From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 4D8F1138334 for ; Tue, 4 Sep 2018 17:53:47 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0436FE07D7; Tue, 4 Sep 2018 17:53:46 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CF462E07D7 for ; Tue, 4 Sep 2018 17:53:45 +0000 (UTC) Received: from localhost.localdomain (d202-252.icpnet.pl [109.173.202.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 2DB30335C8D; Tue, 4 Sep 2018 17:53:43 +0000 (UTC) From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= To: gentoo-portage-dev@lists.gentoo.org Cc: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= Subject: [gentoo-portage-dev] [PATCH v2] install-qa-checks.d: Add a check for Gentoo path policies (FHS-y) Date: Tue, 4 Sep 2018 19:53:38 +0200 Message-Id: <20180904175338.3146-1-mgorny@gentoo.org> X-Mailer: git-send-email 2.18.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org X-Archives-Salt: 37227d74-2277-4473-93f9-eff3f9c785ae X-Archives-Hash: 040f8db000c1f32d44ebc89343661038 Add a check that verifies whether ebuilds don't install to paths forbidden by the policy. This mostly aims to verbosely report bugs such as missing dependencies causing empty install paths, resulting in files ending up in / and bad upstreams. This should also help detect the relatively common mistake of using /usr/share/doc/${P} instead of ${PF}. The initial list of allowed paths was based on what ebuilds installed to my system. --- bin/install-qa-check.d/08gentoo-paths | 80 +++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 bin/install-qa-check.d/08gentoo-paths Changes in v2: * added a comment wrt /usr/games (as suggested by ulm). diff --git a/bin/install-qa-check.d/08gentoo-paths b/bin/install-qa-check.d/08gentoo-paths new file mode 100644 index 000000000..946185cc2 --- /dev/null +++ b/bin/install-qa-check.d/08gentoo-paths @@ -0,0 +1,80 @@ +# Check whether ebuilds are not installing new, non-Gentoo-ey paths. + +gentoo_path_check() { + # allowed path definitions + # ------------------------ + + # directories common to / and /usr + local allowed_common_dirs=( + bin lib lib32 lib64 libx32 sbin + ) + + # toplevel directories which can be installed to by ebuilds + # /home is not included as no ebuilds should install files there + local allowed_paths_toplevel=( + "${allowed_common_dirs[@]}" + boot dev etc opt srv usr var + # TODO: do we need it? gconf installs empty dir there but that's + # all + root + ) + + # directories in /usr which can be installed to by ebuilds + # /usr/games is not included as it is banned nowadays + local allowed_paths_usr=( + "${allowed_common_dirs[@]}" + include libexec share src + # toolchain stuff + "${CHOST}" "${CTARGET}" + ) + + + # the logic + # --------- + local bad_paths=() + local x + + local shopt_save=$(shopt -p nullglob) + shopt -s nullglob + + # 1. check for unexpected top-level directories + local toplevel_dirs=( "${ED%/}"/* ) + for x in "${toplevel_dirs[@]##*/}"; do + if ! has "${x}" "${allowed_paths_toplevel[@]}"; then + bad_paths+=( "/${x}" ) + fi + done + + # 2. check for unexpected /usr subdirectories + local usr_dirs=( "${ED%/}"/usr/* ) + for x in "${usr_dirs[@]##*/}"; do + if ! has "${x}" "${allowed_paths_usr[@]}"; then + bad_paths+=( "/usr/${x}" ) + fi + done + + # 3. check for unexpected /usr/share/doc subdirectories + local doc_dirs=( "${ED%/}"/usr/share/doc/* ) + for x in "${doc_dirs[@]##*/}"; do + if [[ ${x} != ${PF} ]]; then + bad_paths+=( "/usr/share/doc/${x}" ) + fi + done + + ${shopt_save} + + # report + # ------ + if [[ -n ${bad_paths[@]} ]]; then + eqawarn "The ebuild is installing to one or more unexpected paths:" + eqawarn + eqatag -v non-gentoo-paths "${bad_paths[@]}" + eqawarn + eqawarn "Please fix the ebuild to use correct FHS/Gentoo policy paths." + fi +} + +gentoo_path_check +: # guarantee successful exit + +# vim:ft=sh -- 2.18.0