-#!/tools/bin/bash
+#!/usr/bin/env bash
dirs=""
excludes="/dev /proc /sys /run"
function _strip() {
local file=${1}
- local cmd="${STRIP-strip}"
+ local strip="${STRIP-strip}"
local exclude l
for exclude in ${excludes}; do
fi
done
+ # Fetch any capabilities
+ local capabilities="$(getfattr --no-dereference --name="security.capability" \
+ --absolute-names --dump "${file}" 2>/dev/null)"
+
+ local cmd=( "${strip}" )
+
case "$(file -bi ${file})" in
- application/x-sharedlib*|application/x-archive*)
- cmd="${cmd} --strip-debug --remove-section=.comment --remove-section=.note"
+ application/x-archive*)
+ cmd+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" )
;;
*)
- cmd="${cmd} --strip-unneeded"
+ cmd+=( "--strip-all" )
;;
esac
echo "Stripping ${file}..."
- ${cmd} ${file}
+ ${cmd[*]} ${file}
+
+ # Restore capabilities
+ if [ -n "${capabilities}" ]; then
+ setfattr --no-dereference --restore=<(echo "${capabilities}")
+ fi
}
for dir in ${dirs}; do
# Strip shared objects.
find ${dir} -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) \
- | file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped/\1/p' |
+ | file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped.*/\1/p' |
while read file; do
- _strip ${file}
- done
+ _strip ${file} || exit $?
+ done || exit $?
# Strip static archives.
find ${dir} -name \*.a -a -exec file {} \; \
| grep 'current ar archive' | sed -n -e 's/^\(.*\):[ ]*current ar archive/\1/p' |
while read file; do
- _strip ${file}
- done
+ _strip ${file} || exit $?
+ done || exit $?
done