xbps-src: pre-pkg: allow only white-listed directories.

2020-05-23 18:55:59 +07:00 · 2020-05-23 18:55:59 +07:00 · 91c0eaa5a7
parent 4ad0e936b1
commit 91c0eaa5a7
1 changed files with 26 additions and 1 deletions
--- a/common/hooks/pre-pkg/99-pkglint.sh
+++ b/common/hooks/pre-pkg/99-pkglint.sh
@ -21,13 +21,38 @@ hook() {
 		fi
 	done
 	
-	for f in sys dev home root run var/run tmp usr/local destdir; do
+	for f in var/run usr/local; do
 		if [ -d ${PKGDESTDIR}/${f} ]; then
 			msg_red "${pkgver}: /${f} directory is not allowed, remove it!\n"
 			error=1
 		fi
 	done

+	for f in "$PKGDESTDIR"/*; do
+		f="${f##*/}"
+		case "$f" in
+		'*')	# The filename is exactly '*'
+			if [ -e "${PKGDESTDIR}/*" ]; then
+				msg_red "${pkgver}: File /* is not allowed\n"
+				error=1
+			fi
+			# Empty meta package is fine
+			;;
+		lib|bin|sbin|lib64|lib32|usr|var|opt|etc|boot|srv)
+			;;
+		INSTALL|INSTALL.msg|REMOVE|REMOVE.msg|rdeps|shlib-requires|shlib-provides)
+			if [ ! -f "${PKGDESTDIR}/$f" ]; then
+				msg_red "${pkgver}: /${f} is not allowed\n"
+				error=1
+			fi
+			;;
+		*)
+			msg_red "${pkgver}: /${f} directory is not allowed, remove it!\n"
+			error=1
+			;;
+		esac
+	done
+
 	# Check that configuration files really exist.
 	for f in $(expand_destdir "${conf_files}"); do
 		if [ ! -f "${PKGDESTDIR}/${f}" ]; then