From b6d5529ceb8b38446c748ad901d27bb311115e10 Mon Sep 17 00:00:00 2001
From: Apachez <apachez@gmail.com>
Date: Tue, 26 Sep 2023 22:43:29 +0200
Subject: [PATCH] T5589: Nonstripped binaries exists in VyOS

---
 .../hooks/live/99-strip-symbols.chroot        | 61 +++++++++++++++++++
 .../package-lists/vyos-utils.list.chroot      |  1 +
 2 files changed, 62 insertions(+)
 create mode 100755 data/live-build-config/hooks/live/99-strip-symbols.chroot

diff --git a/data/live-build-config/hooks/live/99-strip-symbols.chroot b/data/live-build-config/hooks/live/99-strip-symbols.chroot
new file mode 100755
index 0000000000..44aefdedb5
--- /dev/null
+++ b/data/live-build-config/hooks/live/99-strip-symbols.chroot
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+#
+# Discard symbols and other data from object files.
+#
+# Reference:
+# https://www.linuxfromscratch.org/lfs/view/systemd/chapter08/stripping.html
+# https://www.debian.org/doc/debian-policy/ch-files.html
+#
+
+# Set variables.
+STRIPCMD_REGULAR="strip --remove-section=.comment --remove-section=.note --preserve-dates"
+STRIPCMD_DEBUG="strip --strip-debug --remove-section=.comment --remove-section=.note --preserve-dates"
+STRIPCMD_UNNEEDED="strip --strip-unneeded --remove-section=.comment --remove-section=.note --preserve-dates"
+STRIPDIR_REGULAR="
+"
+STRIPDIR_DEBUG="
+/usr/lib/modules
+"
+STRIPDIR_UNNEEDED="
+/etc/hsflowd/modules
+/usr/bin
+/usr/lib32
+/usr/lib64
+/usr/libx32
+/usr/sbin
+"
+
+# Perform stuff.
+echo "Stripping symbols..."
+
+# CMD: strip
+for DIR in ${STRIPDIR_REGULAR}; do
+  echo "Parse dir (strip): ${DIR}"
+  find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
+    echo "Strip file (strip): ${FILE}"
+    ${STRIPCMD_REGULAR} ${FILE}
+  done
+done
+
+# CMD: strip --strip-debug
+for DIR in ${STRIPDIR_DEBUG}; do
+  echo "Parse dir (strip-debug): ${DIR}"
+  find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
+    echo "Strip file (strip-debug): ${FILE}"
+    ${STRIPCMD_DEBUG} ${FILE}
+  done
+done
+
+# CMD: strip --strip-unneeded
+for DIR in ${STRIPDIR_UNNEEDED}; do
+  echo "Parse dir (strip-unneeded: ${DIR}"
+  find ${DIR} -type f -exec file {} \; | grep 'not stripped' | cut -d ":" -f 1 | while read FILE; do
+    echo "Strip file (strip-unneeded): ${FILE}"
+    ${STRIPCMD_UNNEEDED} ${FILE}
+  done
+done
+
+# Remove binutils package.
+apt-get -y purge --autoremove binutils
+
diff --git a/data/live-build-config/package-lists/vyos-utils.list.chroot b/data/live-build-config/package-lists/vyos-utils.list.chroot
index 0049077bef..4f380ba1cb 100644
--- a/data/live-build-config/package-lists/vyos-utils.list.chroot
+++ b/data/live-build-config/package-lists/vyos-utils.list.chroot
@@ -2,3 +2,4 @@ systemd-sysv
 systemd-bootchart
 ncurses-term
 kitty-terminfo
+binutils