Date: Saturday, August 2, 2014 @ 05:35:36 Author: thestinger Revision: 116724
saner configuration file Modified: hardening-wrapper/trunk/PKGBUILD hardening-wrapper/trunk/cc-wrapper.sh hardening-wrapper/trunk/hardening-wrapper-i686.conf hardening-wrapper/trunk/hardening-wrapper-x86_64.conf -------------------------------+ PKGBUILD | 10 +++++----- cc-wrapper.sh | 5 ++++- hardening-wrapper-i686.conf | 12 ++++++------ hardening-wrapper-x86_64.conf | 12 ++++++------ 4 files changed, 21 insertions(+), 18 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-08-02 03:14:48 UTC (rev 116723) +++ PKGBUILD 2014-08-02 03:35:36 UTC (rev 116724) @@ -1,7 +1,7 @@ # Maintainer: Daniel Micay <[email protected]> pkgname=hardening-wrapper -pkgver=3 -pkgrel=4 +pkgver=4 +pkgrel=1 pkgdesc='Wrapper script for building hardened executables by default' arch=(i686 x86_64) url='https://archlinux.org/' @@ -9,10 +9,10 @@ depends=(bash) backup=(etc/hardening-wrapper.conf) source=(cc-wrapper.sh path.sh hardening-wrapper-i686.conf hardening-wrapper-x86_64.conf) -sha1sums=('edddffd8d8bf6c4b57d7a8fa32b65e29020c2a3c' +sha1sums=('dda7ad75aecdf335f9cd5690f2d6beb2d64d6f5c' '1e5f6d9931f01b26bb4b6fbb839e21d34d534cdc' - '658aed4d1039393f0ba08152c1320fca04ce1315' - 'ff104a6624ce898010f277fe22e6f964aeb34300') + '4d7a8f4818c531ce7002e860e0654b42b6147037' + '50db33c08439393b673c23d542e274beef44fbdd') package() { install -Dm644 hardening-wrapper-${CARCH}.conf "$pkgdir/etc/hardening-wrapper.conf" Modified: cc-wrapper.sh =================================================================== --- cc-wrapper.sh 2014-08-02 03:14:48 UTC (rev 116723) +++ cc-wrapper.sh 2014-08-02 03:35:36 UTC (rev 116724) @@ -2,7 +2,10 @@ set -o nounset -declare -A default="($(< /etc/hardening-wrapper.conf))" +declare -A default +while IFS== read key value; do + default["$key"]="$value" +done < /etc/hardening-wrapper.conf force_bindnow="${HARDENING_BINDNOW:-"${default[HARDENING_BINDNOW]:-1}"}" force_fPIE="${HARDENING_PIE:-"${default[HARDENING_PIE]:-1}"}" Modified: hardening-wrapper-i686.conf =================================================================== --- hardening-wrapper-i686.conf 2014-08-02 03:14:48 UTC (rev 116723) +++ hardening-wrapper-i686.conf 2014-08-02 03:35:36 UTC (rev 116724) @@ -1,6 +1,6 @@ -[HARDENING_BINDNOW]=0 -[HARDENING_PIE]=0 -[HARDENING_FORTIFY]=2 -[HARDENING_RELRO]=1 -[HARDENING_STACK_CHECK]=0 -[HARDENING_STACK_PROTECTOR]=2 +HARDENING_BINDNOW=0 +HARDENING_PIE=0 +HARDENING_FORTIFY=2 +HARDENING_RELRO=1 +HARDENING_STACK_CHECK=0 +HARDENING_STACK_PROTECTOR=2 Modified: hardening-wrapper-x86_64.conf =================================================================== --- hardening-wrapper-x86_64.conf 2014-08-02 03:14:48 UTC (rev 116723) +++ hardening-wrapper-x86_64.conf 2014-08-02 03:35:36 UTC (rev 116724) @@ -1,6 +1,6 @@ -[HARDENING_BINDNOW]=0 -[HARDENING_PIE]=1 -[HARDENING_FORTIFY]=2 -[HARDENING_RELRO]=1 -[HARDENING_STACK_CHECK]=0 -[HARDENING_STACK_PROTECTOR]=2 +HARDENING_BINDNOW=0 +HARDENING_PIE=1 +HARDENING_FORTIFY=2 +HARDENING_RELRO=1 +HARDENING_STACK_CHECK=0 +HARDENING_STACK_PROTECTOR=2
