summaryrefslogtreecommitdiffstats
path: root/t/recipes/checks/files/permissions
diff options
context:
space:
mode:
Diffstat (limited to 't/recipes/checks/files/permissions')
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs3
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init21
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install9
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in30
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules31
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values3
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only1
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali1
-rwxr-xr-xt/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script20
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file2
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc2
-rw-r--r--t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints12
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/clean1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs13
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/examples1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/install18
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/links1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages2
-rwxr-xr-xt/recipes/checks/files/permissions/files-general/build-spec/debian/rules67
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/fill-values4
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma2
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/dir18
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir2
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.55
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.pngbin0 -> 355 bytes
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.pngbin0 -> 1505 bytes
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache2
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini1
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest0
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.15
-rw-r--r--t/recipes/checks/files/permissions/files-general/build-spec/orig/types0
-rw-r--r--t/recipes/checks/files/permissions/files-general/eval/desc3
-rw-r--r--t/recipes/checks/files/permissions/files-general/eval/hints1
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in41
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in16
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright5
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list11
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc1
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options1
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch7
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch5
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch7
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst14
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm9
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst15
-rwxr-xr-xt/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules105
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles6
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch8
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values6
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo2
-rwxr-xr-xt/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo4
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo2
-rwxr-xr-xt/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch39
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre6
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken34
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other22
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb17
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton150
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken2
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo2
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo3
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-111
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-27
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-36
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo3
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo7
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo7
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo4
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken2
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo3
-rwxr-xr-xt/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo31
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo4
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test3
-rwxr-xr-xt/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build5
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/eval/desc2
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/eval/hints10
-rw-r--r--t/recipes/checks/files/permissions/legacy-scripts/eval/post-test1
-rw-r--r--t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install1
-rw-r--r--t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values3
-rwxr-xr-xt/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable3
-rw-r--r--t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc2
-rw-r--r--t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints1
90 files changed, 945 insertions, 0 deletions
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs
new file mode 100644
index 0000000..42f92ea
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.docs
@@ -0,0 +1,3 @@
+read-only
+README
+some-file
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init
new file mode 100644
index 0000000..4ebbdf5
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.init
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e
+
+### BEGIN INIT INFO
+# Provides: binary
+# Required-Start:
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Useless
+# Description: Does nothing
+### END INIT INFO
+
+. /lib/lsb/init-functions
+
+case "$1" in
+ start|stop|force-reload|restart|status|*)
+ echo hello world
+ ;;
+esac
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install
new file mode 100644
index 0000000..c759290
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.install
@@ -0,0 +1,9 @@
+sample.ali usr/lib/some-where/
+script-uid usr/bin/
+script-ugid usr/bin/
+script-gid usr/bin/
+script-wexec usr/bin/
+script-wuid usr/bin/
+script-ro usr/bin/
+script etc/cron.d/
+script etc/emacs.d/
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages
new file mode 100644
index 0000000..ad3e735
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/binary.manpages
@@ -0,0 +1 @@
+script-*.1
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean
new file mode 100644
index 0000000..1e7cec6
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/clean
@@ -0,0 +1 @@
+script*.1
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in
new file mode 100644
index 0000000..5c8703f
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/control.in
@@ -0,0 +1,30 @@
+Source: [% $source %]
+Priority: optional
+Section: devel
+Maintainer: [% $author %]
+Standards-Version: [% $standards_version %]
+Build-Depends: [% $build_depends %]
+Rules-Requires-Root: binary-targets
+
+Package: binary
+Architecture: all
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${misc:Depends}, lsb-base (>= 3.0-6)
+Description: [% $description %]
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: game
+Architecture: all
+Section: games
+Depends: ${misc:Depends}
+Description: [% $description %] - game
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+ .
+ Game package.
+
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install
new file mode 100644
index 0000000..f708f99
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.install
@@ -0,0 +1 @@
+script usr/games/
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages
new file mode 100644
index 0000000..8d16fb4
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/game.manpages
@@ -0,0 +1 @@
+script.1
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules
new file mode 100644
index 0000000..951f84c
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/debian/rules
@@ -0,0 +1,31 @@
+#!/usr/bin/make -f
+
+GPKG:=game
+PKG:=binary
+
+%:
+ dh $@
+
+override_dh_auto_build:
+ for N in uid gid ugid wexec wuid ro; do \
+ sed s/script/script-$$N/ < script > script-$$N ; \
+ pod2man --section 1 script-$$N > script-$$N.1 ; \
+ done
+ pod2man --section 1 script > script.1
+
+override_dh_fixperms:
+ dh_fixperms
+
+ chmod 0444 debian/$(PKG)/usr/share/doc/$(PKG)/read-only
+ chmod 4755 debian/$(PKG)/usr/bin/script-uid
+ chmod 2755 debian/$(PKG)/usr/bin/script-gid
+ chmod 6755 debian/$(PKG)/usr/bin/script-ugid
+ chmod 0775 debian/$(PKG)/usr/bin/script-wexec
+ chmod 4744 debian/$(PKG)/usr/bin/script-wuid
+ chmod 0751 debian/$(PKG)/usr/bin/script-ro
+ chmod 0644 debian/$(PKG)/usr/lib/some-where/sample.ali
+ chmod 0744 debian/$(PKG)/usr/share/doc/$(PKG)
+ chmod 0755 debian/$(PKG)/usr/share/doc/$(PKG)/some-file
+ chmod 0755 debian/$(PKG)/etc/cron.d/script
+ chmod 0755 debian/$(PKG)/etc/emacs.d/script
+ chmod 0765 debian/$(PKG)/etc/init.d/binary
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values
new file mode 100644
index 0000000..c914891
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/fill-values
@@ -0,0 +1,3 @@
+Skeleton: upload-native
+Testname: files-bad-perm-owner
+Description: General permissions and owner tests
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README
new file mode 100644
index 0000000..336f590
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/README
@@ -0,0 +1 @@
+Hallo World
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only
new file mode 100644
index 0000000..1a3fca1
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/read-only
@@ -0,0 +1 @@
+Fadango on the core
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali
new file mode 100644
index 0000000..fec3fc8
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/sample.ali
@@ -0,0 +1 @@
+This is not a valid ali file
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script
new file mode 100755
index 0000000..8521013
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/script
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -e
+
+echo "Aloha"
+
+exit 0
+
+=head1 NAME
+
+script -- prints Aloha to stdout
+
+=head1 SYNOPSIS
+
+ script
+
+=head1 DESCRIPTION
+
+Prints Aloha to stdout and that is it.
+
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file
new file mode 100644
index 0000000..0dfa8ff
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/build-spec/orig/some-file
@@ -0,0 +1,2 @@
+This is executable and should not be. :)
+ - Unfortunately it triggers an extra tag... oh well.
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc
new file mode 100644
index 0000000..dc8117e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/desc
@@ -0,0 +1,2 @@
+Testname: files-bad-perm-owner
+Check: files/permissions
diff --git a/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints
new file mode 100644
index 0000000..cddfa8d
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-bad-perm-owner/eval/hints
@@ -0,0 +1,12 @@
+binary (binary): non-standard-setuid-executable-perm 4744 [usr/bin/script-wuid]
+binary (binary): non-standard-file-perm 0444 != 0644 [usr/share/doc/binary/read-only]
+binary (binary): non-standard-executable-perm 0775 != 0755 [usr/bin/script-wexec]
+binary (binary): non-standard-executable-perm 0765 != 0755 [etc/init.d/binary]
+binary (binary): non-standard-executable-perm 0751 != 0755 [usr/bin/script-ro]
+binary (binary): non-standard-dir-perm 0744 != 0755 [usr/share/doc/binary/]
+binary (binary): executable-is-not-world-readable 0751 [usr/bin/script-ro]
+binary (binary): elevated-privileges 6755 root/root [usr/bin/script-ugid]
+binary (binary): elevated-privileges 4755 root/root [usr/bin/script-uid]
+binary (binary): elevated-privileges 4744 root/root [usr/bin/script-wuid]
+binary (binary): elevated-privileges 2755 root/root [usr/bin/script-gid]
+binary (binary): bad-permissions-for-ali-file [usr/lib/some-where/sample.ali]
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean b/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean
new file mode 100644
index 0000000..222b726
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/clean
@@ -0,0 +1 @@
+鳥の詩.1
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs b/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs
new file mode 100644
index 0000000..b76fb64
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/dirs
@@ -0,0 +1,13 @@
+etc
+etc/skel
+usr/bin
+usr/doc
+usr/lib/python3/dist-packages/foo
+usr/share/foo
+usr/share/fonts/X11/misc
+usr/share/glib-2.0/schemas
+usr/share/hal
+usr/share/man/man1/random
+var/catman
+var/lock/lintian
+var/run/lintian
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples b/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples
new file mode 100644
index 0000000..18fb10f
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/examples
@@ -0,0 +1 @@
+foo.vcproj
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/install b/t/recipes/checks/files/permissions/files-general/build-spec/debian/install
new file mode 100644
index 0000000..dccb61e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/install
@@ -0,0 +1,18 @@
+lintian-16x16.png usr/share/apps/lintian/icons/hicolor/22x22
+lintian-16x16.png usr/share/icons/hicolor/22x22/apps
+lintian-22x22.png usr/share/apps/lintian/icons/hicolor/22x22
+lintian-22x22.png usr/share/apps/lintian/icons/hicolor/20x20
+lintian-16x16.png usr/share/doc/lintian/
+lintian-22x22.png usr/share/games/icons/hicolor/22x22
+lintian-16x16.png usr/share/icons/hicolor/scalable/apps
+lintian-22x22.png usr/share/icons/16x16/animations/
+--lzma etc/modprobe.d
+lintian.conf etc/modprobe.d
+dir usr/share/info
+foo.vcproj usr/lib/foo
+lintian-lib.conf etc/ld.so.conf.d
+php-foo.ini etc/php/7.0/mods-available
+types usr/share/mime
+mimeinfo.cache usr/share/applications
+file-in-new-top-level-dir new-top-level-dir/
+sudotest etc/sudoers.d/
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/links b/t/recipes/checks/files/permissions/files-general/build-spec/debian/links
new file mode 100644
index 0000000..f3e425d
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/links
@@ -0,0 +1 @@
+usr/share/apps/lintian/icons/hicolor/22x22/lintian-22x22.png usr/share/apps/lintian/icons/hicolor/64x64/lintian-64x64.png
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages b/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages
new file mode 100644
index 0000000..e8af11b
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/manpages
@@ -0,0 +1,2 @@
+foo.5
+鳥の詩.1
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules b/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules
new file mode 100755
index 0000000..798f01e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/debian/rules
@@ -0,0 +1,67 @@
+#!/usr/bin/make -f
+
+tmp := $(CURDIR)/debian/$(shell dh_listpackages)
+
+%:
+ dh $@
+
+override_dh_install:
+ dh_install
+ echo "#fake conf file" > $(tmp)/etc/pam.conf
+ # true positives
+ touch $(tmp)/etc/skel/.lintianrc
+ # false positives
+ touch $(tmp)/etc/skel/.bashrc
+ touch $(tmp)/etc/skel/.bash_logout
+ touch $(tmp)/etc/skel/.profile
+ touch $(tmp)/etc/skel/.kshrc
+ touch $(tmp)/etc/skel/.mkshrc
+ echo "Back-up file" > $(tmp)/usr/share/foo/file~
+ # The name of the "binary" is "Tori no Uta"
+ # If it is ever messed up, it can be restored by
+ # using something like:
+ # perl -pe 's/\@FILE\@/\xe9\xb3\xa5\xe3\x81\xae\xe8\xa9\xa9\x0a/'
+ echo "#!/bin/sh" > $(tmp)/usr/bin/鳥の詩
+ chmod +x $(tmp)/usr/bin/鳥の詩
+ # Copy the manpage to its correct name so dh_installman can
+ # find it.
+ # - d/clean will remove it again
+ cp -a tnu.1 鳥の詩.1
+ touch $(tmp)/usr/doc/FSSTND
+ touch $(tmp)/usr/share/foo/'*'
+ touch $(tmp)/usr/share/foo/'ws '
+ touch $(tmp)/usr/share/fonts/X11/misc/fonts.dir
+ touch $(tmp)/usr/share/fonts/X11/misc/fonts.scale
+ touch $(tmp)/usr/share/fonts/X11/misc/fonts.alias
+ touch $(tmp)/usr/share/fonts/X11/misc/encodings.dir
+ touch $(tmp)/usr/share/fonts/X11/misc/false-positive
+ touch $(tmp)/usr/share/foo/.nfs-fake-tmpfile
+ touch $(tmp)/usr/share/foo/foo.doctree
+ touch $(tmp)/usr/share/foo/gschemas.compiled
+ touch $(tmp)/usr/share/glib-2.0/schemas/gschemas.compiled
+ touch $(tmp)/usr/share/hal/foo.fdi
+ touch $(tmp)/usr/lib/python3/dist-packages/test_foo.py
+ touch $(tmp)/usr/lib/python3/dist-packages/foo/test_falsepositive.py
+ # If the following line gets messed up, it can be
+ # restored with something like:
+ # sed -i 's/@FILE@/bokm\xe5l/'
+ touch $(tmp)/usr/share/foo/bokml
+ touch $(tmp)/var/catman/do
+
+override_dh_fixperms:
+ dh_fixperms
+ chmod 755 $(tmp)/usr/share/man/man5/foo.5.gz
+ chmod 644 $(tmp)/etc/sudoers.d/*
+
+override_dh_compress:
+ dh_compress
+ # create a .png and .png.gz
+ gzip -n -1 $(tmp)/usr/share/doc/lintian/lintian-16x16.png
+ zcat $(tmp)/usr/share/doc/lintian/lintian-16x16.png.gz > \
+ $(tmp)/usr/share/doc/lintian/lintian-16x16.png
+
+override_dh_link:
+ dh_link
+ mkdir -p $(tmp)/usr/share/doc/bar
+ echo "Hallo World" > $(tmp)/usr/share/doc/bar/foo
+ ln -s ../bar/foo $(tmp)/usr/share/doc/bar/star
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/fill-values b/t/recipes/checks/files/permissions/files-general/build-spec/fill-values
new file mode 100644
index 0000000..45de709
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/fill-values
@@ -0,0 +1,4 @@
+Skeleton: upload-native
+Testname: files-general
+Description: Test tags for file paths, names, and modes
+# tar -t is buggy and does not list \\\ filename
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma b/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma
new file mode 100644
index 0000000..5241aaa
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/--lzma
@@ -0,0 +1,2 @@
+Test file to check that various parts of Lintian correctly handle files with names that look
+like options
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir b/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir
new file mode 100644
index 0000000..e465d26
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/dir
@@ -0,0 +1,18 @@
+This is the file .../info/dir, which contains the
+topmost node of the Info hierarchy, called (dir)Top.
+The first time you invoke Info you start off looking at this node.
+
+File: dir, Node: Top This is the top of the INFO tree
+
+ This (the Directory node) gives a menu of major topics.
+ Typing "q" exits, "?" lists all Info commands, "d" returns here,
+ "h" gives a primer for first-timers,
+ "mEmacs<Return>" visits the Emacs manual, etc.
+
+ In Emacs, you can click mouse button 2 on a menu item or cross reference
+ to select it.
+
+* Menu:
+
+Archiving
+* Cpio: (cpio). Copy-in-copy-out archiver to tape or disk.
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir b/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir
new file mode 100644
index 0000000..ae82d42
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/file-in-new-top-level-dir
@@ -0,0 +1,2 @@
+Since an empty file triggers "empty-dir" tags; we might as well
+test file-in-unusual-dir together with non-standard-toplevel-dir.
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5 b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5
new file mode 100644
index 0000000..718eae1
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.5
@@ -0,0 +1,5 @@
+.TH FOO "5"
+.SH NAME
+foo \- file format for foo
+.SH DESCRIPTION
+This file can store anything.
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj
new file mode 100644
index 0000000..6ec1ca6
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/foo.vcproj
@@ -0,0 +1 @@
+Not actually a VC project file.
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png
new file mode 100644
index 0000000..cd7355d
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-16x16.png
Binary files differ
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png
new file mode 100644
index 0000000..efc9af0
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-22x22.png
Binary files differ
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf
new file mode 100644
index 0000000..e2b41a8
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian-lib.conf
@@ -0,0 +1 @@
+/usr/lib/lintian
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf
new file mode 100644
index 0000000..7f6693c
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/lintian.conf
@@ -0,0 +1 @@
+Test file which should not be flagged by the modprobe.d checks
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache b/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache
new file mode 100644
index 0000000..f3067c5
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/mimeinfo.cache
@@ -0,0 +1,2 @@
+[MIME Cache]
+text/plain=foo-editor.desktop
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini b/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini
new file mode 100644
index 0000000..6a33666
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/php-foo.ini
@@ -0,0 +1 @@
+# this style of comments are obsolete
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest b/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/sudotest
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1 b/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1
new file mode 100644
index 0000000..147dc1a
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/tnu.1
@@ -0,0 +1,5 @@
+.TH 鳥の詩 "1"
+.SH NAME
+鳥の詩 \- command in PATH written in UTF-8
+.SH DESCRIPTION
+鳥の詩 (Tori no uta) is not really a useful command.
diff --git a/t/recipes/checks/files/permissions/files-general/build-spec/orig/types b/t/recipes/checks/files/permissions/files-general/build-spec/orig/types
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/build-spec/orig/types
diff --git a/t/recipes/checks/files/permissions/files-general/eval/desc b/t/recipes/checks/files/permissions/files-general/eval/desc
new file mode 100644
index 0000000..c8a4aea
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/eval/desc
@@ -0,0 +1,3 @@
+Testname: files-general
+Check: files/permissions
+# tar -t is buggy and does not list \\\ filename
diff --git a/t/recipes/checks/files/permissions/files-general/eval/hints b/t/recipes/checks/files/permissions/files-general/eval/hints
new file mode 100644
index 0000000..1ec9a36
--- /dev/null
+++ b/t/recipes/checks/files/permissions/files-general/eval/hints
@@ -0,0 +1 @@
+files-general (binary): bad-perm-for-file-in-etc-sudoers.d 0644 != 0440 [etc/sudoers.d/sudotest]
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in
new file mode 100644
index 0000000..935c633
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/changelog.in
@@ -0,0 +1,41 @@
+scripts ([% $version %]) [% $distribution %]; urgency=low
+
+ * I'm also not able to write my name.
+ * Added a script in /etc/Xsession.d
+ * Bizarre version number courtesy of
+ https://wiki.ubuntu.com/SecurityUpdateProcedures#Prepare
+
+ -- Mark 'HE' Brokschmitt <he@debian.org> Thu, 23 Jun 2005 14:32:39 +0200
+
+scripts (5-1) unstable; urgency=low
+
+ * I'm making a typo in my own name... And I want lintian to warn me about
+ it.
+
+ -- Jeroen van Wolffelaar <jeroen@wolffelaar.nl> Sun, 18 Apr 2004 02:26:34 +0200
+
+scripts (4-1) unstable; urgency=low
+
+ * Add new example to check that not executable files with a shebang line
+ called *in don't trigger the script-not-executable warning.
+
+ -- Marc 'HE' Brockschmidt <he@debian.org> Wed, 14 Apr 2004 19:44:04 +0200
+
+scripts (3-3) unstable; urgency=low
+
+ * Add suidperlfoo and some code in debian/rules to
+ check the new suidperl checks
+
+ -- Frank Lichtenheld <djpig@debian.org> Wed, 31 Mar 2004 21:06:20 +0000
+
+scripts (2-1) unstable; urgency=low
+
+ * Add tkfoo script for tk checkings
+
+ -- Lintian Maintainers <lintian-maint@debian.org> Sat, 21 Feb 2004 17:13:36 +0100
+
+scripts (1-0) unstable; urgency=low
+
+ * Initial version
+
+ -- Lintian Maintainers <lintian-maint@debian.org> Sat, 10 Feb 2001 15:37:31 -0800
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in
new file mode 100644
index 0000000..75a521f
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/control.in
@@ -0,0 +1,16 @@
+Source: scripts
+Section: interpreters
+Priority: optional
+Maintainer: Lintian Maintainers <lintian-maint@debian.org>
+Uploaders: Jeroen van Wolfelaar <jeroen@wolffelaar.nl>, Marc 'HE' Brockschmidt <he@debian.org>
+Build-Depends-Indep: dpatch
+Standards-Version: 3.2.1
+
+Package: scripts
+Architecture: [% $package_architecture %]
+Depends: test, ruby1.8, build-essential, libssl0.9.7, php7.0-cli
+Recommends: tk8.4 | wish
+Description: test lintian's script file checks
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package.
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright
new file mode 100644
index 0000000..ad8a119
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/copyright
@@ -0,0 +1,5 @@
+This file contains the phrase "under the same terms as Perl itself" to
+trigger warnings about not having common-licenses references.
+
+This file contains the phrase "public domain" which should suppress
+warnings about no copyright date.
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list
new file mode 100644
index 0000000..3b9d37e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list
@@ -0,0 +1,11 @@
+01_not_here_right_now.dpatch
+
+# some comment
+/* some more
+ elaborate comment
+ which needs DPATCH_OPTION_CPP=1
+ */02_i_dont_have_a_description.patch 03_specified_without_dpatch
+
+// and again a comment
+
+04_i_dont_have_a_description_either.patch
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc
new file mode 100644
index 0000000..8b47ab3
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00list.sparc
@@ -0,0 +1 @@
+01_some_other_patch_thats_not_in_the_package.dpatch
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options
new file mode 100644
index 0000000..57ffeb6
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/00options
@@ -0,0 +1 @@
+DPATCH_OPTION_CPP=1
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch
new file mode 100644
index 0000000..9279c1b
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/02_i_dont_have_a_description.patch
@@ -0,0 +1,7 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02_i_dont_have_a_description.patch.dpatch by Marc 'HE' Brockschmidt <Marc 'HE' Brockschmidt <he@debian.org>>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch
new file mode 100644
index 0000000..8303ac6
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/03_specified_without_dpatch.dpatch
@@ -0,0 +1,5 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Listed in 00list without .dpatch suffix.
+
+@DPATCH@
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch
new file mode 100644
index 0000000..b603f16
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/patches/04_i_dont_have_a_description_either.patch
@@ -0,0 +1,7 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 04_i_dont_have_a_description_either.patch by Adam D. Barratt <adam@adam-barratt.org.uk>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP:
+
+@DPATCH@
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst
new file mode 100644
index 0000000..7c5baf1
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postinst
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -x "/etc/init.d/lsb-broken" ] ; then
+ update-rc.d lsb-broken defaults >/dev/null
+fi
+if [ -x "/etc/init.d/no-lsb" ] ; then
+ update-rc.d no-lsb defaults >/dev/null
+fi
+if [ -x "/etc/init.d/skeleton" ] ; then
+ update-rc.d skeleton defaults >/dev/null
+fi
+if [ -x "/etc/init.d/lsb-other" ] ; then
+ update-rc.d lsb-other defaults >/dev/null
+fi
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm
new file mode 100644
index 0000000..8fa75a2
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/postrm
@@ -0,0 +1,9 @@
+#!/bin/sh -e
+
+if [ "$1" = purge ] ; then
+ update-rc.d lsb-broken remove >/dev/null
+ update-rc.d no-lsb remove >/dev/null
+ update-rc.d skeleton remove >/dev/null
+ update-rc.d lsb-other remove >/dev/null
+ update-rc.d lsb-other remove >/dev/null
+fi
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst
new file mode 100644
index 0000000..0799557
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/preinst
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -e
+set -x
+
+#
+# Some comments here
+#
+
+# This serves as an example of an "empty" script, so
+# please do not add any real code here, thank you :)
+
+#DEBHELPER#
+
+exit 0
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules
new file mode 100755
index 0000000..ee3677e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/rules
@@ -0,0 +1,105 @@
+#!/usr/bin/make -f
+
+tmp=debian/tmp
+
+build-arch:
+ echo "Hi, in an arch: all package, I am a bug!"
+
+build-indep:
+
+build: build-arch build-indep
+
+binary-arch:
+ echo "Hi, in an arch: all package, I am a bug!"
+
+binary-indep:
+ install -d $(tmp)/usr/bin/
+ install -d $(tmp)/etc/X11/Xsession.d/
+ install -d $(tmp)/etc/init.d/
+ install -d $(tmp)/etc/csh/login.d/
+ install -d $(tmp)/etc/fish.d/
+ install -d $(tmp)/usr/share/scripts/
+ install -d $(tmp)/usr/share/doc/scripts/
+ install -d $(tmp)/usr/lib/cgi-bin
+ install -d $(tmp)/usr/src/scripts
+ install -d $(tmp)/DEBIAN
+
+ install -m 755 csh-foo $(tmp)/etc/csh/login.d/
+ install -m 755 envfoo $(tmp)/usr/bin/
+ install -m 755 fish-foo $(tmp)/etc/fish.d/
+ install -m 755 jruby-broken $(tmp)/usr/bin/
+ install -m 755 perlfoo $(tmp)/usr/bin/
+ install -m 755 rubyfoo $(tmp)/usr/bin/
+# This doesn't use "env" but should also trigger script-in-usr-share-doc
+ install -m 755 rubyfoo $(tmp)/usr/share/doc/scripts/
+ install -m 755 make-foo $(tmp)/usr/bin/
+ install -m 755 lefty-foo $(tmp)/usr/bin/
+ install -m 4751 perlfoo $(tmp)/usr/bin/suidperlfoo2
+ install -m 755 sh-broken $(tmp)/usr/bin/
+ install -m 4555 suidperlfoo $(tmp)/usr/bin/
+ install -m 755 tkfoo $(tmp)/usr/bin/
+ install -m 755 wishfoo $(tmp)/usr/bin/
+ install -m 644 xsession-test $(tmp)/etc/X11/Xsession.d/
+
+# Permissions here aren't part of what's being tested, but let us exercise
+# some other errors.
+ install -m 755 perl-bizarre-1 $(tmp)/usr/bin/
+ install -m 750 perl-bizarre-2 $(tmp)/usr/bin/
+ install -m 754 perl-bizarre-3 $(tmp)/usr/bin/
+ install -m 705 guile-bizarre $(tmp)/usr/bin/
+
+# First one should produce a warning; second one shouldn't.
+ install -m 755 gccbug.dpatch $(tmp)/usr/share/scripts/
+ install -m 755 gccbug.dpatch $(tmp)/usr/src/scripts/
+
+ install -m 644 init-skeleton $(tmp)/etc/init.d/skeleton
+ install -m 755 init-no-lsb $(tmp)/etc/init.d/no-lsb
+ install -m 755 init-lsb-broken $(tmp)/etc/init.d/lsb-broken
+ install -m 755 init-lsb-other $(tmp)/etc/init.d/lsb-other
+
+ install -m 755 phpfoo $(tmp)/usr/share/scripts/
+ sed 's/php$$/php7.0/' phpfoo > $(tmp)/usr/share/scripts/php7.0foo
+ chmod 755 $(tmp)/usr/share/scripts/php7.0foo
+
+ install -m 755 phpenvfoo $(tmp)/usr/share/scripts/
+ sed 's/php$$/php7.0/' phpenvfoo > $(tmp)/usr/share/scripts/php7.0envfoo
+ chmod 755 $(tmp)/usr/share/scripts/php7.0envfoo
+
+ echo "#!/usr/bin/perl" >> $(tmp)/usr/share/scripts/foobar.in
+ chmod 644 $(tmp)/usr/share/scripts/foobar.in
+
+ touch $(tmp)/usr/share/scripts/mono.exe
+ chmod 755 $(tmp)/usr/share/scripts/mono.exe
+
+ echo "#!/bin/sh" > $(tmp)/usr/share/scripts/foo\$$bar
+ chmod 755 $(tmp)/usr/share/scripts/foo\$$bar
+
+ echo "#!/bin/sh" > $(tmp)/usr/lib/cgi-bin/cgi-script
+ chmod 755 $(tmp)/usr/lib/cgi-bin/cgi-script
+
+ echo "#!/bin/sh" > $(tmp)/usr/bin/test.sh
+ chmod 755 $(tmp)/usr/bin/test.sh
+
+
+ dh_testroot # dummy to test missing debhelper dependency
+
+
+ install -m 644 debian/changelog $(tmp)/usr/share/doc/scripts/changelog.Debian
+ gzip -n -9 $(tmp)/usr/share/doc/scripts/changelog.Debian
+ install -m 644 debian/copyright $(tmp)/usr/share/doc/scripts/copyright
+
+ install -m 644 debian/scripts.conffiles $(tmp)/DEBIAN/conffiles
+ install -m 755 debian/preinst $(tmp)/DEBIAN/preinst
+ install -m 755 debian/postinst $(tmp)/DEBIAN/postinst
+ install -m 755 debian/postrm $(tmp)/DEBIAN/postrm
+ touch $(tmp)/DEBIAN/prerm
+ chmod 755 $(tmp)/DEBIAN/prerm
+ dpkg-gencontrol -isp
+ dpkg --build $(tmp) ..
+
+binary: binary-arch binary-indep
+
+clean:
+ rm -rf debian/files $(tmp) debian/substvars
+
+.PHONY: build-arch build-indep build binary-arch binary-indep binary clean
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles
new file mode 100644
index 0000000..01a371a
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/scripts.conffiles
@@ -0,0 +1,6 @@
+/etc/init.d/lsb-broken
+/etc/init.d/lsb-other
+/etc/init.d/no-lsb
+/etc/X11/Xsession.d/xsession-test
+/etc/csh/login.d/csh-foo
+/etc/fish.d/fish-foo
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch
new file mode 100644
index 0000000..dba5815
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/debian/watch
@@ -0,0 +1,8 @@
+# watch file with upstream version mangling
+
+version=2
+opts="uversionmangle=s/$/ds/" \
+http://qa.debian.org/watch/sf.php?project=foo scripts\.([\d.]+)\.tar\.gz debian uupdate
+
+version=3
+http://ftp.sf.net/foo/foo_bar(.+)\.Z 5 uupdate \ No newline at end of file
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values
new file mode 100644
index 0000000..8a68457
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/fill-values
@@ -0,0 +1,6 @@
+Testname: legacy-scripts
+Source: scripts
+Version: 6ds-1ubuntu0.5.10.1
+Package-Architecture: all
+Skeleton: upload-non-native
+Description: Legacy test "scripts"
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo
new file mode 100644
index 0000000..eaf47a1
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/csh-foo
@@ -0,0 +1,2 @@
+#! /bin/csh
+
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo
new file mode 100755
index 0000000..e005037
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/envfoo
@@ -0,0 +1,4 @@
+#! /bin/env python
+
+if __name__ == '__main__':
+ print 'Hi there'
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo
new file mode 100644
index 0000000..7f59139
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/fish-foo
@@ -0,0 +1,2 @@
+#! /usr/bin/fish
+
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch
new file mode 100755
index 0000000..65cbf37
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/gccbug.dpatch
@@ -0,0 +1,39 @@
+#! /bin/sh -e
+
+# DP: Use sensible-editor instead of vi as fallback editor
+
+# Taken from gcc-4.1-source. Chokes bash -n (due to the patch) despite being
+# a valid dpatch, so don't warn about it if it's in /usr/src.
+
+dir=
+if [ $# -eq 3 -a "$2" = '-d' ]; then
+ pdir="-d $3"
+ dir="$3/"
+elif [ $# -ne 1 ]; then
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+fi
+case "$1" in
+ -patch)
+ patch $pdir -f --no-backup-if-mismatch -p0 < $0
+ ;;
+ -unpatch)
+ patch $pdir -f --no-backup-if-mismatch -R -p0 < $0
+ ;;
+ *)
+ echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+ exit 1
+esac
+exit 0
+
+--- gcc/gccbug.in~ 2003-03-01 00:51:42.000000000 +0100
++++ gcc/gccbug.in 2003-03-02 12:08:36.000000000 +0100
+@@ -134,7 +134,7 @@
+ # If they don't have a preferred editor set, then use
+ if [ -z "$VISUAL" ]; then
+ if [ -z "$EDITOR" ]; then
+- EDIT=vi
++ EDIT=/usr/bin/sensible-editor
+ else
+ EDIT="$EDITOR"
+ fi
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre
new file mode 100644
index 0000000..70e2c74
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/guile-bizarre
@@ -0,0 +1,6 @@
+#! /bin/sh
+# -*- scheme -*-
+exec guile -s $0 $*
+# Seen in the wild as build-guile-gtk in libguilegtk-1.2-dev (0.31-5.1)
+# Tests script_is_evil_and_wrong
+!#
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken
new file mode 100644
index 0000000..e4dfa92
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-broken
@@ -0,0 +1,34 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: bad-lsb
+# Required-Start: $local_fs $remote_fs
+# Required-Stop:
+# Default-Start: 1 2 3 4 5
+# Default-Stop: S 0 1 6 X
+# Short-Description: Example Lintian initscript
+# but this can't be continued
+# Description: An example of a bad LSB section in an init script.
+# This continuation is allowed (with spaces).
+# This one is too (with tabs).
+# X-Debian-Foo: Some unknown but valid keyword.
+# Foo: Some invalid keyword.
+
+# Whoops, no terminating line.
+
+# And then we have this duplicate section.
+### BEGIN INIT INFO
+# Required-Start: This one doesn't count.
+### END INIT INFO
+
+# Hey, look at all of those missing actions! But stop isn't missing.
+case "$1" in
+ start|stop)
+ echo "Blah"
+ ;;
+ *)
+ echo "Usage: foo start" >&2
+ exit 3
+ ;;
+esac
+
+:
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other
new file mode 100644
index 0000000..adb4795
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-lsb-other
@@ -0,0 +1,22 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: lsb-other
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Description: This is another LSB script test, which has a missing
+# Short-Description.
+### END INIT INFO
+
+case "$1" in
+ start|stop|restart|reload|force-reload)
+ echo "Blah"
+ ;;
+ *)
+ echo "Usage: foo start" >&2
+ exit 3
+ ;;
+esac
+
+:
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb
new file mode 100644
index 0000000..6b994dd
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-no-lsb
@@ -0,0 +1,17 @@
+#! /bin/sh
+# No LSB section, but otherwise okay. (Well, the messages are bad, but we
+# don't check that yet.)
+
+case "$1" in
+ start)
+ echo "Blah starting"
+ ;;
+ stop)
+ echo "Blah stopping"
+ ;;
+ restart|force-reload)
+ echo "Blah restarting"
+ ;;
+esac
+
+:
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton
new file mode 100644
index 0000000..c868508
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/init-skeleton
@@ -0,0 +1,150 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: skeleton
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: S 0 1 6
+# Short-Description: Example Lintian initscript
+# Description: This file should be used to construct scripts to be
+# placed in /etc/init.d.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+DESC="Description of the service"
+NAME=daemonexecutablename
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="--options args"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken
new file mode 100644
index 0000000..56f574d
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/jruby-broken
@@ -0,0 +1,2 @@
+#!/usr/bin/jruby
+# There's no non-versioned jruby, so this should be an error.
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo
new file mode 100644
index 0000000..52c003e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/lefty-foo
@@ -0,0 +1,2 @@
+#!/usr/local/bin/lefty
+
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo
new file mode 100644
index 0000000..6b787b5
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/make-foo
@@ -0,0 +1,3 @@
+#!/usr/bin/make
+
+
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1
new file mode 100644
index 0000000..fc632c8
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-1
@@ -0,0 +1,11 @@
+#! /bin/sh
+eval '(exit $?0)' && eval 'PERL_BADLANG=x;export PERL_BADLANG;: \
+;exec perl -x -S -- "$0" ${1+"$@"};#'if 0;
+eval 'setenv PERL_BADLANG x;exec perl -x -S -- "$0" $argv:q;#'.q+
+#!perl -w
+package Htex::a2ping; $0=~/(.*)/s;unshift@INC,'.';do($1);die$@if$@;__END__+if !1;
+# This Perl script was generated by JustLib2 at Wed Apr 23 09:14:13 2003.
+# Don't touch/remove any lines above; http://www.inf.bme.hu/~pts/justlib
+
+# The above was actually seen in the wild and stresses the
+# script_is_evil_and_wrong test.
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2
new file mode 100644
index 0000000..afd9cfe
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-2
@@ -0,0 +1,7 @@
+#!/bin/sh
+eval 'exec /usr/bin/perl -wS $0 ${1+"$@"}'
+ if $running_under_some_shell;
+
+# I'm someone following perlrun except without using the Perl #! line.
+# Now something to choke bash.
+while (<>) { if (/%#/) { print } }
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3 b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3
new file mode 100644
index 0000000..44baf75
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perl-bizarre-3
@@ -0,0 +1,6 @@
+eval '(exit $?0)' && eval 'exec perl -wS $0 ${1+"$@"}'
+& eval 'exec /usr/bin/perl -wS $0 $argv:q'
+ if $running_under_some_shell;
+
+# More utterly bizarreness from perlrun. This one even doesn't work if
+# there's a valid #! line on the first line. I don't understand why....
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo
new file mode 100644
index 0000000..5b27ed0
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/perlfoo
@@ -0,0 +1,3 @@
+#! /usr/bin/perl
+
+print "Hello, World!";
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo
new file mode 100644
index 0000000..cbbfb2e
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpenvfoo
@@ -0,0 +1,7 @@
+#!/usr/bin/env php
+<html>
+<head>
+<title>Dumb PHP script</title>
+</head>
+<body><? print(Date("l F d, Y")); ?></body>
+</html>
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo
new file mode 100644
index 0000000..e0595e6
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/phpfoo
@@ -0,0 +1,7 @@
+#!/usr/bin/php
+<html>
+<head>
+<title>Dumb PHP script</title>
+</head>
+<body><? print(Date("l F d, Y")); ?></body>
+</html>
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo
new file mode 100644
index 0000000..8024605
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/rubyfoo
@@ -0,0 +1,4 @@
+#!/bin/ruby1.8
+
+# Ok, that example is really pathetic, but until we have
+# some better code in checks/scripts, it will do
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken
new file mode 100644
index 0000000..7b79074
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/sh-broken
@@ -0,0 +1,2 @@
+#!/bin/sh
+if fi
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo
new file mode 100644
index 0000000..bcbc471
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/suidperlfoo
@@ -0,0 +1,3 @@
+#! /usr/bin/suidperl
+
+print "Hello, World!";
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo
new file mode 100755
index 0000000..533595a
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/tkfoo
@@ -0,0 +1,31 @@
+#!/bin/sh
+#
+# Insane amount of empty lines and comments
+
+#
+#
+#
+#
+
+#
+#
+
+#
+#
+#
+
+#
+#
+
+#
+# This line makes the next one a comment in Tcl \
+exec wish "$0" -- ${1+"$@"}
+
+# lintian should not check the following for syntax
+# if it detects the line above correctly
+# Code snippet taken from eTkTab
+
+if { [array names prefs keybindings] != "" } {
+ # Read in the file
+ array set unparsed_bindings [ read_settings_file $prefs(keybindings)]
+}
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo
new file mode 100644
index 0000000..035c9ad
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/wishfoo
@@ -0,0 +1,4 @@
+#!/usr/bin/wish
+#
+# This is not actually a wish script, here to force a test of wish
+# dependencies.
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test
new file mode 100644
index 0000000..ca49d72
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/orig/xsession-test
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+echo "Foo."
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build
new file mode 100755
index 0000000..b5649a8
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/build-spec/pre-build
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+DIR="$1"
+
+rm -f "$DIR/debian/compat"
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/desc b/t/recipes/checks/files/permissions/legacy-scripts/eval/desc
new file mode 100644
index 0000000..349d5a9
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/desc
@@ -0,0 +1,2 @@
+Testname: legacy-scripts
+Check: files/permissions
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/hints b/t/recipes/checks/files/permissions/legacy-scripts/eval/hints
new file mode 100644
index 0000000..dc90b00
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/hints
@@ -0,0 +1,10 @@
+scripts (binary): non-standard-setuid-executable-perm 4751 [usr/bin/suidperlfoo2]
+scripts (binary): non-standard-setuid-executable-perm 4555 [usr/bin/suidperlfoo]
+scripts (binary): non-standard-executable-perm 0754 != 0755 [usr/bin/perl-bizarre-3]
+scripts (binary): non-standard-executable-perm 0750 != 0755 [usr/bin/perl-bizarre-2]
+scripts (binary): non-standard-executable-perm 0705 != 0755 [usr/bin/guile-bizarre]
+scripts (binary): executable-is-not-world-readable 4751 [usr/bin/suidperlfoo2]
+scripts (binary): executable-is-not-world-readable 0750 [usr/bin/perl-bizarre-2]
+scripts (binary): executable-is-not-world-readable 0705 [usr/bin/guile-bizarre]
+scripts (binary): elevated-privileges 4751 root/root [usr/bin/suidperlfoo2]
+scripts (binary): elevated-privileges 4555 root/root [usr/bin/suidperlfoo]
diff --git a/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test b/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test
new file mode 100644
index 0000000..faeef0b
--- /dev/null
+++ b/t/recipes/checks/files/permissions/legacy-scripts/eval/post-test
@@ -0,0 +1 @@
+s/\(current is ([0-9]+\.)+[0-9]\)/(current is CURRENT)/
diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install
new file mode 100644
index 0000000..1099c53
--- /dev/null
+++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/debian/install
@@ -0,0 +1 @@
+some-executable usr/lib
diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values
new file mode 100644
index 0000000..7ac9aea
--- /dev/null
+++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/fill-values
@@ -0,0 +1,3 @@
+Testname: executable-installed-here
+Skeleton: upload-native
+Description: Executable in /usr/lib
diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable
new file mode 100755
index 0000000..89865bc
--- /dev/null
+++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/build-spec/orig/some-executable
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo 'This would be a useful executable if it did anything, but it does not.'
diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc
new file mode 100644
index 0000000..bfab6bf
--- /dev/null
+++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/desc
@@ -0,0 +1,2 @@
+Testname: executable-installed-here
+Check: files/permissions/usr-lib
diff --git a/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints
new file mode 100644
index 0000000..45f6832
--- /dev/null
+++ b/t/recipes/checks/files/permissions/usr-lib/executable-installed-here/eval/hints
@@ -0,0 +1 @@
+executable-installed-here (binary): executable-in-usr-lib [usr/lib/some-executable]
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-04 12:59:51 +0000