Investigation of the F23 mass rebuild

Till Maas opensource at
Thu Jul 2 19:12:37 UTC 2015

On Thu, Jul 02, 2015 at 10:49:37AM -0400, Adam Jackson wrote:
> Following up on the hardened cflags change in F23, I wanted to gather
> some statistics on the actual impact: what the most impacted packages
> and apps are, what the typical overhead is like, etc. The results
> are... unpleasant, but not so much because of the hardening change
> itself. I started by grabbing the x86_64 packages of everything koji
> believes is in F23, unpacking them all, and then removing every file
> that wasn't a dynamic ELF object. From this set, some observations.

Thank you for this great analysis. Do you still have the executable files and can
run checksec on them and publish the output somewhere?

> There are 173 non-now binaries installed under /usr/share. 68 of those
> are ircd-ratbox, and 56 are rubygem-gherkin. 7 are aircrack-ng, which
> installs them into freaking /usr/share/doc! Come on, people.

The error in aircrack-ng resulted from accidently pacakaging binary
files from a "new" test suite into the doc. Initially it contained
mainly capture files to try some of the tools. Since the binaries are
not normally used or required I guess this does not cause any real


More information about the devel mailing list