Attachment #84739 for bug #62273

Lines 3-8 Link Here

(-)bin/prepstrip (-3 / +5 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepstrip,v 1.23.2.3 2005/08/15 02:58:20 vapier Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepstrip,v 1.23.2.3 2005/08/15 02:58:20 vapier Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [[ " ${FEATURES} " == " nostrip " ]] \|\| \	8	if [[ " ${FEATURES} " == " nostrip " ]] \|\| \
7	[[ " ${RESTRICT} " == " nostrip " ]] \|\| \	9	[[ " ${RESTRICT} " == " nostrip " ]] \|\| \
8	[[ " ${RESTRICT} " == " strip " ]]	10	[[ " ${RESTRICT} " == " strip " ]]
Lines 46-52 Link Here
46		48
47	for x in $(scanelf -yRBF%F "$@") $(for y in "$@"; do find "${y}" -type f -name '*.a' -print0 ; done); do	49	for x in $(scanelf -yRBF%F "$@") $(for y in "$@"; do find "${y}" -type f -name '*.a' -print0 ; done); do
48	if [[ ${banner} -eq 1 ]] ; then	50	if [[ ${banner} -eq 1 ]] ; then
49	echo "strip: ${STRIP} ${PORTAGE_STRIP_FLAGS}"	51	eecho "strip: ${STRIP} ${PORTAGE_STRIP_FLAGS}"
50	banner=0	52	banner=0
51	fi	53	fi
52		54
Lines 64-74 Link Here
64	set +o noglob	66	set +o noglob
65		67
66	if [[ ${f} == "current ar archive" ]] ; then	68	if [[ ${f} == "current ar archive" ]] ; then
67	echo " ${x:${#D}:${#x}}"	69	eecho " ${x:${#D}:${#x}}"
68	[[ ${stripitbaby} -eq 1 ]] && ${STRIP} -g "${x}"	70	[[ ${stripitbaby} -eq 1 ]] && ${STRIP} -g "${x}"
69	fi	71	fi
70	if [[ ${f} == "SB executable" \|\| ${f} == "SB shared object" ]] ; then	72	if [[ ${f} == "SB executable" \|\| ${f} == "SB shared object" ]] ; then
71	echo " ${x:${#D}:${#x}}"	73	eecho " ${x:${#D}:${#x}}"
72	save_elf_debug "${x}"	74	save_elf_debug "${x}"
73	[[ ${stripitbaby} -eq 1 ]] && ${STRIP} ${PORTAGE_STRIP_FLAGS} "${x}"	75	[[ ${stripitbaby} -eq 1 ]] && ${STRIP} ${PORTAGE_STRIP_FLAGS} "${x}"
74	fi	76	fi

Lines 3-11 Link Here

(-)bin/prepallman (-1 / +3 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepallman,v 1.10 2004/10/04 13:56:50 vapier Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepallman,v 1.10 2004/10/04 13:56:50 vapier Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	ret=0	8	ret=0
7		9
8	echo "man:"	10	eecho "man:"
9	for x in "${D}"opt/*/man "${D}"usr/share/man "${D}"usr/local/man "${D}"usr/X11R6/man ; do	11	for x in "${D}"opt/*/man "${D}"usr/share/man "${D}"usr/local/man "${D}"usr/X11R6/man ; do
10	if [[ -d ${x} ]] ; then	12	if [[ -d ${x} ]] ; then
11	x=${x#${D}}	13	x=${x#${D}}

Lines 3-8 Link Here

(-)bin/doman (-1 / +3 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doman,v 1.13.2.2 2005/07/29 05:55:34 vapier Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doman,v 1.13.2.2 2005/07/29 05:55:34 vapier Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [[ $# -lt 1 ]] ; then	8	if [[ $# -lt 1 ]] ; then
7	echo "$0: at least one argument needed" 1>&2	9	echo "$0: at least one argument needed" 1>&2
8	exit 1	10	exit 1
Lines 26-32 Link Here
26	if [[ ${suffix} == "gz" ]] ; then	28	if [[ ${suffix} == "gz" ]] ; then
27	realname=${x%.*}	29	realname=${x%.*}
28	suffix=${realname##*.}	30	suffix=${realname##*.}
29	echo "QA Notice: you should let portage compress '${realname}' for you" 2>&1	31	eecho "QA Notice: you should let portage compress '${realname}' for you" 2>&1
30	fi	32	fi
31		33
32	mandir=${i18n}man${suffix:0:1}	34	mandir=${i18n}man${suffix:0:1}

Lines 3-8 Link Here

(-)bin/prepman (-4 / +6 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepman,v 1.10.2.3 2005/05/29 12:40:08 jstubbs Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepman,v 1.10.2.3 2005/05/29 12:40:08 jstubbs Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [[ -z $1 ]] ; then	8	if [[ -z $1 ]] ; then
7	z="${D}usr/share/man"	9	z="${D}usr/share/man"
8	else	10	else
Lines 10-16 Link Here
10	fi	12	fi
11		13
12	if [[ ! -d ${z} ]] ; then	14	if [[ ! -d ${z} ]] ; then
13	echo "QA Notice: prepman called with non-existent dir '${z#${D}}'" 2>&1	15	eecho "QA Notice: prepman called with non-existent dir '${z#${D}}'" 2>&1
14	exit 0	16	exit 0
15	fi	17	fi
16		18
Lines 33-47 Link Here
33	mylink="${mylink}.gz"	35	mylink="${mylink}.gz"
34	fi	36	fi
35		37
36	echo "fixing man page symlink: ${mylink##*/}"	38	eecho "fixing man page symlink: ${mylink##*/}"
37	ln -snf "${linkto}" "${mylink}"	39	ln -snf "${linkto}" "${mylink}"
38	if [[ ${y} != "${mylink}" ]] ; then	40	if [[ ${y} != "${mylink}" ]] ; then
39	echo "removing old symlink: ${y##*/}"	41	eecho "removing old symlink: ${y##*/}"
40	rm -f "${y}"	42	rm -f "${y}"
41	fi	43	fi
42	else	44	else
43	if [[ ${y##.} != "gz" ]] && [[ ${y##.} != "bz2" ]] && [[ ! -d ${y} ]] ; then	45	if [[ ${y##.} != "gz" ]] && [[ ${y##.} != "bz2" ]] && [[ ! -d ${y} ]] ; then
44	echo "gzipping man page: ${y##*/}"	46	eecho "gzipping man page: ${y##*/}"
45	gzip -f -9 "${y}"	47	gzip -f -9 "${y}"
46	fi	48	fi
47	fi	49	fi




	declare -i UNSAFE=0
	for i in $(find "${D}/" -type f -perm -2002); do
		((UNSAFE++))
		eecho "UNSAFE SetGID: $i"
		chmod -s,o-w "$i"
	done
	for i in $(find "${D}/" -type f -perm -4002); do
		((UNSAFE++))
		eecho "UNSAFE SetUID: $i"
		chmod -s,o-w "$i"
	done

	# Now we look for all world writable files.
	for i in $(find "${D}/" -type f -perm -2); do
		eecho -ne '\a'
		eecho "QA Security Notice:"
		eecho "- ${i:${#D}:${#i}} will be a world writable file."
		eecho "- This may or may not be a security problem, most of the time it is one."
		eecho "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
		sleep 1
	done

	if type -p scanelf > /dev/null ; then
		local qa_var insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET}
		
		# display warnings when using stricter because we die afterwards
		if has stricter ${FEATURES}; then
			unset PORTAGE_QUIET
		fi
		
		# Make sure we disallow insecure RUNPATH/RPATH's
		# Don't want paths that point to the tree where the package was built
		# (older, broken libtools would do this).  Also check for null paths
		# because the loader will search $PWD when it finds null paths.
		f=$(scanelf -qyRF '%r %p' "${D}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )")
		if [[ -n ${f} ]] ; then
			eecho -ne '\a\n'
			eecho "QA Notice: the following files contain insecure RUNPATH's"
			eecho " Please file a bug about this at http://bugs.gentoo.org/"
			eecho " with the maintaining herd of the package."
			eecho " Summary: $CATEGORY/$PN: insecure RPATH ${f}"
			eecho "${f}"
			eecho -ne '\a\n'
			if has stricter ${FEATURES}; then
				insecure_rpath=1
			else
				eecho "Auto fixing rpaths for ${f}"
				TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null
			fi
		fi

		# Check for setid binaries but are not built with BIND_NOW
		f=$(scanelf -qyRF '%b %p' "${D}")
		if [[ -n ${f} ]] ; then
			eecho -ne '\a\n'
			eecho "QA Notice: the following files are setXid, dyn linked, and using lazy bindings"
			eecho " This combination is generally discouraged.  Try re-emerging the package:"
			eecho " LDFLAGS='-Wl,-z,now' emerge ${PN}"
			eecho "${f}"
			eecho -ne '\a\n'
			die_msg="${die_msg} setXid lazy bindings,"
			sleep 1
		fi

			}')
		if [[ -n ${f} ]] ; then
			scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
			eecho -ne '\a\n'
			eecho "QA Notice: the following files contain runtime text relocations"
			eecho " Text relocations force the dynamic linker to perform extra"
			eecho " work at startup, waste system resources, and may pose a security"
			eecho " risk.  On some architectures, the code may not even function"
			eecho " properly, if at all."
			eecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
			eecho " Please include this file in your report:"
			eecho " ${T}/scanelf-textrel.log"
			eecho "${f}"
			eecho -ne '\a\n'
			die_msg="${die_msg} textrels,"
			sleep 1
		fi

		if [[ -n ${f} ]] ; then
			# One more pass to help devs track down the source
			scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
			eecho -ne '\a\n'
			eecho "QA Notice: the following files contain executable stacks"
			eecho " Files with executable stacks will not work properly (or at all!)"
			eecho " on some architectures/operating systems.  A bug should be filed"
			eecho " at http://bugs.gentoo.org/ to make sure the file is fixed."
			eecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
			eecho " Please include this file in your report:"
			eecho " ${T}/scanelf-execstack.log"
			eecho "${f}"
			eecho -ne '\a\n'
			die_msg="${die_msg} execstacks"
			sleep 1
		fi

		elif [[ ${die_msg} != "" ]] && has stricter ${FEATURES} && ! has stricter ${RESTRICT} ; then
			die "Aborting due to QA concerns: ${die_msg}"
		fi

		PORTAGE_QUIET=${tmp_quiet}
	fi

	if [[ ${UNSAFE} > 0 ]] ; then

	# total suid control.
	if hasq suidctl $FEATURES; then
		sfconf=/etc/portage/suidctl.conf
		eecho ">>> Preforming suid scan in ${IMAGE}"
		for i in $(find ${IMAGE}/ -type f \( -perm -4000 -o -perm -2000 \) ); do
			if [ -s "${sfconf}" ]; then
				suid="$(grep ^${i/${IMAGE}/}$ ${sfconf})"
				if [ "${suid}" = "${i/${IMAGE}/}" ]; then
					eecho "- ${i/${IMAGE}/} is an approved suid file"
				else
					eecho ">>> Removing sbit on non registered ${i/${IMAGE}/}"
					for x in 5 4 3 2 1 0; do echo -ne "\a"; sleep 0.25 ; done
					eecho -ne "\a"
					chmod ugo-s "${i}"
					grep ^#${i/${IMAGE}/}$ ${sfconf} > /dev/null || {
						# sandbox prevents us from writing directly
						# to files outside of the sandbox, but this
						# can easly be bypassed using the addwrite() function
						addwrite "${sfconf}"
						eecho ">>> Appending commented out entry to ${sfconf} for ${PF}"
						ls_ret=$(ls -ldh "${i}")
						echo "## ${ls_ret%${IMAGE}*}${ls_ret#*${IMAGE}}" >> ${sfconf}
						echo "#${i/${IMAGE}/}" >> ${sfconf}

					}
				fi
			else
				eecho "suidctl feature set but you are lacking a ${sfconf}"
			fi
		done
	fi

		# only attempt to label if setfiles is executable
		# and 'context' is available on selinuxfs.
		if [ -f /selinux/context -a -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
			eecho ">>> Setting SELinux security labels"
			(
				eval "$(/usr/sbin/selinuxconfig)" || \
					die "Failed to determine SELinux policy paths.";

		else
			# nonfatal, since merging can happen outside a SE kernel
			# like during a recovery situation
			eecho "!!! Unable to set SELinux security labels"
		fi
	fi
}

	fi
	mv -f "${pkg_tmp}" "${pkg_dest}" || die "Failed to move tbz2 to ${pkg_dest}"
	ln -sf "../All/${PF}.tbz2" "${PKGDIR}/${CATEGORY}/${PF}.tbz2" || die "Failed to create symlink in ${PKGDIR}/${CATEGORY}"
	eecho ">>> Done."
	cd "${PORTAGE_BUILDDIR}"
	touch .packaged || die "Failed to 'touch .packaged' in ${PORTAGE_BUILDDIR}"
}




# Distributed under the terms of the GNU General Public License v2
# $Id: /var/cvsroot/gentoo-src/portage/bin/prepinfo,v 1.6.2.1 2005/05/29 12:40:08 jstubbs Exp $

source /usr/lib/portage/bin/isolated-functions.sh

if [ -z "$1" ] ; then
	z="${D}usr/share/info"
else

			mylink="${mylink}.gz"
		fi

		eecho "fixing GNU info symlink: ${mylink##*/}"
		ln -snf "${linkto}" "${mylink}"
		if [ "${x}" != "${mylink}" ] ; then
			eecho "removing old symlink: ${x##*/}"
			rm -f "${x}"
		fi
	else
		if [ "${x##*.}" != "gz" ] ; then
			eecho "gzipping GNU info page: ${x##*/}"
			gzip -f -9 "${x}"
		fi
	fi




# Distributed under the terms of the GNU General Public License v2
# $Id: /var/cvsroot/gentoo-src/portage/bin/prepalldocs,v 1.6 2004/10/04 13:56:50 vapier Exp $

source /usr/lib/portage/bin/isolated-functions.sh

z="$(find "${D}"usr/share/doc \( -type f -or -type l \) -not -name "*.gz" -not -name "*.js" 2>/dev/null)"

for y in ${z} ; do

			mylink="${mylink}.gz"
		fi

		eecho "fixing doc symlink: ${mylink##*/}"
		ln -snf "${linkto}" "${mylink}"
		if [ "${y}" != "${mylink}" ] ; then
			eecho "removing old symlink: ${y##*/}"
			rm -f "${y}"
		fi
	else
		if [ "${y##*.}" != "gz" ] ; then
			eecho "gzipping doc: ${y##*/}"
			gzip -f -9 "${y}"
		fi
	fi	

Lines 3-9 Link Here

(-)bin/prepallinfo (-1 / +3 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepallinfo,v 1.6 2004/10/04 13:56:50 vapier Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepallinfo,v 1.6 2004/10/04 13:56:50 vapier Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	[[ ! -d ${D}usr/share/info ]] && exit 0	8	[[ ! -d ${D}usr/share/info ]] && exit 0
7		9
8	echo "info:"	10	eecho "info:"
9	exec prepinfo	11	exec prepinfo

Lines 3-8 Link Here

(-)bin/doins (-4 / +6 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doins,v 1.7.2.2 2004/12/17 22:25:13 carpaski Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doins,v 1.7.2.2 2004/12/17 22:25:13 carpaski Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [ $# -lt 1 ] ; then	8	if [ $# -lt 1 ] ; then
7	echo "${0}: at least one argument needed"	9	echo "${0}: at least one argument needed"
8	exit 1	10	exit 1
Lines 21-30 Link Here
21	fi	23	fi
22		24
23	if [ "${INSDESTTREE%${D}*}" == "" ]; then	25	if [ "${INSDESTTREE%${D}*}" == "" ]; then
24	echo "-------------------------------------------------------" 1>&2	26	eecho "-------------------------------------------------------" 1>&2
25	echo "You should not use \${D} with helpers." 1>&2	27	eecho "You should not use \${D} with helpers." 1>&2
26	echo " --> ${INSDESTTREE}" 1>&2	28	eecho " --> ${INSDESTTREE}" 1>&2
27	echo "-------------------------------------------------------" 1>&2	29	eecho "-------------------------------------------------------" 1>&2
28	#exit 1	30	#exit 1
29	fi	31	fi
30		32

Lines 3-10 Link Here

(-)bin/preplib (-1 / +3 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/preplib,v 1.7.2.1 2005/01/02 09:36:02 jstubbs Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/preplib,v 1.7.2.1 2005/01/02 09:36:02 jstubbs Exp $
5		5
6	echo "QA Notice: Please stop using me, fix your package instead" 1>&2	6	source /usr/lib/portage/bin/isolated-functions.sh
7		7
		8	eecho "QA Notice: Please stop using me, fix your package instead" 1>&2
		9
8	LIBDIR_VAR="LIBDIR_${ABI}"	10	LIBDIR_VAR="LIBDIR_${ABI}"
9	if [ -n "${ABI}" -a -n "${!LIBDIR_VAR}" ]; then	11	if [ -n "${ABI}" -a -n "${!LIBDIR_VAR}" ]; then
10	CONF_LIBDIR="${!LIBDIR_VAR}"	12	CONF_LIBDIR="${!LIBDIR_VAR}"

Lines 3-8 Link Here

(-)bin/isolated-functions.sh (-1 / +5 lines)
3	# $Header$	3	# $Header$
4		4
5	# Internal logging function, don't use this in ebuilds	5	# Internal logging function, don't use this in ebuilds
		6	eecho() {
		7	[[ ${PORTAGE_QUIET} == "1" ]] \|\| echo ${@}
		8	}
		9
6	elog_base() {	10	elog_base() {
7	local messagetype	11	local messagetype
8	[ -z "${1}" -o -z "${T}" -o ! -d "${T}/logging" ] && return 1	12	[ -z "${1}" -o -z "${T}" -o ! -d "${T}/logging" ] && return 1
Lines 12-18 Link Here
12	shift	16	shift
13	;;	17	;;
14	*)	18	*)
15	echo -e " ${BAD}*${NORMAL} Invalid use of internal function elog_base(), next message will not be logged"	19	eecho -e " ${BAD}*${NORMAL} Invalid use of internal function elog_base(), next message will not be logged"
16	return 1	20	return 1
17	;;	21	;;
18	esac	22	esac

Lines 3-8 Link Here

(-)bin/prepall (-12 / +14 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: prepall 2230 2005-11-01 01:35:59Z vapier $	4	# $Id: prepall 2230 2005-11-01 01:35:59Z vapier $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	prepallman	8	prepallman
7	prepallinfo	9	prepallinfo
8	prepallstrip	10	prepallstrip
Lines 19-25 Link Here
19	[[ ! -e ${j} ]] && continue	21	[[ ! -e ${j} ]] && continue
20	[[ -L ${j} ]] && continue	22	[[ -L ${j} ]] && continue
21	[[ -x ${j} ]] && continue	23	[[ -x ${j} ]] && continue
22	echo "making executable: /${j/${D}/}"	24	eecho "making executable: /${j/${D}/}"
23	chmod +x "${j}"	25	chmod +x "${j}"
24	done	26	done
25		27
Lines 27-33 Link Here
27	[[ ! -e ${j} ]] && continue	29	[[ ! -e ${j} ]] && continue
28	[[ -L ${j} ]] && continue	30	[[ -L ${j} ]] && continue
29	[[ ! -x ${j} ]] && continue	31	[[ ! -x ${j} ]] && continue
30	echo "removing executable bit: /${j/${D}/}"	32	eecho "removing executable bit: /${j/${D}/}"
31	chmod -x "${j}"	33	chmod -x "${j}"
32	done	34	done
33	done	35	done
Lines 41-47 Link Here
41	if [[ ! -e ${s} ]] ; then	43	if [[ ! -e ${s} ]] ; then
42	s=${s%usr/}${s##/usr/}	44	s=${s%usr/}${s##/usr/}
43	if [[ -e ${s} ]] ; then	45	if [[ -e ${s} ]] ; then
44	echo -e "\aQA Notice: missing gen_usr_ldscript for ${s##*/}\a"	46	eecho -e "\aQA Notice: missing gen_usr_ldscript for ${s##*/}\a"
45	sleep 1	47	sleep 1
46	fi	48	fi
47	fi	49	fi
Lines 50-57 Link Here
50	# Make sure people don't store libtool files or static libs in /lib	52	# Make sure people don't store libtool files or static libs in /lib
51	f=$(ls "${D}"lib/.{a,la} 2>/dev/null)	53	f=$(ls "${D}"lib/.{a,la} 2>/dev/null)
52	if [[ -n ${f} ]] ; then	54	if [[ -n ${f} ]] ; then
53	echo -e "\n\aQA Notice: excessive files found in the / partition\a"	55	eecho -e "\n\aQA Notice: excessive files found in the / partition\a"
54	echo "${f}"	56	eecho "${f}"
55	sleep 1	57	sleep 1
56	fi	58	fi
57		59
Lines 59-65 Link Here
59	for a in "${D}"usr/lib/.la ; do	61	for a in "${D}"usr/lib/.la ; do
60	s=${a##*/}	62	s=${a##*/}
61	if grep -qs "${D}" "${a}" ; then	63	if grep -qs "${D}" "${a}" ; then
62	echo -e "\n\aQA Notice: ${s} appears to contain PORTAGE_TMPDIR paths\a"	64	eecho -e "\n\aQA Notice: ${s} appears to contain PORTAGE_TMPDIR paths\a"
63	sleep 1	65	sleep 1
64	fi	66	fi
65	done	67	done
Lines 70-86 Link Here
70	for d in "${D}"lib* "${D}"usr/lib* ; do	72	for d in "${D}"lib* "${D}"usr/lib* ; do
71	f=$(scanelf -ByF '%S %p' "${d}"/lib.so \| gawk '$2 == "" { print }')	73	f=$(scanelf -ByF '%S %p' "${d}"/lib.so \| gawk '$2 == "" { print }')
72	if [[ -n ${f} ]] ; then	74	if [[ -n ${f} ]] ; then
73	echo -e "\n\aQA Notice: the following shared libraries lack a SONAME\a"	75	eecho -e "\n\aQA Notice: the following shared libraries lack a SONAME\a"
74	echo "${f}"	76	eecho "${f}"
75	echo	77	eecho
76	sleep 1	78	sleep 1
77	fi	79	fi
78		80
79	f=$(scanelf -ByF '%n %p' "${d}"/lib.so \| gawk '$2 == "" { print }')	81	f=$(scanelf -ByF '%n %p' "${d}"/lib.so \| gawk '$2 == "" { print }')
80	if [[ -n ${f} ]] ; then	82	if [[ -n ${f} ]] ; then
81	echo -e "\n\aQA Notice: the following shared libraries lack NEEDED entries\a"	83	eecho -e "\n\aQA Notice: the following shared libraries lack NEEDED entries\a"
82	echo "${f}"	84	eecho "${f}"
83	echo	85	eecho
84	sleep 1	86	sleep 1
85	fi	87	fi
86	done	88	done

Lines 3-8 Link Here

(-)bin/doexe (-1 / +3 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doexe,v 1.10.2.1 2004/12/06 03:01:43 carpaski Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/doexe,v 1.10.2.1 2004/12/06 03:01:43 carpaski Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [[ $# -lt 1 ]] ; then	8	if [[ $# -lt 1 ]] ; then
7	echo "$0: at least one argument needed" 1>&2	9	echo "$0: at least one argument needed" 1>&2
8	exit 1	10	exit 1
Lines 17-23 Link Here
17	cp "${x}" "${T}"	19	cp "${x}" "${T}"
18	mysrc="${T}"/$(/usr/bin/basename "${x}")	20	mysrc="${T}"/$(/usr/bin/basename "${x}")
19	elif [ -d "${x}" ] ; then	21	elif [ -d "${x}" ] ; then
20	echo "doexe: warning, skipping directory ${x}"	22	eecho "doexe: warning, skipping directory ${x}"
21	continue	23	continue
22	else	24	else
23	mysrc="${x}"	25	mysrc="${x}"




	return 0
}


use() {
	useq ${1}
}


	# Make sure we have this USE flag in IUSE
	if ! hasq "${u}" ${IUSE} ${E_IUSE} && ! hasq "${u}" ${PORTAGE_ARCHLIST} selinux; then
		eecho "QA Notice: USE Flag '${u}' not in IUSE for ${CATEGORY}/${PF}" >&2
	fi

	if hasq ${u} ${USE} ; then

	[ -z "$*" ] && die "Nothing passed to the 'unpack' command"

	for x in "$@"; do
		eecho ">>> Unpacking ${x} to ${PWD}"
		y=${x%.*}
		y=${y##*.}


				ar x "${srcdir}/${x}" || die "$myfail"
				;;
			*)
				eecho "unpack ${x}: file format not recognized. Ignoring."
				;;
		esac
	done

	if [ -x "${ECONF_SOURCE}/configure" ]; then
		if [ -e /usr/share/gnuconfig/ ]; then
			for x in $(find "${WORKDIR}" -type f '(' -name config.guess -o -name config.sub ')') ; do
				eecho " * econf: updating ${x/${WORKDIR}\/} with /usr/share/gnuconfig/${x##*/}"
				cp -f /usr/share/gnuconfig/${x##*/} ${x}
			done
		fi

			CONFCACHE=
		fi

		eecho ${CONFCACHE} ${CONFCACHE_ARG} ${TMP_CONFCACHE_DIR} "${ECONF_SOURCE}/configure" \
			--prefix=/usr \
			--host=${CHOST} \
			--mandir=/usr/share/man \

src_test() {
	addpredict /
	if emake -j1 check -n &> /dev/null; then
		eecho ">>> Test phase [check]: ${CATEGORY}/${PF}"
		if ! emake -j1 check; then
			hasq test $FEATURES && die "Make check failed. See above for details."
			hasq test $FEATURES || eerror "Make check failed. See above for details."
		fi
	elif emake -j1 test -n &> /dev/null; then
		eecho ">>> Test phase [test]: ${CATEGORY}/${PF}"
		if ! emake -j1 test; then
			hasq test $FEATURES && die "Make test failed. See above for details."
			hasq test $FEATURES || eerror "Make test failed. See above for details."
		fi
	else
		eecho ">>> Test phase [none]: ${CATEGORY}/${PF}"
	fi
	SANDBOX_PREDICT="${SANDBOX_PREDICT%:/}"
}

		local x
		local checkme
		for x in ${AA}; do
			eecho ">>> Checking ${x}'s mtime..."
			if [ "${PORTAGE_ACTUAL_DISTDIR:-${DISTDIR}}/${x}" -nt "${WORKDIR}" ]; then
				eecho ">>> ${x} has been updated; recreating WORKDIR..."
				newstuff="yes"
				rm -rf "${WORKDIR}"
				break
			fi
		done
		if [ "${EBUILD}" -nt "${WORKDIR}" ]; then
			eecho ">>> ${EBUILD} has been updated; recreating WORKDIR..."
			newstuff="yes"
			rm -rf "${WORKDIR}"
		elif [ ! -f "${PORTAGE_BUILDDIR}/.unpacked" ]; then
			eecho ">>> Not marked as unpacked; recreating WORKDIR..."
			newstuff="yes"
			rm -rf "${WORKDIR}"
		fi
	fi
	if [ -e "${WORKDIR}" ]; then
		if [ "$newstuff" == "no" ]; then
			eecho ">>> WORKDIR is up-to-date, keeping..."
			[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack
			return 0
		fi

		install -m${PORTAGE_WORKDIR_MODE:-0700} -d "${WORKDIR}" || die "Failed to create dir '${WORKDIR}'"
	fi
	cd "${WORKDIR}" || die "Directory change failed: \`cd '${WORKDIR}'\`"
	eecho ">>> Unpacking source..."
	src_unpack
	touch "${PORTAGE_BUILDDIR}/.unpacked" || die "IO Failure -- Failed 'touch .unpacked' in ${PORTAGE_BUILDDIR}"
	eecho ">>> Source unpacked."
	cd "${PORTAGE_BUILDDIR}"

	[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack

	cp "${EBUILD}" "build-info/${PF}.ebuild"

	if [ "${PORTAGE_BUILDDIR}/.compiled" -nt "${WORKDIR}" ]; then
		eecho ">>> It appears that ${PN} is already compiled; skipping."
		eecho ">>> (clean to force compilation)"
		trap SIGINT SIGQUIT
		[ "$(type -t post_src_compile)" == "function" ] && post_src_compile
		return

	#some packages use an alternative to $S to build in, cause
	#our libtool to create problematic .la files
	export PWORKDIR="$WORKDIR"
	eecho ">>> Compiling source in ${srcdir} ..."
	src_compile
	eecho ">>> Source compiled."
	#|| abort_compile "fail"
	cd "${PORTAGE_BUILDDIR}"
	touch .compiled

dyn_test() {
	[ "$(type -t pre_src_test)" == "function" ] && pre_src_test
	if [ "${PORTAGE_BUILDDIR}/.tested" -nt "${WORKDIR}" ]; then
		eecho ">>> It appears that ${PN} has already been tested; skipping."
		[ "$(type -t post_src_test)" == "function" ] && post_src_test
		return
	fi

	fi
	if hasq test $RESTRICT; then
		ewarn "Skipping make test/check due to ebuild restriction."
		eecho ">>> Test phase [explicitly disabled]: ${CATEGORY}/${PF}"
	elif ! hasq test $FEATURES; then
		eecho ">>> Test phase [not enabled]: ${CATEGORY}/${PF}"
	else
		src_test
	fi

	if [ -d "${S}" ]; then
		cd "${S}"
	fi
	eecho
	eecho ">>> Install ${PF} into ${D} category ${CATEGORY}"
	#our custom version of libtool uses $S and $D to fix
	#invalid paths in .la files
	export S D

	export PWORKDIR="$WORKDIR"
	src_install
	touch "${PORTAGE_BUILDDIR}/.installed"
	eecho ">>> Completed installing ${PF} into ${D}"
	eecho
	cd ${PORTAGE_BUILDDIR}
	[ "$(type -t post_src_install)" == "function" ] && post_src_install
	trap SIGINT SIGQUIT


		if [ "$EBUILD_PHASE" != "depend" ]; then
			if ! hasq $ECLASS $INHERITED; then
				eecho
				eecho "QA Notice: ECLASS '$ECLASS' inherited illegally in $CATEGORY/$PF" >&2
				eecho
			fi
		fi


			BODY="${BIN_PATH} \"\$@\"; return \$?"
		fi
		FUNC_SRC="${BIN}() {
		eecho -n \"QA Notice: ${BIN} in global scope: \" >&2
		if [ \$ECLASS_DEPTH -gt 0 ]; then
			eecho \"eclass \${ECLASS}\" >&2
		else
			eecho \"\${CATEGORY}/\${PF}\" >&2
		fi
		${BODY}
		}";

Return to bug 62273

Lines 117-123 Link Here

(-)bin/ebuild.sh (-33 / +32 lines)
117	return 0	117	return 0
118	}	118	}
119		119
120
121	use() {	120	use() {
122	useq ${1}	121	useq ${1}
123	}	122	}
Lines 142-148 Link Here
142		141
143	# Make sure we have this USE flag in IUSE	142	# Make sure we have this USE flag in IUSE
144	if ! hasq "${u}" ${IUSE} ${E_IUSE} && ! hasq "${u}" ${PORTAGE_ARCHLIST} selinux; then	143	if ! hasq "${u}" ${IUSE} ${E_IUSE} && ! hasq "${u}" ${PORTAGE_ARCHLIST} selinux; then
145	echo "QA Notice: USE Flag '${u}' not in IUSE for ${CATEGORY}/${PF}" >&2	144	eecho "QA Notice: USE Flag '${u}' not in IUSE for ${CATEGORY}/${PF}" >&2
146	fi	145	fi
147		146
148	if hasq ${u} ${USE} ; then	147	if hasq ${u} ${USE} ; then
Lines 350-356 Link Here
350	[ -z "$*" ] && die "Nothing passed to the 'unpack' command"	349	[ -z "$*" ] && die "Nothing passed to the 'unpack' command"
351		350
352	for x in "$@"; do	351	for x in "$@"; do
353	echo ">>> Unpacking ${x} to ${PWD}"	352	eecho ">>> Unpacking ${x} to ${PWD}"
354	y=${x%.*}	353	y=${x%.*}
355	y=${y##*.}	354	y=${y##*.}
356		355
Lines 402-408 Link Here
402	ar x "${srcdir}/${x}" \|\| die "$myfail"	401	ar x "${srcdir}/${x}" \|\| die "$myfail"
403	;;	402	;;
404	*)	403	*)
405	echo "unpack ${x}: file format not recognized. Ignoring."	404	eecho "unpack ${x}: file format not recognized. Ignoring."
406	;;	405	;;
407	esac	406	esac
408	done	407	done
Lines 429-435 Link Here
429	if [ -x "${ECONF_SOURCE}/configure" ]; then	428	if [ -x "${ECONF_SOURCE}/configure" ]; then
430	if [ -e /usr/share/gnuconfig/ ]; then	429	if [ -e /usr/share/gnuconfig/ ]; then
431	for x in $(find "${WORKDIR}" -type f '(' -name config.guess -o -name config.sub ')') ; do	430	for x in $(find "${WORKDIR}" -type f '(' -name config.guess -o -name config.sub ')') ; do
432	echo " * econf: updating ${x/${WORKDIR}\/} with /usr/share/gnuconfig/${x##*/}"	431	eecho " * econf: updating ${x/${WORKDIR}\/} with /usr/share/gnuconfig/${x##*/}"
433	cp -f /usr/share/gnuconfig/${x##*/} ${x}	432	cp -f /usr/share/gnuconfig/${x##*/} ${x}
434	done	433	done
435	fi	434	fi
Lines 496-502 Link Here
496	CONFCACHE=	495	CONFCACHE=
497	fi	496	fi
498		497
499	echo ${CONFCACHE} ${CONFCACHE_ARG} ${TMP_CONFCACHE_DIR} "${ECONF_SOURCE}/configure" \	498	eecho ${CONFCACHE} ${CONFCACHE_ARG} ${TMP_CONFCACHE_DIR} "${ECONF_SOURCE}/configure" \
500	--prefix=/usr \	499	--prefix=/usr \
501	--host=${CHOST} \	500	--host=${CHOST} \
502	--mandir=/usr/share/man \	501	--mandir=/usr/share/man \
Lines 598-616 Link Here
598	src_test() {	597	src_test() {
599	addpredict /	598	addpredict /
600	if emake -j1 check -n &> /dev/null; then	599	if emake -j1 check -n &> /dev/null; then
601	echo ">>> Test phase [check]: ${CATEGORY}/${PF}"	600	eecho ">>> Test phase [check]: ${CATEGORY}/${PF}"
602	if ! emake -j1 check; then	601	if ! emake -j1 check; then
603	hasq test $FEATURES && die "Make check failed. See above for details."	602	hasq test $FEATURES && die "Make check failed. See above for details."
604	hasq test $FEATURES \|\| eerror "Make check failed. See above for details."	603	hasq test $FEATURES \|\| eerror "Make check failed. See above for details."
605	fi	604	fi
606	elif emake -j1 test -n &> /dev/null; then	605	elif emake -j1 test -n &> /dev/null; then
607	echo ">>> Test phase [test]: ${CATEGORY}/${PF}"	606	eecho ">>> Test phase [test]: ${CATEGORY}/${PF}"
608	if ! emake -j1 test; then	607	if ! emake -j1 test; then
609	hasq test $FEATURES && die "Make test failed. See above for details."	608	hasq test $FEATURES && die "Make test failed. See above for details."
610	hasq test $FEATURES \|\| eerror "Make test failed. See above for details."	609	hasq test $FEATURES \|\| eerror "Make test failed. See above for details."
611	fi	610	fi
612	else	611	else
613	echo ">>> Test phase [none]: ${CATEGORY}/${PF}"	612	eecho ">>> Test phase [none]: ${CATEGORY}/${PF}"
614	fi	613	fi
615	SANDBOX_PREDICT="${SANDBOX_PREDICT%:/}"	614	SANDBOX_PREDICT="${SANDBOX_PREDICT%:/}"
616	}	615	}
Lines 662-688 Link Here
662	local x	661	local x
663	local checkme	662	local checkme
664	for x in ${AA}; do	663	for x in ${AA}; do
665	echo ">>> Checking ${x}'s mtime..."	664	eecho ">>> Checking ${x}'s mtime..."
666	if [ "${PORTAGE_ACTUAL_DISTDIR:-${DISTDIR}}/${x}" -nt "${WORKDIR}" ]; then	665	if [ "${PORTAGE_ACTUAL_DISTDIR:-${DISTDIR}}/${x}" -nt "${WORKDIR}" ]; then
667	echo ">>> ${x} has been updated; recreating WORKDIR..."	666	eecho ">>> ${x} has been updated; recreating WORKDIR..."
668	newstuff="yes"	667	newstuff="yes"
669	rm -rf "${WORKDIR}"	668	rm -rf "${WORKDIR}"
670	break	669	break
671	fi	670	fi
672	done	671	done
673	if [ "${EBUILD}" -nt "${WORKDIR}" ]; then	672	if [ "${EBUILD}" -nt "${WORKDIR}" ]; then
674	echo ">>> ${EBUILD} has been updated; recreating WORKDIR..."	673	eecho ">>> ${EBUILD} has been updated; recreating WORKDIR..."
675	newstuff="yes"	674	newstuff="yes"
676	rm -rf "${WORKDIR}"	675	rm -rf "${WORKDIR}"
677	elif [ ! -f "${PORTAGE_BUILDDIR}/.unpacked" ]; then	676	elif [ ! -f "${PORTAGE_BUILDDIR}/.unpacked" ]; then
678	echo ">>> Not marked as unpacked; recreating WORKDIR..."	677	eecho ">>> Not marked as unpacked; recreating WORKDIR..."
679	newstuff="yes"	678	newstuff="yes"
680	rm -rf "${WORKDIR}"	679	rm -rf "${WORKDIR}"
681	fi	680	fi
682	fi	681	fi
683	if [ -e "${WORKDIR}" ]; then	682	if [ -e "${WORKDIR}" ]; then
684	if [ "$newstuff" == "no" ]; then	683	if [ "$newstuff" == "no" ]; then
685	echo ">>> WORKDIR is up-to-date, keeping..."	684	eecho ">>> WORKDIR is up-to-date, keeping..."
686	[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack	685	[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack
687	return 0	686	return 0
688	fi	687	fi
Lines 692-701 Link Here
692	install -m${PORTAGE_WORKDIR_MODE:-0700} -d "${WORKDIR}" \|\| die "Failed to create dir '${WORKDIR}'"	691	install -m${PORTAGE_WORKDIR_MODE:-0700} -d "${WORKDIR}" \|\| die "Failed to create dir '${WORKDIR}'"
693	fi	692	fi
694	cd "${WORKDIR}" \|\| die "Directory change failed: \`cd '${WORKDIR}'\`"	693	cd "${WORKDIR}" \|\| die "Directory change failed: \`cd '${WORKDIR}'\`"
695	echo ">>> Unpacking source..."	694	eecho ">>> Unpacking source..."
696	src_unpack	695	src_unpack
697	touch "${PORTAGE_BUILDDIR}/.unpacked" \|\| die "IO Failure -- Failed 'touch .unpacked' in ${PORTAGE_BUILDDIR}"	696	touch "${PORTAGE_BUILDDIR}/.unpacked" \|\| die "IO Failure -- Failed 'touch .unpacked' in ${PORTAGE_BUILDDIR}"
698	echo ">>> Source unpacked."	697	eecho ">>> Source unpacked."
699	cd "${PORTAGE_BUILDDIR}"	698	cd "${PORTAGE_BUILDDIR}"
700		699
701	[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack	700	[ "$(type -t post_src_unpack)" == "function" ] && post_src_unpack
Lines 908-915 Link Here
908	cp "${EBUILD}" "build-info/${PF}.ebuild"	907	cp "${EBUILD}" "build-info/${PF}.ebuild"
909		908
910	if [ "${PORTAGE_BUILDDIR}/.compiled" -nt "${WORKDIR}" ]; then	909	if [ "${PORTAGE_BUILDDIR}/.compiled" -nt "${WORKDIR}" ]; then
911	echo ">>> It appears that ${PN} is already compiled; skipping."	910	eecho ">>> It appears that ${PN} is already compiled; skipping."
912	echo ">>> (clean to force compilation)"	911	eecho ">>> (clean to force compilation)"
913	trap SIGINT SIGQUIT	912	trap SIGINT SIGQUIT
914	[ "$(type -t post_src_compile)" == "function" ] && post_src_compile	913	[ "$(type -t post_src_compile)" == "function" ] && post_src_compile
915	return	914	return
Lines 924-932 Link Here
924	#some packages use an alternative to $S to build in, cause	923	#some packages use an alternative to $S to build in, cause
925	#our libtool to create problematic .la files	924	#our libtool to create problematic .la files
926	export PWORKDIR="$WORKDIR"	925	export PWORKDIR="$WORKDIR"
927	echo ">>> Compiling source in ${srcdir} ..."	926	eecho ">>> Compiling source in ${srcdir} ..."
928	src_compile	927	src_compile
929	echo ">>> Source compiled."	928	eecho ">>> Source compiled."
930	#\|\| abort_compile "fail"	929	#\|\| abort_compile "fail"
931	cd "${PORTAGE_BUILDDIR}"	930	cd "${PORTAGE_BUILDDIR}"
932	touch .compiled	931	touch .compiled
Lines 959-965 Link Here
959	dyn_test() {	958	dyn_test() {
960	[ "$(type -t pre_src_test)" == "function" ] && pre_src_test	959	[ "$(type -t pre_src_test)" == "function" ] && pre_src_test
961	if [ "${PORTAGE_BUILDDIR}/.tested" -nt "${WORKDIR}" ]; then	960	if [ "${PORTAGE_BUILDDIR}/.tested" -nt "${WORKDIR}" ]; then
962	echo ">>> It appears that ${PN} has already been tested; skipping."	961	eecho ">>> It appears that ${PN} has already been tested; skipping."
963	[ "$(type -t post_src_test)" == "function" ] && post_src_test	962	[ "$(type -t post_src_test)" == "function" ] && post_src_test
964	return	963	return
965	fi	964	fi
Lines 969-977 Link Here
969	fi	968	fi
970	if hasq test $RESTRICT; then	969	if hasq test $RESTRICT; then
971	ewarn "Skipping make test/check due to ebuild restriction."	970	ewarn "Skipping make test/check due to ebuild restriction."
972	echo ">>> Test phase [explicitly disabled]: ${CATEGORY}/${PF}"	971	eecho ">>> Test phase [explicitly disabled]: ${CATEGORY}/${PF}"
973	elif ! hasq test $FEATURES; then	972	elif ! hasq test $FEATURES; then
974	echo ">>> Test phase [not enabled]: ${CATEGORY}/${PF}"	973	eecho ">>> Test phase [not enabled]: ${CATEGORY}/${PF}"
975	else	974	else
976	src_test	975	src_test
977	fi	976	fi
Lines 991-998 Link Here
991	if [ -d "${S}" ]; then	990	if [ -d "${S}" ]; then
992	cd "${S}"	991	cd "${S}"
993	fi	992	fi
994	echo	993	eecho
995	echo ">>> Install ${PF} into ${D} category ${CATEGORY}"	994	eecho ">>> Install ${PF} into ${D} category ${CATEGORY}"
996	#our custom version of libtool uses $S and $D to fix	995	#our custom version of libtool uses $S and $D to fix
997	#invalid paths in .la files	996	#invalid paths in .la files
998	export S D	997	export S D
Lines 1001-1008 Link Here
1001	export PWORKDIR="$WORKDIR"	1000	export PWORKDIR="$WORKDIR"
1002	src_install	1001	src_install
1003	touch "${PORTAGE_BUILDDIR}/.installed"	1002	touch "${PORTAGE_BUILDDIR}/.installed"
1004	echo ">>> Completed installing ${PF} into ${D}"	1003	eecho ">>> Completed installing ${PF} into ${D}"
1005	echo	1004	eecho
1006	cd ${PORTAGE_BUILDDIR}	1005	cd ${PORTAGE_BUILDDIR}
1007	[ "$(type -t post_src_install)" == "function" ] && post_src_install	1006	[ "$(type -t post_src_install)" == "function" ] && post_src_install
1008	trap SIGINT SIGQUIT	1007	trap SIGINT SIGQUIT
Lines 1150-1158 Link Here
1150		1149
1151	if [ "$EBUILD_PHASE" != "depend" ]; then	1150	if [ "$EBUILD_PHASE" != "depend" ]; then
1152	if ! hasq $ECLASS $INHERITED; then	1151	if ! hasq $ECLASS $INHERITED; then
1153	echo	1152	eecho
1154	echo "QA Notice: ECLASS '$ECLASS' inherited illegally in $CATEGORY/$PF" >&2	1153	eecho "QA Notice: ECLASS '$ECLASS' inherited illegally in $CATEGORY/$PF" >&2
1155	echo	1154	eecho
1156	fi	1155	fi
1157	fi	1156	fi
1158		1157
Lines 1412-1422 Link Here
1412	BODY="${BIN_PATH} \"\$@\"; return \$?"	1411	BODY="${BIN_PATH} \"\$@\"; return \$?"
1413	fi	1412	fi
1414	FUNC_SRC="${BIN}() {	1413	FUNC_SRC="${BIN}() {
1415	echo -n \"QA Notice: ${BIN} in global scope: \" >&2	1414	eecho -n \"QA Notice: ${BIN} in global scope: \" >&2
1416	if [ \$ECLASS_DEPTH -gt 0 ]; then	1415	if [ \$ECLASS_DEPTH -gt 0 ]; then
1417	echo \"eclass \${ECLASS}\" >&2	1416	eecho \"eclass \${ECLASS}\" >&2
1418	else	1417	else
1419	echo \"\${CATEGORY}/\${PF}\" >&2	1418	eecho \"\${CATEGORY}/\${PF}\" >&2
1420	fi	1419	fi
1421	${BODY}	1420	${BODY}
1422	}";	1421	}";

Lines 24-68 Link Here

(-)bin/misc-functions.sh (-53 / +60 lines)
24	declare -i UNSAFE=0	24	declare -i UNSAFE=0
25	for i in $(find "${D}/" -type f -perm -2002); do	25	for i in $(find "${D}/" -type f -perm -2002); do
26	((UNSAFE++))	26	((UNSAFE++))
27	echo "UNSAFE SetGID: $i"	27	eecho "UNSAFE SetGID: $i"
28	chmod -s,o-w "$i"	28	chmod -s,o-w "$i"
29	done	29	done
30	for i in $(find "${D}/" -type f -perm -4002); do	30	for i in $(find "${D}/" -type f -perm -4002); do
31	((UNSAFE++))	31	((UNSAFE++))
32	echo "UNSAFE SetUID: $i"	32	eecho "UNSAFE SetUID: $i"
33	chmod -s,o-w "$i"	33	chmod -s,o-w "$i"
34	done	34	done
35		35
36	# Now we look for all world writable files.	36	# Now we look for all world writable files.
37	for i in $(find "${D}/" -type f -perm -2); do	37	for i in $(find "${D}/" -type f -perm -2); do
38	echo -ne '\a'	38	eecho -ne '\a'
39	echo "QA Security Notice:"	39	eecho "QA Security Notice:"
40	echo "- ${i:${#D}:${#i}} will be a world writable file."	40	eecho "- ${i:${#D}:${#i}} will be a world writable file."
41	echo "- This may or may not be a security problem, most of the time it is one."	41	eecho "- This may or may not be a security problem, most of the time it is one."
42	echo "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."	42	eecho "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
43	sleep 1	43	sleep 1
44	done	44	done
45		45
46	if type -p scanelf > /dev/null ; then	46	if type -p scanelf > /dev/null ; then
47	local qa_var insecure_rpath=0	47	local qa_var insecure_rpath=0 tmp_quiet=${PORTAGE_QUIET}
48		48
		49	# display warnings when using stricter because we die afterwards
		50	if has stricter ${FEATURES}; then
		51	unset PORTAGE_QUIET
		52	fi
		53
49	# Make sure we disallow insecure RUNPATH/RPATH's	54	# Make sure we disallow insecure RUNPATH/RPATH's
50	# Don't want paths that point to the tree where the package was built	55	# Don't want paths that point to the tree where the package was built
51	# (older, broken libtools would do this). Also check for null paths	56	# (older, broken libtools would do this). Also check for null paths
52	# because the loader will search $PWD when it finds null paths.	57	# because the loader will search $PWD when it finds null paths.
53	f=$(scanelf -qyRF '%r %p' "${D}" \| grep -E "(${PORTAGE_BUILDDIR}\|: \|::\|^:\|^ )")	58	f=$(scanelf -qyRF '%r %p' "${D}" \| grep -E "(${PORTAGE_BUILDDIR}\|: \|::\|^:\|^ )")
54	if [[ -n ${f} ]] ; then	59	if [[ -n ${f} ]] ; then
55	echo -ne '\a\n'	60	eecho -ne '\a\n'
56	echo "QA Notice: the following files contain insecure RUNPATH's"	61	eecho "QA Notice: the following files contain insecure RUNPATH's"
57	echo " Please file a bug about this at http://bugs.gentoo.org/"	62	eecho " Please file a bug about this at http://bugs.gentoo.org/"
58	echo " with the maintaining herd of the package."	63	eecho " with the maintaining herd of the package."
59	echo " Summary: $CATEGORY/$PN: insecure RPATH ${f}"	64	eecho " Summary: $CATEGORY/$PN: insecure RPATH ${f}"
60	echo "${f}"	65	eecho "${f}"
61	echo -ne '\a\n'	66	eecho -ne '\a\n'
62	if has stricter ${FEATURES}; then	67	if has stricter ${FEATURES}; then
63	insecure_rpath=1	68	insecure_rpath=1
64	else	69	else
65	echo "Auto fixing rpaths for ${f}"	70	eecho "Auto fixing rpaths for ${f}"
66	TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null	71	TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null
67	fi	72	fi
68	fi	73	fi
Lines 70-81 Link Here
70	# Check for setid binaries but are not built with BIND_NOW	75	# Check for setid binaries but are not built with BIND_NOW
71	f=$(scanelf -qyRF '%b %p' "${D}")	76	f=$(scanelf -qyRF '%b %p' "${D}")
72	if [[ -n ${f} ]] ; then	77	if [[ -n ${f} ]] ; then
73	echo -ne '\a\n'	78	eecho -ne '\a\n'
74	echo "QA Notice: the following files are setXid, dyn linked, and using lazy bindings"	79	eecho "QA Notice: the following files are setXid, dyn linked, and using lazy bindings"
75	echo " This combination is generally discouraged. Try re-emerging the package:"	80	eecho " This combination is generally discouraged. Try re-emerging the package:"
76	echo " LDFLAGS='-Wl,-z,now' emerge ${PN}"	81	eecho " LDFLAGS='-Wl,-z,now' emerge ${PN}"
77	echo "${f}"	82	eecho "${f}"
78	echo -ne '\a\n'	83	eecho -ne '\a\n'
79	die_msg="${die_msg} setXid lazy bindings,"	84	die_msg="${die_msg} setXid lazy bindings,"
80	sleep 1	85	sleep 1
81	fi	86	fi
Lines 98-114 Link Here
98	}')	103	}')
99	if [[ -n ${f} ]] ; then	104	if [[ -n ${f} ]] ; then
100	scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log	105	scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
101	echo -ne '\a\n'	106	eecho -ne '\a\n'
102	echo "QA Notice: the following files contain runtime text relocations"	107	eecho "QA Notice: the following files contain runtime text relocations"
103	echo " Text relocations force the dynamic linker to perform extra"	108	eecho " Text relocations force the dynamic linker to perform extra"
104	echo " work at startup, waste system resources, and may pose a security"	109	eecho " work at startup, waste system resources, and may pose a security"
105	echo " risk. On some architectures, the code may not even function"	110	eecho " risk. On some architectures, the code may not even function"
106	echo " properly, if at all."	111	eecho " properly, if at all."
107	echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"	112	eecho " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
108	echo " Please include this file in your report:"	113	eecho " Please include this file in your report:"
109	echo " ${T}/scanelf-textrel.log"	114	eecho " ${T}/scanelf-textrel.log"
110	echo "${f}"	115	eecho "${f}"
111	echo -ne '\a\n'	116	eecho -ne '\a\n'
112	die_msg="${die_msg} textrels,"	117	die_msg="${die_msg} textrels,"
113	sleep 1	118	sleep 1
114	fi	119	fi
Lines 146-161 Link Here
146	if [[ -n ${f} ]] ; then	151	if [[ -n ${f} ]] ; then
147	# One more pass to help devs track down the source	152	# One more pass to help devs track down the source
148	scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log	153	scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
149	echo -ne '\a\n'	154	eecho -ne '\a\n'
150	echo "QA Notice: the following files contain executable stacks"	155	eecho "QA Notice: the following files contain executable stacks"
151	echo " Files with executable stacks will not work properly (or at all!)"	156	eecho " Files with executable stacks will not work properly (or at all!)"
152	echo " on some architectures/operating systems. A bug should be filed"	157	eecho " on some architectures/operating systems. A bug should be filed"
153	echo " at http://bugs.gentoo.org/ to make sure the file is fixed."	158	eecho " at http://bugs.gentoo.org/ to make sure the file is fixed."
154	echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"	159	eecho " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
155	echo " Please include this file in your report:"	160	eecho " Please include this file in your report:"
156	echo " ${T}/scanelf-execstack.log"	161	eecho " ${T}/scanelf-execstack.log"
157	echo "${f}"	162	eecho "${f}"
158	echo -ne '\a\n'	163	eecho -ne '\a\n'
159	die_msg="${die_msg} execstacks"	164	die_msg="${die_msg} execstacks"
160	sleep 1	165	sleep 1
161	fi	166	fi
Lines 168-173 Link Here
168	elif [[ ${die_msg} != "" ]] && has stricter ${FEATURES} && ! has stricter ${RESTRICT} ; then	173	elif [[ ${die_msg} != "" ]] && has stricter ${FEATURES} && ! has stricter ${RESTRICT} ; then
169	die "Aborting due to QA concerns: ${die_msg}"	174	die "Aborting due to QA concerns: ${die_msg}"
170	fi	175	fi
		176
		177	PORTAGE_QUIET=${tmp_quiet}
171	fi	178	fi
172		179
173	if [[ ${UNSAFE} > 0 ]] ; then	180	if [[ ${UNSAFE} > 0 ]] ; then
Lines 295-317 Link Here
295	# total suid control.	302	# total suid control.
296	if hasq suidctl $FEATURES; then	303	if hasq suidctl $FEATURES; then
297	sfconf=/etc/portage/suidctl.conf	304	sfconf=/etc/portage/suidctl.conf
298	echo ">>> Preforming suid scan in ${IMAGE}"	305	eecho ">>> Preforming suid scan in ${IMAGE}"
299	for i in $(find ${IMAGE}/ -type f \( -perm -4000 -o -perm -2000 \) ); do	306	for i in $(find ${IMAGE}/ -type f \( -perm -4000 -o -perm -2000 \) ); do
300	if [ -s "${sfconf}" ]; then	307	if [ -s "${sfconf}" ]; then
301	suid="$(grep ^${i/${IMAGE}/}$ ${sfconf})"	308	suid="$(grep ^${i/${IMAGE}/}$ ${sfconf})"
302	if [ "${suid}" = "${i/${IMAGE}/}" ]; then	309	if [ "${suid}" = "${i/${IMAGE}/}" ]; then
303	echo "- ${i/${IMAGE}/} is an approved suid file"	310	eecho "- ${i/${IMAGE}/} is an approved suid file"
304	else	311	else
305	echo ">>> Removing sbit on non registered ${i/${IMAGE}/}"	312	eecho ">>> Removing sbit on non registered ${i/${IMAGE}/}"
306	for x in 5 4 3 2 1 0; do echo -ne "\a"; sleep 0.25 ; done	313	for x in 5 4 3 2 1 0; do echo -ne "\a"; sleep 0.25 ; done
307	echo -ne "\a"	314	eecho -ne "\a"
308	chmod ugo-s "${i}"	315	chmod ugo-s "${i}"
309	grep ^#${i/${IMAGE}/}$ ${sfconf} > /dev/null \|\| {	316	grep ^#${i/${IMAGE}/}$ ${sfconf} > /dev/null \|\| {
310	# sandbox prevents us from writing directly	317	# sandbox prevents us from writing directly
311	# to files outside of the sandbox, but this	318	# to files outside of the sandbox, but this
312	# can easly be bypassed using the addwrite() function	319	# can easly be bypassed using the addwrite() function
313	addwrite "${sfconf}"	320	addwrite "${sfconf}"
314	echo ">>> Appending commented out entry to ${sfconf} for ${PF}"	321	eecho ">>> Appending commented out entry to ${sfconf} for ${PF}"
315	ls_ret=$(ls -ldh "${i}")	322	ls_ret=$(ls -ldh "${i}")
316	echo "## ${ls_ret%${IMAGE}}${ls_ret#${IMAGE}}" >> ${sfconf}	323	echo "## ${ls_ret%${IMAGE}}${ls_ret#${IMAGE}}" >> ${sfconf}
317	echo "#${i/${IMAGE}/}" >> ${sfconf}	324	echo "#${i/${IMAGE}/}" >> ${sfconf}
Lines 320-326 Link Here
320	}	327	}
321	fi	328	fi
322	else	329	else
323	echo "suidctl feature set but you are lacking a ${sfconf}"	330	eecho "suidctl feature set but you are lacking a ${sfconf}"
324	fi	331	fi
325	done	332	done
326	fi	333	fi
Lines 336-342 Link Here
336	# only attempt to label if setfiles is executable	343	# only attempt to label if setfiles is executable
337	# and 'context' is available on selinuxfs.	344	# and 'context' is available on selinuxfs.
338	if [ -f /selinux/context -a -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then	345	if [ -f /selinux/context -a -x /usr/sbin/setfiles -a -x /usr/sbin/selinuxconfig ]; then
339	echo ">>> Setting SELinux security labels"	346	eecho ">>> Setting SELinux security labels"
340	(	347	(
341	eval "$(/usr/sbin/selinuxconfig)" \|\| \	348	eval "$(/usr/sbin/selinuxconfig)" \|\| \
342	die "Failed to determine SELinux policy paths.";	349	die "Failed to determine SELinux policy paths.";
Lines 348-354 Link Here
348	else	355	else
349	# nonfatal, since merging can happen outside a SE kernel	356	# nonfatal, since merging can happen outside a SE kernel
350	# like during a recovery situation	357	# like during a recovery situation
351	echo "!!! Unable to set SELinux security labels"	358	eecho "!!! Unable to set SELinux security labels"
352	fi	359	fi
353	fi	360	fi
354	}	361	}
Lines 368-374 Link Here
368	fi	375	fi
369	mv -f "${pkg_tmp}" "${pkg_dest}" \|\| die "Failed to move tbz2 to ${pkg_dest}"	376	mv -f "${pkg_tmp}" "${pkg_dest}" \|\| die "Failed to move tbz2 to ${pkg_dest}"
370	ln -sf "../All/${PF}.tbz2" "${PKGDIR}/${CATEGORY}/${PF}.tbz2" \|\| die "Failed to create symlink in ${PKGDIR}/${CATEGORY}"	377	ln -sf "../All/${PF}.tbz2" "${PKGDIR}/${CATEGORY}/${PF}.tbz2" \|\| die "Failed to create symlink in ${PKGDIR}/${CATEGORY}"
371	echo ">>> Done."	378	eecho ">>> Done."
372	cd "${PORTAGE_BUILDDIR}"	379	cd "${PORTAGE_BUILDDIR}"
373	touch .packaged \|\| die "Failed to 'touch .packaged' in ${PORTAGE_BUILDDIR}"	380	touch .packaged \|\| die "Failed to 'touch .packaged' in ${PORTAGE_BUILDDIR}"
374	}	381	}

Lines 3-8 Link Here

(-)bin/prepinfo (-3 / +5 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepinfo,v 1.6.2.1 2005/05/29 12:40:08 jstubbs Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepinfo,v 1.6.2.1 2005/05/29 12:40:08 jstubbs Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	if [ -z "$1" ] ; then	8	if [ -z "$1" ] ; then
7	z="${D}usr/share/info"	9	z="${D}usr/share/info"
8	else	10	else
Lines 30-44 Link Here
30	mylink="${mylink}.gz"	32	mylink="${mylink}.gz"
31	fi	33	fi
32		34
33	echo "fixing GNU info symlink: ${mylink##*/}"	35	eecho "fixing GNU info symlink: ${mylink##*/}"
34	ln -snf "${linkto}" "${mylink}"	36	ln -snf "${linkto}" "${mylink}"
35	if [ "${x}" != "${mylink}" ] ; then	37	if [ "${x}" != "${mylink}" ] ; then
36	echo "removing old symlink: ${x##*/}"	38	eecho "removing old symlink: ${x##*/}"
37	rm -f "${x}"	39	rm -f "${x}"
38	fi	40	fi
39	else	41	else
40	if [ "${x##*.}" != "gz" ] ; then	42	if [ "${x##*.}" != "gz" ] ; then
41	echo "gzipping GNU info page: ${x##*/}"	43	eecho "gzipping GNU info page: ${x##*/}"
42	gzip -f -9 "${x}"	44	gzip -f -9 "${x}"
43	fi	45	fi
44	fi	46	fi

Lines 3-8 Link Here

(-)bin/prepalldocs (-3 / +5 lines)
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepalldocs,v 1.6 2004/10/04 13:56:50 vapier Exp $	4	# $Id: /var/cvsroot/gentoo-src/portage/bin/prepalldocs,v 1.6 2004/10/04 13:56:50 vapier Exp $
5		5
		6	source /usr/lib/portage/bin/isolated-functions.sh
		7
6	z="$(find "${D}"usr/share/doc \( -type f -or -type l \) -not -name ".gz" -not -name ".js" 2>/dev/null)"	8	z="$(find "${D}"usr/share/doc \( -type f -or -type l \) -not -name ".gz" -not -name ".js" 2>/dev/null)"
7		9
8	for y in ${z} ; do	10	for y in ${z} ; do
Lines 18-32 Link Here
18	mylink="${mylink}.gz"	20	mylink="${mylink}.gz"
19	fi	21	fi
20		22
21	echo "fixing doc symlink: ${mylink##*/}"	23	eecho "fixing doc symlink: ${mylink##*/}"
22	ln -snf "${linkto}" "${mylink}"	24	ln -snf "${linkto}" "${mylink}"
23	if [ "${y}" != "${mylink}" ] ; then	25	if [ "${y}" != "${mylink}" ] ; then
24	echo "removing old symlink: ${y##*/}"	26	eecho "removing old symlink: ${y##*/}"
25	rm -f "${y}"	27	rm -f "${y}"
26	fi	28	fi
27	else	29	else
28	if [ "${y##*.}" != "gz" ] ; then	30	if [ "${y##*.}" != "gz" ] ; then
29	echo "gzipping doc: ${y##*/}"	31	eecho "gzipping doc: ${y##*/}"
30	gzip -f -9 "${y}"	32	gzip -f -9 "${y}"
31	fi	33	fi
32	fi	34	fi