diff options
| author |   Sam James <sam@gentoo.org> | 2022-04-28 04:06:40 +0100 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2022-04-30 20:13:18 +0100 |
| commit | fe2c69be92364e912384cd07c0b122b0e80168f0 (patch) | |
| tree | 235ebb95e2fb1d7074ceeda97722f30982bf1506 | |
| parent | dev-python/twisted: stable 22.4.0 for hppa, bug #837845 (diff) | |
| download | gentoo-fe2c69be92364e912384cd07c0b122b0e80168f0.tar.gz gentoo-fe2c69be92364e912384cd07c0b122b0e80168f0.tar.bz2 gentoo-fe2c69be92364e912384cd07c0b122b0e80168f0.zip | |
metadata/install-qa-check.d: add new QA check for udev rules
Very similar to tmpfiles.eclass check (60tmpfiles-paths).
Three checks:
1) Verify packages don't install udev rules to /etc/udev/rules.d, which
is a forbidden (user-configuration) location;
2) Check whether packages inherit udev.eclass if they're
installing files to /lib/udev/rules.d/..
(This helps to catch packages not calling udev_reload
in pkg_postinst).
3) Check for missing udev_process calls in pkg_postinst.
Bug: https://bugs.gentoo.org/433916
See: c7fe1066a8fcd35f965de4ea16c9cd1001830642
Signed-off-by: Sam James <sam@gentoo.org>
| -rw-r--r-- | metadata/install-qa-check.d/60udev-eclass | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/metadata/install-qa-check.d/60udev-eclass b/metadata/install-qa-check.d/60udev-eclass new file mode 100644 index 000000000000..cf8e08e9971e --- /dev/null +++ b/metadata/install-qa-check.d/60udev-eclass @@ -0,0 +1,63 @@ +# Copyright 2021-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# QA check: ensure that packages installing udev rules inherit the eclass +# Maintainer: Sam James <sam@gentoo.org> + +# Implements three checks: +# 1) Installation to /etc/udev/rules.d (which is a user-customization location); +# 2) Installation of any udev rules to /lib/udev/rules.d without inheriting the eclass +# (needed for udev_reload in pkg_postinst); +# 3) Check for installation of udev rules without calling udev_reload in +# pkg_postinst. +udev_rules_check() { + # Check 1 + # Scan image for files in /etc/udev/rules.d which is a forbidden location + # (We use this glob to avoid triggering on keepdir) + shopt -s nullglob + local files=( "${ED}"/etc/udev/rules.d/* ) + shopt -u nullglob + + if [[ ${#files[@]} -gt 0 ]]; then + eqawarn "QA Notice: files installed to /etc/udev/rules.d found" + eqawarn "udev rules files supplied by ebuilds must be installed to /lib/udev/rules.d/" + fi + + # Check 2 + # We're now going to check for whether we install files to /lib/udev/rules.d/ without + # inheriting the eclass (weak catch for ebuilds not calling udev_reload in pkg_postinst) + + if [[ -n ${UDEV_OPTIONAL} ]] ; then + # While imperfect, using ${UDEV_OPTIONAL} is good enough to allow opting out + # for e.g. sys-apps/portage, sys-apps/systemd, sys-libs/pam, etc. We may want + # a better/more standardised way to opt out from QA checks in future. + # It's okay for some packages to do this because of circular dependencies and such + # See: https://archives.gentoo.org/gentoo-dev/message/0a96793036a4fdd9ac311a46950d7e7b + return + fi + + if [[ -d "${ED}"/lib/udev/rules.d/ ]] ; then + if ! has udev ${INHERITED} ; then + eqawarn "QA Notice: package is installing udev ruleswithout inheriting udev.eclass!" + eqawarn "Packages must inherit udev.eclass then call udev_reload in pkg_postinst." + return + fi + + # Check 3 + # Check whether we're installing udev rules without explicitly + # calling udev_reload in pkg_postinst, but we have inherited + # the eclass. + # Small risk of false positives if called indirectly. + # See: https://archives.gentoo.org/gentoo-dev/message/7bdfdc9a7560fd07436defd0253af0b8 + local pkg_postinst_body="$(declare -fp pkg_postinst 2>&1)" + if [[ ! ${pkg_postinst_body} == *udev_reload* ]] ; then + eqawarn "QA Notice: package is installing udev rules without calling" + eqawarn "udev_reload in pkg_postinst phase" + fi + fi +} + +udev_rules_check +: # guarantee successful exit + +# vim:ft=sh |