Accepting request 622045 from devel:openSUSE:Factory:rpmlint

- add suse-rpmlint-all-pie.patch: refresh to handle the pie-executable case (rename from rpmlint-all-pie.patch) - drop obsolete suse-no-run-ldconfig.diff, suse-manpages-for-rc-scripts.diff - whitelist pam_oath PAM module after audit (bsc#1089114) OBS-URL: https://build.opensuse.org/request/show/622045 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rpmlint?expand=0&rev=298
2018-07-13 08:17:48 +00:00 · 2018-07-13 08:17:48 +00:00 · 360ba1670e
commit 360ba1670e
parent 71a2986eec 158dcaf71e
8 changed files with 58 additions and 93 deletions
--- a/0001-Fix-compatibility-with-file-5.33.patch
+++ b/0001-Fix-compatibility-with-file-5.33.patch
@ -39,4 +39,4 @@ Index: rpmlint-rpmlint-1.10/BinariesCheck.py
 +                        pie_exec_re and pie_exec_re.search(fname)):
                     printError(pkg, 'non-position-independent-executable',
                                fname)
-                 if not is_shobj:
+ 
--- a/8
+++ b/8
@ -1179,10 +1179,12 @@ setOption("PAMModules.WhiteList", (
    "pam_gdm.so",
    # pam_slurm (bsc#1007053)
    "pam_slurm.so",
-    # pam_script(bsc#1039848)
+    # pam_script (bsc#1039848)
    "pam_script.so",
-    # pam_yubico(bsc#1087060)
-    "pam_yubico.so"
+    # pam_yubico (bsc#1087060)
+    "pam_yubico.so",
+    # pam_oath (bsc#1089114)
+    "pam_oath.so"
 ))

 # Output filters
--- a/rpmlint-all-pie.patch
+++ b/rpmlint-all-pie.patch
@ -1,25 +0,0 @@
-Index: rpmlint-rpmlint-1.10/BinariesCheck.py
-===================================================================
--- rpmlint-rpmlint-1.10.orig/BinariesCheck.py
-+++ rpmlint-rpmlint-1.10/BinariesCheck.py
-@@ -534,6 +534,9 @@ class BinariesCheck(AbstractCheck.Abstra
-                 if not is_shobj and pie_exec_re and pie_exec_re.search(fname):
-                     printError(pkg, 'non-position-independent-executable',
-                                fname)
-+                if not is_shobj:
-+                    printError(pkg, 'position-independent-executable-suggested',
-+                               fname)
- 
-             if bin_info.readelf_error:
-                 continue
-@@ -786,6 +789,10 @@ stripping process.''',
- '''This executable must be position independent.  Check that it is built with
- -fPIE/-fpie in compiler flags and -pie in linker flags.''',
- 
-+'position-independent-executable-suggested',
-+'''This executable should be position independent (all binaries should).  Check
-+that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''',
-+
- 'missing-call-to-setgroups-before-setuid',
- '''This executable is calling setuid and setgid without setgroups or
- initgroups. There is a high probability this means it didn't relinquish all
--- a/rpmlint.changes
+++ b/rpmlint.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Jul 11 09:06:31 UTC 2018 - dmueller@suse.com
+
+- add suse-rpmlint-all-pie.patch: refresh to handle the pie-executable
+  case (rename from rpmlint-all-pie.patch)
+
+-------------------------------------------------------------------
+Mon Jul  9 19:37:57 UTC 2018 - dmueller@suse.com
+
+- drop obsolete suse-no-run-ldconfig.diff,
+  suse-manpages-for-rc-scripts.diff
+
+-------------------------------------------------------------------
+Thu Jul  5 16:48:30 UTC 2018 - matthias.gerstner@suse.com
+
+- whitelist pam_oath PAM module after audit (bsc#1089114)
+
 -------------------------------------------------------------------
 Tue Jul  3 14:09:19 UTC 2018 - mcepl@suse.com

--- a/rpmlint.spec
+++ b/rpmlint.spec
@ -55,7 +55,6 @@ Patch32:        buildroot-in-scripts.diff
 Patch33:        libtool-wrapper-check.diff
 Patch34:        suse-check-optional-dependencies.diff
 Patch35:        noarch-lib64.diff
-Patch36:        suse-no-run-ldconfig.diff
 Patch37:        description-check.diff
 Patch38:        0001-Tighten-wrong-script-interpreter-check-to-lower-fals.patch
 Patch39:        selfconflicts-provide.diff
@ -69,7 +68,6 @@ Patch49:        extend-suse-conffiles-check.diff
 Patch50:        compressed-backup-regex.diff
 Patch51:        suse-speccheck-utf8.diff
 Patch52:        0001-Accept-python-abi-as-a-valid-versioned-python-depend.patch
-Patch53:        suse-manpages-for-rc-scripts.diff
 Patch54:        suse-ignore-specfile-errors.diff
 Patch55:        invalid-filerequires.diff
 Patch57:        check-for-self-provides.diff
@ -85,13 +83,13 @@ Patch66:        0001-Handle-post-scripts-that-contain-non-ascii-character.patch
 Patch67:        omit_BUILDROOT_from_pyo_files.patch
 Patch68:        0001-Avoid-false-positives-on-is_elf-check.patch
 Patch69:        0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch
-Patch70:        rpmlint-all-pie.patch
 Patch71:        0001-Avoid-calling-close-on-undefined-fd-variable.patch
 Patch72:        rpmlint-slpp-NUM-NUM.patch
 Patch73:        0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch
 Patch74:        0001-Always-import-XDG-desktop-files-as-utf8.patch
 Patch75:        0001-Fix-compatibility-with-file-5.33.patch
 Patch76:        update-magic-values-python-37.patch
+Patch77:        suse-rpmlint-all-pie.patch
 BuildRequires:  obs-service-format_spec_file
 BuildRequires:  python3-flake8
 BuildRequires:  python3-pytest
--- a/suse-manpages-for-rc-scripts.diff
+++ b/suse-manpages-for-rc-scripts.diff
@ -1,22 +0,0 @@
-From: Some One <nobody@opensuse.org>
-Date: Thu, 9 Apr 2015 14:55:40 +0200
-Subject: [PATCH] suse-manpages-for-rc-scripts
-
-===================================================================
---
- FilesCheck.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-Index: rpmlint-rpmlint-1.10/FilesCheck.py
-===================================================================
--- rpmlint-rpmlint-1.10.orig/FilesCheck.py
-+++ rpmlint-rpmlint-1.10/FilesCheck.py
-@@ -1031,7 +1031,7 @@ class FilesCheck(AbstractCheck.AbstractC
-         for exe, paths in bindir_exes.items():
-             if len(paths) > 1:
-                 printWarning(pkg, "duplicate-executable", exe, paths)
-            if exe not in man_basenames:
-+            if exe not in man_basenames and not exe.startswith("rc") and len(paths) is not 0:
-                 printWarning(pkg, "no-manual-page-for-binary", exe)
- 
- 
--- a/suse-no-run-ldconfig.diff
+++ b/suse-no-run-ldconfig.diff
@ -1,39 +0,0 @@
-From: Some One <nobody@opensuse.org>
-Date: Thu, 9 Apr 2015 14:55:39 +0200
-Subject: [PATCH] suse-no-run-ldconfig.diff
-
-===================================================================
---
- SpecCheck.py | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-Index: rpmlint-rpmlint-1.10/SpecCheck.py
-===================================================================
--- rpmlint-rpmlint-1.10.orig/SpecCheck.py
-+++ rpmlint-rpmlint-1.10/SpecCheck.py
-@@ -454,6 +454,10 @@ class SpecCheck(AbstractCheck.AbstractCh
-                                          'comparison-operator-in-deptoken',
-                                          conf)
- 
-+            if current_section in ('post', 'postun'):
-+                if line.find('%run_ldconfig') != -1:
-+                    printWarning(pkg, 'deprecated-use-of-%run_ldconfig')
-+
-             if current_section == 'changelog':
-                 for match in AbstractCheck.macro_regex.findall(line):
-                     res = re.match('%+', match)
-@@ -771,6 +775,14 @@ may break short circuit builds.''',
- '''Make check or other automated regression test should be run in %check, as
- they can be disabled with a rpm macro for short circuiting purposes.''',
- 
-+'deprecated-use-of-%run_ldconfig',
-+'''According to the new SUSE Packaging Conventions, the use of %run_ldconfig
-+is deprecated. Please use /sbin/ldconfig instead, or
-+
-+%post(un) -p /sbin/ldconfig
-+
-+in the case where ldconfig is the only command to be executed.''',
-+
- 'macro-in-%changelog',
- '''Macros are expanded in %changelog too, which can in unfortunate cases lead
- to the package not building at all, or other subtle unexpected conditions that
--- a/suse-rpmlint-all-pie.patch
+++ b/suse-rpmlint-all-pie.patch
@ -0,0 +1,34 @@
+Index: rpmlint-rpmlint-1.10/BinariesCheck.py
+===================================================================
+--- rpmlint-rpmlint-1.10.orig/BinariesCheck.py
+++ rpmlint-rpmlint-1.10/BinariesCheck.py
+@@ -543,10 +543,14 @@ class BinariesCheck(AbstractCheck.Abstra
+                 if ocaml_mixed_regex.search(bin_info.tail):
+                     printWarning(pkg, 'ocaml-mixed-executable', fname)
+ 
+-                if ((not is_shobj and not is_pie_exec) and
+-                        pie_exec_re and pie_exec_re.search(fname)):
+-                    printError(pkg, 'non-position-independent-executable',
+-                               fname)
+                if (not is_shobj and not is_pie_exec):
+                    if pie_exec_re and pie_exec_re.search(fname):
+                        printError(
+                            pkg, 'non-position-independent-executable', fname)
+                    else:
+                        printWarning(
+                            pkg, 'position-independent-executable-suggested',
+                            fname)
+ 
+             if bin_info.readelf_error:
+                 continue
+@@ -798,6 +802,10 @@ stripping process.''',
+ '''This executable must be position independent.  Check that it is built with
+ -fPIE/-fpie in compiler flags and -pie in linker flags.''',
+ 
+'position-independent-executable-suggested',
+'''This executable should be position independent (all binaries should).  Check
+that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''',
+
+ 'missing-call-to-setgroups-before-setuid',
+ '''This executable is calling setuid and setgid without setgroups or
+ initgroups. There is a high probability this means it didn't relinquish all