From dc055555e832fb4f65c5d0fdb5c137c0ee074613 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Thu, 23 Jun 2005 23:49:53 +0000 Subject: abort if binaries have null RPATHs --- ChangeLog | 6 +++++- bin/ebuild-default-functions.sh | 7 +++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 168db1c..92ca749 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,12 +1,16 @@ # ChangeLog for Portage; the Gentoo Linux ports system # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Id: ChangeLog,v 1.991 2005/06/18 01:01:35 vapier Exp $ +# $Id: ChangeLog,v 1.992 2005/06/23 23:49:53 vapier Exp $ MAJOR CHANGES in 2.0.51: 1. /var/cache/edb/virtuals is no longer used at all. It's calculated now. 2. /var/cache/edb/world is now /var/lib/portage/world. 3. /etc/portage/profile/virtuals is _USER_ configs only. + 23 Jun 2005; Mike Frysinger + bin/ebuild-default-functions.sh: + Update the scanelf RUNPATH check to abort on null paths. + 17 Jun 2005; Mike Frysinger bin/repoman: Report exit status if gpg failed to return with 0. diff --git a/bin/ebuild-default-functions.sh b/bin/ebuild-default-functions.sh index 5ee7907..7598547 100755 --- a/bin/ebuild-default-functions.sh +++ b/bin/ebuild-default-functions.sh @@ -2,7 +2,7 @@ # ebuild-default-functions.sh; default functions for ebuild env that aren't saved- specific to the portage instance. # Copyright 2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/bin/ebuild-default-functions.sh,v 1.31 2005/06/19 21:12:11 vapier Exp $ +# $Header: /local/data/ulm/cvs/history/var/cvsroot/gentoo-src/portage/bin/ebuild-default-functions.sh,v 1.32 2005/06/23 23:49:53 vapier Exp $ has_version() { # if there is a predefined portageq call, use it. @@ -432,7 +432,10 @@ dyn_install() { if type -p scanelf > /dev/null ; then # Make sure we disallow insecure RUNPATH/RPATH's - f=$(scanelf -qyRF '%r %p' "${D}" | grep "${PORTAGE_BUILDDIR}") + # Don't want paths that point to the tree where the package was built + # (older, broken libtools would do this). Also check for null paths + # because the loader will search $PWD when it finds null paths. + f=$(scanelf -qyRF '%r %p' "${D}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^ )") if [[ -n ${f} ]] ; then echo -ne '\a\n' echo "QA Notice: the following files contain insecure RUNPATH's" -- cgit v1.2.3-65-gdbad