[arch-projects] [PATCH] [namcap] Treat all non-tar files as PKGBUILD files, regardless of filename

Luke Shumaker lukeshu at lukeshu.com
Thu Jan 25 21:41:35 UTC 2018


On Thu, 25 Jan 2018 13:50:19 -0500,
Dave Reisner wrote:
> On Thu, Jan 25, 2018 at 01:31:45PM -0500, Luke Shumaker wrote:
> > From: Luke Shumaker <lukeshu at parabola.nu>
> > 
> > https://bugs.archlinux.org/task/57193
> > 
> > If the user mistakenly passes in some other (non-package, non-PKGBUILD)
> > file, instead of refusing to process it (saying
> > "Error: Cannot process ${filename}"), it will now try to parse it as a
> > PKGBUILD, probably encounter and print at least one error, but finally say
> > "Error: ${filename} is not a valid PKGBUILD".  This is actually probably
> > *more* helpful to a confused user who passed in the wrong file.
> > ---
> >  namcap.py | 4 +---
> >  1 file changed, 1 insertion(+), 3 deletions(-)
> > 
> > diff --git a/namcap.py b/namcap.py
> > index b62a2fa..fd62d3c 100755
> > --- a/namcap.py
> > +++ b/namcap.py
> > @@ -248,9 +248,7 @@ for package in packages:
> >  
> >  	if os.path.isfile(package) and tarfile.is_tarfile(package):
> >  		process_realpackage(package, active_modules)
> > -	elif package.endswith('PKGBUILD'):
> > +	else:
> 
> Install files? Other assets? Doesn't this mean we assume they're
> PKGBUILDs?

Yes, it does.  It's already the case that running namcap on those
install files and other assets is an error.

Though, this will make those errors much more... verbose.

For example, running `namcap *` in pacman's package directory
currently looks like:

	$ namcap *
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	Error: Cannot process makepkg.conf
	Error: Cannot process pacman.conf.i686
	Error: Cannot process pacman.conf.x86_64

But this patch changes that to:

	$ namcap *
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to i686 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	PKGBUILD (pacman) W: Reference to x86_64 should be changed to $CARCH
	Error: error: invalid package file
	
	Error: makepkg.conf is not a valid PKGBUILD
	Error: error: invalid package file
	
	Error: pacman.conf.i686: line 9: [options]: command not found
	pacman.conf.i686: line 18: HoldPkg: command not found
	pacman.conf.i686: line 23: Architecture: command not found
	pacman.conf.i686: line 36: CheckSpace: command not found
	pacman.conf.i686: line 41: SigLevel: command not found
	pacman.conf.i686: line 42: LocalFileSigLevel: command not found
	pacman.conf.i686: line 75: [core]: command not found
	pacman.conf.i686: line 76: Include: command not found
	pacman.conf.i686: line 78: [extra]: command not found
	pacman.conf.i686: line 79: Include: command not found
	pacman.conf.i686: line 84: [community]: command not found
	pacman.conf.i686: line 85: Include: command not found
	
	Error: pacman.conf.i686 is not a valid PKGBUILD
	Error: error: invalid package file
	
	Error: pacman.conf.x86_64: line 9: [options]: command not found
	pacman.conf.x86_64: line 18: HoldPkg: command not found
	pacman.conf.x86_64: line 23: Architecture: command not found
	pacman.conf.x86_64: line 36: CheckSpace: command not found
	pacman.conf.x86_64: line 41: SigLevel: command not found
	pacman.conf.x86_64: line 42: LocalFileSigLevel: command not found
	pacman.conf.x86_64: line 75: [core]: command not found
	pacman.conf.x86_64: line 76: Include: command not found
	pacman.conf.x86_64: line 78: [extra]: command not found
	pacman.conf.x86_64: line 79: Include: command not found
	pacman.conf.x86_64: line 84: [community]: command not found
	pacman.conf.x86_64: line 85: Include: command not found
	
	Error: pacman.conf.x86_64 is not a valid PKGBUILD

There is a possible safety concern.  namcap will call `parsepkgbuild`
on the file, which does evaluate the file as a bash script; it is
conceivable that it this could accidentally do something bad,
depending on what the file is.  However, I don't believe this to be a
legitimate concern because of the rbash restricted environment that it
is executed in.

-- 
Happy hacking,
~ Luke Shumaker


More information about the arch-projects mailing list