Thanks a lot for your response and the fixes.
I finally got some time and reran cruft at the new version:
---- missing: dpkg ----
/usr/lib/x86_64-linux-gnu/gio
/usr/lib/x86_64-linux-gnu/gio/modules
I reported it here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852549
---- unexplained: sys-fs-selinux ----
/sys/fs/selinux
/sys/fs/selinux/access
/sys/fs/selinux/avc
Could you ignore selinuxfs and tracefs, e.g. in /usr/lib/cruft/common_legacy.sh?
---- unexplained: / ----
/etc/apt/listchanges.conf
apt-listchanges does not list this file, it creates it in its postinst
script, can you 'explain' this file?
---- broken symlinks: / ----
/etc/mtab
I think cruft reports this because the target ../proc/self/mounts is
not indexed.
Would it make sense to check before reporting if the target exists on
the actual system?
Best Regards,
Christian Göttsche
2017-01-08 12:02 GMT+01:00 Alexandre Detiste <alexandre.deti...@gmail.com>:
> control: tag -1 +pending
>
> Hi,
>
> Thank you very much for this bug repport.
> Sometimes I do install random package in order to add support
> for those in cruft, but I'm not really interrested in trying out SElinux
> myself.
>
> Most of your proposed changes are already implemented:
> https://github.com/a-detiste/cruft/commits/master
>
>
>
>> policycoreutils.explain
>> ===========================================
>> #!/bin/sh
>> echo /etc/selinux/config
>> echo /usr/sbin/load_policy
>
> I tend to avoid extra simple "explain" scripts like this one
> and instead use a filter.
> Reason: avoid starting yet an extra sub-shell to run a two-lines script.
>
>
>> selinux-policy-default.explain
>> ===========================================
>> #!/usr/bin/env python3
>
> I do tend to use Python3 as my language of choice;
> but I inherited cruft from someone else and for now
> the current dependencies are bash + perl and
> I don't want to add other ones if possible.
>
>
>> print('/etc/selinux/default/contexts/files/file_contexts')
>> print('/etc/selinux/default/contexts/files/file_contexts.bin')
>> print('/etc/selinux/default/contexts/files/file_contexts.homedirs')
>> print('/etc/selinux/default/contexts/files/file_contexts.homedirs.bin')
>> print('/etc/selinux/default/seusers')
>
> I already translated all these print() lines into a filter.
>
>
>> pattern = re.compile('^(\d+)\s+([a-z0-9_]+)\s+(pp|cil)\s*(disabled)?$')
>> cp = subprocess.run(['/usr/sbin/semodule', '--list-modules=full',
>> '--store', 'default'], stdout=subprocess.PIPE,
>> stderr=subprocess.STDOUT, universal_newlines=True, check=True)
>> for line in cp.stdout.splitlines():
>
> Please rewrite this in bash or perl & I'll upload a new version.
>
>
>> apt-listchanges.filter
>> ===========================================
>> /usr/share/apt-listchanges/__pycache__
>> /usr/share/apt-listchanges/__pycache__/*.pyc
>
> I never see these .pyc files because I don't use cruft that much anymore,
> but my own cruft-ng rewrite; which has a special heuristic for those.
>
> https://github.com/a-detiste/cruft-ng/commit/789a2c26f9b9b2a8d46186be3981165be0154f74
>
> Reason of rewrite: mostly everything run in a single C++ process
> instead of runnign hundreds of shell scripts => much faster.
> (but not yet feature-complete versus old cruft)
>
>
>> /var/lib/apt/listchanges.db
> This was already there.
>
> https://github.com/a-detiste/cruft/blame/master/filters-unex/apt-listchanges
>
>
>> ---- missing: dpkg ----
>> # i do not know why they are mssing, reinstalling libglib2.0-0
>> # gcc bugs?
>> does not help
>> /usr/lib/x86_64-linux-gnu/gio
>> /usr/lib/x86_64-linux-gnu/gio/modules
>
> Sometimes packages have those weird bugs.
> Sometimes I like to spend hours trying to figure out why...
> sometimes not.
>
>> ---- unexplained: / ----
>> # i think these two are from the installation process?
>> /etc/apt/apt.conf.d/00CDMountPoint
>> /etc/apt/apt.conf.d/00trustcdrom
>
> I guess most people would rather delete these files after seeing those
> once in cruft report. Mine were from 2002.
>
>> # my custom configuration files
>> /etc/apt/apt.conf.d/01aptcacher
>> /etc/apt/apt.conf.d/10periodic
> You can also deploy those with a custom .deb accross all your hosts,
> then they doesn't come up anymore.
> Example: https://github.com/a-detiste/detiste
>
>> # apt listchanges conf, should be handled by explain script?
>> /etc/apt/listchanges.conf
> It's already there too (?!)
> Maybe cruft thinks apt-listchanges is not installed while it really is ?!
>
>
>> # do not know what do to about these two
>>
>> /tmp/systemd-private-7b3b2461cf5840c8986a3827beef6b31-systemd-timesyncd.service-l1BCT8
>>
>> /tmp/systemd-private-7b3b2461cf5840c8986a3827beef6b31-systemd-timesyncd.service-l1BCT8/tmp
>
> I'd just wholy ignore /tmp (& /run, & /home too).
> That's what cruft-ng does.
>
>> # stamp file from apt.daily script, should be handled by filter?
>> /var/lib/apt/periodic/clean-stamp
> Thanks, added
>
>
> Alexandre Detiste
