Update valied license list

[platform/upstream/rpmlint.git] / FilesCheck.py

# -*- coding: utf-8 -*-
#############################################################################
# File          : FilesCheck.py
# Package       : rpmlint
# Author        : Frederic Lepied
# Created on    : Mon Oct  4 19:32:49 1999
# Version       : $Id: FilesCheck.py 1894 2011-11-24 21:56:18Z scop $
# Purpose       : test various aspects on files: locations, owner, groups,
#                 permission, setuid, setgid...
#############################################################################

from datetime import datetime
import commands
import os
import re
import stat
import string

import rpm

from Filter import addDetails, printError, printWarning
from Pkg import catcmd, is_utf8, is_utf8_str
import AbstractCheck
import Config


# must be kept in sync with the filesystem package
STANDARD_DIRS = (
    '/',
    '/bin',
    '/boot',
    '/dev',
    '/etc',
    '/etc/X11',
    '/etc/aliases.d',
    '/etc/cron.d',
    '/etc/cron.daily',
    '/etc/cron.hourly',
    '/etc/cron.monthly',
    '/etc/cron.weekly',
    '/etc/cups',
    '/etc/default',
    '/etc/init.d',
    '/etc/init.d/boot.d',
    '/etc/init.d/rc0.d',
    '/etc/init.d/rc1.d',
    '/etc/init.d/rc2.d',
    '/etc/init.d/rc3.d',
    '/etc/init.d/rc4.d',
    '/etc/init.d/rc5.d',
    '/etc/init.d/rc6.d',
    '/etc/init.d/rcS.d',
    '/etc/java',
    '/etc/ld.so.conf.d',
    '/etc/logrotate.d',
    '/etc/news',
    '/etc/opt',
    '/etc/permissions.d',
    '/etc/ppp',
    '/etc/ppp/ip-down.d',
    '/etc/ppp/ip-up.d',
    '/etc/profile.d',
    '/etc/rc.d',
    '/etc/skel',
    '/etc/susehelp.d',
    '/etc/susehelp.d/htdig',
    '/etc/sysconfig',
    '/etc/sysconfig/SuSEfirewall2.d',
    '/etc/sysconfig/SuSEfirewall2.d/services',
    '/etc/sysconfig/network',
    '/etc/sysconfig/network/if-down.d',
    '/etc/sysconfig/network/if-up.d',
    '/etc/sysconfig/network/providers',
    '/etc/sysconfig/network/scripts',
    '/etc/sysconfig/scripts',
    '/etc/uucp',
    '/etc/xdg',
    '/etc/xdg/autostart',
    '/etc/xinetd.d',
    '/home',
    '/lib',
    '/lib/YaST',
    '/lib/firmware',
    '/lib/lsb',
    '/lib/modules',
    '/lib64',
    '/lib64/YaST',
    '/lib64/firmware',
    '/lib64/lsb',
    '/lib64/modules',
    '/media',
    '/media/cdrom',
    '/media/floppy',
    '/mnt',
    '/opt',
    '/proc',
    '/root',
    '/root/.gnupg',
    '/root/bin',
    '/sbin',
    '/srv',
    '/srv/ftp',
    '/srv/www',
    '/srv/www/cgi-bin',
    '/srv/www/htdocs',
    '/sys',
    '/tmp',
    '/tmp/.ICE-unix',
    '/tmp/.X11-unix',
    '/usr',
    '/usr/X11R6',
    '/usr/X11R6/bin',
    '/usr/X11R6/lib',
    '/usr/bin',
    '/usr/games',
    '/usr/i586-suse-linux',
    '/usr/i586-suse-linux/bin',
    '/usr/i586-suse-linux/include',
    '/usr/i586-suse-linux/lib',
    '/usr/include',
    '/usr/include/X11',
    '/usr/lib',
    '/usr/lib/X11',
    '/usr/lib/browser-plugins',
    '/usr/lib/lsb',
    '/usr/lib/news',
    '/usr/lib/pkgconfig',
    '/usr/lib64',
    '/usr/lib64/X11',
    '/usr/lib64/browser-plugins',
    '/usr/lib64/lsb',
    '/usr/lib64/news',
    '/usr/lib64/pkgconfig',
    '/usr/local',
    '/usr/local/bin',
    '/usr/local/games',
    '/usr/local/include',
    '/usr/local/lib',
    '/usr/local/lib64',
    '/usr/local/man',
    '/usr/local/man/man1',
    '/usr/local/man/man2',
    '/usr/local/man/man3',
    '/usr/local/man/man4',
    '/usr/local/man/man5',
    '/usr/local/man/man6',
    '/usr/local/man/man7',
    '/usr/local/man/man8',
    '/usr/local/man/man9',
    '/usr/local/man/mann',
    '/usr/local/sbin',
    '/usr/local/share',
    '/usr/local/src',
    '/usr/sbin',
    '/usr/share',
    '/usr/share/applications',
    '/usr/share/dict',
    '/usr/share/doc',
    '/usr/share/doc/packages',
    '/usr/share/fonts',
    '/usr/share/games',
    '/usr/share/icons',
    '/usr/share/info',
    '/usr/share/java',
    '/usr/share/locale',
    '/usr/share/locale/aa',
    '/usr/share/locale/aa/LC_MESSAGES',
    '/usr/share/locale/af',
    '/usr/share/locale/af/LC_MESSAGES',
    '/usr/share/locale/am',
    '/usr/share/locale/am/LC_MESSAGES',
    '/usr/share/locale/ang',
    '/usr/share/locale/ang/LC_MESSAGES',
    '/usr/share/locale/ar',
    '/usr/share/locale/ar/LC_MESSAGES',
    '/usr/share/locale/as',
    '/usr/share/locale/as/LC_MESSAGES',
    '/usr/share/locale/az',
    '/usr/share/locale/az/LC_MESSAGES',
    '/usr/share/locale/az_IR',
    '/usr/share/locale/az_IR/LC_MESSAGES',
    '/usr/share/locale/be',
    '/usr/share/locale/be/LC_MESSAGES',
    '/usr/share/locale/be@latin',
    '/usr/share/locale/be@latin/LC_MESSAGES',
    '/usr/share/locale/bg',
    '/usr/share/locale/bg/LC_MESSAGES',
    '/usr/share/locale/bn',
    '/usr/share/locale/bn/LC_MESSAGES',
    '/usr/share/locale/bn_IN',
    '/usr/share/locale/bn_IN/LC_MESSAGES',
    '/usr/share/locale/bo',
    '/usr/share/locale/bo/LC_MESSAGES',
    '/usr/share/locale/br',
    '/usr/share/locale/br/LC_MESSAGES',
    '/usr/share/locale/bs',
    '/usr/share/locale/bs/LC_MESSAGES',
    '/usr/share/locale/byn',
    '/usr/share/locale/byn/LC_MESSAGES',
    '/usr/share/locale/ca',
    '/usr/share/locale/ca/LC_MESSAGES',
    '/usr/share/locale/ca@valencia',
    '/usr/share/locale/ca@valencia/LC_MESSAGES',
    '/usr/share/locale/cs',
    '/usr/share/locale/cs/LC_MESSAGES',
    '/usr/share/locale/cs_CZ',
    '/usr/share/locale/cs_CZ/LC_MESSAGES',
    '/usr/share/locale/cy',
    '/usr/share/locale/cy/LC_MESSAGES',
    '/usr/share/locale/da',
    '/usr/share/locale/da/LC_MESSAGES',
    '/usr/share/locale/de',
    '/usr/share/locale/de/LC_MESSAGES',
    '/usr/share/locale/de_AT',
    '/usr/share/locale/de_AT/LC_MESSAGES',
    '/usr/share/locale/de_CH',
    '/usr/share/locale/de_CH/LC_MESSAGES',
    '/usr/share/locale/de_DE',
    '/usr/share/locale/de_DE/LC_MESSAGES',
    '/usr/share/locale/dv',
    '/usr/share/locale/dv/LC_MESSAGES',
    '/usr/share/locale/dz',
    '/usr/share/locale/dz/LC_MESSAGES',
    '/usr/share/locale/ee',
    '/usr/share/locale/ee/LC_MESSAGES',
    '/usr/share/locale/el',
    '/usr/share/locale/el/LC_MESSAGES',
    '/usr/share/locale/el_GR',
    '/usr/share/locale/el_GR/LC_MESSAGES',
    '/usr/share/locale/en',
    '/usr/share/locale/en/LC_MESSAGES',
    '/usr/share/locale/en@IPA',
    '/usr/share/locale/en@IPA/LC_MESSAGES',
    '/usr/share/locale/en@boldquot',
    '/usr/share/locale/en@boldquot/LC_MESSAGES',
    '/usr/share/locale/en@quot',
    '/usr/share/locale/en@quot/LC_MESSAGES',
    '/usr/share/locale/en_AU',
    '/usr/share/locale/en_AU/LC_MESSAGES',
    '/usr/share/locale/en_CA',
    '/usr/share/locale/en_CA/LC_MESSAGES',
    '/usr/share/locale/en_GB',
    '/usr/share/locale/en_GB/LC_MESSAGES',
    '/usr/share/locale/en_US',
    '/usr/share/locale/en_US/LC_MESSAGES',
    '/usr/share/locale/eo',
    '/usr/share/locale/eo/LC_MESSAGES',
    '/usr/share/locale/es',
    '/usr/share/locale/es/LC_MESSAGES',
    '/usr/share/locale/es_AR',
    '/usr/share/locale/es_AR/LC_MESSAGES',
    '/usr/share/locale/es_CL',
    '/usr/share/locale/es_CL/LC_MESSAGES',
    '/usr/share/locale/es_CO',
    '/usr/share/locale/es_CO/LC_MESSAGES',
    '/usr/share/locale/es_CR',
    '/usr/share/locale/es_CR/LC_MESSAGES',
    '/usr/share/locale/es_DO',
    '/usr/share/locale/es_DO/LC_MESSAGES',
    '/usr/share/locale/es_EC',
    '/usr/share/locale/es_EC/LC_MESSAGES',
    '/usr/share/locale/es_ES',
    '/usr/share/locale/es_ES/LC_MESSAGES',
    '/usr/share/locale/es_GT',
    '/usr/share/locale/es_GT/LC_MESSAGES',
    '/usr/share/locale/es_HN',
    '/usr/share/locale/es_HN/LC_MESSAGES',
    '/usr/share/locale/es_MX',
    '/usr/share/locale/es_MX/LC_MESSAGES',
    '/usr/share/locale/es_NI',
    '/usr/share/locale/es_NI/LC_MESSAGES',
    '/usr/share/locale/es_PA',
    '/usr/share/locale/es_PA/LC_MESSAGES',
    '/usr/share/locale/es_PE',
    '/usr/share/locale/es_PE/LC_MESSAGES',
    '/usr/share/locale/es_PR',
    '/usr/share/locale/es_PR/LC_MESSAGES',
    '/usr/share/locale/es_SV',
    '/usr/share/locale/es_SV/LC_MESSAGES',
    '/usr/share/locale/es_UY',
    '/usr/share/locale/es_UY/LC_MESSAGES',
    '/usr/share/locale/es_VE',
    '/usr/share/locale/es_VE/LC_MESSAGES',
    '/usr/share/locale/et',
    '/usr/share/locale/et/LC_MESSAGES',
    '/usr/share/locale/et_EE',
    '/usr/share/locale/et_EE/LC_MESSAGES',
    '/usr/share/locale/eu',
    '/usr/share/locale/eu/LC_MESSAGES',
    '/usr/share/locale/eu_ES',
    '/usr/share/locale/eu_ES/LC_MESSAGES',
    '/usr/share/locale/fa',
    '/usr/share/locale/fa/LC_MESSAGES',
    '/usr/share/locale/fi',
    '/usr/share/locale/fi/LC_MESSAGES',
    '/usr/share/locale/fi_FI',
    '/usr/share/locale/fi_FI/LC_MESSAGES',
    '/usr/share/locale/fo',
    '/usr/share/locale/fo/LC_MESSAGES',
    '/usr/share/locale/fr',
    '/usr/share/locale/fr/LC_MESSAGES',
    '/usr/share/locale/fr_CA',
    '/usr/share/locale/fr_CA/LC_MESSAGES',
    '/usr/share/locale/fr_CH',
    '/usr/share/locale/fr_CH/LC_MESSAGES',
    '/usr/share/locale/fr_FR',
    '/usr/share/locale/fr_FR/LC_MESSAGES',
    '/usr/share/locale/fy',
    '/usr/share/locale/fy/LC_MESSAGES',
    '/usr/share/locale/ga',
    '/usr/share/locale/ga/LC_MESSAGES',
    '/usr/share/locale/gd',
    '/usr/share/locale/gd/LC_MESSAGES',
    '/usr/share/locale/gez',
    '/usr/share/locale/gez/LC_MESSAGES',
    '/usr/share/locale/gl',
    '/usr/share/locale/gl/LC_MESSAGES',
    '/usr/share/locale/gn',
    '/usr/share/locale/gn/LC_MESSAGES',
    '/usr/share/locale/gr',
    '/usr/share/locale/gr/LC_MESSAGES',
    '/usr/share/locale/gu',
    '/usr/share/locale/gu/LC_MESSAGES',
    '/usr/share/locale/gv',
    '/usr/share/locale/gv/LC_MESSAGES',
    '/usr/share/locale/haw',
    '/usr/share/locale/haw/LC_MESSAGES',
    '/usr/share/locale/he',
    '/usr/share/locale/he/LC_MESSAGES',
    '/usr/share/locale/hi',
    '/usr/share/locale/hi/LC_MESSAGES',
    '/usr/share/locale/hr',
    '/usr/share/locale/hr/LC_MESSAGES',
    '/usr/share/locale/hu',
    '/usr/share/locale/hu/LC_MESSAGES',
    '/usr/share/locale/hy',
    '/usr/share/locale/hy/LC_MESSAGES',
    '/usr/share/locale/ia',
    '/usr/share/locale/ia/LC_MESSAGES',
    '/usr/share/locale/id',
    '/usr/share/locale/id/LC_MESSAGES',
    '/usr/share/locale/is',
    '/usr/share/locale/is/LC_MESSAGES',
    '/usr/share/locale/it',
    '/usr/share/locale/it/LC_MESSAGES',
    '/usr/share/locale/it_CH',
    '/usr/share/locale/it_CH/LC_MESSAGES',
    '/usr/share/locale/it_IT',
    '/usr/share/locale/it_IT/LC_MESSAGES',
    '/usr/share/locale/iu',
    '/usr/share/locale/iu/LC_MESSAGES',
    '/usr/share/locale/ja',
    '/usr/share/locale/ja/LC_MESSAGES',
    '/usr/share/locale/ja_JP.EUC',
    '/usr/share/locale/ja_JP.EUC/LC_MESSAGES',
    '/usr/share/locale/ja_JP.SJIS',
    '/usr/share/locale/ja_JP.SJIS/LC_MESSAGES',
    '/usr/share/locale/ja_JP.eucJP',
    '/usr/share/locale/ja_JP.eucJP/LC_MESSAGES',
    '/usr/share/locale/ka',
    '/usr/share/locale/ka/LC_MESSAGES',
    '/usr/share/locale/kk',
    '/usr/share/locale/kk/LC_MESSAGES',
    '/usr/share/locale/kl',
    '/usr/share/locale/kl/LC_MESSAGES',
    '/usr/share/locale/km',
    '/usr/share/locale/km/LC_MESSAGES',
    '/usr/share/locale/kn',
    '/usr/share/locale/kn/LC_MESSAGES',
    '/usr/share/locale/ko',
    '/usr/share/locale/ko/LC_MESSAGES',
    '/usr/share/locale/kok',
    '/usr/share/locale/kok/LC_MESSAGES',
    '/usr/share/locale/ku',
    '/usr/share/locale/ku/LC_MESSAGES',
    '/usr/share/locale/kw',
    '/usr/share/locale/kw/LC_MESSAGES',
    '/usr/share/locale/ky',
    '/usr/share/locale/ky/LC_MESSAGES',
    '/usr/share/locale/lg',
    '/usr/share/locale/lg/LC_MESSAGES',
    '/usr/share/locale/li',
    '/usr/share/locale/li/LC_MESSAGES',
    '/usr/share/locale/lo',
    '/usr/share/locale/lo/LC_MESSAGES',
    '/usr/share/locale/lt',
    '/usr/share/locale/lt/LC_MESSAGES',
    '/usr/share/locale/lv',
    '/usr/share/locale/lv/LC_MESSAGES',
    '/usr/share/locale/mg',
    '/usr/share/locale/mg/LC_MESSAGES',
    '/usr/share/locale/mi',
    '/usr/share/locale/mi/LC_MESSAGES',
    '/usr/share/locale/mk',
    '/usr/share/locale/mk/LC_MESSAGES',
    '/usr/share/locale/ml',
    '/usr/share/locale/ml/LC_MESSAGES',
    '/usr/share/locale/mn',
    '/usr/share/locale/mn/LC_MESSAGES',
    '/usr/share/locale/mr',
    '/usr/share/locale/mr/LC_MESSAGES',
    '/usr/share/locale/ms',
    '/usr/share/locale/ms/LC_MESSAGES',
    '/usr/share/locale/mt',
    '/usr/share/locale/mt/LC_MESSAGES',
    '/usr/share/locale/my',
    '/usr/share/locale/my/LC_MESSAGES',
    '/usr/share/locale/nb',
    '/usr/share/locale/nb/LC_MESSAGES',
    '/usr/share/locale/nb_NO',
    '/usr/share/locale/nb_NO/LC_MESSAGES',
    '/usr/share/locale/nds',
    '/usr/share/locale/nds/LC_MESSAGES',
    '/usr/share/locale/ne',
    '/usr/share/locale/ne/LC_MESSAGES',
    '/usr/share/locale/nl',
    '/usr/share/locale/nl/LC_MESSAGES',
    '/usr/share/locale/nl_BE',
    '/usr/share/locale/nl_BE/LC_MESSAGES',
    '/usr/share/locale/nn',
    '/usr/share/locale/nn/LC_MESSAGES',
    '/usr/share/locale/nn_NO',
    '/usr/share/locale/nn_NO/LC_MESSAGES',
    '/usr/share/locale/nso',
    '/usr/share/locale/nso/LC_MESSAGES',
    '/usr/share/locale/oc',
    '/usr/share/locale/oc/LC_MESSAGES',
    '/usr/share/locale/om',
    '/usr/share/locale/om/LC_MESSAGES',
    '/usr/share/locale/or',
    '/usr/share/locale/or/LC_MESSAGES',
    '/usr/share/locale/pa',
    '/usr/share/locale/pa/LC_MESSAGES',
    '/usr/share/locale/pl',
    '/usr/share/locale/pl/LC_MESSAGES',
    '/usr/share/locale/pl_PL',
    '/usr/share/locale/pl_PL/LC_MESSAGES',
    '/usr/share/locale/ps',
    '/usr/share/locale/ps/LC_MESSAGES',
    '/usr/share/locale/pt',
    '/usr/share/locale/pt/LC_MESSAGES',
    '/usr/share/locale/pt_BR',
    '/usr/share/locale/pt_BR/LC_MESSAGES',
    '/usr/share/locale/pt_PT',
    '/usr/share/locale/pt_PT/LC_MESSAGES',
    '/usr/share/locale/rm',
    '/usr/share/locale/rm/LC_MESSAGES',
    '/usr/share/locale/ro',
    '/usr/share/locale/ro/LC_MESSAGES',
    '/usr/share/locale/ru',
    '/usr/share/locale/ru/LC_MESSAGES',
    '/usr/share/locale/ru_RU',
    '/usr/share/locale/ru_RU/LC_MESSAGES',
    '/usr/share/locale/ru_UA.koi8u',
    '/usr/share/locale/ru_UA.koi8u/LC_MESSAGES',
    '/usr/share/locale/rw',
    '/usr/share/locale/rw/LC_MESSAGES',
    '/usr/share/locale/sa',
    '/usr/share/locale/sa/LC_MESSAGES',
    '/usr/share/locale/se',
    '/usr/share/locale/se/LC_MESSAGES',
    '/usr/share/locale/si',
    '/usr/share/locale/si/LC_MESSAGES',
    '/usr/share/locale/sid',
    '/usr/share/locale/sid/LC_MESSAGES',
    '/usr/share/locale/sk',
    '/usr/share/locale/sk/LC_MESSAGES',
    '/usr/share/locale/sl',
    '/usr/share/locale/sl/LC_MESSAGES',
    '/usr/share/locale/sl_SI',
    '/usr/share/locale/sl_SI/LC_MESSAGES',
    '/usr/share/locale/so',
    '/usr/share/locale/so/LC_MESSAGES',
    '/usr/share/locale/sp',
    '/usr/share/locale/sp/LC_MESSAGES',
    '/usr/share/locale/sq',
    '/usr/share/locale/sq/LC_MESSAGES',
    '/usr/share/locale/sq_AL',
    '/usr/share/locale/sq_AL/LC_MESSAGES',
    '/usr/share/locale/sr',
    '/usr/share/locale/sr/LC_MESSAGES',
    '/usr/share/locale/sr@Latn',
    '/usr/share/locale/sr@Latn/LC_MESSAGES',
    '/usr/share/locale/sr@ije',
    '/usr/share/locale/sr@ije/LC_MESSAGES',
    '/usr/share/locale/ss',
    '/usr/share/locale/ss/LC_MESSAGES',
    '/usr/share/locale/st',
    '/usr/share/locale/st/LC_MESSAGES',
    '/usr/share/locale/sv',
    '/usr/share/locale/sv/LC_MESSAGES',
    '/usr/share/locale/sw',
    '/usr/share/locale/sw/LC_MESSAGES',
    '/usr/share/locale/syr',
    '/usr/share/locale/syr/LC_MESSAGES',
    '/usr/share/locale/ta',
    '/usr/share/locale/ta/LC_MESSAGES',
    '/usr/share/locale/te',
    '/usr/share/locale/te/LC_MESSAGES',
    '/usr/share/locale/tg',
    '/usr/share/locale/tg/LC_MESSAGES',
    '/usr/share/locale/th',
    '/usr/share/locale/th/LC_MESSAGES',
    '/usr/share/locale/ti',
    '/usr/share/locale/ti/LC_MESSAGES',
    '/usr/share/locale/tig',
    '/usr/share/locale/tig/LC_MESSAGES',
    '/usr/share/locale/tk',
    '/usr/share/locale/tk/LC_MESSAGES',
    '/usr/share/locale/tl',
    '/usr/share/locale/tl/LC_MESSAGES',
    '/usr/share/locale/tr',
    '/usr/share/locale/tr/LC_MESSAGES',
    '/usr/share/locale/tt',
    '/usr/share/locale/tt/LC_MESSAGES',
    '/usr/share/locale/ug',
    '/usr/share/locale/ug/LC_MESSAGES',
    '/usr/share/locale/uk',
    '/usr/share/locale/uk/LC_MESSAGES',
    '/usr/share/locale/uk_UA',
    '/usr/share/locale/uk_UA/LC_MESSAGES',
    '/usr/share/locale/ur',
    '/usr/share/locale/ur/LC_MESSAGES',
    '/usr/share/locale/urd',
    '/usr/share/locale/urd/LC_MESSAGES',
    '/usr/share/locale/uz',
    '/usr/share/locale/uz/LC_MESSAGES',
    '/usr/share/locale/uz@cyrillic',
    '/usr/share/locale/uz@cyrillic/LC_MESSAGES',
    '/usr/share/locale/ve',
    '/usr/share/locale/ve/LC_MESSAGES',
    '/usr/share/locale/ven',
    '/usr/share/locale/ven/LC_MESSAGES',
    '/usr/share/locale/vi',
    '/usr/share/locale/vi/LC_MESSAGES',
    '/usr/share/locale/wa',
    '/usr/share/locale/wa/LC_MESSAGES',
    '/usr/share/locale/wal',
    '/usr/share/locale/wal/LC_MESSAGES',
    '/usr/share/locale/wo',
    '/usr/share/locale/wo/LC_MESSAGES',
    '/usr/share/locale/xh',
    '/usr/share/locale/xh/LC_MESSAGES',
    '/usr/share/locale/yi',
    '/usr/share/locale/yi/LC_MESSAGES',
    '/usr/share/locale/yo',
    '/usr/share/locale/yo/LC_MESSAGES',
    '/usr/share/locale/zh',
    '/usr/share/locale/zh/LC_MESSAGES',
    '/usr/share/locale/zh_CN',
    '/usr/share/locale/zh_CN.GB2312',
    '/usr/share/locale/zh_CN.GB2312/LC_MESSAGES',
    '/usr/share/locale/zh_CN/LC_MESSAGES',
    '/usr/share/locale/zh_HK',
    '/usr/share/locale/zh_HK/LC_MESSAGES',
    '/usr/share/locale/zh_TW',
    '/usr/share/locale/zh_TW.Big5',
    '/usr/share/locale/zh_TW.Big5/LC_MESSAGES',
    '/usr/share/locale/zh_TW/LC_MESSAGES',
    '/usr/share/locale/zu',
    '/usr/share/locale/zu/LC_MESSAGES',
    '/usr/share/man',
    '/usr/share/man/man1',
    '/usr/share/man/man2',
    '/usr/share/man/man3',
    '/usr/share/man/man4',
    '/usr/share/man/man5',
    '/usr/share/man/man6',
    '/usr/share/man/man7',
    '/usr/share/man/man8',
    '/usr/share/man/man9',
    '/usr/share/man/mann',
    '/usr/share/mime',
    '/usr/share/mime/packages',
    '/usr/share/misc',
    '/usr/share/nls',
    '/usr/share/pixmaps',
    '/usr/share/pkgconfig',
    '/usr/share/sgml',
    '/usr/share/sgml/docbook',
    '/usr/share/sounds',
    '/usr/share/themes',
    '/usr/share/tmac',
    '/usr/share/xml',
    '/usr/share/xml/docbook',
    '/usr/share/xsessions',
    '/usr/src',
    '/usr/src/packages',
    '/usr/tmp',
    '/var',
    '/var/X11R6',
    '/var/adm',
    '/var/adm/backup',
    '/var/adm/backup/rpmdb',
    '/var/adm/backup/sysconfig',
    '/var/adm/fillup-templates',
    '/var/adm/perl-modules',
    '/var/cache',
    '/var/cache/fonts',
    '/var/cache/man',
    '/var/games',
    '/var/lib',
    '/var/lib/empty',
    '/var/lib/misc',
    '/var/lib/news',
    '/var/lib/nobody',
    '/var/lib/pam_devperm',
    '/var/lib/wwwrun',
    '/var/lock',
    '/var/lock/subsys',
    '/var/log',
    '/var/mail',
    '/var/opt',
    '/var/run',
    '/var/spool',
    '/var/spool/clientmqueue',
    '/var/spool/locks',
    '/var/spool/lpd',
    '/var/spool/mail',
    '/var/spool/uucp',
    '/var/spool/uucp/uucp',
    '/var/tmp',
    '/var/tmp/vi.recover',
    )

DEFAULT_GAMES_GROUPS = 'Games'

DEFAULT_DANGLING_EXCEPTIONS = (['consolehelper$', 'usermode-consoleonly'],
                               )

# Standard users and groups from LSB Core 4.0.0: 21.2 User & Group Names
DEFAULT_STANDARD_USERS  = ('root', 'bin', 'daemon', 'adm', 'lp', 'sync',
                           'shutdown', 'halt', 'mail', 'news', 'uucp',
                           'operator', 'man', 'nobody',)
DEFAULT_STANDARD_GROUPS = ('root', 'bin', 'daemon', 'adm', 'lp', 'sync',
                           'shutdown', 'halt', 'mail', 'news', 'uucp',
                           'man', 'nobody',)

tmp_regex = re.compile('^/tmp/|^(/var|/usr)/tmp/')
sub_bin_regex = re.compile('^(/usr)?/s?bin/\S+/')
backup_regex = re.compile('(~|\#[^/]+\#|\.orig|\.rej)$')
compr_regex = re.compile('\.(gz|z|Z|zip|bz2|lzma|xz)$')
absolute_regex = re.compile('^/([^/]+)')
absolute2_regex = re.compile('^/?([^/]+)')
points_regex = re.compile('^\.\./(.*)')
doc_regex = re.compile('^/usr(/share|/X11R6)?/(doc|man|info)/|^/opt/kde3/share/doc|^/usr/share/gnome/help')
bin_regex = re.compile('^/(?:usr/(?:s?bin|games)|s?bin)/(.*)')
includefile_regex = re.compile('\.(c|h)(pp|xx)?$', re.IGNORECASE)
develfile_regex = re.compile('\.(a|cmxa?|mli?|gir)$')
buildconfigfile_regex = re.compile('(\.pc|/bin/.+-config)$')
docdir_examples_regex = re.compile('^/usr/(?:share/doc/packages|lib(?:64))/[^/]+/(?:example|demo|script|contrib)')
# room for improvement with catching more -R, but also for false positives...
buildconfig_rpath_regex = re.compile('(?:-rpath|Wl,-R)\\b')
sofile_regex = re.compile('/lib(64)?/(.+/)?lib[^/]+\.so$')
devel_regex = re.compile('(.*)-(debug(info)?|devel|headers|source|static)$')
debuginfo_package_regex = re.compile('-debug(info)?$')
lib_regex = re.compile('/lib(64)?/lib[^/]*\.so\.[\d\.-]*$')
ldconfig_regex = re.compile('^[^#]*ldconfig', re.MULTILINE)
depmod_regex = re.compile('^[^#]*depmod', re.MULTILINE)
install_info_regex = re.compile('^[^#]*install-info', re.MULTILINE)
perl_temp_file_regex = re.compile('.*perl.*/(\.packlist|perllocal\.pod)$')
scm_regex=re.compile('/(CVS|RCS)(/[^/]+)?$|/\.(bzr|cvs|git|hg)ignore$|/\.hgtags$|/\.(bzr|git|hg|svn)/|/(\.arch-ids|{arch})/|,v$')
games_path_regex = re.compile('^/usr(/lib(64)?)?/games/')
games_group_regex = re.compile(Config.getOption('RpmGamesGroups', DEFAULT_GAMES_GROUPS))
dangling_exceptions = Config.getOption('DanglingSymlinkExceptions', DEFAULT_DANGLING_EXCEPTIONS)
logrotate_regex = re.compile('^/etc/logrotate\.d/(.*)')
module_rpms_ok = Config.getOption('KernelModuleRPMsOK', True)
kernel_modules_regex = re.compile('^/lib/modules/(2\.[23456]\.[0-9]+[^/]*?)/')
kernel_package_regex = re.compile('^kernel(22)?(-)?(smp|enterprise|bigmem|secure|BOOT|i686-up-4GB|p3-smp-64GB)?')
normal_zero_length_regex = re.compile('^/etc/security/console\.apps/|/\.nosearch$|/__init__\.py$')
perl_regex = re.compile('^/usr/lib/perl5/(?:vendor_perl/)?([0-9]+\.[0-9]+)\.([0-9]+)/')
python_regex = re.compile('^/usr/lib(?:64)?/python([.0-9]+)/')
python_bytecode_regex_pep3147 = re.compile('^(.*)/__pycache__/(.*)\.(.*)(\.py[oc])$')
python_bytecode_regex = re.compile('^(.*)(\.py[oc])$')
python_default_version = Config.getOption('PythonDefaultVersion', None)
perl_version_trick = Config.getOption('PerlVersionTrick', True)
log_regex = re.compile('^/var/log/[^/]+$')
lib_path_regex = re.compile('^(/usr(/X11R6)?)?/lib(64)?')
lib_package_regex = re.compile('^(lib|.+-libs)')
hidden_file_regex = re.compile('/\.[^/]*$')
manifest_perl_regex = re.compile('^/usr/share/doc/perl-.*/MANIFEST(\.SKIP)?$')
shebang_regex = re.compile('^#!\s*(\S+)')
interpreter_regex = re.compile('^/(usr/)?(s?bin|games|libexec(/.+)?|(lib(64)?|share)/.+)/[^/]+$')
script_regex = re.compile('^/((usr/)?s?bin|etc/(rc\.d/init\.d|X11/xinit\.d|cron\.(hourly|daily|monthly|weekly)))/')
sourced_script_regex = re.compile('^/etc/(bash_completion\.d|profile\.d|/sbin/conf.d)/')
use_utf8 = Config.getOption('UseUTF8', Config.USEUTF8_DEFAULT)
skipdocs_regex = re.compile(Config.getOption('SkipDocsRegexp', '\.(?:rtf|x?html?|svg|ml[ily]?)$'), re.IGNORECASE)
meta_package_regex = re.compile(Config.getOption('MetaPackageRegexp', '^(bundle|task)-'))
filesys_packages = ['filesystem'] # TODO: make configurable?
quotes_regex = re.compile('[\'"]+')

for idx in range(0, len(dangling_exceptions)):
    dangling_exceptions[idx][0] = re.compile(dangling_exceptions[idx][0])
del idx

use_relative_symlinks = Config.getOption("UseRelativeSymlinks", True)

standard_groups = Config.getOption('StandardGroups', DEFAULT_STANDARD_GROUPS)
standard_users = Config.getOption('StandardUsers', DEFAULT_STANDARD_USERS)

non_readable_regexs = (re.compile('^/var/log/'),
                       re.compile('^/etc/(g?shadow-?|securetty)$'))

man_base_regex = re.compile(r'^/usr(?:/share)?/man/man[^/]+/(.+)\.[1-9n]')
man_warn_regex = re.compile(r'^([^:]+:)\d+:\s*')
man_nowarn_regex = re.compile(
    # From Lintian: ignore common undefined macros from pod2man << Perl 5.10
    r'\`(Tr|IX)\' not defined|'
    # .so entries won't resolve as we're dealing with stdin
    r'No such file or directory|'
    # TODO, better handling for these (see e.g. Lintian)
    r'(can\'t break|cannot adjust) line')
man_warn_category = Config.getOption('ManWarningCategory', 'mac')

fsf_license_regex = re.compile('(GNU((\s+(Library|Lesser|Affero))?(\s+General)?\s+Public|\s+Free\s+Documentation)\s+Licen[cs]e|(GP|FD)L)', re.IGNORECASE)
fsf_wrong_address_regex = re.compile('(675\s+Mass\s+Ave|59\s+Temple\s+Place|Franklin\s+Steet|02139|02111-1307)', re.IGNORECASE)

# loosely inspired from Python Cookbook
# http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/173220
text_characters = "".join(map(chr, range(32, 127)) + list("\n\r\t\b"))
_null_trans = string.maketrans("", "")

def peek(filename, pkg, length=1024):
    """Peek into a file, return a chunk from its beginning and a flag if it
       seems to be a text file."""
    fobj = None
    chunk = None
    try:
        fobj = open(filename, 'rb')
        chunk = fobj.read(length)
        fobj.close()
    except Exception, e: # eg. https://bugzilla.redhat.com/209876
        printWarning(pkg, 'read-error', e)
        if fobj:
            fobj.close()
        return (chunk, False)

    if "\0" in chunk:
        return (chunk, False)

    if not chunk:  # Empty files are considered text
        return (chunk, True)

    # PDF's are binary but often detected as text by the algorithm below
    if filename.lower().endswith('.pdf') and chunk.startswith('%PDF-'):
        return (chunk, False)

    # Get the non-text characters (maps a character to itself then
    # use the 'remove' option to get rid of the text characters.)
    t = chunk.translate(_null_trans, text_characters)

    # If more than 30% non-text characters, then consider it a binary file
    istext = float(len(t))/len(chunk) <= 0.30
    return (chunk, istext)

# See Python/import.c (in the default and 2.x branches) for a full list of
# the values here.
_python_magic_values = {
    '2.2': 60717,
    '2.3': 62011,
    '2.4': 62061,
    '2.5': 62131,
    '2.6': 62161,
    '2.7': 62211,
    '3.0': 3130,
    '3.1': 3150,
    '3.2': 3180,
    '3.3': 3230,
    }

def get_expected_pyc_magic(path):
    """.pyc/.pyo files embed a 4-byte magic value identifying which version of
    the python bytecode ABI they are for. Given a path to a .pyc/.pyo file,
    return a (magic ABI value, python version) tuple.  For example,
    '/usr/lib/python3.1/foo.pyc' should return (3151, '3.1').
    The first value will be None if the python version was not resolved
    from the given pathname and the PythonDefaultVersion configuration
    variable is not set, or if we don't know the magic ABI value for the
    python version (no matter from which source the version came from).
    The second value will be None if a python version could not be resolved
    from the given pathname."""

    ver_from_path = None
    m = python_regex.search(path)
    if m:
        ver_from_path = m.group(1)

    expected_version = ver_from_path or python_default_version
    expected_magic_value = _python_magic_values.get(expected_version)

    if not expected_magic_value:
        return (None, ver_from_path)

    # In Python 2, if Py_UnicodeFlag is set, Python's import code uses a value
    # one higher, but this is off by default. In Python 3.0 and 3.1 (but no
    # longer in 3.2), it always uses the value one higher:
    if expected_version[:3] in ('3.0', '3.1'):
        expected_magic_value += 1

    return (expected_magic_value, ver_from_path)

def py_demarshal_long(b):
    """Counterpart to Python's PyMarshal_ReadLongFromFile, operating on the
    bytes in a string."""
    return (ord(b[0])
            + (ord(b[1]) << 8)
            + (ord(b[2]) << 16)
            + (ord(b[3]) << 24))

def python_bytecode_to_script(path):
    """Given a python bytecode path, give the path of the .py file
    (or None if not python bytecode)."""

    res = python_bytecode_regex_pep3147.search(path)
    if res:
        return res.group(1) + '/' + res.group(2) + '.py'

    res = python_bytecode_regex.search(path)
    if res:
        return res.group(1) + '.py'

    return None

class FilesCheck(AbstractCheck.AbstractCheck):

    def __init__(self):
        AbstractCheck.AbstractCheck.__init__(self, 'FilesCheck')

    def check(self, pkg):

        files = pkg.files()

        if use_utf8:
            for filename in files:
                if not is_utf8_str(filename):
                    printError(pkg, 'filename-not-utf8', filename)

        # Rest of the checks are for binary packages only
        if pkg.isSource():
            return

        # Check if the package is a development package
        devel_pkg = devel_regex.search(pkg.name)

        for p in pkg.provides():
            if not devel_pkg and devel_regex.search(p[0]):
                devel_pkg = True

        config_files = pkg.configFiles()
        ghost_files = pkg.ghostFiles()
        doc_files = pkg.docFiles()
        req_names = pkg.req_names()
        lib_package = lib_package_regex.search(pkg.name)
        is_kernel_package = kernel_package_regex.search(pkg.name)
        debuginfo_package = debuginfo_package_regex.search(pkg.name)

        # report these errors only once
        perl_dep_error = False
        python_dep_error = False
        lib_file = False
        non_lib_file = None
        log_file = None
        logrotate_file = False
        debuginfo_srcs = False
        debuginfo_debugs = False

        if not lib_package and not doc_files:
            printWarning(pkg, 'no-documentation')

        if files:
            if meta_package_regex.search(pkg.name):
                printWarning(pkg, 'file-in-meta-package')
        elif debuginfo_package:
            printError(pkg, 'empty-debuginfo-package')

        # Unique (rdev, inode) combinations
        hardlinks = {}

        # All executable files from standard bin dirs (basename => [paths])
        # Hack: basenames with empty paths links are symlinks (not subject
        # to duplicate binary check, but yes for man page existence check)
        bindir_exes = {}

        # All man page "base" names (without section etc extensions)
        man_basenames = set()

        for f, pkgfile in files.items():
            mode = pkgfile.mode
            user = pkgfile.user
            group = pkgfile.group
            link = pkgfile.linkto
            size = pkgfile.size
            rdev = pkgfile.rdev
            inode = pkgfile.inode
            is_doc = f in doc_files
            nonexec_file = False

            for match in AbstractCheck.macro_regex.findall(f):
                printWarning(pkg, 'unexpanded-macro', f, match)
            if standard_users and user not in standard_users:
                printWarning(pkg, 'non-standard-uid', f, user)
            if standard_groups and group not in standard_groups:
                printWarning(pkg, 'non-standard-gid', f, group)

            if not module_rpms_ok and kernel_modules_regex.search(f) and not \
                    is_kernel_package:
                printError(pkg, "kernel-modules-not-in-kernel-packages", f)

            if tmp_regex.search(f):
                printError(pkg, 'dir-or-file-in-tmp', f)
            elif f.startswith('/mnt/'):
                printError(pkg, 'dir-or-file-in-mnt', f)
            elif f.startswith('/opt/'):
                printError(pkg, 'dir-or-file-in-opt', f)
            elif f.startswith('/usr/local/'):
                printError(pkg, 'dir-or-file-in-usr-local', f)
            elif f.startswith('/var/local/'):
                printError(pkg, 'dir-or-file-in-var-local', f)
            elif f.startswith('/var/run/'):
                if f not in ghost_files:
                    printWarning(pkg, 'non-ghost-in-var-run', f)
            elif f.startswith('/var/lock/'):
                if f not in ghost_files:
                    printWarning(pkg, 'non-ghost-in-var-lock', f)
            elif sub_bin_regex.search(f):
                printError(pkg, 'subdir-in-bin', f)
            elif f.startswith('/home/'):
                printError(pkg, 'dir-or-file-in-home', f)
            elif '/site_perl/' in f:
                printWarning(pkg, 'siteperl-in-perl-module', f)

            if backup_regex.search(f):
                printError(pkg, 'backup-file-in-package', f)
            elif scm_regex.search(f):
                printError(pkg, 'version-control-internal-file', f)
            elif f.endswith('/.htaccess'):
                printError(pkg, 'htaccess-file', f)
            elif hidden_file_regex.search(f) and not f.startswith("/etc/skel/"):
                printWarning(pkg, 'hidden-file-or-dir', f)
            elif manifest_perl_regex.search(f):
                printWarning(pkg, 'manifest-in-perl-module', f)
            elif f == '/usr/info/dir' or f == '/usr/share/info/dir':
                printError(pkg, 'info-dir-file', f)

            res = logrotate_regex.search(f)
            if res:
                logrotate_file = True
                if res.group(1) != pkg.name:
                    printError(pkg, 'incoherent-logrotate-file', f)

            deps=[x[0] for x in pkg.requires()+pkg.recommends()+pkg.suggests()]
            if res and not ('logrotate' in deps) and pkg.name != "logrotate":
                printError(pkg, 'missing-dependency-to-logrotate', "for logrotate script", f)
            if f.startswith('/etc/cron.') \
               and not ('cron' in deps) and pkg.name != "cron":
                printError(pkg, 'missing-dependency-to-cron', "for cron script", f)
            if f.startswith('/etc/xinet.d/') \
               and not ('xinetd' in deps) and pkg.name != "xinetd":
                printError(pkg, 'missing-dependency-to-xinetd', "for xinet.d script", f)

            if link != '':
                ext = compr_regex.search(link)
                if ext:
                    if not re.compile('\.' + ext.group(1) + '$').search(f):
                        printError(pkg, 'compressed-symlink-with-wrong-ext',
                                   f, link)

            perm = mode & 07777

            if log_regex.search(f):
                log_file = f

            # Hardlink check
            hardlink = hardlinks.get((rdev, inode))
            if hardlink and os.path.dirname(hardlink) != os.path.dirname(f):
                printWarning(pkg, 'cross-directory-hard-link', f, hardlink)
            hardlinks[(rdev, inode)] = f

            # normal file check
            if stat.S_ISREG(mode):

                # set[ug]id bit check
                if stat.S_ISGID & mode or stat.S_ISUID & mode:
                    if stat.S_ISUID & mode:
                        printError(pkg, 'setuid-binary', f, user, oct(perm))
                    if stat.S_ISGID & mode:
                        if not (group == 'games' and
                                (games_path_regex.search(f) or
                                 games_group_regex.search(
                                    pkg[rpm.RPMTAG_GROUP]))):
                            printError(pkg, 'setgid-binary', f, group,
                                       oct(perm))
                    if mode & 0777 != 0755:
                        printError(pkg, 'non-standard-executable-perm', f,
                                   oct(perm))

                # Prefetch scriptlets, strip quotes from them (#169)
                postin = pkg[rpm.RPMTAG_POSTIN] or \
                    pkg.scriptprog(rpm.RPMTAG_POSTINPROG)
                if postin:
                    postin = quotes_regex.sub('', postin)
                postun = pkg[rpm.RPMTAG_POSTUN] or \
                    pkg.scriptprog(rpm.RPMTAG_POSTUNPROG)
                if postun:
                    postun = quotes_regex.sub('', postun)

                if not devel_pkg:
                    if lib_path_regex.search(f):
                        lib_file = True
                    elif not is_doc:
                        non_lib_file = f

                if log_regex.search(f):
                    nonexec_file = True
                    if user != 'root':
                        printError(pkg, 'non-root-user-log-file', f, user)
                    if group != 'root':
                        printError(pkg, 'non-root-group-log-file', f, group)
                    if f not in ghost_files:
                        printError(pkg, 'non-ghost-file', f)

                chunk = None
                istext = False
                if os.access(pkgfile.path, os.R_OK):
                    (chunk, istext) = peek(pkgfile.path, pkg)

                interpreter = None
                if chunk:
                    res = shebang_regex.search(chunk)
                    if res:
                        interpreter = res.group(1)

                if doc_regex.search(f):
                    if not interpreter:
                        nonexec_file = True
                    if not is_doc:
                        printError(pkg, 'not-listed-as-documentation', f)

                # check ldconfig call in %post and %postun
                if lib_regex.search(f):
                    if not postin:
                        printError(pkg, 'library-without-ldconfig-postin', f)
                    else:
                        if not ldconfig_regex.search(postin):
                            printError(pkg, 'postin-without-ldconfig', f)

                    if not postun:
                        printError(pkg, 'library-without-ldconfig-postun', f)
                    else:
                        if not ldconfig_regex.search(postun):
                            printError(pkg, 'postun-without-ldconfig', f)

                # check depmod call in %post and %postun
                res = not is_kernel_package and kernel_modules_regex.search(f)
                if res:
                    kernel_version = res.group(1)
                    kernel_version_regex = re.compile(
                        '\\bdepmod\s+-a.*F\s+/boot/System\.map-' +
                        re.escape(kernel_version) + '\\b.*\\b' +
                        re.escape(kernel_version) + '\\b',
                        re.MULTILINE | re.DOTALL)

                    if not postin or not depmod_regex.search(postin):
                        printError(pkg, 'module-without-depmod-postin', f)
                    # check that we run depmod on the right kernel
                    elif not kernel_version_regex.search(postin):
                        printError(pkg, 'postin-with-wrong-depmod', f)

                    if not postun or not depmod_regex.search(postun):
                        printError(pkg, 'module-without-depmod-postun', f)
                    # check that we run depmod on the right kernel
                    elif not kernel_version_regex.search(postun):
                        printError(pkg, 'postun-with-wrong-depmod', f)

                # check install-info call in %post and %postun
                if f.startswith('/usr/share/info/'):
                    if not postin:
                        printError(pkg,
                                   'info-files-without-install-info-postin', f)
                    elif not install_info_regex.search(postin):
                        printError(pkg, 'postin-without-install-info', f)

                    preun = pkg[rpm.RPMTAG_PREUN] or \
                        pkg.scriptprog(rpm.RPMTAG_PREUNPROG)
                    if not postun and not preun:
                        printError(pkg,
                                   'info-files-without-install-info-postun', f)
                    elif (not postun or
                          not install_info_regex.search(postun)) and \
                          (not preun or not install_info_regex.search(preun)):
                        printError(pkg, 'postin-without-install-info', f)

                # check perl temp file
                if perl_temp_file_regex.search(f):
                    printWarning(pkg, 'perl-temp-file', f)

                is_buildconfig = buildconfigfile_regex.search(f) and True

                # check rpaths in buildconfig files
                if is_buildconfig:
                    ln = pkg.grep(buildconfig_rpath_regex, f)
                    if ln:
                        printError(pkg, 'rpath-in-buildconfig', f, 'lines', ln)

                res = bin_regex.search(f)
                if res:
                    if mode & 0111 == 0:
                        printWarning(pkg, 'non-executable-in-bin', f, oct(perm))
                    else:
                        exe = res.group(1)
                        if "/" not in exe:
                            bindir_exes.setdefault(exe, []).append(f)

                if not devel_pkg and not is_doc and \
                       (includefile_regex.search(f) or \
                        develfile_regex.search(f) or is_buildconfig):
                    printWarning(pkg, 'devel-file-in-non-devel-package', f)
                if mode & 0444 != 0444 and perm & 07000 == 0:
                    ok_nonreadable = False
                    for regex in non_readable_regexs:
                        if regex.search(f):
                            ok_nonreadable = True
                            break
                    if not ok_nonreadable:
                        printError(pkg, 'non-readable', f, oct(perm))
                if size == 0 and not normal_zero_length_regex.search(f) and \
                        f not in ghost_files:
                    printError(pkg, 'zero-length', f)

                if mode & 0002 != 0:
                    printError(pkg, 'world-writable', f, oct(perm))

                if not perl_dep_error:
                    res = perl_regex.search(f)
                    if res:
                        if perl_version_trick:
                            vers = res.group(1) + '.' + res.group(2)
                        else:
                            vers = res.group(1) + res.group(2)
                        if not (pkg.check_versioned_dep('perl-base', vers) or
                                pkg.check_versioned_dep('perl', vers)):
                            printError(pkg, 'no-dependency-on',
                                       'perl-base', vers)
                            perl_dep_error = True

                if not python_dep_error:
                    res = python_regex.search(f)
                    if res and not (pkg.check_versioned_dep('python-base',
                                                            res.group(1)) or
                                    pkg.check_versioned_dep('python',
                                                            res.group(1)) or
                                    pkg.check_versioned_dep('python(abi)',
                                                            res.group(1))
                                    ):
                        printError(pkg, 'no-dependency-on', 'python(abi)',
                                   res.group(1))
                        python_dep_error = True

                source_file = python_bytecode_to_script(f)
                if source_file:
                    if source_file in files:
                        if chunk:
                            # Verify that the magic ABI value embedded in the
                            # .pyc header is correct
                            found_magic = py_demarshal_long(chunk[:4]) & 0xffff
                            exp_magic, exp_version = get_expected_pyc_magic(f)
                            if exp_magic and found_magic != exp_magic:
                                found_version = 'unknown'
                                for (pv, pm) in _python_magic_values.items():
                                    if pm == found_magic:
                                        found_version = pv
                                        break
                                # If expected version was from the file path,
                                # issue # an error, otherwise a warning.
                                msg = (pkg, 'python-bytecode-wrong-magic-value',
                                       f, "expected %d (%s), found %d (%s)" %
                                       (exp_magic,
                                        exp_version or python_default_version,
                                        found_magic, found_version))
                                if exp_version is not None:
                                    printError(*msg)
                                else:
                                    printWarning(*msg)

                            # Verify that the timestamp embedded in the .pyc
                            # header matches the mtime of the .py file:
                            pyc_timestamp = py_demarshal_long(chunk[4:8])
                            # If it's a symlink, check target file mtime.
                            srcfile = pkg.readlink(files[source_file])
                            if not srcfile:
                                printWarning(
                                    pkg, 'python-bytecode-without-source', f)
                            elif pyc_timestamp != srcfile.mtime:
                                cts = datetime.fromtimestamp(
                                    pyc_timestamp).isoformat()
                                sts = datetime.fromtimestamp(
                                    srcfile.mtime).isoformat()
                                printError(pkg,
                                           'python-bytecode-inconsistent-mtime',
                                           f, cts, srcfile.name, sts)
                    else:
                        printWarning(pkg, 'python-bytecode-without-source', f)

                # normal executable check
                if mode & stat.S_IXUSR and perm != 0755:
                    printError(pkg, 'non-standard-executable-perm',
                               f, oct(perm))
                if mode & 0111 != 0:
                    if f in config_files:
                        printError(pkg, 'executable-marked-as-config-file', f)
                    if not nonexec_file:
                        # doc_regex and log_regex checked earlier, no match,
                        # check rest of usual cases here.  Sourced scripts have
                        # their own check, so disregard them here.
                        nonexec_file = f.endswith('.pc') or \
                                       compr_regex.search(f) or \
                                       includefile_regex.search(f) or \
                                       develfile_regex.search(f) or \
                                       logrotate_regex.search(f)
                    if nonexec_file and not docdir_examples_regex.search(f):
                        printWarning(pkg, 'spurious-executable-perm', f)
                elif f.startswith('/etc/') and f not in config_files and \
                        f not in ghost_files and not f.endswith(".desktop"):
                    printWarning(pkg, 'non-conffile-in-etc', f)

                if pkg.arch == 'noarch' and f.startswith('/usr/lib64/python'):
                    printError(pkg, 'noarch-python-in-64bit-path', f)

                if debuginfo_package:
                    if f.endswith('.debug'):
                        debuginfo_debugs = True
                    else:
                        debuginfo_srcs = True

                res = man_base_regex.search(f)
                if res:
                    man_basenames.add(res.group(1))
                    if use_utf8 and chunk:
                        # TODO: better shell escaping or seq based invocation
                        cmd = commands.getstatusoutput(
                            'env LC_ALL=C %s "%s" | gtbl | '
                            'env LC_ALL=en_US.UTF-8 groff -mtty-char -Tutf8 '
                            '-P-c -mandoc -w%s >/dev/null' %
                            (catcmd(f), pkgfile.path, man_warn_category))
                        for line in cmd[1].split("\n"):
                            res = man_warn_regex.search(line)
                            if not res or man_nowarn_regex.search(line):
                                continue
                            printWarning(pkg, "manual-page-warning", f,
                                         line[res.end(1):])

                # text file checks
                if istext:
                    # ignore perl module shebang -- TODO: disputed...
                    if f.endswith('.pm'):
                        interpreter = None
                    # sourced scripts should not be executable
                    if sourced_script_regex.search(f):
                        if interpreter:
                            printError(pkg,
                                       'sourced-script-with-shebang', f,
                                       interpreter)
                        if mode & 0111 != 0:
                            printError(pkg, 'executable-sourced-script',
                                       f, oct(perm))
                    # ...but executed ones should
                    elif interpreter or mode & 0111 != 0 or \
                            script_regex.search(f):
                        if interpreter:
                            if mode & 0111 != 0 and not interpreter_regex.search(interpreter):
                                printError(pkg, 'wrong-script-interpreter',
                                           f, interpreter)
                        elif not nonexec_file and not \
                                (lib_path_regex.search(f) and
                                 f.endswith('.la')):
                            printError(pkg, 'script-without-shebang', f)

                        if mode & 0111 == 0 and not is_doc and \
                           interpreter and interpreter.startswith("/"):
                            printError(pkg, 'non-executable-script', f,
                                       oct(perm), interpreter)
                        if '\r' in chunk:
                            printError(
                                pkg, 'wrong-script-end-of-line-encoding', f)
                    elif is_doc and not skipdocs_regex.search(f):
                        if '\r' in chunk:
                            printWarning(
                                pkg, 'wrong-file-end-of-line-encoding', f)
                        # We check only doc text files for UTF-8-ness;
                        # checking everything may be slow and can generate
                        # lots of unwanted noise.
                        if use_utf8 and not is_utf8(pkgfile.path):
                            printWarning(pkg, 'file-not-utf8', f)
                    if fsf_license_regex.search(chunk) and \
                            fsf_wrong_address_regex.search(chunk):
                        printError(pkg, 'incorrect-fsf-address', f)

                elif is_doc and chunk and compr_regex.search(f):
                    ff = compr_regex.sub('', f)
                    if not skipdocs_regex.search(ff):
                        # compressed docs, eg. info and man files etc
                        if use_utf8 and not is_utf8(pkgfile.path):
                            printWarning(pkg, 'file-not-utf8', f)

            # normal dir check
            elif stat.S_ISDIR(mode):
                if mode & 01002 == 2: # world writable without sticky bit
                    printError(pkg, 'world-writable', f, oct(perm))
                if perm != 0755:
                    printError(pkg, 'non-standard-dir-perm', f, oct(perm))
                if pkg.name not in filesys_packages and f in STANDARD_DIRS:
                    printError(pkg, 'standard-dir-owned-by-package', f)
                if hidden_file_regex.search(f):
                    printWarning(pkg, 'hidden-file-or-dir', f)


            # symbolic link check
            elif stat.S_ISLNK(mode):

                is_so = sofile_regex.search(f)
                if not devel_pkg and is_so and not link.endswith('.so'):
                    printWarning(pkg, 'devel-file-in-non-devel-package', f)

                res = man_base_regex.search(f)
                if res:
                    man_basenames.add(res.group(1))
                else:
                    res = bin_regex.search(f)
                    if res:
                        exe = res.group(1)
                        if "/" not in exe:
                            bindir_exes.setdefault(exe, [])

                # absolute link
                r = absolute_regex.search(link)
                if r:
                    if not is_so and link not in files and \
                            link not in req_names:
                        is_exception = False
                        for e in dangling_exceptions:
                            if e[0].search(link):
                                is_exception = e[1]
                                break
                        if is_exception:
                            if is_exception not in req_names:
                                printWarning(pkg, 'no-dependency-on',
                                             is_exception)
                        else:
                            printWarning(pkg, 'dangling-symlink', f, link)
                    linktop = r.group(1)
                    r = absolute_regex.search(f)
                    if r:
                        filetop = r.group(1)
                        if filetop == linktop or use_relative_symlinks:
                            printWarning(pkg, 'symlink-should-be-relative',
                                         f, link)
                # relative link
                else:
                    if not is_so:
                        abslink = '%s/%s' % (os.path.dirname(f), link)
                        abslink = os.path.normpath(abslink)
                        if abslink not in files and abslink not in req_names:
                            is_exception = False
                            for e in dangling_exceptions:
                                if e[0].search(link):
                                    is_exception = e[1]
                                    break
                            if is_exception:
                                if is_exception not in req_names:
                                    printWarning(pkg, 'no-dependency-on',
                                                 is_exception)
                            else:
                                printWarning(pkg, 'dangling-relative-symlink',
                                             f, link)
                    pathcomponents = f.split('/')[1:]
                    r = points_regex.search(link)
                    lastpop = None
                    mylink = None

                    while r:
                        mylink = r.group(1)
                        if len(pathcomponents) == 0:
                            printError(pkg, 'symlink-has-too-many-up-segments',
                                       f, link)
                            break
                        else:
                            lastpop = pathcomponents[0]
                            pathcomponents = pathcomponents[1:]
                            r = points_regex.search(mylink)

                    if mylink and lastpop:
                        r = absolute2_regex.search(mylink)
                        linktop = r.group(1)

                        # does the link go up and then down into the same
                        # directory?
                        #if linktop == lastpop:
                        #    printWarning(pkg, 'lengthy-symlink', f, link)

                        # have we reached the root directory?
                        if len(pathcomponents) == 0 and linktop != lastpop \
                                and not use_relative_symlinks:
                            # relative link into other toplevel directory
                            printWarning(pkg, 'symlink-should-be-absolute', f,
                                         link)
                        # check additional segments for mistakes like
                        # `foo/../bar/'
                        for linksegment in mylink.split('/'):
                            if linksegment == '..':
                                printError(
                                    pkg,
                                    'symlink-contains-up-and-down-segments',
                                    f, link)

            if f.startswith('/etc/cron.d/'):
                if stat.S_ISLNK(mode):
                    printError(pkg, 'symlink-crontab-file', f)

                if mode & 0111:
                    printError(pkg, 'executable-crontab-file', f)

                if stat.S_IWGRP & mode or stat.S_IWOTH & mode:
                    printError(pkg, 'non-owner-writeable-only-crontab-file', f)

        if log_file and not logrotate_file:
            printWarning(pkg, 'log-files-without-logrotate', log_file)

        if lib_package and lib_file and non_lib_file:
            printError(pkg, 'outside-libdir-files', non_lib_file)

        if debuginfo_package and debuginfo_debugs and not debuginfo_srcs:
            printError(pkg, 'debuginfo-without-sources')

        for exe, paths in bindir_exes.items():
            if len(paths) > 1:
                printWarning(pkg, "duplicate-executable", exe, paths)
            if exe not in man_basenames:
                printWarning(pkg, "no-manual-page-for-binary", exe)

# Create an object to enable the auto registration of the test
check = FilesCheck()

addDetails(
'no-documentation',
'''The package contains no documentation (README, doc, etc).
You have to include documentation files.''',

'not-listed-as-documentation',
'''The documentation files of this package are not listed with
the standard %doc tag.''',

'non-standard-uid',
'''A file in this package is owned by a non standard user.
Standard users are:
%s.''' % ", ".join(standard_users),

'non-standard-gid',
'''A file in this package is owned by a non standard group.
Standard groups are:
%s.''' % ", ".join(standard_groups),

'library-without-ldconfig-postin',
'''This package contains a library and provides no %post scriptlet containing
a call to ldconfig.''',

'postin-without-ldconfig',
'''This package contains a library and its %post scriptlet doesn't call
ldconfig.''',

'library-without-ldconfig-postun',
'''This package contains a library and provides no %postun scriptlet containing
a call to ldconfig.''',

'postun-without-ldconfig',
'''This package contains a library and its %postun doesn't call ldconfig.''',

'info-files-without-install-info-postin',
'''This package contains info files and provides no %post scriptlet containing
a call to install-info.''',

'postin-without-install-info',
'''This package contains info files and its %post doesn't call install-info.''',

'info-files-without-install-info-postun',
'''This package contains info files and provides no %postun scriptlet containing
a call to install-info.''',

'postun-without-install-info',
'''This package contains info files and its %postun doesn't call
install-info.''',

'perl-temp-file',
'''You have a perl temporary file in your package. Usually, this
file is beginning with a dot (.) and contain "perl" in its name.''',

'dir-or-file-in-tmp',
'''A file in the package is located in /tmp. It's not permitted
for packages to install files in this directory.''',

'dir-or-file-in-mnt',
'''A file in the package is located in /mnt. It's not permitted
for packages to install files in this directory.''',

'dir-or-file-in-opt',
'''A file in the package is located in /opt. It's not permitted
for packages to install files in this directory.''',

'dir-or-file-in-usr-local',
'''A file in the package is located in /usr/local. It's not permitted
for packages to install files in this directory.''',

'dir-or-file-in-var-local',
'''A file in the package is located in /var/local. It's not permitted
for packages to install files in this directory.''',

'non-ghost-in-var-run',
'''A file or directory in the package is located in /var/run. Files installed
in this directory should be marked as %ghost and created at runtime to work
properly in tmpfs /var/run setups.''',

'non-ghost-in-var-lock',
'''A file or directory in the package is located in /var/lock. Files installed
in this directory should be marked as %ghost and created at runtime to work
properly in tmpfs /var/lock setups.''',

'subdir-in-bin',
'''The package contains a subdirectory in /usr/bin. It's not permitted to
create a subdir there. Create it in /usr/lib/ instead.''',

'backup-file-in-package',
'''You have a file whose name looks like one for backup files, usually created
by an editor or resulting from applying unclean (fuzzy, or ones with line
offsets) patches.''',

'dir-or-file-in-home',
'''A file in the package is located in /home. It's not permitted
for packages to install files in this directory.''',

'version-control-internal-file',
'''You have included file(s) internally used by a version control system
in the package. Move these files out of the package and rebuild it.''',

'htaccess-file',
'''You have individual apache configuration .htaccess file(s) in your package.
Replace them by a central configuration file in /etc/, according to the web
application packaging policy for your distribution.''',

'info-dir-file',
'''You have /usr/info/dir or /usr/share/info/dir in your package. It will cause
conflicts with other packages and thus is not allowed. Please remove it and
rebuild your package.''',

'non-conffile-in-etc',
'''A non-executable file in your package is being installed in /etc, but is not
a configuration file. All non-executable files in /etc should be configuration
files. Mark the file as %config in the spec file.''',

'compressed-symlink-with-wrong-ext',
'''The symlink points to a compressed file but doesn't use the same
extension.''',

'setuid-binary',
'''The file is setuid; this may be dangerous, especially if this
file is setuid root. Sometimes file capabilities can be used instead of
setuid bits.''',

'setgid-binary',
'''The file is setgid. Usually this is a packaging bug. If this is a game,
then, you should use the proper rpm group, or location.''',

'non-standard-executable-perm',
'''A standard executable should have permission set to 0755. If you get this
message, it means that you have a wrong executable permissions in some files
included in your package.''',

'non-executable-in-bin',
'''A file is being installed in /usr/bin, but is not an executable. Be sure
that the file is an executable or that it has executable permissions.''',

'devel-file-in-non-devel-package',
'''A development file (usually source code) is located in a non-devel
package. If you want to include source code in your package, be sure to
create a development package.''',

'non-standard-dir-perm',
'''A standard directory should have permission set to 0755. If you get this
message, it means that you have wrong directory permissions in some dirs
included in your package.''',

'spurious-executable-perm',
'''The file is installed with executable permissions, but was identified as one
that probably should not be executable.  Verify if the executable bits are
desired, and remove if not.
NOTE: example scripts should be packaged under %docdir/examples, which will avoid
this warning.
''',

'world-writable',
'''A file or directory in the package is installed with world writable
permissions, which is most likely a security issue.''',

'standard-dir-owned-by-package',
'''This package owns a directory that is part of the standard hierarchy, which
can lead to default directory permissions or ownerships being changed to
something non-standard.''',

'no-dependency-on',
'''
''',

'cross-directory-hard-link',
'''File is hard linked across directories.  This can cause problems in
installations where the directories are located on different devices.''',

'dangling-symlink',
'''The target of the symbolic link does not exist within this package or its
file based dependencies.  Verify spelling of the link target and that the
target is included in a package in this package's dependency chain.''',

'symlink-should-be-relative',
'''Absolute symlinks are problematic eg. when working with chroot environments.
symlinks(8) is a tool that can be useful for creating/dealing with relative
symlinks at package build time.''',

'dangling-relative-symlink',
'''The target of the symbolic link does not exist within this package or its
file based dependencies.  Verify spelling of the link target and that the
target is included in a package in this package's dependency chain.''',

'symlink-has-too-many-up-segments',
'''
''',

'symlink-should-be-absolute',
'''
''',

'symlink-contains-up-and-down-segments',
'''
''',

'non-readable',
'''The file can't be read by everybody. If this is expected (for security
reasons), contact your rpmlint distributor to get it added to the list of
exceptions for your distro (or add it to your local configuration if you
installed rpmlint from the source tarball).''',

'incoherent-logrotate-file',
'''Your logrotate file should be named /etc/logrotate.d/<package name>.''',

'non-root-user-log-file',
'''If you need log files owned by a non-root user, just create a subdir in
/var/log and put your log files in it.''',

'non-root-group-log-file',
'''If you need log files owned by a non-root group, just create a subdir in
/var/log and put your log files in it.''',

'non-ghost-file',
'''File should be tagged %ghost.''',

'outside-libdir-files',
'''This library package must not contain non library files to allow 64
and 32 bits versions of the package to coexist.''',

'hidden-file-or-dir',
'''The file or directory is hidden. You should see if this is normal,
and delete it from the package if not.''',

'module-without-depmod-postin',
'''This package contains a kernel module but provides no call to depmod in the
%post scriptlet.''',

'postin-with-wrong-depmod',
'''This package contains a kernel module but its %post scriptlet calls depmod
for the wrong kernel.''',

'module-without-depmod-postun',
'''This package contains a kernel module but provides no call to depmod in the
%postun scriptlet.''',

'postun-with-wrong-depmod',
'''This package contains a kernel module but its %postun scriptlet calls depmod
for the wrong kernel.''',

'log-files-without-logrotate',
'''This package contains files in /var/log/ without adding logrotate
configuration for them.''',

'unexpanded-macro',
'''This package contains a file whose path contains something that looks like
an unexpanded macro; this is often the sign of a misspelling. Please check your
specfile.''',

'manifest-in-perl-module',
'''This perl module package contains a MANIFEST or a MANIFEST.SKIP file
in the documentation directory.''',

'siteperl-in-perl-module',
'''This perl module package installs files under the subdirectory site_perl,
while they must appear under vendor_perl.''',

'executable-marked-as-config-file',
'''Executables must not be marked as config files because that may
prevent upgrades from working correctly. If you need to be able to
customize an executable, make it for example read a config file in
/etc/sysconfig.''',

'sourced-script-with-shebang',
'''This text file contains a shebang, but is meant to be sourced, not
executed.''',

'executable-sourced-script',
'''This text file has executable bit set, but is meant to be sourced, not
executed.''',

'wrong-script-interpreter',
'''This script uses an incorrect interpreter. Correct interpreters should
be an absolute path to a file in in /(s)bin or /usr/(s)bin.
Alternatively, if the file isn't supposed to be executed, then don't
mark it as executable.  ''',

'non-executable-script',
'''This text file contains a shebang or is located in a path dedicated for
executables, but lacks the executable bits and cannot thus be executed.  If
the file is meant to be an executable script, add the executable bits,
otherwise remove the shebang or move the file elsewhere.''',

'script-without-shebang',
'''This text file has executable bits set or is located in a path dedicated
for executables, but lacks a shebang and cannot thus be executed.  If the file
is meant to be an executable script, add the shebang, otherwise remove the
executable bits or move the file elsewhere.''',

'wrong-script-end-of-line-encoding',
'''This script has wrong end-of-line encoding, usually caused by creation or
modification on a non-Unix system. It will prevent its execution.''',

'wrong-file-end-of-line-encoding',
'''This file has wrong end-of-line encoding, usually caused by creation or
modification on a non-Unix system. It could prevent it from being displayed
correctly in some circumstances.''',

'file-not-utf8',
'''The character encoding of this file is not UTF-8.  Consider converting it
in the specfile's %prep section for example using iconv(1).''',

'filename-not-utf8',
'''The character encoding of the name of this file is not UTF-8.
Rename it.''',

'file-in-meta-package',
'''This package seems to be a meta-package (an empty package used to require
other packages), but it is not empty. You should remove or rename it, see the
option MetaPackageRegexp.''',

'empty-debuginfo-package',
'''This debuginfo package contains no files.  This is often a sign of binaries
being unexpectedly stripped too early during the build, rpmbuild not being able
to strip the binaries, the package actually being a noarch one but erratically
packaged as arch dependent, or something else.  Verify what the case is, and
if there's no way to produce useful debuginfo out of it, disable creation of
the debuginfo package.''',

'debuginfo-without-sources',
'''This debuginfo package appears to contain debug symbols but no source files.
This is often a sign of binaries being unexpectedly stripped too early during
the build, or being compiled without compiler debug flags (which again often
is a sign of distro's default compiler flags ignored which might have security
consequences), or other compiler flags which result in rpmbuild's debuginfo
extraction not working as expected.  Verify that the binaries are not
unexpectedly stripped and that the intended compiler flags are used.''',

'missing-dependency-to-cron',
'''This package installs a file in /etc/cron.*/ but
doesn't require cron to be installed. as cron is not part of the essential packages,
your package should explicitely require cron to make sure that your cron job is
executed. If it is an optional feature of your package, recommend or suggest cron.''',

'missing-dependency-to-logrotate',
'''This package installs a file in /etc/logrotate.d/ but
doesn't require logrotate to be installed. Because logrotate is not part of the essential packages,
your package should explicitely depend on logrotate to make sure that your logrotate
job is executed. If it is an optional feature of your package, recommend or suggest logrotate.''',

'missing-dependency-to-xinetd',
'''This package installs a file in /etc/xinetd.d/ but
doesn't require xinetd to be installed. Because xinetd is not part of the essential packages,
your package should explicitely depend on logrotate to make sure that your xinetd
job is executed. If it is an optional feature of your package, recommend or suggest xinetd.''',

'read-error',
'''This file could not be read.  A reason for this could be that the info about
it in the rpm header indicates that it is supposed to be a readable normal file
but it actually is not in the filesystem.  Because of this, some checks will
be skipped.''',

'executable-crontab-file',
'''This crontab file has executable bit set, which is refused by newer version
of cron''',

'non-owner-writeable-only-crontab-file',
'''This crontab file is writeable by other users as its owner, which is refused
by newer version of cron and insecure''',

'symlink-crontab-file',
'''This crontab file is a symbolic link, which is insecure and refused by newer
version of cron''',

'rpath-in-buildconfig',
'''This build configuration file contains rpaths which will be introduced into
dependent packages.''',

'python-bytecode-wrong-magic-value',
'''The "magic" ABI version embedded in this python bytecode file isn't equal
to that of the corresponding runtime, which will force the interpreter to
recompile the .py source every time, ignoring the saved bytecode.''',

'python-bytecode-inconsistent-mtime',
'''The timestamp embedded in this python bytecode file isn't equal to the mtime
of the original source file, which will force the interpreter to recompile the
.py source every time, ignoring the saved bytecode.''',

'python-bytecode-without-source',
'''This python bytecode file (.pyo/.pyc) is not accompanied by its original
source file (.py)''',

'duplicate-executable',
'''This executable file exists in more than one standard binary directories.
It can cause problems when dirs in $PATH are reordered.''',

'no-manual-page-for-binary',
'''Each executable in standard binary directories should have a man page.''',

'manual-page-warning',
'''This man page may contain problems that can cause it not to be formatted
as intended.''',

'incorrect-fsf-address',
'''The Free Software Foundation address in this file seems to be outdated or
misspelled.  Ask upstream to update the address, or if this is a license file,
possibly the entire file with a new copy available from the FSF.''',
)

# FilesCheck.py ends here

# Local variables:
# indent-tabs-mode: nil
# py-indent-offset: 4
# End:
# ex: ts=4 sw=4 et