technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Packages: hardening flags for deb.

Browse Source
This commit is contained in:
Andrei Belov
2017-12-28 20:38:36 +03:00
parent ad63a3e752
commit d22aa88405
3 changed files with 33 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pkg/deb/debian.module/rules-noarch.in
View File

@@ -3,6 +3,11 @@
# Uncomment this to turn on verbose mode. # Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1 #export DH_VERBOSE=1
export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
export DEB_CFLAGS_MAINT_APPEND=-Wp,-D_FORTIFY_SOURCE=2
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
BUILDDIR_unit = $(CURDIR)/debian/build-unit BUILDDIR_unit = $(CURDIR)/debian/build-unit
BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug
INSTALLDIR = $(CURDIR)/debian/%%NAME%% INSTALLDIR = $(CURDIR)/debian/%%NAME%%
@@ -21,17 +26,19 @@ config.env.%:
configure.unit: config.env.unit configure.unit: config.env.unit
cd $(BUILDDIR_unit) && \ cd $(BUILDDIR_unit) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/modules && \ --modules=/usr/lib/unit/modules \
--cc-opt="$(CFLAGS)" && \
./configure %%MODULE_CONFARGS%% ./configure %%MODULE_CONFARGS%%
touch $@ touch $@
configure.unit_debug: config.env.unit_debug configure.unit_debug: config.env.unit_debug
cd $(BUILDDIR_unit_debug) && \ cd $(BUILDDIR_unit_debug) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/debug-modules \ --modules=/usr/lib/unit/debug-modules \
--cc-opt="$(CFLAGS)" \
--debug && \ --debug && \
./configure %%MODULE_CONFARGS%% ./configure %%MODULE_CONFARGS%%
touch $@ touch $@

13
pkg/deb/debian.module/rules.in
View File

@@ -3,6 +3,11 @@
# Uncomment this to turn on verbose mode. # Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1 #export DH_VERBOSE=1
export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
export DEB_CFLAGS_MAINT_APPEND=-Wp,-D_FORTIFY_SOURCE=2
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
BUILDDIR_unit = $(CURDIR)/debian/build-unit BUILDDIR_unit = $(CURDIR)/debian/build-unit
BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug
INSTALLDIR = $(CURDIR)/debian/%%NAME%% INSTALLDIR = $(CURDIR)/debian/%%NAME%%
@@ -21,17 +26,19 @@ config.env.%:
configure.unit: config.env.unit configure.unit: config.env.unit
cd $(BUILDDIR_unit) && \ cd $(BUILDDIR_unit) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/modules && \ --modules=/usr/lib/unit/modules \
--cc-opt="$(CFLAGS)" && \
./configure %%MODULE_CONFARGS%% ./configure %%MODULE_CONFARGS%%
touch $@ touch $@
configure.unit_debug: config.env.unit_debug configure.unit_debug: config.env.unit_debug
cd $(BUILDDIR_unit_debug) && \ cd $(BUILDDIR_unit_debug) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/debug-modules \ --modules=/usr/lib/unit/debug-modules \
--cc-opt="$(CFLAGS)" \
--debug && \ --debug && \
./configure %%MODULE_CONFARGS%% ./configure %%MODULE_CONFARGS%%
touch $@ touch $@

16
pkg/deb/debian/rules.in
View File

@@ -3,6 +3,12 @@
# Uncomment this to turn on verbose mode. # Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1 #export DH_VERBOSE=1
export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
export DEB_CFLAGS_MAINT_APPEND=-Wp,-D_FORTIFY_SOURCE=2 -fPIC
export DEB_LDFLAGS_MAINT_APPEND=-Wl,--as-needed -pie
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
BUILDDIR_unit = $(CURDIR)/debian/build-unit BUILDDIR_unit = $(CURDIR)/debian/build-unit
BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug BUILDDIR_unit_debug = $(CURDIR)/debian/build-unit-debug
INSTALLDIR = $(CURDIR)/debian/unit INSTALLDIR = $(CURDIR)/debian/unit
@@ -21,16 +27,20 @@ config.env.%:
configure.unit: config.env.unit configure.unit: config.env.unit
cd $(BUILDDIR_unit) && \ cd $(BUILDDIR_unit) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/modules --modules=/usr/lib/unit/modules \
--cc-opt="$(CFLAGS)" \
--ld-opt="$(LDFLAGS)"
touch $@ touch $@
configure.unit_debug: config.env.unit_debug configure.unit_debug: config.env.unit_debug
cd $(BUILDDIR_unit_debug) && \ cd $(BUILDDIR_unit_debug) && \
./configure \ CFLAGS= ./configure \
%%CONFIGURE_ARGS%% \ %%CONFIGURE_ARGS%% \
--modules=/usr/lib/unit/debug-modules \ --modules=/usr/lib/unit/debug-modules \
--cc-opt="$(CFLAGS)" \
--ld-opt="$(LDFLAGS)" \
--debug --debug
touch $@ touch $@