summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xbin/ebuild.sh256
-rw-r--r--bin/misc-functions.sh259
-rw-r--r--pym/portage.py10
3 files changed, 269 insertions, 256 deletions
diff --git a/bin/ebuild.sh b/bin/ebuild.sh
index b6b7fa533..070b118c9 100755
--- a/bin/ebuild.sh
+++ b/bin/ebuild.sh
@@ -1022,6 +1022,7 @@ PORTAGE_INST_UID="0"
PORTAGE_INST_GID="0"
dyn_install() {
+ [ -z "$PORTAGE_BUILDDIR" ] && die "${FUNCNAME}: PORTAGE_BUILDDIR is unset"
trap "abort_install" SIGINT SIGQUIT
[ "$(type -t pre_src_install)" == "function" ] && pre_src_install
rm -rf "${PORTAGE_BUILDDIR}/image"
@@ -1038,261 +1039,6 @@ dyn_install() {
#our libtool to create problematic .la files
export PWORKDIR="$WORKDIR"
src_install
- #|| abort_install "fail"
- prepall
- cd "${D}"
-
- declare -i UNSAFE=0
- for i in $(find "${D}/" -type f -perm -2002); do
- ((UNSAFE++))
- echo "UNSAFE SetGID: $i"
- chmod -s,o-w "$i"
- done
- for i in $(find "${D}/" -type f -perm -4002); do
- ((UNSAFE++))
- echo "UNSAFE SetUID: $i"
- chmod -s,o-w "$i"
- done
-
- # Now we look for all world writable files.
- for i in $(find "${D}/" -type f -perm -2); do
- echo -ne '\a'
- echo "QA Security Notice:"
- echo "- ${i:${#D}:${#i}} will be a world writable file."
- echo "- This may or may not be a security problem, most of the time it is one."
- echo "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
- sleep 1
- done
-
- if type -p scanelf > /dev/null ; then
- local qa_var insecure_rpath=0
-
- # Make sure we disallow insecure RUNPATH/RPATH's
- # Don't want paths that point to the tree where the package was built
- # (older, broken libtools would do this). Also check for null paths
- # because the loader will search $PWD when it finds null paths.
- f=$(scanelf -qyRF '%r %p' "${D}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )")
- if [[ -n ${f} ]] ; then
- echo -ne '\a\n'
- echo "QA Notice: the following files contain insecure RUNPATH's"
- echo " Please file a bug about this at http://bugs.gentoo.org/"
- echo " with the maintaining herd of the package."
- echo " Summary: $CATEGORY/$PN: insecure RPATH ${f}"
- echo "${f}"
- echo -ne '\a\n'
- if has stricter ${FEATURES}; then
- insecure_rpath=1
- else
- echo "Auto fixing rpaths for ${f}"
- TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null
- fi
- fi
-
- # Check for setid binaries but are not built with BIND_NOW
- f=$(scanelf -qyRF '%b %p' "${D}")
- if [[ -n ${f} ]] ; then
- echo -ne '\a\n'
- echo "QA Notice: the following files are setXid, dyn linked, and using lazy bindings"
- echo " This combination is generally discouraged. Try re-emerging the package:"
- echo " LDFLAGS='-Wl,-z,now' emerge ${PN}"
- echo "${f}"
- echo -ne '\a\n'
- die_msg="${die_msg} setXid lazy bindings,"
- sleep 1
- fi
-
- # TEXTREL's are baaaaaaaad
- # Allow devs to mark things as ignorable ... e.g. things that are
- # binary-only and upstream isn't cooperating (nvidia-glx) ... we
- # allow ebuild authors to set QA_TEXTRELS_arch and QA_TEXTRELS ...
- # the former overrides the latter ... regexes allowed ! :)
- qa_var="QA_TEXTRELS_${ARCH}"
- [[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
- [[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""
- f=$(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/' | \
- gawk '
- BEGIN { split("'"${QA_TEXTRELS}"'", ignore); }
- { for (idx in ignore)
- if ($NF ~ "^"ignore[idx]"$")
- next;
- print;
- }')
- if [[ -n ${f} ]] ; then
- scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
- echo -ne '\a\n'
- echo "QA Notice: the following files contain runtime text relocations"
- echo " Text relocations force the dynamic linker to perform extra"
- echo " work at startup, waste system resources, and may pose a security"
- echo " risk. On some architectures, the code may not even function"
- echo " properly, if at all."
- echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
- echo " Please include this file in your report:"
- echo " ${T}/scanelf-textrel.log"
- echo "${f}"
- echo -ne '\a\n'
- die_msg="${die_msg} textrels,"
- sleep 1
- fi
-
- # Also, executable stacks only matter on linux (and just glibc atm ...)
- case ${CTARGET:-${CHOST}} in
- *-linux-gnu*)
- # Check for files with executable stacks, but only on arches which
- # are supported at the moment. Keep this list in sync with
- # http://hardened.gentoo.org/gnu-stack.xml (Arch Status)
- case ${CTARGET:-${CHOST}} in
- i?86*|ia64*|m68k*|powerpc64*|s390*|x86_64*)
- # Allow devs to mark things as ignorable ... e.g. things
- # that are binary-only and upstream isn't cooperating ...
- # we allow ebuild authors to set QA_EXECSTACK_arch and
- # QA_EXECSTACK ... the former overrides the latter ...
- # regexes allowed ! :)
-
- qa_var="QA_EXECSTACK_${ARCH}"
- [[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
- [[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""
- f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \
- gawk '
- BEGIN { split("'"${QA_EXECSTACK}"'", ignore); }
- { for (idx in ignore)
- if ($NF ~ "^"ignore[idx]"$")
- next;
- print;
- }')
- ;;
- *) f="" ;;
- esac
- ;;
- esac
- if [[ -n ${f} ]] ; then
- # One more pass to help devs track down the source
- scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
- echo -ne '\a\n'
- echo "QA Notice: the following files contain executable stacks"
- echo " Files with executable stacks will not work properly (or at all!)"
- echo " on some architectures/operating systems. A bug should be filed"
- echo " at http://bugs.gentoo.org/ to make sure the file is fixed."
- echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
- echo " Please include this file in your report:"
- echo " ${T}/scanelf-execstack.log"
- echo "${f}"
- echo -ne '\a\n'
- die_msg="${die_msg} execstacks"
- sleep 1
- fi
-
- # Save NEEDED information
- scanelf -qyRF '%p %n' "${D}" | sed -e 's:^:/:' > "${PORTAGE_BUILDDIR}"/build-info/NEEDED
-
- if [[ ${insecure_rpath} -eq 1 ]] ; then
- die "Aborting due to serious QA concerns with RUNPATH/RPATH"
- elif [[ ${die_msg} != "" ]] && has stricter ${FEATURES} && ! has stricter ${RESTRICT} ; then
- die "Aborting due to QA concerns: ${die_msg}"
- fi
- fi
-
- if [[ ${UNSAFE} > 0 ]] ; then
- die "There are ${UNSAFE} unsafe files. Portage will not install them."
- fi
-
- if [[ -d ${D}/${D} ]] ; then
- declare -i INSTALLTOD=0
- for i in $(find "${D}/${D}/"); do
- echo "QA Notice: /${i##${D}/${D}} installed in \${D}/\${D}"
- ((INSTALLTOD++))
- done
- die "Aborting due to QA concerns: ${INSTALLTOD} files installed in ${D}/${D}"
- unset INSTALLTOD
- fi
-
- # dumps perms to stdout. if error, no perms dumped.
- function stat_perms() {
- local f
- # only define do_stat if it hasn't been already
- if ! type -p do_stat &> /dev/null; then
- if ! type -p stat &>/dev/null; then
- do_stat() {
- # Generic version -- Octal result
- python -c "import os,stat; print '%o' % os.stat('$1')[stat.ST_MODE]"
- }
- else
- if [ "${USERLAND}" == "BSD" ] || [ "${USERLAND}" == "Darwin" ]; then
- do_stat() {
- # BSD version -- Octal result
- $(type -p stat) -f '%p' "$1"
- }
- else
- do_stat() {
- # Linux version -- Hex result converted to Octal
- f=$($(type -p stat) -c '%f' "$1") || return $?
- printf '%o' "0x$f"
- }
- fi
- fi
- fi
-
- f=$(do_stat "$@") || return
- f="${f:2:4}"
- echo $f
- }
-
- local file s
- local count=0
- find "${D}/" -user portage | while read file; do
- count=$(( $count + 1 ))
- if [ -L "${file}" ]; then
- lchown ${PORTAGE_INST_UID} "${file}"
- else
- s=$(stat_perms "$file")
- if [ -z "${s}" ]; then
- ewarn "failed stat_perm'ing $file. User intervention during install isn't wise..."
- continue
- fi
- chown ${PORTAGE_INST_UID} "$file"
- chmod "$s" "$file"
- fi
- done
- if (( $count > 0 )); then
- ewarn "$count files were installed with user portage!"
- fi
-
- count=0
- find "${D}/" -group portage | while read file; do
- count=$(( $count + 1 ))
- if [ -L "${file}" ]; then
- lchgrp ${PORTAGE_INST_GID} "${file}"
- else
- s=$(stat_perms "$file")
- if [ -z "${s}" ]; then
- echo "failed stat_perm'ing '$file' . User intervention during install isn't wise..."
- continue
- fi
- chgrp ${PORTAGE_INST_GID} "$file"
- chmod "$s" "$file"
- fi
- done
- if (( $count > 0 )); then
- ewarn "$count files were installed with group portage!"
- fi
-
- unset -f stat_perms
-
- # Portage regenerates this on the installed system.
- if [ -f "${D}/usr/share/info/dir.gz" ]; then
- rm -f "${D}/usr/share/info/dir.gz"
- fi
-
- if hasq multilib-strict ${FEATURES} && [ -x /usr/bin/file -a -x /usr/bin/find -a \
- -n "${MULTILIB_STRICT_DIRS}" -a -n "${MULTILIB_STRICT_DENY}" ]; then
- MULTILIB_STRICT_EXEMPT=$(echo ${MULTILIB_STRICT_EXEMPT:-"(perl5|gcc|gcc-lib|debug|portage)"} | sed -e 's:\([(|)]\):\\\1:g')
- for dir in ${MULTILIB_STRICT_DIRS}; do
- [ -d "${D}/${dir}" ] || continue
- for file in $(find ${D}/${dir} -type f | grep -v "^${D}/${dir}/${MULTILIB_STRICT_EXEMPT}"); do
- file ${file} | egrep -q "${MULTILIB_STRICT_DENY}" && die "File ${file} matches a file type that is not allowed in ${dir}"
- done
- done
- fi
-
touch "${PORTAGE_BUILDDIR}/.installed"
echo ">>> Completed installing ${PF} into ${D}"
echo
diff --git a/bin/misc-functions.sh b/bin/misc-functions.sh
index 605c4a8dd..88ae29f87 100644
--- a/bin/misc-functions.sh
+++ b/bin/misc-functions.sh
@@ -16,6 +16,265 @@ MISC_FUNCTIONS_ARGS="$@"
shift $#
source /usr/lib/portage/bin/ebuild.sh
+install_qa_check() {
+
+ prepall
+ cd "${D}"
+
+ declare -i UNSAFE=0
+ for i in $(find "${D}/" -type f -perm -2002); do
+ ((UNSAFE++))
+ echo "UNSAFE SetGID: $i"
+ chmod -s,o-w "$i"
+ done
+ for i in $(find "${D}/" -type f -perm -4002); do
+ ((UNSAFE++))
+ echo "UNSAFE SetUID: $i"
+ chmod -s,o-w "$i"
+ done
+
+ # Now we look for all world writable files.
+ for i in $(find "${D}/" -type f -perm -2); do
+ echo -ne '\a'
+ echo "QA Security Notice:"
+ echo "- ${i:${#D}:${#i}} will be a world writable file."
+ echo "- This may or may not be a security problem, most of the time it is one."
+ echo "- Please double check that $PF really needs a world writeable bit and file bugs accordingly."
+ sleep 1
+ done
+
+ if type -p scanelf > /dev/null ; then
+ local qa_var insecure_rpath=0
+
+ # Make sure we disallow insecure RUNPATH/RPATH's
+ # Don't want paths that point to the tree where the package was built
+ # (older, broken libtools would do this). Also check for null paths
+ # because the loader will search $PWD when it finds null paths.
+ f=$(scanelf -qyRF '%r %p' "${D}" | grep -E "(${PORTAGE_BUILDDIR}|: |::|^:|^ )")
+ if [[ -n ${f} ]] ; then
+ echo -ne '\a\n'
+ echo "QA Notice: the following files contain insecure RUNPATH's"
+ echo " Please file a bug about this at http://bugs.gentoo.org/"
+ echo " with the maintaining herd of the package."
+ echo " Summary: $CATEGORY/$PN: insecure RPATH ${f}"
+ echo "${f}"
+ echo -ne '\a\n'
+ if has stricter ${FEATURES}; then
+ insecure_rpath=1
+ else
+ echo "Auto fixing rpaths for ${f}"
+ TMPDIR=${PORTAGE_BUILDDIR} scanelf -BXr ${f} -o /dev/null
+ fi
+ fi
+
+ # Check for setid binaries but are not built with BIND_NOW
+ f=$(scanelf -qyRF '%b %p' "${D}")
+ if [[ -n ${f} ]] ; then
+ echo -ne '\a\n'
+ echo "QA Notice: the following files are setXid, dyn linked, and using lazy bindings"
+ echo " This combination is generally discouraged. Try re-emerging the package:"
+ echo " LDFLAGS='-Wl,-z,now' emerge ${PN}"
+ echo "${f}"
+ echo -ne '\a\n'
+ die_msg="${die_msg} setXid lazy bindings,"
+ sleep 1
+ fi
+
+ # TEXTREL's are baaaaaaaad
+ # Allow devs to mark things as ignorable ... e.g. things that are
+ # binary-only and upstream isn't cooperating (nvidia-glx) ... we
+ # allow ebuild authors to set QA_TEXTRELS_arch and QA_TEXTRELS ...
+ # the former overrides the latter ... regexes allowed ! :)
+ qa_var="QA_TEXTRELS_${ARCH}"
+ [[ -n ${!qa_var} ]] && QA_TEXTRELS=${!qa_var}
+ [[ -n ${QA_STRICT_TEXTRELS} ]] && QA_TEXTRELS=""
+ f=$(scanelf -qyRF '%t %p' "${D}" | grep -v ' usr/lib/debug/' | \
+ gawk '
+ BEGIN { split("'"${QA_TEXTRELS}"'", ignore); }
+ { for (idx in ignore)
+ if ($NF ~ "^"ignore[idx]"$")
+ next;
+ print;
+ }')
+ if [[ -n ${f} ]] ; then
+ scanelf -qyRF '%T %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-textrel.log
+ echo -ne '\a\n'
+ echo "QA Notice: the following files contain runtime text relocations"
+ echo " Text relocations force the dynamic linker to perform extra"
+ echo " work at startup, waste system resources, and may pose a security"
+ echo " risk. On some architectures, the code may not even function"
+ echo " properly, if at all."
+ echo " For more information, see http://hardened.gentoo.org/pic-fix-guide.xml"
+ echo " Please include this file in your report:"
+ echo " ${T}/scanelf-textrel.log"
+ echo "${f}"
+ echo -ne '\a\n'
+ die_msg="${die_msg} textrels,"
+ sleep 1
+ fi
+
+ # Also, executable stacks only matter on linux (and just glibc atm ...)
+ case ${CTARGET:-${CHOST}} in
+ *-linux-gnu*)
+ # Check for files with executable stacks, but only on arches which
+ # are supported at the moment. Keep this list in sync with
+ # http://hardened.gentoo.org/gnu-stack.xml (Arch Status)
+ case ${CTARGET:-${CHOST}} in
+ i?86*|ia64*|m68k*|powerpc64*|s390*|x86_64*)
+ # Allow devs to mark things as ignorable ... e.g. things
+ # that are binary-only and upstream isn't cooperating ...
+ # we allow ebuild authors to set QA_EXECSTACK_arch and
+ # QA_EXECSTACK ... the former overrides the latter ...
+ # regexes allowed ! :)
+
+ qa_var="QA_EXECSTACK_${ARCH}"
+ [[ -n ${!qa_var} ]] && QA_EXECSTACK=${!qa_var}
+ [[ -n ${QA_STRICT_EXECSTACK} ]] && QA_EXECSTACK=""
+ f=$(scanelf -qyRF '%e %p' "${D}" | grep -v ' usr/lib/debug/' | \
+ gawk '
+ BEGIN { split("'"${QA_EXECSTACK}"'", ignore); }
+ { for (idx in ignore)
+ if ($NF ~ "^"ignore[idx]"$")
+ next;
+ print;
+ }')
+ ;;
+ *) f="" ;;
+ esac
+ ;;
+ esac
+ if [[ -n ${f} ]] ; then
+ # One more pass to help devs track down the source
+ scanelf -qyRF '%e %p' "${PORTAGE_BUILDDIR}"/ &> "${T}"/scanelf-execstack.log
+ echo -ne '\a\n'
+ echo "QA Notice: the following files contain executable stacks"
+ echo " Files with executable stacks will not work properly (or at all!)"
+ echo " on some architectures/operating systems. A bug should be filed"
+ echo " at http://bugs.gentoo.org/ to make sure the file is fixed."
+ echo " For more information, see http://hardened.gentoo.org/gnu-stack.xml"
+ echo " Please include this file in your report:"
+ echo " ${T}/scanelf-execstack.log"
+ echo "${f}"
+ echo -ne '\a\n'
+ die_msg="${die_msg} execstacks"
+ sleep 1
+ fi
+
+ # Save NEEDED information
+ scanelf -qyRF '%p %n' "${D}" | sed -e 's:^:/:' > "${PORTAGE_BUILDDIR}"/build-info/NEEDED
+
+ if [[ ${insecure_rpath} -eq 1 ]] ; then
+ die "Aborting due to serious QA concerns with RUNPATH/RPATH"
+ elif [[ ${die_msg} != "" ]] && has stricter ${FEATURES} && ! has stricter ${RESTRICT} ; then
+ die "Aborting due to QA concerns: ${die_msg}"
+ fi
+ fi
+
+ if [[ ${UNSAFE} > 0 ]] ; then
+ die "There are ${UNSAFE} unsafe files. Portage will not install them."
+ fi
+
+ if [[ -d ${D}/${D} ]] ; then
+ declare -i INSTALLTOD=0
+ for i in $(find "${D}/${D}/"); do
+ echo "QA Notice: /${i##${D}/${D}} installed in \${D}/\${D}"
+ ((INSTALLTOD++))
+ done
+ die "Aborting due to QA concerns: ${INSTALLTOD} files installed in ${D}/${D}"
+ unset INSTALLTOD
+ fi
+
+ # dumps perms to stdout. if error, no perms dumped.
+ function stat_perms() {
+ local f
+ # only define do_stat if it hasn't been already
+ if ! type -p do_stat &> /dev/null; then
+ if ! type -p stat &>/dev/null; then
+ do_stat() {
+ # Generic version -- Octal result
+ python -c "import os,stat; print '%o' % os.stat('$1')[stat.ST_MODE]"
+ }
+ else
+ if [ "${USERLAND}" == "BSD" ] || [ "${USERLAND}" == "Darwin" ]; then
+ do_stat() {
+ # BSD version -- Octal result
+ $(type -p stat) -f '%p' "$1"
+ }
+ else
+ do_stat() {
+ # Linux version -- Hex result converted to Octal
+ f=$($(type -p stat) -c '%f' "$1") || return $?
+ printf '%o' "0x$f"
+ }
+ fi
+ fi
+ fi
+
+ f=$(do_stat "$@") || return
+ f="${f:2:4}"
+ echo $f
+ }
+
+ local file s
+ local count=0
+ find "${D}/" -user portage | while read file; do
+ count=$(( $count + 1 ))
+ if [ -L "${file}" ]; then
+ lchown ${PORTAGE_INST_UID} "${file}"
+ else
+ s=$(stat_perms "$file")
+ if [ -z "${s}" ]; then
+ ewarn "failed stat_perm'ing $file. User intervention during install isn't wise..."
+ continue
+ fi
+ chown ${PORTAGE_INST_UID} "$file"
+ chmod "$s" "$file"
+ fi
+ done
+ if (( $count > 0 )); then
+ ewarn "$count files were installed with user portage!"
+ fi
+
+ count=0
+ find "${D}/" -group portage | while read file; do
+ count=$(( $count + 1 ))
+ if [ -L "${file}" ]; then
+ lchgrp ${PORTAGE_INST_GID} "${file}"
+ else
+ s=$(stat_perms "$file")
+ if [ -z "${s}" ]; then
+ echo "failed stat_perm'ing '$file' . User intervention during install isn't wise..."
+ continue
+ fi
+ chgrp ${PORTAGE_INST_GID} "$file"
+ chmod "$s" "$file"
+ fi
+ done
+ if (( $count > 0 )); then
+ ewarn "$count files were installed with group portage!"
+ fi
+
+ unset -f stat_perms
+
+ # Portage regenerates this on the installed system.
+ if [ -f "${D}/usr/share/info/dir.gz" ]; then
+ rm -f "${D}/usr/share/info/dir.gz"
+ fi
+
+ if hasq multilib-strict ${FEATURES} && [ -x /usr/bin/file -a -x /usr/bin/find -a \
+ -n "${MULTILIB_STRICT_DIRS}" -a -n "${MULTILIB_STRICT_DENY}" ]; then
+ MULTILIB_STRICT_EXEMPT=$(echo ${MULTILIB_STRICT_EXEMPT:-"(perl5|gcc|gcc-lib|debug|portage)"} | sed -e 's:\([(|)]\):\\\1:g')
+ for dir in ${MULTILIB_STRICT_DIRS}; do
+ [ -d "${D}/${dir}" ] || continue
+ for file in $(find ${D}/${dir} -type f | grep -v "^${D}/${dir}/${MULTILIB_STRICT_EXEMPT}"); do
+ file ${file} | egrep -q "${MULTILIB_STRICT_DENY}" && die "File ${file} matches a file type that is not allowed in ${dir}"
+ done
+ done
+ fi
+
+}
+
+
install_mask() {
local root="$1"
shift
diff --git a/pym/portage.py b/pym/portage.py
index 07b583b1f..5fc70a7de 100644
--- a/pym/portage.py
+++ b/pym/portage.py
@@ -2373,10 +2373,18 @@ def spawnebuild(mydo,actionmap,mysettings,debug,alwaysdep=0,logfile=None):
mycommand = MISC_SH_BINARY + " dyn_" + mydo
else:
mycommand = EBUILD_SH_BINARY + " " + mydo
- return spawn(mycommand, mysettings, debug=debug,
+ phase_retval = spawn(mycommand, mysettings, debug=debug,
droppriv=actionmap[mydo]["args"][0],
free=actionmap[mydo]["args"][1],
sesandbox=actionmap[mydo]["args"][2], logfile=logfile)
+ if phase_retval == os.EX_OK:
+ if mydo == "install":
+ mycommand = " ".join([MISC_SH_BINARY, "install_qa_check"])
+ return spawn(mycommand, mysettings, debug=debug,
+ droppriv=actionmap[mydo]["args"][0],
+ free=actionmap[mydo]["args"][1],
+ sesandbox=actionmap[mydo]["args"][2], logfile=logfile)
+ return phase_retval
# chunked out deps for each phase, so that ebuild binary can use it
# to collapse targets down.