binary rpm package checking
Dag Wieers
dag at wieers.com
Tue Feb 15 01:16:40 UTC 2005
On Sat, 29 Jan 2005, Florian La Roche wrote:
> This is a start to check binary rpm packages for consistency.
> Right now mostly the rpm header is checked to get a feeling
> how much "strange" binary rpm packages might be out there.
> It has two modes of checking, one for the current Fedora Development
> tree with more strict checks and a more relaxed one that should
> work for all existing rpm packages, also other distributions.
>
> I'd be interested to get feedback on what output is generated
> for rpm addon expositories and non - Red Hat distributions
> if the script generates warning messages.
> At least for Fedora Core only very few rpm tags are actually
> used in the rpm header.
>
> Examples usage:
> ./pyrpm.py --strict /mirror/fedora/development/i386/Fedora/RPMS/*.rpm
>
> Checking all rpms:
> locate .rpm | xargs ./pyrpm.py
> find /mirror/linux -name "*.rpm" -type f -print0 2>/dev/null |
> xargs -0 ./pyrpm.py
Hi Florian,
I've ran it on about 28000 packages, mostly unknown tag values:
unknown distribution: Dag Apt Repository for Red Hat 7.3
unknown packager: Dries Verachtert <dries at ulyssis.org>
unknown vendor: Dag Apt Repository, http://dag.wieers.com/apt/
However it also triggered a problem:
ValueError: amavisd-new-milter-2.2.0-2.0.rh8.test.i386.rpm: wrong data in rpm lead
Traceback (most recent call last):
File "./pyrpm.py", line 676, in ?
verifyAllRpms()
File "./pyrpm.py", line 657, in verifyAllRpms
rpm = verifyRpm(a, legacy)
File "./pyrpm.py", line 583, in verifyRpm
if rpm.readHeader():
File "./pyrpm.py", line 308, in readHeader
self.parseLead(leaddata)
File "./pyrpm.py", line 110, in parseLead
self.raiseErr("wrong data in rpm lead")
File "./pyrpm.py", line 59, in raiseErr
raise ValueError, "%s: %s" % (self.filename, err)
on files like:
perl-Tk-804.026-1.rhfc1.test.i386.rpm
amavisd-new-2.2.0-2.0.rh8.test.i386.rpm
xpde-0.4.0-1.1.fc2.test.i386.rpm
Fortunately all of these have been renamed files where the repotag has
been changed to 'test'. Something I frequently do after a package didn't
go through QA but was still worth distributing.
After a while, when it started with kernel-module packages, I got this:
ValueError: kernel-module-ov511-2.25-0_2.4.20_20.9.dag.rh90.i686.rpm: unknown prog: ['/sbin/depmod', '-ae']
Traceback (most recent call last):
File "./pyrpm.py", line 676, in ?
verifyAllRpms()
File "./pyrpm.py", line 663, in verifyAllRpms
rrpm = RRpm(rpm)
File "./pyrpm.py", line 509, in __init__
(self.post, self.postprog) = rpm.getScript("postin", "postinprog")
File "./pyrpm.py", line 415, in getScript
self.raiseErr("unknown prog: %s" % prog)
File "./pyrpm.py", line 59, in raiseErr
raise ValueError, "%s: %s" % (self.filename, err)
These messages are printed for each package. The command I ran was:
find /dar/packages/ -type f -name "*.rpm" | xargs -i ./pyrpm.py --strict '{}' \; | grep -vE 'unknown (packager|vendor|distribution)' | sort | uniq -c
I ended it after a lot of these 'errors'. Is the traceback intentional ?
Kind regards,
-- dag wieers, dag at wieers.com, http://dag.wieers.com/ --
[all I want is a warm bed and a kind word and unlimited power]
More information about the fedora-devel-list
mailing list