2016-09-21 10:58:09 -05:00
|
|
|
#!/bin/bash
|
|
|
|
#
|
|
|
|
# This file is part of the LibreOffice project.
|
|
|
|
#
|
|
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
#
|
|
|
|
|
|
|
|
# verify that ELF NEEDED entries are known-good so hopefully builds run on
|
|
|
|
# lots of different GNU/Linux distributions
|
|
|
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
2016-10-10 22:21:14 -05:00
|
|
|
PARA=1
|
2016-10-11 12:33:26 -05:00
|
|
|
check_path="${INSTDIR:-.}"
|
2016-10-10 22:21:14 -05:00
|
|
|
|
2018-02-20 05:43:02 -06:00
|
|
|
help()
|
|
|
|
{
|
|
|
|
cat << "EOF"
|
|
|
|
-d <dir> directory to check
|
|
|
|
-p run unbound parallel checks
|
|
|
|
-h help
|
|
|
|
EOF
|
|
|
|
[ -z "${1:-}" ] && exit 0
|
|
|
|
}
|
|
|
|
|
|
|
|
die()
|
|
|
|
{
|
|
|
|
echo "$1"
|
|
|
|
echo
|
|
|
|
help 1
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
2016-10-10 22:21:14 -05:00
|
|
|
while [ "${1:-}" != "" ]; do
|
|
|
|
parm=${1%%=*}
|
|
|
|
arg=${1#*=}
|
|
|
|
has_arg=
|
|
|
|
if [ "${1}" != "${parm?}" ] ; then
|
|
|
|
has_arg=1
|
|
|
|
else
|
|
|
|
arg=""
|
|
|
|
fi
|
|
|
|
|
|
|
|
case "${parm}" in
|
|
|
|
--dir|-d)
|
|
|
|
if [ "$has_arg" ] ; then
|
2018-02-20 05:43:02 -06:00
|
|
|
check_path="$arg"
|
2016-10-10 22:21:14 -05:00
|
|
|
else
|
|
|
|
shift
|
2018-02-20 05:43:02 -06:00
|
|
|
check_path="$1"
|
|
|
|
fi
|
|
|
|
if [ ! -d "$check_path" ]; then
|
|
|
|
die "Invalid directory '$check_path'"
|
2016-10-10 22:21:14 -05:00
|
|
|
fi
|
2018-02-20 05:43:02 -06:00
|
|
|
;;
|
|
|
|
-h)
|
|
|
|
help
|
|
|
|
;;
|
2016-10-10 22:21:14 -05:00
|
|
|
-p)
|
2018-12-11 02:03:21 -06:00
|
|
|
# this sounds counter intuitive but the idea
|
2016-10-10 22:21:14 -05:00
|
|
|
# is to possibly support -p <n>
|
2018-12-11 02:03:21 -06:00
|
|
|
# in the meantime: 0 = nolimit and -p 1 would mean
|
2016-10-10 22:21:14 -05:00
|
|
|
# the current default: serialize
|
|
|
|
PARA=0
|
|
|
|
;;
|
|
|
|
-*)
|
|
|
|
die "Invalid option $1"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
if [ "$DO_NEW" = 1 ] ; then
|
|
|
|
REPO="$1"
|
|
|
|
else
|
|
|
|
die "Invalid argument $1"
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
shift
|
|
|
|
done
|
|
|
|
|
|
|
|
|
2016-10-11 12:33:26 -05:00
|
|
|
files=$(find "${check_path}/program" "${check_path}/sdk/bin" -type f)
|
2016-09-21 10:58:09 -05:00
|
|
|
# all RPATHs should point to ${INSTDIR}/program so that's the files they find
|
2018-02-06 03:14:35 -06:00
|
|
|
programfiles=$(echo ${files} | grep -o '/program/[^/]* ' | xargs -n 1 basename)
|
2016-09-21 10:58:09 -05:00
|
|
|
|
2020-07-05 20:39:12 -05:00
|
|
|
# allowlists should contain only system libraries that have a good reputation
|
2016-09-21 10:58:09 -05:00
|
|
|
# of maintaining ABI stability
|
2020-07-05 20:39:12 -05:00
|
|
|
# allow extending the allowlist using the environment variable to be able to work
|
2018-10-27 16:47:54 -05:00
|
|
|
# on the installer stuff without the need for a baseline setup
|
2020-07-05 20:39:12 -05:00
|
|
|
globalallowlist="ld-linux-x86-64.so.2 ld-linux.so.2 libc.so.6 libm.so.6 libdl.so.2 libpthread.so.0 librt.so.1 libutil.so.1 libnsl.so.1 libcrypt.so.1 libgcc_s.so.1 libstdc++.so.6 libz.so.1 libfontconfig.so.1 libfreetype.so.6 libxml2.so.2 libxslt.so.1 libexslt.so.0 ${LO_ELFCHECK_ALLOWLIST-}"
|
|
|
|
x11allowlist="libX11.so.6 libX11-xcb.so.1 libXext.so.6 libSM.so.6 libICE.so.6 libXinerama.so.1 libXrender.so.1 libXrandr.so.2 libcairo.so.2"
|
|
|
|
openglallowlist="libGL.so.1"
|
|
|
|
gioallowlist="libgio-2.0.so.0 libgobject-2.0.so.0 libgmodule-2.0.so.0 libgthread-2.0.so.0 libglib-2.0.so.0 libdbus-glib-1.so.2 libdbus-1.so.3"
|
|
|
|
gstreamerallowlist="libgstaudio-1.0.so.0 libgstpbutils-1.0.so.0 libgstvideo-1.0.so.0 libgstbase-1.0.so.0 libgstreamer-1.0.so.0"
|
|
|
|
gtk3allowlist="libgtk-3.so.0 libgdk-3.so.0 libcairo-gobject.so.2 libpangocairo-1.0.so.0 libfribidi.so.0 libatk-1.0.so.0 libcairo.so.2 libgio-2.0.so.0 libpangoft2-1.0.so.0 libpango-1.0.so.0 libfontconfig.so.1 libfreetype.so.6 libgdk_pixbuf-2.0.so.0 libgobject-2.0.so.0 libglib-2.0.so.0 libgmodule-2.0.so.0 libgthread-2.0.so.0 libdbus-glib-1.so.2 libdbus-1.so.3 libharfbuzz.so.0"
|
|
|
|
qt5allowlist="libQt5Core.so.5 libQt5Gui.so.5 libQt5Network.so.5 libQt5Widgets.so.5 libQt5X11Extras.so.5 libcairo.so.2 libglib-2.0.so.0 libgobject-2.0.so.0 libxcb.so.1 libxcb-icccm.so.4"
|
|
|
|
kf5allowlist="libKF5ConfigCore.so.5 libKF5CoreAddons.so.5 libKF5I18n.so.5 libKF5KIOCore.so.5 libKF5KIOFileWidgets.so.5 libKF5KIOWidgets.so.5 libKF5WindowSystem.so.5"
|
|
|
|
avahiallowlist="libdbus-glib-1.so.2 libdbus-1.so.3 libgobject-2.0.so.0 libgmodule-2.0.so.0 libgthread-2.0.so.0 libglib-2.0.so.0 libavahi-common.so.3 libavahi-client.so.3"
|
|
|
|
kerberosallowlist="libgssapi_krb5.so.2 libcom_err.so.2 libkrb5.so.3"
|
|
|
|
dconfallowlist="libdconf.so.1 libgio-2.0.so.0 libglib-2.0.so.0 libgobject-2.0.so.0"
|
2016-09-21 10:58:09 -05:00
|
|
|
|
2016-10-10 22:21:14 -05:00
|
|
|
check_one_file()
|
|
|
|
{
|
|
|
|
local file="$1"
|
2016-09-21 10:58:09 -05:00
|
|
|
|
2016-10-10 10:08:05 -05:00
|
|
|
skip=0
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${globalallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
case "${file}" in
|
|
|
|
*/sdk/docs/*)
|
|
|
|
# skip the majority of files, no ELF binaries here
|
|
|
|
skip=1
|
|
|
|
;;
|
2019-12-09 07:08:19 -06:00
|
|
|
*/_uuid.cpython-*.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} libuuid.so.1"
|
2019-12-09 07:08:19 -06:00
|
|
|
;;
|
2019-09-04 07:09:17 -05:00
|
|
|
*/libcairo.so.2)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} libxcb-shm.so.0 libxcb.so.1 libxcb-render.so.0"
|
2019-09-04 07:09:17 -05:00
|
|
|
;;
|
2016-10-10 10:08:05 -05:00
|
|
|
*/libcairocanvaslo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} libcairo.so.2"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
|
|
|
*/libucpgio1lo.so|*/liblosessioninstalllo.so|*/libevoablo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${gioallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
|
|
|
*/libavmediagst.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${gtk3allowlist} ${gstreamerallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2019-07-09 10:28:29 -05:00
|
|
|
*/libvclplug_kf5lo.so|*/libkf5be1lo.so)
|
|
|
|
if [ "$ENABLE_KF5" = TRUE ]; then
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${qt5allowlist} ${kf5allowlist}"
|
2018-08-27 05:45:37 -05:00
|
|
|
fi
|
|
|
|
;;
|
2019-08-13 04:37:50 -05:00
|
|
|
*/libvclplug_gtk3lo.so|*/updater)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${gtk3allowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2018-02-07 02:11:35 -06:00
|
|
|
*/libvclplug_qt5lo.so)
|
|
|
|
if [ "$ENABLE_QT5" = TRUE ]; then
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${qt5allowlist}"
|
2018-02-07 02:11:35 -06:00
|
|
|
fi
|
|
|
|
;;
|
2018-02-07 02:31:54 -06:00
|
|
|
*/libvclplug_gtk3_kde5lo.so)
|
|
|
|
if [ "$ENABLE_GTK3_KDE5" = TRUE ]; then
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${gtk3allowlist} ${qt5allowlist} ${kf5allowlist}"
|
2018-02-07 02:31:54 -06:00
|
|
|
fi
|
|
|
|
;;
|
|
|
|
*/lo_kde5filepicker)
|
|
|
|
if [ "$ENABLE_GTK3_KDE5" = TRUE ]; then
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${gtk3allowlist} ${qt5allowlist} \
|
|
|
|
${kf5allowlist}"
|
2018-02-07 02:31:54 -06:00
|
|
|
fi
|
|
|
|
;;
|
2016-10-10 10:08:05 -05:00
|
|
|
*/libdesktop_detectorlo.so|*/ui-previewer|*/oosplash|*/gengal.bin)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2018-07-16 15:58:53 -05:00
|
|
|
*/libvclplug_genlo.so|*/libchartcorelo.so|*/libavmediaogl.so|*/libOGLTranslo.so|*/liboglcanvaslo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${openglallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2018-02-07 02:11:35 -06:00
|
|
|
*/libvcllo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${openglallowlist} ${gioallowlist} libcups.so.2"
|
2018-02-07 02:11:35 -06:00
|
|
|
;;
|
|
|
|
*/libsofficeapp.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${openglallowlist} ${gioallowlist} libcups.so.2"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
|
|
|
*/liblibreofficekitgtk.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${gtk3allowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
|
|
|
*/libsdlo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${avahiallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2019-11-28 03:41:05 -06:00
|
|
|
*/libskialo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${openglallowlist} ${x11allowlist}"
|
2019-11-28 03:41:05 -06:00
|
|
|
;;
|
2016-10-10 10:08:05 -05:00
|
|
|
*/libofficebean.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} libjawt.so"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
|
|
|
*/libpostgresql-sdbc-impllo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${kerberosallowlist}"
|
2016-10-10 10:08:05 -05:00
|
|
|
;;
|
2018-02-07 01:51:48 -06:00
|
|
|
*/libconfigmgrlo.so)
|
|
|
|
if [ "$ENABLE_DCONF" = TRUE ]; then
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${dconfallowlist}"
|
2018-02-07 01:51:48 -06:00
|
|
|
fi
|
|
|
|
;;
|
2018-02-06 07:05:09 -06:00
|
|
|
*/libmergedlo.so)
|
2020-07-05 20:39:12 -05:00
|
|
|
allowlist="${allowlist} ${x11allowlist} ${openglallowlist} ${gioallowlist} libcups.so.2 libcairo.so.2"
|
2018-02-06 07:05:09 -06:00
|
|
|
;;
|
2016-10-10 10:08:05 -05:00
|
|
|
esac
|
|
|
|
if test "${skip}" = 0 && readelf -d "${file}" &> /dev/null ; then
|
2016-10-11 11:03:14 -05:00
|
|
|
rpath=$(readelf -d "${file}" | grep '(\(RPATH\|RUNPATH\))' || true)
|
2016-09-21 10:58:09 -05:00
|
|
|
neededs=$(readelf -d "${file}" | grep '(NEEDED)' | sed -e 's/.*\[\(.*\)\]$/\1/')
|
|
|
|
neededsinternal=
|
|
|
|
for needed in ${neededs}
|
|
|
|
do
|
2020-07-05 20:39:12 -05:00
|
|
|
if ! echo ${allowlist} | grep -q -w "${needed}" ; then
|
2016-09-21 10:58:09 -05:00
|
|
|
neededsinternal="${neededsinternal} ${needed}"
|
|
|
|
if ! echo ${programfiles} | grep -q -w "${needed}" ; then
|
|
|
|
echo "${file}" has suspicious NEEDED: "${needed}"
|
|
|
|
status=1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
if test -z "${rpath}" ; then
|
|
|
|
case "${file}" in
|
|
|
|
*/python-core-*/lib/lib-dynload/*)
|
|
|
|
# python modules don't have RPATH
|
|
|
|
;;
|
|
|
|
*/share/extensions/*)
|
|
|
|
# extension libraries don't have RPATH
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
# no NEEDED from instdir, no RPATH needed
|
|
|
|
if test -n "${neededsinternal}" ; then
|
|
|
|
echo "${file}" has no RPATH
|
|
|
|
status=1
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
else
|
|
|
|
case "$file" in
|
|
|
|
*/sdk/bin/*)
|
|
|
|
if echo "${rpath}" | grep -q -v '\[\$ORIGIN/../../program\]$' ; then
|
|
|
|
echo "${file}" has unexpected RPATH "${rpath}"
|
|
|
|
status=1
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
if echo "${rpath}" | grep -q -v '\[\$ORIGIN\]$' ; then
|
|
|
|
echo "${file}" has unexpected RPATH "${rpath}"
|
|
|
|
status=1
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
fi
|
|
|
|
fi
|
2016-10-10 22:21:14 -05:00
|
|
|
}
|
|
|
|
status=0
|
|
|
|
|
|
|
|
if [ "$PARA" = "1" ] ; then
|
|
|
|
for file in ${files}
|
|
|
|
do
|
|
|
|
check_one_file $file
|
|
|
|
done
|
|
|
|
else
|
|
|
|
rm -f check_elf.out
|
|
|
|
for file in ${files}
|
|
|
|
do
|
|
|
|
(
|
|
|
|
check_one_file $file
|
|
|
|
)>> check_elf.out &
|
|
|
|
done
|
2016-09-21 10:58:09 -05:00
|
|
|
|
2017-11-29 08:14:57 -06:00
|
|
|
wait
|
2017-11-29 06:40:22 -06:00
|
|
|
|
2016-10-10 22:21:14 -05:00
|
|
|
if [ -s check_elf.out ] ; then
|
2017-11-29 14:23:44 -06:00
|
|
|
cat check_elf.out
|
2018-03-08 09:05:04 -06:00
|
|
|
status=1
|
2016-10-10 22:21:14 -05:00
|
|
|
fi
|
|
|
|
rm check_elf.out
|
|
|
|
fi
|
2016-09-21 10:58:09 -05:00
|
|
|
exit ${status}
|
|
|
|
|