diff options
Diffstat (limited to 't/recipes/checks/files/permissions')
90 files changed, 945 insertions, 0 deletions
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs new file mode 100644 index 0000000..42f92ea --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs @@ -0,0 +1,3 @@ +read-only +README +some-file diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init new file mode 100644 index 0000000..4ebbdf5 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init @@ -0,0 +1,21 @@ +#!/bin/sh + +set -e + +### BEGIN INIT INFO +# Provides: binary +# Required-Start: +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Useless +# Description: Does nothing +### END INIT INFO + +. /lib/lsb/init-functions + +case "$1" in + start|stop|force-reload|restart|status|*) + echo hello world + ;; +esac diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install new file mode 100644 index 0000000..c759290 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install @@ -0,0 +1,9 @@ +sample.ali usr/lib/some-where/ +script-uid usr/bin/ +script-ugid usr/bin/ +script-gid usr/bin/ +script-wexec usr/bin/ +script-wuid usr/bin/ +script-ro usr/bin/ +script etc/cron.d/ +script etc/emacs.d/ diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages new file mode 100644 index 0000000..ad3e735 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages @@ -0,0 +1 @@ +script-*.1 diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean new file mode 100644 index 0000000..1e7cec6 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean @@ -0,0 +1 @@ +script*.1 diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in new file mode 100644 index 0000000..5c8703f --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in @@ -0,0 +1,30 @@ +Source: [% $source %] +Priority: optional +Section: devel +Maintainer: [% $author %] +Standards-Version: [% $standards_version %] +Build-Depends: [% $build_depends %] +Rules-Requires-Root: binary-targets + +Package: binary +Architecture: all +Pre-Depends: ${misc:Pre-Depends} +Depends: ${misc:Depends}, lsb-base (>= 3.0-6) +Description: [% $description %] + This is a test package designed to exercise some feature or tag of + Lintian. It is part of the Lintian test suite and may do very odd + things. It should not be installed like a regular package. It may + be an empty package. + +Package: game +Architecture: all +Section: games +Depends: ${misc:Depends} +Description: [% $description %] - game + This is a test package designed to exercise some feature or tag of + Lintian. It is part of the Lintian test suite and may do very odd + things. It should not be installed like a regular package. It may + be an empty package. + . + Game package. + diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install new file mode 100644 index 0000000..f708f99 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install @@ -0,0 +1 @@ +script usr/games/ diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages new file mode 100644 index 0000000..8d16fb4 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages @@ -0,0 +1 @@ +script.1 diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules new file mode 100644 index 0000000..951f84c --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules @@ -0,0 +1,31 @@ +#!/usr/bin/make -f + +GPKG:=game +PKG:=binary + +%: + dh $@ + +override_dh_auto_build: + for N in uid gid ugid wexec wuid ro; do \ + sed s/script/script-$$N/ < script > script-$$N ; \ + pod2man --section 1 script-$$N > script-$$N.1 ; \ + done + pod2man --section 1 script > script.1 + +override_dh_fixperms: + dh_fixperms + + chmod 0444 debian/$(PKG)/usr/share/doc/$(PKG)/read-only + chmod 4755 debian/$(PKG)/usr/bin/script-uid + chmod 2755 debian/$(PKG)/usr/bin/script-gid + chmod 6755 debian/$(PKG)/usr/bin/script-ugid + chmod 0775 debian/$(PKG)/usr/bin/script-wexec + chmod 4744 debian/$(PKG)/usr/bin/script-wuid + chmod 0751 debian/$(PKG)/usr/bin/script-ro + chmod 0644 debian/$(PKG)/usr/lib/some-where/sample.ali + chmod 0744 debian/$(PKG)/usr/share/doc/$(PKG) + chmod 0755 debian/$(PKG)/usr/share/doc/$(PKG)/some-file + chmod 0755 debian/$(PKG)/etc/cron.d/script + chmod 0755 debian/$(PKG)/etc/emacs.d/script + chmod 0765 debian/$(PKG)/etc/init.d/binary diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values new file mode 100644 index 0000000..c914891 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values @@ -0,0 +1,3 @@ +Skeleton: upload-native +Testname: files-bad-perm-owner +Description: General permissions and owner tests diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README new file mode 100644 index 0000000..336f590 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README @@ -0,0 +1 @@ +Hallo World diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only new file mode 100644 index 0000000..1a3fca1 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only @@ -0,0 +1 @@ +Fadango on the core diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali new file mode 100644 index 0000000..fec3fc8 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali @@ -0,0 +1 @@ +This is not a valid ali file diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script new file mode 100755 index 0000000..8521013 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e + +echo "Aloha" + +exit 0 + +=head1 NAME + +script -- prints Aloha to stdout + +=head1 SYNOPSIS + + script + +=head1 DESCRIPTION + +Prints Aloha to stdout and that is it. + diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file new file mode 100644 index 0000000..0dfa8ff --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file @@ -0,0 +1,2 @@ +This is executable and should not be. :) + - Unfortunately it triggers an extra tag... oh well. diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc new file mode 100644 index 0000000..dc8117e --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc @@ -0,0 +1,2 @@ +Testname: files-bad-perm-owner +Check: files/permissions diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints new file mode 100644 index 0000000..cddfa8d --- /dev/null +++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints @@ -0,0 +1,12 @@ +binary (binary): non-standard-setuid-executable-perm 4744 [usr/bin/script-wuid] +binary (binary): non-standard-file-perm 0444 != 0644 [usr/share/doc/binary/read-only] +binary (binary): non-standard-executable-perm 0775 != 0755 [usr/bin/script-wexec] +binary (binary): non-standard-executable-perm 0765 != 0755 [etc/init.d/binary] +binary (binary): non-standard-executable-perm 0751 != 0755 [usr/bin/script-ro] +binary (binary): non-standard-dir-perm 0744 != 0755 [usr/share/doc/binary/] +binary (binary): executable-is-not-world-readable 0751 [usr/bin/script-ro] +binary (binary): elevated-privileges 6755 root/root [usr/bin/script-ugid] +binary (binary): elevated-privileges 4755 root/root [usr/bin/script-uid] +binary (binary): elevated-privileges 4744 root/root [usr/bin/script-wuid] +binary (binary): elevated-privileges 2755 root/root [usr/bin/script-gid] +binary (binary): bad-permissions-for-ali-file [usr/lib/some-where/sample.ali] diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean b/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean new file mode 100644 index 0000000..222b726 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean @@ -0,0 +1 @@ +鳥の詩.1 diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs b/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs new file mode 100644 index 0000000..b76fb64 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs @@ -0,0 +1,13 @@ +etc +etc/skel +usr/bin +usr/doc +usr/lib/python3/dist-packages/foo +usr/share/foo +usr/share/fonts/X11/misc +usr/share/glib-2.0/schemas +usr/share/hal +usr/share/man/man1/random +var/catman +var/lock/lintian +var/run/lintian diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples b/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples new file mode 100644 index 0000000..18fb10f --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples @@ -0,0 +1 @@ +foo.vcproj diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/install b/t/recipes/checks/files/permissions/files-general/build-spec/debian/install new file mode 100644 index 0000000..dccb61e --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/install @@ -0,0 +1,18 @@ +lintian-16x16.png usr/share/apps/lintian/icons/hicolor/22x22 +lintian-16x16.png usr/share/icons/hicolor/22x22/apps +lintian-22x22.png usr/share/apps/lintian/icons/hicolor/22x22 +lintian-22x22.png usr/share/apps/lintian/icons/hicolor/20x20 +lintian-16x16.png usr/share/doc/lintian/ +lintian-22x22.png usr/share/games/icons/hicolor/22x22 +lintian-16x16.png usr/share/icons/hicolor/scalable/apps +lintian-22x22.png usr/share/icons/16x16/animations/ +--lzma etc/modprobe.d +lintian.conf etc/modprobe.d +dir usr/share/info +foo.vcproj usr/lib/foo +lintian-lib.conf etc/ld.so.conf.d +php-foo.ini etc/php/7.0/mods-available +types usr/share/mime +mimeinfo.cache usr/share/applications +file-in-new-top-level-dir new-top-level-dir/ +sudotest etc/sudoers.d/ diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/links b/t/recipes/checks/files/permissions/files-general/build-spec/debian/links new file mode 100644 index 0000000..f3e425d --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/links @@ -0,0 +1 @@ +usr/share/apps/lintian/icons/hicolor/22x22/lintian-22x22.png usr/share/apps/lintian/icons/hicolor/64x64/lintian-64x64.png diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages b/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages new file mode 100644 index 0000000..e8af11b --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages @@ -0,0 +1,2 @@ +foo.5 +鳥の詩.1 diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules b/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules new file mode 100755 index 0000000..798f01e --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules @@ -0,0 +1,67 @@ +#!/usr/bin/make -f + +tmp := $(CURDIR)/debian/$(shell dh_listpackages) + +%: + dh $@ + +override_dh_install: + dh_install + echo "#fake conf file" > $(tmp)/etc/pam.conf + # true positives + touch $(tmp)/etc/skel/.lintianrc + # false positives + touch $(tmp)/etc/skel/.bashrc + touch $(tmp)/etc/skel/.bash_logout + touch $(tmp)/etc/skel/.profile + touch $(tmp)/etc/skel/.kshrc + touch $(tmp)/etc/skel/.mkshrc + echo "Back-up file" > $(tmp)/usr/share/foo/file~ + # The name of the "binary" is "Tori no Uta" + # If it is ever messed up, it can be restored by + # using something like: + # perl -pe 's/\@FILE\@/\xe9\xb3\xa5\xe3\x81\xae\xe8\xa9\xa9\x0a/' + echo "#!/bin/sh" > $(tmp)/usr/bin/鳥の詩 + chmod +x $(tmp)/usr/bin/鳥の詩 + # Copy the manpage to its correct name so dh_installman can + # find it. + # - d/clean will remove it again + cp -a tnu.1 鳥の詩.1 + touch $(tmp)/usr/doc/FSSTND + touch $(tmp)/usr/share/foo/'*' + touch $(tmp)/usr/share/foo/'ws ' + touch $(tmp)/usr/share/fonts/X11/misc/fonts.dir + touch $(tmp)/usr/share/fonts/X11/misc/fonts.scale + touch $(tmp)/usr/share/fonts/X11/misc/fonts.alias + touch $(tmp)/usr/share/fonts/X11/misc/encodings.dir + touch $(tmp)/usr/share/fonts/X11/misc/false-positive + touch $(tmp)/usr/share/foo/.nfs-fake-tmpfile + touch $(tmp)/usr/share/foo/foo.doctree + touch $(tmp)/usr/share/foo/gschemas.compiled + touch $(tmp)/usr/share/glib-2.0/schemas/gschemas.compiled + touch $(tmp)/usr/share/hal/foo.fdi + touch $(tmp)/usr/lib/python3/dist-packages/test_foo.py + touch $(tmp)/usr/lib/python3/dist-packages/foo/test_falsepositive.py + # If the following line gets messed up, it can be + # restored with something like: + # sed -i 's/@FILE@/bokm\xe5l/' + touch $(tmp)/usr/share/foo/bokml + touch $(tmp)/var/catman/do + +override_dh_fixperms: + dh_fixperms + chmod 755 $(tmp)/usr/share/man/man5/foo.5.gz + chmod 644 $(tmp)/etc/sudoers.d/* + +override_dh_compress: + dh_compress + # create a .png and .png.gz + gzip -n -1 $(tmp)/usr/share/doc/lintian/lintian-16x16.png + zcat $(tmp)/usr/share/doc/lintian/lintian-16x16.png.gz > \ + $(tmp)/usr/share/doc/lintian/lintian-16x16.png + +override_dh_link: + dh_link + mkdir -p $(tmp)/usr/share/doc/bar + echo "Hallo World" > $(tmp)/usr/share/doc/bar/foo + ln -s ../bar/foo $(tmp)/usr/share/doc/bar/star diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/fill-values b/t/recipes/checks/files/permissions/files-general/build-spec/fill-values new file mode 100644 index 0000000..45de709 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/fill-values @@ -0,0 +1,4 @@ +Skeleton: upload-native +Testname: files-general +Description: Test tags for file paths, names, and modes +# tar -t is buggy and does not list \\\ filename diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma b/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma new file mode 100644 index 0000000..5241aaa --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma @@ -0,0 +1,2 @@ +Test file to check that various parts of Lintian correctly handle files with names that look +like options diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir b/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir new file mode 100644 index 0000000..e465d26 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir @@ -0,0 +1,18 @@ +This is the file .../info/dir, which contains the +topmost node of the Info hierarchy, called (dir)Top. +The first time you invoke Info you start off looking at this node. + +File: dir, Node: Top This is the top of the INFO tree + + This (the Directory node) gives a menu of major topics. + Typing "q" exits, "?" lists all Info commands, "d" returns here, + "h" gives a primer for first-timers, + "mEmacs<Return>" visits the Emacs manual, etc. + + In Emacs, you can click mouse button 2 on a menu item or cross reference + to select it. + +* Menu: + +Archiving +* Cpio: (cpio). Copy-in-copy-out archiver to tape or disk. diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir b/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir new file mode 100644 index 0000000..ae82d42 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir @@ -0,0 +1,2 @@ +Since an empty file triggers "empty-dir" tags; we might as well +test file-in-unusual-dir together with non-standard-toplevel-dir. diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5 b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5 new file mode 100644 index 0000000..718eae1 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5 @@ -0,0 +1,5 @@ +.TH FOO "5" +.SH NAME +foo \- file format for foo +.SH DESCRIPTION +This file can store anything. diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj new file mode 100644 index 0000000..6ec1ca6 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj @@ -0,0 +1 @@ +Not actually a VC project file. diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png Binary files differnew file mode 100644 index 0000000..cd7355d --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png Binary files differnew file mode 100644 index 0000000..efc9af0 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf new file mode 100644 index 0000000..e2b41a8 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf @@ -0,0 +1 @@ +/usr/lib/lintian diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf new file mode 100644 index 0000000..7f6693c --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf @@ -0,0 +1 @@ +Test file which should not be flagged by the modprobe.d checks diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache b/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache new file mode 100644 index 0000000..f3067c5 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache @@ -0,0 +1,2 @@ +[MIME Cache] +text/plain=foo-editor.desktop diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini b/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini new file mode 100644 index 0000000..6a33666 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini @@ -0,0 +1 @@ +# this style of comments are obsolete diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest b/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1 b/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1 new file mode 100644 index 0000000..147dc1a --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1 @@ -0,0 +1,5 @@ +.TH 鳥の詩 "1" +.SH NAME +鳥の詩 \- command in PATH written in UTF-8 +.SH DESCRIPTION +鳥の詩 (Tori no uta) is not really a useful command. diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/types b/t/recipes/checks/files/permissions/files-general/build-spec/orig/types new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/types diff --git a/t/recipes/checks/files/permissions/files-general/eval/desc b/t/recipes/checks/files/permissions/files-general/eval/desc new file mode 100644 index 0000000..c8a4aea --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/eval/desc @@ -0,0 +1,3 @@ +Testname: files-general +Check: files/permissions +# tar -t is buggy and does not list \\\ filename diff --git a/t/recipes/checks/files/permissions/files-general/eval/hints b/t/recipes/checks/files/permissions/files-general/eval/hints new file mode 100644 index 0000000..1ec9a36 --- /dev/null +++ b/t/recipes/checks/files/permissions/files-general/eval/hints @@ -0,0 +1 @@ +files-general (binary): bad-perm-for-file-in-etc-sudoers.d 0644 != 0440 [etc/sudoers.d/sudotest] diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in new file mode 100644 index 0000000..935c633 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in @@ -0,0 +1,41 @@ +scripts ([% $version %]) [% $distribution %]; urgency=low + + * I'm also not able to write my name. + * Added a script in /etc/Xsession.d + * Bizarre version number courtesy of + https://wiki.ubuntu.com/SecurityUpdateProcedures#Prepare + + -- Mark 'HE' Brokschmitt <he@debian.org> Thu, 23 Jun 2005 14:32:39 +0200 + +scripts (5-1) unstable; urgency=low + + * I'm making a typo in my own name... And I want lintian to warn me about + it. + + -- Jeroen van Wolffelaar <jeroen@wolffelaar.nl> Sun, 18 Apr 2004 02:26:34 +0200 + +scripts (4-1) unstable; urgency=low + + * Add new example to check that not executable files with a shebang line + called *in don't trigger the script-not-executable warning. + + -- Marc 'HE' Brockschmidt <he@debian.org> Wed, 14 Apr 2004 19:44:04 +0200 + +scripts (3-3) unstable; urgency=low + + * Add suidperlfoo and some code in debian/rules to + check the new suidperl checks + + -- Frank Lichtenheld <djpig@debian.org> Wed, 31 Mar 2004 21:06:20 +0000 + +scripts (2-1) unstable; urgency=low + + * Add tkfoo script for tk checkings + + -- Lintian Maintainers <lintian-maint@debian.org> Sat, 21 Feb 2004 17:13:36 +0100 + +scripts (1-0) unstable; urgency=low + + * Initial version + + -- Lintian Maintainers <lintian-maint@debian.org> Sat, 10 Feb 2001 15:37:31 -0800 diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in new file mode 100644 index 0000000..75a521f --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in @@ -0,0 +1,16 @@ +Source: scripts +Section: interpreters +Priority: optional +Maintainer: Lintian Maintainers <lintian-maint@debian.org> +Uploaders: Jeroen van Wolfelaar <jeroen@wolffelaar.nl>, Marc 'HE' Brockschmidt <he@debian.org> +Build-Depends-Indep: dpatch +Standards-Version: 3.2.1 + +Package: scripts +Architecture: [% $package_architecture %] +Depends: test, ruby1.8, build-essential, libssl0.9.7, php7.0-cli +Recommends: tk8.4 | wish +Description: test lintian's script file checks + This is a test package designed to exercise some feature or tag of + Lintian. It is part of the Lintian test suite and may do very odd + things. It should not be installed like a regular package. diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright new file mode 100644 index 0000000..ad8a119 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright @@ -0,0 +1,5 @@ +This file contains the phrase "under the same terms as Perl itself" to +trigger warnings about not having common-licenses references. + +This file contains the phrase "public domain" which should suppress +warnings about no copyright date. diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list new file mode 100644 index 0000000..3b9d37e --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list @@ -0,0 +1,11 @@ +01_not_here_right_now.dpatch + +# some comment +/* some more + elaborate comment + which needs DPATCH_OPTION_CPP=1 + */02_i_dont_have_a_description.patch 03_specified_without_dpatch + +// and again a comment + +04_i_dont_have_a_description_either.patch diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc new file mode 100644 index 0000000..8b47ab3 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc @@ -0,0 +1 @@ +01_some_other_patch_thats_not_in_the_package.dpatch diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options new file mode 100644 index 0000000..57ffeb6 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options @@ -0,0 +1 @@ +DPATCH_OPTION_CPP=1 diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch new file mode 100644 index 0000000..9279c1b --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch @@ -0,0 +1,7 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 02_i_dont_have_a_description.patch.dpatch by Marc 'HE' Brockschmidt <Marc 'HE' Brockschmidt <he@debian.org>> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch new file mode 100644 index 0000000..8303ac6 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch @@ -0,0 +1,5 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## All lines beginning with `## DP:' are a description of the patch. +## DP: Listed in 00list without .dpatch suffix. + +@DPATCH@ diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch new file mode 100644 index 0000000..b603f16 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch @@ -0,0 +1,7 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 04_i_dont_have_a_description_either.patch by Adam D. Barratt <adam@adam-barratt.org.uk> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: + +@DPATCH@ diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst new file mode 100644 index 0000000..7c5baf1 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst @@ -0,0 +1,14 @@ +#!/bin/sh + +if [ -x "/etc/init.d/lsb-broken" ] ; then + update-rc.d lsb-broken defaults >/dev/null +fi +if [ -x "/etc/init.d/no-lsb" ] ; then + update-rc.d no-lsb defaults >/dev/null +fi +if [ -x "/etc/init.d/skeleton" ] ; then + update-rc.d skeleton defaults >/dev/null +fi +if [ -x "/etc/init.d/lsb-other" ] ; then + update-rc.d lsb-other defaults >/dev/null +fi diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm new file mode 100644 index 0000000..8fa75a2 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm @@ -0,0 +1,9 @@ +#!/bin/sh -e + +if [ "$1" = purge ] ; then + update-rc.d lsb-broken remove >/dev/null + update-rc.d no-lsb remove >/dev/null + update-rc.d skeleton remove >/dev/null + update-rc.d lsb-other remove >/dev/null + update-rc.d lsb-other remove >/dev/null +fi diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst new file mode 100644 index 0000000..0799557 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e +set -x + +# +# Some comments here +# + +# This serves as an example of an "empty" script, so +# please do not add any real code here, thank you :) + +#DEBHELPER# + +exit 0 diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules new file mode 100755 index 0000000..ee3677e --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules @@ -0,0 +1,105 @@ +#!/usr/bin/make -f + +tmp=debian/tmp + +build-arch: + echo "Hi, in an arch: all package, I am a bug!" + +build-indep: + +build: build-arch build-indep + +binary-arch: + echo "Hi, in an arch: all package, I am a bug!" + +binary-indep: + install -d $(tmp)/usr/bin/ + install -d $(tmp)/etc/X11/Xsession.d/ + install -d $(tmp)/etc/init.d/ + install -d $(tmp)/etc/csh/login.d/ + install -d $(tmp)/etc/fish.d/ + install -d $(tmp)/usr/share/scripts/ + install -d $(tmp)/usr/share/doc/scripts/ + install -d $(tmp)/usr/lib/cgi-bin + install -d $(tmp)/usr/src/scripts + install -d $(tmp)/DEBIAN + + install -m 755 csh-foo $(tmp)/etc/csh/login.d/ + install -m 755 envfoo $(tmp)/usr/bin/ + install -m 755 fish-foo $(tmp)/etc/fish.d/ + install -m 755 jruby-broken $(tmp)/usr/bin/ + install -m 755 perlfoo $(tmp)/usr/bin/ + install -m 755 rubyfoo $(tmp)/usr/bin/ +# This doesn't use "env" but should also trigger script-in-usr-share-doc + install -m 755 rubyfoo $(tmp)/usr/share/doc/scripts/ + install -m 755 make-foo $(tmp)/usr/bin/ + install -m 755 lefty-foo $(tmp)/usr/bin/ + install -m 4751 perlfoo $(tmp)/usr/bin/suidperlfoo2 + install -m 755 sh-broken $(tmp)/usr/bin/ + install -m 4555 suidperlfoo $(tmp)/usr/bin/ + install -m 755 tkfoo $(tmp)/usr/bin/ + install -m 755 wishfoo $(tmp)/usr/bin/ + install -m 644 xsession-test $(tmp)/etc/X11/Xsession.d/ + +# Permissions here aren't part of what's being tested, but let us exercise +# some other errors. + install -m 755 perl-bizarre-1 $(tmp)/usr/bin/ + install -m 750 perl-bizarre-2 $(tmp)/usr/bin/ + install -m 754 perl-bizarre-3 $(tmp)/usr/bin/ + install -m 705 guile-bizarre $(tmp)/usr/bin/ + +# First one should produce a warning; second one shouldn't. + install -m 755 gccbug.dpatch $(tmp)/usr/share/scripts/ + install -m 755 gccbug.dpatch $(tmp)/usr/src/scripts/ + + install -m 644 init-skeleton $(tmp)/etc/init.d/skeleton + install -m 755 init-no-lsb $(tmp)/etc/init.d/no-lsb + install -m 755 init-lsb-broken $(tmp)/etc/init.d/lsb-broken + install -m 755 init-lsb-other $(tmp)/etc/init.d/lsb-other + + install -m 755 phpfoo $(tmp)/usr/share/scripts/ + sed 's/php$$/php7.0/' phpfoo > $(tmp)/usr/share/scripts/php7.0foo + chmod 755 $(tmp)/usr/share/scripts/php7.0foo + + install -m 755 phpenvfoo $(tmp)/usr/share/scripts/ + sed 's/php$$/php7.0/' phpenvfoo > $(tmp)/usr/share/scripts/php7.0envfoo + chmod 755 $(tmp)/usr/share/scripts/php7.0envfoo + + echo "#!/usr/bin/perl" >> $(tmp)/usr/share/scripts/foobar.in + chmod 644 $(tmp)/usr/share/scripts/foobar.in + + touch $(tmp)/usr/share/scripts/mono.exe + chmod 755 $(tmp)/usr/share/scripts/mono.exe + + echo "#!/bin/sh" > $(tmp)/usr/share/scripts/foo\$$bar + chmod 755 $(tmp)/usr/share/scripts/foo\$$bar + + echo "#!/bin/sh" > $(tmp)/usr/lib/cgi-bin/cgi-script + chmod 755 $(tmp)/usr/lib/cgi-bin/cgi-script + + echo "#!/bin/sh" > $(tmp)/usr/bin/test.sh + chmod 755 $(tmp)/usr/bin/test.sh + + + dh_testroot # dummy to test missing debhelper dependency + + + install -m 644 debian/changelog $(tmp)/usr/share/doc/scripts/changelog.Debian + gzip -n -9 $(tmp)/usr/share/doc/scripts/changelog.Debian + install -m 644 debian/copyright $(tmp)/usr/share/doc/scripts/copyright + + install -m 644 debian/scripts.conffiles $(tmp)/DEBIAN/conffiles + install -m 755 debian/preinst $(tmp)/DEBIAN/preinst + install -m 755 debian/postinst $(tmp)/DEBIAN/postinst + install -m 755 debian/postrm $(tmp)/DEBIAN/postrm + touch $(tmp)/DEBIAN/prerm + chmod 755 $(tmp)/DEBIAN/prerm + dpkg-gencontrol -isp + dpkg --build $(tmp) .. + +binary: binary-arch binary-indep + +clean: + rm -rf debian/files $(tmp) debian/substvars + +.PHONY: build-arch build-indep build binary-arch binary-indep binary clean diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles new file mode 100644 index 0000000..01a371a --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles @@ -0,0 +1,6 @@ +/etc/init.d/lsb-broken +/etc/init.d/lsb-other +/etc/init.d/no-lsb +/etc/X11/Xsession.d/xsession-test +/etc/csh/login.d/csh-foo +/etc/fish.d/fish-foo diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch new file mode 100644 index 0000000..dba5815 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch @@ -0,0 +1,8 @@ +# watch file with upstream version mangling + +version=2 +opts="uversionmangle=s/$/ds/" \ +http://qa.debian.org/watch/sf.php?project=foo scripts\.([\d.]+)\.tar\.gz debian uupdate + +version=3 +http://ftp.sf.net/foo/foo_bar(.+)\.Z 5 uupdate
\ No newline at end of file diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values new file mode 100644 index 0000000..8a68457 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values @@ -0,0 +1,6 @@ +Testname: legacy-scripts +Source: scripts +Version: 6ds-1ubuntu0.5.10.1 +Package-Architecture: all +Skeleton: upload-non-native +Description: Legacy test "scripts" diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo new file mode 100644 index 0000000..eaf47a1 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo @@ -0,0 +1,2 @@ +#! /bin/csh + diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo new file mode 100755 index 0000000..e005037 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo @@ -0,0 +1,4 @@ +#! /bin/env python + +if __name__ == '__main__': + print 'Hi there' diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo new file mode 100644 index 0000000..7f59139 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo @@ -0,0 +1,2 @@ +#! /usr/bin/fish + diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch new file mode 100755 index 0000000..65cbf37 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch @@ -0,0 +1,39 @@ +#! /bin/sh -e + +# DP: Use sensible-editor instead of vi as fallback editor + +# Taken from gcc-4.1-source. Chokes bash -n (due to the patch) despite being +# a valid dpatch, so don't warn about it if it's in /usr/src. + +dir= +if [ $# -eq 3 -a "$2" = '-d' ]; then + pdir="-d $3" + dir="$3/" +elif [ $# -ne 1 ]; then + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1 +fi +case "$1" in + -patch) + patch $pdir -f --no-backup-if-mismatch -p0 < $0 + ;; + -unpatch) + patch $pdir -f --no-backup-if-mismatch -R -p0 < $0 + ;; + *) + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1 +esac +exit 0 + +--- gcc/gccbug.in~ 2003-03-01 00:51:42.000000000 +0100 ++++ gcc/gccbug.in 2003-03-02 12:08:36.000000000 +0100 +@@ -134,7 +134,7 @@ + # If they don't have a preferred editor set, then use + if [ -z "$VISUAL" ]; then + if [ -z "$EDITOR" ]; then +- EDIT=vi ++ EDIT=/usr/bin/sensible-editor + else + EDIT="$EDITOR" + fi diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre new file mode 100644 index 0000000..70e2c74 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre @@ -0,0 +1,6 @@ +#! /bin/sh +# -*- scheme -*- +exec guile -s $0 $* +# Seen in the wild as build-guile-gtk in libguilegtk-1.2-dev (0.31-5.1) +# Tests script_is_evil_and_wrong +!# diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken new file mode 100644 index 0000000..e4dfa92 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken @@ -0,0 +1,34 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: bad-lsb +# Required-Start: $local_fs $remote_fs +# Required-Stop: +# Default-Start: 1 2 3 4 5 +# Default-Stop: S 0 1 6 X +# Short-Description: Example Lintian initscript +# but this can't be continued +# Description: An example of a bad LSB section in an init script. +# This continuation is allowed (with spaces). +# This one is too (with tabs). +# X-Debian-Foo: Some unknown but valid keyword. +# Foo: Some invalid keyword. + +# Whoops, no terminating line. + +# And then we have this duplicate section. +### BEGIN INIT INFO +# Required-Start: This one doesn't count. +### END INIT INFO + +# Hey, look at all of those missing actions! But stop isn't missing. +case "$1" in + start|stop) + echo "Blah" + ;; + *) + echo "Usage: foo start" >&2 + exit 3 + ;; +esac + +: diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other new file mode 100644 index 0000000..adb4795 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other @@ -0,0 +1,22 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: lsb-other +# Required-Start: $local_fs $remote_fs +# Required-Stop: $local_fs $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Description: This is another LSB script test, which has a missing +# Short-Description. +### END INIT INFO + +case "$1" in + start|stop|restart|reload|force-reload) + echo "Blah" + ;; + *) + echo "Usage: foo start" >&2 + exit 3 + ;; +esac + +: diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb new file mode 100644 index 0000000..6b994dd --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb @@ -0,0 +1,17 @@ +#! /bin/sh +# No LSB section, but otherwise okay. (Well, the messages are bad, but we +# don't check that yet.) + +case "$1" in + start) + echo "Blah starting" + ;; + stop) + echo "Blah stopping" + ;; + restart|force-reload) + echo "Blah restarting" + ;; +esac + +: diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton new file mode 100644 index 0000000..c868508 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton @@ -0,0 +1,150 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: skeleton +# Required-Start: $local_fs $remote_fs +# Required-Stop: $local_fs $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: S 0 1 6 +# Short-Description: Example Lintian initscript +# Description: This file should be used to construct scripts to be +# placed in /etc/init.d. +### END INIT INFO + +# Do NOT "set -e" + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/usr/sbin:/usr/bin:/sbin:/bin +DESC="Description of the service" +NAME=daemonexecutablename +DAEMON=/usr/sbin/$NAME +DAEMON_ARGS="--options args" +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +[ -f /etc/default/rcS ] && . /etc/default/rcS + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + #reload|force-reload) + # + # If do_reload() is not implemented then leave this commented out + # and leave 'force-reload' as an alias for 'restart'. + # + #log_daemon_msg "Reloading $DESC" "$NAME" + #do_reload + #log_end_msg $? + #;; + restart|force-reload) + # + # If the "reload" option is implemented then remove the + # 'force-reload' alias + # + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken new file mode 100644 index 0000000..56f574d --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken @@ -0,0 +1,2 @@ +#!/usr/bin/jruby +# There's no non-versioned jruby, so this should be an error. diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo new file mode 100644 index 0000000..52c003e --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo @@ -0,0 +1,2 @@ +#!/usr/local/bin/lefty + diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo new file mode 100644 index 0000000..6b787b5 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo @@ -0,0 +1,3 @@ +#!/usr/bin/make + + diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1 new file mode 100644 index 0000000..fc632c8 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1 @@ -0,0 +1,11 @@ +#! /bin/sh +eval '(exit $?0)' && eval 'PERL_BADLANG=x;export PERL_BADLANG;: \ +;exec perl -x -S -- "$0" ${1+"$@"};#'if 0; +eval 'setenv PERL_BADLANG x;exec perl -x -S -- "$0" $argv:q;#'.q+ +#!perl -w +package Htex::a2ping; $0=~/(.*)/s;unshift@INC,'.';do($1);die$@if$@;__END__+if !1; +# This Perl script was generated by JustLib2 at Wed Apr 23 09:14:13 2003. +# Don't touch/remove any lines above; http://www.inf.bme.hu/~pts/justlib + +# The above was actually seen in the wild and stresses the +# script_is_evil_and_wrong test. diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2 new file mode 100644 index 0000000..afd9cfe --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2 @@ -0,0 +1,7 @@ +#!/bin/sh +eval 'exec /usr/bin/perl -wS $0 ${1+"$@"}' + if $running_under_some_shell; + +# I'm someone following perlrun except without using the Perl #! line. +# Now something to choke bash. +while (<>) { if (/%#/) { print } } diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3 new file mode 100644 index 0000000..44baf75 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3 @@ -0,0 +1,6 @@ +eval '(exit $?0)' && eval 'exec perl -wS $0 ${1+"$@"}' +& eval 'exec /usr/bin/perl -wS $0 $argv:q' + if $running_under_some_shell; + +# More utterly bizarreness from perlrun. This one even doesn't work if +# there's a valid #! line on the first line. I don't understand why.... diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo new file mode 100644 index 0000000..5b27ed0 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo @@ -0,0 +1,3 @@ +#! /usr/bin/perl + +print "Hello, World!"; diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo new file mode 100644 index 0000000..cbbfb2e --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo @@ -0,0 +1,7 @@ +#!/usr/bin/env php +<html> +<head> +<title>Dumb PHP script</title> +</head> +<body><? print(Date("l F d, Y")); ?></body> +</html> diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo new file mode 100644 index 0000000..e0595e6 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo @@ -0,0 +1,7 @@ +#!/usr/bin/php +<html> +<head> +<title>Dumb PHP script</title> +</head> +<body><? print(Date("l F d, Y")); ?></body> +</html> diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo new file mode 100644 index 0000000..8024605 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo @@ -0,0 +1,4 @@ +#!/bin/ruby1.8 + +# Ok, that example is really pathetic, but until we have +# some better code in checks/scripts, it will do diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken new file mode 100644 index 0000000..7b79074 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken @@ -0,0 +1,2 @@ +#!/bin/sh +if fi diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo new file mode 100644 index 0000000..bcbc471 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo @@ -0,0 +1,3 @@ +#! /usr/bin/suidperl + +print "Hello, World!"; diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo new file mode 100755 index 0000000..533595a --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo @@ -0,0 +1,31 @@ +#!/bin/sh +# +# Insane amount of empty lines and comments + +# +# +# +# + +# +# + +# +# +# + +# +# + +# +# This line makes the next one a comment in Tcl \ +exec wish "$0" -- ${1+"$@"} + +# lintian should not check the following for syntax +# if it detects the line above correctly +# Code snippet taken from eTkTab + +if { [array names prefs keybindings] != "" } { + # Read in the file + array set unparsed_bindings [ read_settings_file $prefs(keybindings)] +} diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo new file mode 100644 index 0000000..035c9ad --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo @@ -0,0 +1,4 @@ +#!/usr/bin/wish +# +# This is not actually a wish script, here to force a test of wish +# dependencies. diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test new file mode 100644 index 0000000..ca49d72 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test @@ -0,0 +1,3 @@ +#!/bin/sh + +echo "Foo." diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build new file mode 100755 index 0000000..b5649a8 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build @@ -0,0 +1,5 @@ +#!/bin/sh + +DIR="$1" + +rm -f "$DIR/debian/compat" diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/desc b/t/recipes/checks/files/permissions/legacy-scripts/eval/desc new file mode 100644 index 0000000..349d5a9 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/desc @@ -0,0 +1,2 @@ +Testname: legacy-scripts +Check: files/permissions diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/hints b/t/recipes/checks/files/permissions/legacy-scripts/eval/hints new file mode 100644 index 0000000..dc90b00 --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/hints @@ -0,0 +1,10 @@ +scripts (binary): non-standard-setuid-executable-perm 4751 [usr/bin/suidperlfoo2] +scripts (binary): non-standard-setuid-executable-perm 4555 [usr/bin/suidperlfoo] +scripts (binary): non-standard-executable-perm 0754 != 0755 [usr/bin/perl-bizarre-3] +scripts (binary): non-standard-executable-perm 0750 != 0755 [usr/bin/perl-bizarre-2] +scripts (binary): non-standard-executable-perm 0705 != 0755 [usr/bin/guile-bizarre] +scripts (binary): executable-is-not-world-readable 4751 [usr/bin/suidperlfoo2] +scripts (binary): executable-is-not-world-readable 0750 [usr/bin/perl-bizarre-2] +scripts (binary): executable-is-not-world-readable 0705 [usr/bin/guile-bizarre] +scripts (binary): elevated-privileges 4751 root/root [usr/bin/suidperlfoo2] +scripts (binary): elevated-privileges 4555 root/root [usr/bin/suidperlfoo] diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test b/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test new file mode 100644 index 0000000..faeef0b --- /dev/null +++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test @@ -0,0 +1 @@ +s/\(current is ([0-9]+\.)+[0-9]\)/(current is CURRENT)/ diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install new file mode 100644 index 0000000..1099c53 --- /dev/null +++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install @@ -0,0 +1 @@ +some-executable usr/lib diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values new file mode 100644 index 0000000..7ac9aea --- /dev/null +++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values @@ -0,0 +1,3 @@ +Testname: executable-installed-here +Skeleton: upload-native +Description: Executable in /usr/lib diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable new file mode 100755 index 0000000..89865bc --- /dev/null +++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable @@ -0,0 +1,3 @@ +#!/bin/bash + +echo 'This would be a useful executable if it did anything, but it does not.' diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc new file mode 100644 index 0000000..bfab6bf --- /dev/null +++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc @@ -0,0 +1,2 @@ +Testname: executable-installed-here +Check: files/permissions/usr-lib diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints new file mode 100644 index 0000000..45f6832 --- /dev/null +++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints @@ -0,0 +1 @@ +executable-installed-here (binary): executable-in-usr-lib [usr/lib/some-executable] |