_hardened_build not affecting libtool-compiled libraries

Björn Esser bjoern.esser at gmail.com
Tue Jun 25 09:50:51 UTC 2013

Am Dienstag, den 25.06.2013, 08:29 +0100 schrieb Richard W.M. Jones:
> On Mon, Jun 24, 2013 at 07:39:59PM -0400, Paul Wouters wrote:
> > On Mon, 24 Jun 2013, Richard W.M. Jones wrote:
> > 
> > >Note there is still a problem that an LDFLAGS hack was needed in the
> > >spec file, otherwise libtool (or something) eats the hardening LDFLAGS.
> > 
> > Too often Makefiles contain CFLAGS= / LDFLAGS=, instead of CFLAGS?= / LDFLAGS?=
> It's using autotools.  The sources are linked from the bug report
> and here:
> https://github.com/libguestfs/nbdkit/

Hi Rich!

Sorry, I faded away yesterday. I had an appointment with my new
sponsoree, so I was busy rest of the day.

The LDFLAGS-Hack in rpm-spec is needed because "libcrap" purges {C,
LD}FLAGS, which it thinks are not of use for the linker.  The
"-spec=..."-cli-switch from gcc is such a case.  The "-Wl,z,now"-flag is
expanded from such a gcc-spec, but libtool doesn't pass it, because of
the explained behaviour.

This is a, not fixed yet, bug in libtool know for years.
See: http://bit.ly/15Bnye5

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130625/a6a7c5ef/attachment.sig>

More information about the devel mailing list