[crux-commits] r1812 - in tools/prt-utils/trunk: . lib lib/prtverify

Author: jue Date: 2006-09-04 21:02:00 +0200 (Mon, 04 Sep 2006) New Revision: 1812 Added: tools/prt-utils/trunk/lib/ tools/prt-utils/trunk/lib/prtverify/ tools/prt-utils/trunk/lib/prtverify/00_prtverify_lib.awk tools/prt-utils/trunk/lib/prtverify/05_file_check.awk tools/prt-utils/trunk/lib/prtverify/10_file_check_clean_repo.awk tools/prt-utils/trunk/lib/prtverify/20_evil_cmds.awk tools/prt-utils/trunk/lib/prtverify/20_maintainer_email.awk tools/prt-utils/trunk/lib/prtverify/20_missing_deps.awk tools/prt-utils/trunk/lib/prtverify/20_pkgfile_headers.awk tools/prt-utils/trunk/lib/prtverify/20_pkgfile_vars.awk tools/prt-utils/trunk/lib/prtverify/20_port_name_match.awk tools/prt-utils/trunk/lib/prtverify/20_release_number.awk tools/prt-utils/trunk/lib/prtverify/30_file_conflict.awk tools/prt-utils/trunk/lib/prtverify/30_file_permissions.awk tools/prt-utils/trunk/lib/prtverify/30_invalid_dirs.awk tools/prt-utils/trunk/lib/prtverify/30_junk_files.awk tools/prt-utils/trunk/lib/prtverify/30_suid_sgid.awk tools/prt-utils/trunk/lib/prtverify/30_system_users.awk tools/prt-utils/trunk/lib/prtverify/90_mk_footprint_db.awk tools/prt-utils/trunk/lib/prtverify/prtverify.wl tools/prt-utils/trunk/prtverify.1 tools/prt-utils/trunk/prtverify.in Modified: tools/prt-utils/trunk/Makefile Log: prt-utils: added prtverify Modified: tools/prt-utils/trunk/Makefile =================================================================== --- tools/prt-utils/trunk/Makefile 2006-09-04 18:11:43 UTC (rev 1811) +++ tools/prt-utils/trunk/Makefile 2006-09-04 19:02:00 UTC (rev 1812) @@ -3,11 +3,13 @@ TOOLS = prtcreate prtrej prtsweep prtcheck prtwash pkgexport pkgsize \ prtorphan prtcheckmissing oldfiles finddeps dllist \ - findredundantdeps pkg_installed revdep portspage pkgfoster + findredundantdeps pkg_installed revdep portspage pkgfoster \ + prtverify PREFIX = /usr MANDIR = $(PREFIX)/man BINDIR = $(PREFIX)/bin +LIBDIR = $(PREFIX)/lib CONFDIR = /etc all: @@ -44,12 +46,27 @@ fi; \ done -install: install-man install-bin # install-conf +install-lib: + for tool in $(TOOLS); do \ + if [ -d lib/$$tool ]; then \ + mkdir -p $(DESTDIR)$(LIBDIR)/$$tool; \ + cp lib/$$tool/* $(DESTDIR)$(LIBDIR)/$$tool; \ + chmod 644 $(DESTDIR)$(LIBDIR)/$$tool/*; \ + fi; \ + done -dist: +prtverify: + sed "s|@@LIBDIR@@|$(LIBDIR)|" prtverify.in $< > prtverify + +install: prtverify install-man install-bin install-lib # install-conf + +clean: + rm -f prtverify + +dist: clean @rm -rf ${NAME}-${VERSION} @mkdir .${NAME}-${VERSION} - @cp * .${NAME}-${VERSION} + @cp -r * .${NAME}-${VERSION} @mv .${NAME}-${VERSION} ${NAME}-${VERSION} @tar czf ${NAME}-${VERSION}.tar.gz ${NAME}-${VERSION} @rm -rf ${NAME}-${VERSION} Added: tools/prt-utils/trunk/lib/prtverify/00_prtverify_lib.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/00_prtverify_lib.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/00_prtverify_lib.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,70 @@ +# +# 00_prtverify_lib.awk +# +# Version 0.1.6 - 2006-08-30 +# J�rgen Daubert <jue at jue dot li> +# +# Utility functions for prtverify + + +function fullpath(dir, cmd) +{ + cmd = "cd " dir " && pwd" + cmd | getline dir + close(cmd) + return dir +} + +function collectionport(path) +{ + sub(/\/$/, "", path) + return substr(path, match(path, /[^/]+\/[^/]+$/)) +} + +function perror(level,message, d,i,l,m,p,w) +{ + l = 25 + w[INFO] = "INFO " + w[WARN] = "WARN " + w[ERROR] = "ERROR " + w[FATAL] = "FATAL " + + p = substr(COLLPORT, 1, l) + for (i=1; i<=l-length(p); i++) + d = d "." + m = sprintf("%s %s %s %s", w[level], p, d, message) + if (! (m in WLIST)) + print m +} + +function loglevel_ok(level) +{ + return and(LOG_LEVEL,level) +} + +function usr_error(message) +{ + print "===== ", message > "/dev/stderr" +} + + +BEGIN { + + if (! LOG_LEVEL) + LOG_LEVEL = 15 + + if (LOG_LEVEL <1 || LOG_LEVEL >15) { + LOG_LEVEL = 15 + usr_error("Invalid loglevel, using " LOG_LEVEL) + } + + INFO = 8 + WARN = 4 + ERROR = 2 + FATAL = 1 + + PKGFILE = ".*\\/Pkgfile" + FOOTPRINT = ".*\\/\\.footprint" + MD5SUM = ".*\\/\\.md5sum" +} + Added: tools/prt-utils/trunk/lib/prtverify/05_file_check.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/05_file_check.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/05_file_check.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,58 @@ +# +# 05_file_check.awk +# +# Version 0.1.8 - 2006-08-30 +# J�rgen Daubert <jue at jue dot li> +# +# Tests for the mandatory port files +# +# Sets some global variables +# - PORTDIR the full path of the port +# - PORT the name of the port +# - COLLPORT a shortcut for Collection/Port like core/gcc +# +# PORT_FILES and WHITE_LIST are set by prtverify + + + +function readwhitelist(file, line) +{ + if (system("test -f " file) != 0) + return + while ((getline line < file) > 0) + WLIST[line] +} + + +BEGIN { + + PORTDIR = ARGV[1] + if (system("test -d " PORTDIR) != 0) { + usr_error(PORTDIR " is not a directory, ignoring") + exit + } + + PORTDIR = fullpath(PORTDIR) + PORT = gensub(/^.*\//, "", 1, PORTDIR) + COLLPORT = collectionport(PORTDIR) + + delete ARGV + ARGC = 1 + + split(PORT_FILES, af) + + for (f in af) { + p = PORTDIR "/" af[f] + if (system("test -f " p) == 0) + ARGV[ARGC++] = p + else + if(loglevel_ok(FATAL)) + perror(FATAL, "file not found: " af[f]) + } + + if (ARGC == 1) + exit + + readwhitelist(WHITE_LIST) +} + Added: tools/prt-utils/trunk/lib/prtverify/10_file_check_clean_repo.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/10_file_check_clean_repo.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/10_file_check_clean_repo.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,32 @@ +# +# 10_file_check_clean_repo.awk +# +# Version 0.1.0 - 2006-08-07 +# Johannes Winkelmann, jw at smts dot ch +# +# Tests for invalid files in a clean repo + + +function list_files(dir,af, cmd,f) +{ + cmd = "ls -1A --color=none " dir + delete af + while (cmd | getline f) + af[f] + close(cmd) +} + + +BEGIN { + + if (loglevel_ok(FATAL)) { + + list_files(PORTDIR, af) + + for (f in af) { + if (f ~ "(.(tar.(bz2|gz)|tgz|zip|rar|svn)|CVS|REPO|index.hml)$") + perror(FATAL, "invalid file/directory: " f) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_evil_cmds.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_evil_cmds.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_evil_cmds.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,47 @@ +# +# 20_evil_cmds.awk +# +# Version 0.1.2 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> +# +# Two test to find malicious rm and cd commands like 'rm -rf /usr'. +# +# Because there are often cases where we need a rm inside the workdir, +# it's not posssible to expect always a $PKG in front of the rm parameter. +# Best would be to interpret the whole build function to see where we are +# in the filesystem. For now it should be sufficent to have a look at the +# cd command too, to find something like 'cd /usr && rm -rf .' +# +# The test for rm is a bit complicated, because we often have multiline +# commands with rm. + + +loglevel_ok(FATAL) && FILENAME ~ PKGFILE { + + if (match($0, /\<rm\>/)) { + + a = substr($0, RSTART) + + while ($0 ~ /\\$/) { + getline + a = a $0 + gsub(/\\/, "", a) + } + + split(a, ab) + + for (i in ab) { + if (ab[i] ~ /^\//) + perror(FATAL, "Use of rm outside the workdir, Pkgfile line " NR) + } + } + + + if ($0 ~ /\<cd\>/) { + for (c=1; c<=NF; c++) { + if ($c == "cd" && $(c+1) ~ /^\//) + perror(FATAL, "Use of cd to go outside the workdir, Pkgfile line " NR) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_maintainer_email.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_maintainer_email.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_maintainer_email.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,17 @@ +# +# 20_maintainer_email.awk +# +# Version 0.1.0 - 2006-09-02 +# J�rgen Daubert <jue at jue dot li> +# +# Checks the Maintainer header for invalid characters + + +loglevel_ok(WARN) && FILENAME ~ PKGFILE { + + if ( $0 ~ ("^# Maintainer:") ) { + if ( p = match($0, /[<>@]+/) ) + perror(WARN, "invalid email address: " substr($0, p)) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_missing_deps.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_missing_deps.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_missing_deps.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,31 @@ +# +# 20_missing_deps.awk +# +# Version 0.1 - 2006-08-26 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + if (DEP_PORTS) { + split(DEP_PORTS, ac) + for (i in ac) + DEP_MAP[ac[i]] + } +} + + +loglevel_ok(ERROR) && FILENAME ~ PKGFILE && DEP_PORTS { + + if ( $0 ~ ("^# Depends on:") ) { + + split($0, ac, /:[[:space:]]*/) + split(ac[2], ad, /[[:space:]]*,[[:space:]]*|[[:space:]]+/) + + for (d in ad) { + if (ad[d] !~ /^ *$/ && ! (ad[d] in DEP_MAP)) + perror(ERROR, "missing dependency: " ad[d]) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_pkgfile_headers.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_pkgfile_headers.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_pkgfile_headers.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,38 @@ +# +# 20_pkgfile_headers.awk +# +# Version 0.1.1 - 2006-08-24 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + pkgfile_headers["Description"] = 0 + pkgfile_headers["URL"] = 0 + pkgfile_headers["Maintainer"] = 0 +} + + +loglevel_ok(ERROR) && FILENAME ~ PKGFILE { + + for (h in pkgfile_headers) { + if ( $0 ~ ("^# " h ":") ) { + pkgfile_headers[h] = 1 + split($0, ac, ":") + if (! ac[2]) + perror(ERROR, "empty header found: " h) + } + } +} + + +END { + + if (loglevel_ok(ERROR)) { + for (h in pkgfile_headers) { + if (! pkgfile_headers[h]) + perror(ERROR, "header not found: " h) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_pkgfile_vars.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_pkgfile_vars.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_pkgfile_vars.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,35 @@ +# +# 20_pkgfile_vars.awk +# +# Version 0.1.2 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + pkgfile_vars["name"] = 0 + pkgfile_vars["version"] = 0 + pkgfile_vars["release"] = 0 + pkgfile_vars["source"] = 0 +} + + +loglevel_ok(ERROR) && FILENAME ~ PKGFILE { + + for (v in pkgfile_vars) { + if ( $1 ~ ("^" v "=") ) + pkgfile_vars[v] = 1 + } +} + + +END { + + if (loglevel_ok(ERROR)) { + for (v in pkgfile_vars) { + if (! pkgfile_vars[v]) + perror(ERROR, "variable not found: " v) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_port_name_match.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_port_name_match.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_port_name_match.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,16 @@ +# +# 20_port_name_match.awk +# +# Version 0.1.1 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> + + +loglevel_ok(ERROR) && FILENAME ~ PKGFILE { + + if ($1 ~ /^name=/) { + split($1, an, "=") + if (an[2] != PORT) + perror(ERROR, "variable name do not match the portname: " an[2]) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/20_release_number.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/20_release_number.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/20_release_number.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,18 @@ +# +# 20_release_number.awk +# +# Version 0.1.2 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> +# +# only integer numbers >= 1 are valid for the release variable + + +loglevel_ok(ERROR) && FILENAME ~ PKGFILE { + + if ($1 ~ /^release=/) { + split($1, an, "=") + if (an[2] !~ /^[1-9][0-9]*$/) + perror(ERROR, "variable release contains invalid characters: " an[2]) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/30_file_conflict.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_file_conflict.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_file_conflict.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,30 @@ +# +# 30_file_conflict.awk +# +# Version 0.1.0 - 2006-08-31 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + if (FOOTPRINTDB) { + while ((getline l < FOOTPRINTDB) > 0) { + split(l, am, "\t") + file_conflict[am[1]] = am[2] + } + close(file) + } +} + + +loglevel_ok(ERROR) && FILENAME ~ FOOTPRINT { + + if ($3 in file_conflict) { + split(file_conflict[$3], am, ":") + for (i in am) { + if (am[i] != COLLPORT) + perror(ERROR, "file conflict found: " am[i] " -> " $3) + } + } +} + Added: tools/prt-utils/trunk/lib/prtverify/30_file_permissions.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_file_permissions.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_file_permissions.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,16 @@ +# +# 30_file_permissions.awk +# +# Version 0.1.1 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> + + +loglevel_ok(FATAL) && FILENAME ~ FOOTPRINT { + + if ($1 ~ /^d.......w./) + perror(FATAL, "world writable directory found: " $3) + + if ($1 ~ /^-.......w./) + perror(FATAL, "world writable file found: " $3) +} + Added: tools/prt-utils/trunk/lib/prtverify/30_invalid_dirs.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_invalid_dirs.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_invalid_dirs.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,25 @@ +# +# 30_invalid_dirs.awk +# +# Version 0.1.2 - 2006-07-16 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + invalid_dirs[1] = "^usr/share/man/$" + invalid_dirs[2] = "^usr/local/$" + invalid_dirs[3] = "^usr/share/locale/$" + invalid_dirs[4] = "^usr/info/$" + invalid_dirs[5] = "^usr/libexec/$" +} + + +loglevel_ok(ERROR) && FILENAME ~ FOOTPRINT { + + for (d in invalid_dirs) { + if ($3 ~ invalid_dirs[d]) + perror(ERROR, "directory not allowed: " $3) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/30_junk_files.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_junk_files.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_junk_files.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,25 @@ +# +# 30_junk_files.awk +# +# Version 0.1.2 - 2006-07-14 +# J�rgen Daubert <jue at jue dot li> + + +BEGIN { + + # Perl junk files + junk_files[1] = ".*/perl./.*/(perllocal\\.pod|\\.packlist|[^/]+\\.bs)$" + + # GNU junk files + junk_files[2] = "AUTHORS|BUGS|COPYING|ChangeLog|INSTALL|NEWS|README|THANKS|TODO" +} + + +loglevel_ok(WARN) && FILENAME ~ FOOTPRINT { + + for (f in junk_files) { + if ($3 ~ junk_files[f]) + perror(WARN, "junk file found: " $3) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/30_suid_sgid.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_suid_sgid.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_suid_sgid.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,16 @@ +# +# 30_suid_sgid.awk +# +# Version 0.1 - 2006-07-24 +# J�rgen Daubert <jue at jue dot li> + + +loglevel_ok(INFO) && FILENAME ~ FOOTPRINT { + + if ($1 ~ /^...s....../) + perror(INFO, "suid file found: " $3) + + if ($1 ~ /^......s.../) + perror(INFO, "sgid file found: " $3) +} + Added: tools/prt-utils/trunk/lib/prtverify/30_system_users.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/30_system_users.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/30_system_users.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,29 @@ +# +# 30_system_users.awk +# +# Version 0.1.1 2006-07-14 +# J�rgen Daubert <jue at jue dot li> + + +loglevel_ok(ERROR+INFO) && FILENAME ~ FOOTPRINT { + + split($2, au, "/") + warned = 0 + + if (loglevel_ok(ERROR)) { + + if (au[1] ~ /[1-9][0-9]*/) { + perror(ERROR, "invalid user: " $2 " -> " $3) + warned = 1 + } + + if (au[2] ~ /[1-9][0-9]*/) + perror(ERROR, "invalid group: " $2 " -> " $3) + } + + if (! warned && loglevel_ok(INFO) && $3 ~ /^(lib|sbin|usr)\//) { + if (au[1] !~ /root/) + perror(INFO, "file not owned by root: " $2 " -> " $3) + } +} + Added: tools/prt-utils/trunk/lib/prtverify/90_mk_footprint_db.awk =================================================================== --- tools/prt-utils/trunk/lib/prtverify/90_mk_footprint_db.awk (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/90_mk_footprint_db.awk 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,57 @@ +# +# 90_mk_footprint_db.awk +# +# Version 0.1.0 - 2006-08-31 +# J�rgen Daubert <jue at jue dot li> +# +# Creates a temporary file with all footprints and +# the owners of those +# +# File format: +# <file-name> coll1/port1:coll2/port2:... +# +# Needed variables: +# - FOOTPRINTDB the name of the temporary file +# +# Requires: +# - 00_prtverify_lib.awk +# +# Usage example: +# gawk -v FOOTPRINTDB=<file> \ +# -f 00_prtverify_lib.awk \ +# -f 90_mk_footprint_db.awk \ +# /usr/ports/{core,opt,contrib}/*/.footprint + + +function beginfile(name) +{ + sub(/\/\.footprint/, "", name) + name = fullpath(name) + COLLPORT = collectionport(name) +} + + +BEGIN { + FS = "\t" +} + + +FNR == 1 { + beginfile(FILENAME) +} + +FILENAME ~ FOOTPRINT && $3 !~ /\/$/ { + sub(/ -> .*/, "", $3) + if (! ($3 in fc_map)) + fc_map[$3] = COLLPORT + else + fc_map[$3] = fc_map[$3] ":" COLLPORT +} + + +END { + + for (i in fc_map) + print i "\t" fc_map[i] > FOOTPRINTDB +} + Added: tools/prt-utils/trunk/lib/prtverify/prtverify.wl =================================================================== --- tools/prt-utils/trunk/lib/prtverify/prtverify.wl (rev 0) +++ tools/prt-utils/trunk/lib/prtverify/prtverify.wl 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,8 @@ +WARN core/autoconf ............ junk file found: usr/share/autoconf/INSTALL +WARN core/automake ............ junk file found: usr/share/automake-1.9/COPYING +WARN core/automake ............ junk file found: usr/share/automake-1.9/INSTALL +FATAL core/filesystem .......... world writable directory found: tmp/ +FATAL core/filesystem .......... world writable directory found: var/lock/ +FATAL core/filesystem .......... world writable directory found: var/spool/mail/ +FATAL core/filesystem .......... world writable directory found: var/tmp/ + Added: tools/prt-utils/trunk/prtverify.1 =================================================================== --- tools/prt-utils/trunk/prtverify.1 (rev 0) +++ tools/prt-utils/trunk/prtverify.1 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,72 @@ +.TH prtverify 1 "Sep 02 2006" "prtverify 0.4.0" "" +.SH NAME +prtverify \- utility to check CRUX ports for typical errors +.SH SYNOPSIS +\fBprtverify [options] <port> ...\fP +.SH DESCRIPTION +\fBprtverify\fP is a shell script which calls gawk with a bunch of +small modules, each of them containing one or more tests. + +Following tests are implemented yet: + +.TP +.B port + - missing files Pkgfile/.footprint/.md5sum + - invalid files/directories (-m clean-repo option) +.TP +.B Pkgfile + - existence of name/version/release/source variables + - existence of Description/Maintainer/URL headers + - empty Description/Maintainer/URL headers + - invalid email address in Maintainer header + - match of portname to name variable + - wrong release number + - cd/rm command outside the work directory + - missing dependencies (-m missing-deps option) +.TP +.B .footprint + - world writable files/directories + - junk files like perllocal.pod + - invalid directories like /usr/info + - invalid users + - files not owned by root + - SUID/SGID files + - file-conflicts with other ports (-m file-conflict option) +.SH OPTIONS +.TP +.B -l <loglevel> +All test are categorized into 4 levels, from FATAL to INFO, which +can be used to adjust the output of prtverify. +Set loglevel to 8 for INFO, 4 for WARN, 2 for ERROR and 1 for FATAL +errors. Sum them up to show combined loglevels, e.g. 12 for WARN +and INFO errors. Default is 15, which shows all error messages. +.TP +.B -m clean-repo +If this mode is set, an additional test for invalid files +like *.pkg.tar.gz or invalid directories like .svn is selected. +Only sensible for clean repositories, of course. +.TP +.B -m missing-deps -c <path_to_collection> [-c <path_to_collection> ...] +Adds a test for missing dependencies. The test takes the arguments set +by the 'Depends on'-header and looks for a complying directory in the +path specified by the -c option. Multiple -c options are allowed. +.TP +.B -m file-conflict -c <path_to_collection> [-c <path_to_collection> ...] +Adds a test for file-conflicts with other ports. The ports .footprint +entries are compared with a list of files from the ports specified +with the -c options. + +\fBNote:\fP the test is very time-consuming if you run it over a large +number of collections ! +.SH WHITELIST +To avoid messages for errors which are known and accepted \fBprtverify\fP +uses a whitelist to hide those. +The whitelist is located at \fI/usr/lib/prtverify/prtverify.wl\fP. +.SH FILES + \fI/usr/lib/prtverify/*.awk\fP + \fI/usr/lib/prtverify/prtverify.wl\fP +.SH CREDITS +I'd like to thanks Johannes Winkelmann for the initial idea for such a tool +and for many suggestions and contributions. +.SH AUTHOR +J�rgen Daubert <juergen.daubert@t-online.de> Added: tools/prt-utils/trunk/prtverify.in =================================================================== --- tools/prt-utils/trunk/prtverify.in (rev 0) +++ tools/prt-utils/trunk/prtverify.in 2006-09-04 19:02:00 UTC (rev 1812) @@ -0,0 +1,167 @@ +#!/bin/sh +# +# prtverify +# Version 0.4.0 - 2006-09-02 +# J�rgen Daubert <jue at jue dot li> + + +MODDIR=@@LIBDIR@@/prtverify +WHITELIST=$MODDIR/prtverify.wl +PORTFILES='Pkgfile .footprint .md5sum' +LOGLEVEL=15 +TESTS=$MODDIR/[023]*.awk + + +### Functions + +checkargs() { + if [ $1 -lt 1 ]; then + usage + fi +} + +perror() { + echo "===== Error: $1" > /dev/stderr + exit -1 +} + +usage() { + echo "Usage: ${0##*/} [options] port ... +options: + -l loglevel + -m clean-repo + -m missing-deps -c path_to_collection [-c path_to_collection ...] + -m file-conflict -c path_to_collection [-c path_to_collection ...] +See prtverify(1) for a detailed description of all options." + exit 0 +} + +checkcollections() { + local dir + if [ -z "$COLLECTIONS" ]; then + perror "Need one or more collection. Use -c option to set." + fi + + for dir in $COLLECTIONS; do + if [ ! -d $dir ]; then + perror "$dir is not a directory" + continue + fi + stat $dir/*/Pkgfile > /dev/null 2>&1 + if [ $? -ne 0 ]; then + perror "$dir is not a CRUX port-collection directory" + fi + done +} + +cleanup() { + rm -f $FPDB + exit 0 +} + +checkmode() { + case $1 in + clean-repo) + TESTS=$MODDIR/[0123]*.awk + ;; + file-conflict) + MODE_FC=1 + ;; + missing-deps) + MODE_MD=1 + ;; + *) usage + ;; + esac +} + +getoptions() { + local option + while getopts :l:m:c: option + do + case $option in + l) LOGLEVEL="$OPTARG" + ;; + m) checkmode "$OPTARG" + ;; + c) COLLECTIONS="$COLLECTIONS $OPTARG" + ;; + *) usage + ;; + esac + done + shift $(($OPTIND - 1)) + + PORTS=$@ +} + +findmodules() { + local mod + for mod in $TESTS; do + MODULES="$MODULES -f $mod" + done +} + +mkfootprintdb() { + local dir files + FPDB=$(mktemp -p ${TMPDIR:-/tmp} prtverify.XXXXXXXX) + + for dir in $COLLECTIONS; do + files="$files $dir/*/.footprint" + done + + gawk \ + -v FOOTPRINTDB="$FPDB" \ + -f $MODDIR/00_prtverify_lib.awk \ + -f $MODDIR/90_mk_footprint_db.awk \ + $files +} + +mkportslist() { + local dir + for dir in $COLLECTIONS; do + DEPPORTS="$DEPPORTS `ls -1 --color=none $dir`" + done +} + +runtests() { + local dir + checkargs $# + + for dir in $@; do + gawk \ + -v LOG_LEVEL=$LOGLEVEL \ + -v FOOTPRINTDB="$FPDB" \ + -v PORT_FILES="$PORTFILES" \ + -v WHITE_LIST="$WHITELIST" \ + -v DEP_PORTS="$DEPPORTS" \ + $MODULES $dir + done +} + +main() { + checkargs $# + getoptions $@ + + if [ $MODE_FC ] || [ $MODE_MD ]; then + checkcollections + if [ $MODE_FC ]; then + mkfootprintdb + fi + if [ $MODE_MD ]; then + mkportslist + fi + fi + + findmodules + runtests $PORTS + cleanup +} + +### Main + +trap "cleanup" SIGHUP SIGINT SIGQUIT SIGTERM + +main "$@" + +# End of file