diff options
| author |   Anthony G. Basile <blueness@gentoo.org> | 2014-10-17 16:03:19 -0400 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2014-10-17 16:03:29 -0400 |
| commit | 41a91c0486e881ace7deb9e44752fbe93e640b36 (patch) | |
| tree | 40e87ef4f76e727244b5d4f1938eb0e43c63bde9 | |
| parent | configure.ac: remove bash-isms (diff) | |
| download | elfix-41a91c0486e881ace7deb9e44752fbe93e640b36.tar.gz elfix-41a91c0486e881ace7deb9e44752fbe93e640b36.tar.bz2 elfix-41a91c0486e881ace7deb9e44752fbe93e640b36.zip | |
scripts/paxmark.sh: backport improvements from pax-utils.eclass
| -rwxr-xr-x | scripts/paxmark.sh | 95 |
1 files changed, 38 insertions, 57 deletions
diff --git a/scripts/paxmark.sh b/scripts/paxmark.sh index 02f966e..9ec077a 100755 --- a/scripts/paxmark.sh +++ b/scripts/paxmark.sh @@ -1,16 +1,15 @@ #!/bin/bash -l has() { - [[ "${2/$1/}" != "$2" ]] && return 0 + f=$1 + shift + [[ "${@/$f/}" != "$@" ]] && return 0 return 1 } paxmarksh() { - local f # loop over paxables local flags # pax flags - local pt_fail=0 pt_failures="" # record PT_PAX failures - local xt_fail=0 xt_failures="" # record xattr PAX marking failures local ret=0 # overal return code of this function # Only the actual PaX flags and z are accepted @@ -27,11 +26,11 @@ paxmarksh() { local dodefault="" [[ "${flags//[!z]}" ]] && dodefault="yes" - if has PT "${PAX_MARKINGS}"; then + if has PT ${PAX_MARKINGS}; then + for f in "$@"; do - #First try paxctl -> this might try to create/convert program headers - if type -p paxctl > /dev/null; then - for f in "$@"; do + #First try paxctl -> this might try to create/convert program headers + if type -p paxctl > /dev/null; then # First, try modifying the existing PAX_FLAGS header paxctl -q${flags} "${f}" >/dev/null 2>&1 && continue # Second, try creating a PT_PAX header (works on ET_EXEC) @@ -39,69 +38,51 @@ paxmarksh() { paxctl -qC${flags} "${f}" >/dev/null 2>&1 && continue # Third, try stealing the (unused under PaX) PT_GNU_STACK header paxctl -qc${flags} "${f}" >/dev/null 2>&1 && continue - pt_fail=1 - pt_failures="${pt_failures} ${f}" - done + fi - #Next try paxctl-ng -> this will not create/convert any program headers - elif type -p paxctl-ng > /dev/null && paxctl-ng -L ; then - flags="${flags//z}" - for f in "$@"; do + #Next try paxctl-ng -> this will not create/convert any program headers + if type -p paxctl-ng > /dev/null && paxctl-ng -L ; then + flags="${flags//z}" [[ ${dodefault} == "yes" ]] && paxctl-ng -L -z "${f}" >/dev/null 2>&1 [[ "${flags}" ]] || continue paxctl-ng -L -${flags} "${f}" >/dev/null 2>&1 && continue - pt_fail=1 - pt_failures="${pt_failures} ${f}" - done - - #Finally fall back on scanelf - elif type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then - scanelf -Xxz ${flags} "$@" >/dev/null 2>&1 - - #We failed to set PT_PAX flags - elif [[ ${PAX_MARKINGS} != "none" ]]; then - pt_failures="$*" - pt_fail=1 - fi - - if [[ ${pt_fail} == 1 ]]; then - ret=1 - fi + fi + + #Finally fall back on scanelf + if type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then + scanelf -Xxz ${flags} "$f" >/dev/null 2>&1 + #We failed to set PT_PAX flags + elif [[ ${PAX_MARKINGS} != "none" ]]; then + elog "Failed to set PT_PAX markings -${flags} ${f}." + ret=1 + fi + done fi - if has XT "${PAX_MARKINGS}"; then - + if has XT ${PAX_MARKINGS}; then flags="${flags//z}" + for f in "$@"; do - #First try paxctl-ng - if type -p paxctl-ng > /dev/null && paxctl-ng -l ; then - for f in "$@"; do + #First try paxctl-ng + if type -p paxctl-ng > /dev/null && paxctl-ng -l ; then [[ ${dodefault} == "yes" ]] && paxctl-ng -d "${f}" >/dev/null 2>&1 [[ "${flags}" ]] || continue paxctl-ng -l -${flags} "${f}" >/dev/null 2>&1 && continue - xt_fail=1 - xt_failures="${tx_failures} ${f}" - done + fi - #Next try setfattr - elif type -p setfattr > /dev/null; then - [[ "${flags//[!Ee]}" ]] || flags+="e" # bug 447150 - for f in "$@"; do + #Next try setfattr + if type -p setfattr > /dev/null; then + [[ "${flags//[!Ee]}" ]] || flags+="e" # bug 447150 [[ ${dodefault} == "yes" ]] && setfattr -x "user.pax.flags" "${f}" >/dev/null 2>&1 setfattr -n "user.pax.flags" -v "${flags}" "${f}" >/dev/null 2>&1 && continue - xt_fail=1 - xt_failures="${tx_failures} ${f}" - done - - #We failed to set XATTR_PAX flags - elif [[ ${PAX_MARKINGS} != "none" ]]; then - xt_failures="$*" - xt_fail=1 - fi - - if [[ ${xt_fail} == 1 ]]; then - ret=1 - fi + fi + + #We failed to set XATTR_PAX flags + if [[ ${PAX_MARKINGS} != "none" ]]; then + elog "Failed to set XATTR_PAX markings -${flags} ${f}." + ret=1 + fi + done fi return ${ret} |