]>
Commit | Line | Data |
---|---|---|
39e56fae AF |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
2a968821 | 5 | # Copyright (C) 2007-2023 IPFire Team info@ipfire.org # |
39e56fae AF |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
9820735b MT |
22 | # All supported architectures |
23 | ARCHES=( | |
24 | aarch64 | |
25 | riscv64 | |
26 | x86_64 | |
27 | ) | |
28 | ||
29 | # A list of files that are not scanned | |
30 | # because they probably cause some false positives. | |
31 | EXCLUDED_FILES=( | |
32 | qemu | |
33 | ) | |
34 | ||
35 | ARGS=( | |
36 | # Search path | |
37 | "config/rootfiles" | |
38 | ||
39 | # Exclude old core updates | |
40 | "--exclude-dir" "oldcore" | |
41 | ||
42 | # Ignore the update scripts | |
43 | "--exclude" "update.sh" | |
44 | ) | |
45 | ||
46 | check_for_arch() { | |
47 | local arch="${1}" | |
48 | ||
49 | local args=( | |
50 | "${ARGS[@]}" | |
51 | ) | |
52 | ||
53 | # Exclude any architecture-specific directories | |
54 | local a | |
55 | for a in ${ARCHES[@]}; do | |
56 | args+=( "--exclude-dir" "${a}" ) | |
57 | done | |
58 | ||
59 | # Exclude all excluded files | |
60 | local x | |
61 | for x in ${EXCLUDED_FILES[@]}; do | |
62 | args+=( "--exclude" "${x}" ) | |
63 | done | |
64 | ||
65 | # Search for all lines that contain the architecture, but exclude commented lines | |
66 | grep -r "^[^#].*${arch}" "${args[@]}" | |
67 | } | |
68 | ||
69 | check_for_pattern() { | |
70 | local pattern="${1}" | |
71 | local message="${2}" | |
72 | ||
73 | local args=( | |
74 | "${ARGS[@]}" | |
75 | ) | |
76 | ||
77 | if grep -r "${pattern}" "${args[@]}"; then | |
78 | if [ -n "${message}" ]; then | |
79 | echo "ERROR: ${message}" | |
80 | else | |
81 | echo "ERROR: Files matching '${pattern}' have been found in the rootfiles" | |
82 | fi | |
83 | return 1 | |
84 | fi | |
85 | ||
86 | return 0 | |
87 | } | |
88 | ||
89 | main() { | |
90 | local failed=0 | |
91 | ||
92 | # Check for /etc/init.d | |
93 | if ! check_for_pattern "^etc/init\.d/" \ | |
94 | "/etc/init.d/* has been found. Please replace by /etc/rc.d/init.d"; then | |
95 | failed=1 | |
96 | fi | |
97 | ||
98 | # Check for /var/run | |
99 | if ! check_for_pattern "^var/run/.*" \ | |
100 | "You cannot ship files in /var/run as it is a ramdisk"; then | |
101 | failed=1 | |
102 | fi | |
103 | ||
104 | # Check architectures | |
105 | local arch | |
106 | for arch in ${ARCHES[@]}; do | |
107 | check_for_arch "${arch}" || failed=$? | |
108 | done | |
109 | ||
110 | # Return the error | |
111 | return ${failed} | |
112 | } | |
113 | ||
114 | main "$@" || exit $? |