On Sat, 29 Jan 2005, Florian La Roche wrote:
This is a start to check binary rpm packages for consistency.
Right now mostly the rpm header is checked to get a feeling
how much "strange" binary rpm packages might be out there.
It has two modes of checking, one for the current Fedora Development
tree with more strict checks and a more relaxed one that should
work for all existing rpm packages, also other distributions.
I'd be interested to get feedback on what output is generated
for rpm addon expositories and non - Red Hat distributions
if the script generates warning messages.
At least for Fedora Core only very few rpm tags are actually
used in the rpm header.
Examples usage:
./pyrpm.py --strict /mirror/fedora/development/i386/Fedora/RPMS/*.rpm
Checking all rpms:
locate .rpm | xargs ./pyrpm.py
find /mirror/linux -name "*.rpm" -type f -print0 2>/dev/null |
xargs -0 ./pyrpm.py
Hi Florian,
I've ran it on about 28000 packages, mostly unknown tag values:
unknown distribution: Dag Apt Repository for Red Hat 7.3
unknown packager: Dries Verachtert <dries(a)ulyssis.org>
unknown vendor: Dag Apt Repository,
http://dag.wieers.com/apt/
However it also triggered a problem:
ValueError: amavisd-new-milter-2.2.0-2.0.rh8.test.i386.rpm: wrong data in rpm lead
Traceback (most recent call last):
File "./pyrpm.py", line 676, in ?
verifyAllRpms()
File "./pyrpm.py", line 657, in verifyAllRpms
rpm = verifyRpm(a, legacy)
File "./pyrpm.py", line 583, in verifyRpm
if rpm.readHeader():
File "./pyrpm.py", line 308, in readHeader
self.parseLead(leaddata)
File "./pyrpm.py", line 110, in parseLead
self.raiseErr("wrong data in rpm lead")
File "./pyrpm.py", line 59, in raiseErr
raise ValueError, "%s: %s" % (self.filename, err)
on files like:
perl-Tk-804.026-1.rhfc1.test.i386.rpm
amavisd-new-2.2.0-2.0.rh8.test.i386.rpm
xpde-0.4.0-1.1.fc2.test.i386.rpm
Fortunately all of these have been renamed files where the repotag has
been changed to 'test'. Something I frequently do after a package didn't
go through QA but was still worth distributing.
After a while, when it started with kernel-module packages, I got this:
ValueError: kernel-module-ov511-2.25-0_2.4.20_20.9.dag.rh90.i686.rpm: unknown prog:
['/sbin/depmod', '-ae']
Traceback (most recent call last):
File "./pyrpm.py", line 676, in ?
verifyAllRpms()
File "./pyrpm.py", line 663, in verifyAllRpms
rrpm = RRpm(rpm)
File "./pyrpm.py", line 509, in __init__
(self.post, self.postprog) = rpm.getScript("postin",
"postinprog")
File "./pyrpm.py", line 415, in getScript
self.raiseErr("unknown prog: %s" % prog)
File "./pyrpm.py", line 59, in raiseErr
raise ValueError, "%s: %s" % (self.filename, err)
These messages are printed for each package. The command I ran was:
find /dar/packages/ -type f -name "*.rpm" | xargs -i ./pyrpm.py --strict
'{}' \; | grep -vE 'unknown (packager|vendor|distribution)' | sort | uniq
-c
I ended it after a lot of these 'errors'. Is the traceback intentional ?
Kind regards,
-- dag wieers, dag(a)wieers.com,
http://dag.wieers.com/ --
[all I want is a warm bed and a kind word and unlimited power]