[people/ms/ipfire-3.x.git] / src / pakfire / compressor.d / 04-qa-rpath

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt           #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

TMP_DIR=$1

echo "  Searching for bad RPATH attributes..."

# Make sure we disallow insecure RUNPATH/RPATH's
# Don't want paths that point to the tree where the package was built
# (older, broken libtools would do this).  Also check for null paths
# because the loader will search $PWD when it finds null paths.

command="scanelf -qyRF '%r %p' ${TMP_DIR} 2>/dev/null | awk '{ print $NF }'"

for i in $QUALITY_AGENT_WHITELIST_RPATH; do
	if [ -n "$FILTER" ]; then
		FILTER="$FILTER|$i"
	else
		FILTER="$i"
	fi
done

if [ -n "$FILTER" ]; then
	command="$command | grep -vE \"$FILTER\""
fi

files=$($command)
if [ -n "$files" ]; then
	echo "  QA Notice: The following files contain insecure RUNPATH's"
	echo "${files}"
	echo
	exit 1
fi
Commit	Line	Data
e5192f6a MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	TMP_DIR=$1
	23
	24	echo " Searching for bad RPATH attributes..."
	25
	26	# Make sure we disallow insecure RUNPATH/RPATH's
	27	# Don't want paths that point to the tree where the package was built
	28	# (older, broken libtools would do this). Also check for null paths
	29	# because the loader will search $PWD when it finds null paths.
	30
	31	command="scanelf -qyRF '%r %p' ${TMP_DIR} 2>/dev/null \| awk '{ print $NF }'"
	32
	33	for i in $QUALITY_AGENT_WHITELIST_RPATH; do
	34	if [ -n "$FILTER" ]; then
	35	FILTER="$FILTER\|$i"
	36	else
	37	FILTER="$i"
	38	fi
	39	done
	40
	41	if [ -n "$FILTER" ]; then
	42	command="$command \| grep -vE \"$FILTER\""
	43	fi
	44
	45	files=$($command)
	46	if [ -n "$files" ]; then
	47	echo " QA Notice: The following files contain insecure RUNPATH's"
	48	echo "${files}"
	49	echo
	50	exit 1
	51	fi