Introduce brp-check_contents

Add a brp interface for checking contents of files in buildroot.
The initial revision of brp-check_contents scripts checks
for suspicious path names like /var/lib/run, complementing
the change introduced in sisyphus_check-0.8.43-alt1.
This commit is contained in:
Дмитрий Левин 2017-10-25 03:16:59 +00:00
parent baee9cdb9c
commit 7a81369647
5 changed files with 70 additions and 8 deletions

View File

@ -220,6 +220,9 @@ BuildRoot.
атрибуты файлов и каталогов по умолчанию для каждой секции
%files и для каждого файла, включаемого в таких секциях;
%_check_contents_method:
метод, используемый при проверке содержимого файлов в секции %install;
%_cleanup_method:
метод, используемый при удалении ненужных файлов в секции
%install;
@ -251,11 +254,11 @@ BuildRoot.
: список каталогов, в которых производится поиск ELF-файлов на
наличие предоставляемых зависимостей;
%_{cleanup,compress,fixup,verify_elf,findreq,findprov}_topdir:
%_{check_contents,cleanup,compress,fixup,verify_elf,findreq,findprov}_topdir:
точка начала поиска файлов, обрабатываемых соответствующим
методом;
%_{cleanup,compress,fixup,verify_elf,findreq,findprov}_skiplist:
%_{check_contents,cleanup,compress,fixup,verify_elf,findreq,findprov}_skiplist:
список шаблонов файлов, которые будут пропущены при обработке
соответствующим методом;
@ -263,15 +266,13 @@ BuildRoot.
параметр, определяющий влияние неупакованных файлов на
результат сборки;
%set_{cleanup,compress,fixup,verify_{elf,info},perl_req}_method:
%set_{check_contents,cleanup,compress,fixup,verify_{elf,info},perl_req}_method:
изменить значение соответствующего макроса;
%set_{cleanup,compress,fixup,verify_elf,findreq,findprov}_{topdi
r,skiplist}:
%set_{check_contents,cleanup,compress,fixup,verify_elf,findreq,findprov}_{topdir,skiplist}:
изменить значение соответствующего макроса;
%add_{cleanup,compress,fixup,verify_elf,findreq,findprov}_skipli
st:
%add_{check_contents,cleanup,compress,fixup,verify_elf,findreq,findprov}_skiplist:
добавить значение в соответствующий список;
%{add,set}_findprov_lib_path:

View File

@ -920,6 +920,7 @@ AC_OUTPUT([ Doxyfile Makefile rpmrc macros platform rpmpopt
scripts/brp-adjust_libraries
scripts/brp-alt
scripts/brp-bytecompile_python
scripts/brp-check_contents
scripts/brp-cleanup
scripts/brp-compress
scripts/brp-debuginfo

View File

@ -201,6 +201,7 @@
@alt@ export RPM_PACKAGE_VERSION=\"%version\"\
@alt@ export RPM_PACKAGE_RELEASE=\"%release\"\
@alt@ export RPM_BUILD_ROOT=\"%{u2p:%buildroot}\"\
@alt@ %{?_check_contents_method:export RPM_CHECK_CONTENTS_METHOD=\"%_check_contents_method\"}\
@alt@ %{?_cleanup_method:export RPM_CLEANUP_METHOD=\"%_cleanup_method\"}\
@alt@ %{?_compress_method:export RPM_COMPRESS_METHOD=\"%_compress_method\"}\
@alt@ %{?_fixup_method:export RPM_FIXUP_METHOD=\"%_fixup_method\"}\
@ -208,12 +209,14 @@
@alt@ %{?_verify_info_method:export RPM_VERIFY_INFO_METHOD=\"%_verify_info_method\"}\
@alt@ %{?_findreq_method:export RPM_FINDREQ_METHOD=\"%_findreq_method\"}\
@alt@ %{?_findprov_method:export RPM_FINDPROV_METHOD=\"%_findprov_method\"}\
@alt@ %{?_check_contents_topdir:export RPM_CHECK_CONTENTS_TOPDIR=\"%_check_contents_topdir\"}\
@alt@ %{?_cleanup_topdir:export RPM_CLEANUP_TOPDIR=\"%_cleanup_topdir\"}\
@alt@ %{?_compress_topdir:export RPM_COMPRESS_TOPDIR=\"%_compress_topdir\"}\
@alt@ %{?_fixup_topdir:export RPM_FIXUP_TOPDIR=\"%_fixup_topdir\"}\
@alt@ %{?_verify_elf_topdir:export RPM_VERIFY_ELF_TOPDIR=\"%_verify_elf_topdir\"}\
@alt@ %{?_findreq_topdir:export RPM_FINDREQ_TOPDIR=\"%_findreq_topdir\"}\
@alt@ %{?_findprov_topdir:export RPM_FINDPROV_TOPDIR=\"%_findprov_topdir\"}\
@alt@ %{?_check_contents_skiplist:export RPM_CHECK_CONTENTS_SKIPLIST=\"%_check_contents_skiplist\"}\
@alt@ %{?_cleanup_skiplist:export RPM_CLEANUP_SKIPLIST=\"%_cleanup_skiplist\"}\
@alt@ %{?_compress_skiplist:export RPM_COMPRESS_SKIPLIST=\"%_compress_skiplist\"}\
@alt@ %{?_debuginfo_skiplist:export RPM_DEBUGINFO_SKIPLIST=\"%_debuginfo_skiplist\"}\
@ -442,12 +445,14 @@
@alt@
@alt@%_defattr %%defattr(-,root,root,755)
@alt@
@alt@%_check_contents_method default
@alt@%_cleanup_method auto
@alt@%_compress_method auto
@alt@%_verify_elf_method default
@alt@%_verify_info_method normal
@alt@%_fixup_method binconfig pkgconfig libtool desktop
@alt@
@alt@%_check_contents_topdir %nil
@alt@%_cleanup_topdir %nil
@alt@%_compress_topdir %_usr
@alt@%_fixup_topdir %nil
@ -455,6 +460,7 @@
@alt@%_findreq_topdir %nil
@alt@%_findprov_topdir %nil
@alt@
@alt@%_check_contents_skiplist %nil
@alt@%_cleanup_skiplist %nil
@alt@%_compress_skiplist %nil
@alt@%_debuginfo_skiplist %nil
@ -466,12 +472,14 @@
@alt@%_findpackage_path %nil
@alt@%_findprov_lib_path %nil
@alt@
@alt@%set_check_contents_method() %global _check_contents_method %*
@alt@%set_cleanup_method() %global _cleanup_method %*
@alt@%set_compress_method() %global _compress_method %*
@alt@%set_fixup_method() %global _fixup_method %*
@alt@%set_verify_elf_method() %global _verify_elf_method %*
@alt@%set_verify_info_method() %global _verify_info_method %*
@alt@
@alt@%set_check_contents_topdir() %global _check_contents_topdir %*
@alt@%set_cleanup_topdir() %global _cleanup_topdir %*
@alt@%set_compress_topdir() %global _compress_topdir %*
@alt@%set_fixup_topdir() %global _fixup_topdir %*
@ -479,6 +487,7 @@
@alt@%set_findreq_topdir() %global _findreq_topdir %*
@alt@%set_findprov_topdir() %global _findprov_topdir %*
@alt@
@alt@%set_check_contents_skiplist() %global _check_contents_skiplist %*
@alt@%set_cleanup_skiplist() %global _cleanup_skiplist %*
@alt@%set_compress_skiplist() %global _compress_skiplist %*
@alt@%set_debuginfo_skiplist() %global _debuginfo_skiplist %*
@ -490,6 +499,7 @@
@alt@%set_findpackage_path() %global _findpackage_path %*
@alt@%set_findprov_lib_path() %global _findprov_lib_path %*
@alt@
@alt@%add_check_contents_skiplist() %global _check_contents_skiplist %_check_contents_skiplist %*
@alt@%add_cleanup_skiplist() %global _cleanup_skiplist %_cleanup_skiplist %*
@alt@%add_compress_skiplist() %global _compress_skiplist %_compress_skiplist %*
@alt@%add_debuginfo_skiplist() %global _debuginfo_skiplist %_debuginfo_skiplist %*

View File

@ -9,7 +9,7 @@ EXTRA_DIST = \
find-debuginfo-files \
find-scriptlet-requires \
brp-adjust_libraries brp-alt brp-bytecompile_python \
brp-cleanup brp-compress brp-debuginfo \
brp-check_contents brp-cleanup brp-compress brp-debuginfo \
brp-fix-perms brp-fixup brp-hardlink_pyo_pyc \
brp-verify_elf brp-verify-info \
compress_files \
@ -69,6 +69,7 @@ install-data-local:
$(INSTALL) -m755 brp-cleanup $(DESTDIR)$(configdir)/brp.d/008-cleanup.brp
$(INSTALL) -m755 brp-fix-perms $(DESTDIR)$(configdir)/brp.d/016-fix-perms.brp
$(INSTALL) -m755 brp-fixup $(DESTDIR)$(configdir)/brp.d/024-fixup.brp
$(INSTALL) -m755 brp-check_contents $(DESTDIR)$(configdir)/brp.d/028-check_contents.brp
$(INSTALL) -m755 brp-compress $(DESTDIR)$(configdir)/brp.d/032-compress.brp
$(INSTALL) -m755 brp-verify-info $(DESTDIR)$(configdir)/brp.d/040-verify-info.brp
$(INSTALL) -m755 brp-adjust_libraries $(DESTDIR)$(configdir)/brp.d/048-adjust_libraries.brp

49
scripts/brp-check_contents.in Executable file
View File

@ -0,0 +1,49 @@
#!/bin/sh -e
#
# brp-check_contents - check contents of files in buildroot
#
# Copyright (c) 2017 Dmitry V. Levin <ldv@altlinux.org>
# All rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
. @RPMCONFIGDIR@/functions
ValidateBuildRoot
cd "$RPM_BUILD_ROOT"
RPM_CHECK_CONTENTS_METHOD="${RPM_CHECK_CONTENTS_METHOD## }"
RPM_CHECK_CONTENTS_METHOD="${RPM_CHECK_CONTENTS_METHOD%% }"
: ${RPM_CHECK_CONTENTS_TOPDIR:=}
echo "Checking contents of files in $RPM_BUILD_ROOT/$RPM_CHECK_CONTENTS_TOPDIR ($RPM_CHECK_CONTENTS_METHOD)"
case "$RPM_CHECK_CONTENTS_METHOD" in
no|none|skip) exit 0 ;;
strict) report=Fatal ;;
*) report=Warning ;;
esac
[ -d "$RPM_BUILD_ROOT/$RPM_CHECK_CONTENTS_TOPDIR" ] || exit 0
bogus_re='/var/lib/(cache|lib|lock|log|nis|run|spool|www|yp)/'
if grep -Elre "$bogus_re" -- "$RPM_BUILD_ROOT/$RPM_CHECK_CONTENTS_TOPDIR"; then
$report "Contents of files listed above match pattern $bogus_re"
fi
# Run ancillary contents checks.
for f in @RPMCONFIGDIR@/*.check_contents; do
[ -f "$f" -a -x "$f" ] || continue
"$f"
done