/[gentoo-x86]/eclass/pax-utils.eclass
Gentoo

Contents of /eclass/pax-utils.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (hide annotations) (download)
Sun Jan 22 14:18:48 2006 UTC (8 years, 6 months ago) by kevquinn
Branch: MAIN
New eclass providing a support function pax-mark, to wrap use of chpax/paxctl

1 kevquinn 1.1 # Copyright 1999-2006 Gentoo Foundation
2     # Distributed under the terms of the GNU General Public License v2
3     # $Header: $
4    
5     # Author:
6     # Kevin F. Quinn <kevquinn@gentoo.org>
7     #
8     # This eclass provides support for manipulating PaX markings on ELF
9     # binaries, wrapping the use of the chpax and paxctl utilities.
10    
11     inherit eutils
12    
13     ##### pax-mark ####
14     # Mark a file for PaX with the given flags.
15     # Tries chpax (EI_FLAGS) and paxctl (PT_FLAGS) if they are installed.
16     # If neither are installed, returns 0 (i.e. has no effect on non-PaX
17     # systems unless the owner has installed chpax and/or paxctl).
18     # Deliberately does _not_ check whether the build system is PaX or not.
19     #
20     # Syntax:
21     # pax-mark [-q] {<flags>} [{<files>}]
22     #
23     # -q: do things quietly (no einfo/ewarn)
24     #
25     # There must be at least one <flags>, and can include:
26     # -execstack equivalent to -E
27     # -execheap equivalent to -m
28     # -unrestricted equivalent to -psmxer
29     # -{[pPsSmMxXeErR]} as used direcly by chpax/paxctl
30     #
31     # Where more than one flag is given they are concatenated.
32     #
33     # {<files>} may be empty, so it's safe to use for example the results
34     # of a find that may not return any results.
35     #
36     # Return codes:
37     # 0: for all files, all installed utilities succeed.
38     # 1: No flags specified
39     # >1: bit 2 => chpax failed, bit 3 => paxctl failed
40    
41     pax-mark() {
42     local flags ret quiet
43     # Fail if no parameters at all (especially no flags)
44     [[ -z $1 ]] && return 1
45     flags=
46     ret=0
47     quiet=
48     while [[ ${1:0:1} == "-" ]]; do
49     case ${1} in
50     -execstack)
51     flags="${flags}E"
52     ;;
53     -execheap)
54     flags="${flags}m"
55     ;;
56     -unrestricted)
57     flags="${flags}psmxer"
58     ;;
59     -q)
60     quiet="/bin/false "
61     ;;
62     *)
63     flags="${flags}${1:1}"
64     ;;
65     esac
66     shift
67     done
68     # Fail if no flags given
69     [[ -z ${flags} ]] && return 1
70     # Quietly exit if no files given
71     [[ -z $1 ]] && return 0
72     if [[ -x /sbin/chpax ]]; then
73     if /sbin/chpax -${flags} $*; then
74     ${quiet} einfo "PaX EI flags set to ${flags} on $*"
75     else
76     ${quiet} ewarn "Failed to set EI flags to ${flags} on $*"
77     (( ret=${ret}|2 ))
78     fi
79     fi
80     if [[ -x /sbin/paxctl ]]; then
81     # Steal PT_GNU_STACK if paxctl supports it
82     /sbin/paxctl -v 2>&1 | grep PT_GNU_STACK > /dev/null && \
83     flags="c${flags}"
84     if /sbin/paxctl -${flags} $*; then
85     ${quiet} einfo "PaX PT flags set to ${flags} on $*"
86     else
87     ${quiet} ewarn "Failed to set PT flags to ${flags} on $*"
88     (( ret=${ret}|4))
89     fi
90     fi
91     return ${ret}
92     }

  ViewVC Help
Powered by ViewVC 1.1.20