aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/revdep-pax.136
-rw-r--r--doc/revdep-pax.pod24
-rwxr-xr-xscripts/revdep-pax68
3 files changed, 71 insertions, 57 deletions
diff --git a/doc/revdep-pax.1 b/doc/revdep-pax.1
index 8e2b008..3933f76 100644
--- a/doc/revdep-pax.1
+++ b/doc/revdep-pax.1
@@ -135,13 +135,13 @@ revdep\-pax \- find mismatching PaX markings between ELF objects and their libra
.IX Header "SYNOPSIS"
\&\fBrevdep-pax\fR \-f [\-v]
.PP
-\&\fBrevdep-pax\fR \-r [\-v]
+\&\fBrevdep-pax\fR \-r [\-ve]
.PP
\&\fBrevdep-pax\fR \-b \s-1OBJECT\s0 [\-mv]
.PP
-\&\fBrevdep-pax\fR \-s \s-1SONAME\s0 [\-mv]
+\&\fBrevdep-pax\fR \-s \s-1SONAME\s0 [\-mve]
.PP
-\&\fBrevdep-pax\fR \-l \s-1LIBRARY\s0 [\-mv]
+\&\fBrevdep-pax\fR \-l \s-1LIBRARY\s0 [\-mve]
.PP
\&\fBrevdep-pax\fR [\-h]
.SH "DESCRIPTION"
@@ -165,28 +165,32 @@ and in mark mode (\-m), the user is prompted whether to proceed with the migrati
so that the PaX flags of the target inherit the flags of the source.
.SH "OPTIONS"
.IX Header "OPTIONS"
-.IP "\fB\-f\fR Scan the system for all forward mappings" 4
-.IX Item "-f Scan the system for all forward mappings"
+.IP "\fB\-f\fR Scan the system for all forward mappings." 4
+.IX Item "-f Scan the system for all forward mappings."
.PD 0
.IP "" 4
-.IP "\fB\-r\fR Scan the system for all reverse mappings" 4
-.IX Item "-r Scan the system for all reverse mappings"
+.IP "\fB\-r\fR Scan the system for all reverse mappings." 4
+.IX Item "-r Scan the system for all reverse mappings."
.IP "" 4
-.IP "\fB\-b\fR \s-1OBJECT\s0 Retrieve only the forward mappings for this \s-1ELF\s0 \s-1OBJECT\s0" 4
-.IX Item "-b OBJECT Retrieve only the forward mappings for this ELF OBJECT"
+.IP "\fB\-b\fR \s-1OBJECT\s0 Retrieve only the forward mappings for this \s-1ELF\s0 \s-1OBJECT\s0." 4
+.IX Item "-b OBJECT Retrieve only the forward mappings for this ELF OBJECT."
.IP "" 4
-.IP "\fB\-s\fR \s-1SONAME\s0 Retrieve only the reverse mappings for this \s-1SONAME\s0" 4
-.IX Item "-s SONAME Retrieve only the reverse mappings for this SONAME"
+.IP "\fB\-s\fR \s-1SONAME\s0 Retrieve only the reverse mappings for this \s-1SONAME\s0." 4
+.IX Item "-s SONAME Retrieve only the reverse mappings for this SONAME."
.IP "" 4
-.IP "\fB\-l\fR \s-1LIBRARY\s0 Retrieve only the reverse mappings for this \s-1LIBRARY\s0" 4
-.IX Item "-l LIBRARY Retrieve only the reverse mappings for this LIBRARY"
-.IP "" 4
-.IP "\fB\-v\fR Report all mappings, not just the mismatched ones" 4
-.IX Item "-v Report all mappings, not just the mismatched ones"
+.IP "\fB\-l\fR \s-1LIBRARY\s0 Retrieve only the reverse mappings for this \s-1LIBRARY\s0." 4
+.IX Item "-l LIBRARY Retrieve only the reverse mappings for this LIBRARY."
.IP "" 4
.IP "\fB\-m\fR Prompt the user to mark the found object with the PaX flags of the source" 4
.IX Item "-m Prompt the user to mark the found object with the PaX flags of the source"
.IP "" 4
+.IP "\fB\-v\fR Report all mappings, not just the mismatched ones." 4
+.IX Item "-v Report all mappings, not just the mismatched ones."
+.IP "" 4
+.ie n .IP "\fB\-e\fR If \-v is chosen, then limit the report to only those executables in the current shell's $PATH. If \-m is chosen, then limit the markings to only those executables. This flag only has effect for reverse mappings, i.e., for \-r, \-s or \-l." 4
+.el .IP "\fB\-e\fR If \-v is chosen, then limit the report to only those executables in the current shell's \f(CW$PATH\fR. If \-m is chosen, then limit the markings to only those executables. This flag only has effect for reverse mappings, i.e., for \-r, \-s or \-l." 4
+.IX Item "-e If -v is chosen, then limit the report to only those executables in the current shell's $PATH. If -m is chosen, then limit the markings to only those executables. This flag only has effect for reverse mappings, i.e., for -r, -s or -l."
+.IP "" 4
.IP "\fB\-h\fR Print out a short help message and exit." 4
.IX Item "-h Print out a short help message and exit."
.PD
diff --git a/doc/revdep-pax.pod b/doc/revdep-pax.pod
index fc46418..a72b0ba 100644
--- a/doc/revdep-pax.pod
+++ b/doc/revdep-pax.pod
@@ -6,13 +6,13 @@ B<revdep-pax> - find mismatching PaX markings between ELF objects and their libr
B<revdep-pax> -f [-v]
-B<revdep-pax> -r [-v]
+B<revdep-pax> -r [-ve]
B<revdep-pax> -b OBJECT [-mv]
-B<revdep-pax> -s SONAME [-mv]
+B<revdep-pax> -s SONAME [-mve]
-B<revdep-pax> -l LIBRARY [-mv]
+B<revdep-pax> -l LIBRARY [-mve]
B<revdep-pax> [-h]
@@ -40,31 +40,35 @@ so that the PaX flags of the target inherit the flags of the source.
=over
-=item B<-f> Scan the system for all forward mappings
+=item B<-f> Scan the system for all forward mappings.
=item
-=item B<-r> Scan the system for all reverse mappings
+=item B<-r> Scan the system for all reverse mappings.
=item
-=item B<-b> OBJECT Retrieve only the forward mappings for this ELF OBJECT
+=item B<-b> OBJECT Retrieve only the forward mappings for this ELF OBJECT.
=item
-=item B<-s> SONAME Retrieve only the reverse mappings for this SONAME
+=item B<-s> SONAME Retrieve only the reverse mappings for this SONAME.
=item
-=item B<-l> LIBRARY Retrieve only the reverse mappings for this LIBRARY
+=item B<-l> LIBRARY Retrieve only the reverse mappings for this LIBRARY.
=item
-=item B<-v> Report all mappings, not just the mismatched ones
+=item B<-m> Prompt the user to mark the found object with the PaX flags of the source.
=item
-=item B<-m> Prompt the user to mark the found object with the PaX flags of the source
+=item B<-v> Report all mappings, not just the mismatched ones.
+
+=item
+
+=item B<-e> If -v is chosen, then limit the report to only those executables in the current shell's $PATH. If -m is chosen, then limit the markings to only those executables. This flag only has effect for reverse mappings, i.e., for -r, -s or -l.
=item
diff --git a/scripts/revdep-pax b/scripts/revdep-pax
index bfea494..b65a65a 100755
--- a/scripts/revdep-pax
+++ b/scripts/revdep-pax
@@ -105,13 +105,10 @@ def print_forward_linkings( forward_linkings, so2library_mappings, verbose ):
print sv
print
if count == 0:
- print
print '\tNo mismatches'
- print
else:
- print
print '\tMismatches'
- print
+ print
else:
if count != 0:
print s
@@ -120,14 +117,12 @@ def print_forward_linkings( forward_linkings, so2library_mappings, verbose ):
missing_binaries = set(missing_binaries)
print
- print
print '**** Missing binaries ****'
for m in missing_binaries:
print m
missing_links = set(missing_links)
print
- print
print '**** Missing forward linkings ****'
for m in missing_links:
print m
@@ -136,7 +131,8 @@ def print_forward_linkings( forward_linkings, so2library_mappings, verbose ):
print
-def print_reverse_linkings( reverse_linkings, so2library_mappings, verbose ):
+def print_reverse_linkings( reverse_linkings, so2library_mappings, verbose, executable_only ):
+ shell_path = path = os.getenv('PATH').split(':')
missing_sonames = []
missing_links = []
@@ -155,7 +151,11 @@ def print_reverse_linkings( reverse_linkings, so2library_mappings, verbose ):
for binary in reverse_linkings[soname]:
try:
( binary_flags, binary_pax_flags ) = pax.getflags(binary)
- sv = '%s\n\t%s ( %s )' % ( sv, binary, binary_flags )
+ if executable_only:
+ if os.path.dirname(binary) in shell_path:
+ sv = '%s\n\t%s ( %s )' % ( sv, binary, binary_flags )
+ else:
+ sv = '%s\n\t%s ( %s )' % ( sv, binary, binary_flags )
if library_flags != binary_flags:
s = '%s\n\t%s ( %s )' % ( s, binary, binary_flags )
count = count + 1
@@ -166,13 +166,10 @@ def print_reverse_linkings( reverse_linkings, so2library_mappings, verbose ):
print sv
print
if count == 0:
- print
print '\tNo mismatches'
- print
else:
- print
print '\tMismatches'
- print
+ print
else:
if count != 0:
print s
@@ -181,17 +178,16 @@ def print_reverse_linkings( reverse_linkings, so2library_mappings, verbose ):
missing_sonames = set(missing_sonames)
print
- print
print '**** Missing sonames ****'
for m in missing_sonames:
print m
missing_links = set(missing_links)
print
- print
print '**** Missing reverse linkings ****'
for m in missing_links:
print m
+
print
print
@@ -202,14 +198,15 @@ def run_usage():
print 'Program Name : revdep-pax'
print 'Description : Get or set pax flags on an ELF object'
print
- print 'Usage : revdep-pax -f [-v] print out all forward mappings for all system binaries'
- print ' : revdep-pax -r [-v] print out all reverse mappints for all system sonames'
- print ' : revdep-pax -b OBJECT [-mv] print all forward mappings only for OBJECT'
- print ' : revdep-pax -s SONAME [-mv] print all reverse mappings only for SONAME'
- print ' : revdep-pax -l LIBRARY [-mv] print all reverse mappings only for LIBRARY file'
- print ' : revdep-pax [-h] print out this help'
- print ' : -v verbose, otherwise just print mismatching objects'
- print ' : -m don\'t just report, but mark the mismatching objects'
+ print 'Usage : revdep-pax -f [-v] print out all forward mappings for all system binaries'
+ print ' : revdep-pax -r [-ve] print out all reverse mappings for all system sonames'
+ print ' : revdep-pax -b OBJECT [-mv] print all forward mappings only for OBJECT'
+ print ' : revdep-pax -s SONAME [-mve] print all reverse mappings only for SONAME'
+ print ' : revdep-pax -l LIBRARY [-mve] print all reverse mappings only for LIBRARY file'
+ print ' : revdep-pax [-h] print out this help'
+ print ' : -v verbose, otherwise just print mismatching objects'
+ print ' : -e assuming verbose, only print out executables in shell $PATH'
+ print ' : -m don\'t just report, but mark the mismatching objects'
print
@@ -219,10 +216,10 @@ def run_forward(verbose):
print
-def run_reverse(verbose):
+def run_reverse(verbose, executable_only):
( forward_linkings, so2library_mappings ) = get_forward_linkings()
reverse_linkings = invert_linkings( forward_linkings )
- print_reverse_linkings( reverse_linkings, so2library_mappings, verbose )
+ print_reverse_linkings( reverse_linkings, so2library_mappings, verbose, executable_only)
print
@@ -285,7 +282,9 @@ def invert_so2library_mappings( so2library_mappings ):
return library2soname_mappings
-def run_soname(name, verbose, use_soname, mark):
+def run_soname(name, verbose, use_soname, executable_only, mark):
+ shell_path = path = os.getenv('PATH').split(':')
+
( forward_linkings, so2library_mappings ) = get_forward_linkings()
reverse_linkings = invert_linkings( forward_linkings )
@@ -299,7 +298,7 @@ def run_soname(name, verbose, use_soname, mark):
library = so2library_mappings[soname]
( library_flags, library_pax_flags ) = pax.getflags(library)
- print soname, '\t', library, '(', library_flags, ')'
+ print '%s\t%s (%s)' % ( soname, library, library_flags )
print
mismatched_binaries = []
@@ -307,7 +306,11 @@ def run_soname(name, verbose, use_soname, mark):
try:
( binary_flags, binary_pax_flags ) = pax.getflags(binary)
if verbose:
- print '\t%s ( %s )' % ( binary, binary_flags )
+ if executable_only:
+ if os.path.dirname(binary) in shell_path:
+ print '\t%s ( %s )' % ( binary, binary_flags )
+ else:
+ print '\t%s ( %s )' % ( binary, binary_flags )
if library_flags != binary_flags:
mismatched_binaries.append(binary)
if not verbose:
@@ -347,7 +350,7 @@ def run_soname(name, verbose, use_soname, mark):
def main():
try:
- opts, args = getopt.getopt(sys.argv[1:], 'hfrb:s:l:vm')
+ opts, args = getopt.getopt(sys.argv[1:], 'hfrb:s:l:vem')
except getopt.GetoptError, err:
print str(err) # will print something like 'option -a not recognized'
run_usage()
@@ -366,6 +369,7 @@ def main():
library = None
verbose = False
+ executable_only = False
mark = False
opt_count = 0
@@ -391,6 +395,8 @@ def main():
opt_count += 1
elif o == '-v':
verbose = True
+ elif o == '-e':
+ executable_only = True
elif o == '-m':
mark = True
else:
@@ -404,14 +410,14 @@ def main():
elif do_forward:
run_forward(verbose)
elif do_reverse:
- run_reverse(verbose)
+ run_reverse(verbose, executable_only)
elif binary != None:
run_binary(binary, verbose, mark)
elif soname != None:
- run_soname(soname, verbose, True, mark)
+ run_soname(soname, verbose, executable_only, True, mark)
elif library != None:
library = os.path.realpath(library)
- run_soname(library, verbose, False, mark)
+ run_soname(library, verbose, executable_only, False, mark)
if __name__ == '__main__':
main()