From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-95269-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id CF51E139360
	for <garchives@archives.gentoo.org>; Fri, 13 Aug 2021 03:45:01 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 2E8E1E0886;
	Fri, 13 Aug 2021 03:43:58 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D5981E087E
	for <gentoo-dev@lists.gentoo.org>; Fri, 13 Aug 2021 03:43:57 +0000 (UTC)
From: Sam James <sam@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: qa@gentoo.org,
	Georgy Yakovlev <gyakovlev@gentoo.org>,
	Sam James <sam@gentoo.org>
Subject: [gentoo-dev] [PATCH v2 4/4] metadata/install-qa-check.d: add check for missing tmpfiles_process call
Date: Fri, 13 Aug 2021 04:43:40 +0100
Message-Id: <20210813034340.2835238-4-sam@gentoo.org>
X-Mailer: git-send-email 2.32.0
In-Reply-To: <20210813034340.2835238-1-sam@gentoo.org>
References: <20210813034340.2835238-1-sam@gentoo.org>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Archives-Salt: ce201762-0627-4fc0-b3a7-c374ed451524
X-Archives-Hash: c2c43904f67db32a80292dd10f386401

From: Georgy Yakovlev <gyakovlev@gentoo.org>

See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
Signed-off-by: Sam James <sam@gentoo.org>
---
 metadata/install-qa-check.d/60tmpfiles-paths | 34 ++++++++++++++------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/metadata/install-qa-check.d/60tmpfiles-paths b/metadata/install-qa-check.d/60tmpfiles-paths
index 81286de584a2..aa666dfb7ce5 100644
--- a/metadata/install-qa-check.d/60tmpfiles-paths
+++ b/metadata/install-qa-check.d/60tmpfiles-paths
@@ -3,11 +3,14 @@
 
 # QA check: ensure that packages installing tmpfiles configuration inherit the eclass
 # Maintainer: Sam James <sam@gentoo.org>
+# Maintainer: Georgy Yakovlev <gyakovlev@gentoo.org>
 
 # Implements two checks:
 # 1) Installation to /etc/tmpfiles.d (which is a user-customization location);
 # 2) Installation of any tmpfiles to /usr/lib/tmpfiles.d without inheriting the eclass
-#    (needed for tmpfiles_process in pkg_postinst)
+#    (needed for tmpfiles_process in pkg_postinst);
+# 3) Check for installation of tmpfiles without calling tmpfiles_process in
+#    pkg_postinst.
 tmpfiles_check() {
 	# Check 1
 	# Scan image for files in /etc/tmpfiles.d which is a forbidden location
@@ -17,30 +20,41 @@ tmpfiles_check() {
 	shopt -u nullglob
 
 	if [[ ${#files[@]} -gt 0 ]]; then
-		eqawarn "QA Notice: files installed to /etc/tmpfiles.d"
-		eqawarn "tmpfiles configuration files must be installed by ebuilds /usr/lib/tmpfiles.d!"
+		eqawarn "QA Notice: files installed to /etc/tmpfiles.d found"
+		eqawarn "tmpfiles configuration files supplied by ebuilds must be installed to /usr/lib/tmpfiles.d"
 	fi
 
 	# Check 2
 	# We're now going to check for whether we install files to /usr/lib/tmpfiles.d without
 	# inheriting the eclass (weak catch for ebuilds not calling tmpfiles_process in pkg_postinst)
 
-	# No need to carry on if we're inheriting the eclass
-	if has tmpfiles ${INHERITED} ; then
-		return
-	fi
-
 	# It's okay for some packages to do this because of circular dependencies and such
 	# See: https://archives.gentoo.org/gentoo-dev/message/0a96793036a4fdd9ac311a46950d7e7b
 	# TODO: Standardize some way of allowing ebuilds to opt-out of checks like this
 	local package=${CATEGORY}/${PN}
+
 	if [[ ${package} == "sys-apps/systemd" || ${package} == "sys-libs/pam" ]] ; then
 		return
 	fi
 
 	if [[ -d "${ED}"/usr/lib/tmpfiles.d/ ]] ; then
-		eqawarn "QA Notice: package is installing tmpfiles without inheriting tmpfiles.eclass!"
-		eqawarn "Packages must inherit tmpfiles.eclass then call tmpfiles_process in pkg_postinst."
+		if ! has tmpfiles ${INHERITED} ; then
+			eqawarn "QA Notice: package is installing tmpfiles without inheriting tmpfiles.eclass!"
+			eqawarn "Packages must inherit tmpfiles.eclass then call tmpfiles_process in pkg_postinst."
+			return
+		fi
+
+		# Check 3
+		# Check whether we're installing tmpfiles without explicitly
+		# calling tmpfiles_process in pkg_postinst, but we have inherited
+		# the eclass.
+		# Small risk of false positives if called indirectly.
+		# See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8
+		local pkg_postinst_body="$(declare -fp pkg_postinst 2>&1)"
+		if [[ ! ${pkg_postinst_body} == *tmpfiles_process* ]] ; then
+			eqawarn "QA Notice: package is installing tmpfiles without calling"
+			eqawarn "tmpfiles_process in pkg_postinst phase"
+		fi
 	fi
 }
 
-- 
2.32.0