Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Fabian Groffen <grobian@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/portage:prefix commit in: /
Date: Sun, 28 Sep 2014 17:52:52
Message-Id: 1411926736.990c5f4896b309fdcaf1dbbb5779177ecfcf6e74.grobian@gentoo
1 commit: 990c5f4896b309fdcaf1dbbb5779177ecfcf6e74
2 Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
3 AuthorDate: Sun Sep 28 17:52:16 2014 +0000
4 Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
5 CommitDate: Sun Sep 28 17:52:16 2014 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=990c5f48
7
8 Merge remote-tracking branch 'overlays-gentoo-org/master' into prefix
9
10 Conflicts:
11 bin/ebuild-helpers/emake
12 bin/misc-functions.sh
13 bin/portageq
14 doc/Makefile
15 pym/_emerge/EbuildBuild.py
16 pym/portage/const.py
17 pym/portage/dbapi/vartree.py
18 pym/portage/package/ebuild/doebuild.py
19
20
21 .gitignore | 1 +
22 .travis.yml | 13 +
23 DEVELOPING | 22 +-
24 MANIFEST.in | 18 +
25 Makefile | 215 ------
26 NEWS | 27 +-
27 RELEASE-NOTES | 65 +-
28 bin/archive-conf | 4 +-
29 bin/binhost-snapshot | 4 +-
30 bin/chpathtool.py | 8 +-
31 bin/clean_locks | 4 +-
32 bin/deprecated-path | 28 +
33 bin/dispatch-conf | 4 +-
34 bin/ebuild | 4 +-
35 bin/ebuild-helpers/emake | 4 +-
36 bin/ebuild-helpers/xattr/install | 27 +-
37 bin/ebuild-ipc.py | 20 +-
38 bin/ebuild.sh | 131 ++--
39 bin/egencache | 4 +-
40 bin/emaint | 4 +-
41 bin/emerge | 14 +-
42 bin/emerge-webrsync | 4 +-
43 bin/env-update | 4 +-
44 bin/fixpackages | 4 +-
45 bin/glsa-check | 4 +-
46 bin/install-qa-check.d/05double-D | 17 +
47 bin/install-qa-check.d/05prefix | 118 +++
48 bin/install-qa-check.d/10executable-issues | 140 ++++
49 bin/install-qa-check.d/10ignored-flags | 99 +++
50 bin/install-qa-check.d/20deprecated-directories | 18 +
51 bin/install-qa-check.d/20runtime-directories | 26 +
52 bin/install-qa-check.d/60bash-completion | 130 ++++
53 bin/install-qa-check.d/60openrc | 41 ++
54 bin/install-qa-check.d/60pkgconfig | 15 +
55 bin/install-qa-check.d/60pngfix | 35 +
56 bin/install-qa-check.d/60systemd | 25 +
57 bin/install-qa-check.d/60udev | 21 +
58 bin/install-qa-check.d/80libraries | 167 +++++
59 bin/install-qa-check.d/80multilib-strict | 50 ++
60 bin/install-qa-check.d/90gcc-warnings | 168 +++++
61 bin/install-qa-check.d/90world-writable | 27 +
62 bin/misc-functions.sh | 800 +--------------------
63 bin/phase-functions.sh | 153 ++--
64 bin/phase-helpers.sh | 40 +-
65 bin/portageq | 339 +++++----
66 bin/quickpkg | 8 +-
67 bin/regenworld | 4 +-
68 bin/repoman | 32 +-
69 bin/save-ebuild-env.sh | 2 +-
70 bin/xattr-helper.py | 6 +-
71 cnf/sets/portage.conf | 5 +
72 doc/Makefile | 13 -
73 doc/fragment/version | 1 -
74 man/emerge.1 | 19 +-
75 man/repoman.1 | 4 +
76 misc/emerge-delta-webrsync | 4 +-
77 mkrelease.sh | 141 ----
78 pym/_emerge/Binpkg.py | 9 +-
79 pym/_emerge/EbuildBuild.py | 6 +-
80 pym/_emerge/FakeVartree.py | 4 +-
81 pym/_emerge/MiscFunctionsProcess.py | 6 +-
82 pym/_emerge/PackageMerge.py | 5 +-
83 pym/_emerge/Scheduler.py | 2 +-
84 pym/_emerge/UserQuery.py | 71 ++
85 pym/_emerge/actions.py | 60 +-
86 pym/_emerge/depgraph.py | 380 ++++++++--
87 pym/_emerge/main.py | 18 +-
88 pym/_emerge/post_emerge.py | 5 +-
89 pym/_emerge/resolver/output_helpers.py | 2 +-
90 pym/_emerge/resolver/package_tracker.py | 2 +-
91 pym/_emerge/sync/old_tree_timestamp.py | 12 +-
92 pym/_emerge/unmerge.py | 8 +-
93 pym/_emerge/userquery.py | 55 --
94 pym/portage/__init__.py | 16 +-
95 pym/portage/_emirrordist/FetchTask.py | 6 +-
96 pym/portage/_global_updates.py | 4 +-
97 pym/portage/_sets/dbapi.py | 85 ++-
98 pym/portage/cache/sqlite.py | 4 +-
99 pym/portage/const.py | 12 +-
100 pym/portage/dbapi/__init__.py | 6 +-
101 pym/portage/dbapi/vartree.py | 25 +-
102 pym/portage/dep/_slot_operator.py | 27 +-
103 pym/portage/dep/dep_check.py | 20 +-
104 pym/portage/dispatch_conf.py | 3 +-
105 pym/portage/emaint/main.py | 6 +-
106 pym/portage/emaint/module.py | 2 +-
107 pym/portage/emaint/modules/binhost/__init__.py | 8 +-
108 pym/portage/emaint/modules/config/__init__.py | 8 +-
109 pym/portage/emaint/modules/logs/__init__.py | 8 +-
110 pym/portage/emaint/modules/merges/__init__.py | 31 +
111 pym/portage/emaint/modules/merges/merges.py | 290 ++++++++
112 pym/portage/emaint/modules/move/__init__.py | 8 +-
113 pym/portage/emaint/modules/move/move.py | 5 +-
114 pym/portage/emaint/modules/resume/__init__.py | 6 +-
115 pym/portage/emaint/modules/world/__init__.py | 8 +-
116 pym/portage/exception.py | 4 +
117 pym/portage/localization.py | 7 +-
118 pym/portage/mail.py | 12 +-
119 pym/portage/news.py | 8 +-
120 pym/portage/output.py | 6 +-
121 pym/portage/package/ebuild/config.py | 17 +-
122 pym/portage/package/ebuild/doebuild.py | 9 +-
123 pym/portage/tests/__init__.py | 24 +-
124 .../date => pym/portage/tests/bin/__test__.py | 0
125 .../tests/{bin/__test__ => dbapi/__test__.py} | 0
126 pym/portage/tests/dbapi/test_portdb_cache.py | 23 +-
127 .../tests/{dbapi/__test__ => dep/__test__.py} | 0
128 .../tests/{dep/__test__ => ebuild/__test__.py} | 0
129 pym/portage/tests/ebuild/test_config.py | 71 +-
130 .../tests/{ebuild/__test__ => emerge/__test__.py} | 0
131 pym/portage/tests/emerge/test_emerge_slot_abi.py | 7 +-
132 pym/portage/tests/emerge/test_simple.py | 36 +-
133 .../tests/{emerge/__test__ => env/__test__.py} | 0
134 .../tests/env/{__test__ => config/__test__.py} | 0
135 .../{env/config/__test__ => glsa/__test__.py} | 0
136 pym/portage/tests/glsa/test_security_set.py | 3 +-
137 .../{glsa/__test__ => lafilefixer/__test__.py} | 0
138 .../__test__ => lazyimport/__test__.py} | 0
139 .../{lazyimport/__test__ => lint/__test__.py} | 0
140 pym/portage/tests/lint/test_compile_modules.py | 10 +-
141 pym/portage/tests/lint/test_import_modules.py | 8 +-
142 .../tests/{lint/__test__ => locks/__test__.py} | 0
143 .../tests/{locks/__test__ => news/__test__.py} | 0
144 .../tests/{news/__test__ => process/__test__.py} | 0
145 .../{process/__test__ => repoman/__test__.py} | 0
146 pym/portage/tests/repoman/test_simple.py | 8 +-
147 pym/portage/tests/resolver/ResolverPlayground.py | 59 +-
148 .../{repoman/__test__ => resolver/__test__.py} | 0
149 .../tests/resolver/test_autounmask_use_breakage.py | 63 ++
150 pym/portage/tests/resolver/test_or_choices.py | 73 ++
151 ...fied.py => test_slot_conflict_force_rebuild.py} | 56 +-
152 .../test_slot_conflict_unsatisfied_deep_deps.py | 115 +++
153 ...nsatisfied.py => test_slot_operator_rebuild.py} | 52 +-
154 .../resolver/test_slot_operator_required_use.py | 72 ++
155 ...test_solve_non_slot_operator_slot_conflicts.py} | 49 +-
156 pym/portage/tests/{runTests => runTests.py} | 0
157 .../{resolver/__test__ => sets/base/__test__.py} | 0
158 .../sets/{base/__test__ => files/__test__.py} | 0
159 .../sets/{files/__test__ => shell/__test__.py} | 0
160 .../{sets/shell/__test__ => unicode/__test__.py} | 0
161 .../tests/{unicode/__test__ => update/__test__.py} | 0
162 .../tests/{update/__test__ => util/__test__.py} | 0
163 pym/portage/tests/util/test_getconfig.py | 4 +-
164 .../tests/{util/__test__ => versions/__test__.py} | 0
165 pym/portage/tests/xpak/__test__ | 0
166 .../tests/{versions/__test__ => xpak/__test__.py} | 0
167 pym/portage/util/__init__.py | 3 +-
168 pym/portage/util/_eventloop/EventLoop.py | 8 +-
169 pym/portage/util/_eventloop/PollSelectAdapter.py | 6 +-
170 pym/repoman/checks.py | 16 -
171 runtests.sh | 8 +-
172 setup.py | 652 +++++++++++++++++
173 testpath | 11 +
174 153 files changed, 4118 insertions(+), 1920 deletions(-)
175
176 diff --cc bin/ebuild-helpers/emake
177 index 60286ec,4618053..dcb64a3
178 --- a/bin/ebuild-helpers/emake
179 +++ b/bin/ebuild-helpers/emake
180 @@@ -22,7 -22,7 +22,7 @@@ if [[ $PORTAGE_QUIET != 1 ]] ; the
181 ) >&2
182 fi
183
184 - ${MAKE:-make} SHELL="${BASH:-/bin/bash}" ${MAKEOPTS} ${EXTRA_EMAKE} "$@"
185 -${MAKE:-make} ${MAKEOPTS} "$@" ${EXTRA_EMAKE}
186 ++${MAKE:-make} SHELL="${BASH:-/bin/bash}" ${MAKEOPTS} "$@" ${EXTRA_EMAKE}
187 ret=$?
188 [[ $ret -ne 0 ]] && __helpers_die "${0##*/} failed"
189 exit $ret
190 diff --cc bin/install-qa-check.d/05prefix
191 index 0000000,e1fc2bd..32561e2
192 mode 000000,100644..100644
193 --- a/bin/install-qa-check.d/05prefix
194 +++ b/bin/install-qa-check.d/05prefix
195 @@@ -1,0 -1,117 +1,118 @@@
196 + # Prefix specific QA checks
197 +
198 + install_qa_check_prefix() {
199 + [[ ${ED} == ${D} ]] && return
200 +
201 + if [[ -d ${ED}/${D} ]] ; then
202 + find "${ED}/${D}" | \
203 + while read i ; do
204 + eqawarn "QA Notice: /${i##${ED}/${D}} installed in \${ED}/\${D}"
205 + done
206 + die "Aborting due to QA concerns: files installed in ${ED}/${D}"
207 + fi
208 +
209 + if [[ -d ${ED}/${EPREFIX} ]] ; then
210 + find "${ED}/${EPREFIX}/" | \
211 + while read i ; do
212 + eqawarn "QA Notice: ${i#${D}} double prefix"
213 + done
214 + die "Aborting due to QA concerns: double prefix files installed"
215 + fi
216 +
217 + if [[ -d ${D} ]] ; then
218 + INSTALLTOD=$(find ${D%/} | egrep -v "^${ED}" | sed -e "s|^${D%/}||" | awk '{if (length($0) <= length("'"${EPREFIX}"'")) { if (substr("'"${EPREFIX}"'", 1, length($0)) != $0) {print $0;} } else if (substr($0, 1, length("'"${EPREFIX}"'")) != "'"${EPREFIX}"'") {print $0;} }')
219 + if [[ -n ${INSTALLTOD} ]] ; then
220 + eqawarn "QA Notice: the following files are outside of the prefix:"
221 + eqawarn "${INSTALLTOD}"
222 + die "Aborting due to QA concerns: there are files installed outside the prefix"
223 + fi
224 + fi
225 +
226 + # all further checks rely on ${ED} existing
227 + [[ -d ${ED} ]] || return
228 +
229 + # check shebangs, bug #282539
230 + rm -f "${T}"/non-prefix-shebangs-errs
231 + local WHITELIST=" /usr/bin/env "
232 + # this is hell expensive, but how else?
233 + find "${ED}" -executable \! -type d -print0 \
234 + | xargs -0 grep -H -n -m1 "^#!" \
235 + | while read f ;
236 + do
237 + local fn=${f%%:*}
238 + local pos=${f#*:} ; pos=${pos%:*}
239 + local line=${f##*:}
240 + # shebang always appears on the first line ;)
241 + [[ ${pos} != 1 ]] && continue
242 + local oldIFS=${IFS}
243 + IFS=$'\r'$'\n'$'\t'" "
244 + line=( ${line#"#!"} )
245 + IFS=${oldIFS}
246 + [[ ${WHITELIST} == *" ${line[0]} "* ]] && continue
247 + local fp=${fn#${D}} ; fp=/${fp%/*}
248 + # line[0] can be an absolutised path, bug #342929
249 + local eprefix=$(canonicalize ${EPREFIX})
250 + local rf=${fn}
251 + # in case we deal with a symlink, make sure we don't replace it
252 + # with a real file (sed -i does that)
253 + if [[ -L ${fn} ]] ; then
254 + rf=$(readlink ${fn})
255 + [[ ${rf} != /* ]] && rf=${fn%/*}/${rf}
256 + # ignore symlinks pointing to outside prefix
257 + # as seen in sys-devel/native-cctools
258 + [[ $(canonicalize "/${rf#${D}}") != ${eprefix}/* ]] && continue
259 + fi
260 + # does the shebang start with ${EPREFIX}, and does it exist?
261 + if [[ ${line[0]} == ${EPREFIX}/* || ${line[0]} == ${eprefix}/* ]] ; then
262 + if [[ ! -e ${ROOT%/}${line[0]} && ! -e ${D%/}${line[0]} ]] ; then
263 + # hmm, refers explicitly to $EPREFIX, but doesn't exist,
264 + # if it's in PATH that's wrong in any case
265 + if [[ ":${PATH}:" == *":${fp}:"* ]] ; then
266 + echo "${fn#${D}}:${line[0]} (explicit EPREFIX but target not found)" \
267 + >> "${T}"/non-prefix-shebangs-errs
268 + else
269 + eqawarn "${fn#${D}} has explicit EPREFIX in shebang but target not found (${line[0]})"
270 + fi
271 + fi
272 + continue
273 + fi
274 - # unprefixed shebang, is the script directly in $PATH?
275 - if [[ ":${PATH}:" == *":${fp}:"* ]] ; then
276 ++ # unprefixed shebang, is the script directly in $PATH or an init
277 ++ # script?
278 ++ if [[ ":${PATH}:${EPREFIX}/etc/init.d:" == *":${fp}:"* ]] ; then
279 + if [[ -e ${EROOT}${line[0]} || -e ${ED}${line[0]} ]] ; then
280 + # is it unprefixed, but we can just fix it because a
281 + # prefixed variant exists
282 + eqawarn "prefixing shebang of ${fn#${D}}"
283 + # statement is made idempotent on purpose, because
284 + # symlinks may point to the same target, and hence the
285 + # same real file may be sedded multiple times since we
286 + # read the shebangs in one go upfront for performance
287 + # reasons
288 + sed -i -e '1s:^#! \?'"${line[0]}"':#!'"${EPREFIX}"${line[0]}':' "${rf}"
289 + continue
290 + else
291 + # this is definitely wrong: script in $PATH and invalid shebang
292 + echo "${fn#${D}}:${line[0]} (script ${fn##*/} installed in PATH but interpreter ${line[0]} not found)" \
293 + >> "${T}"/non-prefix-shebangs-errs
294 + fi
295 + else
296 + # unprefixed/invalid shebang, but outside $PATH, this may be
297 + # intended (e.g. config.guess) so remain silent by default
298 + has stricter ${FEATURES} && \
299 + eqawarn "invalid shebang in ${fn#${D}}: ${line[0]}"
300 + fi
301 + done
302 + if [[ -e "${T}"/non-prefix-shebangs-errs ]] ; then
303 + eqawarn "QA Notice: the following files use invalid (possible non-prefixed) shebangs:"
304 + while read line ; do
305 + eqawarn " ${line}"
306 + done < "${T}"/non-prefix-shebangs-errs
307 + rm -f "${T}"/non-prefix-shebangs-errs
308 + die "Aborting due to QA concerns: invalid shebangs found"
309 + fi
310 + }
311 +
312 + install_qa_check_prefix
313 + : # guarantee successful exit
314 +
315 + # vim:ft=sh
316 diff --cc bin/install-qa-check.d/80libraries
317 index 0000000,3977bae..c83f278
318 mode 000000,100644..100644
319 --- a/bin/install-qa-check.d/80libraries
320 +++ b/bin/install-qa-check.d/80libraries
321 @@@ -1,0 -1,158 +1,167 @@@
322 + # Check for issues with installed libraries
323 +
324 + lib_check() {
325 + local f x i j
326 +
327 + if type -P scanelf > /dev/null && ! has binchecks ${RESTRICT}; then
328 + # Check for shared libraries lacking SONAMEs
329 + local qa_var="QA_SONAME_${ARCH/-/_}"
330 + eval "[[ -n \${!qa_var} ]] && QA_SONAME=(\"\${${qa_var}[@]}\")"
331 + f=$(scanelf -ByF '%S %p' "${ED}"{,usr/}lib*/lib*.so* | awk '$2 == "" { print }' | sed -e "s:^[[:space:]]${ED}:/:")
332 + if [[ -n ${f} ]] ; then
333 + echo "${f}" > "${T}"/scanelf-missing-SONAME.log
334 + if [[ "${QA_STRICT_SONAME-unset}" == unset ]] ; then
335 + if [[ ${#QA_SONAME[@]} -gt 1 ]] ; then
336 + for x in "${QA_SONAME[@]}" ; do
337 + sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-SONAME.log
338 + done
339 + else
340 + local shopts=$-
341 + set -o noglob
342 + for x in ${QA_SONAME} ; do
343 + sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-SONAME.log
344 + done
345 + set +o noglob
346 + set -${shopts}
347 + fi
348 + fi
349 + sed -e "/^\$/d" -i "${T}"/scanelf-missing-SONAME.log
350 + f=$(<"${T}"/scanelf-missing-SONAME.log)
351 + if [[ -n ${f} ]] ; then
352 + __vecho -ne '\n'
353 + eqawarn "QA Notice: The following shared libraries lack a SONAME"
354 + eqawarn "${f}"
355 + __vecho -ne '\n'
356 + sleep 1
357 + else
358 + rm -f "${T}"/scanelf-missing-SONAME.log
359 + fi
360 + fi
361 +
362 + # Check for shared libraries lacking NEEDED entries
363 + qa_var="QA_DT_NEEDED_${ARCH/-/_}"
364 + eval "[[ -n \${!qa_var} ]] && QA_DT_NEEDED=(\"\${${qa_var}[@]}\")"
365 + f=$(scanelf -ByF '%n %p' "${ED}"{,usr/}lib*/lib*.so* | awk '$2 == "" { print }' | sed -e "s:^[[:space:]]${ED}:/:")
366 + if [[ -n ${f} ]] ; then
367 + echo "${f}" > "${T}"/scanelf-missing-NEEDED.log
368 + if [[ "${QA_STRICT_DT_NEEDED-unset}" == unset ]] ; then
369 + if [[ ${#QA_DT_NEEDED[@]} -gt 1 ]] ; then
370 + for x in "${QA_DT_NEEDED[@]}" ; do
371 + sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-NEEDED.log
372 + done
373 + else
374 + local shopts=$-
375 + set -o noglob
376 + for x in ${QA_DT_NEEDED} ; do
377 + sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-NEEDED.log
378 + done
379 + set +o noglob
380 + set -${shopts}
381 + fi
382 + fi
383 + sed -e "/^\$/d" -i "${T}"/scanelf-missing-NEEDED.log
384 + f=$(<"${T}"/scanelf-missing-NEEDED.log)
385 + if [[ -n ${f} ]] ; then
386 + __vecho -ne '\n'
387 + eqawarn "QA Notice: The following shared libraries lack NEEDED entries"
388 + eqawarn "${f}"
389 + __vecho -ne '\n'
390 + sleep 1
391 + else
392 + rm -f "${T}"/scanelf-missing-NEEDED.log
393 + fi
394 + fi
395 + fi
396 +
397 + # this should help to ensure that all (most?) shared libraries are executable
398 + # and that all libtool scripts / static libraries are not executable
399 + for i in "${ED}"opt/*/lib* \
400 + "${ED}"lib* \
401 + "${ED}"usr/lib* ; do
402 + [[ ! -d ${i} ]] && continue
403 +
404 + for j in "${i}"/*.so.* "${i}"/*.so ; do
405 + [[ ! -e ${j} ]] && continue
406 + [[ -L ${j} ]] && continue
407 + [[ -x ${j} ]] && continue
408 + __vecho "making executable: ${j#${ED}}"
409 + chmod +x "${j}"
410 + done
411 +
412 + for j in "${i}"/*.a "${i}"/*.la ; do
413 + [[ ! -e ${j} ]] && continue
414 + [[ -L ${j} ]] && continue
415 + [[ ! -x ${j} ]] && continue
416 + __vecho "removing executable bit: ${j#${ED}}"
417 + chmod -x "${j}"
418 + done
419 +
420 + for j in "${i}"/*.{a,dll,dylib,sl,so}.* "${i}"/*.{a,dll,dylib,sl,so} ; do
421 + [[ ! -e ${j} ]] && continue
422 + [[ ! -L ${j} ]] && continue
423 + linkdest=$(readlink "${j}")
424 + if [[ ${linkdest} == /* ]] ; then
425 + __vecho -ne '\n'
426 + eqawarn "QA Notice: Found an absolute symlink in a library directory:"
427 + eqawarn " ${j#${D}} -> ${linkdest}"
428 + eqawarn " It should be a relative symlink if in the same directory"
429 + eqawarn " or a linker script if it crosses the /usr boundary."
430 + fi
431 + done
432 + done
433 +
434 + # When installing static libraries into /usr/lib and shared libraries into
435 + # /lib, we have to make sure we have a linker script in /usr/lib along side
436 + # the static library, or gcc will utilize the static lib when linking :(.
437 + # http://bugs.gentoo.org/4411
438 + local abort="no"
439 + local a s
440 + for a in "${ED}"usr/lib*/*.a ; do
441 - s=${a%.a}.so
442 ++ # PREFIX LOCAL: support MachO objects
443 ++ [[ ${CHOST} == *-darwin* ]] \
444 ++ && s=${a%.a}.dylib \
445 ++ || s=${a%.a}.so
446 ++ # END PREFIX LOCAL
447 + if [[ ! -e ${s} ]] ; then
448 + s=${s%usr/*}${s##*/usr/}
449 + if [[ -e ${s} ]] ; then
450 + __vecho -ne '\n'
451 + eqawarn "QA Notice: Missing gen_usr_ldscript for ${s##*/}"
452 + abort="yes"
453 + fi
454 + fi
455 + done
456 + [[ ${abort} == "yes" ]] && die "add those ldscripts"
457 +
458 + # Make sure people don't store libtool files or static libs in /lib
459 - f=$(ls "${ED}"lib*/*.{a,la} 2>/dev/null)
460 ++ # PREFIX LOCAL: on AIX, "dynamic libs" have extension .a, so don't
461 ++ # get false positives
462 ++ [[ ${CHOST} == *-aix* ]] \
463 ++ && f=$(ls "${ED}"lib*/*.la 2>/dev/null || true) \
464 ++ || f=$(ls "${ED}"lib*/*.{a,la} 2>/dev/null)
465 ++ # END PREFIX LOCAL
466 + if [[ -n ${f} ]] ; then
467 + __vecho -ne '\n'
468 + eqawarn "QA Notice: Excessive files found in the / partition"
469 + eqawarn "${f}"
470 + __vecho -ne '\n'
471 + die "static archives (*.a) and libtool library files (*.la) belong in /usr/lib*, not /lib*"
472 + fi
473 +
474 + # Verify that the libtool files don't contain bogus $D entries.
475 + local abort=no gentoo_bug=no always_overflow=no
476 + for a in "${ED}"usr/lib*/*.la ; do
477 + s=${a##*/}
478 + if grep -qs "${ED}" "${a}" ; then
479 + __vecho -ne '\n'
480 + eqawarn "QA Notice: ${s} appears to contain PORTAGE_TMPDIR paths"
481 + abort="yes"
482 + fi
483 + done
484 + [[ ${abort} == "yes" ]] && die "soiled libtool library files found"
485 + }
486 +
487 + lib_check
488 + : # guarantee successful exit
489 +
490 + # vim:ft=sh
491 diff --cc bin/install-qa-check.d/80multilib-strict
492 index 0000000,f944be9..436932e
493 mode 000000,100644..100644
494 --- a/bin/install-qa-check.d/80multilib-strict
495 +++ b/bin/install-qa-check.d/80multilib-strict
496 @@@ -1,0 -1,50 +1,50 @@@
497 + # Strict multilib directory checks
498 + multilib_strict_check() {
499 + if has multilib-strict ${FEATURES} && \
500 - [[ -x /usr/bin/file && -x /usr/bin/find ]] && \
501 ++ [[ -x ${EPREFIX}/usr/bin/file && -x ${EPREFIX}/usr/bin/find ]] && \
502 + [[ -n ${MULTILIB_STRICT_DIRS} && -n ${MULTILIB_STRICT_DENY} ]]
503 + then
504 + rm -f "${T}/multilib-strict.log"
505 + local abort=no dir file
506 + MULTILIB_STRICT_EXEMPT=$(echo ${MULTILIB_STRICT_EXEMPT} | sed -e 's:\([(|)]\):\\\1:g')
507 + for dir in ${MULTILIB_STRICT_DIRS} ; do
508 + [[ -d ${ED}/${dir} ]] || continue
509 + for file in $(find ${ED}/${dir} -type f | grep -v "^${ED}/${dir}/${MULTILIB_STRICT_EXEMPT}"); do
510 + if file ${file} | egrep -q "${MULTILIB_STRICT_DENY}" ; then
511 + echo "${file#${ED}//}" >> "${T}/multilib-strict.log"
512 + fi
513 + done
514 + done
515 +
516 + if [[ -s ${T}/multilib-strict.log ]] ; then
517 + if [[ ${#QA_MULTILIB_PATHS[@]} -eq 1 ]] ; then
518 + local shopts=$-
519 + set -o noglob
520 + QA_MULTILIB_PATHS=(${QA_MULTILIB_PATHS})
521 + set +o noglob
522 + set -${shopts}
523 + fi
524 + if [ "${QA_STRICT_MULTILIB_PATHS-unset}" = unset ] ; then
525 + local x
526 + for x in "${QA_MULTILIB_PATHS[@]}" ; do
527 + sed -e "s#^${x#/}\$##" -i "${T}/multilib-strict.log"
528 + done
529 + sed -e "/^\$/d" -i "${T}/multilib-strict.log"
530 + fi
531 + if [[ -s ${T}/multilib-strict.log ]] ; then
532 + abort=yes
533 + echo "Files matching a file type that is not allowed:"
534 + while read -r ; do
535 + echo " ${REPLY}"
536 + done < "${T}/multilib-strict.log"
537 + fi
538 + fi
539 +
540 + [[ ${abort} == yes ]] && die "multilib-strict check failed!"
541 + fi
542 + }
543 +
544 + multilib_strict_check
545 + : # guarantee successful exit
546 +
547 + # vim:ft=sh
548 diff --cc bin/install-qa-check.d/90world-writable
549 index 0000000,771027e..635612d
550 mode 000000,100644..100644
551 --- a/bin/install-qa-check.d/90world-writable
552 +++ b/bin/install-qa-check.d/90world-writable
553 @@@ -1,0 -1,25 +1,27 @@@
554 + # Check for world-writable files
555 +
556 + world_writable_check() {
557 + # Now we look for all world writable files.
558 - local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:- :")
559 ++ # PREFIX LOCAL: keep offset prefix in the reported files
560 ++ local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${D}:- :")
561 ++ # END PREFIX LOCAL
562 + if [[ -n ${unsafe_files} ]] ; then
563 + __vecho "QA Security Notice: world writable file(s):"
564 + __vecho "${unsafe_files}"
565 + __vecho "- This may or may not be a security problem, most of the time it is one."
566 + __vecho "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
567 + sleep 1
568 + fi
569 +
570 - local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm -4002 ')' | sed -e "s:^${ED}:/:")
571 ++ local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm -4002 ')' | sed -e "s:^${D}:/:")
572 + if [[ -n ${unsafe_files} ]] ; then
573 + eqawarn "QA Notice: Unsafe files detected (set*id and world writable)"
574 + eqawarn "${unsafe_files}"
575 + die "Unsafe files found in \${D}. Portage will not install them."
576 + fi
577 + }
578 +
579 + world_writable_check
580 + : # guarantee successful exit
581 +
582 + # vim:ft=sh
583 diff --cc bin/misc-functions.sh
584 index d92103f,cc652a9..1904c25
585 mode 100644,100755..100644
586 --- a/bin/misc-functions.sh
587 +++ b/bin/misc-functions.sh
588 @@@ -1,5 -1,5 +1,5 @@@
589 -#!/bin/bash
590 +#!@PORTAGE_BASH@
591 - # Copyright 1999-2013 Gentoo Foundation
592 + # Copyright 1999-2014 Gentoo Foundation
593 # Distributed under the terms of the GNU General Public License v2
594 #
595 # Miscellaneous shell functions that make use of the ebuild env but don't need
596 @@@ -172,67 -168,34 +172,36 @@@ install_qa_check()
597 local EPREFIX= ED=${D}
598 fi
599
600 - cd "${ED}" || die "cd failed"
601 + # PREFIX LOCAL: ED needs not to exist, whereas D does
602 + cd "${D}" || die "cd failed"
603 + # END PREFIX LOCAL
604
605 - qa_var="QA_FLAGS_IGNORED_${ARCH/-/_}"
606 - eval "[[ -n \${!qa_var} ]] && QA_FLAGS_IGNORED=(\"\${${qa_var}[@]}\")"
607 - if [[ ${#QA_FLAGS_IGNORED[@]} -eq 1 ]] ; then
608 - local shopts=$-
609 - set -o noglob
610 - QA_FLAGS_IGNORED=(${QA_FLAGS_IGNORED})
611 - set +o noglob
612 - set -${shopts}
613 - fi
614 + # Run QA checks from install-qa-check.d.
615 + # Note: checks need to be run *before* stripping.
616 + local f
617 + # TODO: handle nullglob-like
618 + for f in "${PORTAGE_BIN_PATH}"/install-qa-check.d/*; do
619 + # Run in a subshell to treat it like external script,
620 + # but use 'source' to pass all variables through.
621 + (
622 + source "${f}" || eerror "Post-install QA check ${f##*/} failed to run"
623 + )
624 + done
625
626 - # Check for files built without respecting *FLAGS. Note that
627 - # -frecord-gcc-switches must be in all *FLAGS variables, in
628 - # order to avoid false positive results here.
629 - # NOTE: This check must execute before prepall/prepstrip, since
630 - # prepstrip strips the .GCC.command.line sections.
631 - if type -P scanelf > /dev/null && ! has binchecks ${RESTRICT} && \
632 - [[ "${CFLAGS}" == *-frecord-gcc-switches* ]] && \
633 - [[ "${CXXFLAGS}" == *-frecord-gcc-switches* ]] && \
634 - [[ "${FFLAGS}" == *-frecord-gcc-switches* ]] && \
635 - [[ "${FCFLAGS}" == *-frecord-gcc-switches* ]] ; then
636 - rm -f "${T}"/scanelf-ignored-CFLAGS.log
637 - for x in $(scanelf -qyRF '#k%p' -k '!.GCC.command.line' "${ED}") ; do
638 - # Separate out file types that are known to support
639 - # .GCC.command.line sections, using the `file` command
640 - # similar to how prepstrip uses it.
641 - f=$(file "${x}") || continue
642 - [[ -z ${f} ]] && continue
643 - if [[ ${f} == *"SB executable"* ||
644 - ${f} == *"SB shared object"* ]] ; then
645 - echo "${x}" >> "${T}"/scanelf-ignored-CFLAGS.log
646 + # Run QA checks from repositories
647 + # (yes, PORTAGE_ECLASS_LOCATIONS contains repo paths...)
648 + local repo_location
649 + for repo_location in "${PORTAGE_ECLASS_LOCATIONS[@]}"; do
650 + for f in "${repo_location}"/metadata/install-qa-check.d/*; do
651 + if [[ -f ${f} ]]; then
652 + (
653 + # allow inheriting eclasses
654 + _IN_INSTALL_QA_CHECK=1
655 + source "${f}" || eerror "Post-install QA check ${f##*/} failed to run"
656 + )
657 fi
658 done
659 -
660 - if [[ -f "${T}"/scanelf-ignored-CFLAGS.log ]] ; then
661 -
662 - if [ "${QA_STRICT_FLAGS_IGNORED-unset}" = unset ] ; then
663 - for x in "${QA_FLAGS_IGNORED[@]}" ; do
664 - sed -e "s#^${x#/}\$##" -i "${T}"/scanelf-ignored-CFLAGS.log
665 - done
666 - fi
667 - # Filter anything under /usr/lib/debug/ in order to avoid
668 - # duplicate warnings for splitdebug files.
669 - sed -e "s#^usr/lib/debug/.*##" -e "/^\$/d" -e "s#^#/#" \
670 - -i "${T}"/scanelf-ignored-CFLAGS.log
671 - f=$(<"${T}"/scanelf-ignored-CFLAGS.log)
672 - if [[ -n ${f} ]] ; then
673 - __vecho -ne '\n'
674 - eqawarn "${BAD}QA Notice: Files built without respecting CFLAGS have been detected${NORMAL}"
675 - eqawarn " Please include the following list of files in your report:"
676 - eqawarn "${f}"
677 - __vecho -ne '\n'
678 - sleep 1
679 - else
680 - rm -f "${T}"/scanelf-ignored-CFLAGS.log
681 - fi
682 - fi
683 - fi
684 + done
685
686 export STRIP_MASK
687 prepall
688 @@@ -240,327 -203,6 +209,39 @@@
689 ecompressdir --dequeue
690 ecompress --dequeue
691
692 - # Prefix specific checks
693 - [[ ${ED} != ${D} ]] && install_qa_check_prefix
694 -
695 - f=
696 - for x in etc/app-defaults usr/man usr/info usr/X11R6 usr/doc usr/locale ; do
697 - [[ -d ${ED}/$x ]] && f+=" $x\n"
698 - done
699 - if [[ -n $f ]] ; then
700 - eqawarn "QA Notice: This ebuild installs into the following deprecated directories:"
701 - eqawarn
702 - eqawarn "$f"
703 - fi
704 -
705 - # It's ok create these directories, but not to install into them. #493154
706 - # TODO: We should add var/lib to this list.
707 - f=
708 - for x in var/cache var/lock var/run run ; do
709 - if [[ ! -L ${ED}/${x} && -d ${ED}/${x} ]] ; then
710 - if [[ -z $(find "${ED}/${x}" -prune -empty) ]] ; then
711 - f+=$(cd "${ED}"; find "${x}" -printf ' %p\n')
712 - fi
713 - fi
714 - done
715 - if [[ -n ${f} ]] ; then
716 - eqawarn "QA Notice: This ebuild installs into paths that should be created at runtime."
717 - eqawarn " To fix, simply do not install into these directories. Instead, your package"
718 - eqawarn " should create dirs on the fly at runtime as needed via init scripts/etc..."
719 - eqawarn
720 - eqawarn "${f}"
721 - fi
722 -
723 - set +f
724 - f=
725 - for x in "${ED}etc/udev/rules.d/"* "${ED}lib"*"/udev/rules.d/"* ; do
726 - [[ -e ${x} ]] || continue
727 - [[ ${x} == ${ED}lib/udev/rules.d/* ]] && continue
728 - f+=" ${x#${ED}}\n"
729 - done
730 - if [[ -n $f ]] ; then
731 - eqawarn "QA Notice: udev rules should be installed in /lib/udev/rules.d:"
732 - eqawarn
733 - eqawarn "$f"
734 - fi
735 -
736 - # Now we look for all world writable files.
737 - # PREFIX LOCAL: keep offset in the paths
738 - local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${D}:- :")
739 - # END PREFIX LOCAL
740 - if [[ -n ${unsafe_files} ]] ; then
741 - __vecho "QA Security Notice: world writable file(s):"
742 - __vecho "${unsafe_files}"
743 - __vecho "- This may or may not be a security problem, most of the time it is one."
744 - __vecho "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
745 - sleep 1
746 - fi
747 -
748 + # PREFIX LOCAL:
749 + # anything outside the prefix should be caught by the Prefix QA
750 + # check, so if there's nothing in ED, we skip searching for QA
751 + # checks there, the specific QA funcs can hence rely on ED existing
752 + if [[ -d ${ED} ]] ; then
753 + case ${CHOST} in
754 + *-darwin*)
755 + # Mach-O platforms (NeXT, Darwin, OSX)
756 + install_qa_check_macho
757 + ;;
758 + *-interix*|*-winnt*)
759 + # PECOFF platforms (Windows/Interix)
760 + install_qa_check_pecoff
761 + ;;
762 + *-aix*)
763 + # XCOFF platforms (AIX)
764 + install_qa_check_xcoff
765 + ;;
766 + *)
767 + # because this is the majority: ELF platforms (Linux,
768 + # Solaris, *BSD, IRIX, etc.)
769 + install_qa_check_elf
770 + ;;
771 + esac
772 + fi
773 +
774 + # this is basically here such that the diff with trunk remains just
775 + # offsetted and not out of order
776 + install_qa_check_misc
777 + # END PREFIX LOCAL
778 +}
779 +
780 +install_qa_check_elf() {
781 - if type -P scanelf > /dev/null && ! has binchecks ${RESTRICT}; then
782 - local insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET}
783 - local x
784 -
785 - # display warnings when using stricter because we die afterwards
786 - if has stricter ${FEATURES} ; then
787 - unset PORTAGE_QUIET
788 - fi
789 -
790 - # Make sure we disallow insecure RUNPATH/RPATHs.
791 - # 1) References to PORTAGE_BUILDDIR are banned because it's a
792 - # security risk. We don't want to load files from a
793 - # temporary directory.
794 - # 2) If ROOT != "/", references to ROOT are banned because
795 - # that directory won't exist on the target system.
796 - # 3) Null paths are banned because the loader will search $PWD when
797 - # it finds null paths.
798 - local forbidden_dirs="${PORTAGE_BUILDDIR}"
799 - if [[ -n "${ROOT}" && "${ROOT}" != "/" ]]; then
800 - forbidden_dirs+=" ${ROOT}"
801 - fi
802 - local dir l rpath_files=$(scanelf -F '%F:%r' -qBR "${ED}")
803 - f=""
804 - for dir in ${forbidden_dirs}; do
805 - for l in $(echo "${rpath_files}" | grep -E ":${dir}|::|: "); do
806 - f+=" ${l%%:*}\n"
807 - if ! has stricter ${FEATURES}; then
808 - __vecho "Auto fixing rpaths for ${l%%:*}"
809 - TMPDIR="${dir}" scanelf -BXr "${l%%:*}" -o /dev/null
810 - fi
811 - done
812 - done
813 -
814 - # Reject set*id binaries with $ORIGIN in RPATH #260331
815 - x=$(
816 - find "${ED}" -type f \( -perm -u+s -o -perm -g+s \) -print0 | \
817 - xargs -0 scanelf -qyRF '%r %p' | grep '$ORIGIN'
818 - )
819 -
820 - # Print QA notice.
821 - if [[ -n ${f}${x} ]] ; then
822 - __vecho -ne '\n'
823 - eqawarn "QA Notice: The following files contain insecure RUNPATHs"
824 - eqawarn " Please file a bug about this at http://bugs.gentoo.org/"
825 - eqawarn " with the maintaining herd of the package."
826 - eqawarn "${f}${f:+${x:+\n}}${x}"
827 - __vecho -ne '\n'
828 - if [[ -n ${x} ]] || has stricter ${FEATURES} ; then
829 - insecure_rpath=1
830 - fi
831 - fi
832 -
833 - # TEXTRELs are baaaaaaaad
834 - # Allow devs to mark things as ignorable ... e.g. things that are
835 - # binary-only and upstream isn't cooperating (nvidia-glx) ... we
836 - # allow ebuild authors to set QA_TEXTRELS_arch and QA_TEXTRELS ...
837 - # the former overrides the latter ... regexes allowed ! :)
838 - qa_var="QA_TEXTRELS_${ARCH/-/_}"
839 - [[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
840 - [[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""
841 - export QA_TEXTRELS="${QA_TEXTRELS} lib*/modules/*.ko"
842 - f=$(scanelf -qyRF '%t %p' "${ED}" | grep -v 'usr/lib/debug/')
843 - if [[ -n ${f} ]] ; then
844 - scanelf -qyRAF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
845 - __vecho -ne '\n'
846 - eqawarn "QA Notice: The following files contain runtime text relocations"
847 - eqawarn " Text relocations force the dynamic linker to perform extra"
848 - eqawarn " work at startup, waste system resources, and may pose a security"
849 - eqawarn " risk. On some architectures, the code may not even function"
850 - eqawarn " properly, if at all."
851 - eqawarn " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
852 - eqawarn " Please include the following list of files in your report:"
853 - eqawarn "${f}"
854 - __vecho -ne '\n'
855 - die_msg="${die_msg} textrels,"
856 - sleep 1
857 - fi
858 -
859 - # Also, executable stacks only matter on linux (and just glibc atm ...)
860 - f=""
861 - case ${CTARGET:-${CHOST}} in
862 - *-linux-gnu*)
863 - # Check for files with executable stacks, but only on arches which
864 - # are supported at the moment. Keep this list in sync with
865 - # http://www.gentoo.org/proj/en/hardened/gnu-stack.xml (Arch Status)
866 - case ${CTARGET:-${CHOST}} in
867 - arm*|i?86*|ia64*|m68k*|s390*|sh*|x86_64*)
868 - # Allow devs to mark things as ignorable ... e.g. things
869 - # that are binary-only and upstream isn't cooperating ...
870 - # we allow ebuild authors to set QA_EXECSTACK_arch and
871 - # QA_EXECSTACK ... the former overrides the latter ...
872 - # regexes allowed ! :)
873 -
874 - qa_var="QA_EXECSTACK_${ARCH/-/_}"
875 - [[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
876 - [[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""
877 - qa_var="QA_WX_LOAD_${ARCH/-/_}"
878 - [[ -n ${!qa_var} ]] && QA_WX_LOAD=${!qa_var}
879 - [[ -n ${QA_STRICT_WX_LOAD} ]] && QA_WX_LOAD=""
880 - export QA_EXECSTACK="${QA_EXECSTACK} lib*/modules/*.ko"
881 - export QA_WX_LOAD="${QA_WX_LOAD} lib*/modules/*.ko"
882 - f=$(scanelf -qyRAF '%e %p' "${ED}" | grep -v 'usr/lib/debug/')
883 - ;;
884 - esac
885 - ;;
886 - esac
887 - if [[ -n ${f} ]] ; then
888 - # One more pass to help devs track down the source
889 - scanelf -qyRAF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
890 - __vecho -ne '\n'
891 - eqawarn "QA Notice: The following files contain writable and executable sections"
892 - eqawarn " Files with such sections will not work properly (or at all!) on some"
893 - eqawarn " architectures/operating systems. A bug should be filed at"
894 - eqawarn " http://bugs.gentoo.org/ to make sure the issue is fixed."
895 - eqawarn " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
896 - eqawarn " Please include the following list of files in your report:"
897 - eqawarn " Note: Bugs should be filed for the respective maintainers"
898 - eqawarn " of the package in question and not hardened@g.o."
899 - eqawarn "${f}"
900 - __vecho -ne '\n'
901 - die_msg="${die_msg} execstacks"
902 - sleep 1
903 - fi
904 -
905 - # Check for files built without respecting LDFLAGS
906 - if [[ "${LDFLAGS}" == *,--hash-style=gnu* ]] && \
907 - ! has binchecks ${RESTRICT} ; then
908 - f=$(scanelf -qyRF '#k%p' -k .hash "${ED}")
909 - if [[ -n ${f} ]] ; then
910 - echo "${f}" > "${T}"/scanelf-ignored-LDFLAGS.log
911 - if [ "${QA_STRICT_FLAGS_IGNORED-unset}" = unset ] ; then
912 - for x in "${QA_FLAGS_IGNORED[@]}" ; do
913 - sed -e "s#^${x#/}\$##" -i "${T}"/scanelf-ignored-LDFLAGS.log
914 - done
915 - fi
916 - # Filter anything under /usr/lib/debug/ in order to avoid
917 - # duplicate warnings for splitdebug files.
918 - sed -e "s#^usr/lib/debug/.*##" -e "/^\$/d" -e "s#^#/#" \
919 - -i "${T}"/scanelf-ignored-LDFLAGS.log
920 - f=$(<"${T}"/scanelf-ignored-LDFLAGS.log)
921 - if [[ -n ${f} ]] ; then
922 - __vecho -ne '\n'
923 - eqawarn "${BAD}QA Notice: Files built without respecting LDFLAGS have been detected${NORMAL}"
924 - eqawarn " Please include the following list of files in your report:"
925 - eqawarn "${f}"
926 - __vecho -ne '\n'
927 - sleep 1
928 - else
929 - rm -f "${T}"/scanelf-ignored-LDFLAGS.log
930 - fi
931 - fi
932 - fi
933 -
934 - if [[ ${insecure_rpath} -eq 1 ]] ; then
935 - die "Aborting due to serious QA concerns with RUNPATH/RPATH"
936 - elif [[ -n ${die_msg} ]] && has stricter ${FEATURES} ; then
937 - die "Aborting due to QA concerns: ${die_msg}"
938 - fi
939 -
940 - # Check for shared libraries lacking SONAMEs
941 - qa_var="QA_SONAME_${ARCH/-/_}"
942 - eval "[[ -n \${!qa_var} ]] && QA_SONAME=(\"\${${qa_var}[@]}\")"
943 - f=$(scanelf -ByF '%S %p' "${ED}"{,usr/}lib*/lib*.so* | awk '$2 == "" { print }' | sed -e "s:^[[:space:]]${ED}:/:")
944 - if [[ -n ${f} ]] ; then
945 - echo "${f}" > "${T}"/scanelf-missing-SONAME.log
946 - if [[ "${QA_STRICT_SONAME-unset}" == unset ]] ; then
947 - if [[ ${#QA_SONAME[@]} -gt 1 ]] ; then
948 - for x in "${QA_SONAME[@]}" ; do
949 - sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-SONAME.log
950 - done
951 - else
952 - local shopts=$-
953 - set -o noglob
954 - for x in ${QA_SONAME} ; do
955 - sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-SONAME.log
956 - done
957 - set +o noglob
958 - set -${shopts}
959 - fi
960 - fi
961 - sed -e "/^\$/d" -i "${T}"/scanelf-missing-SONAME.log
962 - f=$(<"${T}"/scanelf-missing-SONAME.log)
963 - if [[ -n ${f} ]] ; then
964 - __vecho -ne '\n'
965 - eqawarn "QA Notice: The following shared libraries lack a SONAME"
966 - eqawarn "${f}"
967 - __vecho -ne '\n'
968 - sleep 1
969 - else
970 - rm -f "${T}"/scanelf-missing-SONAME.log
971 - fi
972 - fi
973 -
974 - # Check for shared libraries lacking NEEDED entries
975 - qa_var="QA_DT_NEEDED_${ARCH/-/_}"
976 - eval "[[ -n \${!qa_var} ]] && QA_DT_NEEDED=(\"\${${qa_var}[@]}\")"
977 - # PREFIX LOCAL: keep offset prefix in the recorded files
978 - f=$(scanelf -ByF '%n %p' "${ED}"{,usr/}lib*/lib*.so* | awk '$2 == "" { print }' | sed -e "s:^[[:space:]]${D}:/:")
979 - # END PREFIX LOCAL
980 - if [[ -n ${f} ]] ; then
981 - echo "${f}" > "${T}"/scanelf-missing-NEEDED.log
982 - if [[ "${QA_STRICT_DT_NEEDED-unset}" == unset ]] ; then
983 - if [[ ${#QA_DT_NEEDED[@]} -gt 1 ]] ; then
984 - for x in "${QA_DT_NEEDED[@]}" ; do
985 - sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-NEEDED.log
986 - done
987 - else
988 - local shopts=$-
989 - set -o noglob
990 - for x in ${QA_DT_NEEDED} ; do
991 - sed -e "s#^/${x#/}\$##" -i "${T}"/scanelf-missing-NEEDED.log
992 - done
993 - set +o noglob
994 - set -${shopts}
995 - fi
996 - fi
997 - sed -e "/^\$/d" -i "${T}"/scanelf-missing-NEEDED.log
998 - f=$(<"${T}"/scanelf-missing-NEEDED.log)
999 - if [[ -n ${f} ]] ; then
1000 - __vecho -ne '\n'
1001 - eqawarn "QA Notice: The following shared libraries lack NEEDED entries"
1002 - eqawarn "${f}"
1003 - __vecho -ne '\n'
1004 - sleep 1
1005 - else
1006 - rm -f "${T}"/scanelf-missing-NEEDED.log
1007 - fi
1008 - fi
1009 -
1010 - PORTAGE_QUIET=${tmp_quiet}
1011 - fi
1012 -
1013 # Create NEEDED.ELF.2 regardless of RESTRICT=binchecks, since this info is
1014 # too useful not to have (it's required for things like preserve-libs), and
1015 # it's tempting for ebuild authors to set RESTRICT=binchecks for packages
1016 @@@ -588,829 -230,11 +269,396 @@@
1017 eqawarn "$(while read -r x; do x=${x#*;} ; x=${x%%;*} ; echo "${x#${EPREFIX}}" ; done < "${PORTAGE_BUILDDIR}"/build-info/NEEDED.ELF.2)"
1018 fi
1019 fi
1020 +}
1021
1022 +install_qa_check_misc() {
1023 - # PREFIX LOCAL: keep offset prefix in the reported files
1024 - local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm -4002 ')' | sed -e "s:^${D}:/:")
1025 - # END PREFIX LOCAL
1026 - if [[ -n ${unsafe_files} ]] ; then
1027 - eqawarn "QA Notice: Unsafe files detected (set*id and world writable)"
1028 - eqawarn "${unsafe_files}"
1029 - die "Unsafe files found in \${D}. Portage will not install them."
1030 - fi
1031 -
1032 - if [[ -d ${D%/}${D} ]] ; then
1033 - local -i INSTALLTOD=0
1034 - while read -r -d $'\0' i ; do
1035 - eqawarn "QA Notice: /${i##${D%/}${D}} installed in \${D}/\${D}"
1036 - ((INSTALLTOD++))
1037 - done < <(find "${D%/}${D}" -print0)
1038 - die "Aborting due to QA concerns: ${INSTALLTOD} files installed in ${D%/}${D}"
1039 - fi
1040 -
1041 - # Sanity check syntax errors in init.d scripts
1042 - local d
1043 - for d in /etc/conf.d /etc/init.d ; do
1044 - [[ -d ${ED}/${d} ]] || continue
1045 - for i in "${ED}"/${d}/* ; do
1046 - [[ -L ${i} ]] && continue
1047 - # if empty conf.d/init.d dir exists (baselayout), then i will be "/etc/conf.d/*" and not exist
1048 - [[ ! -e ${i} ]] && continue
1049 - if [[ ${d} == /etc/init.d && ${i} != *.sh ]] ; then
1050 - # skip non-shell-script for bug #451386
1051 - [[ $(head -n1 "${i}") =~ ^#!.*[[:space:]/](runscript|sh)$ ]] || continue
1052 - fi
1053 - bash -n "${i}" || die "The init.d file has syntax errors: ${i}"
1054 - done
1055 - done
1056 -
1057 - local checkbashisms=$(type -P checkbashisms)
1058 - if [[ -n ${checkbashisms} ]] ; then
1059 - for d in /etc/init.d ; do
1060 - [[ -d ${ED}${d} ]] || continue
1061 - for i in "${ED}${d}"/* ; do
1062 - [[ -e ${i} ]] || continue
1063 - [[ -L ${i} ]] && continue
1064 - f=$("${checkbashisms}" -f "${i}" 2>&1)
1065 - [[ $? != 0 && -n ${f} ]] || continue
1066 - eqawarn "QA Notice: shell script appears to use non-POSIX feature(s):"
1067 - while read -r ;
1068 - do eqawarn " ${REPLY}"
1069 - done <<< "${f//${ED}}"
1070 - done
1071 - done
1072 - fi
1073 -
1074 - # Look for leaking LDFLAGS into pkg-config files
1075 - f=$(egrep -sH '^Libs.*-Wl,(-O[012]|--hash-style)' "${ED}"/usr/*/pkgconfig/*.pc)
1076 - if [[ -n ${f} ]] ; then
1077 - eqawarn "QA Notice: pkg-config files with wrong LDFLAGS detected:"
1078 - eqawarn "${f//${D}}"
1079 - fi
1080 -
1081 - # this should help to ensure that all (most?) shared libraries are executable
1082 - # and that all libtool scripts / static libraries are not executable
1083 - local j
1084 - for i in "${ED}"opt/*/lib* \
1085 - "${ED}"lib* \
1086 - "${ED}"usr/lib* ; do
1087 - [[ ! -d ${i} ]] && continue
1088 -
1089 - for j in "${i}"/*.so.* "${i}"/*.so "${i}"/*.dylib "${i}"/*.dll ; do
1090 - [[ ! -e ${j} ]] && continue
1091 - [[ -L ${j} ]] && continue
1092 - [[ -x ${j} ]] && continue
1093 - __vecho "making executable: ${j#${ED}}"
1094 - chmod +x "${j}"
1095 - done
1096 -
1097 - for j in "${i}"/*.a "${i}"/*.la ; do
1098 - [[ ! -e ${j} ]] && continue
1099 - [[ -L ${j} ]] && continue
1100 - [[ ! -x ${j} ]] && continue
1101 - __vecho "removing executable bit: ${j#${ED}}"
1102 - chmod -x "${j}"
1103 - done
1104 -
1105 - for j in "${i}"/*.{a,dll,dylib,sl,so}.* "${i}"/*.{a,dll,dylib,sl,so} ; do
1106 - [[ ! -e ${j} ]] && continue
1107 - [[ ! -L ${j} ]] && continue
1108 - linkdest=$(readlink "${j}")
1109 - if [[ ${linkdest} == /* ]] ; then
1110 - __vecho -ne '\n'
1111 - eqawarn "QA Notice: Found an absolute symlink in a library directory:"
1112 - eqawarn " ${j#${D}} -> ${linkdest}"
1113 - eqawarn " It should be a relative symlink if in the same directory"
1114 - eqawarn " or a linker script if it crosses the /usr boundary."
1115 - fi
1116 - done
1117 - done
1118 -
1119 - # When installing static libraries into /usr/lib and shared libraries into
1120 - # /lib, we have to make sure we have a linker script in /usr/lib along side
1121 - # the static library, or gcc will utilize the static lib when linking :(.
1122 - # http://bugs.gentoo.org/4411
1123 - abort="no"
1124 - local a s
1125 - for a in "${ED}"usr/lib*/*.a ; do
1126 - # PREFIX LOCAL: support MachO objects
1127 - [[ ${CHOST} == *-darwin* ]] \
1128 - && s=${a%.a}.dylib \
1129 - || s=${a%.a}.so
1130 - # END PREFIX LOCAL
1131 - if [[ ! -e ${s} ]] ; then
1132 - s=${s%usr/*}${s##*/usr/}
1133 - if [[ -e ${s} ]] ; then
1134 - __vecho -ne '\n'
1135 - eqawarn "QA Notice: Missing gen_usr_ldscript for ${s##*/}"
1136 - abort="yes"
1137 - fi
1138 - fi
1139 - done
1140 - [[ ${abort} == "yes" ]] && die "add those ldscripts"
1141 -
1142 - # Make sure people don't store libtool files or static libs in /lib
1143 - # PREFIX LOCAL: on AIX, "dynamic libs" have extension .a, so don't
1144 - # get false positives
1145 - [[ ${CHOST} == *-aix* ]] \
1146 - && f=$(ls "${ED}"lib*/*.la 2>/dev/null || true) \
1147 - || f=$(ls "${ED}"lib*/*.{a,la} 2>/dev/null)
1148 - # END PREFIX LOCAL
1149 - if [[ -n ${f} ]] ; then
1150 - __vecho -ne '\n'
1151 - eqawarn "QA Notice: Excessive files found in the / partition"
1152 - eqawarn "${f}"
1153 - __vecho -ne '\n'
1154 - die "static archives (*.a) and libtool library files (*.la) belong in /usr/lib*, not /lib*"
1155 - fi
1156 -
1157 - # Verify that the libtool files don't contain bogus $D entries.
1158 - local abort=no gentoo_bug=no always_overflow=no
1159 - for a in "${ED}"usr/lib*/*.la ; do
1160 - s=${a##*/}
1161 - if grep -qs "${ED}" "${a}" ; then
1162 - __vecho -ne '\n'
1163 - eqawarn "QA Notice: ${s} appears to contain PORTAGE_TMPDIR paths"
1164 - abort="yes"
1165 - fi
1166 - done
1167 - [[ ${abort} == "yes" ]] && die "soiled libtool library files found"
1168 -
1169 - # Evaluate misc gcc warnings
1170 - if [[ -n ${PORTAGE_LOG_FILE} && -r ${PORTAGE_LOG_FILE} ]] ; then
1171 - # In debug mode, this variable definition and corresponding grep calls
1172 - # will produce false positives if they're shown in the trace.
1173 - local reset_debug=0
1174 - if [[ ${-/x/} != $- ]] ; then
1175 - set +x
1176 - reset_debug=1
1177 - fi
1178 - local m msgs=(
1179 - ": warning: dereferencing type-punned pointer will break strict-aliasing rules"
1180 - ": warning: dereferencing pointer .* does break strict-aliasing rules"
1181 - ": warning: implicit declaration of function"
1182 - ": warning: incompatible implicit declaration of built-in function"
1183 - ": warning: is used uninitialized in this function" # we'll ignore "may" and "might"
1184 - ": warning: comparisons like X<=Y<=Z do not have their mathematical meaning"
1185 - ": warning: null argument where non-null required"
1186 - ": warning: array subscript is below array bounds"
1187 - ": warning: array subscript is above array bounds"
1188 - ": warning: attempt to free a non-heap object"
1189 - ": warning: .* called with .*bigger.* than .* destination buffer"
1190 - ": warning: call to .* will always overflow destination buffer"
1191 - ": warning: assuming pointer wraparound does not occur when comparing"
1192 - ": warning: hex escape sequence out of range"
1193 - ": warning: [^ ]*-hand operand of comma .*has no effect"
1194 - ": warning: converting to non-pointer type .* from NULL"
1195 - ": warning: NULL used in arithmetic"
1196 - ": warning: passing NULL to non-pointer argument"
1197 - ": warning: the address of [^ ]* will always evaluate as"
1198 - ": warning: the address of [^ ]* will never be NULL"
1199 - ": warning: too few arguments for format"
1200 - ": warning: reference to local variable .* returned"
1201 - ": warning: returning reference to temporary"
1202 - ": warning: function returns address of local variable"
1203 - ": warning: .*\\[-Wsizeof-pointer-memaccess\\]"
1204 - ": warning: .*\\[-Waggressive-loop-optimizations\\]"
1205 - # this may be valid code :/
1206 - #": warning: multi-character character constant"
1207 - # need to check these two ...
1208 - #": warning: assuming signed overflow does not occur when"
1209 - #": warning: comparison with string literal results in unspecified behav"
1210 - # yacc/lex likes to trigger this one
1211 - #": warning: extra tokens at end of .* directive"
1212 - # only gcc itself triggers this ?
1213 - #": warning: .*noreturn.* function does return"
1214 - # these throw false positives when 0 is used instead of NULL
1215 - #": warning: missing sentinel in function call"
1216 - #": warning: not enough variable arguments to fit a sentinel"
1217 - )
1218 - abort="no"
1219 - i=0
1220 - local grep_cmd=grep
1221 - [[ $PORTAGE_LOG_FILE = *.gz ]] && grep_cmd=zgrep
1222 - while [[ -n ${msgs[${i}]} ]] ; do
1223 - m=${msgs[$((i++))]}
1224 - # force C locale to work around slow unicode locales #160234
1225 - f=$(LC_ALL=C $grep_cmd "${m}" "${PORTAGE_LOG_FILE}")
1226 - if [[ -n ${f} ]] ; then
1227 - abort="yes"
1228 - # for now, don't make this fatal (see bug #337031)
1229 - #case "$m" in
1230 - # ": warning: call to .* will always overflow destination buffer") always_overflow=yes ;;
1231 - #esac
1232 - if [[ $always_overflow = yes ]] ; then
1233 - eerror
1234 - eerror "QA Notice: Package triggers severe warnings which indicate that it"
1235 - eerror " may exhibit random runtime failures."
1236 - eerror
1237 - eerror "${f}"
1238 - eerror
1239 - eerror " Please file a bug about this at http://bugs.gentoo.org/"
1240 - eerror " with the maintaining herd of the package."
1241 - eerror
1242 - else
1243 - __vecho -ne '\n'
1244 - eqawarn "QA Notice: Package triggers severe warnings which indicate that it"
1245 - eqawarn " may exhibit random runtime failures."
1246 - eqawarn "${f}"
1247 - __vecho -ne '\n'
1248 - fi
1249 - fi
1250 - done
1251 - local cat_cmd=cat
1252 - [[ $PORTAGE_LOG_FILE = *.gz ]] && cat_cmd=zcat
1253 - [[ $reset_debug = 1 ]] && set -x
1254 - # Use safe cwd, avoiding unsafe import for bug #469338.
1255 - f=$(cd "${PORTAGE_PYM_PATH}" ; $cat_cmd "${PORTAGE_LOG_FILE}" | \
1256 - "${PORTAGE_PYTHON:-@PREFIX_PORTAGE_PYTHON@}" "$PORTAGE_BIN_PATH"/check-implicit-pointer-usage.py || die "check-implicit-pointer-usage.py failed")
1257 - if [[ -n ${f} ]] ; then
1258 -
1259 - # In the future this will be a forced "die". In preparation,
1260 - # increase the log level from "qa" to "eerror" so that people
1261 - # are aware this is a problem that must be fixed asap.
1262 -
1263 - # just warn on 32bit hosts but bail on 64bit hosts
1264 - case ${CHOST} in
1265 - alpha*|hppa64*|ia64*|powerpc64*|mips64*|sparc64*|sparcv9*|x86_64*) gentoo_bug=yes ;;
1266 - esac
1267 -
1268 - abort=yes
1269 -
1270 - if [[ $gentoo_bug = yes ]] ; then
1271 - eerror
1272 - eerror "QA Notice: Package triggers severe warnings which indicate that it"
1273 - eerror " will almost certainly crash on 64bit architectures."
1274 - eerror
1275 - eerror "${f}"
1276 - eerror
1277 - eerror " Please file a bug about this at http://bugs.gentoo.org/"
1278 - eerror " with the maintaining herd of the package."
1279 - eerror
1280 - else
1281 - __vecho -ne '\n'
1282 - eqawarn "QA Notice: Package triggers severe warnings which indicate that it"
1283 - eqawarn " will almost certainly crash on 64bit architectures."
1284 - eqawarn "${f}"
1285 - __vecho -ne '\n'
1286 - fi
1287 -
1288 - fi
1289 - if [[ ${abort} == "yes" ]] ; then
1290 - if [[ $gentoo_bug = yes || $always_overflow = yes ]] ; then
1291 - die "install aborted due to severe warnings shown above"
1292 - else
1293 - echo "Please do not file a Gentoo bug and instead" \
1294 - "report the above QA issues directly to the upstream" \
1295 - "developers of this software." | fmt -w 70 | \
1296 - while read -r line ; do eqawarn "${line}" ; done
1297 - eqawarn "Homepage: ${HOMEPAGE}"
1298 - has stricter ${FEATURES} && \
1299 - die "install aborted due to severe warnings shown above"
1300 - fi
1301 - fi
1302 - fi
1303 -
1304 # Portage regenerates this on the installed system.
1305 rm -f "${ED}"/usr/share/info/dir{,.gz,.bz2} || die "rm failed!"
1306 -
1307 - if has multilib-strict ${FEATURES} && \
1308 - [[ -x ${EPREFIX}/usr/bin/file && -x ${EPREFIX}/usr/bin/find ]] && \
1309 - [[ -n ${MULTILIB_STRICT_DIRS} && -n ${MULTILIB_STRICT_DENY} ]]
1310 - then
1311 - rm -f "${T}/multilib-strict.log"
1312 - local abort=no dir file
1313 - MULTILIB_STRICT_EXEMPT=$(echo ${MULTILIB_STRICT_EXEMPT} | sed -e 's:\([(|)]\):\\\1:g')
1314 - for dir in ${MULTILIB_STRICT_DIRS} ; do
1315 - [[ -d ${ED}/${dir} ]] || continue
1316 - for file in $(find ${ED}/${dir} -type f | grep -v "^${ED}/${dir}/${MULTILIB_STRICT_EXEMPT}"); do
1317 - if file ${file} | egrep -q "${MULTILIB_STRICT_DENY}" ; then
1318 - echo "${file#${ED}//}" >> "${T}/multilib-strict.log"
1319 - fi
1320 - done
1321 - done
1322 -
1323 - if [[ -s ${T}/multilib-strict.log ]] ; then
1324 - if [[ ${#QA_MULTILIB_PATHS[@]} -eq 1 ]] ; then
1325 - local shopts=$-
1326 - set -o noglob
1327 - QA_MULTILIB_PATHS=(${QA_MULTILIB_PATHS})
1328 - set +o noglob
1329 - set -${shopts}
1330 - fi
1331 - if [ "${QA_STRICT_MULTILIB_PATHS-unset}" = unset ] ; then
1332 - for x in "${QA_MULTILIB_PATHS[@]}" ; do
1333 - sed -e "s#^${x#/}\$##" -i "${T}/multilib-strict.log"
1334 - done
1335 - sed -e "/^\$/d" -i "${T}/multilib-strict.log"
1336 - fi
1337 - if [[ -s ${T}/multilib-strict.log ]] ; then
1338 - abort=yes
1339 - echo "Files matching a file type that is not allowed:"
1340 - while read -r ; do
1341 - echo " ${REPLY}"
1342 - done < "${T}/multilib-strict.log"
1343 - fi
1344 - fi
1345 -
1346 - [[ ${abort} == yes ]] && die "multilib-strict check failed!"
1347 - fi
1348 - }
1349 -
1350 - install_qa_check_prefix() {
1351 - if [[ -d ${ED%/}/${D} ]] ; then
1352 - find "${ED%/}/${D}" | \
1353 - while read i ; do
1354 - eqawarn "QA Notice: /${i##${ED%/}/${D}} installed in \${ED}/\${D}"
1355 - done
1356 - die "Aborting due to QA concerns: files installed in ${ED}/${D}"
1357 - fi
1358 -
1359 - if [[ -d ${ED%/}/${EPREFIX} ]] ; then
1360 - find "${ED%/}/${EPREFIX}/" | \
1361 - while read i ; do
1362 - eqawarn "QA Notice: ${i#${D}} double prefix"
1363 - done
1364 - die "Aborting due to QA concerns: double prefix files installed"
1365 - fi
1366 -
1367 - if [[ -d ${D} ]] ; then
1368 - INSTALLTOD=$(find ${D%/} | egrep -v "^${ED}" | sed -e "s|^${D%/}||" | awk '{if (length($0) <= length("'"${EPREFIX}"'")) { if (substr("'"${EPREFIX}"'", 1, length($0)) != $0) {print $0;} } else if (substr($0, 1, length("'"${EPREFIX}"'")) != "'"${EPREFIX}"'") {print $0;} }')
1369 - if [[ -n ${INSTALLTOD} ]] ; then
1370 - eqawarn "QA Notice: the following files are outside of the prefix:"
1371 - eqawarn "${INSTALLTOD}"
1372 - die "Aborting due to QA concerns: there are files installed outside the prefix"
1373 - fi
1374 - fi
1375 -
1376 - # all further checks rely on ${ED} existing
1377 - [[ -d ${ED} ]] || return
1378 -
1379 - # check shebangs, bug #282539
1380 - rm -f "${T}"/non-prefix-shebangs-errs
1381 - local WHITELIST=" /usr/bin/env "
1382 - # this is hell expensive, but how else?
1383 - find "${ED}" -executable \! -type d -print0 \
1384 - | xargs -0 grep -H -n -m1 "^#!" \
1385 - | while read f ;
1386 - do
1387 - local fn=${f%%:*}
1388 - local pos=${f#*:} ; pos=${pos%:*}
1389 - local line=${f##*:}
1390 - # shebang always appears on the first line ;)
1391 - [[ ${pos} != 1 ]] && continue
1392 - local oldIFS=${IFS}
1393 - IFS=$'\r'$'\n'$'\t'" "
1394 - line=( ${line#"#!"} )
1395 - IFS=${oldIFS}
1396 - [[ ${WHITELIST} == *" ${line[0]} "* ]] && continue
1397 - local fp=${fn#${D}} ; fp=/${fp%/*}
1398 - # line[0] can be an absolutised path, bug #342929
1399 - local eprefix=$(canonicalize ${EPREFIX})
1400 - local rf=${fn}
1401 - # in case we deal with a symlink, make sure we don't replace it
1402 - # with a real file (sed -i does that)
1403 - if [[ -L ${fn} ]] ; then
1404 - rf=$(readlink ${fn})
1405 - [[ ${rf} != /* ]] && rf=${fn%/*}/${rf}
1406 - # ignore symlinks pointing to outside prefix
1407 - # as seen in sys-devel/native-cctools
1408 - [[ $(canonicalize "/${rf#${D}}") != ${eprefix}/* ]] && continue
1409 - fi
1410 - # does the shebang start with ${EPREFIX}, and does it exist?
1411 - if [[ ${line[0]} == ${EPREFIX}/* || ${line[0]} == ${eprefix}/* ]] ; then
1412 - if [[ ! -e ${ROOT%/}${line[0]} && ! -e ${D%/}${line[0]} ]] ; then
1413 - # hmm, refers explicitly to $EPREFIX, but doesn't exist,
1414 - # if it's in PATH that's wrong in any case
1415 - if [[ ":${PATH}:" == *":${fp}:"* ]] ; then
1416 - echo "${fn#${D}}:${line[0]} (explicit EPREFIX but target not found)" \
1417 - >> "${T}"/non-prefix-shebangs-errs
1418 - else
1419 - eqawarn "${fn#${D}} has explicit EPREFIX in shebang but target not found (${line[0]})"
1420 - fi
1421 - fi
1422 - continue
1423 - fi
1424 - # unprefixed shebang, is the script directly in $PATH or an init
1425 - # script?
1426 - if [[ ":${PATH}:${EPREFIX}/etc/init.d:" == *":${fp}:"* ]] ; then
1427 - if [[ -e ${EROOT}${line[0]} || -e ${ED}${line[0]} ]] ; then
1428 - # is it unprefixed, but we can just fix it because a
1429 - # prefixed variant exists
1430 - eqawarn "prefixing shebang of ${fn#${D}}"
1431 - # statement is made idempotent on purpose, because
1432 - # symlinks may point to the same target, and hence the
1433 - # same real file may be sedded multiple times since we
1434 - # read the shebangs in one go upfront for performance
1435 - # reasons
1436 - sed -i -e '1s:^#! \?'"${line[0]}"':#!'"${EPREFIX}"${line[0]}':' "${rf}"
1437 - continue
1438 - else
1439 - # this is definitely wrong: script in $PATH and invalid shebang
1440 - echo "${fn#${D}}:${line[0]} (script ${fn##*/} installed in PATH but interpreter ${line[0]} not found)" \
1441 - >> "${T}"/non-prefix-shebangs-errs
1442 - fi
1443 - else
1444 - # unprefixed/invalid shebang, but outside $PATH, this may be
1445 - # intended (e.g. config.guess) so remain silent by default
1446 - has stricter ${FEATURES} && \
1447 - eqawarn "invalid shebang in ${fn#${D}}: ${line[0]}"
1448 - fi
1449 - done
1450 - if [[ -e "${T}"/non-prefix-shebangs-errs ]] ; then
1451 - eqawarn "QA Notice: the following files use invalid (possible non-prefixed) shebangs:"
1452 - while read line ; do
1453 - eqawarn " ${line}"
1454 - done < "${T}"/non-prefix-shebangs-errs
1455 - rm -f "${T}"/non-prefix-shebangs-errs
1456 - die "Aborting due to QA concerns: invalid shebangs found"
1457 - fi
1458 }
1459
1460 +install_qa_check_macho() {
1461 + if ! has binchecks ${RESTRICT} ; then
1462 + # on Darwin, dynamic libraries are called .dylibs instead of
1463 + # .sos. In addition the version component is before the
1464 + # extension, not after it. Check for this, and *only* warn
1465 + # about it. Some packages do ship .so files on Darwin and make
1466 + # it work (ugly!).
1467 + rm -f "${T}/mach-o.check"
1468 + find ${ED%/} -name "*.so" -or -name "*.so.*" | \
1469 + while read i ; do
1470 + [[ $(file $i) == *"Mach-O"* ]] && \
1471 + echo "${i#${D}}" >> "${T}/mach-o.check"
1472 + done
1473 + if [[ -f ${T}/mach-o.check ]] ; then
1474 + f=$(< "${T}/mach-o.check")
1475 + vecho -ne '\a\n'
1476 + eqawarn "QA Notice: Found .so dynamic libraries on Darwin:"
1477 + eqawarn " ${f//$'\n'/\n }"
1478 + fi
1479 + rm -f "${T}/mach-o.check"
1480 +
1481 + # The naming for dynamic libraries is different on Darwin; the
1482 + # version component is before the extention, instead of after
1483 + # it, as with .sos. Again, make this a warning only.
1484 + rm -f "${T}/mach-o.check"
1485 + find ${ED%/} -name "*.dylib.*" | \
1486 + while read i ; do
1487 + echo "${i#${D}}" >> "${T}/mach-o.check"
1488 + done
1489 + if [[ -f "${T}/mach-o.check" ]] ; then
1490 + f=$(< "${T}/mach-o.check")
1491 + vecho -ne '\a\n'
1492 + eqawarn "QA Notice: Found wrongly named dynamic libraries on Darwin:"
1493 + eqawarn " ${f// /\n }"
1494 + fi
1495 + rm -f "${T}/mach-o.check"
1496 + fi
1497 +
1498 + install_name_is_relative() {
1499 + case $1 in
1500 + "@executable_path/"*) return 0 ;;
1501 + "@loader_path"/*) return 0 ;;
1502 + "@rpath/"*) return 0 ;;
1503 + *) return 1 ;;
1504 + esac
1505 + }
1506 +
1507 + # While we generate the NEEDED files, check that we don't get kernel
1508 + # traps at runtime because of broken install_names on Darwin.
1509 + rm -f "${T}"/.install_name_check_failed
1510 + scanmacho -qyRF '%a;%p;%S;%n' "${D}" | { while IFS= read l ; do
1511 + arch=${l%%;*}; l=${l#*;}
1512 + obj="/${l%%;*}"; l=${l#*;}
1513 + install_name=${l%%;*}; l=${l#*;}
1514 + needed=${l%%;*}; l=${l#*;}
1515 +
1516 + ignore=
1517 + qa_var="QA_IGNORE_INSTALL_NAME_FILES_${ARCH/-/_}"
1518 + eval "[[ -n \${!qa_var} ]] &&
1519 + QA_IGNORE_INSTALL_NAME_FILES=(\"\${${qa_var}[@]}\")"
1520 +
1521 + if [[ ${#QA_IGNORE_INSTALL_NAME_FILES[@]} -gt 1 ]] ; then
1522 + for x in "${QA_IGNORE_INSTALL_NAME_FILES[@]}" ; do
1523 + [[ ${obj##*/} == ${x} ]] && \
1524 + ignore=true
1525 + done
1526 + else
1527 + local shopts=$-
1528 + set -o noglob
1529 + for x in ${QA_IGNORE_INSTALL_NAME_FILES} ; do
1530 + [[ ${obj##*/} == ${x} ]] && \
1531 + ignore=true
1532 + done
1533 + set +o noglob
1534 + set -${shopts}
1535 + fi
1536 +
1537 + # See if the self-reference install_name points to an existing
1538 + # and to be installed file. This usually is a symlink for the
1539 + # major version.
1540 + if install_name_is_relative ${install_name} ; then
1541 + # try to locate the library in the installed image
1542 + local inpath=${install_name#@*/}
1543 + local libl
1544 + for libl in $(find "${ED}" -name "${inpath##*/}") ; do
1545 + if [[ ${libl} == */${inpath} ]] ; then
1546 + install_name=/${libl#${D}}
1547 + break
1548 + fi
1549 + done
1550 + fi
1551 + if [[ ! -e ${D}${install_name} ]] ; then
1552 + eqawarn "QA Notice: invalid self-reference install_name ${install_name} in ${obj}"
1553 + # remember we are in an implicit subshell, that's
1554 + # why we touch a file here ... ideally we should be
1555 + # able to die correctly/nicely here
1556 + [[ -z ${ignore} && touch "${T}"/.install_name_check_failed
1557 + fi
1558 +
1559 + # this is ugly, paths with spaces won't work
1560 + for lib in ${needed//,/ } ; do
1561 + if [[ ${lib} == ${D}* ]] ; then
1562 + eqawarn "QA Notice: install_name references \${D}: ${lib} in ${obj}"
1563 + [[ -z ${ignore} && touch "${T}"/.install_name_check_failed
1564 + elif [[ ${lib} == ${S}* ]] ; then
1565 + eqawarn "QA Notice: install_name references \${S}: ${lib} in ${obj}"
1566 + [[ -z ${ignore} && touch "${T}"/.install_name_check_failed
1567 + elif ! install_name_is_relative ${lib} && [[ ! -e ${lib} && ! -e ${D}${lib} ]] ; then
1568 + eqawarn "QA Notice: invalid reference to ${lib} in ${obj}"
1569 + [[ -z ${ignore} && touch "${T}"/.install_name_check_failed
1570 + fi
1571 + done
1572 +
1573 + # backwards compatibility
1574 + echo "${obj} ${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED
1575 + # what we use
1576 + echo "${arch};${obj};${install_name};${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.MACHO.3
1577 + done }
1578 + if [[ -f ${T}/.install_name_check_failed ]] ; then
1579 + # secret switch "allow_broken_install_names" to get
1580 + # around this and install broken crap (not a good idea)
1581 + has allow_broken_install_names ${FEATURES} || \
1582 + die "invalid install_name found, your application or library will crash at runtime"
1583 + fi
1584 +}
1585 +
1586 +install_qa_check_pecoff() {
1587 + local _pfx_scan="readpecoff ${CHOST}"
1588 +
1589 + # this one uses readpecoff, which supports multiple prefix platforms!
1590 + # this is absolutely _not_ optimized for speed, and there may be plenty
1591 + # of possibilities by introducing one or the other cache!
1592 + if ! has binchecks ${RESTRICT}; then
1593 + # copied and adapted from the above scanelf code.
1594 + local qa_var insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET}
1595 + local f x
1596 +
1597 + # display warnings when using stricter because we die afterwards
1598 + if has stricter ${FEATURES} ; then
1599 + unset PORTAGE_QUIET
1600 + fi
1601 +
1602 + local _exec_find_opt="-executable"
1603 + [[ ${CHOST} == *-winnt* ]] && _exec_find_opt='-name *.dll -o -name *.exe'
1604 +
1605 + # Make sure we disallow insecure RUNPATH/RPATH's
1606 + # Don't want paths that point to the tree where the package was built
1607 + # (older, broken libtools would do this). Also check for null paths
1608 + # because the loader will search $PWD when it finds null paths.
1609 +
1610 + f=$(
1611 + find "${ED}" -type f '(' ${_exec_find_opt} ')' -print0 | xargs -0 ${_pfx_scan} | \
1612 + while IFS=";" read arch obj soname rpath needed ; do \
1613 + echo "${rpath}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )" > /dev/null 2>&1 \
1614 + && echo "${obj}"; done;
1615 + )
1616 + # Reject set*id binaries with $ORIGIN in RPATH #260331
1617 + x=$(
1618 + find "${ED}" -type f '(' -perm -u+s -o -perm -g+s ')' -print0 | \
1619 + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; do \
1620 + echo "${rpath}" | grep '$ORIGIN' > /dev/null 2>&1 && echo "${obj}"; done;
1621 + )
1622 + if [[ -n ${f}${x} ]] ; then
1623 + vecho -ne '\a\n'
1624 + eqawarn "QA Notice: The following files contain insecure RUNPATH's"
1625 + eqawarn " Please file a bug about this at http://bugs.gentoo.org/"
1626 + eqawarn " with the maintaining herd of the package."
1627 + eqawarn "${f}${f:+${x:+\n}}${x}"
1628 + vecho -ne '\a\n'
1629 + if [[ -n ${x} ]] || has stricter ${FEATURES} ; then
1630 + insecure_rpath=1
1631 + else
1632 + eqawarn "cannot automatically fix runpaths on interix platforms!"
1633 + fi
1634 + fi
1635 +
1636 + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED
1637 + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1
1638 +
1639 + # Save NEEDED information after removing self-contained providers
1640 + find "${ED}" -type f '(' ${_exec_find_opt} ')' -print0 | xargs -0 ${_pfx_scan} | { while IFS=';' read arch obj soname rpath needed; do
1641 + # need to strip image dir from object name.
1642 + obj="/${obj#${D}}"
1643 + if [ -z "${rpath}" -o -n "${rpath//*ORIGIN*}" ]; then
1644 + # object doesn't contain $ORIGIN in its runpath attribute
1645 + echo "${obj} ${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED
1646 + echo "${arch};${obj};${soname};${rpath};${needed}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1
1647 + else
1648 + dir=${obj%/*}
1649 + # replace $ORIGIN with the dirname of the current object for the lookup
1650 + opath=$(echo :${rpath}: | sed -e "s#.*:\(.*\)\$ORIGIN\(.*\):.*#\1${dir}\2#")
1651 + sneeded=$(echo ${needed} | tr , ' ')
1652 + rneeded=""
1653 + for lib in ${sneeded}; do
1654 + found=0
1655 + for path in ${opath//:/ }; do
1656 + [ -e "${ED}/${path}/${lib}" ] && found=1 && break
1657 + done
1658 + [ "${found}" -eq 0 ] && rneeded="${rneeded},${lib}"
1659 + done
1660 + rneeded=${rneeded:1}
1661 + if [ -n "${rneeded}" ]; then
1662 + echo "${obj} ${rneeded}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED
1663 + echo "${arch};${obj};${soname};${rpath};${rneeded}" >> "${PORTAGE_BUILDDIR}"/build-info/NEEDED.PECOFF.1
1664 + fi
1665 + fi
1666 + done }
1667 +
1668 + if [[ ${insecure_rpath} -eq 1 ]] ; then
1669 + die "Aborting due to serious QA concerns with RUNPATH/RPATH"
1670 + elif [[ -n ${die_msg} ]] && has stricter ${FEATURES} ; then
1671 + die "Aborting due to QA concerns: ${die_msg}"
1672 + fi
1673 +
1674 + local _so_ext='.so*'
1675 +
1676 + case "${CHOST}" in
1677 + *-winnt*) _so_ext=".dll" ;; # no "*" intentionally!
1678 + esac
1679 +
1680 + # Run some sanity checks on shared libraries
1681 + for d in "${ED}"lib* "${ED}"usr/lib* ; do
1682 + [[ -d "${d}" ]] || continue
1683 + f=$(find "${d}" -name "lib*${_so_ext}" -print0 | \
1684 + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; \
1685 + do [[ -z "${soname}" ]] && echo "${obj}"; done)
1686 + if [[ -n ${f} ]] ; then
1687 + vecho -ne '\a\n'
1688 + eqawarn "QA Notice: The following shared libraries lack a SONAME"
1689 + eqawarn "${f}"
1690 + vecho -ne '\a\n'
1691 + sleep 1
1692 + fi
1693 +
1694 + f=$(find "${d}" -name "lib*${_so_ext}" -print0 | \
1695 + xargs -0 ${_pfx_scan} | while IFS=";" read arch obj soname rpath needed; \
1696 + do [[ -z "${needed}" ]] && echo "${obj}"; done)
1697 + if [[ -n ${f} ]] ; then
1698 + vecho -ne '\a\n'
1699 + eqawarn "QA Notice: The following shared libraries lack NEEDED entries"
1700 + eqawarn "${f}"
1701 + vecho -ne '\a\n'
1702 + sleep 1
1703 + fi
1704 + done
1705 +
1706 + PORTAGE_QUIET=${tmp_quiet}
1707 + fi
1708 +}
1709 +
1710 +install_qa_check_xcoff() {
1711 + if ! has binchecks ${RESTRICT}; then
1712 + local tmp_quiet=${PORTAGE_QUIET}
1713 + local queryline deplib
1714 + local insecure_rpath_list= undefined_symbols_list=
1715 +
1716 + # display warnings when using stricter because we die afterwards
1717 + if has stricter ${FEATURES} ; then
1718 + unset PORTAGE_QUIET
1719 + fi
1720 +
1721 + rm -f "${PORTAGE_BUILDDIR}"/build-info/NEEDED.XCOFF.1
1722 +
1723 + local neededfd
1724 + for neededfd in {3..1024} none; do ( : <&${neededfd} ) 2>/dev/null || break; done
1725 + [[ ${neededfd} != none ]] || die "cannot find free file descriptor handle"
1726 +
1727 + eval "exec ${neededfd}>\"${PORTAGE_BUILDDIR}\"/build-info/NEEDED.XCOFF.1" || die "cannot open ${PORTAGE_BUILDDIR}/build-info/NEEDED.XCOFF.1"
1728 +
1729 + ( # work around a problem in /usr/bin/dump (used by aixdll-query)
1730 + # dumping core when path names get too long.
1731 + cd "${ED}" >/dev/null &&
1732 + find . -not -type d -exec \
1733 + aixdll-query '{}' FILE MEMBER FLAGS FORMAT RUNPATH DEPLIBS ';'
1734 + ) > "${T}"/needed 2>/dev/null
1735 +
1736 + # Symlinking shared archive libraries is not a good idea on aix,
1737 + # as there is nothing like "soname" on pure filesystem level.
1738 + # So we create a copy instead of the symlink.
1739 + local prev_FILE=
1740 + local FILE MEMBER FLAGS FORMAT RUNPATH DEPLIBS
1741 + while read queryline
1742 + do
1743 + FILE= MEMBER= FLAGS= FORMAT= RUNPATH= DEPLIBS=
1744 + eval ${queryline}
1745 + FILE=${FILE#./}
1746 +
1747 + if [[ ${prev_FILE} != ${FILE} ]]; then
1748 + if [[ " ${FLAGS} " == *" SHROBJ "* && -h ${ED}${FILE} ]]; then
1749 + prev_FILE=${FILE}
1750 + local target=$(readlink "${ED}${FILE}")
1751 + if [[ ${target} == /* ]]; then
1752 + target=${D}${target}
1753 + else
1754 + target=${FILE%/*}/${target}
1755 + fi
1756 + rm -f "${ED}${FILE}" || die "cannot prune ${FILE}"
1757 + cp -f "${ED}${target}" "${ED}${FILE}" || die "cannot copy ${target} to ${FILE}"
1758 + fi
1759 + fi
1760 + done <"${T}"/needed
1761 +
1762 + prev_FILE=
1763 + while read queryline
1764 + do
1765 + FILE= MEMBER= FLAGS= FORMAT= RUNPATH= DEPLIBS=
1766 + eval ${queryline}
1767 + FILE=${FILE#./}
1768 +
1769 + if [[ -n ${MEMBER} && ${prev_FILE} != ${FILE} ]]; then
1770 + # Save NEEDED information for each archive library stub
1771 + # even if it is static only: the already installed archive
1772 + # may contain shared objects to be preserved.
1773 + echo "${FORMAT##* }${FORMAT%%-*};${EPREFIX}/${FILE};${FILE##*/};;" >&${neededfd}
1774 + fi
1775 + prev_FILE=${FILE}
1776 +
1777 + # shared objects have both EXEC and SHROBJ flags,
1778 + # while executables have EXEC flag only.
1779 + [[ " ${FLAGS} " == *" EXEC "* ]] || continue
1780 +
1781 + # Make sure we disallow insecure RUNPATH's
1782 + # Don't want paths that point to the tree where the package was built
1783 + # (older, broken libtools would do this). Also check for null paths
1784 + # because the loader will search $PWD when it finds null paths.
1785 + # And we really want absolute paths only.
1786 + if [[ -n $(echo ":${RUNPATH}:" | grep -E "(${PORTAGE_BUILDDIR}|::|:[^/])") ]]; then
1787 + insecure_rpath_list="${insecure_rpath_list}\n${FILE}${MEMBER:+[${MEMBER}]}"
1788 + fi
1789 +
1790 + local needed=
1791 + [[ -n ${MEMBER} ]] && needed=${FILE##*/}
1792 + for deplib in ${DEPLIBS}; do
1793 + eval deplib=${deplib}
1794 + if [[ ${deplib} == '.' || ${deplib} == '..' ]]; then
1795 + # Although we do have runtime linking, we don't want undefined symbols.
1796 + # AIX does indicate this by needing either '.' or '..'
1797 + undefined_symbols_list="${undefined_symbols_list}\n${FILE}"
1798 + else
1799 + needed="${needed}${needed:+,}${deplib}"
1800 + fi
1801 + done
1802 +
1803 + FILE=${EPREFIX}/${FILE}
1804 +
1805 + [[ -n ${MEMBER} ]] && MEMBER="[${MEMBER}]"
1806 + # Save NEEDED information
1807 + echo "${FORMAT##* }${FORMAT%%-*};${FILE}${MEMBER};${FILE##*/}${MEMBER};${RUNPATH};${needed}" >&${neededfd}
1808 + done <"${T}"/needed
1809 +
1810 + eval "exec ${neededfd}>&-" || die "cannot close handle to ${PORTAGE_BUILDDIR}/build-info/NEEDED.XCOFF.1"
1811 +
1812 + if [[ -n ${undefined_symbols_list} ]]; then
1813 + vecho -ne '\a\n'
1814 + eqawarn "QA Notice: The following files contain undefined symbols."
1815 + eqawarn " Please file a bug about this at http://bugs.gentoo.org/"
1816 + eqawarn " with 'prefix' as the maintaining herd of the package."
1817 + eqawarn "${undefined_symbols_list}"
1818 + vecho -ne '\a\n'
1819 + fi
1820 +
1821 + if [[ -n ${insecure_rpath_list} ]] ; then
1822 + vecho -ne '\a\n'
1823 + eqawarn "QA Notice: The following files contain insecure RUNPATH's"
1824 + eqawarn " Please file a bug about this at http://bugs.gentoo.org/"
1825 + eqawarn " with 'prefix' as the maintaining herd of the package."
1826 + eqawarn "${insecure_rpath_list}"
1827 + vecho -ne '\a\n'
1828 + if has stricter ${FEATURES} ; then
1829 + insecure_rpath=1
1830 + fi
1831 + fi
1832 +
1833 + if [[ ${insecure_rpath} -eq 1 ]] ; then
1834 + die "Aborting due to serious QA concerns with RUNPATH/RPATH"
1835 + elif [[ -n ${die_msg} ]] && has stricter ${FEATURES} ; then
1836 + die "Aborting due to QA concerns: ${die_msg}"
1837 + fi
1838 +
1839 + PORTAGE_QUIET=${tmp_quiet}
1840 + fi
1841 +}
1842 +
1843 install_mask() {
1844 local root="$1"
1845 shift
1846 diff --cc bin/portageq
1847 index ea9dfde,009f116..7b9e177
1848 --- a/bin/portageq
1849 +++ b/bin/portageq
1850 @@@ -23,22 -23,22 +23,22 @@@ except KeyboardInterrupt
1851 import os
1852 import types
1853
1854 -if os.path.isfile(os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))), ".portage_not_installed")):
1855 - pym_paths = [os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))), "pym")]
1856 - sys.path.insert(0, pym_paths[0])
1857 +# for an explanation on this logic, see pym/_emerge/__init__.py
1858 +if os.environ.__contains__("PORTAGE_PYTHONPATH"):
1859 + pym_path = os.environ["PORTAGE_PYTHONPATH"]
1860 else:
1861 - import distutils.sysconfig
1862 - pym_paths = [os.path.join(distutils.sysconfig.get_python_lib(), x) for x in ("_emerge", "portage")]
1863 + pym_path = os.path.join(os.path.dirname(
1864 + os.path.dirname(os.path.realpath(__file__))), "pym")
1865 - # Avoid sandbox violations after python upgrade.
1866 + # Avoid sandbox violations after Python upgrade.
1867 if os.environ.get("SANDBOX_ON") == "1":
1868 sandbox_write = os.environ.get("SANDBOX_WRITE", "").split(":")
1869 - if pym_path not in sandbox_write:
1870 - sandbox_write.append(pym_path)
1871 - os.environ["SANDBOX_WRITE"] = \
1872 - ":".join(filter(None, sandbox_write))
1873 - del sandbox_write
1874 + for pym_path in pym_paths:
1875 + if pym_path not in sandbox_write:
1876 + sandbox_write.append(pym_path)
1877 + os.environ["SANDBOX_WRITE"] = ":".join(filter(None, sandbox_write))
1878 + del pym_path, sandbox_write
1879 + del pym_paths
1880
1881 - sys.path.insert(0, pym_path)
1882 import portage
1883 portage._internal_caller = True
1884 from portage import os
1885 diff --cc pym/portage/const.py
1886 index 89d7ee2,acb90f9..5f00fab
1887 --- a/pym/portage/const.py
1888 +++ b/pym/portage/const.py
1889 @@@ -65,35 -58,23 +65,36 @@@ DEPCACHE_PATH = "/var/cache/
1890 GLOBAL_CONFIG_PATH = "/usr/share/portage/config"
1891
1892 # these variables are not used with target_root or config_root
1893 +PORTAGE_BASE_PATH = PORTAGE_BASE
1894 # NOTE: Use realpath(__file__) so that python module symlinks in site-packages
1895 # are followed back to the real location of the whole portage installation.
1896 +#PREFIX: below should work, but I'm not sure how it it affects other places
1897 - #PORTAGE_BASE_PATH = os.path.join(os.sep, os.sep.join(os.path.realpath(
1898 - # __file__.rstrip("co")).split(os.sep)[:-3]))
1899 + # NOTE: Please keep PORTAGE_BASE_PATH in one line to help substitutions.
1900 -PORTAGE_BASE_PATH = os.path.join(os.sep, os.sep.join(os.path.realpath(__file__.rstrip("co")).split(os.sep)[:-3]))
1901 ++#PORTAGE_BASE_PATH = os.path.join(os.sep, os.sep.join(os.path.realpath(__file__.rstrip("co")).split(os.sep)[:-3]))
1902 PORTAGE_BIN_PATH = PORTAGE_BASE_PATH + "/bin"
1903 - PORTAGE_PYM_PATH = PORTAGE_BASE_PATH + "/pym"
1904 + PORTAGE_PYM_PATH = os.path.realpath(os.path.join(__file__, '../..'))
1905 LOCALE_DATA_PATH = PORTAGE_BASE_PATH + "/locale" # FIXME: not used
1906 EBUILD_SH_BINARY = PORTAGE_BIN_PATH + "/ebuild.sh"
1907 MISC_SH_BINARY = PORTAGE_BIN_PATH + "/misc-functions.sh"
1908 -SANDBOX_BINARY = "/usr/bin/sandbox"
1909 -FAKEROOT_BINARY = "/usr/bin/fakeroot"
1910 -BASH_BINARY = "/bin/bash"
1911 -MOVE_BINARY = "/bin/mv"
1912 +SANDBOX_BINARY = EPREFIX + "/usr/bin/sandbox"
1913 +FAKEROOT_BINARY = EPREFIX + "/usr/bin/fakeroot"
1914 +BASH_BINARY = PORTAGE_BASH
1915 +MOVE_BINARY = PORTAGE_MV
1916 PRELINK_BINARY = "/usr/sbin/prelink"
1917 +MACOSSANDBOX_BINARY = "/usr/bin/sandbox-exec"
1918 +MACOSSANDBOX_PROFILE = '''(version 1)
1919 +(allow default)
1920 +(deny file-write*)
1921 +(allow file-write*
1922 +@@MACOSSANDBOX_PATHS@@)
1923 +(allow file-write-data
1924 +@@MACOSSANDBOX_PATHS_CONTENT_ONLY@@)'''
1925 +
1926 +PORTAGE_GROUPNAME = portagegroup
1927 +PORTAGE_USERNAME = portageuser
1928
1929 INVALID_ENV_FILE = "/etc/spork/is/not/valid/profile.env"
1930 + MERGING_IDENTIFIER = "-MERGING-"
1931 REPO_NAME_FILE = "repo_name"
1932 REPO_NAME_LOC = "profiles" + "/" + REPO_NAME_FILE
1933
1934 diff --cc pym/portage/dbapi/vartree.py
1935 index 040b546,b46ba0b..deeb779
1936 --- a/pym/portage/dbapi/vartree.py
1937 +++ b/pym/portage/dbapi/vartree.py
1938 @@@ -48,7 -46,7 +49,7 @@@ portage.proxy.lazyimport.lazyimport(glo
1939 )
1940
1941 from portage.const import CACHE_PATH, CONFIG_MEMORY_FILE, \
1942 - PORTAGE_PACKAGE_ATOM, PRIVATE_PATH, VDB_PATH, EPREFIX, EPREFIX_LSTRIP, BASH_BINARY
1943 - MERGING_IDENTIFIER, PORTAGE_PACKAGE_ATOM, PRIVATE_PATH, VDB_PATH
1944 ++ MERGING_IDENTIFIER, PORTAGE_PACKAGE_ATOM, PRIVATE_PATH, VDB_PATH, EPREFIX, EPREFIX_LSTRIP, BASH_BINARY
1945 from portage.dbapi import dbapi
1946 from portage.exception import CommandNotFound, \
1947 InvalidData, InvalidLocation, InvalidPackageName, \
1948 diff --cc pym/portage/package/ebuild/config.py
1949 index fb4956d,264ed8e..6e578a9
1950 --- a/pym/portage/package/ebuild/config.py
1951 +++ b/pym/portage/package/ebuild/config.py
1952 @@@ -37,10 -37,11 +37,11 @@@ from portage.dep import Atom, isvalidat
1953 from portage.eapi import eapi_exports_AA, eapi_exports_merge_type, \
1954 eapi_supports_prefix, eapi_exports_replace_vars, _get_eapi_attrs
1955 from portage.env.loaders import KeyValuePairFileLoader
1956 - from portage.exception import InvalidDependString, PortageException
1957 + from portage.exception import InvalidDependString, IsADirectory, \
1958 + PortageException
1959 from portage.localization import _
1960 from portage.output import colorize
1961 -from portage.process import fakeroot_capable, sandbox_capable
1962 +from portage.process import fakeroot_capable, sandbox_capable, macossandbox_capable
1963 from portage.repository.config import load_repository_config
1964 from portage.util import ensure_dirs, getconfig, grabdict, \
1965 grabdict_package, grabfile, grabfile_package, LazyItemsDict, \
1966 diff --cc pym/portage/package/ebuild/doebuild.py
1967 index 3c2167a,d3e3f5a..8e55fe2
1968 --- a/pym/portage/package/ebuild/doebuild.py
1969 +++ b/pym/portage/package/ebuild/doebuild.py
1970 @@@ -46,8 -45,7 +46,7 @@@ from portage import auxdbkeys, bsd_chfl
1971 unmerge, _encodings, _os_merge, \
1972 _shell_quote, _unicode_decode, _unicode_encode
1973 from portage.const import EBUILD_SH_ENV_FILE, EBUILD_SH_ENV_DIR, \
1974 - EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, \
1975 - EPREFIX, MACOSSANDBOX_PROFILE
1976 - EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, PORTAGE_PYM_PACKAGES
1977 ++ EBUILD_SH_BINARY, INVALID_ENV_FILE, MISC_SH_BINARY, PORTAGE_PYM_PACKAGES, EPREFIX, MACOSSANDBOX_PROFILE
1978 from portage.data import portage_gid, portage_uid, secpass, \
1979 uid, userpriv_groups
1980 from portage.dbapi.porttree import _parse_uri_map
Report Message
Find on MARC Find on Google Groups