xref: /freebsd/tools/pkgbase/metalog_reader.lua (revision e2eeea75eb8b6dd50c1298067a0655880d186734)
1#!/usr/libexec/flua
2
3-- SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4--
5-- Copyright(c) 2020 The FreeBSD Foundation.
6--
7-- Redistribution and use in source and binary forms, with or without
8-- modification, are permitted provided that the following conditions
9-- are met:
10-- 1. Redistributions of source code must retain the above copyright
11--    notice, this list of conditions and the following disclaimer.
12-- 2. Redistributions in binary form must reproduce the above copyright
13--    notice, this list of conditions and the following disclaimer in the
14--    documentation and/or other materials provided with the distribution.
15--
16-- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19-- ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26-- SUCH DAMAGE.
27
28-- $FreeBSD$
29
30function main(args)
31	if #args == 0 then usage() end
32	local filename
33	local printall, checkonly, pkgonly =
34	    #args == 1, false, false
35	local dcount, dsize, fuid, fgid, fid =
36	    false, false, false, false, false
37	local verbose = false
38	local w_notagdirs = false
39
40	local i = 1
41	while i <= #args do
42		if args[i] == '-h' then
43			usage(true)
44		elseif args[i] == '-a' then
45			printall = true
46		elseif args[i] == '-c' then
47			printall = false
48			checkonly = true
49		elseif args[i] == '-p' then
50			printall = false
51			pkgonly = true
52			while i < #args do
53				i = i+1
54				if args[i] == '-count' then
55					dcount = true
56				elseif args[i] == '-size' then
57					dsize = true
58				elseif args[i] == '-fsetuid' then
59					fuid = true
60				elseif args[i] == '-fsetgid' then
61					fgid = true
62				elseif args[i] == '-fsetid' then
63					fid = true
64				else
65					i = i-1
66					break
67				end
68			end
69		elseif args[i] == '-v' then
70			verbose = true
71		elseif args[i] == '-Wcheck-notagdir' then
72			w_notagdirs = true
73		elseif args[i]:match('^%-') then
74			io.stderr:write('Unknown argument '..args[i]..'.\n')
75			usage()
76		else
77			filename = args[i]
78		end
79		i = i+1
80	end
81
82	if filename == nil then
83		io.stderr:write('Missing filename.\n')
84		usage()
85	end
86
87	local sess = Analysis_session(filename, verbose, w_notagdirs)
88
89	if printall then
90		io.write('--- PACKAGE REPORTS ---\n')
91		io.write(sess.pkg_report_full())
92		io.write('--- LINTING REPORTS ---\n')
93		print_lints(sess)
94	elseif checkonly then
95		print_lints(sess)
96	elseif pkgonly then
97		io.write(sess.pkg_report_simple(dcount, dsize, {
98			fuid and sess.pkg_issetuid or nil,
99			fgid and sess.pkg_issetgid or nil,
100			fid and sess.pkg_issetid or nil
101		}))
102	else
103		io.stderr:write('This text should not be displayed.')
104		usage()
105	end
106end
107
108--- @param man boolean
109function usage(man)
110	local sn = 'Usage: '..arg[0].. ' [-h] [-a | -c | -p [-count] [-size] [-f...]] [-W...] metalog-path \n'
111	if man then
112		io.write('\n')
113		io.write(sn)
114		io.write(
115[[
116
117The script reads METALOG file created by pkgbase (make packages) and generates
118reports about the installed system and issues.  It accepts an mtree file in a
119format that's returned by `mtree -c | mtree -C`
120
121  Options:
122  -a         prints all scan results. this is the default option if no option
123             is provided.
124  -c         lints the file and gives warnings/errors, including duplication
125             and conflicting metadata
126      -Wcheck-notagdir    entries with dir type and no tags will be also
127                          included the first time they appear
128  -p         list all package names found in the file as exactly specified by
129             `tags=package=...`
130      -count       display the number of files of the package
131      -size        display the size of the package
132      -fsetgid     only include packages with setgid files
133      -fsetuid     only include packages with setuid files
134      -fsetid      only include packages with setgid or setuid files
135  -v          verbose mode
136  -h          help page
137
138]])
139		os.exit()
140	else
141		io.stderr:write(sn)
142		os.exit(1)
143	end
144end
145
146--- @param sess Analysis_session
147function print_lints(sess)
148	local dupwarn, duperr = sess.dup_report()
149	io.write(dupwarn)
150	io.write(duperr)
151	local inodewarn, inodeerr = sess.inode_report()
152	io.write(inodewarn)
153	io.write(inodeerr)
154end
155
156--- @param t table
157function sortedPairs(t)
158	local sortedk = {}
159	for k in next, t do sortedk[#sortedk+1] = k end
160	table.sort(sortedk)
161	local i = 0
162	return function()
163		i = i + 1
164		return sortedk[i], t[sortedk[i]]
165	end
166end
167
168--- @param t table <T, U>
169--- @param f function <U -> U>
170function table_map(t, f)
171	local res = {}
172	for k, v in pairs(t) do res[k] = f(v) end
173	return res
174end
175
176--- @class MetalogRow
177-- a table contaning file's info, from a line content from METALOG file
178-- all fields in the table are strings
179-- sample output:
180--	{
181--		filename = ./usr/share/man/man3/inet6_rthdr_segments.3.gz
182--		lineno = 5
183--		attrs = {
184--			gname = 'wheel'
185--			uname = 'root'
186--			mode = '0444'
187--			size = '1166'
188--			time = nil
189--			type = 'file'
190--			tags = 'package=clibs,debug'
191--		}
192--	}
193--- @param line string
194function MetalogRow(line, lineno)
195	local res, attrs = {}, {}
196	local filename, rest = line:match('^(%S+) (.+)$')
197	-- mtree file has space escaped as '\\040', not affecting splitting
198	-- string by space
199	for attrpair in rest:gmatch('[^ ]+') do
200		local k, v = attrpair:match('^(.-)=(.+)')
201		attrs[k] = v
202	end
203	res.filename = filename
204	res.linenum = lineno
205	res.attrs = attrs
206	return res
207end
208
209-- check if an array of MetalogRows are equivalent. if not, the first field
210-- that's different is returned secondly
211--- @param rows MetalogRow[]
212--- @param ignore_name boolean
213--- @param ignore_tags boolean
214function metalogrows_all_equal(rows, ignore_name, ignore_tags)
215	local __eq = function(l, o)
216		if not ignore_name and l.filename ~= o.filename then
217			return false, 'filename'
218		end
219		-- ignoring linenum in METALOG file as it's not relavant
220		for k in pairs(l.attrs) do
221			if ignore_tags and k == 'tags' then goto continue end
222			if l.attrs[k] ~= o.attrs[k] and o.attrs[k] ~= nil then
223				return false, k
224			end
225			::continue::
226		end
227		return true
228	end
229	for _, v in ipairs(rows) do
230		local bol, offby = __eq(v, rows[1])
231		if not bol then return false, offby end
232	end
233	return true
234end
235
236--- @param tagstr string
237function pkgname_from_tag(tagstr)
238	local ext, pkgname, pkgend = '', '', ''
239	for seg in tagstr:gmatch('[^,]+') do
240		if seg:match('package=') then
241			pkgname = seg:sub(9)
242		elseif seg == 'development' or seg == 'profile'
243			or seg == 'debug' or seg == 'docs' then
244			pkgend = seg
245		else
246			ext = ext == '' and seg or ext..'-'..seg
247		end
248	end
249	pkgname = pkgname
250		..(ext == '' and '' or '-'..ext)
251		..(pkgend == '' and '' or '-'..pkgend)
252	return pkgname
253end
254
255--- @class Analysis_session
256--- @param metalog string
257--- @param verbose boolean
258--- @param w_notagdirs boolean turn on to also check directories
259function Analysis_session(metalog, verbose, w_notagdirs)
260	local files = {} -- map<string, MetalogRow[]>
261	-- set is map<elem, bool>. if bool is true then elem exists
262	local pkgs = {} -- map<string, set<string>>
263	----- used to keep track of files not belonging to a pkg. not used so
264	----- it is commented with -----
265	-----local nopkg = {} --            set<string>
266	--- @public
267	local swarn = {}
268	--- @public
269	local serrs = {}
270
271	-- returns number of files in package and size of package
272	-- nil is  returned upon errors
273	--- @param pkgname string
274	local function pkg_size(pkgname)
275		local filecount, sz = 0, 0
276		for filename in pairs(pkgs[pkgname]) do
277			local rows = files[filename]
278			-- normally, there should be only one row per filename
279			-- if these rows are equal, there should be warning, but it
280			-- does not affect size counting. if not, it is an error
281			if #rows > 1 and not metalogrows_all_equal(rows) then
282				return nil
283			end
284			local row = rows[1]
285			if row.attrs.type == 'file' then
286				sz = sz + tonumber(row.attrs.size)
287			end
288			filecount = filecount + 1
289		end
290		return filecount, sz
291	end
292
293	--- @param pkgname string
294	--- @param mode number
295	local function pkg_ismode(pkgname, mode)
296		for filename in pairs(pkgs[pkgname]) do
297			for _, row in ipairs(files[filename]) do
298				if tonumber(row.attrs.mode, 8) & mode ~= 0 then
299					return true
300				end
301			end
302		end
303		return false
304	end
305
306	--- @param pkgname string
307	--- @public
308	local function pkg_issetuid(pkgname)
309		return pkg_ismode(pkgname, 2048)
310	end
311
312	--- @param pkgname string
313	--- @public
314	local function pkg_issetgid(pkgname)
315		return pkg_ismode(pkgname, 1024)
316	end
317
318	--- @param pkgname string
319	--- @public
320	local function pkg_issetid(pkgname)
321		return pkg_issetuid(pkgname) or pkg_issetgid(pkgname)
322	end
323
324	-- sample return:
325	-- { [*string]: { count=1, size=2, issetuid=true, issetgid=true } }
326	local function pkg_report_helper_table()
327		local res = {}
328		for pkgname in pairs(pkgs) do
329			res[pkgname] = {}
330			res[pkgname].count,
331			res[pkgname].size = pkg_size(pkgname)
332			res[pkgname].issetuid = pkg_issetuid(pkgname)
333			res[pkgname].issetgid = pkg_issetgid(pkgname)
334		end
335		return res
336	end
337
338	-- returns a string describing package scan report
339	--- @public
340	local function pkg_report_full()
341		local sb = {}
342		for pkgname, v in sortedPairs(pkg_report_helper_table()) do
343			sb[#sb+1] = 'Package '..pkgname..':'
344			if v.issetuid or v.issetgid then
345				sb[#sb+1] = ''..table.concat({
346					v.issetuid and ' setuid' or '',
347					v.issetgid and ' setgid' or '' }, '')
348			end
349			sb[#sb+1] = '\n  number of files: '..(v.count or '?')
350				..'\n  total size: '..(v.size or '?')
351			sb[#sb+1] = '\n'
352		end
353		return table.concat(sb, '')
354	end
355
356	--- @param have_count boolean
357	--- @param have_size boolean
358	--- @param filters function[]
359	--- @public
360	-- returns a string describing package size report.
361	-- sample: "mypackage 2 2048"* if both booleans are true
362	local function pkg_report_simple(have_count, have_size, filters)
363		filters = filters or {}
364		local sb = {}
365		for pkgname, v in sortedPairs(pkg_report_helper_table()) do
366			local pred = true
367			-- doing a foldl to all the function results with (and)
368			for _, f in pairs(filters) do pred = pred and f(pkgname) end
369			if pred then
370				sb[#sb+1] = pkgname..table.concat({
371					have_count and (' '..(v.count or '?')) or '',
372					have_size and (' '..(v.size or '?')) or ''}, '')
373					..'\n'
374			end
375		end
376		return table.concat(sb, '')
377	end
378
379	-- returns a string describing duplicate file warnings,
380	-- returns a string describing duplicate file errors
381	--- @public
382	local function dup_report()
383		local warn, errs = {}, {}
384		for filename, rows in sortedPairs(files) do
385			if #rows == 1 then goto continue end
386			local iseq, offby = metalogrows_all_equal(rows)
387			if iseq then -- repeated line, just a warning
388				warn[#warn+1] = 'warning: '..filename
389					..' repeated with same meta: line '
390					..table.concat(
391						table_map(rows, function(e) return e.linenum end), ',')
392				warn[#warn+1] = '\n'
393			elseif not metalogrows_all_equal(rows, false, true) then
394			-- same filename (possibly different tags), different metadata, an error
395				errs[#errs+1] = 'error: '..filename
396					..' exists in multiple locations and with different meta: line '
397					..table.concat(
398						table_map(rows, function(e) return e.linenum end), ',')
399					..'. off by "'..offby..'"'
400				errs[#errs+1] = '\n'
401			end
402			::continue::
403		end
404		return table.concat(warn, ''), table.concat(errs, '')
405	end
406
407	-- returns a string describing warnings of found hard links
408	-- returns a string describing errors of found hard links
409	--- @public
410	local function inode_report()
411		-- obtain inodes of filenames
412		local attributes = require('lfs').attributes
413		local inm = {} -- map<number, string[]>
414		local unstatables = {} -- string[]
415		for filename in pairs(files) do
416			-- i only took the first row of a filename,
417			-- and skip links and folders
418			if files[filename][1].attrs.type ~= 'file' then
419				goto continue
420			end
421			-- make ./xxx become /xxx so that we can stat
422			filename = filename:sub(2)
423			local fs = attributes(filename)
424			if fs == nil then
425				unstatables[#unstatables+1] = filename
426				goto continue
427			end
428			local inode = fs.ino
429			inm[inode] = inm[inode] or {}
430			-- add back the dot prefix
431			table.insert(inm[inode], '.'..filename)
432			::continue::
433		end
434
435		local warn, errs = {}, {}
436		for _, filenames in pairs(inm) do
437			if #filenames == 1 then goto continue end
438			-- i only took the first row of a filename
439			local rows = table_map(filenames, function(e)
440				return files[e][1]
441			end)
442			local iseq, offby = metalogrows_all_equal(rows, true, true)
443			if not iseq then
444				errs[#errs+1] = 'error: '
445					..'entries point to the same inode but have different meta: '
446					..table.concat(filenames, ',')..' in line '
447					..table.concat(
448						table_map(rows, function(e) return e.linenum end), ',')
449					..'. off by "'..offby..'"'
450				errs[#errs+1] = '\n'
451			end
452			::continue::
453		end
454
455		if #unstatables > 0 then
456			warn[#warn+1] = verbose and
457				'note: skipped checking inodes: '..table.concat(unstatables, ',')..'\n'
458				or
459				'note: skipped checking inodes for '..#unstatables..' entries\n'
460		end
461
462		return table.concat(warn, ''), table.concat(errs, '')
463	end
464
465	do
466	local fp, errmsg, errcode = io.open(metalog, 'r')
467	if fp == nil then
468		io.stderr:write('cannot open '..metalog..': '..errmsg..': '..errcode..'\n')
469		os.exit(1)
470	end
471
472	-- scan all lines and put file data into the dictionaries
473	local firsttimes = {} -- set<string>
474	local lineno = 0
475	for line in fp:lines() do
476		-----local isinpkg = false
477		lineno = lineno + 1
478		-- skip lines begining with #
479		if line:match('^%s*#') then goto continue end
480		-- skip blank lines
481		if line:match('^%s*$') then goto continue end
482
483		local data = MetalogRow(line, lineno)
484		-- entries with dir and no tags... ignore for the first time
485		if not w_notagdirs and
486			data.attrs.tags == nil and data.attrs.type == 'dir'
487			and not firsttimes[data.filename] then
488			firsttimes[data.filename] = true
489			goto continue
490		end
491
492		files[data.filename] = files[data.filename] or {}
493		table.insert(files[data.filename], data)
494
495		if data.attrs.tags ~= nil then
496			pkgname = pkgname_from_tag(data.attrs.tags)
497			pkgs[pkgname] = pkgs[pkgname] or {}
498			pkgs[pkgname][data.filename] = true
499			------isinpkg = true
500		end
501		-----if not isinpkg then nopkg[data.filename] = true end
502		::continue::
503	end
504
505	fp:close()
506	end
507
508	return {
509		warn = swarn,
510		errs = serrs,
511		pkg_issetuid = pkg_issetuid,
512		pkg_issetgid = pkg_issetgid,
513		pkg_issetid = pkg_issetid,
514		pkg_report_full = pkg_report_full,
515		pkg_report_simple = pkg_report_simple,
516		dup_report = dup_report,
517		inode_report = inode_report
518	}
519end
520
521main(arg)
522