scripts: Add check for interpreters

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/Makefile.am b/Makefile.am
index 1d49a48cdbbd70cc6f2a605a2473eecb802ec37e..b7fa1989e0f01c35122d58dd143051eb5fe8f3e4 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -558,6 +558,7 @@ dist_scripts_SCRIPTS = \
        src/scripts/check-fhs \
        src/scripts/check-hardening \
        src/scripts/check-include \
+       src/scripts/check-interpreters \
        src/scripts/check-libraries \
        src/scripts/check-rpaths \
        src/scripts/check-symlinks \

diff --git a/src/libpakfire/build.c b/src/libpakfire/build.c
index 16d0a7c54ae0be8fcbc5049c751469574799898b..0fab7bedf849d8c1701adf34a33129674d4713f0 100644 (file)
--- a/src/libpakfire/build.c
+++ b/src/libpakfire/build.c
@@ -346,6 +346,7 @@ static const char* post_build_scripts[] = {
        "check-buildroot",
        "check-include",
        "check-hardening",
+       "check-interpreters",
        "check-fhs",
        "compress-man-pages",
        "strip",

diff --git a/src/scripts/check-interpreters b/src/scripts/check-interpreters
new file mode 100644 (file)
index 0000000..0b35846
--- /dev/null
+++ b/src/scripts/check-interpreters
@@ -0,0 +1,79 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# Pakfire - The IPFire package management system                              #
+# Copyright (C) 2021 Pakfire development team                                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+error() {
+       echo "${0#/}: $@" >&2
+}
+
+main() {
+       local buildroot="${1}"
+       shift
+
+       # Check if BUILDROOT exists
+       if [ ! -d "${buildroot}" ]; then
+               error "BUILDROOT does not exist"
+               return 1
+       fi
+
+       local file
+       local -A files
+
+       # Find all executable files
+       for file in $(find "${buildroot}" -type f -perm /111 | sort); do
+               local first_line="$(grep -q "^#!" "${file}" && head -n1 "${file}")"
+
+               # Skip files that are not scripts
+               if [ "${first_line:0:2}" != "#!" ]; then
+                       continue
+               fi
+
+               local interpreter="${first_line:2}"
+
+               case "${interpreter}" in
+                       # Interpreters in /usr/local are illegal
+                       /usr/local/*)
+                               files["${file}"]="${interpreter}"
+                               continue
+                               ;;
+
+                       # We don't support "env"
+                       /usr/bin/env*)
+                               # Automatically fix this
+                               sed -i "${file}" \
+                                       -e "s,#!/usr/bin/env \(/usr/bin/.*\),\1,"
+                               ;;
+               esac
+       done
+
+       if [ "${#files[@]}" -gt 0 ]; then
+               error "Illegal interpreters found:"
+               local file
+               for file in "${!files[@]}"; do
+                       error "  ${file/${buildroot}/} (${files[${file}]})"
+               done
+
+               return 1
+       fi
+
+       return 0
+}
+
+main "$@" || exit $?