replace system's install command with a shell script

the historical (non-standardized) install command is really
inappropriate for installing binaries/libraries on a system that
utilizes memory-mapped executable files. rather than replacing an
existing file atomically, it overwrites the existing file. this can
cause running programs to see a partially-modified version of the
file, resulting in unpredictable behavior, or SIGBUS. a MAP_COPY mode
for mmap would get around this problem, but Linux lacks MAP_COPY.

the shell script added with this commit works around the problem by
writing temporary files and moving them into place. unlike the
historical install utility, it also support a -l option for installing
a symbolic link atomically, via the same method.

diff --git a/Makefile b/Makefile
index 7e634da..829b5f9 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -36,6 +36,7 @@ CFLAGS_ALL_SHARED = $(CFLAGS_ALL) -fPIC -DSHARED
 
 AR      = $(CROSS_COMPILE)ar
 RANLIB  = $(CROSS_COMPILE)ranlib
+INSTALL = ./tools/install.sh
 
 ARCH_INCLUDES = $(wildcard arch/$(ARCH)/bits/*.h)
 ALL_INCLUDES = $(sort $(wildcard include/*.h include/*/*.h) $(GENH) $(ARCH_INCLUDES:arch/$(ARCH)/%=include/%))
@@ -141,23 +142,22 @@ tools/musl-gcc: config.mak
        chmod +x $@
 
 $(DESTDIR)$(bindir)/%: tools/%
-       install -D $< $@
+       $(INSTALL) -D $< $@
 
 $(DESTDIR)$(libdir)/%.so: lib/%.so
-       install -D -m 755 $< $@
+       $(INSTALL) -D -m 755 $< $@
 
 $(DESTDIR)$(libdir)/%: lib/%
-       install -D -m 644 $< $@
+       $(INSTALL) -D -m 644 $< $@
 
 $(DESTDIR)$(includedir)/bits/%: arch/$(ARCH)/bits/%
-       install -D -m 644 $< $@
+       $(INSTALL) -D -m 644 $< $@
 
 $(DESTDIR)$(includedir)/%: include/%
-       install -D -m 644 $< $@
+       $(INSTALL) -D -m 644 $< $@
 
 $(DESTDIR)$(LDSO_PATHNAME): $(DESTDIR)$(libdir)/libc.so
-       test -d $(DESTDIR)$(syslibdir) || install -d -m 755 $(DESTDIR)$(syslibdir) || true
-       { ln -sf $(libdir)/libc.so $@.tmp.$$$$ && mv -f $@.tmp.$$$$ $@ ; } || true
+       $(INSTALL) -D -l $< $@
 
 install-libs: $(ALL_LIBS:lib/%=$(DESTDIR)$(libdir)/%) $(if $(SHARED_LIBS),$(DESTDIR)$(LDSO_PATHNAME),)
 

diff --git a/tools/install.sh b/tools/install.sh
new file mode 100755 (executable)
index 0000000..7dcea33
--- /dev/null
+++ b/tools/install.sh
@@ -0,0 +1,65 @@
+#!/bin/sh
+#
+# This is an actually-safe install command which installs the new
+# file atomically in the new location, rather than overwriting
+# existing files.
+#
+
+usage() {
+printf "usage: %s [-D] [-l] [-m mode] src dest\n" "$0" 1>&2
+exit 1
+}
+
+mkdirp=
+symlink=
+mode=755
+
+while getopts Dlm: name ; do
+case "$name" in
+D) mkdirp=yes ;;
+l) symlink=yes ;;
+m) mode=$OPTARG ;;
+?) usage ;;
+esac
+done
+shift $(($OPTIND - 1))
+
+test "$#" -eq 2 || usage
+src=$1
+dst=$2
+tmp="$dst.tmp.$$"
+
+case "$dst" in
+*/) printf "%s: %s ends in /\n", "$0" "$dst" 1>&2 ; exit 1 ;;
+esac
+
+set -C
+set -e
+
+if test "$mkdirp" ; then
+umask 022
+case "$2" in
+*/*) mkdir -p "${dst%/*}" ;;
+esac
+fi
+
+trap 'rm -f "$tmp"' EXIT INT QUIT TERM HUP
+
+umask 077
+
+if test "$symlink" ; then
+ln -s "$1" "$tmp"
+else
+cat < "$1" > "$tmp"
+fi
+
+mv "$tmp" "$2"
+test -d "$2" && {
+rm -f "$2/$tmp"
+printf "%s: %s is a directory\n" "$0" "$dst" 1>&2
+exit 1
+}
+
+test "$symlink" || chmod "$mode" "$2"
+
+exit 0