FreeBSD Bugzilla – Attachment 155117 Details for
Bug 199106
[stage-qa] [PATCH] New stage-qa check 'basemix': Prevents some dangerous mixing of base and port libraries
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
patch-basemix.patch (text/plain), 1.99 KB, created by
Yuri Victorovich
on 2015-04-02 08:27:05 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Yuri Victorovich
Created:
2015-04-02 08:27:05 UTC
Size:
1.99 KB
patch
obsolete
>Index: Mk/bsd.port.mk >=================================================================== >--- Mk/bsd.port.mk (revision 382975) >+++ Mk/bsd.port.mk (working copy) >@@ -1531,6 +1531,7 @@ > LOCALBASE=${LOCALBASE} \ > "STRIP=${STRIP}" \ > TMPPLIST=${TMPPLIST} >+QA_ENV+= PKGNAME=${PKGNAME} > .if !empty(USES:Mdesktop-file-utils) > QA_ENV+= USESDESKTOPFILEUTILS=yes > .endif >Index: Mk/Scripts/qa.sh >=================================================================== >--- Mk/Scripts/qa.sh (revision 382975) >+++ Mk/Scripts/qa.sh (working copy) >@@ -18,6 +18,30 @@ > echo "Error: $@" >&2 > } > >+listcontains() { >+ local str lst elt >+ str=$1 >+ lst=$2 >+ >+ for elt in ${lst} ; do >+ if [ ${elt} = ${str} ] ; then >+ return 0 >+ fi >+ done >+ return 1 >+} >+ >+list_staged_execs() { >+ find ${STAGEDIR} -type f \ >+ \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ >+ -and -exec /bin/sh -c "ldd {} > /dev/null 2>&1" \; \ >+ -and -exec echo {} \; >+} >+ >+list_all_deps() { >+ ldd "$1" | grep -v "^\/" | sed -e 's/.*=> //' -e 's/ .*//' | sort | uniq >+} >+ > shebangonefile() { > local f interp rc > >@@ -255,8 +279,28 @@ > fi > } > >-checks="shebang symlinks paths stripped desktopfileutils sharedmimeinfo suidfiles libtool libperl" >+basemix() { >+ if expr "${PKGNAME}" : '^pkg-[0-9]' > /dev/null ; then >+ return 0 >+ fi >+ # shared libraries from base banned from being used by ports >+ local banned="libssl.so libcrypto.so" >+ for file in $(list_staged_execs); do >+ local dep_files=$(list_all_deps "${file}") >+ for dep_file in $dep_files; do >+ if expr "$dep_file" : '^/lib/' \| "$dep_file" : '^/usr/lib/' > /dev/null ; then >+ local so_name=$(echo "${dep_file}" | sed -e "s/.*\///" -e "s/\.so.*/.so/") >+ if listcontains "${so_name}" "${banned}" ; then >+ err "Shared library ${so_name} from the base system should not be used by port." >+ return 1 >+ fi >+ fi >+ done >+ done >+} > >+checks="shebang symlinks paths stripped desktopfileutils sharedmimeinfo suidfiles libtool libperl basemix" >+ > ret=0 > cd ${STAGEDIR} > for check in ${checks}; do
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=155117">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 199106
:
155107
|
155108
|
155109
|
155116
| 155117