mirror of
https://github.com/vyos/vyos-build.git
synced 2025-10-01 20:28:40 +02:00
53bd06d17b
As the VyOS Linux Kernel will be compiled with CONFIG_MODULE_SIG_FORCE all driver modules need to be cryptographically signed. This happens during build of the Kernel and it's 3rd party modules. Stripping the objects would remove said signature and the system will be unable to boot b/c of CONFIG_MODULE_SIG_FORCE.
76 lines
2.0 KiB
Bash
Executable File
76 lines
2.0 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
#
|
|
# Discard symbols and other data from object files.
|
|
#
|
|
# Reference:
|
|
# https://www.linuxfromscratch.org/lfs/view/systemd/chapter08/stripping.html
|
|
# https://www.debian.org/doc/debian-policy/ch-files.html
|
|
#
|
|
|
|
# Set variables.
|
|
STRIPCMD_REGULAR="strip --remove-section=.comment --remove-section=.note --preserve-dates"
|
|
STRIPCMD_DEBUG="strip --strip-debug --remove-section=.comment --remove-section=.note --preserve-dates"
|
|
STRIPCMD_UNNEEDED="strip --strip-unneeded --remove-section=.comment --remove-section=.note --preserve-dates"
|
|
STRIPDIR_REGULAR="
|
|
"
|
|
STRIPDIR_DEBUG="
|
|
"
|
|
STRIPDIR_UNNEEDED="
|
|
/etc/hsflowd/modules
|
|
/usr/bin
|
|
/usr/lib/openvpn
|
|
/usr/lib/x86_64-linux-gnu
|
|
/usr/lib32
|
|
/usr/lib64
|
|
/usr/libx32
|
|
/usr/sbin
|
|
"
|
|
STRIP_EXCLUDE=`dpkg-query -L libbinutils | grep '.so'`
|
|
|
|
# Perform stuff.
|
|
echo "Stripping symbols..."
|
|
|
|
# List excluded files.
|
|
echo "Exclude files: ${STRIP_EXCLUDE}"
|
|
|
|
# CMD: strip
|
|
for DIR in ${STRIPDIR_REGULAR}; do
|
|
echo "Parse dir (strip): ${DIR}"
|
|
find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
|
|
echo "${STRIP_EXCLUDE}" | grep -F -q -w "${FILE}"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Strip file (strip): ${FILE}"
|
|
${STRIPCMD_REGULAR} ${FILE}
|
|
fi
|
|
done
|
|
done
|
|
|
|
# CMD: strip --strip-debug
|
|
for DIR in ${STRIPDIR_DEBUG}; do
|
|
echo "Parse dir (strip-debug): ${DIR}"
|
|
find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
|
|
echo "${STRIP_EXCLUDE}" | grep -F -q -w "${FILE}"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Strip file (strip-debug): ${FILE}"
|
|
${STRIPCMD_DEBUG} ${FILE}
|
|
fi
|
|
done
|
|
done
|
|
|
|
# CMD: strip --strip-unneeded
|
|
for DIR in ${STRIPDIR_UNNEEDED}; do
|
|
echo "Parse dir (strip-unneeded: ${DIR}"
|
|
find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
|
|
echo "${STRIP_EXCLUDE}" | grep -F -q -w "${FILE}"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Strip file (strip-unneeded): ${FILE}"
|
|
${STRIPCMD_UNNEEDED} ${FILE}
|
|
fi
|
|
done
|
|
done
|
|
|
|
# Remove binutils package.
|
|
apt-get -y purge --autoremove binutils
|
|
|