Coverage for debputy/builtin_manifest_rules.py: 0%
52 statements
« prev ^ index » next coverage.py v6.5.0, created at 2023-01-22 14:29 +0100
« prev ^ index » next coverage.py v6.5.0, created at 2023-01-22 14:29 +0100
1import subprocess
2from typing import Iterable, Optional, List
4from debputy.filesystem_scan import FSPath
5from debputy.intermediate_manifest import PathType
6from debputy.manifest_path_rules import ManifestPathRule
7from debputy.path_matcher import MATCH_ANYTHING, MatchRule, ExactFileSystemPath, DirectoryBasedMatch, MatchRuleType, \
8 BasenameGlobMatch
9from debputy.substitution import Substitution
10from debputy.util import _normalize_path
12# Imported from dh_fixperms
13_PERMISSION_NORMALIZATION_SOURCE_DEFINITION = 'permission normalization'
14_STD_FILE_MODE = 0o644
15_PATH_FILE_MODE = 0o755
16_PERL_MODULE_DIRS: Optional[List[str]] = None
19DEFAULT_PATH_INFO = ManifestPathRule.ensure_metadata(
20 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
21 MATCH_ANYTHING,
22 uname='root',
23 uid=0,
24 gname='root',
25 gid=0,
26 # This mode is from dh_fixperms
27 symbolic_mode='go=rX,u+rw,a-s',
28 is_builtin_definition=True,
29 )
32def _perl_module_dirs() -> Iterable[str]:
33 global _PERL_MODULE_DIRS
34 if _PERL_MODULE_DIRS is None:
35 output = subprocess.check_output(
36 ['perl', '-MConfig', '-e', 'print "$Config{vendorlib}\n$Config{vendorarch}\n"']
37 )
38 _PERL_MODULE_DIRS = [
39 _normalize_path(path)
40 for path in output.decode('utf-8').splitlines(keepends=False)
41 ]
42 yield from _PERL_MODULE_DIRS
45class _UsrShareDocMatchRule(DirectoryBasedMatch):
47 def __init__(self) -> None:
48 super().__init__(MatchRuleType.ANYTHING_BENEATH_DIR,
49 _normalize_path('usr/share/doc', with_prefix=True),
50 path_type=PathType.FILE,
51 )
53 def finditer(self, fs_root: 'FSPath') -> Iterable['FSPath']:
54 doc_dir = fs_root.lookup(self._directory)
55 if doc_dir is None:
56 return
57 for path_in_doc_dir in doc_dir.children:
58 yield path_in_doc_dir
59 for subpath in path_in_doc_dir.children:
60 if subpath.basename == 'examples' and subpath.is_dir:
61 continue
62 yield from subpath.all_paths()
64 def describe_match_short(self) -> str:
65 return f'All files beneath {self._directory}/ except .../<pkg>/examples'
67 def describe_match_exact(self) -> str:
68 return self.describe_match_short()
70 def __hash__(self):
71 return object.__hash__(self)
73 def __eq__(self, other: object) -> bool:
74 return self is other
77USR_SHARE_DOC_MATCH_RULE = _UsrShareDocMatchRule()
78del _UsrShareDocMatchRule
81def builtin_manifest_rules(substitution: Substitution) -> Iterable['ManifestPathRule']:
82 yield from (
83 ManifestPathRule.ensure_metadata(
84 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
85 MatchRule.from_path_or_glob(x, _PERMISSION_NORMALIZATION_SOURCE_DEFINITION, path_type=PathType.FILE),
86 mode=_STD_FILE_MODE,
87 is_builtin_definition=True,
88 )
89 for x in ('*.so.*', '*.so', '*.la', '*.a', '*.js', '*.css', '*.scss', '*.sass', '*.jpeg', '*.jpg',
90 '*.png', '*.gif', '*.cmxs', '*.node',)
91 )
93 yield from (
94 ManifestPathRule.ensure_metadata(
95 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
96 MatchRule.recursive_beneath_directory(x,
97 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
98 path_type=PathType.FILE),
99 mode=_STD_FILE_MODE,
100 is_builtin_definition=True,
101 )
102 for x in ('usr/share/man', 'usr/include', 'usr/share/applications', 'usr/share/lintian/overrides',)
103 )
105 # The dh_fixperms tool recuses for these directories, but probably should not (see #1006927)
106 yield from (
107 ManifestPathRule.ensure_metadata(
108 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
109 MatchRule.from_path_or_glob(f"{x}/*",
110 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
111 path_type=PathType.FILE),
112 mode=_PATH_FILE_MODE,
113 is_builtin_definition=True,
114 )
115 for x in ('usr/bin', 'usr/bin/mh', 'bin', 'usr/sbin', 'sbin', 'usr/games', 'usr/libexec', 'etc/init.d',)
116 )
117 yield from (
118 # Strictly speaking, dh_fixperms does a recursive search but in practice, it does not matter.
119 ManifestPathRule.ensure_metadata(
120 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
121 MatchRule.from_path_or_glob(x, _PERMISSION_NORMALIZATION_SOURCE_DEFINITION, path_type=PathType.FILE),
122 mode=0o440,
123 is_builtin_definition=True,
124 )
125 for x in ('etc/sudoers.d/*',)
126 )
128 # The reportbug rule
129 yield ManifestPathRule.ensure_metadata(
130 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
131 ExactFileSystemPath(substitution.substitute(_normalize_path("usr/share/bug/${PACKAGE}"),
132 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION)),
133 mode=0o755,
134 is_builtin_definition=True,
135 )
136 yield ManifestPathRule.ensure_metadata(
137 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
138 MatchRule.recursive_beneath_directory("usr/share/bug/${PACKAGE}",
139 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
140 path_type=PathType.FILE,
141 substitution=substitution,
142 ),
143 mode=0o644,
144 is_builtin_definition=True,
145 )
146 yield ManifestPathRule.ensure_metadata(
147 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
148 ExactFileSystemPath(substitution.substitute(_normalize_path("usr/share/bug/${PACKAGE}/script"),
149 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION)),
150 mode=0o755,
151 is_builtin_definition=True,
152 )
153 yield ManifestPathRule.ensure_metadata(
154 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
155 USR_SHARE_DOC_MATCH_RULE,
156 mode=0o0644,
157 is_builtin_definition=True,
158 )
159 yield from (
160 ManifestPathRule.ensure_metadata(
161 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
162 BasenameGlobMatch('*.pm',
163 only_when_in_directory=perl_dir,
164 path_type=PathType.FILE,
165 recursive_match=True,
166 ),
167 symbolic_mode='a-x',
168 is_builtin_definition=True,
169 ) for perl_dir in _perl_module_dirs()
170 )
171 yield ManifestPathRule.ensure_metadata(
172 _PERMISSION_NORMALIZATION_SOURCE_DEFINITION,
173 BasenameGlobMatch('*.ali',
174 only_when_in_directory=_normalize_path('usr/lib'),
175 path_type=PathType.FILE,
176 recursive_match=True,
177 ),
178 symbolic_mode='a-w',
179 is_builtin_definition=True,
180 )