From fb3b612bb98e36d2bcd033d5f9297c2eddee3d37 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 26 Nov 2003 09:01:23 +0000 Subject: [PATCH] brp-fix-perms, fixup-libraries: strip executable bit from non-executable libraries --- rpm-4_0.spec | 5 +++-- scripts/Makefile.am | 4 ++-- scripts/brp-fix-perms.in | 3 +++ scripts/fixup-libraries | 41 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 49 insertions(+), 4 deletions(-) create mode 100755 scripts/fixup-libraries diff --git a/rpm-4_0.spec b/rpm-4_0.spec index 6bb8e66..8ab9db6 100644 --- a/rpm-4_0.spec +++ b/rpm-4_0.spec @@ -6,7 +6,7 @@ Name: %rpm_name Version: %rpm_version -Release: alt27.4 +Release: alt27.5 %define ifdef() %if %{expand:%%{?%{1}:1}%%{!?%{1}:0}} %define get_dep() %(rpm -q --qf '%%{NAME} >= %%|SERIAL?{%%{SERIAL}:}|%%{VERSION}-%%{RELEASE}' %1 2>/dev/null || echo '%1 >= unknown') @@ -474,7 +474,7 @@ fi %endif #with contrib %changelog -* Mon Nov 24 2003 Dmitry V. Levin 4.0.4-alt27.4 +* Mon Nov 24 2003 Dmitry V. Levin 4.0.4-alt27.5 - brp-verify_elf: "%%set_verify_elf_method relaxed" now affects textrel as well as rpath. - verify-elf: @@ -484,6 +484,7 @@ fi - Fixed Makefiles to correct librpm*-4.0.4.so dependencies. - Do not package .la files. - brp-cleanup: remove lib*.la files from /lib, /usr/lib, and /usr/X11R6/lib. +- brp-fix-perms, fixup-libraries: strip executable bit from non-executable libraries. - rpmbuild --rebuild/--recompile: implemented support for new macros: %%_rpmbuild_clean and %%_rpmbuild_packagesource. diff --git a/scripts/Makefile.am b/scripts/Makefile.am index b69f877..e8f740a 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -8,7 +8,7 @@ EXTRA_DIST = \ compress_files check-files convertrpmrc.sh cross-build \ delayed_rebuilddb find-lang find-package find-prov.pl find-req.pl \ cpanflute cpanflute2 Specfile.pm find-provides.perl find-requires.perl \ - fixup-binconfig fixup-pkgconfig fixup-libtool \ + fixup-binconfig fixup-pkgconfig fixup-libtool fixup-libraries \ get_magic.pl getpo.sh http.req \ functions files.req.list \ magic.prov magic.req pam.prov pam.req perl.prov perl.req rpmdiff rpmdiff.cgi \ @@ -27,7 +27,7 @@ config_SCRIPTS = \ compress_files check-files convertrpmrc.sh cross-build \ delayed_rebuilddb find-lang find-package find-prov.pl find-req.pl \ cpanflute cpanflute2 Specfile.pm find-provides.perl find-requires.perl \ - fixup-binconfig fixup-pkgconfig fixup-libtool \ + fixup-binconfig fixup-pkgconfig fixup-libtool fixup-libraries \ get_magic.pl getpo.sh http.req \ functions files.req.list \ magic.prov magic.req pam.prov pam.req perl.prov perl.req rpmdiff rpmdiff.cgi \ diff --git a/scripts/brp-fix-perms.in b/scripts/brp-fix-perms.in index 64e4d8a..8d93b0a 100755 --- a/scripts/brp-fix-perms.in +++ b/scripts/brp-fix-perms.in @@ -39,3 +39,6 @@ done # Following files should not be group/world readable. find -type f \( -perm -4100 -o -perm -2100 \) -print0 | xargs -r0 chmod -R go-rw -- + +find -type f -perm +0111 -print0 | + xargs -r0 @RPMCONFIGDIR@/fixup-libraries diff --git a/scripts/fixup-libraries b/scripts/fixup-libraries new file mode 100755 index 0000000..a3735cb --- /dev/null +++ b/scripts/fixup-libraries @@ -0,0 +1,41 @@ +#!/bin/sh -e +# +# fixup-shared - fix permissions of libraries. +# +# $Id$ +# Copyright (C) 2003 Dmitry V. Levin +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + +for file in "$@"; do + type=`file -b "$file"` || continue + case "$type" in + current\ ar\ archive) + chmod -v a-x "$file" + ;; + ELF\ *\ shared\ object,\ *) + file_header="$(readelf -h "$file")" || continue + entry=`printf %s "$file_header" |sed -ne 's/^ \+Entry point address: \+0x0*\([0-9a-f]\+\)$/\1/p'` + [ -n "$entry" ] || continue + + section_header="$(readelf -S "$file")" || continue + text=`printf %s "$section_header" |sed -ne 's/^ *\[ *[0-9]\+\] \.text \+PROGBITS \+0*\([0-9a-f]\+\) \+.*/\1/p'` + [ -n "$text" ] || continue + + [ "$entry" != "$text" ] || chmod -v a-x "$file" + ;; + esac +done