|
|
349e27 |
#!/bin/sh
|
|
|
349e27 |
|
|
|
349e27 |
# srcdist.rawball: extract and repackage a subset of unmodified source files
|
|
|
349e27 |
# from a known upstream source distribution tarball, along with a manifest.
|
|
|
349e27 |
|
|
|
349e27 |
# this file is covered by COPYING.SRCDIST.
|
|
|
349e27 |
|
|
|
349e27 |
set -eu
|
|
|
349e27 |
|
|
|
349e27 |
mb_ruledir=
|
|
|
349e27 |
mb_rawball=
|
|
|
349e27 |
mb_tarball=
|
|
|
349e27 |
mb_tarball_sha256=
|
|
|
349e27 |
|
|
|
349e27 |
mb_script="$0"
|
|
|
349e27 |
mb_status=1
|
|
|
63968c |
mb_manifest=MANIFEST.rawball
|
|
|
349e27 |
|
|
|
349e27 |
export LC_ALL=C
|
|
|
349e27 |
|
|
|
349e27 |
rawball_usage()
|
|
|
349e27 |
{
|
|
|
349e27 |
printf 'usage: %s\n' "$mb_script" >&2
|
|
|
349e27 |
printf '\t%s\n' \
|
|
|
349e27 |
'--ruledir=/path/to/rule/dir' \
|
|
|
349e27 |
'--tarball=/path/to/upstream.tar.xz' \
|
|
|
349e27 |
'--tarball-sha256=upstream-signature' \
|
|
|
349e27 |
'--rawball=output-tarball-name' \
|
|
|
349e27 |
>&2
|
|
|
349e27 |
|
|
|
349e27 |
printf '\nThis will extract and repackage a subset of unmodified source\n' >&2
|
|
|
349e27 |
printf ' files from a known upstream source distribution tarball,\n' >&2
|
|
|
349e27 |
printf ' along with a manifest.\n\n' >&2
|
|
|
349e27 |
|
|
|
349e27 |
printf '\nThe --ruledir argument should point to a directory containing the following files:\n' >&2
|
|
|
349e27 |
printf ' upstream.sha256.known\n' >&2
|
|
|
349e27 |
printf ' rawball.include.patterns (appropriate for pax)\n' >&2
|
|
|
349e27 |
printf ' rawball.exclude.patterns (appropriate for grep -v -f)\n\n' >&2
|
|
|
349e27 |
|
|
|
349e27 |
exit ${mb_status}
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
for arg ; do
|
|
|
349e27 |
case "$arg" in
|
|
|
349e27 |
--ruledir=*)
|
|
|
349e27 |
mb_ruledir=${arg#*=}
|
|
|
349e27 |
;;
|
|
|
349e27 |
|
|
|
349e27 |
--rawball=*)
|
|
|
349e27 |
mb_rawball=${arg#*=}
|
|
|
349e27 |
;;
|
|
|
349e27 |
|
|
|
349e27 |
--tarball=*)
|
|
|
349e27 |
mb_tarball=${arg#*=}
|
|
|
349e27 |
;;
|
|
|
349e27 |
|
|
|
349e27 |
--tarball-sha256=*)
|
|
|
349e27 |
mb_tarball_sha256=${arg#*=}
|
|
|
349e27 |
;;
|
|
|
349e27 |
|
|
|
349e27 |
*)
|
|
|
349e27 |
printf '\n*** %s: unsupported argument!' "$mb_script" >&2
|
|
|
349e27 |
printf '\n*** %s\n' "${arg#}" >&2
|
|
|
349e27 |
exit 2
|
|
|
349e27 |
esac
|
|
|
349e27 |
done
|
|
|
349e27 |
|
|
|
349e27 |
rawball_ruledir_error()
|
|
|
349e27 |
{
|
|
|
349e27 |
mb_status=2
|
|
|
349e27 |
|
|
|
349e27 |
printf '\n*** %s: a required file in %s is missing!\n\n' "$mb_script" "$mb_ruledir" >&2
|
|
|
349e27 |
|
|
|
349e27 |
rawball_usage
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
rawball_init_vars()
|
|
|
349e27 |
{
|
|
|
6163df |
export LC_ALL='C'
|
|
|
6163df |
|
|
|
349e27 |
if [ -z ${mb_ruledir:-} ]; then
|
|
|
349e27 |
rawball_usage
|
|
|
349e27 |
fi
|
|
|
349e27 |
|
|
|
349e27 |
|
|
|
349e27 |
if [ -z ${mb_rawball:-} ] || [ -z ${mb_tarball:-} ] || [ -z ${mb_tarball_sha256:-} ]; then
|
|
|
349e27 |
rawball_usage
|
|
|
349e27 |
fi
|
|
|
349e27 |
|
|
|
349e27 |
|
|
|
349e27 |
eval mb_ruledir=$(printf '%s' "$mb_ruledir")
|
|
|
349e27 |
eval mb_tarball=$(printf '%s' "$mb_tarball")
|
|
|
349e27 |
|
|
|
349e27 |
|
|
|
349e27 |
stat "$mb_ruledir/upstream.sha256.known" > /dev/null || rawball_ruledir_error
|
|
|
349e27 |
stat "$mb_ruledir/rawball.include.patterns" > /dev/null || rawball_ruledir_error
|
|
|
349e27 |
stat "$mb_ruledir/rawball.exclude.patterns" > /dev/null || rawball_ruledir_error
|
|
|
349e27 |
|
|
|
349e27 |
|
|
|
349e27 |
mb_known_sha256=$(grep "$mb_tarball_sha256" "${mb_ruledir}/upstream.sha256.known" || true)
|
|
|
349e27 |
mb_known_sha256="${mb_known_sha256%% *}"
|
|
|
349e27 |
|
|
|
349e27 |
if [ "$mb_known_sha256" != "$mb_tarball_sha256" ]; then
|
|
|
349e27 |
printf '\n*** %s: %s is not a known sha-256 signature!\n\n' "$mb_script" "$mb_tarball_sha256" >&2
|
|
|
349e27 |
exit 2
|
|
|
349e27 |
fi
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
rawball_verify_sha256_signature()
|
|
|
349e27 |
{
|
|
|
349e27 |
mb_tarball_sha256_test=$(sha256sum "$mb_tarball")
|
|
|
349e27 |
mb_tarball_sha256_test="${mb_tarball_sha256_test%% *}"
|
|
|
349e27 |
|
|
|
349e27 |
if [ "$mb_tarball_sha256_test" != "$mb_tarball_sha256" ]; then
|
|
|
349e27 |
printf '\n*** %s: sha-256 signature does not match!\n\n' "$mb_script" >&2
|
|
|
349e27 |
exit 2
|
|
|
349e27 |
fi
|
|
|
349e27 |
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
rawball_extract_upstream_tarball()
|
|
|
349e27 |
{
|
|
|
349e27 |
mb_rawball_files=$(xz -d -c -f "$mb_tarball" \
|
|
|
349e27 |
| pax $(cat "$mb_ruledir/rawball.include.patterns") \
|
|
|
349e27 |
| grep -v -f "${mb_ruledir}/rawball.exclude.patterns" \
|
|
|
349e27 |
| sort)
|
|
|
349e27 |
|
|
|
349e27 |
mb_topdir=$(printf '%s\n' ${mb_rawball_files} | sed -n 1p)
|
|
|
349e27 |
mb_topdir=${mb_topdir%%/*}
|
|
|
349e27 |
mb_rawdir=${mb_topdir}.raw
|
|
|
349e27 |
|
|
|
349e27 |
if [ -d ${mb_rawdir} ]; then
|
|
|
349e27 |
printf '\n*** %s: the directory `%s already exists!\n\n' "$mb_script" "${mb_rawdir}'" >&2
|
|
|
349e27 |
exit 2
|
|
|
349e27 |
fi
|
|
|
349e27 |
|
|
|
349e27 |
mkdir ${mb_rawdir}
|
|
|
349e27 |
|
|
|
349e27 |
xz -d -c -f "$mb_tarball" | pax -d -r -s "/^${mb_topdir}/${mb_rawdir}/" ${mb_rawball_files}
|
|
|
349e27 |
|
|
|
349e27 |
mb_packed=$(find ${mb_rawdir} -type f | sort)
|
|
|
349e27 |
mb_refobj=$(find ${mb_rawdir} -type f -printf "%T@ %p\n" | sort -n | cut -d' ' -f 2- | tail -n 1)
|
|
|
63968c |
mb_status=$(cd -- ${mb_rawdir}; sha256sum $(find . -type f | sort) > ${mb_manifest})
|
|
|
349e27 |
|
|
|
349e27 |
touch -a -c -m -r ${mb_refobj} $(find ${mb_rawdir} -type d)
|
|
|
63968c |
touch -a -c -m -r ${mb_refobj} ${mb_rawdir}/${mb_manifest}
|
|
|
349e27 |
touch -a -c -m -r ${mb_refobj} ${mb_rawdir}
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
rawball_create_downstream_rawball()
|
|
|
349e27 |
{
|
|
|
63968c |
pax -w -x tar ${mb_packed} ${mb_rawdir}/${mb_manifest} | xz -c > "$mb_rawball"
|
|
|
349e27 |
}
|
|
|
349e27 |
|
|
|
349e27 |
# init variables and verify arguments
|
|
|
349e27 |
rawball_init_vars
|
|
|
349e27 |
|
|
|
349e27 |
# validate input
|
|
|
349e27 |
rawball_verify_sha256_signature
|
|
|
349e27 |
|
|
|
349e27 |
# extract tarball (top-level directory must not exist)
|
|
|
349e27 |
rawball_extract_upstream_tarball
|
|
|
349e27 |
|
|
|
349e27 |
# create downstream rawball of unmodified source files
|
|
|
349e27 |
rawball_create_downstream_rawball
|
|
|
349e27 |
|
|
|
349e27 |
# all done
|
|
|
349e27 |
exit 0
|