Accepting request 565802 from devel:openSUSE:Factory:rpmlint

OBS-URL: https://build.opensuse.org/request/show/565802
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rpmlint?expand=0&rev=286

0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch

@@ -0,0 +1,77 @@
+From 5237c197f56698d55fd1d18f8127f6e947350d80 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <stefan.bruens@rwth-aachen.de>
+Date: Wed, 11 Oct 2017 16:29:21 +0200
+Subject: [PATCH] Binariescheck: Check for chroot/chdir on ARM, PPC
+
+The assembly on ARM looks almost the same as the x86 assembly, but
+with a branch mnemonic (bl) instead of an explicit call.
+
+On PPC, library function calls use jump tables, so the vicinity check does
+not work, but we can at least detect a sole chroot without chdir.
+---
+ BinariesCheck.py | 28 +++++++++++++++++++---------
+ 1 file changed, 19 insertions(+), 9 deletions(-)
+
+diff --git a/BinariesCheck.py b/BinariesCheck.py
+index bd75558..8d224a8 100644
+--- a/BinariesCheck.py
++++ b/BinariesCheck.py
+@@ -54,8 +54,6 @@ class BinaryInfo(object):
+     setuid_call_regex = create_regexp_call(r'set(?:res|e)?uid')
+     setgroups_call_regex = create_regexp_call(r'(?:ini|se)tgroups')
+     chroot_call_regex = create_regexp_call('chroot')
+-    # 401eb8:   e8 c3 f0 ff ff          callq  400f80 <chdir@plt>
+-    objdump_call_regex = re.compile(br'callq?\s(.*)')
+     debuginfo_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.debug_.*\s+')
+     symtab_regex = re.compile(r'^\s+\[\s*\d+\]\s+\.symtab\s+')
+     gethostbyname_call_regex = create_regexp_call(r'(gethostbyname|gethostbyname2|gethostbyaddr|gethostbyname_r|gethostbyname2_r|gethostbyaddr_r)')
+@@ -96,6 +94,16 @@ class BinaryInfo(object):
+         self.mktemp = False
+ 
+         is_debug = path.endswith('.debug')
++        # Currently this implementation works only on specific
++        # architectures due to reliance on arch specific assembly.
++        if pkg.arch in ['armv6hl', 'armv7hl', 'aarch64']:
++            # 10450:   ebffffec        bl      10408 <chroot@plt>
++            BinaryInfo.objdump_call_regex = re.compile(br'\sbl\s+(.*)')
++        elif (pkg.arch.endswith('86') or pkg.arch == 'x86_64'):
++            # 401eb8:   e8 c3 f0 ff ff          callq  400f80 <chdir@plt>
++            BinaryInfo.objdump_call_regex = re.compile(br'callq?\s(.*)')
++        else:
++            BinaryInfo.objdump_call_regex = None
+ 
+         res = Pkg.getstatusoutput(
+             ('readelf', '-W', '-S', '-l', '-d', '-s', path))
+@@ -204,10 +212,13 @@ class BinaryInfo(object):
+ 
+             # check if chroot is near chdir (since otherwise, chroot is called
+             # without chdir)
+-            # Currently this implementation works only on x86_64 due to reliance
+-            # on x86_64 specific assembly. Skip it on other architectures
+-            if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and
+-                    self.chroot and self.chdir):
++            if not BinaryInfo.objdump_call_regex and self.chroot and self.chdir:
++                # On some architectures, e.g. PPC, it is to difficult to
++                # find the actual invocations of chroot/chdir, if both
++                # exist assume chroot is fine
++                self.chroot_near_chdir = True
++
++            elif self.chroot and self.chdir:
+                 p = subprocess.Popen(('objdump', '-d', path),
+                                      stdout=subprocess.PIPE, bufsize=-1,
+                                      env=dict(os.environ, LC_ALL="C"))
+@@ -537,9 +548,8 @@ class BinariesCheck(AbstractCheck.AbstractCheck):
+                 printError(pkg, 'missing-call-to-setgroups-before-setuid',
+                            fname)
+ 
+-            if ((pkg.arch.endswith('86') or pkg.arch == 'x86_64') and bin_info.chroot):
+-                if not bin_info.chdir or not bin_info.chroot_near_chdir:
+-                    printError(pkg, 'missing-call-to-chdir-with-chroot', fname)
++            if bin_info.chroot and not bin_info.chroot_near_chdir:
++                printError(pkg, 'missing-call-to-chdir-with-chroot', fname)
+ 
+             if bin_info.mktemp:
+                 printError(pkg, 'call-to-mktemp', fname)
+-- 
+2.14.2
+

_servicedata

@@ -3,4 +3,4 @@
             <param name="url">https://github.com/openSUSE/rpmlint-tests.git</param>
           <param name="changesrevision">8b163ac0aaf41e8424edbc4074a60f18e9cb9438</param></service><service name="tar_scm">
             <param name="url">https://github.com/openSUSE/rpmlint-checks.git</param>
-          <param name="changesrevision">9fe029d320afd18bba51bad18cc79324a912c756</param></service></servicedata>
+          <param name="changesrevision">19a2516ec526f44b39a88e1757fc4f9fa1f3b603</param></service></servicedata>

config

@@ -108,6 +108,7 @@ setOption('ValidGroups', [
     'Development/Languages/Perl',
     'Development/Languages/Python',
     'Development/Languages/Ruby',
+    'Development/Languages/Rust',
     'Development/Languages/Scheme',
     'Development/Languages/Tcl',
     'Development/Libraries/C and C++',
@@ -120,6 +121,7 @@ setOption('ValidGroups', [
     'Development/Libraries/Parallel',
     'Development/Libraries/Perl',
     'Development/Libraries/Python',
+    'Development/Libraries/Rust',
     'Development/Libraries/Tcl',
     'Development/Libraries/X11',
     'Development/Libraries/YaST',
@@ -409,6 +411,7 @@ setOption('StandardGroups', (
     'nogroup',
     'novell_nogroup',
     'novlxtier',
+    '_nsd',
     'ntadmin',
     'ntop',
     'ntp',
@@ -587,6 +590,7 @@ setOption('StandardUsers', (
     'novlifdr',
     'novlxregd',
     'novlxsrvd',
+    '_nsd',
     'ntop',
     'ntp',
     'openstack-ceilometer',
@@ -675,7 +679,7 @@ add the user to the "config" file and send a submitrequest.
 '''A file in this package is owned by an unregistered group id.
 To register the group, please branch the devel:openSUSE:Factory:rpmlint rpmlint package, 
 add the group to the "config" file and send a submitrequest.
-'''
+''',
 'no-changelogname-tag',
 '''There is no changelog. Please insert a '%changelog' section heading in your
 spec file and prepare your changes file using e.g. the 'osc vc' command.''',
@@ -1027,7 +1031,13 @@ setOption("DBUSServices.WhiteList", (
     "connman-nmcompat.conf",
     "connman.conf",
     "connman-vpn-dbus.conf",
-    "net.connman.vpn.service"
+    "net.connman.vpn.service",
+    # kcmsddm (bsc#1065563)
+    "org.kde.kcontrol.kcmsddm.conf",
+    "org.kde.kcontrol.kcmsddm.service",
+    # usbauth (bsc#1066877)
+    "org.opensuse.usbauth.conf",
+    "org.opensuse.usbauth.service"
 ))
 
 setOption("PAMModules.WhiteList", (

rpmlint-checks-master.tar.xz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b3e65386ee2a52276b8fb443ee2f8cb71101c08759e4006d2ce94c44c626f78e
+oid sha256:31ced77bac654f56787b2d941e7b821696c79116204ff5943e31f1bfa7956f40
-size 23268
+size 23176

rpmlint-tests.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package rpmlint-tests
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

rpmlint.changes

@@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Mon Jan 15 09:15:19 UTC 2018 - krahmer@suse.com
+
+- whitelisting usbauth (bsc#1066877) 
+
+-------------------------------------------------------------------
+Sun Jan 14 15:36:40 UTC 2018 - ngompa13@gmail.com
+
+- Add Development/{Languages,Libraries}/Rust groups as noted in wiki
+
+-------------------------------------------------------------------
+Wed Jan  3 10:27:22 UTC 2018 - adam.majer@suse.de
+
+- add missing comma (,) to config file
+- add user/group _nsd for NSD name server
+
+-------------------------------------------------------------------
+Sat Dec  2 16:48:08 UTC 2017 - stefan.bruens@rwth-aachen.de
+
+- add 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch
+
+-------------------------------------------------------------------
+Wed Nov 29 09:26:18 UTC 2017 - krahmer@suse.com
+
+- whitelisting kcmsddm (bsc#1065563) 
+
+-------------------------------------------------------------------
+Fri Nov 24 10:09:26 UTC 2017 - opensuse-packaging@opensuse.org
+
+- Update to version master:
+  * Fix warnings
+  * Add new rpmlint check for new %{_fillupdir} macro (boo#1069468)
+  * Open paths within the rpm file itself
+  * Fix python warning
+  * BashismCheck: Only check regular files
+  * Rewrite BashismsCheck to actually work
+
 -------------------------------------------------------------------
 Tue Nov 14 15:47:20 UTC 2017 - dimstar@opensuse.org
 

rpmlint.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package rpmlint
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -89,6 +89,7 @@ Patch69:        0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch
 Patch70:        rpmlint-all-pie.patch
 Patch71:        0001-Avoid-calling-close-on-undefined-fd-variable.patch
 Patch72:        rpmlint-slpp-NUM-NUM.patch
+Patch73:        0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch
 BuildRequires:  obs-service-format_spec_file
 BuildRequires:  python3-flake8
 BuildRequires:  python3-pytest