[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[lintian] 01/01: Emit an error if packages ship files in /etc/skel. Thanks to Paul Wise for the suggestion. (Closes: #887120)

This is an automated email from the git hooks/post-receive script.

lamby pushed a commit to branch master
in repository lintian.

commit dca1d6cda05d88322d759e9a472ea3ca2a2598cc
Author: Chris Lamb <lamby@debian.org>
Date:   Mon Jan 15 18:24:28 2018 +1100

    Emit an error if packages ship files in /etc/skel. Thanks to Paul Wise for the suggestion. (Closes: #887120)
---
 checks/files.desc                         | 14 ++++++++++++++
 data/files/fnames                         |  1 +
 debian/changelog                          |  2 ++
 t/tests/files-general/debian/debian/dirs  |  1 +
 t/tests/files-general/debian/debian/rules |  8 ++++++++
 t/tests/files-general/desc                |  1 +
 t/tests/files-general/tags                |  1 +
 7 files changed, 28 insertions(+)

diff --git a/checks/files.desc b/checks/files.desc
index 9e2caa0..e099893 100644
--- a/checks/files.desc
+++ b/checks/files.desc
@@ -1900,3 +1900,17 @@ Info: This package appears to contain Python test files such as
  mistake to pollute the "top-level" namespace in this way.
  .
  Please install them to a subdirectory instead.
+
+Tag: package-contains-file-in-etc-skel
+Severity: serious
+Certainty: certain
+Info: This package ships the specified file under <tt>/etc/skel</tt>. Files
+ in this directory are copied into new user accounts by <tt>adduser(8)</tt>.
+ .
+ However, <tt>/etc/skel</tt> should be empty as possible as there is no
+ mechanism for ensuring files are copied into the accounts of existing
+ users when the package is installed.
+ .
+ Please remove the installation of this file, ensuring this package
+ can automatically create them or can otherwise function without them.
+Ref: policy 10.7.5
diff --git a/data/files/fnames b/data/files/fnames
index 2cd0179..a6d3953 100644
--- a/data/files/fnames
+++ b/data/files/fnames
@@ -2,6 +2,7 @@
 # Format: tag ~~ $fname regexp
 file-name-contains-wildcard-character   ~~ [*?]
 package-contains-compiled-glib-schema   ~~ ^usr/share/glib-[^\/]+/schemas/gschemas\.compiled$
+package-contains-file-in-etc-skel       ~~ ^etc/skel/(?!\.(bash(rc|_logout)|m?kshrc|profile)).
 package-contains-python-coverage-file   ~~ (^|/)\.coverage$
 package-contains-python-doctree-file    ~~ \.doctree$
 package-contains-python-hypothesis-example    ~~ /\.hypothesis/examples/[^\)]+/.+
diff --git a/debian/changelog b/debian/changelog
index 6eb659f..33ac005 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -37,6 +37,8 @@ lintian (2.5.69) UNRELEASED; urgency=medium
   * data/files/fnames:
     + [CL] Warn about packages that ship (eg.) test_foo.py files in the
       global Python module namespace.
+    + [CL] Emit an error if packages ship files in /etc/skel. Thanks to
+      Paul Wise for the suggestion.  (Closes: #887120)
   * data/files/fonts:
     + [ADB] Refresh.
   * data/fields/name_section_mappings:
diff --git a/t/tests/files-general/debian/debian/dirs b/t/tests/files-general/debian/debian/dirs
index 80c5644..e0db7b1 100644
--- a/t/tests/files-general/debian/debian/dirs
+++ b/t/tests/files-general/debian/debian/dirs
@@ -1,4 +1,5 @@
 etc
+etc/skel
 usr/bin
 usr/doc
 usr/lib/python3/dist-packages/foo
diff --git a/t/tests/files-general/debian/debian/rules b/t/tests/files-general/debian/debian/rules
index 6a7f6a3..8902a06 100755
--- a/t/tests/files-general/debian/debian/rules
+++ b/t/tests/files-general/debian/debian/rules
@@ -8,6 +8,14 @@ tmp := $(CURDIR)/debian/$(shell dh_listpackages)
 override_dh_install:
 	dh_install
 	echo "#fake conf file" > $(tmp)/etc/pam.conf
+	# true positives
+	touch $(tmp)/etc/skel/.lintianrc
+	# false positives
+	touch $(tmp)/etc/skel/.bashrc
+	touch $(tmp)/etc/skel/.bash_logout
+	touch $(tmp)/etc/skel/.profile
+	touch $(tmp)/etc/skel/.kshrc
+	touch $(tmp)/etc/skel/.mkshrc
 	echo "Back-up file" > $(tmp)/usr/share/foo/file~
 	# The name of the "binary" is "Tori no Uta"
 	# If it is ever messed up, it can be restored by
diff --git a/t/tests/files-general/desc b/t/tests/files-general/desc
index b692d30..9c685c7 100644
--- a/t/tests/files-general/desc
+++ b/t/tests/files-general/desc
@@ -25,6 +25,7 @@ Test-For:
  obsolete-comments-style-in-php-ini
  package-contains-compiled-glib-schema
  package-contains-empty-directory
+ package-contains-file-in-etc-skel
  package-contains-info-dir-file
  package-contains-mime-cache-file
  package-contains-mimeinfo.cache-file
diff --git a/t/tests/files-general/tags b/t/tests/files-general/tags
index 8eedfef..1259e03 100644
--- a/t/tests/files-general/tags
+++ b/t/tests/files-general/tags
@@ -16,6 +16,7 @@ E: files-general: package-contains-compiled-font-file usr/share/fonts/X11/misc/f
 E: files-general: package-contains-compiled-font-file usr/share/fonts/X11/misc/fonts.dir
 E: files-general: package-contains-compiled-font-file usr/share/fonts/X11/misc/fonts.scale
 E: files-general: package-contains-compiled-glib-schema usr/share/glib-2.0/schemas/gschemas.compiled
+E: files-general: package-contains-file-in-etc-skel etc/skel/.lintianrc
 E: files-general: package-contains-info-dir-file usr/share/info/dir.gz
 E: files-general: package-contains-mime-cache-file usr/share/mime/types
 E: files-general: package-contains-mimeinfo.cache-file usr/share/applications/mimeinfo.cache

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: