pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mk Added a new post-installation check to see whether ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/1ee38c31f9c3
branches: trunk
changeset: 519979:1ee38c31f9c3
user: rillig <rillig%pkgsrc.org@localhost>
date: Fri Oct 13 06:32:15 2006 +0000
description:
Added a new post-installation check to see whether the files have their
permissions properly set. See mk/check/check-perms.mk and
sysutils/checkperms for details.
diffstat:
mk/check/bsd.check.mk | 3 +-
mk/check/check-perms.mk | 67 +++++++++++++++++++++++++++++++++++++++++++++++++
mk/install/install.mk | 5 ++-
3 files changed, 73 insertions(+), 2 deletions(-)
diffs (107 lines):
diff -r 2597852cdb7f -r 1ee38c31f9c3 mk/check/bsd.check.mk
--- a/mk/check/bsd.check.mk Fri Oct 13 06:22:54 2006 +0000
+++ b/mk/check/bsd.check.mk Fri Oct 13 06:32:15 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.check.mk,v 1.2 2006/06/07 17:04:01 jlam Exp $
+# $NetBSD: bsd.check.mk,v 1.3 2006/10/13 06:32:15 rillig Exp $
#
# This Makefile fragment is included by bsd.pkg.mk and provides all
# variables and targets related to build and install checks.
@@ -11,6 +11,7 @@
.include "${PKGSRCDIR}/mk/check/check-files.mk"
.include "${PKGSRCDIR}/mk/check/check-interpreter.mk"
+.include "${PKGSRCDIR}/mk/check/check-perms.mk"
.include "${PKGSRCDIR}/mk/check/check-shlibs.mk"
.include "${PKGSRCDIR}/mk/check/check-vulnerable.mk"
.include "${PKGSRCDIR}/mk/check/check-wrkref.mk"
diff -r 2597852cdb7f -r 1ee38c31f9c3 mk/check/check-perms.mk
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mk/check/check-perms.mk Fri Oct 13 06:32:15 2006 +0000
@@ -0,0 +1,67 @@
+# $NetBSD: check-perms.mk,v 1.1 2006/10/13 06:32:15 rillig Exp $
+#
+# This file checks that after installation of a package, all files and
+# directories of that package have sensible permissions set.
+#
+# The following variables may be set by a package:
+#
+# The following variables may be set by the pkgsrc user in mk.conf:
+#
+# CHECK_PERMS: YesNo (default: yes for PKG_DEVELOPER, no otherwise)
+# Specifies whether the permissions check should be run at all.
+#
+# CHECK_PERMS_SKIP: List of PathMask (default: empty)
+# A list of patterns (like man/*) that should be excluded from the
+# check. Note that a * in a pattern also matches a slash in a
+# pathname.
+#
+
+.if defined(PKG_DEVELOPER)
+CHECK_PERMS?= yes
+.else
+CHECK_PERMS?= no
+.endif
+
+#.if !empty(CHECK_PERMS:M[Yy][Ee][Ss])
+#_POST_INSTALL_CHECKS+= check-perms
+#.endif
+
+_CHECK_PERMS_CMD= ${LOCALBASE}/bin/checkperms
+_CHECK_PERMS_GETDIRS_AWK= \
+ /.*/ { \
+ print $$0; \
+ dir = $$0; \
+ while (sub("/[^/]*$$", "", dir) && dir != "") { \
+ if (!(dir in dirs)) { \
+ dirs[dir] = "done"; \
+ print dir; \
+ } \
+ } \
+ }
+
+CHECK_PERMS_SKIP?= # none
+_CHECK_PERMS_SKIP_FILTER= case "$$file" in
+_CHECK_PERMS_SKIP_FILTER+= ${CHECK_PERMS_SKIP:@.pattern.@${PREFIX}/${.pattern.}|${.pattern.}) continue ;;@}
+_CHECK_PERMS_SKIP_FILTER+= *) ;;
+_CHECK_PERMS_SKIP_FILTER+= esac
+
+.PHONY: check-perms
+.if exists(${_CHECK_PERMS_CMD})
+check-perms:
+ @${STEP_MSG} "Checking file permissions in ${PKGNAME}"
+ ${_PKG_SILENT}${_PKG_DEBUG} \
+ set -e; \
+ ${PKG_FILELIST_CMD} \
+ | sort \
+ | sed -e 's,\\,\\\\,g' \
+ | while read file; do \
+ ${_CHECK_PERMS_SKIP_FILTER}; \
+ printf "%s\\n" "$$file"; \
+ done \
+ | awk ${_CHECK_PERMS_GETDIRS_AWK:Q} \
+ | ${_CHECK_PERMS_CMD}
+.else
+check-perms:
+ @${WARNING_MSG} "[check-perms.mk] Skipping file permissions check."
+ @${WARNING_MSG} "[check-perms.mk] Install sysutils/checkperms to enable this check."
+.endif
diff -r 2597852cdb7f -r 1ee38c31f9c3 mk/install/install.mk
--- a/mk/install/install.mk Fri Oct 13 06:22:54 2006 +0000
+++ b/mk/install/install.mk Fri Oct 13 06:32:15 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: install.mk,v 1.22 2006/10/09 12:25:44 joerg Exp $
+# $NetBSD: install.mk,v 1.23 2006/10/13 06:32:15 rillig Exp $
######################################################################
### install (PUBLIC)
@@ -169,6 +169,9 @@
.if empty(CHECK_INTERPRETER:M[nN][oO])
privileged-install-hook: check-interpreter
.endif
+.if empty(CHECK_PERMS:M[nN][oO])
+privileged-install-hook: check-perms
+.endif
.PHONY: install-all su-install-all
. if !empty(_MAKE_INSTALL_AS_ROOT:M[Yy][Ee][Ss])
Home |
Main Index |
Thread Index |
Old Index