and the *global* %configure-macro is this which refers to https://fedoraproject.org/wiki/Packaging:RPMMacros for %{_prefix}, %{_sysconfdir..................
%configure \
CFLAGS="${CFLAGS:-%optflags}"; export CFLAGS; \
CXXFLAGS="${CXXFLAGS:-%optflags}"; export CXXFLAGS; \
FFLAGS="${FFLAGS:-%optflags -I%_fmoddir}"; export FFLAGS; \
FCFLAGS="${FCFLAGS:-%optflags -I%_fmoddir}"; export FCFLAGS; \
LDFLAGS="${LDFLAGS:-%__global_ldflags}"; export LDFLAGS; \
./configure \\\
--host=x86_64-redhat-linux \\\
--build=x86_64-redhat-linux \\\
--target=x86_64-redhat-linux \\\
--program-prefix=%{?_program_prefix} \\\
--disable-dependency-tracking \\\
--prefix=%{_prefix} \\\
--exec-prefix=%{_exec_prefix} \\\
--bindir=%{_bindir} \\\
--sbindir=%{_sbindir} \\\
--sysconfdir=%{_sysconfdir} \\\
--datadir=%{_datadir} \\\
--includedir=%{_includedir} \\\
--libdir=%{_libdir} \\\
--libexecdir=%{_libexecdir} \\\
--localstatedir=%{_localstatedir} \\\
--sharedstatedir=%{_sharedstatedir} \\\
--mandir=%{_mandir} \\\
--infodir=%{_infodir}
Am 19.07.2013 14:39, schrieb Reindl Harald:
>
> Am 19.07.2013 14:21, schrieb Paul J Stevens:
>> On 07/19/2013 01:57 PM, Reindl Harald wrote:
>>> the current HEAD is broken, see errors below
>>>
>>> attached my RPM-SPEC, the only differnce in the builds is
>>> the used source tarball, config and systemd-units are the same
>>
>> Your build needs fixing, I assume.
>
> i strictly disagree
> the SPEC file is compliant to fedora package / hardening guidelines
>
>> I cleaned up some of the autoconf stuff. Where are your modules
>> installed? Check the report generated after configure has completed.
>> Look for DM_PKGLIBDIR
>>
>> I've been trying to get dbmail to use sensible defaults.
>>
>> ../configure; make; make install
>
> but this should not break explicit configs
>
> https://fedoraproject.org/wiki/Packaging:RPMMacros
> http://fedoraproject.org/wiki/Packaging:Guidelines
>
> http://fedoraproject.org/wiki/Packaging:Guidelines#Compiler_flags
> http://fedoraproject.org/wiki/Packaging:Guidelines#Removing_Rpath
>
>> should autogenerated a dbmail.conf if /usr/local/etc/dbmail.conf is
>> writable
>
> /usr/local is *not* relevant - rpmbuild has it's virtual buildroot inside
> ~/rpmbuild/
>
>> and will autogenerate a SQLite database in /tmp/, though that should
>> probably be in $HOME/dbmail.sqlite
>
> mysql - sqlite is no topic for me
>
>> I've also sanitized some of the configure switches:
>> --prefix
>> --libdir: modules go into LIBDIR/dbmail/
>> --sysconfdir: location for dbmail.conf
>> --localstatedir: locate for the PID files
>
> maybe here is the problem
>
>> looks like you are doing some fonky edits on libtool and configure
>
> results in a hardened build (PIE, PIC, Full RELRO, canary/stack-protection,
> *no* RPATH)
>
> sed -i -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' -e
> 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
>
> removes the RPATH - that's why "/etc/ld.so.conf.d/dbmail-x86_64.conf" get
> installed
> http://fedoraproject.org/wiki/Packaging:Guidelines#Removing_Rpath
> [root@srv-rhsoft:~]$ cat /etc/ld.so.conf.d/dbmail-x86_64.conf
> /usr/lib64/dbmail
>
> export CFLAGS="%{optflags} -fPIC -fPIE -fstack-protector-all
> -I%{_includedir}/zdb"
> export CXXFLAGS="%{optflags} -fPIC -fPIE -fstack-protector-all
> -I%{_includedir}/zdb"
> export LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie"
> export SH_LDFLAGS="-Wl,-z,now -Wl,-z,relro,-z,noexecstack -pie"
> %configure --with-jemalloc=%{_prefix} --with-sieve --enable-manpages
> --enable-shared --enable-pie --with-pic
> --disable-static --without-ldap
> sed -i -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' -e
> 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
> %{__make} %{?_smp_mflags}
>
>> Those shouldn't be necessary if gentoo is LSB compliant
>
> Gentoo? this is Fedora - Gentoo has no RPM or rpmbuild
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail@dbmail.org
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
--
Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofmühlgasse 17
CTO / CISO / Software-Development
m: +43 (676) 40 221 40, p: +43 (1) 595 3999 33
icq: 154546673, http://www.thelounge.net/
http://www.thelounge.net/signature.asc.what.htm
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DBmail mailing list DBmail@dbmail.org http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
