[gentoo-portage-dev] [PATCH] install-qa-checks.d: Add a check for Gentoo path policies (FHS-y)

2018-09-03 Thread Michał Górny 
Add a check that verifies whether ebuilds don't install to paths
forbidden by the policy.  This mostly aims to verbosely report bugs
such as missing dependencies causing empty install paths, resulting
in files ending up in / and bad upstreams.  This should also help
detect the relatively common mistake of using /usr/share/doc/${P}
instead of ${PF}.

The initial list of allowed paths was based on what ebuilds installed
to my system.
---
 bin/install-qa-check.d/08gentoo-paths | 79 +++
 1 file changed, 79 insertions(+)
 create mode 100644 bin/install-qa-check.d/08gentoo-paths

diff --git a/bin/install-qa-check.d/08gentoo-paths 
b/bin/install-qa-check.d/08gentoo-paths
new file mode 100644
index 0..8abd9dc0b
--- /dev/null
+++ b/bin/install-qa-check.d/08gentoo-paths
@@ -0,0 +1,79 @@
+# Check whether ebuilds are not installing new, non-Gentoo-ey paths.
+
+gentoo_path_check() {
+   # allowed path definitions
+   # 
+
+   # directories common to / and /usr
+   local allowed_common_dirs=(
+   bin lib lib32 lib64 libx32 sbin
+   )
+
+   # toplevel directories which can be installed to by ebuilds
+   # /home is not included as no ebuilds should install files there
+   local allowed_paths_toplevel=(
+   "${allowed_common_dirs[@]}"
+   boot dev etc opt srv usr var
+   # TODO: do we need it? gconf installs empty dir there but that's
+   # all
+   root
+   )
+
+   # directories in /usr which can be installed to by ebuilds
+   local allowed_paths_usr=(
+   "${allowed_common_dirs[@]}"
+   include libexec share src
+   # toolchain stuff
+   "${CHOST}" "${CTARGET}"
+   )
+
+
+   # the logic
+   # -
+   local bad_paths=()
+   local x
+
+   local shopt_save=$(shopt -p nullglob)
+   shopt -s nullglob
+
+   # 1. check for unexpected top-level directories
+   local toplevel_dirs=( "${ED%/}"/* )
+   for x in "${toplevel_dirs[@]##*/}"; do
+   if ! has "${x}" "${allowed_paths_toplevel[@]}"; then
+   bad_paths+=( "/${x}" )
+   fi
+   done
+
+   # 2. check for unexpected /usr subdirectories
+   local usr_dirs=( "${ED%/}"/usr/* )
+   for x in "${usr_dirs[@]##*/}"; do
+   if ! has "${x}" "${allowed_paths_usr[@]}"; then
+   bad_paths+=( "/usr/${x}" )
+   fi
+   done
+
+   # 3. check for unexpected /usr/share/doc subdirectories
+   local doc_dirs=( "${ED%/}"/usr/share/doc/* )
+   for x in "${doc_dirs[@]##*/}"; do
+   if [[ ${x} != ${PF} ]]; then
+   bad_paths+=( "/usr/share/doc/${x}" )
+   fi
+   done
+
+   ${shopt_save}
+
+   # report
+   # --
+   if [[ -n ${bad_paths[@]} ]]; then
+   eqawarn "The ebuild is installing to one or more unexpected 
paths:"
+   eqawarn
+   eqatag -v non-gentoo-paths "${bad_paths[@]}"
+   eqawarn
+   eqawarn "Please fix the ebuild to use correct FHS/Gentoo policy 
paths."
+   fi
+}
+
+gentoo_path_check
+: # guarantee successful exit
+
+# vim:ft=sh
-- 
2.18.0

Re: [gentoo-portage-dev] [PATCH] install-qa-checks.d: Add a check for Gentoo path policies (FHS-y)

2018-09-04 Thread Ulrich Mueller 
> On Tue, 04 Sep 2018, Michał Górny wrote:

> + # toplevel directories which can be installed to by ebuilds
> + # /home is not included as no ebuilds should install files there
> + local allowed_paths_toplevel=(
> + "${allowed_common_dirs[@]}"
> + boot dev etc opt srv usr var
> + # TODO: do we need it? gconf installs empty dir there but that's
> + # all
> + root
> + )

Does any package actually install files in /srv? (GLEP 20 suggested
that, but it wasn't accepted.)

> + # directories in /usr which can be installed to by ebuilds
> + local allowed_paths_usr=(
> + "${allowed_common_dirs[@]}"
> + include libexec share src
> + # toolchain stuff
> + "${CHOST}" "${CTARGET}"
> + )

Maybe add a comment that you've deliberately omitted games?

Ulrich


signature.asc
Description: PGP signature

Re: [gentoo-portage-dev] [PATCH] install-qa-checks.d: Add a check for Gentoo path policies (FHS-y)

2018-09-04 Thread Michał Górny 
On Tue, 2018-09-04 at 13:24 +0200, Ulrich Mueller wrote:
> > > > > > On Tue, 04 Sep 2018, Michał Górny wrote:
> > +   # toplevel directories which can be installed to by ebuilds
> > +   # /home is not included as no ebuilds should install files there
> > +   local allowed_paths_toplevel=(
> > +   "${allowed_common_dirs[@]}"
> > +   boot dev etc opt srv usr var
> > +   # TODO: do we need it? gconf installs empty dir there but that's
> > +   # all
> > +   root
> > +   )
> 
> Does any package actually install files in /srv? (GLEP 20 suggested
> that, but it wasn't accepted.)

Not that I know of.  I added it just in case.

> 
> > +   # directories in /usr which can be installed to by ebuilds
> > +   local allowed_paths_usr=(
> > +   "${allowed_common_dirs[@]}"
> > +   include libexec share src
> > +   # toolchain stuff
> > +   "${CHOST}" "${CTARGET}"
> > +   )
> 
> Maybe add a comment that you've deliberately omitted games?
> 

It wasn't deliberate -- I've simply forgotten about that subtree.  But I
suppose it makes sense not to allow it now, so I'll do that.

-- 
Best regards,
Michał Górny


signature.asc
Description: This is a digitally signed message part