2 # Copyright (c) 2012 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file.
6 """Makes sure files have the right permissions.
8 Some developers have broken SCM configurations that flip the executable
9 permission on for no good reason. Unix developers who run ls --color will then
10 see .cc files in green and get confused.
12 - For file extensions that must be executable, add it to EXECUTABLE_EXTENSIONS.
13 - For file extensions that must not be executable, add it to
14 NOT_EXECUTABLE_EXTENSIONS.
15 - To ignore all the files inside a directory, add it to IGNORED_PATHS.
16 - For file base name with ambiguous state and that should not be checked for
17 shebang, add it to IGNORED_FILENAMES.
19 Any file not matching the above will be opened and looked if it has a shebang
20 or an ELF header. If this does not match the executable bit on the file, the
23 Note that all directory separators must be slashes (Unix-style) and not
24 backslashes. All directories should be relative to the source root and all
25 file paths should be only lowercase.
37 #### USER EDITABLE SECTION STARTS HERE ####
39 # Files with these extensions must have executable bit set.
42 EXECUTABLE_EXTENSIONS
= (
49 # These files must have executable bit set.
51 # Case-insensitive, lower-case only.
53 'chrome/test/data/app_shim/app_shim_32_bit.app/contents/'
54 'macos/app_mode_loader',
55 'chrome/test/data/extensions/uitest/plugins/plugin.plugin/contents/'
56 'macos/testnetscapeplugin',
57 'chrome/test/data/extensions/uitest/plugins_private/plugin.plugin/contents/'
58 'macos/testnetscapeplugin',
61 # These files must not have the executable bit set. This is mainly a performance
62 # optimization as these files are not checked for shebang. The list was
63 # partially generated from:
64 # git ls-files | grep "\\." | sed 's/.*\.//' | sort | uniq -c | sort -b -g
67 NON_EXECUTABLE_EXTENSIONS
= (
138 # These files must not have executable bit set.
140 # Case-insensitive, lower-case only.
141 NON_EXECUTABLE_PATHS
= (
142 'build/android/tests/symbolize/liba.so',
143 'build/android/tests/symbolize/libb.so',
144 'chrome/installer/mac/sign_app.sh.in',
145 'chrome/installer/mac/sign_versioned_dir.sh.in',
146 'chrome/test/data/extensions/uitest/plugins/plugin32.so',
147 'chrome/test/data/extensions/uitest/plugins/plugin64.so',
148 'chrome/test/data/extensions/uitest/plugins_private/plugin32.so',
149 'chrome/test/data/extensions/uitest/plugins_private/plugin64.so',
150 'courgette/testdata/elf-32-1',
151 'courgette/testdata/elf-32-2',
152 'courgette/testdata/elf-64',
155 # File names that are always whitelisted. (These are mostly autoconf spew.)
158 IGNORED_FILENAMES
= (
170 # File paths starting with one of these will be ignored as well.
171 # Please consider fixing your file permissions, rather than adding to this list.
173 # Case-insensitive, lower-case only.
175 'native_client_sdk/src/build_tools/sdk_tools/third_party/fancy_urllib/'
178 # TODO(maruel): Fix these.
179 'third_party/android_testrunner/',
180 'third_party/bintrees/',
181 'third_party/closure_linter/',
182 'third_party/devscripts/licensecheck.pl.vanilla',
183 'third_party/hyphen/',
184 'third_party/jemalloc/',
185 'third_party/lcov-1.9/contrib/galaxy/conglomerate_functions.pl',
186 'third_party/lcov-1.9/contrib/galaxy/gen_makefile.sh',
187 'third_party/lcov/contrib/galaxy/conglomerate_functions.pl',
188 'third_party/lcov/contrib/galaxy/gen_makefile.sh',
189 'third_party/libevent/autogen.sh',
190 'third_party/libevent/test/test.sh',
191 'third_party/libxml/linux/xml2-config',
192 'third_party/libxml/src/ltmain.sh',
194 'third_party/protobuf/',
195 'third_party/python_gflags/gflags.py',
196 'third_party/sqlite/',
197 'third_party/talloc/script/mksyms.sh',
198 'third_party/tcmalloc/',
199 'third_party/tlslite/setup.py',
202 #### USER EDITABLE SECTION ENDS HERE ####
204 assert set(EXECUTABLE_EXTENSIONS
) & set(NON_EXECUTABLE_EXTENSIONS
) == set()
205 assert set(EXECUTABLE_PATHS
) & set(NON_EXECUTABLE_PATHS
) == set()
207 VALID_CHARS
= set(string
.ascii_lowercase
+ string
.digits
+ '/-_.')
208 for paths
in (EXECUTABLE_PATHS
, NON_EXECUTABLE_PATHS
, IGNORED_PATHS
):
209 assert all([set(path
).issubset(VALID_CHARS
) for path
in paths
])
212 def capture(cmd
, cwd
):
213 """Returns the output of a command.
215 Ignores the error code or stderr.
217 logging
.debug('%s; cwd=%s' % (' '.join(cmd
), cwd
))
218 env
= os
.environ
.copy()
219 env
['LANGUAGE'] = 'en_US.UTF-8'
220 p
= subprocess
.Popen(
221 cmd
, stdout
=subprocess
.PIPE
, stderr
=subprocess
.PIPE
, cwd
=cwd
, env
=env
)
222 return p
.communicate()[0]
225 def get_git_root(dir_path
):
226 """Returns the git checkout root or None."""
227 root
= capture(['git', 'rev-parse', '--show-toplevel'], dir_path
).strip()
232 def is_ignored(rel_path
):
233 """Returns True if rel_path is in our whitelist of files to ignore."""
234 rel_path
= rel_path
.lower()
236 os
.path
.basename(rel_path
) in IGNORED_FILENAMES
or
237 rel_path
.lower().startswith(IGNORED_PATHS
))
240 def must_be_executable(rel_path
):
241 """The file name represents a file type that must have the executable bit
244 return (os
.path
.splitext(rel_path
)[1][1:] in EXECUTABLE_EXTENSIONS
or
245 rel_path
.lower() in EXECUTABLE_PATHS
)
248 def must_not_be_executable(rel_path
):
249 """The file name represents a file type that must not have the executable
252 return (os
.path
.splitext(rel_path
)[1][1:] in NON_EXECUTABLE_EXTENSIONS
or
253 rel_path
.lower() in NON_EXECUTABLE_PATHS
)
256 def has_executable_bit(full_path
):
257 """Returns if any executable bit is set."""
258 permission
= stat
.S_IXUSR | stat
.S_IXGRP | stat
.S_IXOTH
259 return bool(permission
& os
.stat(full_path
).st_mode
)
262 def has_shebang_or_is_elf(full_path
):
263 """Returns if the file starts with #!/ or is an ELF binary.
265 full_path is the absolute path to the file.
267 with
open(full_path
, 'rb') as f
:
269 return (data
[:3] == '#!/' or data
== '#! /', data
== '\x7fELF')
272 def check_file(root_path
, rel_path
):
273 """Checks the permissions of the file whose path is root_path + rel_path and
274 returns an error if it is inconsistent. Returns None on success.
276 It is assumed that the file is not ignored by is_ignored().
278 If the file name is matched with must_be_executable() or
279 must_not_be_executable(), only its executable bit is checked.
280 Otherwise, the first few bytes of the file are read to verify if it has a
281 shebang or ELF header and compares this with the executable bit on the file.
283 full_path
= os
.path
.join(root_path
, rel_path
)
284 def result_dict(error
):
287 'full_path': full_path
,
288 'rel_path': rel_path
,
291 bit
= has_executable_bit(full_path
)
293 # It's faster to catch exception than call os.path.islink(). Chromium
294 # tree happens to have invalid symlinks under
295 # third_party/openssl/openssl/test/.
298 if must_be_executable(rel_path
):
300 return result_dict('Must have executable bit set')
302 if must_not_be_executable(rel_path
):
304 return result_dict('Must not have executable bit set')
307 # For the others, it depends on the file header.
308 (shebang
, elf
) = has_shebang_or_is_elf(full_path
)
309 if bit
!= (shebang
or elf
):
311 return result_dict('Has executable bit but not shebang or ELF header')
313 return result_dict('Has shebang but not executable bit')
314 return result_dict('Has ELF header but not executable bit')
317 def check_files(root
, files
):
318 gen
= (check_file(root
, f
) for f
in files
if not is_ignored(f
))
319 return filter(None, gen
)
322 class ApiBase(object):
323 def __init__(self
, root_dir
, bare_output
):
324 self
.root_dir
= root_dir
325 self
.bare_output
= bare_output
327 self
.count_read_header
= 0
329 def check_file(self
, rel_path
):
330 logging
.debug('check_file(%s)' % rel_path
)
333 if (not must_be_executable(rel_path
) and
334 not must_not_be_executable(rel_path
)):
335 self
.count_read_header
+= 1
337 return check_file(self
.root_dir
, rel_path
)
339 def check_dir(self
, rel_path
):
340 return self
.check(rel_path
)
342 def check(self
, start_dir
):
343 """Check the files in start_dir, recursively check its subdirectories."""
345 items
= self
.list_dir(start_dir
)
346 logging
.info('check(%s) -> %d' % (start_dir
, len(items
)))
348 full_path
= os
.path
.join(self
.root_dir
, start_dir
, item
)
349 rel_path
= full_path
[len(self
.root_dir
) + 1:]
350 if is_ignored(rel_path
):
352 if os
.path
.isdir(full_path
):
354 errors
.extend(self
.check_dir(rel_path
))
356 error
= self
.check_file(rel_path
)
361 def list_dir(self
, start_dir
):
362 """Lists all the files and directory inside start_dir."""
364 x
for x
in os
.listdir(os
.path
.join(self
.root_dir
, start_dir
))
365 if not x
.startswith('.')
369 class ApiAllFilesAtOnceBase(ApiBase
):
372 def list_dir(self
, start_dir
):
373 """Lists all the files and directory inside start_dir."""
374 if self
._files
is None:
375 self
._files
= sorted(self
._get
_all
_files
())
376 if not self
.bare_output
:
377 print 'Found %s files' % len(self
._files
)
378 start_dir
= start_dir
[len(self
.root_dir
) + 1:]
380 x
[len(start_dir
):] for x
in self
._files
if x
.startswith(start_dir
)
383 def _get_all_files(self
):
384 """Lists all the files and directory inside self._root_dir."""
385 raise NotImplementedError()
388 class ApiGit(ApiAllFilesAtOnceBase
):
389 def _get_all_files(self
):
390 return capture(['git', 'ls-files'], cwd
=self
.root_dir
).splitlines()
393 def get_scm(dir_path
, bare
):
394 """Returns a properly configured ApiBase instance."""
396 root
= get_git_root(dir_path
or cwd
)
399 print('Found git repository at %s' % root
)
400 return ApiGit(dir_path
or root
, bare
)
402 # Returns a non-scm aware checker.
404 print('Failed to determine the SCM for %s' % dir_path
)
405 return ApiBase(dir_path
or cwd
, bare
)
409 usage
= """Usage: python %prog [--root <root>] [tocheck]
410 tocheck Specifies the directory, relative to root, to check. This defaults
411 to "." so it checks everything.
415 python %prog --root /path/to/source chrome"""
417 parser
= optparse
.OptionParser(usage
=usage
)
420 help='Specifies the repository root. This defaults '
421 'to the checkout repository root')
423 '-v', '--verbose', action
='count', default
=0, help='Print debug logging')
428 help='Prints the bare filename triggering the checks')
430 '--file', action
='append', dest
='files',
431 help='Specifics a list of files to check the permissions of. Only these '
432 'files will be checked')
433 parser
.add_option('--json', help='Path to JSON output file')
434 options
, args
= parser
.parse_args()
436 levels
= [logging
.ERROR
, logging
.INFO
, logging
.DEBUG
]
437 logging
.basicConfig(level
=levels
[min(len(levels
) - 1, options
.verbose
)])
440 parser
.error('Too many arguments used')
443 options
.root
= os
.path
.abspath(options
.root
)
446 # --file implies --bare (for PRESUBMIT.py).
449 errors
= check_files(options
.root
, options
.files
)
451 api
= get_scm(options
.root
, options
.bare
)
452 start_dir
= args
[0] if args
else api
.root_dir
453 errors
= api
.check(start_dir
)
456 print('Processed %s files, %d files where tested for shebang/ELF '
457 'header' % (api
.count
, api
.count_read_header
))
460 with
open(options
.json
, 'w') as f
:
465 print '\n'.join(e
['full_path'] for e
in errors
)
468 print '\n'.join('%s: %s' % (e
['full_path'], e
['error']) for e
in errors
)
475 if '__main__' == __name__
: