Move "is this ELF shared object an executable" check to a separate script

* configure.ac (AC_OUTPUT): Add scripts/fixup-libraries. * rpm-4_0.spec (%files build): Add %_rpmlibdir/is_elf_so_executable. * scripts/is_elf_so_executable: New file. * scripts/Makefile.am (EXTRA_DIST, config_SCRIPTS): Add it. * scripts/fixup-libraries: Rename to scripts/fixup-libraries.in, use is_elf_so_executable.
2016-12-06 17:08:14 +00:00 · 2016-12-06 17:08:14 +00:00 · 8c1f9d589b
commit 8c1f9d589b
parent a51ea574e9
6 changed files with 95 additions and 66 deletions
--- a/configure.ac
+++ b/configure.ac
@ -939,6 +939,7 @@ AC_OUTPUT([ Doxyfile Makefile rpmrc macros platform rpmpopt
 	scripts/find-debuginfo-files
 	scripts/find-scriptlet-requires
 	scripts/fixup-binconfig
+	scripts/fixup-libraries
 	scripts/fixup-libtool
 	scripts/fixup-pkgconfig
 	scripts/fixup-desktop
--- a/rpm-4_0.spec
+++ b/rpm-4_0.spec
@ -478,6 +478,7 @@ fi
 %rpmattr %_rpmlibdir/brp.d/*
 %rpmattr %_rpmlibdir/*_files
 %rpmattr %_rpmlibdir/cpp.*
+%rpmattr %_rpmlibdir/is_elf_so_executable
 %rpmattr %_rpmlibdir/ldd
 %rpmattr %_rpmlibdir/rpm2cpio.sh
 %rpmattr %_rpmlibdir/find-lang
--- a/scripts/Makefile.am
+++ b/scripts/Makefile.am
@ -18,6 +18,7 @@ EXTRA_DIST = \
 	fixup-binconfig fixup-pkgconfig fixup-libtool fixup-libraries \
 	fixup-desktop fixup-desktop.awk \
 	files.req files.req.files 0common-files.req.list \
+	is_elf_so_executable \
 	ldd lib.req lib.req.files lib.prov lib.prov.files shlib.req.awk \
 	pam.req pam.req.files pam.prov pam.prov.files \
 	percolate \
@ -50,6 +51,7 @@ config_SCRIPTS = \
 	fixup-binconfig fixup-pkgconfig fixup-libtool fixup-libraries \
 	fixup-desktop fixup-desktop.awk \
 	files.req files.req.files \
+	is_elf_so_executable \
 	ldd lib.req lib.req.files lib.prov lib.prov.files shlib.req.awk \
 	pam.req pam.req.files pam.prov pam.prov.files \
 	pkgconfig.req pkgconfiglib.req pkgconfig.req.files \
--- a/scripts/fixup-libraries
+++ b/scripts/fixup-libraries
@ -1,66 +0,0 @@
-#!/bin/sh -e
-#
-# fixup-shared - fix permissions of libraries.
-#
-# Copyright (C) 2003-2016  Dmitry V. Levin <ldv@altlinux.org>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-
-for file in "$@"; do
-	type=`file -b "$file"` || continue
-	case "$type" in
-		current\ ar\ archive|*\ current\ ar\ archive)
-			chmod -v u+w,a-x,ug-s "$file"
-			;;
-		ELF\ *\ shared\ object,\ *|*\ ELF\ *\ shared\ object,\ *)
-			# This dynamic linker used to have its entry point
-			# equal to the text segment start address.
-			[ -n "${file##*/lib64/ld-*.so}" ] || continue
-
-			# Not an every shared object is a library.
-			# For example, PIEs should be treated as executables.
-
-			section_header="$(readelf --wide --sections "$file" ||:)"
-			# An .interp section means it is an executable, see
-			# comm -12 <(grep -Fl .interp /usr/lib/ldscripts/*)
-			#          <(grep -Fle --shared /usr/lib/ldscripts/*)
-			if printf %s "$section_header" |grep -Fqs ' .interp '; then
-				continue
-			fi
-
-			file_header="$(readelf --wide --file-header "$file" ||:)"
-			# Zero entry point is treated like no entry points.
-			entry="$(printf %s "$file_header" |
-				sed -ne 's/^ \+Entry point address: \+0x0*\([1-9a-f][0-9a-f]*\)$/\1/p')"
-
-			# Zero text segment start address is treated
-			# like no text segments.
-			text="$(printf %s "$section_header" |
-				sed -ne 's/^ *\[ *[0-9]\+\] \.text \+PROGBITS \+0*\([1-9a-f][0-9a-f]*\) \+.*/\1/p')"
-
-			# Missing entry point or text segment means
-			# it is not an executable.
-			# Also, if entry point and text segment start address
-			# are equal, it is not an executable.
-			[ -z "$entry" ] ||
-			[ -z "$text" ] ||
-			[ "$entry" = "$text" ] ||
-			continue
-
-			chmod -c u+w,a-x,ug-s "$file"
-			;;
-	esac
-done
--- a/scripts/fixup-libraries.in
+++ b/scripts/fixup-libraries.in
@ -0,0 +1,33 @@
+#!/bin/sh -e
+#
+# fixup-shared - fix permissions of libraries.
+#
+# Copyright (C) 2003-2016  Dmitry V. Levin <ldv@altlinux.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+for file in "$@"; do
+	type=`file -b "$file"` || continue
+	case "$type" in
+		current\ ar\ archive|*\ current\ ar\ archive)
+			chmod -v u+w,a-x,ug-s "$file"
+			;;
+		ELF\ *\ shared\ object,\ *|*\ ELF\ *\ shared\ object,\ *)
+			@RPMCONFIGDIR@/is_elf_so_executable "$file" ||
+				chmod -c u+w,a-x,ug-s "$file"
+			;;
+	esac
+done
--- a/scripts/is_elf_so_executable
+++ b/scripts/is_elf_so_executable
@ -0,0 +1,58 @@
+#!/bin/sh -e
+#
+# is_elf_so_executable - checks whether the given ELF shared object
+# should be treated as an executable.
+#
+# Not an every shared object is a library.
+# For example, PIEs should be treated as executables.
+#
+# Copyright (C) 2003-2016  Dmitry V. Levin <ldv@altlinux.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+[ $# -eq 1 ]
+file="$1"; shift
+
+# This dynamic linker used to have its entry point
+# equal to the text segment start address.
+[ -n "${file##*/lib64/ld-*.so}" ] || exit 0
+
+section_header="$(readelf --wide --sections "$file" ||:)"
+# An .interp section means it is an executable, see
+# comm -12 <(grep -Fl .interp /usr/lib/ldscripts/*)
+#          <(grep -Fle --shared /usr/lib/ldscripts/*)
+if printf %s "$section_header" |grep -Fqs ' .interp '; then
+	exit 0
+fi
+
+file_header="$(readelf --wide --file-header "$file" ||:)"
+# Zero entry point is treated like no entry points.
+entry="$(printf %s "$file_header" |
+	sed -ne 's/^ \+Entry point address: \+0x0*\([1-9a-f][0-9a-f]*\)$/\1/p')"
+
+# Zero text segment start address is treated like no text segments.
+text="$(printf %s "$section_header" |
+	sed -ne 's/^ *\[ *[0-9]\+\] \.text \+PROGBITS \+0*\([1-9a-f][0-9a-f]*\) \+.*/\1/p')"
+
+# Missing entry point or text segment means it is not an executable.
+# Also, if entry point and text segment start address are equal,
+# it is not an executable.
+[ -z "$entry" ] ||
+[ -z "$text" ] ||
+[ "$entry" = "$text" ] ||
+exit 0
+
+exit 1