Investigation of the F23 mass rebuild
Till Maas
opensource at till.name
Thu Jul 2 19:12:37 UTC 2015
On Thu, Jul 02, 2015 at 10:49:37AM -0400, Adam Jackson wrote:
> Following up on the hardened cflags change in F23, I wanted to gather
> some statistics on the actual impact: what the most impacted packages
> and apps are, what the typical overhead is like, etc. The results
> are... unpleasant, but not so much because of the hardening change
> itself. I started by grabbing the x86_64 packages of everything koji
> believes is in F23, unpacking them all, and then removing every file
> that wasn't a dynamic ELF object. From this set, some observations.
Thank you for this great analysis. Do you still have the executable files and can
run checksec on them and publish the output somewhere?
> There are 173 non-now binaries installed under /usr/share. 68 of those
> are ircd-ratbox, and 56 are rubygem-gherkin. 7 are aircrack-ng, which
> installs them into freaking /usr/share/doc! Come on, people.
The error in aircrack-ng resulted from accidently pacakaging binary
files from a "new" test suite into the doc. Initially it contained
mainly capture files to try some of the tools. Since the binaries are
not normally used or required I guess this does not cause any real
trouble.
Regards
Till
More information about the devel
mailing list