diff --git a/config b/config index e3ae6c8..d411ca2 100644 --- a/config +++ b/config @@ -139,6 +139,7 @@ setOption('StandardGroups', ( 'pulse-rt', 'quagga', 'radiusd', + 'root', 'sabayon-admin', 'sapdb', 'shadow', @@ -217,7 +218,6 @@ setOption('StandardUsers', ( 'nagios', 'named', 'news', - 'nobody', 'novell_nobody', 'novlifdr', 'novlxregd', @@ -558,7 +558,6 @@ addFilter(" multiple-specfiles") addFilter(" apache2-naming-policy-not-applied") addFilter(" no-default-runlevel ") addFilter(" setgid-binary ") -addFilter(" non-standard-gid ") addFilter(" non-readable ") addFilter(" manpage-not-bzipped ") addFilter(" postin-without-ghost-file-creation ") diff --git a/rpmlint.changes b/rpmlint.changes index d628e15..7cfc532 100644 --- a/rpmlint.changes +++ b/rpmlint.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed May 11 11:25:33 UTC 2011 - lnussel@suse.de + +- don't filter non-standard-gid anymore +- add dir-or-file-in-var-lock check +- remove 'nobody' from standard users + ------------------------------------------------------------------- Tue May 10 11:38:05 UTC 2011 - lnussel@suse.de diff --git a/rpmlint.spec b/rpmlint.spec index d8c2577..d630d76 100644 --- a/rpmlint.spec +++ b/rpmlint.spec @@ -152,7 +152,7 @@ Authors: %patch8 %patch9 #%patch10 -%patch11 +%patch11 -p1 %patch12 %patch13 %patch14 diff --git a/suse-file-var-run.diff b/suse-file-var-run.diff index 44ee708..7d4a8fe 100644 --- a/suse-file-var-run.diff +++ b/suse-file-var-run.diff @@ -1,35 +1,48 @@ -Index: FilesCheck.py -=================================================================== ---- FilesCheck.py.orig -+++ FilesCheck.py -@@ -901,7 +901,7 @@ class FilesCheck(AbstractCheck.AbstractC - is_kernel_package: - printError(pkg, "kernel-modules-not-in-kernel-packages", f) - -- if tmp_regex.search(f): -+ if tmp_regex.search(f) and f not in ghost_files: - printError(pkg, 'dir-or-file-in-tmp', f) - elif f.startswith('/mnt/'): - printError(pkg, 'dir-or-file-in-mnt', f) -@@ -911,6 +911,8 @@ class FilesCheck(AbstractCheck.AbstractC +From 811469ebe70ea65029d64ae2e7bc6e9828f59c9e Mon Sep 17 00:00:00 2001 +From: Ludwig Nussel +Date: Wed, 11 May 2011 13:15:22 +0200 +Subject: [PATCH] check for files in /var/run and /var/lock + +nowadays /var/run and /var/lock move to using tmpfs so disallow +packaging files there +--- + FilesCheck.py | 16 ++++++++++++++++ + 1 files changed, 16 insertions(+), 0 deletions(-) + +diff --git a/FilesCheck.py b/FilesCheck.py +index a82b4b8..0f43927 100644 +--- a/FilesCheck.py ++++ b/FilesCheck.py +@@ -443,6 +443,10 @@ class FilesCheck(AbstractCheck.AbstractCheck): printError(pkg, 'dir-or-file-in-usr-local', f) elif f.startswith('/var/local/'): printError(pkg, 'dir-or-file-in-var-local', f) + elif f.startswith('/var/run/') and f not in ghost_files: + printError(pkg, 'dir-or-file-in-var-run', f) ++ elif f.startswith('/var/lock/'): ++ printError(pkg, 'dir-or-file-in-var-lock', f) elif sub_bin_regex.search(f): printError(pkg, 'subdir-in-bin', f) elif f.startswith('/home/'): -@@ -1478,6 +1480,12 @@ for packages to install files in this di +@@ -1019,6 +1023,18 @@ for packages to install files in this directory.''', '''A file in the package is located in /var/local. It's not permitted for packages to install files in this directory.''', +'dir-or-file-in-var-run', +'''A file or directory in the package is located in /var/run. It's not +permitted for packages to install files in this directory as it might -+be created as tmpfs during boot. Modify your package to create the -+necessary files during runtime.''', ++be created as tmpfs during boot. Mark the files in question as %ghost and ++create them at run time instead.''', ++ ++'dir-or-file-in-var-lock', ++'''A file or directory in the package is located in /var/lock. It's ++not permitted for packages to install files in this directory as it ++is a) reserved for legacy device lock files and b) might be created ++as tmpfs during boot.''', + 'subdir-in-bin', '''The package contains a subdirectory in /usr/bin. It's not permitted to create a subdir there. Create it in /usr/lib/ instead.''', +-- +1.7.3.4 +