On 2012-03-11 13:37, Kees Cook wrote: > On Sun, Mar 11, 2012 at 12:16:09AM +0100, Niels Thykier wrote: >> I have bumped the debhelper standard test suite to use compat 9 by >> default. I doubt it will fix all the failures we saw, but at least the >> standard flags are enabled by default. > > When I was playing with it, this solved a lot but not all of them. Doesn't > this pose an unbackportable change though? I didn't think compat 9 > existed in Squeeze. >
It does not, but debhelper 9 has been backported already, so we can rely on it. In fact, we already needed debhelper 9 due to t/tests/debhelper-dh-exec, but I apparently forgot to bump the depends back then... > [...] >>> - build internal hardening test for all archs (hook to generate tags file) >>> - fix other lintian internal tests to work with hardening check >> >> This part still needs some work though. >> >> I suspect it might be a good idea to try the test suite on some >> different architectures at some point. These > > Cool, I'll spend some time on the branch getting any stragglers building > correctly. > Much appreciated. >> Last I checked we still have an "outstanding issue" hardening-check >> using ldd, which I am not certain will work with "foreign" binaries (see >> comment #39). I suspect it will mostly affect people who do >> cross-builds and lintian.d.o[2]. > > Yeah, I was just starting to notice this. Inspired by the data file idea, I > think I might do the same for hardening-check and have it build the list of > functions at build-time. I can check if a binary is using libc without > running ldd, and I only needed ldd to generate the function list dynamically. > If it's static, things are faster and more portable. It'll just need updating > from time to time when anything major happens with eglibc. > > -Kees > Sounds good. :) ~Niels -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org