[ubuntu-mythtv] Lintian Report
Andres Mejia
amejia004 at gmail.com
Tue May 8 00:27:10 UTC 2012
Here's a lintian report for mythtv. I've inlined it so that we can
discuss. We should try to address as many lintian warnings/errors as
possible.
E: mythtv-backend: possible-gpl-code-linked-with-openssl
N:
N: This package appears to be covered by the GNU GPL but depends on the
N: OpenSSL libssl package and does not mention a license exemption or
N: exception for OpenSSL in its copyright file. The GPL (including version
N: 3) is incompatible with some terms of the OpenSSL license, and therefore
N: Debian does not allow GPL-licensed code linked with OpenSSL libraries
N: unless there is a license exception explicitly permitting this.
N:
N: If only the Debian packaging, or some other part of the package not
N: linked with OpenSSL, is covered by the GNU GPL, please add a lintian
N: override for this tag. Lintian currently has no good way of
N: distinguishing between that case and problematic packages.
N:
N: Severity: serious, Certainty: wild-guess
N:
N: Check: copyright-file, Type: binary
N:
It may be worth it to simply port mythtv to use gnutls, or at least
support gnutls and entirely avoid the whole GPL/OpenSSL license
incompatibilities. I've grepped the source tree looking for the word
'openssl' and this was the output.
$ grep -rwl openssl .
./mythtv/mythtv/libs/libmythtv/mythraopconnection.h
./mythtv/mythtv/configure
./mythtv/mythtv/external/FFmpeg/tests/md5.sh
./mythtv-lintian.log
./mythtv-0.26.0~master.20120505.4b8b3cc/mythtv/libs/libmythtv/mythraopconnection.h
./mythtv-0.26.0~master.20120505.4b8b3cc/mythtv/configure
./mythtv-0.26.0~master.20120505.4b8b3cc/mythtv/external/FFmpeg/tests/md5.sh
md5.sh seems to be a script and won't matter anyway once mythtv starts
using system libav/ffmpeg. So that leaves just one file which needs
some modifications.
W: mythtv-backend: description-synopsis-starts-with-article
N:
N: The first line of the "Description:" should omit any initial indefinite
N: or definite article: "a", "an", or "the". A good heuristic is that it
N: should be possible to substitute the package name and synopsis into this
N: formula:
N:
N: The package name provides {a,an,the,some} synopsis.
N:
N: Refer to Debian Developer's Reference section 6.2.2 (The package
N: synopsis, or short description) for details.
N:
N: Severity: minor, Certainty: certain
N:
N: Check: description, Type: binary, udeb
N:
The information for this says it all. This is simple enough to fix.
W: mythtv-backend: extra-license-file usr/share/mythtv/html/js/galleria/LICENSE
N:
N: All license information should be collected in the debian/copyright
N: file. This usually makes it unnecessary for the package to install this
N: information in other places as well.
N:
N: Refer to Debian Policy Manual section 12.5 (Copyright information) for
N: details.
N:
N: Severity: normal, Certainty: possible
N:
N: Check: files, Type: binary, udeb
N:
The option -XLICENSE should be passed to dh_install for this and the
contents of the license file should be included in debian/copyright.
W: mythtv-backend: embedded-javascript-library
usr/share/mythtv/html/js/jquery.min.js
N:
N: This package contains an embedded copy of JavaScript libraries that are
N: now available in their own packages (for example, JQuery, Prototype,
N: Mochikit or "Cropper"). Please depend on the appropriate package and
N: symlink the library into the appropriate location.
N:
N: Refer to Debian Policy Manual section 4.13 (Convenience copies of code)
N: for details.
N:
N: Severity: normal, Certainty: possible
N:
N: Check: files, Type: binary, udeb
N:
A symlink can be used which points to
/usr/share/javascript/jquery/jquery.min.js. The appropriate depends to
jquery needs to be added for mythtv-backend afterwards. If for some
reason mythtv can't use the javascript libraries available from
Debian/Ubuntu, this warning should be overridden.
W: mythtv-backend: init.d-script-not-marked-as-conffile
etc/init.d/mythtv-backend
N:
N: /etc/init.d scripts should be marked as conffiles.
N:
N: This is usually an error, but the Policy allows for managing these files
N: manually in maintainer scripts and Lintian cannot reliably detect that.
N:
N: Refer to Debian Policy Manual section 9.3.2 (Writing the scripts) for
N: details.
N:
N: Severity: important, Certainty: wild-guess
N:
N: Check: init.d, Type: binary
N:
I think this is a false positive. Doing 'dpkg -c
mythtv-backend_0.26.0~master.20120505.4b8b3cc-0ubuntu1_amd64.deb'
reveals no such init script. There is instead a file named
'/etc/init/mythtv-backend.conf'. A lintian override should be placed
for this.
E: mythtv-backend: init.d-script-not-included-in-package
etc/init.d/mythtv-backend
N:
N: The /etc/init.d script is registered in the postinst script, but is not
N: included in the package.
N:
N: Severity: important, Certainty: certain
N:
N: Check: init.d, Type: binary
N:
Ditto as the previous.
W: mythtv-backend: binary-without-manpage usr/bin/mythbackend
N:
N: Each binary in /usr/bin, /usr/sbin, /bin, /sbin or /usr/games should
N: have a manual page
N:
N: Note that though the man program has the capability to check for several
N: program names in the NAMES section, each of these programs should have
N: its own manual page (a symbolic link to the appropriate manual page is
N: sufficient) because other manual page viewers such as xman or tkman
N: don't support this.
N:
N: If the name of the man page differs from the binary by case, man may be
N: able to find it anyway; however, it is still best practice to make the
N: case of the man page match the case of the binary.
N:
N: If the man pages are provided by another package on which this package
N: depends, lintian may not be able to determine that man pages are
N: available. In this case, after confirming that all binaries do have man
N: pages after this package and its dependencies are installed, please add
N: a lintian override.
N:
N: Refer to Debian Policy Manual section 12.1 (Manual pages) for details.
N:
N: Severity: normal, Certainty: possible
N:
N: Check: manpages, Type: binary
N:
W: mythtv-backend: binary-without-manpage usr/bin/mythcommflag
W: mythtv-backend: binary-without-manpage usr/bin/mythfilldatabase
W: mythtv-backend: binary-without-manpage usr/bin/mythjobqueue
W: mythtv-backend: binary-without-manpage usr/bin/mythpreviewgen
W: mythtv-backend: binary-without-manpage usr/bin/mythtv-setup
W: mythtv-backend: binary-without-manpage usr/bin/mythtv-setup.real
It would be nice to include manpages for these files.
W: mythtv-backend: executable-not-elf-or-script
usr/share/mythtv/html/js/galleria/galleria-1.2.3.min.js
N:
N: This executable file is not an ELF format binary, and does not start
N: with the #! sequence that marks interpreted scripts. It might be a sh
N: script that fails to name /bin/sh as its shell, or it may be incorrectly
N: marked as executable. Sometimes upstream files developed on Windows are
N: marked unnecessarily as executable on other systems.
N:
N: If you are using debhelper to build your package, running dh_fixperms
N: will often correct this problem for you.
N:
N: Refer to Debian Policy Manual section 10.4 (Scripts) for details.
N:
N: Severity: normal, Certainty: certain
N:
N: Check: scripts, Type: binary
N:
W: mythtv-backend: executable-not-elf-or-script
usr/share/mythtv/html/js/galleria/themes/classic/galleria.classic.min.js
These files should be fixed in the upstream source. A temporary fix is
to fix the permissions during build time, say do a 'chmod 644
debian/mythtv-backend/usr/share/mythtv/html/js/galleria/*.js'.
E: mythgallery: possible-gpl-code-linked-with-openssl
W: mythweb: embedded-javascript-library usr/share/mythtv/mythweb/js/prototype.js
W: mythweb: embedded-javascript-library
usr/share/mythtv/mythweb/js/scriptaculous/scriptaculous.js
E: mythweb: dir-or-file-in-var-www var/www/mythweb
N:
N: Debian packages should not install files under /var/www. This is not one
N: of the /var directories in the File Hierarchy Standard and is under the
N: control of the local administrator. Packages should not assume that it
N: is the document root for a web server; it is very common for users to
N: change the default document root and packages should not assume that
N: users will keep any particular setting.
N:
N: Packages that want to make files available via an installed web server
N: should instead put instructions for the local administrator in a
N: README.Debian file and ideally include configuration fragments for
N: common web servers such as Apache.
N:
N: As an exception, packages are permitted to create the /var/www directory
N: due to its past history as the default document root, but should at most
N: copy over a default file in postinst for a new install. In this case,
N: please add a Lintian override.
N:
N: Refer to Filesystem Hierarchy Standard (The /var Hierarchy) for details.
N:
N: Severity: serious, Certainty: possible
N:
N: Check: files, Type: binary, udeb
N:
mythweb only installs /var/www and doesn't include any contents inside
the directory, so this can be overridden.
W: mythweb: script-not-executable
usr/share/mythtv/mythweb/modules/coverart/handler.pl
N:
N: This file starts with the #! sequence that marks interpreted scripts,
N: but it is not executable.
N:
N: Severity: normal, Certainty: certain
N:
N: Check: scripts, Type: binary
N:
Same with the other issue with wrong permissions. Just fix the
permissions in the upstream source and/or temporarily fix the
permissions during builds.
W: mythweb: maintainer-script-ignores-errors config
N:
N: The maintainer script doesn't seem to set the -e flag which ensures that
N: the script's execution is aborted when any executed command fails.
N:
N: Refer to Debian Policy Manual section 10.4 (Scripts) for details.
N:
N: Severity: normal, Certainty: certain
N:
N: Check: scripts, Type: binary
N:
All maintainer scripts should use 'set -e'.
E: libmyth-0.26-0: possible-gpl-code-linked-with-openssl
W: mythtv-doc: description-synopsis-starts-with-article
E: mythnetvision: possible-gpl-code-linked-with-openssl
W: mythnetvision: description-synopsis-starts-with-article
W: mythnetvision: binary-without-manpage usr/bin/mythfillnetvision
E: mythtv-transcode-utils: possible-gpl-code-linked-with-openssl
W: mythtv-transcode-utils: package-has-long-file-name 74 (83) > 80
N:
N: The package has a very long filename. This may complicate shipping the
N: package on some media that put restrictions on the length of the
N: filenames (such as CDs).
N:
N: For architecture dependent package, the number in the brackets
N: represents the filename length on of the package on the architecture
N: with the longest name known to Lintian.
N:
N: The tag is emitted based on the length of longest architecture name
N: rather than the name of the current architecture.
N:
N: Refer to http://lists.debian.org/debian-devel/2011/03/msg00943.html for
N: details.
N:
N: Severity: normal, Certainty: certain
N:
N: Check: filename-length, Type: source, binary, udeb
N:
Not much that can be done about this except to shorten the version
number if possible. I don't even bother adding a lintian override for
this.
W: mythtv-transcode-utils: binary-without-manpage usr/bin/mythtranscode
E: mythzoneminder: possible-gpl-code-linked-with-openssl
W: mythzoneminder: binary-without-manpage usr/bin/mythzmserver
W: mythtv-theme-mythbuntu: description-synopsis-starts-with-article
E: mythgame: possible-gpl-code-linked-with-openssl
E: mythbrowser: possible-gpl-code-linked-with-openssl
W: mythbrowser: description-synopsis-starts-with-article
W: libmythtv-perl: description-synopsis-starts-with-article
W: libmyth-python: description-synopsis-starts-with-article
W: libmyth-python: binary-without-manpage usr/bin/mythpython
W: libmyth-python: binary-without-manpage usr/bin/mythwikiscripts
W: libmyth-python: executable-not-elf-or-script
usr/share/pyshared/MythTV/ttvdb/XSLT/tvdbVideo.xsl
E: mythweather: possible-gpl-code-linked-with-openssl
W: mythtv-database: description-synopsis-starts-with-article
E: mythtv-frontend: possible-gpl-code-linked-with-openssl
W: mythtv-frontend: description-synopsis-starts-with-article
W: mythtv-frontend: binary-without-manpage usr/bin/mythavtest
W: mythtv-frontend: binary-without-manpage usr/bin/mythfrontend
W: mythtv-frontend: binary-without-manpage usr/bin/mythfrontend.real
W: mythtv-frontend: binary-without-manpage usr/bin/mythlcdserver
W: mythtv-frontend: binary-without-manpage usr/bin/mythmediaserver
W: mythtv-frontend: binary-without-manpage usr/bin/mythreplex
W: mythtv-frontend: binary-without-manpage usr/bin/mythwelcome
E: mythmusic: possible-gpl-code-linked-with-openssl
E: mythnews: possible-gpl-code-linked-with-openssl
W: mythnews: description-synopsis-starts-with-article
E: mytharchive: possible-gpl-code-linked-with-openssl
W: mytharchive: binary-without-manpage usr/bin/mytharchivehelper
E: mythtv-common: possible-gpl-code-linked-with-openssl
W: mythtv-common: description-synopsis-starts-with-article
E: mythtv-common: package-installs-python-bytecode
usr/share/mythtv/internetcontent/nv_python_libs/vimeo/vimeo_data.pyc
N:
N: Compiled python source files must not be included in the package. These
N: files should be removed from the package and created at package
N: installation time in the postinst.
N:
N: Refer to Debian Python Policy section 2.6 (Modules Byte-Compilation) for
N: details.
N:
N: Severity: serious, Certainty: certain
N:
N: Check: files, Type: binary, udeb
N:
Info says it all. The bytecode should not be installed. The reasoning
is because Python bytecode are not required to be compatible between
different releases of Python (say between 2.5 and 2.6), thus there's
no guarantee the bytecode will always be compatible between releases.
W: mythtv-common: duplicate-font-file
usr/share/mythtv/themes/MythCenter-wide/fonts/DroidSans-Bold.ttf also
in fonts-droid
N:
N: This package appears to include a font file that is already provided by
N: another package in Debian. Ideally it should instead depend on the
N: relevant font package. If the application in this package loads the font
N: file by name, you may need to include a symlink pointing to the file
N: name of the font in its Debian package.
N:
N: Sometimes the font package containing the font is huge and you only need
N: one font. In that case, you have a few options: modify the package (in
N: conjunction with upstream) to use libfontconfig to find the font that
N: you prefer but fall back on whatever installed font is available, ask
N: that the font package be split apart into packages of a more reasonable
N: size, or add an override and be aware of the duplication when new
N: versions of the font are released.
N:
N: Severity: normal, Certainty: possible
N:
N: Check: files, Type: binary, udeb
N:
Same as with embedded javascript libraries, simply use a symlink and
add the proper depends for mythtv-common.
W: mythtv-common: duplicate-font-file
usr/share/mythtv/themes/MythCenter-wide/fonts/DroidSans.ttf also in
fonts-droid
W: mythtv-common: extra-license-file
usr/share/mythtv/themes/MythCenter-wide/fonts/LICENSE
W: mythtv-common: binary-without-manpage usr/bin/mythccextractor
W: mythtv-common: binary-without-manpage usr/bin/mythffmpeg
W: mythtv-common: binary-without-manpage usr/bin/mythffplay
W: mythtv-common: binary-without-manpage usr/bin/mythmetadatalookup
W: mythtv-common: binary-without-manpage usr/bin/mythshutdown
W: mythtv-common: binary-without-manpage usr/bin/mythutil
W: mythtv-common: executable-not-elf-or-script
usr/share/mythtv/internetcontent/nv_python_libs/vimeo/oauth/oauth_api.py
W: mythtv: description-synopsis-starts-with-article
--
~ Andres
More information about the Ubuntu-mythtv
mailing list