commit: 348ad0a87056c4c6ee198874c89700211f3a10f5
Author: Arthur Zamarin <arthurzam <AT> gentoo <DOT> org>
AuthorDate: Thu Oct 5 20:38:21 2023 +0000
Commit: Arthur Zamarin <arthurzam <AT> gentoo <DOT> org>
CommitDate: Thu Oct 5 20:38:21 2023 +0000
URL:
https://gitweb.gentoo.org/proj/pkgcore/pkgcheck.git/commit/?id=348ad0a8
BannedEapiCommand: add some extra user/group commands
Add some commands which should never be called in ebuild to the banned
list.
Signed-off-by: Arthur Zamarin <arthurzam <AT> gentoo.org>
src/pkgcheck/checks/codingstyle.py | 17 +++++++++++++++++
.../BadCommandsCheck/BannedEapiCommand/expected.json | 2 ++
.../BadCommandsCheck/BannedEapiCommand/fix.patch | 15 +++++++++++++++
.../BannedEapiCommand/BannedEapiCommand-2.ebuild | 14 ++++++++++++++
4 files changed, 48 insertions(+)
diff --git a/src/pkgcheck/checks/codingstyle.py
b/src/pkgcheck/checks/codingstyle.py
index 20d668f8..0c33c650 100644
--- a/src/pkgcheck/checks/codingstyle.py
+++ b/src/pkgcheck/checks/codingstyle.py
@@ -75,6 +75,19 @@ class BadCommandsCheck(Check):
_source = sources.EbuildParseRepoSource
known_results = frozenset({DeprecatedEapiCommand, BannedEapiCommand,
BannedPhaseCall})
+ extra_banned_commands = frozenset(
+ {
+ # commands that modify user/group databases, not portable
+ "gpasswd",
+ "groupadd",
+ "groupdel",
+ "groupmod",
+ "useradd",
+ "userdel",
+ "usermod",
+ }
+ )
+
def feed(self, pkg):
for func_node, _ in bash.func_query.captures(pkg.tree.root_node):
for node, _ in bash.cmd_query.captures(func_node):
@@ -100,6 +113,10 @@ class BadCommandsCheck(Check):
yield BannedEapiCommand(
name, line=call, lineno=lineno + 1, eapi=pkg.eapi,
pkg=pkg
)
+ elif name in self.extra_banned_commands:
+ yield BannedEapiCommand(
+ name, line=call, lineno=lineno + 1, eapi=pkg.eapi,
pkg=pkg
+ )
class EendMissingArg(results.LineResult, results.Warning):
diff --git
a/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/expected.json
b/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/expected.json
index 921d5893..d441021b 100644
---
a/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/expected.json
+++
b/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/expected.json
@@ -1,3 +1,5 @@
{"__class__": "BannedEapiCommand", "category": "BadCommandsCheck", "package":
"BannedEapiCommand", "version": "0", "line": "dohtml doc/*", "lineno": 9,
"command": "dohtml", "eapi": "7"}
{"__class__": "BannedEapiCommand", "category": "BadCommandsCheck", "package":
"BannedEapiCommand", "version": "1", "line": "has_version --host-root
stub/stub1", "lineno": 9, "command": "has_version --host-root", "eapi": "7"}
{"__class__": "BannedEapiCommand", "category": "BadCommandsCheck", "package":
"BannedEapiCommand", "version": "1", "line": "best_version --host-root
stub/stub1:2", "lineno": 12, "command": "best_version --host-root", "eapi": "7"}
+{"__class__": "BannedEapiCommand", "category": "BadCommandsCheck", "package":
"BannedEapiCommand", "version": "2", "line": "usermod -s /bin/bash uucp",
"lineno": 9, "command": "usermod", "eapi": "6"}
+{"__class__": "BannedEapiCommand", "category": "BadCommandsCheck", "package":
"BannedEapiCommand", "version": "2", "line": "usermod -s /bin/false uucp",
"lineno": 13, "command": "usermod", "eapi": "6"}
diff --git
a/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/fix.patch
b/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/fix.patch
index d906bd2b..5ff1a880 100644
---
a/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/fix.patch
+++
b/testdata/data/repos/standalone/BadCommandsCheck/BannedEapiCommand/fix.patch
@@ -24,3 +24,18 @@ diff -Naur
standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-1.ebu
- H=$(best_version --host-root stub/stub1:2)
+ H=$(best_version -b stub/stub1:2)
}
+diff -Naur
standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
fixed/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
+--- standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
++++ fixed/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
+@@ -4,11 +4,3 @@ DESCRIPTION="Ebuild using banned commands"
+ HOMEPAGE="https://github.com/pkgcore/pkgcheck";
+ SLOT="0"
+ LICENSE="BSD"
+-
+-pkg_preinst() {
+- usermod -s /bin/bash uucp || die
+-}
+-
+-pkg_postrm() {
+- usermod -s /bin/false uucp || die
+-}
diff --git
a/testdata/repos/standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
b/testdata/repos/standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
new file mode 100644
index 00000000..1282287f
--- /dev/null
+++
b/testdata/repos/standalone/BadCommandsCheck/BannedEapiCommand/BannedEapiCommand-2.ebuild
@@ -0,0 +1,14 @@
+EAPI=6
+
+DESCRIPTION="Ebuild using banned commands"
+HOMEPAGE="https://github.com/pkgcore/pkgcheck";
+SLOT="0"
+LICENSE="BSD"
+
+pkg_preinst() {
+ usermod -s /bin/bash uucp || die
+}
+
+pkg_postrm() {
+ usermod -s /bin/false uucp || die
+}
