-#!/bin/bash
+#!/usr/bin/env bash
+
+paths=()
+excludes=()
+strip="strip"
+break_on_error="1"
+
+while [ $# -gt 0 ]; do
+ case "${1}" in
+ --strip=*)
+ strip="${1#*=}"
+ ;;
+ --exclude=*)
+ if [ -n "${1#*=}" ]; then
+ excludes+=( "!" "-path" "${1#*=}" "!" "-path" "${1#*=}/*" )
+ fi
+ ;;
+ --ignore-errors)
+ break_on_error="0"
+ ;;
+ *)
+ paths+=( "${1}" )
+ ;;
+ esac
+ shift
+done
function _strip() {
- local file=${1}
+ local file="${1}"
+ local args=()
+
+ # Fetch the filetype
+ local type="$(readelf -h "${file}" 2>/dev/null)"
+
+ case "${type}" in
+ # Libraries and Relocatable binaries
+ *Type:*"DYN (Shared object file)"*)
+ args+=( "--strip-all" )
+ ;;
- local cmd="${STRIP-strip}"
+ # Binaries
+ *Type:*"EXEC (Executable file)"*)
+ args+=( "--strip-all" )
+ ;;
- case "$(file -bi ${file})" in
- application/x-sharedlib*|application/x-archive*)
- cmd="${cmd} --strip-debug --remove-section=.comment --remove-section=.note"
+ # Static libraries
+ *Type:*"REL (Relocatable file)"*)
+ args+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" )
;;
+
+ # Skip any unrecognised files
*)
- cmd="${cmd} --strip-unneeded"
+ return 0
;;
esac
+ # Fetch any capabilities
+ local capabilities="$(getfattr --no-dereference --name="security.capability" \
+ --absolute-names --dump "${file}" 2>/dev/null)"
+
echo "Stripping ${file}..."
- ${cmd} ${file}
+ if ! "${strip}" "${args[@]}" "${file}"; then
+ return ${break_on_error}
+ fi
+
+ # Restore capabilities
+ if [ -n "${capabilities}" ]; then
+ setfattr --no-dereference --restore=<(echo "${capabilities}")
+ fi
}
-for dir in $@; do
- # Strip shared objects.
- find ${dir} -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) \
- | file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped/\1/p' |
- while read file; do
- _strip ${file}
- done
-
- # Strip static archives.
- find ${dir} -name \*.a -a -exec file {} \; \
- | grep 'current ar archive' | sed -n -e 's/^\(.*\):[ ]*current ar archive/\1/p' |
- while read file; do
- _strip ${file}
- done
+for path in ${paths[@]}; do
+ for file in $(find -H "${path}" -xdev "${excludes[@]}" -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) 2>/dev/null); do
+ _strip "${file}" || exit $?
+ done
done