| 1 |
Warn the developers if ebuilds install files with xattrs to ${ED}. |
| 2 |
The xattrs may or may not be preserved when installing the package, |
| 3 |
making them unreliable on one hand, and somewhat suprising in other |
| 4 |
cases (e.g. when they unintentionally leak from developer's system). |
| 5 |
|
| 6 |
This is the first step towards restoring PMS compliance and *not* |
| 7 |
preserving extended metadata. |
| 8 |
|
| 9 |
Signed-off-by: Michał Górny <mgorny@g.o> |
| 10 |
--- |
| 11 |
bin/install-qa-check.d/95xattr | 54 ++++++++++++++++++++++++++++++++++ |
| 12 |
1 file changed, 54 insertions(+) |
| 13 |
create mode 100644 bin/install-qa-check.d/95xattr |
| 14 |
|
| 15 |
diff --git a/bin/install-qa-check.d/95xattr b/bin/install-qa-check.d/95xattr |
| 16 |
new file mode 100644 |
| 17 |
index 000000000..07d8042a8 |
| 18 |
--- /dev/null |
| 19 |
+++ b/bin/install-qa-check.d/95xattr |
| 20 |
@@ -0,0 +1,54 @@ |
| 21 |
+# Check for xattrs. |
| 22 |
+ |
| 23 |
+xattr_check() { |
| 24 |
+ type -P getfattr >/dev/null || return |
| 25 |
+ |
| 26 |
+ pushd "${ED}" >/dev/null || die |
| 27 |
+ local x file= keys |
| 28 |
+ local -A data=() |
| 29 |
+ while read -r x; do |
| 30 |
+ case ${x} in |
| 31 |
+ "# file: "*) |
| 32 |
+ file=${x#*: } |
| 33 |
+ file=/${file#.} |
| 34 |
+ ;; |
| 35 |
+ btrfs.*) |
| 36 |
+ # ignore btrfs xattrs, they're implicit fs metadata |
| 37 |
+ ;; |
| 38 |
+ security.capability) |
| 39 |
+ # don't report caps if we have fcaps.eclass inherited |
| 40 |
+ if ! has fcaps ${INHERITED}; then |
| 41 |
+ data[${file}]+=" ${x}" |
| 42 |
+ fi |
| 43 |
+ ;; |
| 44 |
+ ?*) |
| 45 |
+ data[${file}]+=" ${x}" |
| 46 |
+ ;; |
| 47 |
+ esac |
| 48 |
+ done < <(getfattr -R -h -m - . 2>/dev/null) |
| 49 |
+ popd >/dev/null || die |
| 50 |
+ |
| 51 |
+ if [[ ${data[@]} ]]; then |
| 52 |
+ eqawarn "One or more files in \${ED} include extended attributes." |
| 53 |
+ eqawarn |
| 54 |
+ |
| 55 |
+ for file in "${!data[@]}"; do |
| 56 |
+ keys=( ${data[${file}]} ) |
| 57 |
+ for x in "${keys[@]}"; do |
| 58 |
+ eqatag xattr "key=${x}" "${file}" |
| 59 |
+ done |
| 60 |
+ eqawarn " ${file} (${keys[*]})" |
| 61 |
+ done |
| 62 |
+ |
| 63 |
+ eqawarn |
| 64 |
+ eqawarn "It is impossible to reliably guarantee that the extended attributes" |
| 65 |
+ eqawarn "will be reliably preserved while merging. Please ensure that any" |
| 66 |
+ eqawarn "extended metadata necessary is applied in pkg_postinst() phase," |
| 67 |
+ eqawarn "and that the implementation includes a fallback if necessary." |
| 68 |
+ fi |
| 69 |
+} |
| 70 |
+ |
| 71 |
+xattr_check |
| 72 |
+: # guarantee successful exit |
| 73 |
+ |
| 74 |
+# vim:ft=sh |
| 75 |
-- |
| 76 |
2.33.0 |
Archives