The issue filed: https://github.com/rpminspect/rpminspect/issues/133

I bumped up priority on this one to get something usable for Fedora CI and others quickly. The 'symlinks' inspection is now present. Here's what it does:

* Checks all symlinks present in the 'after' build. If you are comparing two builds, that's the second build. If you are just running rpminspect against a single build, it's that build.

* For each symlink found: - Read the destination and see if it exists in any subpackage in the build. If it does not exist, report the dangling symlink as VERIFY - For symlinks with too many levels of redirection (ELOOP), report it as dangling with the strerror() output on ELOOP as the details. - If a symlink found was a directory in the before build, report this change as BAD. This is a limitation of rpm and we want rpminspect to guard against packages doing it. - If any non-directory in the before build became a symlink in the after build, report that as a VERIFY.

And that's about it. The trick here is that we permit symlink source and destinations to span subpackages, so we cannot rely on readlink(3) and realpath(3) in the code. Absolute symlinks are easy enough to deal with, but what I do for relative symlinks is manually resolve the destination. I have tested what I am doing with things like ncurses builds and debuginfo packages and things with lots of symlinks and everything is resolving correctly. Valgrind reports 0 bytes lost. Hooray!

WHAT I NEED FROM YOU:

* Please test the latest rpminspect available in Copr: https://copr.fedorainfracloud.org/coprs/dcantrell/rpminspect/

* You can reduce what inspections rpminspect runs with the -T option, so you could do: rpminspect -T symlinks NVR

* Run single build inspections but also build comparisons. Use Koji build NVRs and rpminspect will fetch them.

* Report problems on the rpminspect Github project page. Please open new issues rather than piling on to a single issue. It makes things easier for me.

Thanks,