annotate previous-work/more_control_helpers/etc/build @ 20:c75924bd38e3

fix security hole relating to path for package user.
author Robert McIntyre <rlm@mit.edu>
date Thu, 10 Jan 2013 04:25:17 +0000
parents d6bef198ae71
children
rev   line source
rlm@1 1 #!/bin/bash
rlm@1 2 # Copyright (c) 2000-2006 Matthias S. Benkmann <article AT winterdrache DOT de>
rlm@1 3 # You may do everything with this code except misrepresent its origin.
rlm@1 4 # PROVIDED `AS IS' WITH ABSOLUTELY NO WARRANTY OF ANY KIND!
rlm@1 5
rlm@1 6 # This script will build a package based on the commands in $HOME/build.conf
rlm@1 7 # It can be called with the following parameters that
rlm@1 8 # will cause it to execute the respective *_commands() functions. If it is
rlm@1 9 # called with no parameter, that is equivalent to
rlm@1 10 # build unpack patch configure make check install clean
rlm@1 11 #
rlm@1 12 # It will create 8 log files in the $HOME directory:
rlm@1 13 # configure.log: All messages output during configure
rlm@1 14 # configure.err: Just the errors output during configure
rlm@1 15 # check.log: All messages output during checking
rlm@1 16 # check.err: Just the errors output during checking
rlm@1 17 # make.log: All messages output during make
rlm@1 18 # make.err: Just the errors output during make
rlm@1 19 # install.log: All messages output during make install
rlm@1 20 # install.err: Just the errors output during make install
rlm@1 21 #
rlm@1 22 # After running the script you should check the *.err files to see
rlm@1 23 # if any problems have occurred. If that is the case, use the corresponding
rlm@1 24 # *.log files to see the error messages in context.
rlm@1 25
rlm@1 26 build_script="$(readlink -f "$0")"
rlm@1 27
rlm@1 28 cd # go HOME
rlm@1 29
rlm@1 30 source "$HOME"/build.conf
rlm@1 31
rlm@1 32 if [ "_$(whoami)" != _root ]; then
rlm@1 33 export PACKAGE_OWNER="$(whoami)"
rlm@1 34 fi
rlm@1 35
rlm@1 36
rlm@1 37 # This function auto-extracts tarballs based on PATTERNS (see build.conf) inside
rlm@1 38 # the directory $HOME/xxxbuild and
rlm@1 39 # cds into the fist directory created by the first tarball. This is also
rlm@1 40 # stored in the variable $srcdir.
rlm@1 41 unpack_commands()
rlm@1 42 { :
rlm@1 43 export srcdir=""
rlm@1 44 rm -rf "$HOME/xxxbuild"
rlm@1 45 mkdir -p "$HOME/xxxbuild"
rlm@1 46 cd "$HOME/xxxbuild" || return 1
rlm@1 47
rlm@1 48 for p in $PATTERNS ; do
rlm@1 49 for archive in "$HOME"/*"$p"* ; do
rlm@1 50 dir=""
rlm@1 51 if [ -f "$archive" ]; then
rlm@1 52 case z"$archive" in
rlm@1 53 z*.tar.bz2) dir=$(tar tjf "$archive" | grep / | head -n 1) ; tar xjf "$archive" ;;
rlm@1 54 z*.tar.gz) dir=$(tar tzf "$archive" | grep / | head -n 1) ; tar xzf "$archive" ;;
rlm@1 55 esac
rlm@1 56 fi
rlm@1 57 dir=${dir##./}
rlm@1 58 test -z "$dir" && echo 1>&2 "Error extracting $archive"
rlm@1 59 test -z "$srcdir" && srcdir=${dir%%/*}
rlm@1 60 done
rlm@1 61 done
rlm@1 62
rlm@1 63 test -z "$srcdir" && { echo 1>&2 "Source directory not found" ; return 1 ; }
rlm@1 64 ln -s "$srcdir" yyysrc
rlm@1 65 }
rlm@1 66
rlm@1 67 clean_commands()
rlm@1 68 {
rlm@1 69 rm -rf "$HOME/xxxbuild"
rlm@1 70 }
rlm@1 71
rlm@1 72 test_pipe()
rlm@1 73 {
rlm@1 74 for i in "${PIPESTATUS[@]}"
rlm@1 75 do
rlm@1 76 test $i != 0 && { echo FAILED! ; exit 1 ; }
rlm@1 77 done
rlm@1 78 echo successful!
rlm@1 79 return 0
rlm@1 80 }
rlm@1 81
rlm@1 82 if [ $# -eq 0 ]; then
rlm@1 83 set -- unpack patch configure make check root_pre_install install root_post_install clean
rlm@1 84 fi
rlm@1 85
rlm@1 86 while [ -n "$1" ]; do
rlm@1 87 case "_$1" in
rlm@1 88 _all)
rlm@1 89 shift 1
rlm@1 90 set -- dummy unpack patch configure make check root_pre_install install root_post_install clean "$@"
rlm@1 91 ;;
rlm@1 92
rlm@1 93 _unpack)
rlm@1 94 echo -n Unpacking...
rlm@1 95
rlm@1 96 unpack_commands # no logging for unpack necessary
rlm@1 97 test_pipe
rlm@1 98 ;;
rlm@1 99
rlm@1 100 _patch)
rlm@1 101 cd "$HOME/xxxbuild/yyysrc" && srcdir="$(pwd)" || exit 1
rlm@1 102 patch_commands # no logging for patch necessary
rlm@1 103 #test_pipe
rlm@1 104 ;;
rlm@1 105
rlm@1 106 _configure)
rlm@1 107 cd "$HOME/xxxbuild/yyysrc" && srcdir="$(pwd)" || exit 1
rlm@1 108 echo -n Configuring...
rlm@1 109
rlm@1 110 { configure_commands 3>&1 1>&2 2>&3 | tee "$HOME/configure.err" ;} &>"$HOME/configure.log"
rlm@1 111 test_pipe
rlm@1 112 # NOTE: Simply using && instead of test_pipe would not work, because &&
rlm@1 113 # only tests the exit status of the last command in the pipe, which is tee.
rlm@1 114 ;;
rlm@1 115
rlm@1 116 _make)
rlm@1 117 cd "$HOME/xxxbuild/yyysrc" && srcdir="$(pwd)" || exit 1
rlm@1 118 echo -n Building...
rlm@1 119
rlm@1 120 { make_commands 3>&1 1>&2 2>&3 | tee "$HOME/make.err" ;} &>"$HOME/make.log"
rlm@1 121 test_pipe
rlm@1 122 ;;
rlm@1 123
rlm@1 124 _check)
rlm@1 125 cd "$HOME/xxxbuild/yyysrc" && srcdir="$(pwd)" || exit 1
rlm@1 126 echo -n Checking...
rlm@1 127
rlm@1 128 { check_commands 3>&1 1>&2 2>&3 | tee "$HOME/check.err" ;} &>"$HOME/check.log"
rlm@1 129 test_pipe
rlm@1 130 ;;
rlm@1 131
rlm@1 132 _root_pre_install)
rlm@1 133 if type root_pre_install_commands &>/dev/null ; then
rlm@1 134 if [ _$(whoami) != _root ]; then
rlm@1 135 su --preserve-environment root -c "HOME='$HOME' '$build_script' root_pre_install" || exit 1
rlm@1 136 else
rlm@1 137 echo -n "Preparing for install(root)..."
rlm@1 138
rlm@1 139 { root_pre_install_commands 3>&1 1>&2 2>&3 | tee "$HOME/preinstall.err" ;} &>"$HOME/preinstall.log"
rlm@1 140 test_pipe
rlm@1 141 fi
rlm@1 142 fi
rlm@1 143 ;;
rlm@1 144
rlm@1 145 _install)
rlm@1 146 cd "$HOME/xxxbuild/yyysrc" && srcdir="$(pwd)" || exit 1
rlm@1 147 echo -n Installing...
rlm@1 148
rlm@1 149 { install_commands 3>&1 1>&2 2>&3 | tee "$HOME/install.err" ;} &>"$HOME/install.log"
rlm@1 150 test_pipe
rlm@1 151 ;;
rlm@1 152
rlm@1 153 _root_post_install)
rlm@1 154 if type root_post_install_commands &>/dev/null ; then
rlm@1 155 if [ _$(whoami) != _root ]; then
rlm@1 156 su --preserve-environment root -c "HOME='$HOME' '$build_script' root_post_install" || exit 1
rlm@1 157 else
rlm@1 158 echo -n "Finishing install(root)..."
rlm@1 159
rlm@1 160 { root_post_install_commands 3>&1 1>&2 2>&3 | tee "$HOME/postinstall.err" ;} &>"$HOME/postinstall.log"
rlm@1 161 test_pipe
rlm@1 162 fi
rlm@1 163 fi
rlm@1 164 ;;
rlm@1 165
rlm@1 166 _clean)
rlm@1 167 cd "$HOME"
rlm@1 168 echo -n Cleaning...
rlm@1 169 clean_commands
rlm@1 170 echo done!
rlm@1 171 ;;
rlm@1 172 *)
rlm@1 173 echo 1>&2 "Unknown command '$1'"
rlm@1 174 exit 1
rlm@1 175 ;;
rlm@1 176 esac
rlm@1 177 shift 1
rlm@1 178 done