253 lines
9.4 KiB
Python
253 lines
9.4 KiB
Python
# -*- python -*-
|
|
|
|
# Example configuration file for rpmlint.
|
|
|
|
# This line is mandatory to access the configuration functions
|
|
from Config import *
|
|
|
|
# Additional paths to look for checks.
|
|
# ------------------------------------
|
|
|
|
#addCheckDir("~/mandrake/rpmlint")
|
|
|
|
# Configure the checks if you don't want the default ones.
|
|
# --------------------------------------------------------
|
|
|
|
#addCheck("FHSCheck")
|
|
#addCheck("BinariesCheck")
|
|
|
|
# Configuration options used by the checks shipped with rpmlint.
|
|
# The values in the commented out setOption() calls represent default
|
|
# or typical example values for the option.
|
|
# -------------------------------------------------------------------
|
|
|
|
# Type: integer, default: -1 (less than 0 means disabled)
|
|
#setOption("BadnessThreshold", -1)
|
|
|
|
# When checking that various files that should be compressed are
|
|
# indeed compressed, look for this filename extension (no dot here).
|
|
# Type: string, default: "bz2"
|
|
#setOption("CompressExtension", "bz2")
|
|
|
|
# Exception list for dangling symlink checks. The first in each pair
|
|
# is a regexp, and the second the package in which the target of the
|
|
# dangling symlink is shipped.
|
|
# Type: tuple of lists, default: (['consolehelper$', 'usermode-consoleonly'])
|
|
#setOption("DanglingSymlinkExceptions", ())
|
|
|
|
# Value for the Distribution tag.
|
|
# Type: string, default: "" (the empty string disables checking)
|
|
#setOption("Distribution", "")
|
|
|
|
# Base directory where to extract uninstalled packages while checking.
|
|
# Type: string, default: tempfile.gettempdir()
|
|
#setOption("ExtractDir", "/tmp")
|
|
|
|
# Standard "needs" values for non-XDG legacy menu items.
|
|
# Type: tuple of strings, default: ('gnome', 'icewm', 'kde', 'wmaker')
|
|
#setOption("ExtraMenuNeeds", ('gnome', 'icewm', 'kde', 'wmaker'))
|
|
|
|
# Words that must not exist in various tag values.
|
|
# Type: regexp, default: '' ('' effectively disables this check)
|
|
#setOption("ForbiddenWords", '')
|
|
|
|
# Exceptions for hardcoded library paths.
|
|
# Type: regexp, default: see DEFAULT_HARDCODED_LIB_PATH_EXCEPTIONS in SpecCheck
|
|
#setOption("HardcodedLibPathExceptions", '/lib/modules/')
|
|
|
|
# Accepted non-XDG legacy icon filenames.
|
|
# Type: regexp, default: '.*\.png$'
|
|
#setOption("IconFilename", '.*\.png$')
|
|
|
|
# Paths in which non-XDG legacy icons should be installed. The first
|
|
# item in the tuples is a filesystem path, and the second the icon type.
|
|
# Type: tuple of string tuples, default: see DEFAULT_ICON_PATH in MenuCheck
|
|
#setOption("IconPath", ())
|
|
|
|
# Disallowed dependencies.
|
|
# Type: tuple of regexps, default: see DEFAULT_INVALID_REQUIRES in TagsCheck
|
|
#setOption("InvalidRequires", ())
|
|
|
|
# Strings to disallow in various URL tags.
|
|
# Type: regexp, default: '' ('' effectively disables this check)
|
|
#setOption("InvalidURL", '')
|
|
|
|
# Whether to allow packaging kernel modules in non-kernel packages.
|
|
# Type: boolean, default: True
|
|
#setOption("KernelModuleRPMsOK", True)
|
|
|
|
# Maximum line length for summaries and descriptions.
|
|
# Type: integer, default: 79
|
|
#setOption("MaxLineLength", 79)
|
|
|
|
# Type: tuple of string,tuple lists, default: see DEFAULT_LAUNCHERS in MenuCheck
|
|
#setOption("MenuLaunchers", ())
|
|
|
|
# Names of packages to treat as "meta" ones.
|
|
# Type: regexp, default: '^(bundle|task)-'
|
|
#setOption("MetaPackageRegexp", '^(bundle|task)-')
|
|
|
|
# Whether to enable checks that require networking.
|
|
# Type: boolean, default: False
|
|
#setOption("NetworkEnabled", False)
|
|
|
|
# Timeout for network operations in seconds.
|
|
# Type: integer, default: 10
|
|
#setOption("NetworkTimeout", 10)
|
|
|
|
# Value for the Packager tag.
|
|
# Type: regexp, default: '' ('' effectively disables this check)
|
|
#setOption("Packager", '')
|
|
|
|
# Type: boolean, default: True
|
|
#setOption("PerlVersionTrick", True)
|
|
|
|
# Assumed default version of Python if one cannot be determined from files.
|
|
# Type: string, default: None
|
|
#setOption("PythonDefaultVersion", None)
|
|
|
|
# Expected suffix in Release tags.
|
|
# Type: regexp, default: '' ('' effectively disables this check)
|
|
#setOption("ReleaseExtension", '')
|
|
|
|
# Group tag for games.
|
|
# Type: regexp, default: 'Games'
|
|
#setOption("RpmGamesGroup", 'Games')
|
|
|
|
# Doc files to which end of line and UTF-8 checks should not be applied.
|
|
# Type: regexp, default: \.(?:rtf|x?html?|svg|ml[ily]?)$'
|
|
#setOption("SkipDocsRegexp", '\.(?:rtf|x?html?|svg|ml[ily]?)$')
|
|
|
|
# Standard OS groups.
|
|
# Type: tuple of strings, default: see DEFAULT_STANDARD_GROUPS in FilesCheck
|
|
#setOption("StandardGroups", ())
|
|
|
|
# Standard OS users.
|
|
# Type: tuple of strings, see DEFAULT_STANDARD_USERS in FilesCheck
|
|
#setOption("StandardUsers", ())
|
|
|
|
# List of directory prefixes that are not allowed in packages
|
|
# Type: tuple of strings, see DEFAULT_DISALLOWED_DIRS in FilesCheck
|
|
#setOption("DisallowedDirs", ('/home', '/mnt'))
|
|
|
|
# List of directories considered to be system default library search paths.
|
|
# Type: tuple of strings, default: see DEFAULT_SYSTEM_LIB_PATHS in BinariesCheck
|
|
#setOption("SystemLibPaths", ('/lib', '/lib64', '/usr/lib', '/usr/lib64'))
|
|
|
|
# Executables that must be compiled as position independent.
|
|
# Type: regex, default: None
|
|
#setOption("PieExecutables", '^/bin/(ping6?|su)$')
|
|
|
|
# Whether to want default start/stop runlevels specified in init scripts.
|
|
# Type: boolean, default: True
|
|
#setOption("UseDefaultRunlevels", True)
|
|
|
|
# Whether to use the Enchant spell checker (if available) for spell checking.
|
|
# Type: boolean, default: True
|
|
#setOption("UseEnchant", True)
|
|
|
|
# Whether an explicit Epoch should always be specified.
|
|
# Type: boolean, default: False
|
|
#setOption("UseEpoch", False)
|
|
|
|
# Whether jars should be indexed.
|
|
# Type: boolean, default: True
|
|
#setOption("UseIndexedJars", True)
|
|
|
|
# Whether symlinks between directories should be relative.
|
|
# Type: boolean, default: True
|
|
#setOption("UseRelativeSymlinks", True)
|
|
|
|
# Whether the UTF-8 character encoding should be used where applicable.
|
|
# Type: boolean, default: autodetected from environment
|
|
#setOption("UseUTF8", True)
|
|
|
|
# Whether debug sources are expected to be in separate packages from
|
|
# -debuginfo, typically -debugsource.
|
|
# Type: boolean, default: False
|
|
#setOption("UseDebugSource", False)
|
|
|
|
# Whether %changelog entries should contain a version.
|
|
# Type: boolean, default: True
|
|
#setOption("UseVersionInChangelog", True)
|
|
|
|
# Whether init scripts must use /var/lock/subsys
|
|
# Type: boolean, default: True
|
|
#setOption("UseVarLockSubsys", True)
|
|
|
|
# Architecture dependent paths in which packages are allowed to install files
|
|
# even if they are all non-binary.
|
|
# Type: regexp, default: see BinariesCheck
|
|
#setOption("UsrLibBinaryException", '^/usr/lib(64)?/(perl|python|ruby)')
|
|
|
|
# Value for the BuildHost tag.
|
|
# Type: regexp, default '' ('' effectively disables this check)
|
|
#setOption("ValidBuildHost", '')
|
|
|
|
# Interpreters whose scriptlets are allowed to be empty.
|
|
# Type: tuple of strings, default: ('/sbin/ldconfig',)
|
|
#setOption("ValidEmptyShells", ('/sbin/ldconfig',))
|
|
|
|
# Values for the Group tag.
|
|
# Type: list of strings, default: extracted from GROUPS file shipped with rpm
|
|
#setOption("ValidGroups", [])
|
|
|
|
# Values for the License tag.
|
|
# Type: tuple of strings, default: see DEFAULT_VALID_LICENSES in TagsCheck
|
|
#setOption("ValidLicenses", ())
|
|
|
|
# Values for non-XDG legacy menu item sections.
|
|
# Type: tuple of strings, default: see DEFAULT_VALID_SECTIONS in MenuCheck
|
|
#setOption("ValidMenuSections", ())
|
|
|
|
# Package scriptlet interpreters.
|
|
# Type: tuple of strings, default: see DEFAULT_VALID_SHELLS in PostCheck
|
|
#setOption("ValidShells", ('/bin/sh', '/bin/bash'))
|
|
|
|
# Permissions for files in source packages.
|
|
# Type: tuple of modes, default: (0644, 0755)
|
|
#setOption("ValidSrcPerms", (0644, 0755))
|
|
|
|
# Value for the Vendor tag.
|
|
# Type: string, default: "" ("" effectively disables this check)
|
|
#setOption("Vendor", "")
|
|
|
|
# Man page warning category, passed to groff -w while checking man pages.
|
|
# See the groff(1) or troff(1) man pages for available categories.
|
|
# Type: string, default: 'mac'
|
|
#SetOption("ManWarningCategory", 'mac')
|
|
|
|
# Command and arguments to validate appdata files.
|
|
# Type: tuple of strings, default: see DEFAULT_APPDATA_CHECKER in AppDataCheck
|
|
#setOption("AppDataChecker", ('appstream-util', 'validate-relax'))
|
|
|
|
# Check if application performs calls to blacklisted methods
|
|
# the 'f_name' is the regexp for the blacklisted method
|
|
# 'good_param' is the optional parameter that will waive the result if this
|
|
# regexp matches output of `strings` from the binary file
|
|
# 'description' is the explanation of why the call is blacklisted
|
|
#bad_crypto_warning = \
|
|
#'''This application package calls a function to explicitly set crypto ciphers
|
|
#for SSL/TLS. That may cause the application not to use the system-wide set
|
|
#cryptographic policy and should be modified in accordance to:
|
|
#https://fedoraproject.org/wiki/Packaging:CryptoPolicies'''
|
|
#
|
|
#call_blacklist = {'crypto-policy-non-compliance-openssl' :
|
|
# {'f_name' : 'SSL_CTX_set_cipher_list',
|
|
# 'good_param' : '^PROFILE=SYSTEM$',
|
|
# 'description' : bad_crypto_warning},
|
|
# 'crypto-policy-non-compliance-gnutls-1' :
|
|
# {'f_name' : 'gnutls_priority_set_direct',
|
|
# 'good_param' : '^@SYSTEM$',
|
|
# 'description' : bad_crypto_warning},
|
|
# 'crypto-policy-non-compliance-gnutls-2' :
|
|
# {'f_name' : 'gnutls_priority_init',
|
|
# 'description' : bad_crypto_warning}
|
|
# }
|
|
#setOption("WarnOnFunction", call_blacklist)
|
|
|
|
# Output filters.
|
|
# ---------------
|
|
|
|
#addFilter("E: .* no-signature")
|