[pdns-recursor] Enable hardened build, thanks Ruben Kerkhof

[Morten Stevens]

commit 865cef60ab85b78ee156576875554218e3c855c5
Author: Morten Stevens <mstevens at imt-systems.com>
Date:   Tue Mar 5 18:39:21 2013 +0100

    Enable hardened build, thanks Ruben Kerkhof

 pdns-recursor.spec |   24 +++++++++++++++++++-----
 1 files changed, 19 insertions(+), 5 deletions(-)
---
diff --git a/pdns-recursor.spec b/pdns-recursor.spec
index f06e06f..c214ace 100644
--- a/pdns-recursor.spec
+++ b/pdns-recursor.spec
@@ -1,7 +1,9 @@
+%global _hardened_build 1
+
 Name: pdns-recursor
 Version: 3.3
-Release: 9%{?dist}
-Summary: Modern, advanced and high performance recursing/non authoritative nameserver
+Release: 10%{?dist}
+Summary: Modern, advanced and high performance recursing/non authoritative name server
 Group: System Environment/Daemons
 License: GPLv2
 URL: http://powerdns.com
@@ -28,7 +30,7 @@ package if you need a dns cache for your network.
 %patch1 -p1 -b .fixsysconfdir
 
 %build
-LUA=1 LUA_CPPFLAGS_CONFIG= LUA_LIBS_CONFIG=-llua OPTFLAGS="%{optflags}" make %{?_smp_mflags}
+LUA=1 LUA_CPPFLAGS_CONFIG= LUA_LIBS_CONFIG=-llua OPTFLAGS="%{optflags}" LDFLAGS="%{?__global_ldflags}" make %{?_smpflags}
 
 %install
 make install DESTDIR=%{buildroot} CONFIGDIR="%{_sysconfdir}/%{name}"
@@ -40,11 +42,14 @@ make install DESTDIR=%{buildroot} CONFIGDIR="%{_sysconfdir}/%{name}"
 sed -i '1i\setuid=pdns-recursor' %{buildroot}%{_sysconfdir}/%{name}/recursor.conf
 sed -i '2i\setgid=pdns-recursor' %{buildroot}%{_sysconfdir}/%{name}/recursor.conf
 
+chmod 755 %{buildroot}%{_bindir}/rec_control
+chmod 755 %{buildroot}%{_sbindir}/pdns_recursor
+
 %pre
 getent group pdns-recursor > /dev/null || groupadd -r pdns-recursor
 getent passwd pdns-recursor > /dev/null || \
     useradd -r -g pdns-recursor -d / -s /sbin/nologin \
-    -c "PwerDNS Recursor user" pdns-recursor
+    -c "PowerDNS Recursor user" pdns-recursor
 exit 0
 
 %post
@@ -77,6 +82,12 @@ exit 0
 %doc COPYING README
 
 %changelog
+* Tue Mar 05 2013 Ruben Kerkhof <ruben at rubenkerkhof.com> - 3.3-10
+- Enable hardened build as per http://fedoraproject.org/wiki/Packaging:Guidelines#PIE
+- Fix bogus date in changelog
+- Fix typo in gecos field
+- Some rpmlint fixes
+
 * Mon Feb 11 2013 Morten Stevens <mstevens at imt-systems.com> - 3.3-9
 - Enable PrivateTmp as per http://fedoraproject.org/wiki/Features/ServicesPrivateTmp
 
@@ -159,10 +170,12 @@ exit 0
 - Sync with upstream
 - Compile fixes for gcc43
 
-* Sun Jan 27 2007 <ruben at rubenkerkhof.com> 3.1.4-4
+* Sat Jan 27 2007 <ruben at rubenkerkhof.com> 3.1.4-4
 - Now really fix the description in init script
+
 * Sat Jan 27 2007 <ruben at rubenkerkhof.com> 3.1.4-3
 - Fixed Description in init script
+
 * Wed Jan 24 2007 <ruben at rubenkerkhof.com> 3.1.4-2
 - Fixes per bz review 221188:
 - Changed user to pdns-recursor
@@ -170,6 +183,7 @@ exit 0
 - Skipped the configure step, it didn't do much
 - Added a more Fedora-centric initscript
 - Use condrestart instead of restart in %%postun
+
 * Sun Dec 31 2006 <ruben at rubenkerkhof.com> 3.1.4-1
 - Initial import