Wydawca (split by node):   Section:   Chapter:FastBack: configuring   Up: configuring   FastForward: wydawca.conf   Contents: Table of ContentsIndex: Concept Index

4.13 Distribution Verification

After the submission has been verified, wydawca may also run an additional check to verify whether the main file (normally, a tarball) is OK to be distributed. To set up such distribution verification, add the following statement either in the global scope, or within a ‘spool’ declaration:

Config: check-script text
Config:spool: check-script text

Define the distribution verification script. The text must be a valid sh program. It is executed without arguments, in a temporary directory which contains a copy of the main distribution file. The script can refer to the following environment variables:

Check Environment: WYDAWCA_SPOOL

Spool tag.

Check Environment: WYDAWCA_SOURCE

Spool source directory, as set by the source statement (see tag).

Check Environment: WYDAWCA_DEST

Spool destination directory (see destination).

Check Environment: WYDAWCA_URL

Spool URL (see url).

Check Environment: WYDAWCA_TRIPLET_BASE

Base name of the triplet.

Check Environment: WYDAWCA_DIST_FILE

File name of the main distribution file.

Apart from these, the script inherits wydawca environment.

The submission is accepted only if the script returns 0. Otherwise, it is rejected and the ‘check-failure’ event (see event notification) is generated.

In case of non-zero return, the script may return additional diagnostics on the standard output. This diagnostics will be available for use in notification messages via the ‘$check:diagn’ variable.

Additionally, the actual return code of the script, in decimal, is available in the ‘$check:result’ variable. If the script terminates on a signal, the value of this variable is ‘SIG+n’, where n is the signal number.

If both global and spool ‘check-script’s are defined, wydawca executes both scripts as if they were connected by a logical ‘&&’, i.e. per-spool script is executed only if the global one returned success (‘0’). The submission is accepted only if both scripts returned ‘0’.

Since the script usually contains several lines, the ‘config-script’ value is usually supplied using a here-document construct (see here-document).

The following example illustrates the use of ‘config-script’ to catch possible security holes in the distributed Makefile.in files7

  check-script <<EOT
case ${WYDAWCA_DIST_FILE} in
*.tar|*.tar.*)
  if tar -xOf ${WYDAWCA_DIST_FILE} --occurrence=1 \
      --wildcards --no-wildcards-match-slash '*/Makefile.in' | \
      grep -q 'perm -777'; then
    fmt <<_EOF_
The top-level Makefile.in in ${WYDAWCA_DIST_FILE} changes mode of
all the directories below the build tree to 777 before creating
the tarball. This constitutes a security hole (see CVE-2009-4029[1],
for more details).

Please, rebuild the package using a newer Automake (at least v. 1.11.1)
and resubmit.
_EOF_
    cat <<_EOF_
--
[1] http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131
_EOF_
    exit 1
  fi
  ;;
*)
  ;;
esac

exit 0
EOT;

Footnotes

(7)

See http://article.gmane.org/gmane.comp.sysutils.autotools.announce/131.

Wydawca (split by node):   Section:   Chapter:FastBack: configuring   Up: configuring   FastForward: wydawca.conf   Contents: Table of ContentsIndex: Concept Index