X-Git-Url: http://vcs.maemo.org/git/?a=blobdiff_plain;f=checks%2Ffiles.desc;fp=checks%2Ffiles.desc;h=7f18c8f78862b66fa1db4e5b9e73fd9d6a1e931f;hb=1960326d487467271f731ff6a62830404a4947af;hp=0000000000000000000000000000000000000000;hpb=ce31209d7230201c69f8f234032a774fbbbc43cd;p=maemian diff --git a/checks/files.desc b/checks/files.desc new file mode 100644 index 0000000..7f18c8f --- /dev/null +++ b/checks/files.desc @@ -0,0 +1,979 @@ +Check-Script: files +Author: Christian Schwarz +Abbrev: fil +Type: binary, udeb +Unpack-Level: 2 +Needs-Info: objdump-info, scripts, file-info +Info: This script checks if a binary package conforms to policy + WRT to files and directories. + +Tag: package-contains-ancient-file +Severity: important +Certainty: certain +Info: Your package contains a file that claims to have been generated + more than 20 years ago. This is most probably an error. Your package + will be rejected by the Debian archive scripts if it contains a file + with such a timestamp. + +Tag: old-app-defaults-directory +Severity: important +Certainty: certain +Info: The app-defaults files have moved to /etc/X11/app-defaults/. Files in + the old directory, /usr/X11R6/lib/X11/app-defaults/, will no longer be + used by X. The old directory should not exist in packages at all; + this prevents X from replacing it with a compatibility symlink. +Ref: policy 11.8.6 + +Tag: package-installs-font-to-usr-x11r6 +Severity: important +Certainty: certain +Info: The standard location for X fonts has moved to /usr/share/fonts/X11. + Packages providing X fonts must install them into the new path. Fonts + installed into the old /usr/X11R6/lib/X11/fonts path may not be seen by + the X server. + . + If the package uses imake, it must build-depend on xutils-dev (>= + 1:1.0.2-2) for the correct paths. If it uses dh_installxfonts to handle X + font installation, it must build-depend on debhelper (>= 5.0.31). +Ref: policy 11.8.5 + +Tag: package-installs-file-to-usr-x11r6-bin +Severity: important +Certainty: certain +Info: Debian has switched to the modular X tree which now uses the regular + FHS paths, and all packages must follow. All packages installing binaries + must install them into /usr/bin (or some other appropriate location) + instead of /usr/X11R6/bin. + . + The x11-common package attempts to change /usr/X11R6/bin into a symlink + to /usr/bin, so if this migration has already occurred, a package + installing files into /usr/X11R6/bin may appear to install + successfully. However, such a package will be left in an inconsistent + state and may orphan files when the compatibility link goes away. + . + If the package uses imake, it must build-depend on xutils-dev (>= + 1:1.0.2-2) for the correct paths. +Ref: policy 11.8.7 + +Tag: file-in-usr-something-x11-without-pre-depends +Severity: wishlist +Certainty: certain +Info: Packages that install files into /usr/include/X11 or /usr/lib/X11 + should pre-depend on at least x11-common (>= 1:7.0.0). These directories + used to be symlinks and installing files in them while they are still + symlinks will put files in the wrong locations and cause stranded files + and other problems. x11-common is responsible for converting the + symlinks to regular directories. + . + A fresh etch (or later) install will not have problems even without this + dependency, but this dependency is needed for upgrades from sarge and is + therefore still useful for backports. +Ref: policy 11.8.7 + +Tag: package-installs-file-to-usr-x11r6 +Severity: important +Certainty: certain +Info: Packages using the X Window System should not be configured to install + files under the /usr/X11R6/ directory. Debian has switched to the modular + X tree which now uses regular FHS paths and all packages should follow. + . + Programs that use GNU autoconf and automake are usually easily configured + at compile time to use /usr/ instead of /usr/X11R6/. Packages that use + imake must build-depend on xutils-dev (>= 1:1.0.2-2) for the correct + paths. +Ref: policy 11.8.7 + +Tag: config-file-reserved +Severity: important +Certainty: certain +Info: This file is reserved by a specific package. Please email the + maintainer of the package in question if you have questions. + +Tag: package-uses-obsolete-file +Severity: normal +Certainty: certain +Info: the file, /etc/nntpserver, is no longer recommenced. As of policy + revision 2.5.1.0, /etc/news/server is the preferred file to use to specify + a news server. +Ref: policy 11.7 + +Tag: FSSTND-dir-in-usr +Severity: serious +Certainty: certain +Info: As of policy version 3.0.0.0, Debian no longer follows the FSSTND. + . + Instead, the Filesystem Hierarchy Standard (FHS), version 2.3, is + used. You can find it in /usr/share/doc/debian-policy/fhs/ . +Ref: policy 9.1.1 + +Tag: FSSTND-dir-in-var +Severity: serious +Certainty: certain +Info: As of policy version 3.0.0.0, Debian no longer follows the FSSTND. + . + Instead, the Filesystem Hierarchy Standard (FHS), version 2.3, is + used. You can find it in /usr/share/doc/debian-policy/fhs/ . +Ref: policy 9.1.1 + +Tag: package-installs-into-etc-gconf-schemas +Severity: normal +Certainty: certain +Info: The package installs files into the /etc/gconf/schemas + directory. No package should do this; this directory is reserved for + local overrides. Instead, schemas should be installed into + /usr/share/gconf/schemas. + +Tag: package-installs-into-etc-rc.d +Severity: serious +Certainty: certain +Info: The package installs files into the /etc/rc.d or + /etc/rc?.d which is not allowed. +Ref: policy 9.3.3 + +Tag: package-installs-into-etc-rc.boot +Severity: serious +Certainty: certain +Info: The package installs files in the /etc/rc.boot directory, + which is obsolete. See rc.boot(5) for details. +Ref: policy 9.3.4 + +Tag: non-standard-file-permissions-for-etc-init.d-script +Severity: important +Certainty: certain +Info: Usually, scripts in the /etc/init.d directory should have + mode 0755. + +Tag: file-directly-in-usr-share +Severity: serious +Certainty: certain +Info: Packages should not install files directly in /usr/share, + i.e., without a subdirectory. + . + You should either create a subdirectory /usr/share/... for your + package or place the file in /usr/share/misc. + +Tag: file-in-usr-local +Severity: serious +Certainty: certain +Info: The package installs a file in /usr/local/... which is + not allowed. +Ref: policy 9.1.2 + +Tag: stray-directory-in-manpage-directory +Severity: important +Certainty: certain +Info: This package installs a directory under /usr/share/man or + /usr/X11R6/man that isn't a manual section directory or locale + directory. +Ref: fhs usrsharemanmanualpages + +Tag: executable-manpage +Severity: important +Certainty: certain +Info: Manual pages are not meant to be executed. + +Tag: dir-in-usr-local +Severity: serious +Certainty: certain +Info: The package installs a directory in /usr/local/... which is + not allowed. + . + If you want to provide an empty directory in /usr/local for + convenience of the local system administrator, please follow the rules + in the policy manual (section 9.1.2), i.e., create the directories in + the postinst script but don't fail if this isn't possible (e.g., if + /usr/local is mounted read-only). +Ref: policy 9.1.2 + +Tag: non-standard-dir-perm +Severity: normal +Certainty: possible +Info: The directory has a mode different from 0755, and it's not one of the + known exceptions. +Ref: policy 10.9 + +Tag: executable-is-not-world-readable +Severity: normal +Certainty: certain +Info: All executables should be readable by any user. Since anyone can + download the Debian package and obtain a copy of the executable, no + security is gained by making the executable unreadable even for setuid + binaries. If only members of a certain group may execute this file, + remove execute permission for world, but leave read permission. +Ref: policy 10.9 + +Tag: non-standard-executable-perm +Severity: normal +Certainty: certain +Info: Executables that are not setuid or setgid should always have a mode + of 0755. Since anyone can obtain the executable by downloading the + Debian package and extracting it, restricting access serves little + purpose. +Ref: policy 10.9 + +Tag: non-standard-game-executable-perm +Severity: normal +Certainty: certain +Info: The file is owned by the games group but is not mode 2755. If a + game does not have to be setgid games, it should be owned by the root + group like any other executable. This executable is either owned by the + wrong group or is not setgid when it should be. +Ref: policy 11.11 + +Tag: non-standard-setuid-executable-perm +Severity: normal +Certainty: certain +Info: The file is setuid or setgid and has a mode different from any of + 2755, 4755, 4754, or 6755. Any other permissions on setuid executables + is probably a bug. In particular, removing root write privileges serves + no purpose, group-writable setuid or setgid executables are probably bad + ideas, and setgid executables that are not world-executable serve little + purpose. +Ref: policy 10.9 + +Tag: setuid-binary +Severity: normal +Certainty: possible +Info: The file is tagged SETUID. In some cases this is intentional, but in + other cases this is a bug. If this is intentional, please add a lintian + override to document this fact. + +Tag: setgid-binary +Severity: normal +Certainty: possible +Info: The file is tagged SETGID. In some cases this is intentional, but in + other cases this is a bug. If this is intentional, please add a lintian + override to document this fact. + +Tag: setuid-gid-binary +Severity: normal +Certainty: possible +Info: The file is tagged SETUID and SETGID. In some cases this is + intentional, but in other cases this is a bug. If this is intentional, + please add a lintian override to document this fact. + +Tag: non-standard-file-perm +Severity: normal +Certainty: certain +Info: The file has a mode different from 0644. In some cases this is + intentional, but in other cases this is a bug. +Ref: policy 10.9 + +Tag: special-file +Severity: serious +Certainty: certain +Info: The package contains a special file (e.g., a device file). + This is forbidden by current policy. If your program needs this device, + you should create it by calling makedev from the postinst + script. +Ref: policy 10.6 + +Tag: old-style-example-dir +Severity: important +Certainty: certain +Info: The package installs some files into the old + /usr/doc/examples directory. The new location for examples + is /usr/share/doc/pkg/examples. +Ref: policy 12.6 + +Tag: compressed-symlink-with-wrong-ext +Severity: important +Certainty: certain +Info: The package installs a symbolic link pointing to a compressed file, + but the symbolic link does not use the same file extension than the + referenced file. In most cases, this can produce troubles when the + user or a program tries to access the file through the link. +Ref: policy 10.5 + +Tag: symlink-has-double-slash +Severity: minor +Certainty: certain +Info: This symlink contains two successive slashes (//). This is in violation + of policy, where it is stated that symlinks should be as short as possible + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: symlink-ends-with-slash +Severity: minor +Certainty: certain +Info: This symlink ends with a slash (/). This is in violation + of policy, where it is stated that symlinks should be as short as possible + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: symlink-should-be-relative +Severity: normal +Certainty: certain +Info: Symlinks to files which are in the same top-level directory should be + relative according to policy. (In other words, a link in /usr to another + file in /usr should be relative, while a link in /usr to a file in /etc + should be absolute.) + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: symlink-should-be-absolute +Severity: important +Certainty: certain +Info: Symbolic links between different top-level directories should be + absolute. + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: udeb-contains-documentation-file +Severity: important +Certainty: certain +Info: udeb packages should not contain any documentation. + +Tag: executable-in-usr-share-doc +Severity: important +Certainty: certain +Info: Usually, documentation files in /usr/share/doc should have mode + 0644. If the executable is an example, it should go in + /usr/share/doc/pkg/examples. + +Tag: script-in-usr-share-doc +Severity: wishlist +Certainty: certain +Info: Scripts are usually not documentation files, unless they are + examples, in which case they should be in the + /usr/share/doc/pkg/examples directory. + +Tag: symlink-has-too-many-up-segments +Severity: important +Certainty: certain +Info: The symlink references a directory beyond the root directory "/". + +Tag: lengthy-symlink +Severity: important +Certainty: certain +Info: This link goes up, and then back down into the same subdirectory. + Making it shorter will improve its chances of finding the right file + if the user's system has lots of symlinked directories. + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: symlink-is-self-recursive +Severity: normal +Certainty: possible +Info: The symbolic link is recursive to a higher directory of the symlink + itself. This means, that you can infinitely chdir with this symlink. This is + usually not okay, but sometimes wanted behaviour. + +Tag: symlink-contains-spurious-segments +Severity: important +Certainty: certain +Info: The symbolic link has needless segments like ".." and "." in the + middle. These are unneeded and make the link longer than it could be, + which is in violation of policy. They can also cause problems in the + presence of symlinked directories. + . + If you use debhelper, running dh_link after creating the package structure + will fix this problem for you. +Ref: policy 10.5 + +Tag: run-parts-cron-filename-contains-full-stop +Severity: normal +Certainty: certain +Info: The script in /etc/cron.<time-interval> will not be executed by + run-parts(8) because the filename contains a "." (full stop). +Ref: run-parts(8) + +Tag: bad-permissions-for-etc-cron.d-script +Severity: important +Certainty: certain +Info: Files in /etc/cron.d are configuration files for cron and not + scripts. Thus, they should not be marked executable. + +Tag: bad-permissions-for-etc-emacs-script +Severity: important +Certainty: certain +Info: Files in the /etc/emacs* directories should not be marked + executable. + +Tag: image-file-in-usr-lib +Severity: normal +Certainty: certain +Info: This package installs a pixmap or a bitmap within /usr/lib. + According to the Filesystem Hierarchy Standard, architecture-independent + files need to be placed within /usr/share instead. + +Tag: file-directly-in-usr-share-doc +Severity: serious +Certainty: certain +Info: Documentation files have to be installed in + /usr/share/doc/pkg. +Ref: policy 12.3 + +Tag: bad-owner-for-doc-file +Severity: important +Certainty: certain +Info: Documentation files should be owned by root/root. + +Tag: dir-or-file-in-var-lock +Severity: serious +Certainty: possible +Info: /var/lock may be a temporary filesystem, so any directories + or files needed there must be created dynamically at boot time. +Ref: policy 9.3.2 + +Tag: dir-or-file-in-var-run +Severity: serious +Certainty: possible +Info: /var/run may be a temporary filesystem, so any directories + or files needed there must be created dynamically at boot time. +Ref: policy 9.3.2 + +Tag: dir-or-file-in-var-www +Severity: important +Certainty: certain +Ref: fhs thevarhierarchy +Info: Debian packages should not install files under /var/www. + This is not one of the /var directories in the File Hierarchy + Standard and is under the control of the local administrator. Packages + should not assume that it is the document root for a web server; it is + very common for users to change the default document root and packages + should not assume that users will keep any particular setting. + . + Packages that want to make files available via an installed web server + should instead put instructions for the local administrator in a + README.Debian file and ideally include configuration fragments for common + web servers such as Apache. + . + As an exception, packages are permitted to create the /var/www + directory due to its past history as the default document root, but + should at most copy over a default file in postinst for a new install. + +Tag: dir-or-file-in-tmp +Severity: important +Certainty: certain +Info: Packages should not install into /tmp or /var/tmp. + +Tag: dir-or-file-in-mnt +Severity: important +Certainty: certain +Info: Packages should not install into /mnt. The FHS states that + the contents of this directory is a local issue. + +Tag: dir-or-file-in-opt +Severity: important +Certainty: certain +Info: Debian packages should not install into /opt, because it + is reserved for add-on software. + +Tag: dir-or-file-in-srv +Severity: important +Certainty: certain +Ref: fhs therootfilesystem +Info: Debian packages should not install into /srv. The + specification of /srv states that its structure is at the + discretion of the local administrator and no package should rely on any + particular structure. Debian packages that install files directly into + /srv can't adjust for local policy about its structure and in + essence force a particular structure. + . + If a package wishes to put its data in /srv, it must do this in + a way that allows the local administrator to specify and preserve their + chosen directory structure (such as through post-install configuration, + setup scripts, debconf prompting, etc.). + +Tag: third-party-package-in-python-dir +Severity: normal +Certainty: certain +Info: According to + http://www.python.org/doc/essays/packages.html, third-party + python packages should install their files in + /usr/lib/python1.5/site-packages. All other directories in + /usr/lib/python1.5 are for use by the core python packages. + +Tag: perl-module-in-core-directory +Severity: important +Certainty: certain +Info: Packaged modules must not be installed into the core perl + directories as those directories change with each upstream perl + revision. The vendor directories are provided for this purpose. +Ref: perl-policy 3.1 + +Tag: backup-file-in-package +Severity: normal +Certainty: certain +Info: There is a file in the package whose name matches the format emacs + or vim uses for backup and autosave files. It may have been installed by + accident. + +Tag: nfs-temporary-file-in-package +Severity: normal +Certainty: certain +Info: There is a file in the package whose name matches the format NFS + uses to temporarily save files that were deleted while another process + had them open. It may have been included in the package by accident + while building the package in an NFS filesystem. + +Tag: windows-thumbnail-database-in-package +Severity: normal +Certainty: certain +Info: There is a file in the package named Thumbs.db or + Thumbs.db.gz, which is normally a Windows image thumbnail + database. Such databases are generally useless in Debian packages and + were usually accidentally included by copying complete directories from + the source tarball. + +Tag: macos-ds-store-file-in-package +Severity: normal +Certainty: certain +Info: There is a file in the package named .DS_Store or + .DS_Store.gz, the file name used by Mac OS X to store folder + attributes. Such files are generally useless in Debian packages and were + usually accidentally included by copying complete directories from the + source tarball. + +Tag: macos-resource-fork-file-in-package +Severity: normal +Certainty: certain +Info: There is a file in the package with a name starting with + ._, the file name pattern used by Mac OS X to store resource + forks in non-native file systems. Such files are generally useless in + Debian packages and were usually accidentally included by copying + complete directories from the source tarball. + +Tag: package-installs-perllocal-pod +Severity: normal +Certainty: certain +Info: This package installs a file perllocal.pod. Since that + file is intended for local documentation, it is not likely that it is + a good place for documentation supplied by a Debian package. In fact, + installing this package will wipe out whatever local documentation + existed there. + +Tag: extra-license-file +Severity: normal +Certainty: possible +Ref: policy 12.5 +Info: All license information should be collected in the + debian/copyright file. This usually makes it unnecessary + for the package to install this information in other places as well. + +Tag: non-standard-toplevel-dir +Severity: important +Certainty: certain +Info: The Filesystem Hierarchy Standard forbids the installation of new + files or directories in the root directory. +Ref: fhs therootfilesystem + +Tag: subdir-in-bin +Severity: serious +Certainty: certain +Info: The Filesystem Hierarchy Standard forbids the installation of new + directories in /bin. +Ref: fhs binessentialusercommandbinaries + +Tag: subdir-in-usr-bin +Severity: serious +Certainty: certain +Info: The Filesystem Hierarchy Standard forbids the installation of new + directories in /usr/bin other than /usr/bin/mh. +Ref: fhs usrbinmostusercommands + +Tag: non-standard-dir-in-usr +Severity: normal +Certainty: certain +Info: The FHS says "No large software packages should use a direct + subdirectory under the /usr hierarchy". This package contains + a directory in /usr that is not mentioned in the Filesystem + Hierarchy Standard. +Ref: fhs theusrhierarchy + +Tag: non-standard-dir-in-var +Severity: important +Certainty: certain +Info: The FHS says "Applications should generally not add directories to + the top level of /var. Such directories should only be added + if they have some system-wide implication, and in consultation with the + FHS mailing list." +Ref: fhs thevarhierarchy + +Tag: use-of-compat-symlink +Severity: important +Certainty: certain +Info: This package uses a directory that, according to the Filesystem + Hierarchy Standard, should exist only as a compatibility symlink. + Packages should not traverse such symlinks when installing files, they + should use the standard directories instead. + +Tag: file-in-unusual-dir +Severity: normal +Certainty: certain +Info: This file or symbolic link is in a directory where files are not + normally installed by Debian packages. + +Tag: package-installs-packlist +Severity: important +Certainty: certain +Info: Packages built using the perl MakeMaker package will have a file + named .packlist in them. Those files are useless, and (in some cases) + have the additional problem of creating an architecture-specific + directory name in an architecture-independent package. + . + They can be suppressed by adding the following to debian/rules: + . + find debian/pkg -type f -name .packlist | xargs rm -f + . + or by telling MakeMaker to use vendor install dirs; consult a recent + version of Perl policy. Perl 5.6.0-12 or higher supports this. +Ref: perl-policy 4.1 + +Tag: zero-byte-file-in-doc-directory +Severity: normal +Certainty: possible +Info: The documentation directory for this package contains an empty + file. This is often due to installing an upstream NEWS or README file + without realizing it's empty and hence not useful. + . + Files in the examples subdirectory are excluded from this check, but + there are some cases where empty files are legitimate parts of the + documentation without being examples. In those cases, please add an + override. + +Tag: override-file-in-wrong-location +Severity: important +Certainty: certain +Info: Maemian overrides should be put in a regular file named + /usr/share/lintian/overrides/package, not in a subdirectory + named for the package or in the obsolete location under /usr/share/doc. + See the Maemian documentation for more information on proper naming and + format. +Ref: lintian 2.4 + +Tag: package-contains-upstream-install-documentation +Severity: normal +Certainty: possible +Ref: policy 12.3 +Info: Binary packages do not need to contain the instructions for building + and installing the package as this info is not needed by package users. + If the info contained is important for configuration perhaps it could be + summarized in README.Debian, otherwise an override may be added. + +Tag: package-contains-hardlink +Severity: normal +Certainty: certain +Info: The package contains a hardlink in /etc or across different + directories. This might not work at all if directories are on different + filesystems (which can happen anytime as the system administrator sees fit), + certain filesystems such as AFS don't even support cross-directory hardlinks + at all. + . + For configuration files, certain editors might break hardlinks, and so + does dpkg in certain cases. + . + A better solution might be using symlinks here. +Ref: policy 10.7.3 + +Tag: package-contains-bts-control-dir +Severity: normal +Certainty: certain +Info: The package contains a control directory for a bug tracking system. + It was most likely installed by accident, since bug tracking directories + usually don't belong in packages. + +Tag: package-contains-vcs-control-dir +Severity: normal +Certainty: certain +Info: The package contains a control directory for a version control system. + It was most likely installed by accident, since version control directories + usually don't belong in packages. + +Tag: package-contains-xvpics-dir +Severity: important +Certainty: certain +Info: Package contains a .xvpics directory. It was most likely installed by + accident, since thumbnails usually don't belong in packages. + +Tag: package-contains-vcs-control-file +Severity: normal +Certainty: certain +Info: The package contains a VCS control file such as .(cvs|git|hg)ignore. + Files such as these are used by revision control systems to, for example, + specify untracked files it should ignore or inventory files. This file + is generally useless in an installed package and was probably installed + by accident. + +Tag: svn-commit-file-in-package +Severity: normal +Certainty: certain +Info: The package contains an svn-commit(.NNN).tmp file. This file is + almost certainly a left-over from a failed Subversion commit, and does + not belong in a Debian package. + +Tag: svk-commit-file-in-package +Severity: normal +Certainty: certain +Info: The package contains an svk-commitNNN.tmp file. This file is almost + certainly a left-over from a failed Subversion commit, and does not + belong in a Debian package. + +Tag: nested-examples-directory +Severity: important +Certainty: certain +Info: Package contains a usr/share/doc/something/examples/examples + directory. It was most likely installed by accident, since one examples/ + directory should be enough for everybody(tm). + +Tag: package-installs-nonbinary-perl-in-usr-lib-perl5 +Severity: normal +Certainty: certain +Info: Architecture-independent Perl code should be placed in + /usr/share/perl5, not /usr/lib/perl5 + unless there is at least one architecture-dependent file + in the module. +Ref: perl-policy 2.3 + +Tag: file-in-usr-lib-site-python +Severity: important +Certainty: certain +Ref: python-policy 1.4 +Info: The directory /usr/lib/site-python has been deprecated as a + location for installing Python modules and may be dropped from Python's + module search path in a future version. Most likely this module is a + private module and should be packaged in a directory outside of Python's + default search path. + +Tag: package-installs-python-pyc +Severity: normal +Certainty: certain +Info: Compiled python source files should not be included in the package. + These files should be removed from the package and created at package + installation time in the postinst. + +Tag: bad-permissions-for-ali-file +Severity: normal +Certainty: certain +Info: Ada Library Information (*.ali) files are required to be read-only + (mode 0444) by GNAT. + . + If at least one user can write the *.ali file, GNAT considers whether + or not to recompile the corresponding source file. Such recompilation + would fail because normal users don't have write permission on the + files. Moreover, such recompilation would defeat the purpose of + library packages, which provide *.a and *.so libraries to link against). + +Tag: package-contains-readme-for-other-platform-or-distro +Severity: normal +Certainty: certain +Info: package contains a README.(platform) file that contains instructions + specific to a platform or distribution other than Debian and thus can + most likely be removed. If it contains information that pertains to + Debian, please consider renaming it, or including it in an already + existing README file. + +Tag: desktop-file-in-wrong-dir +Severity: normal +Certainty: certain +Info: The package contains a .desktop file in an obsolete directory. + According to the menu-spec draft on freedesktop.org, those .desktop files + that are intended to create a menu should be placed in + /usr/share/applications, not /usr/share/gnome/apps. + +Tag: script-with-language-extension +Severity: normal +Certainty: certain +Info: When scripts are installed into a directory in the system PATH, the + script name should not include an extension such as .sh or + .pl that denotes the scripting language currently used to + implement it. The implementation language may change; if it does, + leaving the name the same would be confusing and changing it would be + disruptive. +Ref: policy 10.4 + +Tag: file-in-usr-lib-sgml +Severity: normal +Certainty: certain +Ref: fhs theusrhierarchy +Info: This package installs a file in /usr/lib/sgml. This was + the old location for SGML catalogs and similar flies. All those files + should now go into /usr/share/sgml. + +Tag: file-name-ends-in-whitespace +Severity: normal +Certainty: possible +Info: This package installs a file or directory whose name ends in + whitespace. This might be intentional but it's normally a mistake. If + it is intentional, add a lintian override. + . + One possible cause is using debhelper 5.0.57 or earlier to install a + doc-base file with a Document field that ends in whitespace. + +Tag: package-contains-empty-directory +Severity: wishlist +Certainty: possible +Info: This package installs an empty directory. This might be intentional + but it's normally a mistake. If it is intentional, add a lintian override. + . + If a package ships with or installs empty directories, you can remove them + in debian/rules by calling: + . + $ find path/to/base/dir -type d -empty -delete + +Tag: package-section-games-but-contains-no-game +Severity: important +Certainty: certain +Ref: policy 11.11 +Info: This package is marked as part of the section games, but doesn't + contain files in /usr/games. Binaries of games must be installed + in /usr/games. + +Tag: package-section-games-but-has-usr-bin +Severity: normal +Certainty: possible +Ref: policy 11.11 +Info: This package is marked as part of the section games, but contains + executables in /bin or /usr/bin/. This can be intentional, + but is usually a mistake. + +Tag: games-package-should-be-section-games +Severity: normal +Certainty: possible +Info: All the executables in this package are in /usr/games, but + the package is not in section games. This can be intentional but is + usually a mistake. + +Tag: package-contains-devhelp-file-without-symlink +Severity: normal +Certainty: certain +Info: This package contains a *.devhelp or *.devhelp2 file which is not in + the devhelp search path (/usr/share/devhelp/books and + /usr/share/gtk-doc/html) and is apparently not in a directory + linked into the devhelp search path. This will prevent devhelp from + finding the documentation. + . + If the devhelp documentation is installed in a path outside the devhelp + search path (such as /usr/share/doc), create a symlink in + /usr/share/gtk-doc/html pointing to the documentation directory. + +Tag: debug-package-should-be-named-dbg +Severity: normal +Certainty: certain +Info: This package provides at least one file in /usr/lib/debug, + which is intended for detached debugging symbols, but the package name + does not end in "-dbg". Detached debugging symbols should be put into a + separate package, Priority: extra, with a package name ending in "-dbg". +Ref: devref 6.7.9 + +Tag: package-contains-linda-override +Severity: normal +Certainty: certain +Info: This package contains a linda override file in + /usr/share/linda/overrides. Linda is obsolete and has been + removed from the archive as of 2008-03-04. Linda overrides should + probably be dropped from packages. + +Tag: wrong-file-owner-uid-or-gid +Severity: serious +Certainty: certain +Info: The user or group ID of the owner of the file is invalid. The + owner user and group IDs must be in the set of globally allocated + IDs, because other IDs are dynamically allocated and might be used + for varying purposes on different systems, or are reserved. The set + of the allowed, globally allocated IDs consists of the ranges 0-99, + 64000-64999 and 65534. +Ref: policy 9.2 + +Tag: embedded-javascript-library +Severity: normal +Certainty: possible +Info: This package contains an embedded copy of JavaScript libraries + that are now available in their own packages (for example, JQuery, + Prototype, Mochikit or "Cropper"). Please depend on the appropriate + package and symlink the library into the appropriate location. +Ref: policy 4.13 + +Tag: embedded-feedparser-library +Severity: normal +Certainty: certain +Info: This package contains an embedded copy of Mark Pilgrim's Universal + Feed Parser. Please depend on the "python-feedparser" package and symlink + the library into the appropriate location. +Ref: policy 4.13 + +Tag: embedded-pear-module +Severity: normal +Certainty: possible +Experimental: yes +Info: This package appears to contain an embedded copy of a PEAR module. + Please depend on the respective PEAR package providing the module and + make sure the library can be found by the scripts via the include_path. +Ref: policy 4.13 + +Tag: embedded-php-library +Severity: normal +Certainty: possible +Info: This package appears to contain an embedded copy of a PHP library. + Please depend on the respective package providing the library and + make sure it can be found by the scripts via the include_path. +Ref: policy 4.13 + +Tag: windows-devel-file-in-package +Severity: normal +Certainty: possible +Info: This package appears to contain development files only meaningful to + Windows environments. Such files are generally useless in Debian packages and + were usually accidentally included by copying complete directories from the + source tarball. + +Tag: font-in-non-font-package +Severity: wishlist +Certainty: possible +Info: This package contains a *.ttf or *.otf file, file extensions + normally used for TrueType or OpenType fonts, but the package does not + appear to be a dedicated font package. (Dedicated font package names + should begin with ttf- or otf-.) If the font is + already packaged, you should depend on that package instead. Otherwise, + normally the font should be packaged separately, since fonts are usually + useful outside of the package that embeds them. + +Tag: duplicate-font-file +Severity: normal +Certainty: possible +Info: This package appears to include a font file that is already provided + by another package in Debian. Ideally should instead depend on the + relevant font package. If the application in this package loads the font + file by name, you may need to include a symlink pointing to the file name + of the font in its Debian package. + . + Sometimes the font package containing the font is huge and you only need + one font. In that case, you have a few options: modify the package (in + conjunction with upstream) to use libfontconfig to find the font that you + prefer but fall back on whatever installed font is available, ask that + the font package be split apart into packages of a more reasonable size, + or add an override and be aware of the duplication when new versions of + the font are released. + +Tag: icon-size-and-directory-name-mismatch +Severity: normal +Certainty: certain +Info: The icon has a size that differs from the size specified by the name + of the directory under which it was installed. The icon was probably + mistakenly installed into the wrong directory. + +Tag: gz-file-not-gzip +Severity: normal +Certainty: possible +Info: The given file ends with .gz, which normally indicates it + is compressed with gzip. However, it doesn't seem to be a + gzip-compressed file. gzip will fail with an error on such files. + Normally this indicates a mistake in the installation process of the + package. + +Tag: non-free-flash +Severity: serious +Certainty: possible +Info: The given Flash file has a filename which suggests that it may be + one of a number of known Flash files with non-free content.