1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
#!/usr/bin/python
import argparse
import os
import pwd
import subprocess
import sys
import tempfile
from jinja2 import Template
def get_full_name():
full_name = os.getenv('DEBFULLNAME')
if full_name:
return full_name.decode('utf-8')
return pwd.getpwuid(os.getuid()).pw_gecos.split(',')[0].decode('utf-8')
def get_source_field(pkg, name):
# XXX: retrieve data in a more reliable way
cmd = 'apt-cache showsrc {}|grep ^{}:|tail -n 1'.format(
pkg, name.capitalize())
output = subprocess.check_output(cmd, shell=True).strip()
if output:
return output.decode('utf-8').split(': ')[1]
return ''
def get_maintainer(pkg):
return get_source_field(pkg, 'Maintainer')
def get_uploaders(pkg):
return get_source_field(pkg, 'Uploaders')
# Parse command line
parser = argparse.ArgumentParser(
description='Get in touch with package maintainers')
parser.add_argument('--force', action='store_true',
help='Ignore safety checks')
parser.add_argument('--lts', action='store_true',
help='Act as a member of the LTS team')
parser.add_argument('--no-dsa', dest='no_dsa', action='store_true',
help='Say that issues are low severity (no need for DSA/DLA)')
parser.add_argument('--mailer', action='store', default='mutt -H {}',
help='Command executed. Must contain {} to be replaced '
'by the filename of the draft contact mail')
parser.add_argument('package')
parser.add_argument('cve', nargs='*')
args = parser.parse_args()
cc = 'debian-lts@lists.debian.org' if args.lts else 'team@security.debian.org'
team = 'lts' if args.lts else 'sec'
model = 'no-dsa' if args.no_dsa else 'update-planned'
template_file = 'templates/{}-{}.txt'.format(team, model)
# Basic check
instructions = "packages/{}.txt".format(args.package)
if os.path.exists(instructions) and not args.force:
print("Have a look at {}".format(instructions))
print("If you still want to run this script, run it with --force.")
sys.exit(1)
# Generate the context
# XXX: Once that 761859 is fixed, improve the logic here to:
# - retrieve the current list of CVE dynamically
# - check whether we should use the no-dsa variant of the template
# - check whether we have an open bug report, in which case we should
# include it in the recipients of the mail
context = {
'package': args.package,
'sender': get_full_name(),
'cve': args.cve,
'to': get_maintainer(args.package),
'cc': cc,
'uploaders': get_uploaders(args.package),
}
# Generate the mail
with open(template_file) as f:
template = Template(f.read().decode('utf-8'))
fd, filename = tempfile.mkstemp(prefix='contact-maintainers', suffix='.txt')
draft = os.fdopen(fd, 'w')
draft.write(template.render(context).encode('utf-8'))
draft.close()
os.system(args.mailer.format(filename))
os.unlink(filename)
|
