[gentoo-commits] proj/elfix:elfix-0.8.x commit in: scripts/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/elfix:elfix-0.8.x commit in: scripts/
Date:	Mon, 20 May 2013 20:02:59
Message-Id:	`1369080065.80ecc4d567d711e11702c900a407cb252d937c34.blueness@gentoo`

1

commit:     80ecc4d567d711e11702c900a407cb252d937c34

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Mon May 20 19:46:38 2013 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Mon May 20 20:01:05 2013 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=80ecc4d5

7

8

scripts/pax-mark: bash utility to do what the eclass does

9

10

---

11

 scripts/Makefile.am |    2 +-

12

 scripts/pax-mark    |  111 +++++++++++++++++++++++++++++++++++++++++++++++++++

13

 2 files changed, 112 insertions(+), 1 deletions(-)

14

15

diff --git a/scripts/Makefile.am b/scripts/Makefile.am

16

index 6728a83..5cef3e1 100644

17

--- a/scripts/Makefile.am

18

+++ b/scripts/Makefile.am

19

@@ -1,4 +1,4 @@

20

 ACLOCAL_AMFLAGS = -I m4

21

22

-dist_sbin_SCRIPTS = pypaxctl migrate-pax revdep-pax

23

+dist_sbin_SCRIPTS = migrate-pax pax-mark pypaxctl revdep-pax

24

 EXTRA_DIST = paxmodule.c setup.py

25

26

diff --git a/scripts/pax-mark b/scripts/pax-mark

27

new file mode 100755

28

index 0000000..c8fc7ed

29

--- /dev/null

30

+++ b/scripts/pax-mark

31

@@ -0,0 +1,111 @@

32

+#!/bin/bash -l

33

+

34

+has() {

35

+	[[ "${2/$1/}" != "$2" ]] && return 0

36

+	return 1

37

+}

38

+

39

+pax-mark() {

40

+

41

+	local f					# loop over paxables

42

+	local flags				# pax flags

43

+	local pt_fail=0 pt_failures=""		# record PT_PAX failures

44

+	local xt_fail=0 xt_failures=""		# record xattr PAX marking failures

45

+	local ret=0				# overal return code of this function

46

+

47

+	# Only the actual PaX flags and z are accepted

48

+	# 1. The leading '-' is optional

49

+	# 2. -C -c only make sense for paxctl, but are unnecessary

50

+	#    because we progressively do -q -qc -qC

51

+	# 3. z is allowed for the default

52

+

53

+	flags="${1//[!zPpEeMmRrSs]}"

54

+	[[ "${flags}" ]] || return 0

55

+	shift

56

+

57

+	# z = default. For XATTR_PAX, the default is no xattr field at all

58

+	local dodefault=""

59

+	[[ "${flags//[!z]}" ]] && dodefault="yes"

60

+

61

+	if has PT "${PAX_MARKINGS}"; then

62

+

63

+		#First try paxctl -> this might try to create/convert program headers

64

+		if type -p paxctl > /dev/null; then

65

+			for f in "$@"; do

66

+				# First, try modifying the existing PAX_FLAGS header

67

+				paxctl -q${flags} "${f}" >/dev/null 2>&1 && continue

68

+				# Second, try creating a PT_PAX header (works on ET_EXEC)

69

+				# Even though this is less safe, most exes need it, eg bug #463170

70

+				paxctl -qC${flags} "${f}" >/dev/null 2>&1 && continue

71

+				# Third, try stealing the (unused under PaX) PT_GNU_STACK header

72

+				paxctl -qc${flags} "${f}" >/dev/null 2>&1 && continue

73

+				pt_fail=1

74

+				pt_failures="${pt_failures} ${f}"

75

+			done

76

+

77

+		#Next try paxctl-ng -> this will not create/convert any program headers

78

+		elif type -p paxctl-ng > /dev/null && paxctl-ng -L ; then

79

+			flags="${flags//z}"

80

+			for f in "$@"; do

81

+				[[ ${dodefault} == "yes" ]] && paxctl-ng -L -z "${f}" >/dev/null 2>&1

82

+				[[ "${flags}" ]] || continue

83

+				paxctl-ng -L -${flags} "${f}" >/dev/null 2>&1 && continue

84

+				pt_fail=1

85

+				pt_failures="${pt_failures} ${f}"

86

+			done

87

+

88

+		#Finally fall back on scanelf

89

+		elif type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then

90

+			scanelf -Xxz ${flags} "$@" >/dev/null 2>&1

91

+

92

+		#We failed to set PT_PAX flags

93

+		elif [[ ${PAX_MARKINGS} != "none" ]]; then

94

+			pt_failures="$*"

95

+			pt_fail=1

96

+		fi

97

+

98

+		if [[ ${pt_fail} == 1 ]]; then

99

+			ret=1

100

+		fi

101

+	fi

102

+

103

+	if has XT "${PAX_MARKINGS}"; then

104

+

105

+		flags="${flags//z}"

106

+

107

+		#First try paxctl-ng

108

+		if type -p paxctl-ng > /dev/null && paxctl-ng -l ; then

109

+			for f in "$@"; do

110

+				[[ ${dodefault} == "yes" ]] && paxctl-ng -d "${f}" >/dev/null 2>&1

111

+				[[ "${flags}" ]] || continue

112

+				paxctl-ng -l -${flags} "${f}" >/dev/null 2>&1 && continue

113

+				xt_fail=1

114

+				xt_failures="${tx_failures} ${f}"

115

+			done

116

+

117

+		#Next try setfattr

118

+		elif type -p setfattr > /dev/null; then

119

+			[[ "${flags//[!Ee]}" ]] || flags+="e" # bug 447150

120

+			for f in "$@"; do

121

+				[[ ${dodefault} == "yes" ]] && setfattr -x "user.pax.flags" "${f}" >/dev/null 2>&1

122

+				setfattr -n "user.pax.flags" -v "${flags}" "${f}" >/dev/null 2>&1 && continue

123

+				xt_fail=1

124

+				xt_failures="${tx_failures} ${f}"

125

+			done

126

+

127

+		#We failed to set XATTR_PAX flags

128

+		elif [[ ${PAX_MARKINGS} != "none" ]]; then

129

+			xt_failures="$*"

130

+			xt_fail=1

131

+		fi

132

+

133

+		if [[ ${xt_fail} == 1 ]]; then

134

+			ret=1

135

+		fi

136

+	fi

137

+

138

+	return ${ret}

139

+}

140

+

141

+PAX_MARKINGS=${PAX_MARKINGS:="PT XT"}

142

+pax-mark "$@"

1	commit: 80ecc4d567d711e11702c900a407cb252d937c34
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Mon May 20 19:46:38 2013 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Mon May 20 20:01:05 2013 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=80ecc4d5
7
8	scripts/pax-mark: bash utility to do what the eclass does
9
10	---
11	scripts/Makefile.am \| 2 +-
12	scripts/pax-mark \| 111 +++++++++++++++++++++++++++++++++++++++++++++++++++
13	2 files changed, 112 insertions(+), 1 deletions(-)
14
15	diff --git a/scripts/Makefile.am b/scripts/Makefile.am
16	index 6728a83..5cef3e1 100644
17	--- a/scripts/Makefile.am
18	+++ b/scripts/Makefile.am
19	@@ -1,4 +1,4 @@
20	ACLOCAL_AMFLAGS = -I m4
21
22	-dist_sbin_SCRIPTS = pypaxctl migrate-pax revdep-pax
23	+dist_sbin_SCRIPTS = migrate-pax pax-mark pypaxctl revdep-pax
24	EXTRA_DIST = paxmodule.c setup.py
25
26	diff --git a/scripts/pax-mark b/scripts/pax-mark
27	new file mode 100755
28	index 0000000..c8fc7ed
29	--- /dev/null
30	+++ b/scripts/pax-mark
31	@@ -0,0 +1,111 @@
32	+#!/bin/bash -l
33	+
34	+has() {
35	+ [[ "${2/$1/}" != "$2" ]] && return 0
36	+ return 1
37	+}
38	+
39	+pax-mark() {
40	+
41	+ local f # loop over paxables
42	+ local flags # pax flags
43	+ local pt_fail=0 pt_failures="" # record PT_PAX failures
44	+ local xt_fail=0 xt_failures="" # record xattr PAX marking failures
45	+ local ret=0 # overal return code of this function
46	+
47	+ # Only the actual PaX flags and z are accepted
48	+ # 1. The leading '-' is optional
49	+ # 2. -C -c only make sense for paxctl, but are unnecessary
50	+ # because we progressively do -q -qc -qC
51	+ # 3. z is allowed for the default
52	+
53	+ flags="${1//[!zPpEeMmRrSs]}"
54	+ [[ "${flags}" ]] \|\| return 0
55	+ shift
56	+
57	+ # z = default. For XATTR_PAX, the default is no xattr field at all
58	+ local dodefault=""
59	+ [[ "${flags//[!z]}" ]] && dodefault="yes"
60	+
61	+ if has PT "${PAX_MARKINGS}"; then
62	+
63	+ #First try paxctl -> this might try to create/convert program headers
64	+ if type -p paxctl > /dev/null; then
65	+ for f in "$@"; do
66	+ # First, try modifying the existing PAX_FLAGS header
67	+ paxctl -q${flags} "${f}" >/dev/null 2>&1 && continue
68	+ # Second, try creating a PT_PAX header (works on ET_EXEC)
69	+ # Even though this is less safe, most exes need it, eg bug #463170
70	+ paxctl -qC${flags} "${f}" >/dev/null 2>&1 && continue
71	+ # Third, try stealing the (unused under PaX) PT_GNU_STACK header
72	+ paxctl -qc${flags} "${f}" >/dev/null 2>&1 && continue
73	+ pt_fail=1
74	+ pt_failures="${pt_failures} ${f}"
75	+ done
76	+
77	+ #Next try paxctl-ng -> this will not create/convert any program headers
78	+ elif type -p paxctl-ng > /dev/null && paxctl-ng -L ; then
79	+ flags="${flags//z}"
80	+ for f in "$@"; do
81	+ [[ ${dodefault} == "yes" ]] && paxctl-ng -L -z "${f}" >/dev/null 2>&1
82	+ [[ "${flags}" ]] \|\| continue
83	+ paxctl-ng -L -${flags} "${f}" >/dev/null 2>&1 && continue
84	+ pt_fail=1
85	+ pt_failures="${pt_failures} ${f}"
86	+ done
87	+
88	+ #Finally fall back on scanelf
89	+ elif type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then
90	+ scanelf -Xxz ${flags} "$@" >/dev/null 2>&1
91	+
92	+ #We failed to set PT_PAX flags
93	+ elif [[ ${PAX_MARKINGS} != "none" ]]; then
94	+ pt_failures="$*"
95	+ pt_fail=1
96	+ fi
97	+
98	+ if [[ ${pt_fail} == 1 ]]; then
99	+ ret=1
100	+ fi
101	+ fi
102	+
103	+ if has XT "${PAX_MARKINGS}"; then
104	+
105	+ flags="${flags//z}"
106	+
107	+ #First try paxctl-ng
108	+ if type -p paxctl-ng > /dev/null && paxctl-ng -l ; then
109	+ for f in "$@"; do
110	+ [[ ${dodefault} == "yes" ]] && paxctl-ng -d "${f}" >/dev/null 2>&1
111	+ [[ "${flags}" ]] \|\| continue
112	+ paxctl-ng -l -${flags} "${f}" >/dev/null 2>&1 && continue
113	+ xt_fail=1
114	+ xt_failures="${tx_failures} ${f}"
115	+ done
116	+
117	+ #Next try setfattr
118	+ elif type -p setfattr > /dev/null; then
119	+ [[ "${flags//[!Ee]}" ]] \|\| flags+="e" # bug 447150
120	+ for f in "$@"; do
121	+ [[ ${dodefault} == "yes" ]] && setfattr -x "user.pax.flags" "${f}" >/dev/null 2>&1
122	+ setfattr -n "user.pax.flags" -v "${flags}" "${f}" >/dev/null 2>&1 && continue
123	+ xt_fail=1
124	+ xt_failures="${tx_failures} ${f}"
125	+ done
126	+
127	+ #We failed to set XATTR_PAX flags
128	+ elif [[ ${PAX_MARKINGS} != "none" ]]; then
129	+ xt_failures="$*"
130	+ xt_fail=1
131	+ fi
132	+
133	+ if [[ ${xt_fail} == 1 ]]; then
134	+ ret=1
135	+ fi
136	+ fi
137	+
138	+ return ${ret}
139	+}
140	+
141	+PAX_MARKINGS=${PAX_MARKINGS:="PT XT"}
142	+pax-mark "$@"

Gentoo Archives: gentoo-commits