ports/129210: [patch] Instrument bsd.ports.mk to detect unstripped binaries
Matthew Seaman
m.seaman at infracaninophile.co.uk
Wed Nov 26 16:40:04 UTC 2008
>Number: 129210
>Category: ports
>Synopsis: [patch] Instrument bsd.ports.mk to detect unstripped binaries
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Nov 26 16:40:03 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Matthew Seaman
>Release: FreeBSD 7.1-PRERELEASE i386
>Organization:
Infracaninophile
>Environment:
System: FreeBSD happy-idiot-talk.infracaninophile.co.uk 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #48: Sat Nov 15 16:25:25 GMT 2008 root at happy-idiot-talk.infracaninophile.co.uk:/usr/obj/usr/src/sys/HAPPY-IDIOT-TALK i386
>Description:
This patch was suggested by a conversation on freebsd-questions@ where
it became apparent that a significant minority of ports were not
installing binary objects stripped, in contravention of the Porter's
Handbook:
http://lists.freebsd.org/pipermail/freebsd-questions/2008-November/186573.html
et. seq.
During my testing it has quickly become apparent that most binary
executables installed via the ports are correctly stripped -- with
some exceptions -- whereas shared libraries and loadable objects
generally aren't. Compare the results of 'file *.so.*' in /usr/lib
against /usr/local/lib for example.
This also works for Linux executables / shared objects as well as
Native FreeBSD.
I also implemented a second, very similar check, which just flags if a
port doesn't install any files using architecture dependant formats,
on the basis that there's no point repeatedly building exactly the
same thing for 6 different CPU architectures.
The new functionality is turned off by default. To enable the checks,
simply add:
ENABLE_POST_INSTALL_CHECKS= check-binaries-stripped check-if-arch-indep
to /etc/make.conf Or just list one of those targets if you don't want
both.
>How-To-Repeat:
>Fix:
--- bsd.port.mk.patch begins here ---
--- bsd.port.mk.save 2008-11-22 17:21:56.000000000 +0000
+++ bsd.port.mk 2008-11-26 15:59:38.000000000 +0000
@@ -4095,6 +4095,100 @@
.endif # !defined(DISABLE_SECURITY_CHECK)
################################################################
+# Post install checks -- not enabled by default. Checks to do
+# with QA and gathering statistics about ports, primarily of
+# interest to port maintainers and portmgr@
+#
+# To enable, define ENABLE_POST_INSTALL_CHECKS as a list of the
+# check targets to be run
+################################################################
+
+.if !target(post-install-checks)
+.if !defined(ENABLE_POST_INSTALL_CHECKS)
+
+post-install-checks:
+ @${DO_NADA}
+
+.else
+
+post-install-checks: _show_checks
+
+_show_checks:
+ @${ECHO_MSG} "===> Performing the following post install checks:"
+
+.if !empty(ENABLE_POST_INSTALL_CHECKS:Mcheck-binaries-stripped)
+# Binaries should generally be stripped on installation, with some
+# exceptions -- eg. kernel modules should not be stripped.
+
+post-install-checks: check-binaries-stripped
+
+.if !target(check-binaries-stripped)
+check-binaries-stripped:
+ @${ECHO_MSG} "---> check-binaries-stripped"
+ -@${RM} -f ${WRKDIR}/.PLIST.binaries-stripped \
+ ${WRKDIR}/.PLIST.binaries-not-stripped ; \
+ for i in `${GREP} -v '^@' ${TMPPLIST}`; do \
+ if [ ! -L "${PREFIX}/$$i" -a -f "${PREFIX}/$$i" ]; then \
+ case `${FILE} -i ${PREFIX}/$$i` in \
+ *application/x-executable*,\ not\ stripped* | \
+ *application/x-sharedlib*,\ not\ stripped*) \
+ ${ECHO_CMD} "${PREFIX}/$$i" >> \
+ ${WRKDIR}/.PLIST.binaries-not-stripped ;; \
+ *application/x-executable*,\ stripped* | \
+ *application/x-sharedlib*,\ stripped*) \
+ ${ECHO_CMD} "${PREFIX}/$$i" >> \
+ ${WRKDIR}/.PLIST.binaries-stripped ;; \
+ *) ;; \
+ esac ; \
+ fi; \
+ done ; \
+ if [ -s ${WRKDIR}/.PLIST.binaries-not-stripped ] ; then \
+ ${ECHO_MSG} " This port has installed the following *non-stripped* binaries:" ; \
+ ${CAT} ${WRKDIR}/.PLIST.binaries-not-stripped ; \
+ fi ; \
+ if [ -s ${WRKDIR}/.PLIST.binaries-stripped ] ; then \
+ ${ECHO_MSG} " This port has installed the following *stripped* binaries:" ; \
+ ${CAT} ${WRKDIR}/.PLIST.binaries-stripped ; \
+ fi ;
+
+.endif
+.endif # !empty(ENABLE_POST_INSTALL_CHECKS:Mcheck-binaries-stripped)
+
+.if !empty(ENABLE_POST_INSTALL_CHECKS:Mcheck-if-arch-indep)
+# Identify ports which do not install any compiled object code
+# (eg. pure perl modules, PEAR modules, shell scripts, etc.) as these
+# are likely to be completely architecture independent. In which
+# case, there's no point rebuilding them for each different CPU
+# architecture, or have multiple copies of the packages on the FTP
+# servers.
+
+post-install-checks: check-if-arch-indep
+
+.if !target(check-if-arch-indep)
+check-if-arch-indep:
+ @${ECHO_MSG} "---> check-if-arch-indep"
+ -@${RM} -f ${WRKDIR}/.PLIST.elf-objects ; \
+ for i in `${GREP} -v '^@' ${TMPPLIST}`; do \
+ if [ ! -L "${PREFIX}/$$i" -a -f "${PREFIX}/$$i" ]; then \
+ case `${FILE} ${PREFIX}/$$i` in \
+ *ELF*) \
+ ${ECHO_CMD} "${PREFIX}/$$i" >> \
+ ${WRKDIR}/.PLIST.elf-objects ;; \
+ esac ; \
+ fi; \
+ done ; \
+ if [ ! -s ${WRKDIR}/.PLIST.elf-objects ]; then \
+ ${ECHO_CMD} " Port does not install any architecture dependent files" ; \
+ fi ;
+
+.endif
+.endif # !empty(ENABLE_POST_INSTALL_CHECKS:Mcheck-if-arch-indep)
+
+.endif # !defined(ENABLE_POST_INSTALL_CHECKS)
+.endif # !target(post-install-checks)
+
+
+################################################################
# Skeleton targets start here
#
# You shouldn't have to change these. Either add the pre-* or
@@ -4141,7 +4235,8 @@
post-install post-install-script add-plist-info \
add-plist-docs add-plist-examples add-plist-data \
add-plist-post install-rc-script compress-man \
- install-ldconfig-file fake-pkg security-check
+ install-ldconfig-file fake-pkg security-check \
+ post-install-checks
_PACKAGE_DEP= install
_PACKAGE_SEQ= package-message pre-package pre-package-script \
do-package post-package-script
--- bsd.port.mk.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list