Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
Portage has this really great feature-file that's often overlooked which
can be used in almost unlimited ways to customize your gentoo linux
install or preform tasks that you would otherwise have to open a bug
for. Sometimes your bug may not even be appropriate or suited for the
masses. But thankfully there is bashrc to the rescue.
quoting from the manpage:
"If needed this file can be used to setup a different environment for
ebuilds than the root environment. Syntax is the
same as any other bash script."
Ok sounds good lets take it for a drive.....
Yada yada crunch etc and stuff...
About a week later here..
Ok so now I want to share an example which I'm now using on my own box
which have made my life easier.. these examples require bash3 but that
easy enough to backport.
------------------------------------------------------------------------
Per package CFLAGS
/etc/portage/package.cflags
Like many others I'm always fighting for space. I want some
optimizations on some packages but not the same optimizations on others
and portage has no way to handle this currently and I got tired of
waiting for package.env so I wrote a simple way to handle cflags on a
per package or category basis. (this is what started it all)
------------------------------------------------------------------------
I've seen alot of people ask about this feature.
Never knew why it does not exists. None the less here you go.
FEATURES="distclean"
This feature will automatically remove files that portage downloads to
$DISTDIR based on what's defined in an ebuilds SRC_URI.
In one of the final ebuild phases of ebuild.sh (postinst) we check that
file exists and is a regular file then that the user (me) has
FEATURES="distclean" defined and all conditions are met we simply remove
the file to save space/memory after we don't need it anymore.
-------------------------------------------------------------------------
# Source Based Auto Auditing Features.
These two features for people who have nothing better to do that look
for flaws in packages via portage semi automatically.
This feature should not be used by people who have no clue what they are
doing.
FEATURES=flawfinder
Flawfinder searches through source code for potential security flaws,
listing potential security flaws sorted by risk, with the most
potentially dangerous flaws shown first. This risk level depends not
only on the function, but on the values of the parameters of the
function.
Flawfinder can only process .c / .cpp files.
FEATURES=rats
This feature is a lot like flawfinder. Only it can process c/cpp/php/pl
vs flawfinder c/cpp. Each auditing tool each has it's own advantages and
disadvantages.
If FEATURE_AUDIT_LOGPATH is found in the environment then we will save
the audit logs to the dir defined by that variable.
To use either one of these you must have rats || flawfinder installed
accordingly.
------------------------------------------------------------------------
This code is all experimental and if it does not work for you, breaks
something or you think my bash sucks I really don't care. I just wanted
to share the idea that with /etc/portage/bashrc you can do some really
cool things.
-enjoy
--
Ned Ludd <solar@g.o>
Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer
|
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
# - /etc/portage/bashrc
if [ "$0" = "/usr/lib/portage/bin/ebuild.sh" -o "$0" = "/usr/lib/portage/bin/ebuild-daemon.sh" ]; then
if [ "${DEBUG}" != "" ]; then
echo ----------------------------------------------------
echo \$_=$_
echo \$\*=$*
echo \$@=$@
echo PORTDIR=$PORTDIR
echo CATEGORY=$CATEGORY
echo PN=$PN
echo PV=$PV
echo PR=$PR
echo PF=$PF
echo P=$P
echo USER=$USER
echo HOME=$HOME
echo PATH=${PATH}
echo LD_PRELOAD=${LD_PRELOAD}
echo ----------------------------------------------------
fi
eecho() {
[ "$NOCOLOR" = "false" ] && echo -ne '\e[1;34m>\e[1;36m>\e[1;35m>\e[0m ' || echo -n ">>> "
echo "$*"
}
package-pre-compile() {
local i af1 af2 flaws audit line s_files
local save_pwd=$PWD
PATH=$PATH:/usr/sbin:/usr/bin:/bin:/sbin
echo "FEATURES=$FEATURES"
cd ${S} || return 0
[ -z "${FEATURE_AUDIT_LOGPATH}" ] && export FEATURE_AUDIT_LOGPATH="/var/log/ebuildaudit"
addwrite ${FEATURE_AUDIT_LOGPATH}
for audit in flawfinder rats; do
if [ "`has ${audit} ${FEATURES}`" != "" -a -x /usr/bin/${audit} ]; then
flaws=""
case "${audit}" in
flawfinder)
s_files="`find ${S} -name '*.c' -o -name '*.cpp'`"
[ -z "${FEATURE_FLAWFINDER_MINLEVEL}" ] && export FEATURE_FLAWFINDER_MINLEVEL=5
;;
rats)
s_files="`/usr/bin/find ${S} -name '*.c' -o -name '*.cpp' -o -name '*.php' -o -name '*.pl'`"
[ -z "${FEATURE_RATS_WARNLEVEL}" ] && export FEATURE_RATS_WARNLEVEL=1
;;
*) : ;;
esac
if [ -n "$s_files" ]; then
s_count=`echo ${s_files} | tr ' ' '\n' | wc -l | awk '{print $1}'`
eecho "Running ${audit} on [$s_count] files"
flaws=""
[ "${audit}" == "flawfinder" ] &&
flaws=$(/usr/bin/flawfinder --quiet --dataonly --minlevel=${FEATURE_FLAWFINDER_MINLEVEL} ${s_files})
[ "${audit}" == "rats" ] &&
flaws=$(/usr/bin/rats --quiet --resultsonly --warning ${FEATURE_RATS_WARNLEVEL} ${s_files})
if [ -n "$flaws" ]; then
line="------------------------------------------------------------------------"
i=5;echo;while [ $i != 0 ]; do echo -ne ".\a" ; sleep 0.25 ; i=$(($i - 1)) ; done ;echo
echo ${line}
ewarn "${audit} report for ${PN} on $(date -u)"
echo ${line} ; echo -e "${flaws}" ; echo ${line}
i=5;echo;while [ $i != 0 ]; do echo -ne ".\a" ; sleep 0.25 ; i=$(($i - 1)) ; done ;echo
if [ -d "${FEATURE_AUDIT_LOGPATH}" ]; then
af1="${FEATURE_AUDIT_LOGPATH}/${PN}-${PV}_${audit}"
af2="${FEATURE_AUDIT_LOGPATH}/${audit}.log"
> $af1
for a in $af1 $af2 ; do
eecho "Saving audit data to $a"
echo ${line} >> ${a}
echo " * ${audit} report for ${PN} on $(date -u)" >> ${a}
echo ${line} >> ${a}
echo -e "${flaws}" >> ${a}
echo ${line} >> ${a}
done
fi
fi
fi
fi
done
cd ${save_pwd}
}
package-distdir-clean() {
local a x
for a in ${FEATURES} ; do
if [ "$a" = "distclean" ]; then
for x in ${SRC_URI}; do
x=$(/bin/basename $x)
if [[ -f $DISTDIR/$x ]]; then
size="$(/bin/ls -lh ${DISTDIR}/${x} | /bin/awk '{print $5}')"
eecho "All done with ${x} Removing it to save ${size}"
/bin/rm ${DISTDIR}/${x}
fi
done
fi
done
}
append-cflags() {
export CFLAGS="${CFLAGS} $*"
export CXXFLAGS="${CXXFLAGS} $*"
return 0
}
package-cflags() {
local target flags flag i;
# bail if file does not exist or is not readable.
[ -r ${ROOT}/etc/portage/package.cflags ] || return 0
# need bash >= 3
if [ "${BASH_VERSINFO[0]}" -le 2 ]; then
eecho "Need bash3 for this bashrc script to work"
return 0
fi
while read -a target; do
if [[ ${target[@]%%#*} ]]; then
# valid syntax no >=<! operators
# category CFLAGS
# category/packagename CFLAGS
if [[ ${target%%#*} && ${target%% *} =~ "^(${CATEGORY}|${CATEGORY}/${PN})\>" ]]; then
skip=0
if [[ ${target} != ${CATEGORY} ]] ; then
if [[ ${target} != ${CATEGORY}/${PN} ]] ; then
skip=1
fi
fi
if [ "${skip}" == 0 ] ; then
flags=(${target[@]:1})
if [[ ${flags[@]} =~ 'CFLAGS' ]]; then
for (( i = 0; i < ${#flags[@]}; i++ )); do
if [[ ${flags[$i]} =~ 'CFLAGS' ]]; then
appened-cflags $(eval echo "${flags[$i]}")
unset flags[$i]
fi
done
fi
for flag in ${flags[@]}; do
if [[ ${CFLAGS} =~ ${flag} ]]; then
continue 1
else
append-cflags "${flag}"
fi
done
export -n C{,XX}FLAGS
eecho "Using package.cflags entry for target ${target} for ${CATEGORY}/${PN}"
fi
fi
fi
done < ${ROOT}/etc/portage/package.cflags
}
case "$*" in
# stay really quiet here.
depend) : ;;
*)
if [ "${LD_PRELOAD##*/}" = "libsandbox.so" ]; then
[ "$NOCOLOR" = "false" ] && i=$(echo -ne '\e[1;32m+\e[0m') || i="+"
else
[ "$NOCOLOR" = "false" ] && i=$(echo -ne '\e[1;31m-\e[0m') || i="-"
fi
eecho "$USER ${i}sandbox($*)"
package-cflags
[ "$*" = "postinst" ] && package-distdir-clean
[ "$*" = "compile" ] && package-pre-compile
;;
esac
else
echo "This bashrc does not know anything about $0"
fi
|
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
# - /etc/portage/package.cflags
##############
# Important: #
##############
# >=dev-blah/blah syntax is not supported by this files.
# We can take individual category names
# Or we can take individual ebuild names
#
##############
# CATEGORIES #
##############
app-editors -Os
sys-apps -Os
sys-fs -Os
dev-libs -O1
net-misc -O2
net-www -O2
sys-boot -fno-stack-protector-all
sys-libs -O1
sys-devel -Os
gnome-base -Wl,-O1
gnome-extra -Wl,-O1
media-libs -O1
x11-misc -Wl,-O1
x11-wm -Wl,-O1
#################
# PACKAGE NAMES #
#################
net-www/mozilla -O3 -Wl,-01
sys-apps/chpax -O1
sys-apps/paxctl -O1
mail-client/evolution -Wl,-O1
media-video/mplayer -O3 -mno-sse2 -fno-stack-protector -fno-stack-protector-all
|
| Attachment: |
|
signature.asc (This is a digitally signed message part)
|
|
