#!/usr/bin/env bash

dirs=""
excludes="/dev /proc /sys /run"

while [ $# -gt 0 ]; do
	case "${1}" in
		--exclude=*)
			excludes="${excludes} ${1#*=}"
			;;
		*)
			dirs="${dirs} ${1}"
			;;
	esac
	shift
done

function _strip() {
	local file=${1}
	local strip="${STRIP-strip}"

	local exclude l
	for exclude in ${excludes}; do
		l=${#exclude}
		if [ "${file:0:${l}}" = "${exclude}" ]; then
			return 0
		fi
	done

	# Fetch any capabilities
	local capabilities="$(getfattr --no-dereference --name="security.capability" \
		--absolute-names --dump "${file}" 2>/dev/null)"

	local cmd=( "${strip}" )

	case "$(file -bi ${file})" in
		application/x-archive*)
			cmd+=( "--strip-debug" "--remove-section=.comment" "--remove-section=.note" )
			;;
		*)
			cmd+=( "--strip-all" )
			;;
	esac

	echo "Stripping ${file}..."
	${cmd[*]} ${file}

	# Restore capabilities
	if [ -n "${capabilities}" ]; then
		setfattr --no-dereference --restore=<(echo "${capabilities}")
	fi
}

for dir in ${dirs}; do
	# Strip shared objects.
	find ${dir} -type f \( -perm -0100 -or -perm -0010 -or -perm -0001 \) \
		| file -N -f - | sed -n -e 's/^\(.*\):[   ]*.*ELF.*, not stripped.*/\1/p' |
		while read file; do
			_strip ${file} || exit $?
		done || exit $?

	# Strip static archives.
	find ${dir} -name \*.a -a -exec file {} \; \
		| grep 'current ar archive' | sed -n -e 's/^\(.*\):[ 	]*current ar archive/\1/p' |
		while read file; do
			_strip ${file} || exit $?
		done || exit $?
done
