The issue filed:
I bumped up priority on this one to get something usable for Fedora CI and
others quickly. The 'symlinks' inspection is now present. Here's what it
* Checks all symlinks present in the 'after' build. If you are comparing two
builds, that's the second build. If you are just running rpminspect against
a single build, it's that build.
* For each symlink found:
- Read the destination and see if it exists in any subpackage in the
build. If it does not exist, report the dangling symlink as VERIFY
- For symlinks with too many levels of redirection (ELOOP), report it
as dangling with the strerror() output on ELOOP as the details.
- If a symlink found was a directory in the before build, report this
change as BAD. This is a limitation of rpm and we want rpminspect
to guard against packages doing it.
- If any non-directory in the before build became a symlink in the
after build, report that as a VERIFY.
And that's about it. The trick here is that we permit symlink source and
destinations to span subpackages, so we cannot rely on readlink(3) and
realpath(3) in the code. Absolute symlinks are easy enough to deal with, but
what I do for relative symlinks is manually resolve the destination. I have
tested what I am doing with things like ncurses builds and debuginfo packages
and things with lots of symlinks and everything is resolving correctly.
Valgrind reports 0 bytes lost. Hooray!
WHAT I NEED FROM YOU:
* Please test the latest rpminspect available in Copr:
* You can reduce what inspections rpminspect runs with the -T option, so you
rpminspect -T symlinks NVR
* Run single build inspections but also build comparisons. Use Koji build
NVRs and rpminspect will fetch them.
* Report problems on the rpminspect Github project page. Please open new
issues rather than piling on to a single issue. It makes things easier for
David Cantrell <dcantrell(a)redhat.com>
Red Hat, Inc. | Boston, MA | EST5EDT