X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Fprocess_unchecked.py;h=fdf052d269440190dbdf7f0281662f4646ac7bba;hb=b612f3da207fa0d75a5d3b204ac8f02bb244231a;hp=8a49f009e5ffdff7931442c28e0182e31eb8db12;hpb=04dc27ae10c3dc9bb001544c297ae089256c3ef1;p=dak.git diff --git a/dak/process_unchecked.py b/dak/process_unchecked.py index 8a49f009..fdf052d2 100755 --- a/dak/process_unchecked.py +++ b/dak/process_unchecked.py @@ -1,7 +1,12 @@ #!/usr/bin/env python -""" Checks Debian packages from Incoming """ -# Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006 James Troup +""" +Checks Debian packages from Incoming +@contact: Debian FTP Master +@copyright: 2000, 2001, 2002, 2003, 2004, 2005, 2006 James Troup +@copyright: 2009 Joerg Jaspert +@license: GNU General Public License version 2 or later +""" # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -389,7 +394,8 @@ def check_files(): cursor = DBConn().cursor() # Check for packages that have moved from one component to another # STU: this should probably be changed to not join on architecture, suite tables but instead to used their cached name->id mappings from DBConn - cursor.execute("""PREPARE moved_pkg_q(text,text,text) AS + DBConn().prepare("moved_pkg_q", """ + PREPARE moved_pkg_q(text,text,text) AS SELECT c.name FROM binaries b, bin_associations ba, suite s, location l, component c, architecture a, files f WHERE b.package = $1 AND s.suite_name = $2 @@ -436,6 +442,15 @@ def check_files(): deb_file.close() # Can't continue, none of the checks on control would work. continue + + # Check for mandantory "Description:" + deb_file.seek ( 0 ) + try: + apt_pkg.ParseSection(apt_inst.debExtractControl(deb_file))["Description"] + '\n' + except: + reject("%s: Missing Description in binary package" % (f)) + continue + deb_file.close() # Check for mandatory fields @@ -561,7 +576,7 @@ def check_files(): # Check the version and for file overwrites reject(Upload.check_binary_against_db(f),"") - Binary(f, reject).scan_package( ) + Binary(f, reject).scan_package() # Checks for a source package... else: @@ -1002,10 +1017,10 @@ def lookup_uid_from_fingerprint(fpr): """ Return the uid,name,isdm for a given gpg fingerprint - @ptype fpr: string + @type fpr: string @param fpr: a 40 byte GPG fingerprint - @return (uid, name, isdm) + @return: (uid, name, isdm) """ cursor = DBConn().cursor() cursor.execute( "SELECT u.uid, u.name, k.debian_maintainer FROM fingerprint f JOIN keyrings k ON (f.keyring=k.id), uid u WHERE f.uid = u.id AND f.fingerprint = '%s'" % (fpr)) @@ -1013,7 +1028,7 @@ def lookup_uid_from_fingerprint(fpr): if qs: return qs else: - return (None, None, None) + return (None, None, False) def check_signed_by_key(): """Ensure the .changes is signed by an authorized uploader.""" @@ -1023,17 +1038,22 @@ def check_signed_by_key(): uid_name = "" # match claimed name with actual name: - if uid == None: + if uid is None: + # This is fundamentally broken but need us to refactor how we get + # the UIDs/Fingerprints in order for us to fix it properly uid, uid_email = changes["fingerprint"], uid may_nmu, may_sponsor = 1, 1 # XXX by default new dds don't have a fingerprint/uid in the db atm, # and can't get one in there if we don't allow nmu/sponsorship - elif is_dm is "t": - uid_email = uid - may_nmu, may_sponsor = 0, 0 - else: + elif is_dm is False: + # If is_dm is False, we allow full upload rights uid_email = "%s@debian.org" % (uid) may_nmu, may_sponsor = 1, 1 + else: + # Assume limited upload rights unless we've discovered otherwise + uid_email = uid + may_nmu, may_sponsor = 0, 0 + if uid_email in [changes["maintaineremail"], changes["changedbyemail"]]: sponsored = 0 @@ -1052,6 +1072,7 @@ def check_signed_by_key(): if sponsored and not may_sponsor: reject("%s is not authorised to sponsor uploads" % (uid)) + cursor = DBConn().cursor() if not sponsored and not may_nmu: source_ids = [] cursor.execute( "SELECT s.id, s.version FROM source s JOIN src_associations sa ON (s.id = sa.source) WHERE s.source = %(source)s AND s.dm_upload_allowed = 'yes'", changes ) @@ -1319,8 +1340,8 @@ def is_stableupdate (): cursor.execute( """SELECT 1 FROM source s JOIN src_associations sa ON (s.id = sa.source) WHERE s.source = %(source)s - AND s.version = '%(version)s' - AND sa.suite = %(suite)d""", + AND s.version = %(version)s + AND sa.suite = %(suite)s""", {'source' : changes['source'], 'version' : changes['version'], 'suite' : pusuite}) @@ -1351,14 +1372,14 @@ def is_oldstableupdate (): if not changes["architecture"].has_key("source"): pusuite = DBConn().get_suite_id("oldstable-proposed-updates") cursor = DBConn().cursor() - cursor.execute( """"SELECT 1 FROM source s - JOIN src_associations sa ON (s.id = sa.source) - WHERE s.source = %(source)s - AND s.version = %(version)s - AND sa.suite = %d""", - {'source' : changes['source'], + cursor.execute( """SELECT 1 FROM source s + JOIN src_associations sa ON (s.id = sa.source) + WHERE s.source = %(source)s + AND s.version = %(version)s + AND sa.suite = %(suite)s""", + {'source' : changes['source'], 'version' : changes['version'], - 'suite' : pusuite}) + 'suite' : pusuite}) if cursor.fetchone(): return 0 @@ -1476,7 +1497,7 @@ def acknowledge_new (summary, short_summary): Logger.log(["Moving to new", pkg.changes_file]) Upload.dump_vars(Cnf["Dir::Queue::New"]) - move_to_dir(Cnf["Dir::Queue::New"]) + move_to_dir(Cnf["Dir::Queue::New"], perms=0640, changesperms=0644) if not Options["No-Mail"]: print "Sending new ack." @@ -1569,7 +1590,10 @@ def main(): changes_files.remove(f) if changes_files == []: - utils.fubar("Need at least one .changes file as an argument.") + if Cnf["Dinstall::Options::Directory"] == "": + utils.fubar("Need at least one .changes file as an argument.") + else: + sys.exit(0) # Check that we aren't going to clash with the daily cron job