Diagnosis: report usage of backports repository in apt's sources.list

2024-09-03 20:06:10 +02:00 · 2020-10-31 19:14:33 +01:00 · 2020-10-31 19:14:33 +01:00 · a5b282e5c6
commit a5b282e5c6
parent 7aa3ff5255
2 changed files with 11 additions and 0 deletions
--- a/data/hooks/diagnosis/00-basesystem.py
+++ b/data/hooks/diagnosis/00-basesystem.py
@ -92,6 +92,11 @@ class BaseSystemDiagnoser(Diagnoser):
                       summary="diagnosis_package_installed_from_sury",
                       details=["diagnosis_package_installed_from_sury_details"])

+        if self.backports_in_sources_list():
+            yield dict(meta={"test": "backports_in_sources_list"},
+                       status="WARNING",
+                       summary="diagnosis_backports_in_sources_list")
+
    def bad_sury_packages(self):

        packages_to_check = ["openssl", "libssl1.1", "libssl-dev"]
@ -105,6 +110,11 @@ class BaseSystemDiagnoser(Diagnoser):
            version_to_downgrade_to = check_output(cmd)
            yield (package, version_to_downgrade_to)

+    def backports_in_sources_list(self):
+
+        cmd = "grep -q -nr '^ *deb .*-backports' /etc/apt/sources.list*"
+        return os.system(cmd) == 0
+
    def is_vulnerable_to_meltdown(self):
        # meltdown CVE: https://security-tracker.debian.org/tracker/CVE-2017-5754

--- a/locales/en.json
+++ b/locales/en.json
@ -147,6 +147,7 @@
    "diagnosis_basesystem_ynh_single_version": "{package} version: {version} ({repo})",
    "diagnosis_basesystem_ynh_main_version": "Server is running YunoHost {main_version} ({repo})",
    "diagnosis_basesystem_ynh_inconsistent_versions": "You are running inconsistent versions of the YunoHost packages... most probably because of a failed or partial upgrade.",
+    "diagnosis_backports_in_sources_list": "It looks like apt (the package manager) is configured to use the backports repository. Unless you really know what you are doing, we strongly discourage from installing packages from backports, because it's likely to create unstabilities or conflicts on your system.",
    "diagnosis_package_installed_from_sury": "Some system packages should be downgraded",
    "diagnosis_package_installed_from_sury_details": "Some packages were inadvertendly installed from a third-party repository called Sury. The Yunohost team improved the strategy that handle these packages, but it's expected that some setups that installed PHP7.3 apps while still on Stretch have some remaining inconsistencies. To fix this situation, you should try running the following command: <cmd>{cmd_to_fix}</cmd>",
    "diagnosis_display_tip": "To see the issues found, you can go to the Diagnosis section of the webadmin, or run 'yunohost diagnosis show --issues' from the command-line.",