Index: Mk/bsd.port.mk =================================================================== --- Mk/bsd.port.mk (revision 382975) +++ Mk/bsd.port.mk (working copy) @@ -5260,7 +5260,7 @@ .if !target(stage-qa) stage-qa: @${ECHO_MSG} "====> Running Q/A tests (stage-qa)" - @${SETENV} ${QA_ENV} ${SH} ${SCRIPTSDIR}/qa.sh + @${SETENV} ${QA_ENV} ${SH} ${SCRIPTSDIR}/qa.sh "${PKGBASE}-${PKGVERSION}" .endif # Fake installation of package so that user can pkg delete it later. Index: Mk/Scripts/qa.sh =================================================================== --- Mk/Scripts/qa.sh (revision 382975) +++ Mk/Scripts/qa.sh (working copy) @@ -7,6 +7,14 @@ exit 1 fi +usage () { + echo "usage: $0 pkg-name" + exit 1 +} + +[ "$#" -eq 1 ] || usage +PKG_NAME="$1" + LF=$(printf '\nX') LF=${LF%X} @@ -18,6 +26,32 @@ echo "Error: $@" >&2 } +listcontains() { + local str lst elt + str=$1 + lst=$2 + + for elt in ${lst} ; do + if [ ${elt} = ${str} ] ; then + return 0 + fi + done + return 1 +} + +list_staged_execs() { + # finds all dynamic executables which have dependencies that aren't within the + # declared set of dependencies in this port + find ${STAGEDIR} -type f \ + \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ + -and -exec /bin/sh -c "ldd {} > /dev/null 2>&1" \; \ + -and -exec echo {} \; +} + +list_all_deps() { + ldd "$1" | grep -v "^\/" | sed -e 's/.*=> //' -e 's/ .*//' | sort | uniq +} + shebangonefile() { local f interp rc @@ -255,8 +289,28 @@ fi } -checks="shebang symlinks paths stripped desktopfileutils sharedmimeinfo suidfiles libtool libperl" +basemix() { + if expr "${PKG_NAME}" : 'pkg-' > /dev/null ; then + return 0 + fi + # shared libraries from base banned from being used by ports + local banned="libssl.so libcrypto.so" + for file in $(list_staged_execs); do + local dep_files=$(list_all_deps "${file}") + for dep_file in $dep_files; do + if expr "$dep_file" : '^/lib/' \| "$dep_file" : '^/usr/lib/' > /dev/null ; then + local so_name=$(echo "${dep_file}" | sed -e "s/.*\///g" -e "s/\.so.*/.so/g") + if listcontains ${so_name} "${banned}" ; then + err "Shared library ${so_name} from the base system should not be used by port." + return 1 + fi + fi + done + done +} +checks="shebang symlinks paths stripped desktopfileutils sharedmimeinfo suidfiles libtool libperl basemix" + ret=0 cd ${STAGEDIR} for check in ${checks}; do