summaryrefslogtreecommitdiff
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/paxmark/APKBUILD23
-rw-r--r--system/paxmark/paxmark33
2 files changed, 56 insertions, 0 deletions
diff --git a/system/paxmark/APKBUILD b/system/paxmark/APKBUILD
new file mode 100644
index 000000000..767803915
--- /dev/null
+++ b/system/paxmark/APKBUILD
@@ -0,0 +1,23 @@
+# Contributor: Timo Teräs <timo.teras@iki.fi>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
+pkgname=paxmark
+pkgver=0.11
+pkgrel=0
+pkgdesc="Manage PaX marking of executables"
+url="https://alpinelinux.org"
+arch="noarch"
+options="!check"
+license="GPL-2.0-only"
+depends="attr"
+makedepends=""
+install=""
+subpackages=""
+source="paxmark"
+
+package() {
+ mkdir -p "$pkgdir"/usr/sbin
+ install -m755 "$srcdir"/paxmark "$pkgdir"/usr/sbin
+ ln -s paxmark "$pkgdir"/usr/sbin/paxmark.sh
+}
+
+sha512sums="c43b5a48a8ac14b027114f712820b1fb8b0e209fcfe1a69eb64b4c68289a3bb3f26c3ea40350cbfdaa97329b4a8e1de2582025e5221c3016aff85bb75118e665 paxmark"
diff --git a/system/paxmark/paxmark b/system/paxmark/paxmark
new file mode 100644
index 000000000..f80eb69ff
--- /dev/null
+++ b/system/paxmark/paxmark
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+ret=0
+flags="${1//[!zPpEeMmRrSs]}"
+[ -n "${flags}" ] || exit 0
+shift
+
+# Create XATTR_PAX marking using attr
+xval=""
+[ "${flags//[!P]}" ] && xval="${xval}P"
+[ "${flags//[!p]}" -a -z "${flags//[!P]}" ] && xval="${xval}p"
+[ "${flags//[!E]}" ] && xval="${xval}E"
+[ "${flags//[!e]}" -a -z "${flags//[!E]}" ] && xval="${xval}e"
+[ -z "${flags//[!zEe]}" ] && xval="${xval}e"
+[ "${flags//[!M]}" ] && xval="${xval}M"
+[ "${flags//[!m]}" -a -z "${flags//[!M]}" ] && xval="${xval}m"
+[ "${flags//[!R]}" ] && xval="${xval}R"
+[ "${flags//[!r]}" -a -z "${flags//[!R]}" ] && xval="${xval}r"
+[ "${flags//[!S]}" ] && xval="${xval}S"
+[ "${flags//[!s]}" -a -z "${flags//[!S]}" ] && xval="${xval}s"
+
+for f in "$@"; do
+ if [ -n "FAKEROOTKEY" ]; then
+ # fakeroot does not set xattr's on disk.
+ # explicitly do that, because the marked binary might
+ # be executed next during install.
+ LD_PRELOAD="" FAKEROOTKEY="" attr -q -s pax.flags -V "${xval}" "${f}" >/dev/null || ret=1
+ fi
+ attr -q -s pax.flags -V "${xval}" "${f}" >/dev/null || ret=1
+done
+
+exit $ret
+