# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

bad_bin_owner_check() {
	# Warn about globally-installed executables (in /bin, /usr/bin, /sbin,
	# or /usr/sbin) that are owned by a nonzero UID.

	# This check doesn't work on non-root prefix installations at
	# the moment, because every executable therein is owned by a
	# nonzero UID.
	[[ "${EUID}" -eq "0" ]] || return

	local d f found=()

	for d in "${ED}/bin" "${ED}/usr/bin" "${ED}/sbin" "${ED}/usr/sbin"; do
		[[ -d "${d}" ]] || continue

		# Read the results of the "find" command into the "found" bash array.
		# Use -L to catch symlinks whose targets are owned by a non-root user.
		while read -r -d '' f; do
			found+=( "${f}" )
		done < <(find -L "${d}" -maxdepth 1 -type f ! -uid 0 -print0)

		if [[ ${found[@]} ]]; then
			eqawarn "system executables owned by nonzero uid:"
			for f in "${found[@]}"; do
				# Strip off the leading ${D} before outputting the path,
				# but leave the prefix if there is one.
				eqawarn "  ${f#${D}}"
			done
		fi
	done
}

bad_bin_owner_check
: