On Fri, Jan 18, 2008 at 04:13:43PM +0100, Frank Lichtenheld wrote:
> On Fri, Jan 18, 2008 at 04:25:40PM +0200, Niko Tyni wrote:
> > +# 7th step: check libc dependency indicating broken ${shlibs:Depends} usage
> > +if ($pkg !~ /^libc\d+(-|$)/ && keys %NEEDED) {
>
> That probably should be /^libc[\d.]+(-|$)/ for the sake of libc6.1,
> libc0.3, and libc0.1
Sure.
> > + my ($libc_filename, $libc_package);
> > + for (keys %NEEDED) {
> > + if (/^libc\.so\.(\d+.*)/) {
> > + $libc_package = "libc$1 | libc${1}-i386";
>
> Hmm, that seems to be very amd64 specific. What about all the
> other libc variants?
Hm, never noticed them until now. Sorry, I could have looked into that
part better.
This complicates things, at least when parsing the dependencies and
using Dep::implies(). I think just a regexp match on the word boundary
would do. Next iteration round attached, still only tested on amd64.
Another change: I can't see any guarantees that dpkg-gencontrol will
unwrap the Depends and Pre-Depends fields, although it currently
does. This version should not break if there are multiple lines in
fields/{,pre-}depends.
Cheers,
--
Niko Tyni [EMAIL PROTECTED]
diff --git a/checks/shared-libs b/checks/shared-libs
index ed1cf77..7a20d2c 100644
--- a/checks/shared-libs
+++ b/checks/shared-libs
@@ -74,6 +74,7 @@ my %SONAME;
my %INTERP;
my %STACK;
my %TEXTREL;
+my %NEEDED;
my %objsomething;
my %sharedobject;
my %index_info;
@@ -106,6 +107,10 @@ while (<IN>) {
$INTERP{$file} = 1;
} elsif (m/^\s*STACK\s/) {
$STACK{$file} = 0;
+ } elsif (m/^\s*NEEDED\s+(\S+)/o) {
+ $NEEDED{$1}{files} ||= [];
+ push @{$NEEDED{$1}{files}}, $file;
+ $NEEDED{$1}{count}++;
} else {
if (defined $STACK{$file} and $STACK{$file} eq 0) {
m/\sflags\s+(\S+)/o;
@@ -440,6 +445,51 @@ if (-f $preinst) {
}
}
+# 7th step: check libc dependency indicating broken ${shlibs:Depends} usage
+if ($pkg !~ /^libc[\d.]+(-|$)/ && keys %NEEDED) {
+ my $depends = "";
+ if (open (DEPENDS, '<', 'fields/depends')) {
+ while (<DEPENDS>) {
+ s/\n/ /;
+ $depends .= $_;
+ }
+ close DEPENDS;
+ }
+ my $predepends = "";
+ if (open (PREDEPENDS, '<', 'fields/pre-depends')) {
+ while (<PREDEPENDS>) {
+ s/\n/ /;
+ $predepends .= $_;
+ }
+ close PREDEPENDS;
+ }
+
+ my ($libc_filename, $libc_package);
+ for (keys %NEEDED) {
+ if (/^libc\.so\.(\d+.*)/) {
+ $libc_package = "libc$1";
+ $libc_filename = $_;
+ last;
+ }
+ }
+
+ if (defined $libc_filename) {
+ my $elffile = $NEEDED{$libc_filename}{files}[0];
+ # match for libcXX or libcXX-*, but not eg. libc3p0
+ my $re = qr/(?:^|,)\s*\Q$libc_package\E\b/o;
+ if ($depends !~ /$re/ && $predepends !~ /$re/) {
+ my $count = $NEEDED{$libc_filename}{count};
+ $count--;
+ my $others = '';
+ if ($count > 0) {
+ $others = " and $count others";
+ }
+ tag "missing-dep-on-libc", "needed by $file$others";
+ }
+ }
+}
+
+
my $we_call_postinst=0;
if (-f $postinst) {
local $_ = slurp_entire_file($postinst);
diff --git a/checks/shared-libs.desc b/checks/shared-libs.desc
index dfc4951..776a7e3 100644
--- a/checks/shared-libs.desc
+++ b/checks/shared-libs.desc
@@ -230,3 +230,16 @@ Info: Debian revisions should be stripped from versions in symbols files.
be stripped because the symbol really appearead between two specific
Debian revisions, you should postfix the version with a single "~"
(example: 1.0-3~ if the symbol appeared in 1.0-3).
+
+Tag: missing-dep-on-libc
+Type: error
+Ref: policy 8.6
+Info: All shared libraries and compiled binaries must be run through
+ dpkg-shlibdeps to find out any libraries they are linked against, usually
+ with the dh_shlibdeps debhelper command. The package containing these
+ files must use ${shlibs:Depends} to depend on the corresponding set
+ of packages.
+ .
+ The listed file is linked against the system C library, but the
+ package doesn't depend on the C library package. This indicates that
+ the ${shlibs:Depends} mechanism is not used correctly.
