121 lines
3.0 KiB
Bash
121 lines
3.0 KiB
Bash
#!/bin/bash
|
|
#
|
|
# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
|
# Version 2, December 2004
|
|
#
|
|
# Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
|
|
#
|
|
# Everyone is permitted to copy and distribute verbatim or modified
|
|
# copies of this license document, and changing it is allowed as long
|
|
# as the name is changed.
|
|
#
|
|
# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
|
|
# TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
|
#
|
|
#
|
|
# 0. You just DO WHAT THE FUCK YOU WANT TO.
|
|
#
|
|
# SlackBuild script for landrun
|
|
# =============================
|
|
# By: r1w1s1 (https://fosstodon.org/@r1w1s1)
|
|
# For: landrun
|
|
# Descr: secure sandbox for running Linux processes using Landlock
|
|
# URL:
|
|
# Changelog:
|
|
# v0.1.12: 25/Mar/2025 by r1w1s1 - Initial build from sources.
|
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
# improves robustness, error handling, and security
|
|
set -euo pipefail
|
|
IFS=$'\n\t'
|
|
|
|
PRGNAM=landrun
|
|
VERSION=${VERSION:-0.1.12}
|
|
BUILD=${BUILD:-1}
|
|
TAG=${TAG:-_SBo}
|
|
PKGTYPE=${PKGTYPE:-tgz}
|
|
ARCH=${ARCH:-}
|
|
PRINT_PACKAGE_NAME=${PRINT_PACKAGE_NAME:-}
|
|
|
|
# Automatically determine the architecture
|
|
if [ -z "$ARCH" ]; then
|
|
case "$(uname -m)" in
|
|
i?86) ARCH=i586 ;;
|
|
arm*) ARCH=arm ;;
|
|
*) ARCH=$(uname -m) ;;
|
|
esac
|
|
fi
|
|
|
|
TMP=${TMP:-/tmp/SBo}
|
|
PKG=${TMP}/package-${PRGNAM}
|
|
OUTPUT=${OUTPUT:-/tmp}
|
|
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE"
|
|
exit 0
|
|
fi
|
|
|
|
rm -rf "$PKG"
|
|
mkdir -p "$TMP" "$PKG" "$OUTPUT"
|
|
cd "$TMP"
|
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "i686" ]; then
|
|
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
|
|
LIBDIRSUFFIX=""
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
LIBDIRSUFFIX="64"
|
|
elif [ "$ARCH" = "aarch64" ]; then
|
|
SLKCFLAGS="-O2 -fPIC"
|
|
LIBDIRSUFFIX="64"
|
|
else
|
|
SLKCFLAGS="-O2"
|
|
LIBDIRSUFFIX=""
|
|
fi
|
|
|
|
rm -rf $PKG
|
|
mkdir -p $TMP $PKG $OUTPUT
|
|
cd $TMP
|
|
rm -rf $PRGNAM-$VERSION
|
|
|
|
rm -rf ${PRGNAM}-${VERSION}
|
|
tar xvf $CWD/${PRGNAM}-${VERSION}.tar.gz
|
|
cd ${PRGNAM}-${VERSION}
|
|
|
|
# Set permissions
|
|
chown -R root:root .
|
|
find -L . \
|
|
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
|
|
-o -perm 511 \) -exec chmod 755 {} \; -o \
|
|
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
|
|
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
|
|
|
|
# Build the binary
|
|
go build -o landrun cmd/landrun/main.go
|
|
|
|
# Install the binary to /usr/bin
|
|
mkdir -p $PKG/usr/bin
|
|
install -m 0755 landrun $PKG/usr/bin/landrun
|
|
|
|
# Strip binaries
|
|
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
|
|
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
|
|
|
|
# Copy documentation (if any exists)
|
|
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
|
cp -a README.md LICENSE $PKG/usr/doc/$PRGNAM-$VERSION 2>/dev/null || true
|
|
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
|
|
|
# Create slack-desc
|
|
mkdir -p $PKG/install
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
|
|
|
# Build the package
|
|
cd $PKG
|
|
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE
|
|
|