.py.flake rpmlint-rpmlint-1.10/Config.py +--- rpmlint-rpmlint-1.10/Config.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/Config.py 2018-04-17 12:22:20.684609629 -0400 +@@ -42,11 +41,11 @@ USEUTF8_DEFAULT = False + try: + if locale.getpreferredencoding() == 'UTF-8': + USEUTF8_DEFAULT = True +-except: ++except UnicodeError: + try: + if re.match('utf', locale.getdefaultlocale()[1], re.I): + USEUTF8_DEFAULT = True +- except: ++ except UnicodeError: + pass + + info = False +@@ -105,10 +105,7 @@ def setOption(name, value): + + + def getOption(name, default=""): +- try: +- return _options[name] +- except: +- return default ++ return _options.get(name, default) + + + # List of filters +@@ -128,7 +125,7 @@ def removeFilter(s): + + try: + _filters.remove(s) +- except: ++ except ValueError: + pass + else: + _filters_re = None +diff -up rpmlint-rpmlint-1.10/MenuXDGCheck.py.flake rpmlint-rpmlint-1.10/MenuXDGCheck.py +--- rpmlint-rpmlint-1.10/MenuXDGCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/MenuXDGCheck.py 2018-04-17 12:22:20.681609697 -0400 +@@ -9,7 +9,7 @@ + import os + try: + from ConfigParser import RawConfigParser +-except: ++except ImportError: + from configparser import RawConfigParser + + import AbstractCheck +diff -up rpmlint-rpmlint-1.10/Pkg.py.flake rpmlint-rpmlint-1.10/Pkg.py +--- rpmlint-rpmlint-1.10/Pkg.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/Pkg.py 2018-04-17 12:22:20.681609697 -0400 +@@ -18,7 +18,7 @@ import sys + import tempfile + try: + from urlparse import urljoin +-except: ++except ImportError: + from urllib.parse import urljoin + + try: +@@ -27,7 +27,7 @@ try: + _magic = magic.open(magic.MAGIC_NONE) + _ = _magic.descriptor # magic >= 5.05 needed + _magic.load() +-except: ++except ImportError: + _magic = None + import rpm + +@@ -52,7 +52,7 @@ else: + + try: + from shlex import quote as shquote +-except: ++except ImportError: + def shquote(s): + return '"%s"' % s + +@@ -166,7 +166,7 @@ def is_utf8(fname): + def is_utf8_bytestr(s): + try: + s.decode('UTF-8') +- except: ++ except UnicodeError: + return False + return True + +@@ -227,7 +227,7 @@ def get_default_valid_rpmgroups(filename + groupsfiles = [x for x in p.files() if x.endswith('/GROUPS')] + if groupsfiles: + filename = groupsfiles[0] +- except: # the rpm package might not be installed ++ except KeyError: # the rpm package might not be installed + pass + if filename and os.path.exists(filename): + with open(filename) as fobj: +@@ -532,7 +532,7 @@ class Pkg(AbstractPkg): + def __getitem__(self, key): + try: + val = self.header[key] +- except: ++ except KeyError: + val = [] + if val == []: + return None +@@ -680,7 +680,7 @@ class Pkg(AbstractPkg): + magics = [b2s(x) for x in self.header[rpm.RPMTAG_FILECLASS]] + try: # rpm >= 4.7.0 + filecaps = self.header[rpm.RPMTAG_FILECAPS] +- except: ++ except AttributeError: + filecaps = None + + # rpm-python < 4.6 does not return a list for this (or FILEDEVICES, +@@ -915,9 +915,11 @@ class Pkg(AbstractPkg): + Depending on rpm-python version, the string may or may not include + interpreter arguments, if any. + """ ++ if which is None: ++ return '' + prog = self[which] + if prog is None: +- prog = "" ++ prog = '' + elif isinstance(prog, (list, tuple)): + # http://rpm.org/ticket/847#comment:2 + prog = "".join(prog) +diff -up rpmlint-rpmlint-1.10/rpmlint.flake rpmlint-rpmlint-1.10/rpmlint +--- rpmlint-rpmlint-1.10/rpmlint.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/rpmlint 2018-04-17 12:22:20.682609674 -0400 +@@ -20,7 +20,7 @@ import tempfile + + try: + import importlib +-except: # Python < 2.7 ++except ImportError: # Python < 2.7 + importlib = None + import imp + +diff -up rpmlint-rpmlint-1.10/SCLCheck.py.flake rpmlint-rpmlint-1.10/SCLCheck.py +--- rpmlint-rpmlint-1.10/SCLCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/SCLCheck.py 2018-04-17 12:22:20.682609674 -0400 +@@ -50,7 +50,7 @@ def index_or_sub(source, word, sub=0): + """ + try: + return source.index(word) +- except: ++ except ValueError: + return sub + + +diff -up rpmlint-rpmlint-1.10/SpecCheck.py.flake rpmlint-rpmlint-1.10/SpecCheck.py +--- rpmlint-rpmlint-1.10/SpecCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/SpecCheck.py 2018-04-17 12:22:20.682609674 -0400 +@@ -571,7 +571,7 @@ class SpecCheck(AbstractCheck.AbstractCh + try: + ts = rpm.TransactionSet() + spec_obj = ts.parseSpec(self._spec_file) +- except: ++ except rpm.error: + # errors logged above already + pass + if spec_obj: +diff -up rpmlint-rpmlint-1.10/ZipCheck.py.flake rpmlint-rpmlint-1.10/ZipCheck.py +--- rpmlint-rpmlint-1.10/ZipCheck.py.flake 2017-09-05 02:40:05.000000000 -0400 ++++ rpmlint-rpmlint-1.10/ZipCheck.py 2018-04-17 12:22:20.682609674 -0400 +@@ -43,6 +43,10 @@ class ZipCheck(AbstractCheck.AbstractChe + badcrc = z.testzip() + if badcrc: + printError(pkg, 'bad-crc-in-zip', badcrc, fname) ++ except zipfile.error: ++ printWarning(pkg, 'unable-to-read-zip', '%s: %s' % ++ (fname, sys.exc_info()[1])) ++ else: + compressed = False + for zinfo in z.infolist(): + if zinfo.compress_type != zipfile.ZIP_STORED: +@@ -70,9 +74,6 @@ class ZipCheck(AbstractCheck.AbstractChe + if want_indexed_jars: + printWarning(pkg, 'jar-not-indexed', fname) + pass +- except: +- printWarning(pkg, 'unable-to-read-zip', '%s: %s' % +- (fname, sys.exc_info()[1])) + + z and z.close() + diff --git a/rpmlint-1.10-ignore-debuginfo-useless-provides.patch b/rpmlint-1.10-ignore-debuginfo-useless-provides.patch new file mode 100644 index 0000000..8a97bdc --- /dev/null +++ b/rpmlint-1.10-ignore-debuginfo-useless-provides.patch @@ -0,0 +1,36 @@ +From 7f86c79068be1c83303da30f5f4f030080e6326a Mon Sep 17 00:00:00 2001 +From: Dirk Mueller +Date: Sat, 4 Nov 2017 02:24:30 +0100 +Subject: [PATCH] Ignore useless-provides on debuginfo provides (#112) + +Also flip to set's rather than lists as the main operation +here is lookup, so set()s should be faster. +--- + TagsCheck.py | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/TagsCheck.py b/TagsCheck.py +index a8d87aa..dc890b1 100644 +--- a/TagsCheck.py ++++ b/TagsCheck.py +@@ -823,11 +823,13 @@ class TagsCheck(AbstractCheck.AbstractCheck): + + # TODO: should take versions, <, <=, =, >=, > into account here + # https://bugzilla.redhat.com/460872 +- useless_provides = [] ++ useless_provides = set() + for p in prov_names: +- if prov_names.count(p) != 1 and p not in useless_provides: +- useless_provides.append(p) +- for p in useless_provides: ++ if (prov_names.count(p) != 1 and ++ not p.startswith('debuginfo(') and ++ p not in useless_provides): ++ useless_provides.add(p) ++ for p in sorted(useless_provides): + printError(pkg, 'useless-provides', p) + + for p in pkg.provides(): +-- +2.17.0 + diff --git a/rpmlint-1.10-missing-files-exception.patch b/rpmlint-1.10-missing-files-exception.patch new file mode 100644 index 0000000..80935c1 --- /dev/null +++ b/rpmlint-1.10-missing-files-exception.patch @@ -0,0 +1,44 @@ +From 3a072351314c3a3ec11650ad8efd2fc6ececf987 Mon Sep 17 00:00:00 2001 +From: Dirk Mueller +Date: Sat, 4 Nov 2017 02:17:52 +0100 +Subject: [PATCH] Properly handle the exception on missing files + +Missing files raises a FileNotFoundError, not OSError. Also +simplify logic. + +(cherry picked from commit d59bc2a1e2698040553c09610cb2befa1ef8d76a) +--- + Pkg.py | 11 +++-------- + 1 file changed, 3 insertions(+), 8 deletions(-) + +diff --git a/Pkg.py b/Pkg.py +index e257243..01d0289 100644 +--- a/Pkg.py ++++ b/Pkg.py +@@ -714,20 +714,15 @@ class Pkg(AbstractPkg): + pkgfile.magic = "symbolic link to `%s'" % pkgfile.linkto + elif not pkgfile.size: + pkgfile.magic = 'empty' +- if not pkgfile.magic and _magic: ++ if (not pkgfile.magic and ++ not pkgfile.is_ghost and _magic): + # file() method evaluates every file twice with python2, + # use descriptor() method instead + try: + fd = os.open(pkgfile.path, os.O_RDONLY) +- except OSError: +- if not pkgfile.is_ghost: +- raise +- else: + pkgfile.magic = b2s(_magic.descriptor(fd)) +- # libmagic up to 5.18 already closes the descriptor +- try: + os.close(fd) +- except OSError: ++ except FileNotFoundError: + pass + if pkgfile.magic is None: + pkgfile.magic = '' +-- +2.17.0 + diff --git a/rpmlint-1.10-py37magic.patch b/rpmlint-1.10-py37magic.patch new file mode 100644 index 0000000..8986a38 --- /dev/null +++ b/rpmlint-1.10-py37magic.patch @@ -0,0 +1,13 @@ +diff --git a/FilesCheck.py b/FilesCheck.py +index c8666b9..78b22ef 100644 +--- a/FilesCheck.py ++++ b/FilesCheck.py +@@ -331,7 +331,7 @@ def peek(filename, pkg, length=1024): + '3.4': [3310], + '3.5': [3350, 3351], # 3350 for < 3.5.2 + '3.6': [3379], +- '3.7': [3390], ++ '3.7': [3390, 3391, 3392, 3393, 3394], + } + + diff --git a/rpmlint-1.10-py37mtime.patch b/rpmlint-1.10-py37mtime.patch new file mode 100644 index 0000000..ded068d --- /dev/null +++ b/rpmlint-1.10-py37mtime.patch @@ -0,0 +1,57 @@ +diff -up rpmlint-rpmlint-1.10/FilesCheck.py.py37mtime rpmlint-rpmlint-1.10/FilesCheck.py +--- rpmlint-rpmlint-1.10/FilesCheck.py.py37mtime 2018-06-02 14:29:53.035453468 -0400 ++++ rpmlint-rpmlint-1.10/FilesCheck.py 2018-06-02 14:32:55.430860108 -0400 +@@ -377,6 +377,27 @@ def py_demarshal_long(b): + return (b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24)) + + ++def pyc_magic_from_chunk(chunk): ++ """From given chunk (beginning of the file), return Python magic number""" ++ return py_demarshal_long(chunk[:4]) & 0xffff ++ ++ ++def pyc_mtime_from_chunk(chunk): ++ """From given chunk (beginning of the file), return mtime or None ++ ++ From Python 3.7, mtime is not always present. ++ ++ See https://www.python.org/dev/peps/pep-0552/#specification ++ """ ++ magic = pyc_magic_from_chunk(chunk) ++ second = py_demarshal_long(chunk[4:8]) ++ if magic >= _python_magic_values['3.7'][0]: ++ if second == 0: ++ return py_demarshal_long(chunk[8:12]) ++ return None # No mtime saved, TODO check hashes instead ++ return second ++ ++ + def python_bytecode_to_script(path): + """ + Given a python bytecode path, give the path of the .py file +@@ -729,7 +750,7 @@ class FilesCheck(AbstractCheck.AbstractC + if chunk: + # Verify that the magic ABI value embedded in the + # .pyc header is correct +- found_magic = py_demarshal_long(chunk[:4]) & 0xffff ++ found_magic = pyc_magic_from_chunk(chunk) + exp_magic, exp_version = get_expected_pyc_magic(f) + if exp_magic and found_magic not in exp_magic: + found_version = 'unknown' +@@ -752,13 +773,14 @@ class FilesCheck(AbstractCheck.AbstractC + + # Verify that the timestamp embedded in the .pyc + # header matches the mtime of the .py file: +- pyc_timestamp = py_demarshal_long(chunk[4:8]) ++ pyc_timestamp = pyc_mtime_from_chunk(chunk) + # If it's a symlink, check target file mtime. + srcfile = pkg.readlink(files[source_file]) + if not srcfile: + printWarning( + pkg, 'python-bytecode-without-source', f) +- elif pyc_timestamp != srcfile.mtime: ++ elif (pyc_timestamp is not None and ++ pyc_timestamp != srcfile.mtime): + cts = datetime.fromtimestamp( + pyc_timestamp).isoformat() + sts = datetime.fromtimestamp( diff --git a/rpmlint-1.10.tar.gz b/rpmlint-1.10.tar.gz new file mode 100644 index 0000000..cf7aa77 Binary files /dev/null and b/rpmlint-1.10.tar.gz differ diff --git a/rpmlint-etc.config b/rpmlint-etc.config new file mode 100644 index 0000000..5f670ac --- /dev/null +++ b/rpmlint-etc.config @@ -0,0 +1,2 @@ +# Add local system wide rpmlint configuration here or in other *config files +# in this directory. diff --git a/rpmlint.config b/rpmlint.config new file mode 100644 index 0000000..acb9e0e --- /dev/null +++ b/rpmlint.config @@ -0,0 +1,471 @@ +# -*- python -*- + +# System wide rpmlint default configuration. Do not modify, override/add +# options in /etc/rpmlint/config and/or ~/.rpmlintrc as needed. + +import os.path +import re +import sys + +from Config import * +import Pkg + + +setOption("CompressExtension", "gz") +setOption("DefaultPythonVersion", sys.version[:3]) +setOption("KernelModuleRPMsOK", False) +setOption("MaxLineLength", 80) +setOption("NetworkEnabled", True) +setOption("ReleaseExtension", r'\.(fc|rhe?l|el)\d+(?=\.|$)') +setOption("UseDebugSource", True) +setOption("UseDefaultRunlevels", False) +setOption("UseEpoch", False) +setOption("UseUTF8", True) +setOption("UseVersionInChangeLog", True) +setOption("ValidSrcPerms", (int("664",8), int("644",8), )) +setOption("ValidGroups", []) + +setOption("ValidShells", ( + "", + "/bin/sh", + "/bin/bash", + "/sbin/ldconfig", + "/usr/bin/perl", + "/usr/bin/python", +)) + +setOption("DanglingSymlinkExceptions", ( + ['consolehelper$', 'usermode'], + ['consolehelper-gtk$', 'usermode-gtk'], +)) + +setOption("ValidLicenses", ( + 'AAL', + 'Abstyles', + 'Adobe', + 'ADSL', + 'AFL', + 'Afmparse', + 'AGPLv1', + 'AGPLv3', + 'AGPLv3+', + 'AGPLv3 with exceptions', + 'AMDPLPA', + 'AML', + 'AMPAS BSD', + 'APAFML', + 'App-s2p', + 'APSL 2.0', + 'APSL 2.0+', + 'ARL', + 'Artistic 2.0', + 'Artistic clarified', + 'ASL 1.0', + 'ASL 1.0+', + 'ASL 1.1', + 'ASL 1.1+', + 'ASL 2.0', + 'ASL 2.0+', + 'Bahyph', + 'Barr', + 'Beerware', + 'BeOpen', + 'Bibtex', + 'BitTorrent', + 'Boost', + 'Borceux', + 'BSD', + 'BSD Protection', + 'BSD with advertising', + 'BSD with attribution', + 'CATOSL', + 'CC0', + 'CeCILL', + 'CeCILL-B', + 'CeCILL-C', + 'CDDL', + 'CNRI', + 'Condor', + 'Copyright only', + 'CPAL', + 'CPL', + 'CRC32', + 'Crossword', + 'Crystal Stacker', + 'Cube', + 'diffmark', + 'DMIT', + 'DOC', + 'Dotseqn', + 'DSDP', + 'dvipdfm', + 'DWPL', + 'ECL 1.0', + 'ECL 2.0', + 'eCos', + 'EFL 2.0', + 'EFL 2.0+', + 'eGenix', + 'Entessa', + 'EPICS', + 'EPL', + 'ERPL', + 'EU Datagrid', + 'EUPL 1.1', + 'Eurosym', + 'Fair', + 'FSFUL', + 'FSFULLR', + 'FTL', + 'Giftware', + 'GL2PS', + 'Glide', + 'Glulxe', + 'gnuplot', + 'GPL+', + 'GPL+ or Artistic', + 'GPL+ with exceptions', + 'GPLv1', + 'GPLv2 or Artistic', + 'GPLv2+ or Artistic', + 'GPLv2', + 'GPLv2 with exceptions', + 'GPLv2+', + 'GPLv2+ with exceptions', + 'GPLv3', + 'GPLv3 with exceptions', + 'GPLv3+', + 'GPLv3+ with exceptions', + 'HaskellReport', + 'HSRL', + 'IBM', + 'IJG', + 'ImageMagick', + 'iMatix', + 'Imlib2', + 'Intel ACPI', + 'Interbase', + 'ISC', + 'Jabber', + 'JasPer', + 'JPython', + 'Julius', + 'Knuth', + 'Latex2e', + 'LBNL BSD', + 'Leptonica', + 'LGPLv2', + 'LGPLv2 with exceptions', + 'LGPLv2+', + 'LGPLv2+ or Artistic', + 'LGPLv2+ with exceptions', + 'LGPLv3', + 'LGPLv3 with exceptions', + 'LGPLv3+', + 'LGPLv3+ with exceptions', + 'Lhcyr', + 'libtiff', + 'LLGPL', + 'Logica', + 'LOSLA', + 'LPL', + 'LPPL', + 'MakeIndex', + 'mecab-ipadic', + 'midnight', + 'MirOS', + 'MIT', + 'MITNFA', + 'MIT with advertising', + 'mod_macro', + 'Motosoto', + 'MPLv1.0', + 'MPLv1.0+', + 'MPLv1.1', + 'MPLv1.1+', + 'MPLv2.0', + 'MS-PL', + 'MS-RL', + 'MTLL', + 'Mup', + 'Naumen', + 'NCSA', + 'NetCDF', + 'Netscape', + 'Newmat', + 'Newsletr', + 'NGPL', + 'NLPL', + 'Nmap', + 'Nokia', + 'NOSL', + 'Noweb', + 'OGL', + 'OML', + 'OpenLDAP', + 'OpenPBS', + 'OpenSSL', + 'OReilly', + 'OSL 1.0', + 'OSL 1.0+', + 'OSL 1.1', + 'OSL 1.1+', + 'OSL 2.0', + 'OSL 2.0+', + 'OSL 2.1', + 'OSL 2.1+', + 'OSL 3.0', + 'OSL 3.0+', + 'Par', + 'Phorum', + 'PHP', + 'PlainTeX', + 'Plexus', + 'PostgreSQL', + 'psfrag', + 'psutils', + 'Public Domain', + 'Python', + 'Qhull', + 'QPL', + 'Rdisc', + 'REX', + 'RiceBSD', + 'Romio', + 'RPSL', + 'Rsfs', + 'Ruby', + 'Saxpath', + 'SCEA', + 'SCRIP', + 'Sendmail', + 'Sleepycat', + 'SISSL', + 'SLIB', + 'SNIA', + 'softSurfer', + 'SPL', + 'STMPL', + 'SWL', + 'TCGL', + 'TCL', + 'Teeworlds', + 'TGPPL', + 'TGPPL with exceptions', + 'Threeparttable', + 'TMate', + 'Tolua', + 'TORQUEv1.1', + 'TOSL', + 'TPDL', + 'TPL', + 'TTWL', + 'UCAR', + 'UCD', + 'Unicode', + 'Unlicense', + 'Vim', + 'VNLSL', + 'VOSTROM', + 'VSL', + 'W3C', + 'Webmin', + 'Wsuipa', + 'WTFPL', + 'wxWidgets', + 'Xerox', + 'xinetd', + 'xpp', + 'XSkat', + 'YPLv1.1', + 'Zed', + 'Zend', + 'zlib', + 'zlib with acknowledgement', + 'ZPLv1.0', + 'ZPLv1.0+', + 'ZPLv2.0', + 'ZPLv2.0+', + 'ZPLv2.1', + 'ZPLv2.1+', + # Documentation licenses + 'CDL', + 'FBSDDL', + 'GFDL', + 'IEEE', + 'LDPL', + 'OFSFDL', + 'Open Publication', + 'Public Use', + 'Verbatim', + # Content licenses + 'CC-BY', + 'CC-BY-ND', + 'CC-BY-SA', + 'DMTF', + 'DSL', + 'EFML', + 'Free Art', + 'GeoGratis', + 'Green OpenMusic', + 'OAL', + # Font licenses + 'AMS', + 'Arphic', + 'Baekmuk', + 'Bitstream Vera', + 'DoubleStroke', + 'Hershey', + 'IPA', + 'Liberation', + 'Lucida', + 'MgOpen', + 'mplus', + 'OFL', + 'PTFL', + 'STIX', + 'Utopia', + 'Wadalab', + 'XANO', + # Others + 'Redistributable, no modification permitted', + 'Freely redistributable without restriction', +)) + +setOption('SystemLibPaths', ('/lib', '/lib64', '/usr/lib', '/usr/lib64')) + +# Add systemd dir to ignored path for UsrLibBinaryException +setOption('UsrLibBinaryException', r'^/usr/lib(64)?/(perl|python|ruby|menu|pkgconfig|ocaml|systemd|lib[^/]+\.(so|l?a)$|\.build-id)') + +# Get standard users and groups from the setup package's uidgid file +setOption('StandardUsers', []) +setOption('StandardGroups', []) +setup_pkg = None +try: + setup_pkg = Pkg.InstalledPkg('setup') +except: + pass +if setup_pkg: + users = set() + groups = set() + uidgid_regex = re.compile(r'^\s*(\S+)\s+(-|\d+)\s+(-|\d+|\(\d+\))\s') + for uidgid_file in [x for x in setup_pkg.files() if x.endswith('/uidgid')]: + if os.path.exists(uidgid_file): + fobj = open(uidgid_file) + try: + for line in fobj.read().strip().splitlines(): + res = uidgid_regex.search(line) + if res: + name = res.group(1) + if res.group(2) != '-': + users.add(name) + if res.group(3) != '-' and not '(' in res.group(3): + groups.add(name) + del res + del line + finally: + fobj.close() + del fobj + setOption('StandardUsers', sorted(users)) + setOption('StandardGroups', sorted(groups)) + del uidgid_regex, uidgid_file, users, groups +del setup_pkg + +# Output filters +addFilter("source-or-patch-not-compressed") +addFilter("%mklibname") +addFilter("no-dependency-on (perl|python)-base") +addFilter("no-dependency-on locales-") +addFilter("(python|perl5)-naming-policy-not-applied") +addFilter("no-(packager-tag|signature)") +addFilter("incoherent-version-in-name") +addFilter("invalid-build-requires") +addFilter("ghost-files-without-postin") +addFilter("postin-without-ghost-file-creation") +addFilter("no-major-in-name") +addFilter("no-provides") +addFilter("executable-in-library-package") +addFilter("non-versioned-file-in-library-package") +addFilter("requires-on-release") +addFilter("jar-not-indexed") +addFilter("outside-libdir-files") +addFilter("-debug(info|source).* no-documentation") +addFilter("-debuginfo.* /usr/lib/debug/") +addFilter("-debugsource.* /usr/src/debug/") +addFilter("non-standard-dir-in-usr libexec") +addFilter("^gpg-pubkey:") +addFilter(" doc-file-dependency .* /bin/sh$") +addFilter("hardcoded-library-path .*/lib/udev(/|$)") +addFilter("not-standard-release-extension") +addFilter("explicit-lib-dependency (liberation-fonts|libertas-.*-firmware|libvirt$|.*-(java|python)$)") +addFilter("explicit-lib-dependency (python-.*lib.*|python2-.*lib.*|python3-.*lib.*)$") +addFilter("filename-too-long-for-joliet") +addFilter("symlink-should-be-") +addFilter(r"dangling-\S*symlink /usr/share/doc/HTML/\S+/common .+/common$") +addFilter(r"hidden-file-or-dir .*/man5/\.k5login\.5[^/]+$") +addFilter(r"blender.+ (wrong-script-interpreter|non-executable-script) .+/blender/.+\.py.*BPY.*") +addFilter("no-cleaning-of-buildroot") +addFilter("no-buildroot-tag") +addFilter("no-%clean-section") +# Only EL4 needs the files-attr-not-set check, because rpm 4.4 and newer no longer need a %defattr line +# (it automatically provides one). +addFilter("files-attr-not-set") +# Don't bother with the non-ghost-in-run checks, /var/lock and /var/run are +# symlinks to /run/lock and /run respectively, and /run is a tmpfs +addFilter("non-ghost-in-run") +# Someone thought it was a good idea to make .desktop files executable. They were wrong. +# Nevertheless, I do not yet control the universe, so we squelch the error here. +addFilter(r"script-without-shebang .*\.desktop$") +# Some files in /etc/ are not meant to be modified by the sysadmin +addFilter("non-conffile-in-etc /etc/rpm/.*$") +addFilter("non-conffile-in-etc /etc/rc.d/init.d/.*$") +# Fixed in rpm >= 4.7.1 +addFilter("broken-syntax-in-scriptlet-requires") +# Files that are intentionally not supposed to be readable +# Contains passwords +addFilter("non-readable /etc/ovirt-engine/isouploader.conf") +# Ignore webservers which are just broken. +addFilter(r"invalid-url .*\.googlecode\.com/.*HTTP Error 404") +addFilter(r"invalid-url .*\.jboss\.org/.*HTTP Error 403") +addFilter(r"invalid-url .*bitbucket\.org/.*HTTP Error 403") +addFilter(r"invalid-url .*github\.com/.*HTTP Error 403") +# Don't care about long descriptions on debuginfo packages +# They automatically include the package name and are always +# quite long. +addFilter("-debuginfo.* description-line-too-long") +# ignore "common" jargon words +# https://bugzilla.redhat.com/show_bug.cgi?id=1424684#c9 +addFilter(r"spelling-error.* \b(runtime|Runtime|metadata|cryptographic|multi|linux|filesystem|filesystems|backend|backends|userspace|addon|wayland|Wayland|util|utils|lossless|virtualization|toolkits|libvirtd|crypto|glyphs|GStreamer|http|extensibility|codec|codecs|truetype|scalable|pluggable|pixbuf|Kerberos|customizable|bitstream|tcp|libXss|libs|libc|encodings|GLib|udev|posix|libpng|glapi|gbm|freedesktop|spi|realtime|preprocessor|libaudit|hypervisor|embeddable|distributable|devel|config|cairo|bootloader|adaptors|pragma|passphrase|malloc|libvirt|libmagic|io|datetime|boolean|argparse|py|pinentry|namespace|middleware|lowlevel|libxcb|libudev|libsoup|libgcrypt|libcom|iSCSI|initramfs|GObject|executables|dialogs|checkpolicy|bitmapped|assistive)\b") +addFilter("library-without-ldconfig-postin") +addFilter("library-without-ldconfig-postun") + + +bad_crypto_warning = \ +'''This application package calls a function to explicitly set crypto ciphers +for SSL/TLS. That may cause the application not to use the system-wide set +cryptographic policy and should be modified in accordance to: +https://gitee.com/src-openeuler/rpmlint/wikis''' + +call_blacklist = {'crypto-policy-non-compliance-openssl' : + {'f_name' : 'SSL_CTX_set_cipher_list', + 'good_param' : 'PROFILE=SYSTEM', + 'description' : bad_crypto_warning}, + 'crypto-policy-non-compliance-gnutls-1' : + {'f_name' : 'gnutls_priority_set_direct', + 'description' : bad_crypto_warning}, + 'crypto-policy-non-compliance-gnutls-2' : + {'f_name' : 'gnutls_priority_init', + 'good_param' : 'SYSLOG', + 'description' : bad_crypto_warning} + } +setOption("WarnOnFunction", call_blacklist) + +# https://bugzilla.redhat.com/496737, https://bugzilla.redhat.com/646455 +for pkg, exe in (("coreutils", "/bin/su"), + ("krb5-workstation", "/usr/kerberos/bin/ksu"), + ("passwd", "/usr/bin/passwd"), + ("sudo", "/usr/bin/sudo(edit)?"), + ("upstart", "/sbin/initctl"), + ("usermode", "/usr/sbin/userhelper")): + addFilter("%s.* (setuid-binary|non-standard-executable-perm) %s (root )?04" + % (pkg, exe)) diff --git a/rpmlint.spec b/rpmlint.spec new file mode 100644 index 0000000..785ef3d --- /dev/null +++ b/rpmlint.spec @@ -0,0 +1,65 @@ +%global _python_bytecompile_extra 0 + +Name: rpmlint +Version: 1.10 +Release: 18 +Summary: Check the RPM package of tools for common errors +License: GPLv2 +URL: https://github.com/rpm-software-management/rpmlint +Source0: https://github.com/rpm-software-management/rpmlint/archive/rpmlint-%{version}.tar.gz +Source1: rpmlint.config +Source2: rpmlint-etc.config + +Patch0001: rpmlint-1.10-ignore-debuginfo-useless-provides.patch +Patch0002: rpmlint-1.10-flake-cleanups.patch +Patch0003: rpmlint-1.10-missing-files-exception.patch +Patch0004: rpmlint-1.10-py37mtime.patch +Patch0005: rpmlint-1.10-py37magic.patch + +BuildArch: noarch + +BuildRequires: python3-devel rpm-python3 >= 4.4.2.2 python3-pytest sed >= 3.95 +Requires: python3 rpm-python3 >= 4.4.2.2 +Requires: perl-interpreter cpio binutils desktop-file-utils gzip bzip2 xz %{_bindir}/groff + +%description +Rpmlint is to check the RPM package of tools for common errors. You can +check Binary and source packages as well as spec files. + +%package help +Summary: Help document for the rpmlint package + +%description help +Help document for the rpmlint package. + +%prep +%autosetup -n %{name}-%{name}-%{version} -p1 + +sed -i -e /MenuCheck/d Config.py +cp -p config config.example +install -pm 644 %{SOURCE2} config + +%build +make COMPILE_PYC=1 PYTHON=%{__python3} + +%install +touch rpmlint.pyc rpmlint.pyo +%make_install ETCDIR=%{_sysconfdir} MANDIR=%{_mandir} \ + LIBDIR=%{_datadir}/rpmlint BINDIR=%{_bindir} PYTHON=%{__python3} + +install -pm 644 %{SOURCE1} %{buildroot}%{_datadir}/rpmlint/config + + +%files +%doc README.md config.example COPYING +%config(noreplace) %{_sysconfdir}/rpmlint/ +%{_bindir}/{rpmdiff,rpmlint} +%{_datadir}/rpmlint/ +%exclude %{_sysconfdir}/bash_completion.d/ + +%files help +%{_mandir}/man1/* + +%changelog +* Tue Feb 18 2020 wanjiankang - 1.10-18 +- Package init