1 |
From: Georgy Yakovlev <gyakovlev@g.o> |
2 |
|
3 |
See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8 |
4 |
Signed-off-by: Georgy Yakovlev <gyakovlev@g.o> |
5 |
Signed-off-by: Sam James <sam@g.o> |
6 |
--- |
7 |
metadata/install-qa-check.d/60tmpfiles-paths | 34 ++++++++++++++------ |
8 |
1 file changed, 24 insertions(+), 10 deletions(-) |
9 |
|
10 |
diff --git a/metadata/install-qa-check.d/60tmpfiles-paths b/metadata/install-qa-check.d/60tmpfiles-paths |
11 |
index 81286de584a2..aa666dfb7ce5 100644 |
12 |
--- a/metadata/install-qa-check.d/60tmpfiles-paths |
13 |
+++ b/metadata/install-qa-check.d/60tmpfiles-paths |
14 |
@@ -3,11 +3,14 @@ |
15 |
|
16 |
# QA check: ensure that packages installing tmpfiles configuration inherit the eclass |
17 |
# Maintainer: Sam James <sam@g.o> |
18 |
+# Maintainer: Georgy Yakovlev <gyakovlev@g.o> |
19 |
|
20 |
# Implements two checks: |
21 |
# 1) Installation to /etc/tmpfiles.d (which is a user-customization location); |
22 |
# 2) Installation of any tmpfiles to /usr/lib/tmpfiles.d without inheriting the eclass |
23 |
-# (needed for tmpfiles_process in pkg_postinst) |
24 |
+# (needed for tmpfiles_process in pkg_postinst); |
25 |
+# 3) Check for installation of tmpfiles without calling tmpfiles_process in |
26 |
+# pkg_postinst. |
27 |
tmpfiles_check() { |
28 |
# Check 1 |
29 |
# Scan image for files in /etc/tmpfiles.d which is a forbidden location |
30 |
@@ -17,30 +20,41 @@ tmpfiles_check() { |
31 |
shopt -u nullglob |
32 |
|
33 |
if [[ ${#files[@]} -gt 0 ]]; then |
34 |
- eqawarn "QA Notice: files installed to /etc/tmpfiles.d" |
35 |
- eqawarn "tmpfiles configuration files must be installed by ebuilds /usr/lib/tmpfiles.d!" |
36 |
+ eqawarn "QA Notice: files installed to /etc/tmpfiles.d found" |
37 |
+ eqawarn "tmpfiles configuration files supplied by ebuilds must be installed to /usr/lib/tmpfiles.d" |
38 |
fi |
39 |
|
40 |
# Check 2 |
41 |
# We're now going to check for whether we install files to /usr/lib/tmpfiles.d without |
42 |
# inheriting the eclass (weak catch for ebuilds not calling tmpfiles_process in pkg_postinst) |
43 |
|
44 |
- # No need to carry on if we're inheriting the eclass |
45 |
- if has tmpfiles ${INHERITED} ; then |
46 |
- return |
47 |
- fi |
48 |
- |
49 |
# It's okay for some packages to do this because of circular dependencies and such |
50 |
# See: https://archives.gentoo.org/gentoo-dev/message/0a96793036a4fdd9ac311a46950d7e7b |
51 |
# TODO: Standardize some way of allowing ebuilds to opt-out of checks like this |
52 |
local package=${CATEGORY}/${PN} |
53 |
+ |
54 |
if [[ ${package} == "sys-apps/systemd" || ${package} == "sys-libs/pam" ]] ; then |
55 |
return |
56 |
fi |
57 |
|
58 |
if [[ -d "${ED}"/usr/lib/tmpfiles.d/ ]] ; then |
59 |
- eqawarn "QA Notice: package is installing tmpfiles without inheriting tmpfiles.eclass!" |
60 |
- eqawarn "Packages must inherit tmpfiles.eclass then call tmpfiles_process in pkg_postinst." |
61 |
+ if ! has tmpfiles ${INHERITED} ; then |
62 |
+ eqawarn "QA Notice: package is installing tmpfiles without inheriting tmpfiles.eclass!" |
63 |
+ eqawarn "Packages must inherit tmpfiles.eclass then call tmpfiles_process in pkg_postinst." |
64 |
+ return |
65 |
+ fi |
66 |
+ |
67 |
+ # Check 3 |
68 |
+ # Check whether we're installing tmpfiles without explicitly |
69 |
+ # calling tmpfiles_process in pkg_postinst, but we have inherited |
70 |
+ # the eclass. |
71 |
+ # Small risk of false positives if called indirectly. |
72 |
+ # See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8 |
73 |
+ local pkg_postinst_body="$(declare -fp pkg_postinst 2>&1)" |
74 |
+ if [[ ! ${pkg_postinst_body} == *tmpfiles_process* ]] ; then |
75 |
+ eqawarn "QA Notice: package is installing tmpfiles without calling" |
76 |
+ eqawarn "tmpfiles_process in pkg_postinst phase" |
77 |
+ fi |
78 |
fi |
79 |
} |
80 |
|
81 |
-- |
82 |
2.32.0 |