]>
Commit | Line | Data |
---|---|---|
6c4cc7ea | 1 | #!/usr/bin/env bash |
bc259fdc | 2 | |
19054331 MT |
3 | paths=() |
4 | excludes=() | |
bc259fdc MT |
5 | |
6 | while [ $# -gt 0 ]; do | |
7 | case "${1}" in | |
8 | --exclude=*) | |
19054331 | 9 | excludes+=( "!" "-path" "${1#*=}/*" ) |
bc259fdc MT |
10 | ;; |
11 | *) | |
19054331 | 12 | paths+=( "${1}" ) |
bc259fdc MT |
13 | ;; |
14 | esac | |
15 | shift | |
16 | done | |
fc44fa1f MT |
17 | |
18 | function _strip() { | |
19054331 MT |
19 | local file="${1}" |
20 | local args=() | |
fc44fa1f | 21 | |
19054331 MT |
22 | # Fetch the filetype |
23 | local type="$(readelf -h "${file}" 2>/dev/null)" | |
bc259fdc | 24 | |
19054331 MT |
25 | case "${type}" in |
26 | # Libraries and Relocatable binaries | |
27 | *Type:*"DYN (Shared object file)"*) | |
28 | args+=( "--strip-all" ) | |
29 | ;; | |
37ef9fe4 | 30 | |
19054331 MT |
31 | # Binaries |
32 | *Type:*"EXEC (Executable file)"*) | |
33 | args+=( "--strip-all" ) | |
34 | ;; | |
25d50589 | 35 | |
19054331 MT |
36 | # Static libraries |
37 | *Type:*"REL (Relocatable file)"*) | |
38 | args+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" ) | |
fc44fa1f | 39 | ;; |
19054331 MT |
40 | |
41 | # Skip any unrecognised files | |
fc44fa1f | 42 | *) |
19054331 | 43 | return 0 |
fc44fa1f MT |
44 | ;; |
45 | esac | |
46 | ||
19054331 MT |
47 | # Fetch any capabilities |
48 | local capabilities="$(getfattr --no-dereference --name="security.capability" \ | |
49 | --absolute-names --dump "${file}" 2>/dev/null)" | |
50 | ||
fc44fa1f | 51 | echo "Stripping ${file}..." |
19054331 MT |
52 | if ! strip "${args[@]}" "${file}"; then |
53 | return 1 | |
54 | fi | |
55 | ||
37ef9fe4 MT |
56 | |
57 | # Restore capabilities | |
58 | if [ -n "${capabilities}" ]; then | |
59 | setfattr --no-dereference --restore=<(echo "${capabilities}") | |
60 | fi | |
fc44fa1f MT |
61 | } |
62 | ||
19054331 | 63 | for path in ${paths[@]}; do |
52e947f7 | 64 | for file in $(find "${path}" -xdev "${excludes[@]}" -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) 2>/dev/null); do |
19054331 MT |
65 | _strip "${file}" || exit $? |
66 | done | |
fc44fa1f | 67 | done |