diff --git a/0001-split-wrong-script-interpreter-into-env-script-inter.patch b/0001-split-wrong-script-interpreter-into-env-script-inter.patch new file mode 100644 index 0000000..3418adb --- /dev/null +++ b/0001-split-wrong-script-interpreter-into-env-script-inter.patch @@ -0,0 +1,70 @@ +From a4618650898aece5c4838e71853310b54f6e29fa Mon Sep 17 00:00:00 2001 +From: Dirk Mueller +Date: Sun, 1 Oct 2017 22:08:20 +0200 +Subject: [PATCH] split wrong-script-interpreter into env-script-interpreter + +For mere mortals, details message for wrong-script-interpreter +does not explain why the env as shebang is an issue. Splitting +that case into a separate diagnostic allows a more detailed +info message alongside that gives a better rationale. +--- + FilesCheck.py | 32 ++++++++++++++++++++++++++------ + 1 file changed, 26 insertions(+), 6 deletions(-) + +diff --git a/FilesCheck.py b/FilesCheck.py +index 0b93e73..6a97601 100644 +--- a/FilesCheck.py ++++ b/FilesCheck.py +@@ -848,12 +848,15 @@ class FilesCheck(AbstractCheck.AbstractCheck): + elif interpreter or mode_is_exec or script_regex.search(f): + if interpreter: + res = interpreter_regex.search(interpreter) +- is_wrong_interpreter = (not res or (res and +- res.group(1) == 'env')) +- if ((mode_is_exec or script_regex.search(f)) and +- is_wrong_interpreter): +- printError(pkg, 'wrong-script-interpreter', +- f, interpreter, interpreter_args) ++ if (mode_is_exec or script_regex.search(f)): ++ if res and res.group(1) == 'env': ++ printError(pkg, 'env-script-interpreter', ++ f, interpreter, ++ interpreter_args) ++ elif not res: ++ printError(pkg, 'wrong-script-interpreter', ++ f, interpreter, ++ interpreter_args) + elif not nonexec_file and not \ + (lib_path_regex.search(f) and + f.endswith('.la')): +@@ -1280,10 +1283,27 @@ executed.''', + 'wrong-script-interpreter', + '''This script uses an interpreter which is either an inappropriate one + or located in an inappropriate directory for packaged system software. ++ + Alternatively, if the file should not be executed, then ensure that + it is not marked as executable. + ''', + ++'env-script-interpreter', ++'''This script uses 'env' as an interpreter. ++For the rpm runtime dependency detection to work, the shebang ++#!/usr/bin/env python ++ ++needs to be patched into ++#!/usr/bin/python ++ ++otherwise the package dependency generator merely adds a dependency ++on /usr/bin/env rather than the actual interpreter /usr/bin/python. ++ ++Alternatively, if the file should not be executed, then ensure that ++it is not marked as executable or don't install it in a path that ++is reserved for executables. ++''', ++ + 'non-executable-script', + '''This text file contains a shebang or is located in a path dedicated for + executables, but lacks the executable bits and cannot thus be executed. If +-- +2.14.1 + diff --git a/rpmlint.changes b/rpmlint.changes index d33bfd6..3f70e3e 100644 --- a/rpmlint.changes +++ b/rpmlint.changes @@ -94,7 +94,8 @@ Thu Sep 28 10:40:08 UTC 2017 - dmueller@suse.com ignore-readelf-ar-error.diff, remove-ghostfile-checks.diff, fix-diag-sortorder.diff, drop-unicodedata-dep.diff, 0001-Tighten-wrong-script-interpreter-check-to-lower-fals.patch, - 0001-Improve-XDG-Menu-checks-stability.patch + 0001-Improve-XDG-Menu-checks-stability.patch, + 0001-split-wrong-script-interpreter-into-env-script-inter.patch - drop config.in: unused - switch to python 3.x diff --git a/rpmlint.spec b/rpmlint.spec index 6743605..61e434c 100644 --- a/rpmlint.spec +++ b/rpmlint.spec @@ -80,6 +80,7 @@ Patch61: 0001-Execute-chroot-tests-also-on-x86-rpms.patch Patch62: ignore-readelf-ar-error.diff Patch63: fix-diag-sortorder.diff Patch64: drop-unicodedata-dep.diff +Patch65: 0001-split-wrong-script-interpreter-into-env-script-inter.patch Patch70: rpmlint-all-pie.patch BuildRequires: obs-service-format_spec_file BuildRequires: python3-flake8