diff options
| author | Helmut Grohne <helmut@subdivi.de> | 2017-03-04 08:51:23 +0100 |
|---|---|---|
| committer | Helmut Grohne <helmut@subdivi.de> | 2017-03-04 08:51:23 +0100 |
| commit | 2bb71338d7885c0cc1d60196233e514353258623 (patch) | |
| tree | acb43b0bd1d10a972212ce2c5e558c2629b5acef | |
| parent | fd88a08733bbf6c380ed5dfd6d07aa1bbb670dc5 (diff) | |
| download | debian-dedup-2bb71338d7885c0cc1d60196233e514353258623.tar.gz | |
multiarchanalyze: detect some form wrong M-A:foreign
When an arch:any package ships a .so file in a public library search
path (e.g. a symlink as many lib*-dev packages do) it most likely
shouldn't be M-A:foreign. A common exception is plugins loaded into
programs, so exclude that case.
Many thanks to Johannes Schauer and Guillem Jover for helping discover
this pattern of Multi-Arch: foreign abuse.
| -rwxr-xr-x | multiarchanalyze.py | 13 | ||||
| -rw-r--r-- | multiarchanalyze.sql | 20 |
2 files changed, 33 insertions, 0 deletions
diff --git a/multiarchanalyze.py b/multiarchanalyze.py index 201ffc3..f00c66a 100755 --- a/multiarchanalyze.py +++ b/multiarchanalyze.py @@ -2,6 +2,7 @@ import argparse import os.path +import re import sqlite3 import sys @@ -77,6 +78,9 @@ def show_files(filenames): return "%d files starting with %s" % (len(filenames), prefix) return "%d files" % len(filenames) +def sqlite_regexp(pattern, value): + return re.match(pattern, value) is not None + def main(): parser = argparse.ArgumentParser() parser.add_argument("-d", "--database", action="store", @@ -85,6 +89,7 @@ def main(): args = parser.parse_args() hints = [] db = sqlite3.connect(args.database) + db.create_function("REGEXP", 2, sqlite_regexp) cur = db.cursor() cur.execute("SELECT name1, architecture1, architecture2, filename FROM masame_conflict;") same_conflicts = {} @@ -146,6 +151,14 @@ def main(): link="https://wiki.debian.org/MultiArch/Hints#dep-any", severity="normal")) + cur.execute("SELECT name FROM maforeign_library ORDER BY name;") + for name, in fetchiter(cur): + hints.append(dict( + binary=name, + description="%s is wrongly marked Multi-Arch: foreign" % name, + link="https://wiki.debian.org/MultiArch/Hints#ma-foreign-library", + severity="high")) + for hint in hints: if "source" not in hint: cur.execute("SELECT distinct(source) FROM package WHERE name = ?;", diff --git a/multiarchanalyze.sql b/multiarchanalyze.sql index 95ebd7d..b98092f 100644 --- a/multiarchanalyze.sql +++ b/multiarchanalyze.sql @@ -196,4 +196,24 @@ CREATE VIEW colonany_candidate AS HAVING count(dependee) = 1 AND min(CASE multiarch WHEN 'allowed' THEN 1 ELSE 0 END) = 1; +/* Packages that are wrongly marked Multi-Arch:foreign, because they + * * are architecture dependent + * * ship a shared library in a public path + * * and the library is not a plugin for a contained program + */ +DROP VIEW IF EXISTS maforeign_library; +CREATE VIEW maforeign_library AS + SELECT DISTINCT p.name + FROM package AS p + WHERE architecture != 'all' + AND multiarch = 'foreign' + AND EXISTS ( + SELECT 1 FROM content + WHERE pid = p.id + AND filename REGEXP '^\./(usr/)?lib/([a-z0-9_]*-linux-gnu[a-z0-9_*]*/)?lib.*\.so$') + AND NOT EXISTS ( + SELECT 1 FROM content + WHERE pid = p.id + AND filename REGEXP '^\./(usr/)?s?bin/.*'); + COMMIT; |