summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rwxr-xr-xsrc/aur21
-rw-r--r--src/chroot-tools/hooks-check.sh25
-rwxr-xr-xsrc/fullpkg/fullpkg-build7
-rwxr-xr-xsrc/fullpkg/fullpkg-find7
-rwxr-xr-xsrc/pkgbuild-check-licenses126
-rwxr-xr-xsrc/pkgbuild-check-nonfree301
-rwxr-xr-xsrc/pkgbuild-summarize-nonfree88
7 files changed, 338 insertions, 237 deletions
diff --git a/src/aur b/src/aur
index 2c1fe6d..6fce891 100755
--- a/src/aur
+++ b/src/aur
@@ -107,26 +107,7 @@ main() {
################################################################
pkgbuild-check-nonfree -c
- case $? in
- 0) :;;
- 15) warning "This PKGBUILD links to known unfree packages";;
- *) warning "pkgbuild-check-nonfree failed to run";;
- esac
-
- ################################################################
-
- local s=0
- pkgbuild-check-licenses || s=$?
- for i in 1 2 4; do
- if [[ $i -eq $(($s & $i)) ]]; then
- case $i in
- 1) warning "pkgbuild-check-licenses encountered an error";;
- 2) warning "This PKGBUILD has an uncommon license";;
- 4) warning "This PKGBUILD has a known nonfree license";;
- esac
- fi
- done
- unset s
+ pkgbuild-summarize-nonfree $?
################################################################
diff --git a/src/chroot-tools/hooks-check.sh b/src/chroot-tools/hooks-check.sh
index e8120b8..2702f95 100644
--- a/src/chroot-tools/hooks-check.sh
+++ b/src/chroot-tools/hooks-check.sh
@@ -1,30 +1,11 @@
#!/usr/bin/env bash
set -euE
-hook_check_pkgbuild+=("check_pkgbuild_dependencies")
-check_pkgbuild_dependencies() {
+hook_check_pkgbuild+=("check_pkgbuild_nonfree")
+check_pkgbuild_nonfree() {
local s=0
sudo -EH -u "$LIBREUSER" pkgbuild-check-nonfree -f || s=$?
- case $s in
- 0) :;;
- 15) error "This PKGBUILD links to known unfree packages"; return 1;;
- *) warning "pkgbuild-check-nonfree failed to run";;
- esac
-}
-
-hook_check_pkgbuild+=("check_pkgbuild_license")
-check_pkgbuild_license() {
- local s=0
- sudo -EH -u "$LIBREUSER" pkgbuild-check-licenses -f || s=$?
- for i in 1 2 4; do
- if [[ $i -eq $(($s & $i)) ]]; then
- case $i in
- 1) warning "pkgbuild-check-licenses encountered an error";;
- 2) warning "This PKGBUILD has an uncommon license";;
- 4) error "This PKGBUILD has a known nonfree license"; ret=1;;
- esac
- fi
- done
+ pkgbuild-summarize-nonfree $s
}
#hook_check_pkgbuild+=("check_pkgbuild_namcap")
diff --git a/src/fullpkg/fullpkg-build b/src/fullpkg/fullpkg-build
index e922877..8149453 100755
--- a/src/fullpkg/fullpkg-build
+++ b/src/fullpkg/fullpkg-build
@@ -29,11 +29,8 @@ list_pkgs() {
check_nonfree() {
find "$build_dir" -name PKGBUILD \
-exec pkgbuild-check-nonfree {} +
- if [ "$?" -eq 15 ]; then
- error "Some PKGBUILD have nonfree problems"
- exit 15
- fi
-
+ local s=$?
+ pkgbuild-summarize-nonfree -q $s || return $s
}
# Removes a package from the buildorder
diff --git a/src/fullpkg/fullpkg-find b/src/fullpkg/fullpkg-find
index 007c53c..566605a 100755
--- a/src/fullpkg/fullpkg-find
+++ b/src/fullpkg/fullpkg-find
@@ -93,13 +93,6 @@ find_deps() {
local repo="${repo:-$(guess_repo)}"
local pkgbase="${pkgbase:-${pkgname[0]}}"
- if ! pkgbuild-check-nonfree > /dev/null 2> /dev/null; then
- if [ "$?" -eq 15 ]; then
- error "%s has nonfree issues" "$pkgbase"
- return 15
- fi
- fi
-
# Checking any package built, since otherwise e.g. kdebase would
# be always considered outdated: there is no package built named kdebase.
# TODO: maybe check for the package requested in case of recursive calls,
diff --git a/src/pkgbuild-check-licenses b/src/pkgbuild-check-licenses
deleted file mode 100755
index 85ca2c3..0000000
--- a/src/pkgbuild-check-licenses
+++ /dev/null
@@ -1,126 +0,0 @@
-#!/usr/bin/env bash
-# pkgbuild-check-licenses
-
-# Copyright 2010 Haase Hernández
-# Copyright 2010 Joseph Graham
-# Copyright 2010 Joshua Ismael
-# Copyright 2010 Nicolás Reynolds
-# Copyright 2012-2013 Luke Shumaker
-#
-# This file is part of Parabola.
-#
-# Parabola is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# Parabola is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with Parabola. If not, see <http://www.gnu.org/licenses/>.
-
-. libremessages
-. $(librelib conf)
-
-# Usage: check_deps $pkgbuild
-# Check whether a PKGBUILD package depends on non-free packages
-check_licenses() (
- # Note that we use () instead of {} for this function; so that variables
- # from the PKBUILD don't bubble up
- local pkgbuild=$1
- load_PKGBUILD "$pkgbuild"
- if [[ -z $pkgname ]]; then
- return $_E_ERROR # not a PKGBUILD
- fi
- if [[ -z "${license[*]}" ]]; then
- error "license array of %s %s is not set" "${pkgbase:-${pkgname[0]}}" "$(get_full_version)"
- return $_E_ERROR
- fi
-
- msg2 "Looking at license array of %s %s" "${pkgbase:-${pkgname[0]}}" "$(get_full_version)"
-
- local ret=$_E_OK
- for _license in "${license[@]}"; do
- if [[ ! -e "/usr/share/licenses/common/$_license" ]]; then
- local s=$_E_OK
- case "${_license#custom:}" in
- WTFPL)
- # accept as common, I think it should be in the licenses package
- :;;
- BSD1|BSD2|BSD3|MIT|X11)
- # accept these as common; they can't be included in the
- # 'licenses' package because some text must be customized
- :;;
- BSD4)
- warning "The 4-clause BSD license is free but has practical problems.";;
- BSD)
- warning "License 'BSD' is ambiguous, use 'BSD{1..4}' to specify the number of clauses."
- s=$_E_UNCOMMON
- ;;
- JSON)
- error "License '%s' is a known non-free license." "$_license"
- s=$_E_NONFREE
- ;;
- *)
- warning "License '%s' is not a common license." "$_license"
- s=$_E_UNCOMMON
- ;;
- esac
- ret=$(($ret|$s))
- fi
- done
- return $ret
-)
-
-usage() {
- print "Usage: %s [OPTIONS] [PKGBUILD1 PKGBUILD2 ...]" "${0##*/}"
- echo
- prose 'If no PKGBUILD is specified, `./PKGBUILD` is implied.'
- echo
- print "Exit status (add them for combinations):"
- print " 0: Everything OK, no freedom issues"
- print " 1: Ran with error"
- print " 2: Uses uncommon licenses, check them"
- print " 4: Uses known unacceptable licenses"
- echo
- print "Options:"
- flag '-f' 'Allow running as root user'
- flag '-h' 'Show this message'
-}
-_E_OK=0
-_E_ERROR=1
-_E_UNCOMMON=2
-_E_NONFREE=4
-
-main() {
- local asroot=false
- while getopts 'fh' arg; do
- case "$arg" in
- f) asroot=true;;
- h) usage; return $_E_OK;;
- *) usage; return $_E_ERROR;;
- esac
- done
- shift $(($OPTIND - 1))
- if [[ $# -lt 1 ]]; then
- pkgbuilds=("`pwd`/PKGBUILD")
- else
- pkgbuilds=("$@")
- fi
-
- if [[ -w / ]] && ! $asroot; then
- error "Run as normal user, or use the -f option to run as root."
- return 1
- fi
-
- local ret=0
- for pkgbuild in "${pkgbuilds[@]}"; do
- check_licenses "$pkgbuild" || ret=$(($ret|$?))
- done
- return $ret
-}
-
-main "$@"
diff --git a/src/pkgbuild-check-nonfree b/src/pkgbuild-check-nonfree
index 1cc0d9b..18fac91 100755
--- a/src/pkgbuild-check-nonfree
+++ b/src/pkgbuild-check-nonfree
@@ -1,9 +1,11 @@
#!/usr/bin/env bash
+# -*- tab-width: 4 ; sh-basic-offset: 4 -*-
# pkgbuild-check-nonfree
# Copyright 2010 Haase Hernández
# Copyright 2010 Joseph Graham
# Copyright 2010 Joshua Ismael
+# Copyright 2010 Nicolás Reynolds
# Copyright 2012-2013 Luke Shumaker
#
# This file is part of Parabola.
@@ -21,80 +23,61 @@
# You should have received a copy of the GNU General Public License
# along with Parabola. If not, see <http://www.gnu.org/licenses/>.
-. libremessages
-. libreblacklist
-. $(librelib conf)
-
-# Usage: check_deps $pkgbuild
-# Check whether a PKGBUILD package depends on non-free packages
-check_deps() (
- # Note that we use () instead of {} for this function; so that variables
- # from the PKBUILD don't bubble up
- local pkgbuild=$1
- load_PKGBUILD "$pkgbuild"
- if [[ -z "$pkgname" ]]; then
- exit 1 # not a PKGBUILD
- fi
+# I appologize that this program got *huge*.
+# It's not complicated, just long.
- msg2 'Looking for unfree dependencies of %s %s' "${pkgbase:-${pkgname[0]}}" "$(get_full_version)"
-
- local pkgs=(
- # packages being built
- "${pkgname[@]}"
- # depends
- "${depends[@]}" "${makedepends[@]}" "${checkdepends[@]}" "${optdepends[@]%%:*}"
- # mksource depends
- "${mkdepends[@]}"
- )
- local ret=0
- for pkg in "${pkgs[@]}"; do
- local line="$(blacklist-cat|blacklist-lookup "$pkg")"
- local rep="$(blacklist-get-rep <<<"$line")"
- if [[ -z $line ]]; then
- # not mentioned in blacklist; free
- plain '%s: not blacklisted' "$pkg"
- continue
- elif [[ -z $rep ]]; then
- # non-free with no replacement
- plain '%s: blacklisted' "$pkg"
- ret=1
- else
- # non-free with free replacement
- if [[ "$rep" == "$pkg" ]]; then
- plain '%s: repackaged with the same name' "$pkg"
- else
- plain '%s: replaced by %s' "$pkg" "$rep"
- fi
- fi
- done
- return $ret
-)
+. $(librelib messages)
+. $(librelib conf)
+. $(librelib blacklist)
usage() {
print "Usage: %s [OPTIONS] [PKGBUILD1 PKGBUILD2 ...]" "${0##*/}"
+ print "Analyzes a PKGBUILD for freedom issues"
echo
prose 'If no PKGBUILD is specified, `./PKGBUILD` is implied.'
echo
- print "Exit status:"
+ print "Exit status (add them for combinations):"
print " 0: Everything OK, no freedom issues"
print " 1: Ran with error"
- print " 15: Depends on non-free packages"
+ print "Warning-level freedom issues:"
+ print " 2: Uses unrecognized licenses, check them"
+ print " 4: Uses GPL-incompatible licenses"
+ print "Error-level freedom issues:"
+ print " 8: Uses known unacceptable licenses"
+ print " 16: Has nonfree dependencies"
+ print " 32: Is a known nonfree package"
echo
print "Options:"
- flag '-c' 'Use the cached blacklist, do not try downloading.'
+ flag '-c' 'Use the cached blacklist, do not try downloading'
flag '-f' 'Allow running as root user'
+ echo
+ flag '-q' 'Be quiet'
+ flag '-v' 'Be verbose'
+ echo
flag '-h' 'Show this message'
}
+# Make sure these match pkgbuild-summarize-nonfree
+declare -ri _E_OK=0
+declare -ri _E_ERROR=1
+declare -ri _E_LIC_UNKNOWN=2
+declare -ri _E_LIC_NOGPL=4
+declare -ri _E_LIC_NONFREE=8
+declare -ri _E_DEP_NONFREE=16
+declare -ri _E_PKG_NONFREE=32
main() {
- local asroot=false
+ # Parse flags
local cache=false
- while getopts 'cfh' arg; do
+ local asroot=false
+ local v=1
+ while getopts 'cfqvh' arg; do
case "$arg" in
c) cache=true;;
f) asroot=true;;
- h) usage; return 0;;
- *) usage; return 1;;
+ q) v=0;;
+ v) v=2;;
+ h) usage; return $_E_OK;;
+ *) usage >&2; return $_E_ERROR;;
esac
done
shift $(($OPTIND - 1))
@@ -104,18 +87,222 @@ main() {
pkgbuilds=("$@")
fi
+ # Do a check to see if we are running as root
if [[ -w / ]] && ! $asroot; then
error "Run as normal user, or use the -f option to run as root."
return 1
fi
- $cache || blacklist-update || return 1
+ # Adjust the verbosity
+ if [[ $v == 0 ]]; then
+ error() { :; }
+ warning() { :; }
+ plain() { :; }
+ info() { :; }
+ elif [[ $v == 1 ]]; then
+ info() { :; }
+ elif [[ $v == 2 ]]; then
+ info() { plain "$@"; }
+ fi
+
+ # Update the blacklist
+ $cache || blacklist-update || return $_E_ERROR
- local ret=0
+ # Do the work
+ declare -i ret=0
+ local pkgbuild
for pkgbuild in "${pkgbuilds[@]}"; do
- check_deps "$pkgbuild" || ret=15
+ pkgbuild_check "$pkgbuild" || ret=$(($ret|$?))
done
return $ret
}
+# Helper functions #############################################################
+# These should maybe be moved into lib/conf.sh
+
+# Usage: var="$(pkgbuild_get_pkg_str ${pkgname} ${varname})"
+# Gets a package-level string for a split-package
+pkgbuild_get_pkg_str() {
+ [[ $# == 2 ]] || panic 'malformed call to pkgbuild_get_pkg_str'
+ local pkg=$1
+ local var=$2
+
+ local indirect=${!var}
+ eval $(declare -f package_$pkg | sed -rn "s/^\s*${var}(\+?=)/indirect\1/p")
+ printf '%s' "${indirect}"
+}
+# Usage: eval $(pkgbuild_get_pkg_ary ${pkgname} ${varname} [$variable_name_to_set])
+# Gets a package-level array for a split-package
+pkgbuild_get_pkg_ary() {
+ [[ $# == 2 ]] || [[ $# == 3 ]] || panic 'malformed call to pkgbuild_get_pkg_ary'
+ local pkg=$1
+ local var=$2
+ local out="${3:-$var}"
+
+ local ary="${var}[@]"
+ local indirect=("${!ary}")
+ eval $(declare -f package_$pkg | sed -rn "s/^\s*${var}(\+?=)/indirect\1/p")
+ declare -p indirect|sed "s/ indirect=/ ${out}=/"
+}
+
+# Checker functions ############################################################
+
+# Usage: check_lic "${licence}"
+# Check a license name to see if it is OK
+check_lic() {
+ [[ $# == 1 ]] || panic 'malformed call to check_license'
+ local license=$1
+
+ info 'Checking license: %s' "$license"
+
+ if [[ -e "/usr/share/licenses/common/$license" ]]; then
+ return $_E_OK
+ else
+ case "${license#custom:}" in
+ WTFPL)
+ # accept as common, I think it should be in the licenses package
+ return $_E_OK;;
+ BSD1|BSD2|BSD3|MIT|X11)
+ # accept these as common; they can't be included in the
+ # 'licenses' package because some text must be customized
+ return $_E_OK;;
+ BSD4)
+ warning "The 4-clause BSD license is free but has practical problems."
+ return $_E_LIC_NOGPL;;
+ BSD)
+ warning "License 'BSD' is ambiguous, use 'BSD{1..4}' to specify the number of clauses."
+ return $_E_LIC_UNKNOWN;;
+ JSON)
+ error "License '%s' is a known non-free license." "$license"
+ return $_E_LIC_NONFREE;;
+ *)
+ warning "License '%s' is not a common (recognized) license." "$license"
+ return $_E_LIC_UNKNOWN;;
+ esac
+ fi
+ panic 'code should never be reached'
+}
+
+# Usage: check_dep "${dependency}"
+# Checks for ${dependency} in the blacklist
+check_dep() {
+ [[ $# == 1 ]] || panic 'malformed call to check_dep'
+ local pkg=$1
+
+ local line="$(blacklist-cat|blacklist-lookup "$pkg")"
+ local rep="$(blacklist-get-rep <<<"$line")"
+ if [[ -z $line ]]; then
+ # not mentioned in blacklist; free
+ info '%s: not blacklisted' "$pkg"
+ return $_E_OK
+ elif [[ -z $rep ]]; then
+ # non-free with no replacement
+ plain '%s: blacklisted' "$pkg"
+ return $_E_DEP_NONFREE
+ else
+ # non-free with free replacement
+ if [[ "$rep" == "$pkg" ]]; then
+ info '%s: repackaged with the same name' "$pkg"
+ else
+ info '%s: replaced by %s' "$pkg" "$rep"
+ fi
+ return $_E_OK
+ fi
+ panic 'code should never be reached'
+}
+
+# Usage: check_pkg "${pkgname}"
+# Checks for ${pkgname} in the blacklist
+check_pkg() {
+ [[ $# == 1 ]] || panic 'malformed call to check_pkg'
+ check_dep "$@"
+ case $? in
+ $_E_OK)
+ return $_E_OK;;
+ $_E_DEP_NONFREE)
+ return $_E_PKG_NONFREE;;
+ *)
+ panic 'unexpected return code from check_dep';;
+ esac
+ panic 'code should never be reached'
+}
+
+# Usage: pkgbuild_ckec $pkgbuild
+# Check whether a PKGBUILD has any issues (using the above)
+pkgbuild_check() (
+ [[ $# == 1 ]] || panic 'malformed call to pkgbuild_check'
+ local pkgbuild=$1
+
+ load_PKGBUILD "$pkgbuild"
+ if [[ -z $pkgname ]]; then
+ return $_E_ERROR # not a PKGBUILD
+ fi
+
+ declare -i ret=0 # the return status
+ local dep lic # iterators for us in `for` loops
+ local ck_deps ck_lics # lists of deps and licenses that have been checked
+
+ if [[ ${#pkgname[@]} == 1 ]]; then
+ msg2 'Inspecting package pkgname=%q (%s)' "$pkgname" "$(get_full_version)"
+ else
+ msg2 'Inspecting split package pkgbase=%q (%s)' "${pkgbase:-${pkgname[0]}}" "$(get_full_version)"
+ fi
+
+ # Check if this is blacklisted
+ check_pkg "${pkgbase:-${pkgname[0]}}" || ret=$(($ret|$?))
+ # Check if dependencies are blacklisted
+ for dep in "${depends[@]}" "${makedepends[@]}" "${checkdepends[@]}" \
+ "${optdepends[@]%%:*}" "${mkdepends[@]}"
+ do
+ check_dep "$dep" || ret=$(($ret|$?))
+ ck_deps+=("$dep")
+ done
+ # Check the licenses
+ for lic in "${license[@]}"; do
+ check_lic "$lic" || ret=$(($ret|$?))
+ ck_lics+=("$lic")
+ done
+
+ if [[ ${#pkgname[@]} == 1 ]]; then
+ # Non-split package
+ # Make sure a license is set
+ if [[ ${#ck_lics[@]} == 0 ]]; then
+ error "The license array is empty"
+ ret=$(($ret|$_E_ERROR))
+ fi
+ else
+ # Split package
+ # Check the individual split packages
+ local _pkgname _license _depends _optdepends
+ for _pkgname in "${pkgname[@]}"; do
+ msg2 'Inspecting split package pkgname=%q (%s)' "$_pkgname" "$(get_full_version "$_pkgname")"
+ eval $(pkgbuild_get_pkg_ary "$_pkgname" license _license)
+ eval $(pkgbuild_get_pkg_ary "$_pkgname" depends _depends)
+ eval $(pkgbuild_get_pkg_ary "$_pkgname" optdepends _optdepends)
+
+ # Check if this is blacklisted
+ check_pkg "$_pkgname" || ret=$(($ret|$?))
+ # Check if dependencies are blacklisted
+ for dep in "${_depends[@]}" "${_optdepends[@]%%:*}"; do
+ if ! in_array "$dep" "${ck_deps[@]}"; then
+ check_dep "$dep" || ret=$(($ret|$?))
+ fi
+ done
+ # Check the licenses
+ for lic in "${_license[@]}"; do
+ if ! in_array "$lic" "${ck_lics[@]}"; then
+ check_lic "$lic" || ret=$(($ret|$?))
+ fi
+ done
+
+ if [[ ${#_license[@]} == 0 ]]; then
+ error "The license array is empty"
+ ret=$(($ret|$_E_ERROR))
+ fi
+ done
+ fi
+
+ return $ret
+)
+
main "$@"
diff --git a/src/pkgbuild-summarize-nonfree b/src/pkgbuild-summarize-nonfree
new file mode 100755
index 0000000..7b005d5
--- /dev/null
+++ b/src/pkgbuild-summarize-nonfree
@@ -0,0 +1,88 @@
+#!/bin/bash
+
+. $(librelib messages)
+
+# Make sure these match pkgbuild-check-nonfree
+declare -ri _E_OK=0
+declare -ri _E_ERROR=1
+declare -ri _E_LIC_UNKNOWN=2
+declare -ri _E_LIC_NOGPL=4
+declare -ri _E_LIC_NONFREE=8
+declare -ri _E_DEP_NONFREE=16
+declare -ri _E_PKG_NONFREE=32
+
+usage() {
+ print "Usage: %s [OPTIONS] STATUS" "${0##*/}"
+ print "Summarizes a status code from pkgbuild-check-nonfree"
+ echo
+ prose 'It thresholds the issues it finds, only failing for error-level
+ issues, and ignoring warnings. Unless `-q` is specified, it also
+ prints a summary of the issues it found.'
+ echo
+ print 'Options:'
+ flag '-q' 'Be quiet'
+ flag '-h' 'Show this message'
+}
+
+main() {
+ local quiet=false
+ while getopts 'qh' arg; do
+ case "$arg" in
+ q) quiet=true;;
+ h) usage; return 0;;
+ *) usage >&2; return 1;;
+ esac
+ done
+ shift $(($OPTIND - 1))
+ if [[ $# -ne 1 ]]; then
+ usage >&2
+ return 1
+ fi
+ if ! [[ $1 =~ ^[0-9]+$ ]]; then
+ error 'STATUS must be an integer'
+ usage >&2
+ return 1
+ fi
+
+ if $quiet; then
+ error() { :; }
+ warning() { :; }
+ fi
+
+ parse $1;
+ return $?
+}
+
+parse() {
+ [[ $# == 1 ]] || panic 'malformed call to parse'
+ declare -i s=$1;
+
+ declare -i ret=0
+ declare -i i
+ for i in 1 2 4 8 16 32; do
+ if [[ $(($s & $i)) -gt 0 ]]; then
+ case $i in
+ $_E_ERROR)
+ # could be anything, assume the worst
+ error "There was an error processing the PKGBUILD"
+ ret=1;;
+ $_E_LIC_UNKNOWN)
+ warning "This PKGBUILD has an unknown license";;
+ $_E_LIC_NOGPL)
+ warning "This PKGBUILD has a GPL-incompatible license";;
+ $_E_LIC_NONFREE)
+ error "This PKGBUILD has a known nonfree license"
+ ret=1;;
+ $_E_DEP_NONFREE)
+ error "This PKGBUILD depends on known nonfree packages"
+ ret=1;;
+ $_E_PKG_NONFREE)
+ error "This PKGBUILD is for a known nonfree package"
+ ret=1;;
+ esac
+ fi
+ done
+ return $ret
+}
+
+main "$@"