#
# Script to install host system binaries along with required libraries.
#
-# Copyright (C) 2012-2013 Jo-Philipp Wich <jo@mein.io>
+# Copyright (C) 2012-2017 Jo-Philipp Wich <jo@mein.io>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
}
}
+_mv() {
+ mv ${VERBOSE:+-v} "$1" "$2" || {
+ echo "mv($1 $2) failed" >&2
+ exit 1
+ }
+}
+
_md() {
mkdir ${VERBOSE:+-v} -p "$1" || {
echo "mkdir($1) failed" >&2
}
}
+_relpath() {
+ local base="$(readlink -f "$1")"
+ local dest="$(readlink -f "$2")"
+ local up
+
+ [ -d "$base" ] || base="${base%/*}"
+ [ -d "$dest" ] || dest="${dest%/*}"
+
+ while true; do
+ case "$base"
+ in "$dest"/*)
+ echo "$up/${base#$dest/}"
+ break
+ ;;
+ *)
+ dest="${dest%/*}"
+ up="${up:+$up/}.."
+ ;;
+ esac
+ done
+}
+
+_runas_so() {
+ cat <<-EOT | ${CC:-gcc} -x c -fPIC -shared -o "$1" -
+ #include <unistd.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+
+ int mangle_arg0(int argc, char **argv, char **env) {
+ char *arg0 = getenv("RUNAS_ARG0");
+
+ if (arg0) {
+ argv[0] = arg0;
+ unsetenv("RUNAS_ARG0");
+ }
+
+ return 0;
+ }
+
+ #ifdef __APPLE__
+ __attribute__((section("__DATA,__mod_init_func")))
+ #else
+ __attribute__((section(".init_array")))
+ #endif
+ static void *mangle_arg0_constructor = &mangle_arg0;
+ EOT
+
+ [ -x "$1" ] || {
+ echo "compiling preload library failed" >&2
+ exit 5
+ }
+}
+
+_patch_ldso() {
+ _cp "$1" "$1.patched"
+ sed -i -e 's,/\(usr\|lib\|etc\)/,/###/,g' "$1.patched"
+
+ if "$1.patched" 2>&1 | grep -q -- --library-path; then
+ _mv "$1.patched" "$1"
+ else
+ echo "binary patched ${1##*/} not executable, using original" >&2
+ rm -f "$1.patched"
+ fi
+}
+
+_patch_glibc() {
+ _cp "$1" "$1.patched"
+ sed -i -e 's,/usr/\(\(lib\|share\)/locale\),/###/\1,g' "$1.patched"
+
+ if "$1.patched" 2>&1 | grep -q -- GNU; then
+ _mv "$1.patched" "$1"
+ else
+ echo "binary patched ${1##*/} not executable, using original" >&2
+ rm -f "$1.patched"
+ fi
+}
+
+should_be_patched() {
+ local bin="$1"
+
+ [ -x "$bin" ] || return 1
+
+ case "$bin" in
+ *.so|*.so.[0-9]*)
+ return 1
+ ;;
+ *)
+ file "$bin" | grep -sqE "ELF.*(executable|interpreter)" && return 0
+ ;;
+ esac
+
+ return 1
+}
+
for LDD in ${PATH//://ldd }/ldd; do
"$LDD" --version >/dev/null 2>/dev/null && break
LDD=""
[ -n "$LDD" -a -x "$LDD" ] || LDD=
for BIN in "$@"; do
- [ -n "$BIN" -a -x "$BIN" -a -n "$DIR" ] || {
+ [ -n "$BIN" -a -n "$DIR" ] || {
echo "Usage: $0 <destdir> <executable> ..." >&2
exit 1
}
- [ ! -d "$DIR/bundled/lib" ] && {
- _md "$DIR/bundled/lib"
- _md "$DIR/bundled/usr"
- _ln "../lib" "$DIR/bundled/usr/lib"
+ [ ! -d "$DIR/lib" ] && {
+ _md "$DIR/lib"
+ _md "$DIR/usr"
+ _ln "../lib" "$DIR/usr/lib"
+ }
+
+ [ ! -x "$DIR/lib/runas.so" ] && {
+ _runas_so "$DIR/lib/runas.so"
}
LDSO=""
- echo "Bundling ${BIN##*/}"
- [ -n "$LDD" ] && {
+ [ -n "$LDD" ] && should_be_patched "$BIN" && {
for token in $("$LDD" "$BIN" 2>/dev/null); do
case "$token" in */*.so*)
+ dest="$DIR/lib/${token##*/}"
+ ddir="${dest%/*}"
+
case "$token" in
- *ld-*.so*) LDSO="${token##*/}" ;;
- *) echo " * lib: ${token##*/}" ;;
+ */ld-*.so*) LDSO="${token##*/}" ;;
esac
- dest="$DIR/bundled/lib/${token##*/}"
- ddir="${dest%/*}"
-
[ -f "$token" -a ! -f "$dest" ] && {
_md "$ddir"
_cp "$token" "$dest"
+ case "$token" in
+ */ld-*.so*) _patch_ldso "$dest" ;;
+ */libc.so.6) _patch_glibc "$dest" ;;
+ esac
}
;; esac
done
}
- _md "$DIR"
-
# is a dynamically linked executable
if [ -n "$LDSO" ]; then
- _cp "$BIN" "$DIR/bundled/${BIN##*/}"
+ echo "Bundling ${BIN##*/}"
+ RUNDIR="$(readlink -f "$BIN")"; RUNDIR="${RUNDIR%/*}"
RUN="${LDSO#ld-}"; RUN="run-${RUN%%.so*}.sh"
+ REL="$(_relpath "$DIR/lib" "$BIN")"
- [ -x "$DIR/bundled/$RUN" ] || {
- cat <<-EOF > "$DIR/bundled/$RUN"
- #!/usr/bin/env bash
- dir="\$(dirname "\$0")"
- bin="\$(basename "\$0")"
- exec -a "\$0" "\$dir/bundled/lib/$LDSO" --library-path "\$dir/bundled/lib" "\$dir/bundled/\$bin" "\$@"
- EOF
- chmod ${VERBOSE:+-v} 0755 "$DIR/bundled/$RUN"
- }
+ _mv "$BIN" "$RUNDIR/.${BIN##*/}.bin"
- _ln "./bundled/$RUN" "$DIR/${BIN##*/}"
+ cat <<-EOF > "$BIN"
+ #!/usr/bin/env bash
+ dir="\$(dirname "\$0")"
+ export RUNAS_ARG0="\$0"
+ export LD_PRELOAD="\${LD_PRELOAD:+\$LD_PRELOAD:}\$dir/${REL:+$REL/}runas.so"
+ exec "\$dir/${REL:+$REL/}$LDSO" --library-path "\$dir/${REL:+$REL/}" "\$dir/.${BIN##*/}.bin" "\$@"
+ EOF
- # is a static executable or non-elf binary
- else
- [ -n "$LDD" ] && echo " * not dynamically linked"
- _cp "$BIN" "$DIR/${BIN##*/}"
+ chmod ${VERBOSE:+-v} 0755 "$BIN"
fi
done