From: Michael Tremer Date: Thu, 11 Jun 2009 10:43:27 +0000 (+0200) Subject: Remove quality-agent. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f5887040cec6e76bfecaa7663ca9b25c1d50901;p=ipfire-3.x.git Remove quality-agent. --- diff --git a/lfs/quality-agent b/lfs/quality-agent deleted file mode 100644 index bb634d50e..000000000 --- a/lfs/quality-agent +++ /dev/null @@ -1,76 +0,0 @@ -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -############################################################################### -# Definitions -############################################################################### - -include Config - -PKG_NAME = quality-agent -PKG_VER = -PKG_REL = -1 - -THISAPP = $(PKG_NAME) -DIR_APP = $(DIR_SOURCE)/$(PKG_NAME) - -OBJECT = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP) - -MAINTAINER = Michael Tremer -GROUP = -CORE = no -EXTRA = no -DEBUG = no -BUILD_DEPS = -DEPS = - -URL = -LICENSE = -SHORT_DESC = This script does some quality checks on the distribution. - -define LONG_DESC - This script does some quality checks on the distribution. -endef - -############################################################################### -# Top-level Rules -############################################################################### - -objects = - -download: $(objects) - -info: - $(DO_PKG_INFO) - -install: $(OBJECT) - -package: - @$(DO_PACKAGE) - -$(objects): - @$(LOAD) - -############################################################################### -# Installation Details -############################################################################### - -$(OBJECT): $(objects) - cd $(DIR_APP) && ./quality-agent diff --git a/make.sh b/make.sh index 404741e8d..1387771a5 100755 --- a/make.sh +++ b/make.sh @@ -460,8 +460,6 @@ packages_build() { build_spy stage ${STAGE} - ipfire_make quality-agent - # Generate ChangeLog git_log diff --git a/src/quality-agent/quality-agent b/src/quality-agent/quality-agent deleted file mode 100755 index 6eba1db27..000000000 --- a/src/quality-agent/quality-agent +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -CHECK_PATHS=${@-"/bin /lib /opt /root /sbin /var /usr/bin /usr/lib /usr/sbin"} - -CHECK_PATHS=$(find ${CHECK_PATHS} -not -type d) - -echo "Searching for all world writable files..." -f=$(find ${CHECK_PATHS} -not -path "/proc*" -type f -perm -2 2>/dev/null) -if [ -n "$f" ]; then - echo - echo "QA Security Notice:" - echo " - The folloing files will be world writable." - echo " - This may or may not be a security problem, most of the time it is one." - echo " - Please double check that these files really need a world writeable bit and file bugs accordingly." - echo - echo "$f" - exit 1 -fi - -echo "Searching for unsafe files..." -f=$(find ${CHECK_PATHS} -type f '(' -perm -2002 -o -perm -4002 ')') -if [ -n "$f" ]; then - echo - echo "QA Notice: Unsafe files detected (set*id and world writable)" - echo "${f}" - exit 1 -fi - -# this should help to ensure that all (most?) shared libraries are executable -# and that all libtool scripts / static libraries are not executable -echo "Searching for not executeable libs..." -for i in $(find ${CHECK_PATHS} -name *.so*); do - [ ! -e ${i} ] && continue - if [ -L ${i} ]; then - linkdest=$(readlink "${i}") - if [[ ${linkdest} == /* ]] ; then - echo - echo "QA Notice: Found an absolute symlink in a library directory:" - echo " ${i} -> ${linkdest}" - echo " It should be a relative symlink if in the same directory" - echo " or a linker script if it crosses the /usr boundary." - exit 1 - fi - continue - fi - [ -x ${i} ] && continue - echo "making executable: ${i}" - chmod +x "${i}" -done -for i in $(find ${CHECK_PATHS} -name *.a -o -name *.la); do - [ ! -e ${i} ] && continue - [ -L ${i} ] && continue - [ ! -x ${i} ] && continue - echo "removing executable bit: ${i}" - chmod -x "${i}" -done - -# Make sure people don't store libtool files or static libs in /lib -echo "Searching for bad files in /lib..." -f=$(find /lib -name *.{a,la} 2>/dev/null) -if [ -n "$f" ]; then - echo "QA Notice: Excessive files found in the / partition" - echo "${f}" - exit 1 -fi - -if [ -n "$(which scanelf 2>/dev/null)" ]; then - # Make sure we disallow insecure RUNPATH/RPATH's - # Don't want paths that point to the tree where the package was built - # (older, broken libtools would do this). Also check for null paths - # because the loader will search $PWD when it finds null paths. - echo "Searching for files that have unsecure RUNPATH/RPATH..." - f=$(scanelf -qyRF '%r %p' ${CHECK_PATHS} 2>/dev/null | awk '{ print $NF }' | grep -v -f whitelist-rpaths) - if [ -n "$f" ]; then - echo - echo "QA Notice: The following files contain insecure RUNPATH's" - echo "${f}" - echo - exit 1 - fi - - # TEXTREL's are baaaaaaaad - echo "Searching for files that have baaaaaaad TEXTRELs..." - f=$(scanelf -qyRF '%t %p' ${CHECK_PATHS} 2>/dev/null | awk '{ print $NF }' | grep -v -f whitelist-textrels) - if [ -n "$f" ]; then - echo - echo "QA Notice: The following files contain runtime text relocations" - echo " Text relocations force the dynamic linker to perform extra" - echo " work at startup, waste system resources, and may pose a security" - echo " risk. On some architectures, the code may not even function" - echo " properly, if at all." - echo "${f}" - exit 1 - fi - - # Also, executable stacks only matter on linux... - echo "Searching for files that have executeable stacks..." - f=$(scanelf -qyRF '%e %p' ${CHECK_PATHS} | awk '{ print $NF }' | grep -v -f whitelist-exec-stacks) - if [ -n "$f" ]; then - echo - echo "QA Notice: The following files contain executable stacks" - echo " Files with executable stacks will not work properly (or at all!)" - echo " on some architectures/operating systems." - echo "${f}" - exit 1 - fi - - # Libary checks - check_files=$(find ${CHECK_PATHS} -name lib*.so*) - - echo "Searching bad libs that lack a SONAME..." - f=$(scanelf -ByF '%S %p' $check_files | awk '$2 == "" { print }' | grep -v -f whitelist-soname) - if [ -n "$f" ]; then - echo - echo "QA Notice: The following shared libraries lack a SONAME" - echo "${f}" - exit 1 - fi - f=$(scanelf -ByF '%n %p' $check_files | awk '$2 == "" { print }') - if [ -n "$f" ]; then - echo - echo "QA Notice: The following shared libraries lack NEEDED entries" - echo "${f}" - exit 1 - fi - -else - echo "scanelf is not available. Can't check." -fi diff --git a/src/quality-agent/whitelist-exec-stacks b/src/quality-agent/whitelist-exec-stacks deleted file mode 100644 index 2ed977b4b..000000000 --- a/src/quality-agent/whitelist-exec-stacks +++ /dev/null @@ -1 +0,0 @@ -/usr/sbin/grub diff --git a/src/quality-agent/whitelist-rpaths b/src/quality-agent/whitelist-rpaths deleted file mode 100644 index 18ec891ec..000000000 --- a/src/quality-agent/whitelist-rpaths +++ /dev/null @@ -1,12 +0,0 @@ -/sbin/splashy -/usr/bin/cjpeg -/usr/bin/lzmadec -/usr/bin/djpeg -/usr/bin/jpegtran -/usr/bin/xzdec -/usr/bin/xz -/usr/lib/gconv/* -/usr/lib/perl5/site_perl/5.10.0/i686-linux/auto/XML/Parser/Expat/Expat.so -/usr/lib/perl5/5.10.0/i686-linux/auto/DB_File/DB_File.so -/usr/lib/perl5/5.10.0/i686-linux/auto/Time/HiRes/HiRes.so -/usr/lib/perl5/5.10.0/i686-linux/auto/Compress/Raw/Zlib/Zlib.so diff --git a/src/quality-agent/whitelist-soname b/src/quality-agent/whitelist-soname deleted file mode 100644 index 38d20320e..000000000 --- a/src/quality-agent/whitelist-soname +++ /dev/null @@ -1,2 +0,0 @@ -/lib/libnss_ldap-* -/lib/xtables/* diff --git a/src/quality-agent/whitelist-textrels b/src/quality-agent/whitelist-textrels deleted file mode 100644 index 792d60054..000000000 --- a/src/quality-agent/whitelist-textrels +++ /dev/null @@ -1 +0,0 @@ -#