The rpmlint output of the policycoreutils package on OBS contains the following error:

policycoreutils-newrole.x86_64: E: no-binary
The package should be of the noarch architecture because it doesn't contain any binaries.

However the package in question actually contains a binary:

$ rpm -ql policycoreutils-newrole-3.5-0.x86_64.rpm
/usr/bin/newrole
...
$ file /usr/bin/newrole
/usr/bin/newrole: setuid ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a025de34dd7dd74d58fd8a84f44df455ad95d4d2, for GNU/Linux 3.2.0, stripped

So in this case the no-binary error seems to be just plain wrong.

Ok, I've been debugging this problem and looks like it's failing because the file has the following magic:

'setuid ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a025de34dd7dd74d58fd8a84f44df455ad95d4d2, for GNU/Linux 3.2.0, stripped'

And in the BinaryCheck we're checking if starts with 'ELF'

In this case it has the setuid at the beginning, that's why it's giving that answer. But if this is correct, we just need to look for ELF in the magic line, no matter the position. But I'm not really sure if that could be correct, it's correct to have files that are not plain ELF? For me this looks correct, indeed it's a binary so the no-binary error message shouldn't be shown.

It seems like starting with ELF is still ok in the general case, and probably there are just some special qualifiers prepended (e.g. setuid or I imagine setgid or something else). I can't find an authoritative reference on the format of the magic string however

Okay, I've modified my PR to look for ELF as the first or second word in the magic string. That's more flexible and will fix this issue and it's not as generic as just check if the ELF word appears in the whole string.