tags 602249 patch
thanks
I've attached a patch which checks for use of dpkg-maintscript-helper
in preinst scripts in the same manner as existing checks for tools
like gconf-schemas. I marked it as severity pedantic for Debian, but
with a profile change for Ubuntu to make it serious (as this can
impact Ubuntu 10.04 -> 12.04 upgrades)
The check is marked as certainty: possible because the check will
match uses of maintscript-helper which are safely guarded in a
"maintscript-helper supports" conditional, but because of the impact
to Ubuntu, it seems better to have a check with false positives than
none at all.
Thanks,
- Evan
From fc261862e08341adc824441da3056db94726127d Mon Sep 17 00:00:00 2001
From: Evan Broder <e...@ebroder.net>
Date: Fri, 2 Dec 2011 15:32:44 -0800
Subject: [PATCH] Added check for maintscript-helper in preinst without dpkg
Pre-Depends
dpkg in Squeeze is new enough that this is not strictly necessary,
making this pedantic in Debian. However, dpkg in Lucid does not have
dpkg-maintscript-helper, making this serious as it could break the
upgrade path.
Signed-off-by: Evan Broder <e...@ebroder.net>
---
checks/scripts | 6 ++++++
checks/scripts.desc | 8 ++++++++
profiles/ubuntu/main.profile | 3 ++-
3 files changed, 16 insertions(+), 1 deletions(-)
diff --git a/checks/scripts b/checks/scripts
index 46bc373..0918cb4 100644
--- a/checks/scripts
+++ b/checks/scripts
@@ -886,6 +886,12 @@ while (<SCRIPTS>) {
if (m,\bsuidregister\b,) {
tag 'suidregister-used-in-maintainer-script', $file;
}
+ if ($file eq 'preinst') {
+ if (m/^\s*dpkg-maintscript-helper(?:\s|\z)/ &&
+ !$info->relation('pre-depends')->implies('dpkg (>= 1.15.7.2)')) {
+ tag 'preinst-uses-dpkg-maintscript-helper-without-predepends', "$file:$.";
+ }
+ }
if ($file eq 'postrm') {
if (m,update\-alternatives \-\-remove,) {
tag 'update-alternatives-remove-called-in-postrm';
diff --git a/checks/scripts.desc b/checks/scripts.desc
index 113e30c..b33a19b 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -154,6 +154,14 @@ Info: The package contains a <tt>preinst</tt> maintainer script that uses
section 3.5).
Ref: policy 7.2
+Tag: preinst-uses-dpkg-maintscript-helper-without-predepends
+Severity: pedantic
+Certainty: possible
+Info: The package contains a <tt>preinst</tt> maintainer script that
+ uses <tt>dpkg-maintscript-helper</tt> but does not declare a
+ pre-dependency on a version of <tt>dpkg</tt> that provides that
+ script.
+
Tag: control-interpreter-without-depends
Severity: serious
Certainty: possible
diff --git a/profiles/ubuntu/main.profile b/profiles/ubuntu/main.profile
index 753fd36..fd84533 100644
--- a/profiles/ubuntu/main.profile
+++ b/profiles/ubuntu/main.profile
@@ -7,6 +7,7 @@ Disable-Tags: debian-changelog-file-is-a-symlink,
upstart-job-in-etc-init.d-not-registered-via-update-rc.d
# Serious as it may break Lucid upgrade path
-Tags: data.tar.xz-member-without-dpkg-pre-depends
+Tags: data.tar.xz-member-without-dpkg-pre-depends,
+ preinst-uses-dpkg-maintscript-helper-without-predepends
Severity: serious
--
1.7.5.4
