| 1 |
Very similar to tmpfiles.eclass check (60tmpfiles-paths). |
| 2 |
|
| 3 |
Three checks: |
| 4 |
1) Verify packages don't install udev rules to /etc/udev/rules.d, which |
| 5 |
is a forbidden (user-configuration) location; |
| 6 |
|
| 7 |
2) Check whether packages inherit udev.eclass if they're |
| 8 |
installing files to /lib/udev/rules.d/.. |
| 9 |
|
| 10 |
(This helps to catch packages not calling udev_reload |
| 11 |
in pkg_postinst). |
| 12 |
|
| 13 |
3) Check for missing udev_process calls in pkg_postinst. |
| 14 |
|
| 15 |
Bug: https://bugs.gentoo.org/433916 |
| 16 |
See: c7fe1066a8fcd35f965de4ea16c9cd1001830642 |
| 17 |
Signed-off-by: Sam James <sam@g.o> |
| 18 |
--- |
| 19 |
metadata/install-qa-check.d/60udev-eclass | 63 +++++++++++++++++++++++ |
| 20 |
1 file changed, 63 insertions(+) |
| 21 |
create mode 100644 metadata/install-qa-check.d/60udev-eclass |
| 22 |
|
| 23 |
diff --git a/metadata/install-qa-check.d/60udev-eclass b/metadata/install-qa-check.d/60udev-eclass |
| 24 |
new file mode 100644 |
| 25 |
index 000000000000..cf8e08e9971e |
| 26 |
--- /dev/null |
| 27 |
+++ b/metadata/install-qa-check.d/60udev-eclass |
| 28 |
@@ -0,0 +1,63 @@ |
| 29 |
+# Copyright 2021-2022 Gentoo Authors |
| 30 |
+# Distributed under the terms of the GNU General Public License v2 |
| 31 |
+ |
| 32 |
+# QA check: ensure that packages installing udev rules inherit the eclass |
| 33 |
+# Maintainer: Sam James <sam@g.o> |
| 34 |
+ |
| 35 |
+# Implements three checks: |
| 36 |
+# 1) Installation to /etc/udev/rules.d (which is a user-customization location); |
| 37 |
+# 2) Installation of any udev rules to /lib/udev/rules.d without inheriting the eclass |
| 38 |
+# (needed for udev_reload in pkg_postinst); |
| 39 |
+# 3) Check for installation of udev rules without calling udev_reload in |
| 40 |
+# pkg_postinst. |
| 41 |
+udev_rules_check() { |
| 42 |
+ # Check 1 |
| 43 |
+ # Scan image for files in /etc/udev/rules.d which is a forbidden location |
| 44 |
+ # (We use this glob to avoid triggering on keepdir) |
| 45 |
+ shopt -s nullglob |
| 46 |
+ local files=( "${ED}"/etc/udev/rules.d/* ) |
| 47 |
+ shopt -u nullglob |
| 48 |
+ |
| 49 |
+ if [[ ${#files[@]} -gt 0 ]]; then |
| 50 |
+ eqawarn "QA Notice: files installed to /etc/udev/rules.d found" |
| 51 |
+ eqawarn "udev rules files supplied by ebuilds must be installed to /lib/udev/rules.d/" |
| 52 |
+ fi |
| 53 |
+ |
| 54 |
+ # Check 2 |
| 55 |
+ # We're now going to check for whether we install files to /lib/udev/rules.d/ without |
| 56 |
+ # inheriting the eclass (weak catch for ebuilds not calling udev_reload in pkg_postinst) |
| 57 |
+ |
| 58 |
+ if [[ -n ${UDEV_OPTIONAL} ]] ; then |
| 59 |
+ # While imperfect, using ${UDEV_OPTIONAL} is good enough to allow opting out |
| 60 |
+ # for e.g. sys-apps/portage, sys-apps/systemd, sys-libs/pam, etc. We may want |
| 61 |
+ # a better/more standardised way to opt out from QA checks in future. |
| 62 |
+ # It's okay for some packages to do this because of circular dependencies and such |
| 63 |
+ # See: https://archives.gentoo.org/gentoo-dev/message/0a96793036a4fdd9ac311a46950d7e7b |
| 64 |
+ return |
| 65 |
+ fi |
| 66 |
+ |
| 67 |
+ if [[ -d "${ED}"/lib/udev/rules.d/ ]] ; then |
| 68 |
+ if ! has udev ${INHERITED} ; then |
| 69 |
+ eqawarn "QA Notice: package is installing udev ruleswithout inheriting udev.eclass!" |
| 70 |
+ eqawarn "Packages must inherit udev.eclass then call udev_reload in pkg_postinst." |
| 71 |
+ return |
| 72 |
+ fi |
| 73 |
+ |
| 74 |
+ # Check 3 |
| 75 |
+ # Check whether we're installing udev rules without explicitly |
| 76 |
+ # calling udev_reload in pkg_postinst, but we have inherited |
| 77 |
+ # the eclass. |
| 78 |
+ # Small risk of false positives if called indirectly. |
| 79 |
+ # See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8 |
| 80 |
+ local pkg_postinst_body="$(declare -fp pkg_postinst 2>&1)" |
| 81 |
+ if [[ ! ${pkg_postinst_body} == *udev_reload* ]] ; then |
| 82 |
+ eqawarn "QA Notice: package is installing udev rules without calling" |
| 83 |
+ eqawarn "udev_reload in pkg_postinst phase" |
| 84 |
+ fi |
| 85 |
+ fi |
| 86 |
+} |
| 87 |
+ |
| 88 |
+udev_rules_check |
| 89 |
+: # guarantee successful exit |
| 90 |
+ |
| 91 |
+# vim:ft=sh |
| 92 |
-- |
| 93 |
2.35.1 |
Archives