| 1 | # Copyright 1999-2011 Gentoo Foundation |
1 | # Copyright 1999-2011 Gentoo Foundation |
| 2 | # Distributed under the terms of the GNU General Public License v2 |
2 | # Distributed under the terms of the GNU General Public License v2 |
| 3 | # $Header: /var/cvsroot/gentoo-x86/eclass/pax-utils.eclass,v 1.17 2011/12/17 04:23:53 vapier Exp $ |
3 | # $Header: /var/cvsroot/gentoo-x86/eclass/pax-utils.eclass,v 1.18 2012/04/06 18:03:54 blueness Exp $ |
| 4 | |
4 | |
| 5 | # @ECLASS: pax-utils.eclass |
5 | # @ECLASS: pax-utils.eclass |
| 6 | # @MAINTAINER: |
6 | # @MAINTAINER: |
| 7 | # The Gentoo Linux Hardened Team <hardened@gentoo.org> |
7 | # The Gentoo Linux Hardened Team <hardened@gentoo.org> |
| 8 | # @AUTHOR: |
8 | # @AUTHOR: |
| … | |
… | |
| 56 | flags=${1//-} |
56 | flags=${1//-} |
| 57 | shift |
57 | shift |
| 58 | # Try paxctl, then scanelf. paxctl is preferred. |
58 | # Try paxctl, then scanelf. paxctl is preferred. |
| 59 | if type -p paxctl > /dev/null && has PT ${PAX_MARKINGS}; then |
59 | if type -p paxctl > /dev/null && has PT ${PAX_MARKINGS}; then |
| 60 | # Try paxctl, the upstream supported tool. |
60 | # Try paxctl, the upstream supported tool. |
| 61 | elog "PT PaX marking -${flags}" |
61 | einfo "PT PaX marking -${flags}" |
| 62 | _pax_list_files elog "$@" |
62 | _pax_list_files einfo "$@" |
| 63 | for f in "$@"; do |
63 | for f in "$@"; do |
| 64 | # First, try modifying the existing PAX_FLAGS header |
64 | # First, try modifying the existing PAX_FLAGS header |
| 65 | paxctl -q${flags} "${f}" && continue |
65 | paxctl -q${flags} "${f}" && continue |
| 66 | # Second, try stealing the (unused under PaX) PT_GNU_STACK header |
66 | # Second, try stealing the (unused under PaX) PT_GNU_STACK header |
| 67 | paxctl -qc${flags} "${f}" && continue |
67 | paxctl -qc${flags} "${f}" && continue |
| … | |
… | |
| 89 | failures="${failures} ${f}" |
89 | failures="${failures} ${f}" |
| 90 | done |
90 | done |
| 91 | elif type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then |
91 | elif type -p scanelf > /dev/null && [[ ${PAX_MARKINGS} != "none" ]]; then |
| 92 | # Try scanelf, the Gentoo swiss-army knife ELF utility |
92 | # Try scanelf, the Gentoo swiss-army knife ELF utility |
| 93 | # Currently this sets PT if it can, no option to control what it does. |
93 | # Currently this sets PT if it can, no option to control what it does. |
| 94 | elog "Fallback PaX marking -${flags}" |
94 | einfo "Fallback PaX marking -${flags}" |
| 95 | _pax_list_files elog "$@" |
95 | _pax_list_files einfo "$@" |
| 96 | scanelf -Xxz ${flags} "$@" |
96 | scanelf -Xxz ${flags} "$@" |
| 97 | elif [[ ${PAX_MARKINGS} != "none" ]]; then |
97 | elif [[ ${PAX_MARKINGS} != "none" ]]; then |
| 98 | # Out of options! |
98 | # Out of options! |
| 99 | failures="$*" |
99 | failures="$*" |
| 100 | fail=1 |
100 | fail=1 |
Parent Directory
| 
Revision Log
| 
Patch