123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212 |
- #!/usr/bin/env bash
- #
- # Script to install host system binaries along with required libraries.
- #
- # Copyright (C) 2012-2017 Jo-Philipp Wich <jo@mein.io>
- #
- # This program is free software; you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation; either version 2 of the License, or
- # (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program; if not, write to the Free Software
- # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- DIR="$1"; shift
- _cp() {
- cp ${VERBOSE:+-v} -L "$1" "$2" || {
- echo "cp($1 $2) failed" >&2
- exit 1
- }
- }
- _mv() {
- mv ${VERBOSE:+-v} "$1" "$2" || {
- echo "mv($1 $2) failed" >&2
- exit 1
- }
- }
- _md() {
- mkdir ${VERBOSE:+-v} -p "$1" || {
- echo "mkdir($1) failed" >&2
- exit 2
- }
- }
- _ln() {
- ln ${VERBOSE:+-v} -sf "$1" "$2" || {
- echo "ln($1 $2) failed" >&2
- exit 3
- }
- }
- _relpath() {
- local base="$(readlink -f "$1")"
- local dest="$(readlink -f "$2")"
- local up
- [ -d "$base" ] || base="${base%/*}"
- [ -d "$dest" ] || dest="${dest%/*}"
- while true; do
- case "$base"
- in "$dest"/*)
- echo "$up/${base#$dest/}"
- break
- ;;
- *)
- dest="${dest%/*}"
- up="${up:+$up/}.."
- ;;
- esac
- done
- }
- _runas_so() {
- cat <<-EOT | ${CC:-gcc} -x c -fPIC -shared -o "$1" -
- #include <unistd.h>
- #include <stdio.h>
- #include <stdlib.h>
- int mangle_arg0(int argc, char **argv, char **env) {
- char *arg0 = getenv("RUNAS_ARG0");
- if (arg0) {
- argv[0] = arg0;
- unsetenv("RUNAS_ARG0");
- }
- return 0;
- }
- #ifdef __APPLE__
- __attribute__((section("__DATA,__mod_init_func")))
- #else
- __attribute__((section(".init_array")))
- #endif
- static void *mangle_arg0_constructor = &mangle_arg0;
- EOT
- [ -x "$1" ] || {
- echo "compiling preload library failed" >&2
- exit 5
- }
- }
- _patch_ldso() {
- _cp "$1" "$1.patched"
- sed -i -e 's,/\(usr\|lib\|etc\)/,/###/,g' "$1.patched"
- if "$1.patched" 2>&1 | grep -q -- --library-path; then
- _mv "$1.patched" "$1"
- else
- echo "binary patched ${1##*/} not executable, using original" >&2
- rm -f "$1.patched"
- fi
- }
- _patch_glibc() {
- _cp "$1" "$1.patched"
- sed -i -e 's,/usr/\(\(lib\|share\)/locale\),/###/\1,g' "$1.patched"
- if "$1.patched" 2>&1 | grep -q -- GNU; then
- _mv "$1.patched" "$1"
- else
- echo "binary patched ${1##*/} not executable, using original" >&2
- rm -f "$1.patched"
- fi
- }
- should_be_patched() {
- local bin="$1"
- [ -x "$bin" ] || return 1
- case "$bin" in
- *.so|*.so.[0-9]*)
- return 1
- ;;
- *)
- file "$bin" | grep -sqE "ELF.*(executable|interpreter)" && return 0
- ;;
- esac
- return 1
- }
- for LDD in ${PATH//://ldd }/ldd; do
- "$LDD" --version >/dev/null 2>/dev/null && break
- LDD=""
- done
- [ -n "$LDD" -a -x "$LDD" ] || LDD=
- for BIN in "$@"; do
- [ -n "$BIN" -a -n "$DIR" ] || {
- echo "Usage: $0 <destdir> <executable> ..." >&2
- exit 1
- }
- [ ! -d "$DIR/lib" ] && {
- _md "$DIR/lib"
- _md "$DIR/usr"
- _ln "../lib" "$DIR/usr/lib"
- }
- [ ! -x "$DIR/lib/runas.so" ] && {
- _runas_so "$DIR/lib/runas.so"
- }
- LDSO=""
- [ -n "$LDD" ] && should_be_patched "$BIN" && {
- for token in $("$LDD" "$BIN" 2>/dev/null); do
- case "$token" in */*.so*)
- dest="$DIR/lib/${token##*/}"
- ddir="${dest%/*}"
- case "$token" in
- */ld-*.so*) LDSO="${token##*/}" ;;
- esac
- [ -f "$token" -a ! -f "$dest" ] && {
- _md "$ddir"
- _cp "$token" "$dest"
- case "$token" in
- */ld-*.so*) _patch_ldso "$dest" ;;
- */libc.so.6) _patch_glibc "$dest" ;;
- esac
- }
- ;; esac
- done
- }
- # is a dynamically linked executable
- if [ -n "$LDSO" ]; then
- echo "Bundling ${BIN##*/}"
- RUNDIR="$(readlink -f "$BIN")"; RUNDIR="${RUNDIR%/*}"
- RUN="${LDSO#ld-}"; RUN="run-${RUN%%.so*}.sh"
- REL="$(_relpath "$DIR/lib" "$BIN")"
- _mv "$BIN" "$RUNDIR/.${BIN##*/}.bin"
- cat <<-EOF > "$BIN"
- #!/usr/bin/env bash
- dir="\$(dirname "\$0")"
- export RUNAS_ARG0="\$0"
- export LD_PRELOAD="\${LD_PRELOAD:+\$LD_PRELOAD:}\$dir/${REL:+$REL/}runas.so"
- exec "\$dir/${REL:+$REL/}$LDSO" --library-path "\$dir/${REL:+$REL/}" "\$dir/.${BIN##*/}.bin" "\$@"
- EOF
- chmod ${VERBOSE:+-v} 0755 "$BIN"
- fi
- done
|