[Freeipa-devel] [PATCHES] 204-205 Spec file fixes

Wed, 27 Nov 2013 05:26:52 -0800 

Hi,

the attached patches fix <https://fedorahosted.org/freeipa/ticket/4010>.

Honza

--
Jan Cholasta

>From 27fe562102962416f3db17b1b30be978a8c201b3 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 27 Nov 2013 13:13:16 +0000
Subject: [PATCH 1/2] Use hardening flags for ipa-optd.

https://fedorahosted.org/freeipa/ticket/4010
---
 daemons/ipa-otpd/Makefile.am | 2 +-
 freeipa.spec.in              | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/daemons/ipa-otpd/Makefile.am b/daemons/ipa-otpd/Makefile.am
index ed99c3e..f0b7528 100644
--- a/daemons/ipa-otpd/Makefile.am
+++ b/daemons/ipa-otpd/Makefile.am
@@ -1,5 +1,5 @@
 AM_CFLAGS := $(CFLAGS) @LDAP_CFLAGS@ @LIBVERTO_CFLAGS@
-AM_LDFLAGS := $(LDFLAGS) @LDAP_LIBS@ @LIBVERTO_LIBS@ @KRAD_LIBS@
+AM_LDFLAGS := $(LDFLAGS) @LDAP_LIBS@ @LIBVERTO_LIBS@ @KRAD_LIBS@ -pie -Wl,-z,relro -Wl,-z,now
 
 noinst_HEADERS = internal.h
 libexec_PROGRAMS = ipa-otpd
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 35b8714..8ee69fc 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -5,6 +5,10 @@
 %global POLICYCOREUTILSVER 2.1.12-5
 %global gettext_domain ipa
 
+%if (0%{?fedora} > 15 || 0%{?rhel} >= 7)
+%define _hardened_build 1
+%endif
+
 Name:           freeipa
 Version:        __VERSION__
 Release:        __RELEASE__%{?dist}
-- 
1.8.3.1


>From 046dc521aeb55c670596a2e689929dd71b7c4fa4 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 27 Nov 2013 13:20:22 +0000
Subject: [PATCH 2/2] Own /usr/share/ipa/ui/js/ in the spec file.

https://fedorahosted.org/freeipa/ticket/4010
---
 freeipa.spec.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 8ee69fc..08c82f2 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -677,6 +677,7 @@ fi
 %{_usr}/share/ipa/ui/*.svg
 %{_usr}/share/ipa/ui/*.ttf
 %{_usr}/share/ipa/ui/*.woff
+%dir %{_usr}/share/ipa/ui/js
 %dir %{_usr}/share/ipa/ui/js/dojo
 %{_usr}/share/ipa/ui/js/dojo/dojo.js
 %dir %{_usr}/share/ipa/ui/js/libs
-- 
1.8.3.1


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to