This should *actually* exclude everything we want to exclude and *actually* strip everything to the maximum.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- lfs/strip | 21 +++++----------- make.sh | 9 +++++-- src/stripper | 71 ++++++++++++++++++++++++++-------------------------- 3 files changed, 48 insertions(+), 53 deletions(-)
diff --git a/lfs/strip b/lfs/strip index 48e698a7c..466dfd9d5 100644 --- a/lfs/strip +++ b/lfs/strip @@ -29,16 +29,6 @@ VER = ipfire THISAPP = strip TARGET = $(DIR_INFO)/$(THISAPP)
-ifeq "$(TOOLCHAIN)" "1" - SHELL = /bin/bash - STRIP = /usr/bin/strip - ROOT = $(TOOLS_DIR) -else - SHELL = $(TOOLS_DIR)/bin/bash - STRIP = $(TOOLS_DIR)/bin/strip - ROOT = / -endif - ############################################################################### # Top-level Rules ############################################################################### @@ -56,18 +46,19 @@ md5 : ###############################################################################
$(TARGET) : +ifeq "$(TOOLCHAIN)" "1" + # Strip everything in the toolchain + $(DIR_SRC)/src/stripper $(TOOLS_DIR) +else # Don't strip VDR binaries, because they use a weird plugin system # which does not work when unneeded symbols get stripped from # /usr/sbin/vdr. - STRIP=$(STRIP) $(SHELL) $(DIR_SRC)/src/stripper \ - $(ROOT) \ + $(DIR_SRC)/src/stripper / \ --exclude=$(TOOLS_DIR) \ - --exclude=/dev \ - --exclude=/proc \ - --exclude=/sys \ --exclude=/tmp \ --exclude=/usr/src \ --exclude=/usr/lib/vdr \ --exclude=/usr/sbin/vdr \ --exclude=/var/tmp \ --exclude=/usr/lib/go +endif diff --git a/make.sh b/make.sh index 57e185312..356173065 100755 --- a/make.sh +++ b/make.sh @@ -556,6 +556,11 @@ enterchroot() {
local PATH="${TOOLS_DIR}/ccache/bin:/bin:/usr/bin:/sbin:/usr/sbin:${TOOLS_DIR}/bin"
+ # Prepend any custom changes to PATH + if [ -n "${CUSTOM_PATH}" ]; then + PATH="${CUSTOM_PATH}:${PATH}" + fi + PATH="${PATH}" chroot ${LFS} env -i \ HOME="/root" \ TERM="${TERM}" \ @@ -695,7 +700,7 @@ lfsmake2() { local PS1='\u:\w$ '
enterchroot \ - ${EXTRA_PATH}bash -x -c "cd /usr/src/lfs && \ + bash -x -c "cd /usr/src/lfs && \ make -f $* \ LFS_BASEDIR=/usr/src install" \ >> ${LOGFILE} 2>&1 & @@ -1693,7 +1698,7 @@ buildinstaller() { lfsmake2 memtest lfsmake2 installer # use toolchain bash for chroot to strip - EXTRA_PATH=${TOOLS_DIR}/bin/ lfsmake2 strip + CUSTOM_PATH="${TOOLS_DIR}/bin" lfsmake2 strip }
buildpackages() { diff --git a/src/stripper b/src/stripper index 6f449bb39..d1739b28c 100755 --- a/src/stripper +++ b/src/stripper @@ -1,49 +1,58 @@ #!/usr/bin/env bash
-dirs="" -excludes="/dev /proc /sys /run" +paths=() +excludes=()
while [ $# -gt 0 ]; do case "${1}" in --exclude=*) - excludes="${excludes} ${1#*=}" + excludes+=( "!" "-path" "${1#*=}/*" ) ;; *) - dirs="${dirs} ${1}" + paths+=( "${1}" ) ;; esac shift done
function _strip() { - local file=${1} - local strip="${STRIP-strip}" + local file="${1}" + local args=()
- local exclude l - for exclude in ${excludes}; do - l=${#exclude} - if [ "${file:0:${l}}" = "${exclude}" ]; then - return 0 - fi - done + # Fetch the filetype + local type="$(readelf -h "${file}" 2>/dev/null)"
- # Fetch any capabilities - local capabilities="$(getfattr --no-dereference --name="security.capability" \ - --absolute-names --dump "${file}" 2>/dev/null)" + case "${type}" in + # Libraries and Relocatable binaries + *Type:*"DYN (Shared object file)"*) + args+=( "--strip-all" ) + ;;
- local cmd=( "${strip}" ) + # Binaries + *Type:*"EXEC (Executable file)"*) + args+=( "--strip-all" ) + ;;
- case "$(file -bi ${file})" in - application/x-archive*) - cmd+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" ) + # Static libraries + *Type:*"REL (Relocatable file)"*) + args+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" ) ;; + + # Skip any unrecognised files *) - cmd+=( "--strip-all" ) + return 0 ;; esac
+ # Fetch any capabilities + local capabilities="$(getfattr --no-dereference --name="security.capability" \ + --absolute-names --dump "${file}" 2>/dev/null)" + echo "Stripping ${file}..." - ${cmd[*]} ${file} + if ! strip "${args[@]}" "${file}"; then + return 1 + fi +
# Restore capabilities if [ -n "${capabilities}" ]; then @@ -51,18 +60,8 @@ function _strip() { fi }
-for dir in ${dirs}; do - # Strip shared objects. - find ${dir} -type f ( -perm -0100 -or -perm -0010 -or -perm -0001 ) \ - | file -N -f - | sed -n -e 's/^(.*):[ ]*.*ELF.*, not stripped.*/\1/p' | - while read file; do - _strip ${file} || exit $? - done || exit $? - - # Strip static archives. - find ${dir} -name *.a -a -exec file {} ; \ - | grep 'current ar archive' | sed -n -e 's/^(.*):[ ]*current ar archive/\1/p' | - while read file; do - _strip ${file} || exit $? - done || exit $? +for path in ${paths[@]}; do + for file in $(find / -xdev "${excludes[@]}" -type f ( -perm -0100 -or -perm -0010 -or -perm -0001 ) 2>/dev/null); do + _strip "${file}" || exit $? + done done