_hardened_build not affecting libtool-compiled libraries
Björn Esser
bjoern.esser at gmail.com
Tue Jun 25 09:50:51 UTC 2013
Am Dienstag, den 25.06.2013, 08:29 +0100 schrieb Richard W.M. Jones:
> On Mon, Jun 24, 2013 at 07:39:59PM -0400, Paul Wouters wrote:
> > On Mon, 24 Jun 2013, Richard W.M. Jones wrote:
> >
> > >Note there is still a problem that an LDFLAGS hack was needed in the
> > >spec file, otherwise libtool (or something) eats the hardening LDFLAGS.
> >
> > Too often Makefiles contain CFLAGS= / LDFLAGS=, instead of CFLAGS?= / LDFLAGS?=
>
> It's using autotools. The sources are linked from the bug report
> and here:
>
> https://github.com/libguestfs/nbdkit/
Hi Rich!
Sorry, I faded away yesterday. I had an appointment with my new
sponsoree, so I was busy rest of the day.
The LDFLAGS-Hack in rpm-spec is needed because "libcrap" purges {C,
LD}FLAGS, which it thinks are not of use for the linker. The
"-spec=..."-cli-switch from gcc is such a case. The "-Wl,z,now"-flag is
expanded from such a gcc-spec, but libtool doesn't pass it, because of
the explained behaviour.
This is a, not fixed yet, bug in libtool know for years.
See: http://bit.ly/15Bnye5
Cheers,
Björn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130625/a6a7c5ef/attachment.sig>
More information about the devel
mailing list