From: Harald Hoyer <harald@redhat.com>
Date: Tue, 16 Oct 2012 12:57:09 +0000 (+0200)
Subject: prelink and preunlink (for FIPS) in the initramfs
X-Git-Tag: 024~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=404815eaf02722d71b2c2bdf2a738aa6a96bf462;p=thirdparty%2Fdracut.git

prelink and preunlink (for FIPS) in the initramfs

also hardlink before strip
---

diff --git a/dracut.sh b/dracut.sh
index 7678f192b..e160641d1 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1002,6 +1002,31 @@ if (($maxloglvl >= 5)); then
     du -c "$initdir" | sort -n | ddebug
 fi
 
+PRELINK_BIN=$(command -v prelink)
+if [[ $UID = 0 ]] && [[ $PRELINK_BIN ]]; then
+    if [[ $DRACUT_FIPS_MODE ]]; then
+        dinfo "*** Pre-unlinking files ***"
+        dracut_install -o prelink /etc/prelink.conf /etc/prelink.conf.d/*.conf /etc/prelink.cache
+        chroot "$initdir" $PRELINK_BIN -u -a
+        rm -f "$initdir"/$PRELINK_BIN
+        rm -fr "$initdir"/etc/prelink.*
+        dinfo "*** Pre-unlinking files done ***"
+    else
+        dinfo "*** Pre-linking files ***"
+        dracut_install -o prelink /etc/prelink.conf /etc/prelink.conf.d/*.conf
+        chroot "$initdir" $PRELINK_BIN -a
+        rm -f "$initdir"/$PRELINK_BIN
+        rm -fr "$initdir"/etc/prelink.*
+        dinfo "*** Pre-linking files done ***"
+    fi
+fi
+
+if [[ $do_hardlink = yes ]] && command -v hardlink >/dev/null; then
+    dinfo "*** Hardlinking files ***"
+    hardlink "$initdir" 2>&1
+    dinfo "*** Hardlinking files done ***"
+fi
+
 # strip binaries
 if [[ $do_strip = yes ]] ; then
     for p in strip xargs find; do
@@ -1012,21 +1037,6 @@ if [[ $do_strip = yes ]] ; then
     done
 fi
 
-if strstr "$modules_loaded" " fips " && command -v prelink >/dev/null; then
-    dinfo "*** pre-unlinking files ***"
-    for dir in "$initdir/bin" \
-       "$initdir/sbin" \
-       "$initdir/usr/bin" \
-       "$initdir/usr/sbin"; do
-        [[ -L "$dir" ]] && continue
-        for i in "$dir"/*; do
-            [[ -L $i ]] && continue
-            [[ -x $i ]] && prelink -u $i &>/dev/null
-        done
-    done
-    dinfo "*** pre-unlinking files done ***"
-fi
-
 if [[ $do_strip = yes ]] ; then
     dinfo "*** Stripping files ***"
     if [[ $DRACUT_FIPS_MODE ]]; then
@@ -1049,14 +1059,6 @@ if [[ $do_strip = yes ]] ; then
     dinfo "*** Stripping files done ***"
 fi
 
-if [[ $do_hardlink = yes ]] ; then
-    type hardlink &>/dev/null && {
-        dinfo "*** hardlinking files ***"
-        hardlink "$initdir" 2>&1
-        dinfo "*** hardlinking files done ***"
-    }
-fi
-
 rm -f "$outfile"
 dinfo "*** Creating image file ***"
 if ! ( umask 077; cd "$initdir"; find . |cpio -R 0:0 -H newc -o --quiet| \