1 |
commit: fe2c69be92364e912384cd07c0b122b0e80168f0 |
2 |
Author: Sam James <sam <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Apr 28 03:06:40 2022 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Apr 30 19:13:18 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fe2c69be |
7 |
|
8 |
metadata/install-qa-check.d: add new QA check for udev rules |
9 |
|
10 |
Very similar to tmpfiles.eclass check (60tmpfiles-paths). |
11 |
|
12 |
Three checks: |
13 |
1) Verify packages don't install udev rules to /etc/udev/rules.d, which |
14 |
is a forbidden (user-configuration) location; |
15 |
|
16 |
2) Check whether packages inherit udev.eclass if they're |
17 |
installing files to /lib/udev/rules.d/.. |
18 |
|
19 |
(This helps to catch packages not calling udev_reload |
20 |
in pkg_postinst). |
21 |
|
22 |
3) Check for missing udev_process calls in pkg_postinst. |
23 |
|
24 |
Bug: https://bugs.gentoo.org/433916 |
25 |
See: c7fe1066a8fcd35f965de4ea16c9cd1001830642 |
26 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
27 |
|
28 |
metadata/install-qa-check.d/60udev-eclass | 63 +++++++++++++++++++++++++++++++ |
29 |
1 file changed, 63 insertions(+) |
30 |
|
31 |
diff --git a/metadata/install-qa-check.d/60udev-eclass b/metadata/install-qa-check.d/60udev-eclass |
32 |
new file mode 100644 |
33 |
index 000000000000..cf8e08e9971e |
34 |
--- /dev/null |
35 |
+++ b/metadata/install-qa-check.d/60udev-eclass |
36 |
@@ -0,0 +1,63 @@ |
37 |
+# Copyright 2021-2022 Gentoo Authors |
38 |
+# Distributed under the terms of the GNU General Public License v2 |
39 |
+ |
40 |
+# QA check: ensure that packages installing udev rules inherit the eclass |
41 |
+# Maintainer: Sam James <sam@g.o> |
42 |
+ |
43 |
+# Implements three checks: |
44 |
+# 1) Installation to /etc/udev/rules.d (which is a user-customization location); |
45 |
+# 2) Installation of any udev rules to /lib/udev/rules.d without inheriting the eclass |
46 |
+# (needed for udev_reload in pkg_postinst); |
47 |
+# 3) Check for installation of udev rules without calling udev_reload in |
48 |
+# pkg_postinst. |
49 |
+udev_rules_check() { |
50 |
+ # Check 1 |
51 |
+ # Scan image for files in /etc/udev/rules.d which is a forbidden location |
52 |
+ # (We use this glob to avoid triggering on keepdir) |
53 |
+ shopt -s nullglob |
54 |
+ local files=( "${ED}"/etc/udev/rules.d/* ) |
55 |
+ shopt -u nullglob |
56 |
+ |
57 |
+ if [[ ${#files[@]} -gt 0 ]]; then |
58 |
+ eqawarn "QA Notice: files installed to /etc/udev/rules.d found" |
59 |
+ eqawarn "udev rules files supplied by ebuilds must be installed to /lib/udev/rules.d/" |
60 |
+ fi |
61 |
+ |
62 |
+ # Check 2 |
63 |
+ # We're now going to check for whether we install files to /lib/udev/rules.d/ without |
64 |
+ # inheriting the eclass (weak catch for ebuilds not calling udev_reload in pkg_postinst) |
65 |
+ |
66 |
+ if [[ -n ${UDEV_OPTIONAL} ]] ; then |
67 |
+ # While imperfect, using ${UDEV_OPTIONAL} is good enough to allow opting out |
68 |
+ # for e.g. sys-apps/portage, sys-apps/systemd, sys-libs/pam, etc. We may want |
69 |
+ # a better/more standardised way to opt out from QA checks in future. |
70 |
+ # It's okay for some packages to do this because of circular dependencies and such |
71 |
+ # See: https://archives.gentoo.org/gentoo-dev/message/0a96793036a4fdd9ac311a46950d7e7b |
72 |
+ return |
73 |
+ fi |
74 |
+ |
75 |
+ if [[ -d "${ED}"/lib/udev/rules.d/ ]] ; then |
76 |
+ if ! has udev ${INHERITED} ; then |
77 |
+ eqawarn "QA Notice: package is installing udev ruleswithout inheriting udev.eclass!" |
78 |
+ eqawarn "Packages must inherit udev.eclass then call udev_reload in pkg_postinst." |
79 |
+ return |
80 |
+ fi |
81 |
+ |
82 |
+ # Check 3 |
83 |
+ # Check whether we're installing udev rules without explicitly |
84 |
+ # calling udev_reload in pkg_postinst, but we have inherited |
85 |
+ # the eclass. |
86 |
+ # Small risk of false positives if called indirectly. |
87 |
+ # See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8 |
88 |
+ local pkg_postinst_body="$(declare -fp pkg_postinst 2>&1)" |
89 |
+ if [[ ! ${pkg_postinst_body} == *udev_reload* ]] ; then |
90 |
+ eqawarn "QA Notice: package is installing udev rules without calling" |
91 |
+ eqawarn "udev_reload in pkg_postinst phase" |
92 |
+ fi |
93 |
+ fi |
94 |
+} |
95 |
+ |
96 |
+udev_rules_check |
97 |
+: # guarantee successful exit |
98 |
+ |
99 |
+# vim:ft=sh |