Added lots more modules from lintian. Maemian appears to work.

[maemian] / checks / binaries.desc

Check-Script: binaries
Author: Christian Schwarz <schwarz@debian.org>
Abbrev: bin
Type: binary, udeb
Unpack-Level: 1
Needs-Info: objdump-info, file-info, strings
Info: This script checks binaries and object files for bugs.

Tag: arch-independent-package-contains-binary-or-object
Severity: serious
Certainty: possible
Info: The package contains a binary or object file but is tagged
 Architecture: all.
 .
 If this package contains binaries or objects for cross-compiling or
 binary blobs for other purposes independent of the host architecture
 (such as BIOS updates or firmware), please add a Maemian override.

Tag: unstripped-binary-or-object
Severity: important
Certainty: certain
Ref: policy 10.1, policy 10.2
Info: The package installs an unstripped binary or object file.
 .
 Please note, that shared libraries have to be stripped with the
 <tt>--strip-unneeded</tt> option.

Tag: library-in-debug-or-profile-should-not-be-stripped
Severity: important
Certainty: certain
Info: Libraries in <tt>.../lib/debug</tt> or in
 <tt>.../lib/profile</tt> usually should not be stripped.

Tag: statically-linked-binary
Severity: important
Certainty: possible
Info: The package installs a statically linked binary or object file.
 .
 Usually this is a bug. Otherwise, please install an override if your package
 is an exception. Note that binaries named *-static and *.static are already
 excluded, just as any binaries in packages named *-static.

Tag: library-not-linked-against-libc
Severity: minor
Certainty: certain
Info: The package installs a library which is not dynamically linked
 against libc.

Tag: program-not-linked-against-libc
Severity: minor
Certainty: certain
Info: The package installs a binary which is not dynamically linked
 against libc.

Tag: binary-or-shlib-defines-rpath
Severity: normal
Certainty: certain
Ref: http://wiki.debian.org/RpathIssue
Info: The binary or shared library sets RPATH.  This overrides the normal
 library search path, possibly interfering with local policy and causing
 problems for multilib, among other issues.
 .
 The only time a binary or shared library in a Debian package should set
 RPATH is if it is linked to private shared libraries in the same package.
 In that case, place those private shared libraries in
 <tt>/usr/lib/<i>package</i></tt>.  Libraries used by binaries in other
 packages should be placed in <tt>/lib</tt> or <tt>/usr/lib</tt> as
 appropriate, with a proper SONAME, in which case RPATH is unnecessary.
 .
 To fix this problem, look for link lines like:
     gcc test.o -o test -Wl,--rpath,/usr/local/lib
 or
     gcc test.o -o test -R/usr/local/lib
 and remove the <tt>-Wl,--rpath</tt> or <tt>-R</tt> argument.  You can also
 use the chrpath utility to remove the RPATH.

Tag: binary-has-unneeded-section
Severity: wishlist
Certainty: certain
Info: The binary or shared library is stripped, but still contains a
 section that is not useful.  You should call strip with
 <tt>--remove-section=.comment --remove-section=.note</tt> to remove the
 <tt>.note</tt> and <tt>.comment</tt> sections.
 .
 <tt>dh_strip</tt> will do this automatically for you, but
 <tt>install -s</tt> not because it calls strip without any arguments.

Tag: missing-depends-line
Severity: normal
Certainty: certain
Info: The package contains an ELF binary with dynamic dependencies,
 but does not have a Depends line in its control file.  This usually
 means that a call to <tt>dpkg-shlibdeps</tt> is missing from the
 package's <tt>debian/rules</tt> file.

Tag: shared-lib-without-dependency-information
Severity: normal
Certainty: certain
Info: The listed shared library doesn't include information about which
 other libraries the library was linked against. (When running "<tt>ldd
 foo.so</tt>" ldd should report about these other libraries. In your
 case, ldd just reports "statically linked".)
 .
 To fix this, you should explicitly specify the libraries which are
 used (e.g., "-lc") when building the shared library with "ld".
 .
 If you have questions about this, please contact &debdev;.

Tag: arch-dependent-file-in-usr-share
Severity: important
Certainty: certain
Ref: fhs usrsharearchitectureindependentdata
Info: This package installs an ELF binary in the <tt>/usr/share</tt>
 hierarchy, which is reserved for architecture-independent files.

Tag: binary-in-etc
Severity: important
Certainty: certain
Ref: fhs etchostspecificsystemconfiguration
Info: This package installs an ELF binary in <tt>/etc</tt>.
 The Filesystem Hierarchy Standard forbids this.

Tag: binary-compiled-with-profiling-enabled
Severity: normal
Certainty: certain
Info: While profiling is useful for testing and debugging purposes, enabling
 it causes a program to leave gmon.out files whenever a user runs it.

Tag: binary-file-compressed-with-upx
Severity: important
Certainty: certain
Info: Debian does not allow binaries to be compressed by UPX.

Tag: package-name-doesnt-match-sonames
Severity: normal
Certainty: possible
Info: The package name of a library package should usually reflect
 the soname of the included library. The package name can determined
 from the library file name with the following code snippet:
 .
  $ objdump -p /path/to/libfoo-bar.so.1.2.3 | sed -n -e's/^[[:space:]]*SONAME[[:space:]]*//p' | sed -e's/\([0-9]\)\.so\./\1-/; s/\.so\.//'
Ref: libpkg-guide 5

Tag: binary-with-bad-dynamic-table
Severity: important
Certainty: possible
Info: This appears to be an ELF file but objdump -T cannot parse it.
 If it is external debugging symbols for another file, it should be
 installed under /usr/lib/debug.

Tag: apparently-corrupted-elf-binary
Severity: normal
Certainty: possible
Info: This appears to be an ELF file but objdump -T doesn't recognize it
 as valid.  This may be a mistake or a corrupted file, you may need to
 install binutils-multiarch on the system running lintian so that
 non-native binaries are handled correctly, or it may be a
 misidentification of a file as ELF that actually isn't.

Tag: apparently-truncated-elf-binary
Severity: normal
Certainty: possible
Info: This appears to be an ELF file, but objdump believes it is
 truncated.  This may be a mistake or a corrupted file, or it may be a
 misidentification of a file as ELF that actually isn't.

Tag: missing-dependency-on-libc
Severity: serious
Certainty: certain
Ref: policy 8.6
Info: The listed file appears to be linked against the C library, but the
 package doesn't depend on the C library package.  Normally this indicates
 that ${shlibs:Depends} was omitted from the Depends line for this package
 in <tt>debian/control</tt>.
 .
 All shared libraries and compiled binaries must be run through
 dpkg-shlibdeps to find out any libraries they are linked against (often
 via the dh_shlibdeps debhelper command).  The package containing these
 files must then depend on ${shlibs:Depends} in <tt>debian/control</tt> to
 get the proper package dependencies for those libraries.

Tag: missing-dependency-on-perlapi
Severity: serious
Certainty: certain
Ref: perl-policy 4.4.2
Info: This package includes a *.so file in <tt>/usr/lib/perl5</tt>,
 normally indicating that it includes a binary Perl module.  Binary Perl
 modules must depend on perlapi-$Config{version} (from the Config module).
 If the package is using debhelper, this problem is usually due to a
 missing dh_perl call in <tt>debian/rules</tt> or a missing
 ${perl:Depends} substitution variable in the Depends line in
 <tt>debian/control</tt>.

Tag: debug-file-should-use-detached-symbols
Severity: normal
Certainty: certain
Ref: devref 6.7.9
Info: This file is in a location generally used for detached debugging
 symbols, but it appears to contain a complete copy of the executable or
 library instead of only the debugging symbols.  Files in subdirectories
 of <tt>/usr/lib/debug</tt> mirroring the main file system should contain
 only debugging information generated by <tt>objcopy
 --only-keep-debug</tt>.  Binaries or shared objects built with extra
 debugging should be installed directly in <tt>/usr/lib/debug</tt> or in
 subdirectories corresponding to the package, not in the directories that
 mirror the main file system.
 .
 If you are using dh_strip with the --dbg-package flag, don't also install
 the library in <tt>/usr/lib/debug</tt>.  dh_strip does all the work for
 you.

Tag: binary-from-other-architecture
Severity: serious
Certainty: possible
Info: This ELF binary appears to have been built for an architecture other
 than the one of the binary package being tested.  This may occur when a
 pre-built binary is shipped in the package or when an attempt to
 cross-compile didn't work.

Tag: spelling-error-in-binary
Severity: normal
Certainty: wild-guess
Experimental: yes
Info: Maemian found a spelling error in the given binary.  Maemian has a
 list of common misspellings that it looks for.  It does not have a
 dictionary like a spelling checker does.  For Maemian's convenience all
 words are normalised to lower case.
 .
 If the string containing the spelling error is translated with the help
 of gettext or a similar tool, please fix the error in the translations as
 well as the English text to avoid making the translations fuzzy.  With
 gettext, for example, this means you should also fix the spelling mistake
 in the corresponding msgids in the *.po files.
 .
 To find the original word you can run:
 .
 <tt>strings &lt;binary&gt; | grep -i &lt;word&gt;</tt>
 .
 You can often find the word in the source code by running:
 .
 <tt>grep -r '\b&lt;original-word&gt;\b' &lt;source-tree&gt;</tt>

Tag: embedded-zlib
Severity: important
Certainty: certain
Info: The given ELF object appears to have been statically linked to zlib.
 Doing this is discouraged due to the extra work needed by the security team
 to fix all the extra embedded copies or trigger the package rebuilds, as
 appropriate.