mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-07 11:48:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make build hermetic without shell scripts

Browse source 
- Fix some minor issues in ar.com
- Have execve() look for `ape` command
- Rewrite NT paths using /c/ rather /??/c:/
- Replace broken GCC symlinks with .sym files
- Rewrite $PATH environment variables on startup
- Make $(APE_NO_MODIFY_SELF) the default bootloader
- Add all build command dependencies to build/bootstrap
- Get the repository mostly building from source on non-Linux
This commit is contained in:
Justine Tunney 2022-05-25 11:31:08 -07:00
parent d44ff6ce1f
commit d230a01222
160 changed files with 2754 additions and 1342 deletions
Download patch file Download diff file Expand all files Collapse all files

34
tool/net/help.txt
View file

@ -225,10 +225,16 @@ USAGE
Your redbean is an actually portable executable, that's able to
run on six different operating systems. To do that, it needs to
overwrite its own MZ header at startup, with ELF or Mach-O, and
then puts the original back once the program loads. If you want
your redbean to follow the platform-local executable convention
then delete the /.ape file from zip.
extract a 4kb loader program to ${TMPDIR:-/tmp}/ape that'll map
your redbean into memory. It does however check to see if `ape`
is on the system path beforehand. You can also "assimilate" any
redbean into the platform-local executable format by running:
$ file redbean.com
redbean.com: DOS/MBR boot sector
$ ./redbean.com --assimilate
$ file redbean.com
redbean.com: ELF 64-bit LSB executable
redbean contains software licensed ISC, MIT, BSD-2, BSD-3, zlib
which makes it a permissively licensed gift to anyone who might
@ -331,18 +337,22 @@ REPL
#!/usr/bin/redbean -i
print('hello world')
However operating systems like Linux usually require that script
interperters be in the local executable format. You can "assimilate"
and install your redbean using the following commands:
However UNIX operating systems usually require that interperters be
encoded in its preferred executable format. You can assimilate your
redbean into the local format using the following commands:
zip -d redbean.com .ape # remove the ape header
./redbean.com -h >/dev/null # assimilate the binary
sudo cp redbean.com /usr/bin/redbean
$ file redbean.com
redbean.com: DOS/MBR boot sector
$ ./redbean.com --assimilate
$ file redbean.com
redbean.com: ELF 64-bit LSB executable
$ sudo cp redbean.com /usr/bin/redbean
By following the above steps, redbean can be installed systemwide for
multiple user accounts. It's also possible to chmod the binary to have
setuid privileges, provided it's configured to drop privileges in the
most appropriate manner; see the UNIX section for further details.
setuid privileges. Please note that, if you do this, the UNIX section
provides further details on APIs like `unix.setuid` that will help you
remove root privileges from the process in the appropriate manner.
────────────────────────────────────────────────────────────────────────────────

78
tool/net/net.mk
View file

@ -21,7 +21,6 @@ TOOL_NET_COMS = \
o/$(MODE)/tool/net/redbean-static.com \
o/$(MODE)/tool/net/redbean-unsecure.com \
o/$(MODE)/tool/net/redbean-original.com \
o/$(MODE)/tool/net/redbean-assimilate.com \
o/$(MODE)/tool/net/wb.com
TOOL_NET_CHECKS = \
@ -82,7 +81,7 @@ o/$(MODE)/tool/net/%.com.dbg: \
o/$(MODE)/tool/net/%.o \
o/$(MODE)/tool/net/net.pkg \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
# REDBEAN.COM
@ -100,7 +99,7 @@ o/$(MODE)/tool/net/redbean.com.dbg: \
o/$(MODE)/tool/net/largon2.o \
o/$(MODE)/tool/net/net.pkg \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
ifneq ($(MODE),tiny)
@ -115,13 +114,11 @@ o/$(MODE)/tool/net/redbean.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/$(MODE)/tool/net/.redbean/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/$(MODE)/tool/net/.redbean
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com -o o/$(MODE)/tool/net/.redbean/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean/.ape \
tool/net/help.txt \
tool/net/.init.lua \
tool/net/favicon.ico \
@ -138,10 +135,8 @@ o/tiny/tool/net/redbean.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/tiny/tool/net/.redbean
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/tiny/tool/net/.redbean/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/tiny/tool/net/.redbean
@$(COMPILE) -AZIP -T$@ o/tiny/third_party/zip/zip.com -9qj $@ \
o/tiny/tool/net/.redbean/.ape \
tool/net/tiny/help.txt \
tool/net/.init.lua \
tool/net/favicon.ico \
@ -156,10 +151,8 @@ o/tinylinux/tool/net/redbean.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/tinylinux/tool/net/.redbean
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/tinylinux/tool/net/.redbean/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/tinylinux/tool/net/.redbean
@$(COMPILE) -AZIP -T$@ o/tinylinux/third_party/zip/zip.com -9qj $@ \
o/tinylinux/tool/net/.redbean/.ape \
tool/net/tiny/help.txt \
tool/net/.init.lua \
tool/net/favicon.ico \
@ -255,7 +248,7 @@ o/$(MODE)/tool/net/redbean-demo.com.dbg: \
o/$(MODE)/tool/net/demo/.reload.lua.zip.o \
o/$(MODE)/tool/net/demo/.init.lua.zip.o \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
o/$(MODE)/tool/net/redbean-demo.com: \
@ -264,14 +257,12 @@ o/$(MODE)/tool/net/redbean-demo.com: \
o/$(MODE)/third_party/zip/zip.com \
tool/net/help.txt
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean-demo
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/$(MODE)/tool/net/.redbean-demo/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/$(MODE)/tool/net/.redbean-demo
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com \
-o o/$(MODE)/tool/net/.redbean-demo/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean-demo/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean-demo/.ape \
tool/net/help.txt
# REDBEAN-STATIC.COM
@ -287,14 +278,12 @@ o/$(MODE)/tool/net/redbean-static.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean-static
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/$(MODE)/tool/net/.redbean-static/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/$(MODE)/tool/net/.redbean-static
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com \
-o o/$(MODE)/tool/net/.redbean-static/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean-static/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean-static/.ape \
tool/net/help.txt \
tool/net/favicon.ico \
tool/net/redbean.png
@ -304,7 +293,7 @@ o/$(MODE)/tool/net/redbean-static.com.dbg: \
o/$(MODE)/tool/net/redbean-static.o \
o/$(MODE)/tool/net/net.pkg \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
o/$(MODE)/tool/net/redbean-static.o: tool/net/redbean.c o/$(MODE)/tool/net/redbean.o
@ -324,14 +313,12 @@ o/$(MODE)/tool/net/redbean-unsecure.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean-unsecure
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/$(MODE)/tool/net/.redbean-unsecure/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/$(MODE)/tool/net/.redbean-unsecure
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com \
-o o/$(MODE)/tool/net/.redbean-unsecure/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean-unsecure/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean-unsecure/.ape \
tool/net/help.txt \
tool/net/favicon.ico \
tool/net/redbean.png
@ -346,7 +333,7 @@ o/$(MODE)/tool/net/redbean-unsecure.com.dbg: \
o/$(MODE)/tool/net/lsqlite3.o \
o/$(MODE)/tool/net/net.pkg \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
o/$(MODE)/tool/net/redbean-unsecure.o: tool/net/redbean.c o/$(MODE)/tool/net/redbean.o
@ -368,14 +355,12 @@ o/$(MODE)/tool/net/redbean-original.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean-original
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/$(MODE)/tool/net/.redbean-original/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/$(MODE)/tool/net/.redbean-original
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com \
-o o/$(MODE)/tool/net/.redbean-original/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean-original/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean-original/.ape \
tool/net/help.txt \
tool/net/favicon.ico \
tool/net/redbean.png
@ -389,10 +374,8 @@ o/tiny/tool/net/redbean-original.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/tiny/tool/net/.redbean-original
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/tiny/tool/net/.redbean-original/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/tiny/tool/net/.redbean-original
@$(COMPILE) -AZIP -T$@ o/tiny/third_party/zip/zip.com -9qj $@ \
o/tiny/tool/net/.redbean-original/.ape \
tool/net/tiny/help.txt \
tool/net/favicon.ico \
tool/net/redbean.png
@ -404,10 +387,8 @@ o/tinylinux/tool/net/redbean-original.com: \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/tinylinux/tool/net/.redbean-original
@$(COMPILE) -ADD -T$@ dd if=$@ of=o/tinylinux/tool/net/.redbean-original/.ape bs=64 count=11 conv=notrunc 2>/dev/null
@$(COMPILE) -AMKDIR -T$@ $(MKDIR) o/tinylinux/tool/net/.redbean-original
@$(COMPILE) -AZIP -T$@ o/tinylinux/third_party/zip/zip.com -9qj $@ \
o/tinylinux/tool/net/.redbean-original/.ape \
tool/net/tiny/help.txt \
tool/net/favicon.ico \
tool/net/redbean.png
@ -417,7 +398,7 @@ o/$(MODE)/tool/net/redbean-original.com.dbg: \
o/$(MODE)/tool/net/redbean-original.o \
o/$(MODE)/tool/net/net.pkg \
$(CRT) \
$(APE)
$(APE_NO_MODIFY_SELF)
@$(APELINK)
o/$(MODE)/tool/net/redbean-original.o: tool/net/redbean.c o/$(MODE)/tool/net/redbean.o
@ -426,35 +407,6 @@ o/$(MODE)/tool/net/redbean-original.o: tool/net/redbean.c o/$(MODE)/tool/net/red
o/$(MODE)/tool/net/redbean-original.s: tool/net/redbean.c o/$(MODE)/tool/net/redbean.o
@$(COMPILE) -AOBJECTIFY.c $(COMPILE.c) -DSTATIC -DUNSECURE -DREDBEAN=\"redbean-original\" $(OUTPUT_OPTION) $<
# REDBEAN-ASSIMILATE.COM
#
# Same as REDBEAN.COM except without no-modify-self behavior.
o/$(MODE)/tool/net/redbean-assimilate.com.dbg: \
o/$(MODE)/tool/net/redbean.com.dbg
@cp -f $< $@
o/$(MODE)/tool/net/redbean-assimilate.com: \
o/$(MODE)/tool/net/redbean-assimilate.com.dbg \
o/$(MODE)/third_party/zip/zip.com \
o/$(MODE)/tool/build/symtab.com \
tool/net/net.mk \
tool/net/help.txt \
tool/net/.init.lua \
tool/net/favicon.ico \
tool/net/redbean.png
@$(COMPILE) -AOBJCOPY -T$@ $(OBJCOPY) -S -O binary $< $@
@$(COMPILE) -AMKDIR -T$@ mkdir -p o/$(MODE)/tool/net/.redbean-assimilate
@$(COMPILE) -ASYMTAB o/$(MODE)/tool/build/symtab.com -o o/$(MODE)/tool/net/.redbean-assimilate/.symtab $<
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -0qj $@ \
o/$(MODE)/tool/net/.redbean-assimilate/.symtab
@$(COMPILE) -AZIP -T$@ o/$(MODE)/third_party/zip/zip.com -9qj $@ \
o/$(MODE)/tool/net/.redbean-assimilate/.symtab \
tool/net/help.txt \
tool/net/.init.lua \
tool/net/favicon.ico \
tool/net/redbean.png
.PHONY: o/$(MODE)/tool/net
o/$(MODE)/tool/net: \
$(TOOL_NET_BINS) \

29
tool/net/redbean.c
View file

@ -6735,31 +6735,24 @@ static int HandleConnection(size_t i) {
return rc;
}
static void RestoreApe(void) {
static void MakeExecutableModifiable(void) {
int ft;
char *p;
size_t n;
struct Asset *a;
extern char ape_rom_vaddr[] __attribute__((__weak__));
if (!(SUPPORT_VECTOR & (METAL | WINDOWS | XNU))) return;
if (IsWindows()) return; // TODO
if (IsOpenbsd()) return; // TODO
if (IsNetbsd()) return; // TODO
if (endswith(zpath, ".com.dbg")) return;
if ((a = GetAssetZip("/.ape", 5)) && (p = LoadAsset(a, &n))) {
close(zfd);
ft = __ftrace;
if ((zfd = OpenExecutable()) == -1 || WRITE(zfd, p, n) == -1) {
WARNF("(srvr) can't restore .ape");
}
if (ft > 0) {
__ftrace = 0;
ftrace_install();
__ftrace = ft;
}
free(p);
} else {
DEBUGF("(srvr) /.ape not found");
close(zfd);
ft = __ftrace;
if ((zfd = OpenExecutable()) == -1) {
WARNF("(srvr) can't restore .ape");
}
if (ft > 0) {
__ftrace = 0;
ftrace_install();
__ftrace = ft;
}
}
@ -7209,7 +7202,7 @@ void RedBean(int argc, char *argv[]) {
CHECK_NE(-1, (zfd = open(zpath, O_RDONLY)));
CHECK_NE(-1, fstat(zfd, &zst));
OpenZip(true);
RestoreApe();
MakeExecutableModifiable();
SetDefaults();
LuaStart();
GetOpts(argc, argv);