]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/stripper
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
suricata: Change midstream policy to "pass-flow"
[people/pmueller/ipfire-2.x.git] / src / stripper
1 #!/usr/bin/env bash
2
3 dirs=""
4 excludes="/dev /proc /sys /run"
5
6 while [ $# -gt 0 ]; do
7 case "${1}" in
8 --exclude=*)
9 excludes="${excludes} ${1#*=}"
10 ;;
11 *)
12 dirs="${dirs} ${1}"
13 ;;
14 esac
15 shift
16 done
17
18 function _strip() {
19 local file=${1}
20 local strip="${STRIP-strip}"
21
22 local exclude l
23 for exclude in ${excludes}; do
24 l=${#exclude}
25 if [ "${file:0:${l}}" = "${exclude}" ]; then
26 return 0
27 fi
28 done
29
30 # Fetch any capabilities
31 local capabilities="$(getfattr --no-dereference --name="security.capability" \
32 --absolute-names --dump "${file}")"
33
34 local cmd=( "${strip}" )
35
36 case "$(file -bi ${file})" in
37 application/x-archive*)
38 cmd+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" )
39 ;;
40 *)
41 cmd+=( "--strip-all" )
42 ;;
43 esac
44
45 echo "Stripping ${file}..."
46 ${cmd[*]} ${file}
47
48 # Restore capabilities
49 if [ -n "${capabilities}" ]; then
50 setfattr --no-dereference --restore=<(echo "${capabilities}")
51 fi
52 }
53
54 for dir in ${dirs}; do
55 # Strip shared objects.
56 find ${dir} -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) \
57 | file -N -f - | sed -n -e 's/^\(.*\):[ ]*.*ELF.*, not stripped.*/\1/p' |
58 while read file; do
59 _strip ${file} || exit $?
60 done || exit $?
61
62 # Strip static archives.
63 find ${dir} -name \*.a -a -exec file {} \; \
64 | grep 'current ar archive' | sed -n -e 's/^\(.*\):[ ]*current ar archive/\1/p' |
65 while read file; do
66 _strip ${file} || exit $?
67 done || exit $?
68 done
Peter's tree of IPFire 2.x