Merge pull request #1324 from scabrero/fix-permctl-verifyscript

SUIDPermissionsCheck: Check for permctl instead of chkstat

Author: danigm

rpmlint/checks/SUIDPermissionsCheck.py

@@ -81,7 +81,8 @@ def _check_post_scriptlets(self, pkg, path, need_verifyscript):
             found = False
             if script:
                 for line in script.split('\n'):
-                    if '/chkstat' in line and path in line:
+                    escaped = re.escape(path)
+                    if re.search(fr'(chkstat|permctl) -n .* {escaped}', line):
                         found = True
                         break
 

test/test_suid_permissions.py

@@ -155,6 +155,11 @@ def test_permissions_d(tmp_path, package, permissions_check):
   if [ -x /usr/bin/permctl ]; then \
     /usr/bin/permctl -n --set --system /var/lib/perms/test || : \
   fi \
+""",
+        'VERIFYSCRIPT': """
+  if [ -x /usr/bin/permctl ]; then \
+    /usr/bin/permctl -n --set --system /var/lib/perms/test || : \
+  fi \
 """,
     },
 )
@@ -164,6 +169,11 @@ def test_permissions_d(tmp_path, package, permissions_check):
   if [ -x /usr/bin/chkstat ]; then \
     /usr/bin/chkstat -n --set --system /var/lib/perms/test || : \
   fi \
+""",
+        'VERIFYSCRIPT': """
+  if [ -x /usr/bin/chkstat ]; then \
+    /usr/bin/chkstat -n --set --system /var/lib/perms/test || : \
+  fi \
 """,
     },
 )
@@ -175,3 +185,4 @@ def test_permissions_permctl(package, permissions_check):
     test.check(package)
     out = output.print_results(output.results)
     assert 'permissions-missing-postin' not in out
+    assert 'permissions-missing-verifyscript' not in out