Hello community,
here is the log from the commit of package hardening-check for openSUSE:Factory
checked in at 2017-10-11 23:03:57
Comparing /work/SRC/openSUSE:Factory/hardening-check (Old)
and /work/SRC/openSUSE:Factory/.hardening-check.new (New)
Package is "hardening-check"
Wed Oct 11 23:03:57 2017 rev:2 rq:533359 version:2.6
Changes:
--- /work/SRC/openSUSE:Factory/hardening-check/hardening-check.changes
2017-08-22 11:07:34.189771424 +0200
+++ /work/SRC/openSUSE:Factory/.hardening-check.new/hardening-check.changes
2017-10-11 23:03:59.957946816 +0200
@@ -1,0 +2,9 @@
+Wed Oct 11 08:42:18 UTC 2017 - matthias.gerst...@suse.com
+
+- perl_regex.patch: fixes the build after a seemingly newer perl version
+ complains about a bad perl regular expression contained in the makefile.
+
+- hardening-check-rpmlintrc: suppress no-binary warning, the spec file
+ explains why this package can be considered arch specific
+
+---
New:
hardening-check-rpmlintrc
perl_regex.patch
Other differences:
--
++ hardening-check.spec ++
--- /var/tmp/diff_new_pack.tN3r48/_old 2017-10-11 23:04:00.965902654 +0200
+++ /var/tmp/diff_new_pack.tN3r48/_new 2017-10-11 23:04:00.969902479 +0200
@@ -13,6 +13,8 @@
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
# the hardening checker script belongs to the hardening-wrapper, but we don't
# need the wrapper parts, it's been discontinued in Debian/Ubuntu recently
@@ -32,8 +34,12 @@
Requires: perl
Summary: A tool for inspecting low level hardening characteristics of
ELF binaries
License: GPL-2.0+
-URL: http://packages.debian.org/%{upstream_pkg}
+Url:http://packages.debian.org/%{upstream_pkg}
Source0:
http://ftp.debian.org/debian/pool/main/h/%{upstream_pkg}/%{upstream_pkg}_%{version}.tar.xz
+Source1:hardening-check-rpmlintrc
+# fixes a syntax error in a perl regex in the Makefile that came up with a
+# newer perl version it seems
+Patch0: perl_regex.patch
%description
This package contains a perl script that allows for quick and simple checking
@@ -44,11 +50,12 @@
%prep
%setup -q -n hardening-wrapper
+%patch0 -p1
%build
-# this is to silence make errors but it influence our package because the
-# values only influence the wrapper scripts which aren't shipped, we only want
-# the hardening-check script
+# this is to silence make errors but it doesn't influence our package, because
+# the values only influence the wrapper scripts which aren't shipped, we only
+# want the hardening-check script
# the script is also filled with some values from libc during the make step
# thus this script cannot considered to be noarch, information extracted from
++ hardening-check-rpmlintrc ++
addFilter("no-binary")
++ perl_regex.patch ++
Index: hardening-check/hardening-wrapper/Makefile
===
--- hardening-wrapper.orig/Makefile
+++ hardening-wrapper/Makefile
@@ -19,8 +19,8 @@ $(BUILD_TREE)/stamp-build: $(WRAPPERS) $
install $(WRAPPERS) $(BUILD_TREE)/
# Set defaults, based on OS and ARCH.
perl -pi -e 's/ #OS#/ '"$(DEB_HOST_ARCH_OS)"'/; s/ #ARCH#/
'"$(DEB_HOST_ARCH)"'/;' $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld
- perl -pi -e
"s/default{'DEB_BUILD_HARDENING_PIE'}=1;/default{'DEB_BUILD_HARDENING_PIE'}=$(DEFAULT_PIE);/;"
$(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld
- perl -pi -e
"s/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=$(DEFAULT_STACKPROT);/;"
$(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld
+ perl -pi -e
"s/default\{'DEB_BUILD_HARDENING_PIE'}=1;/default{'DEB_BUILD_HARDENING_PIE'}=$(DEFAULT_PIE);/;"
$(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld
+ perl -pi -e
"s/default\{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=$(DEFAULT_STACKPROT);/;"
$(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-ld
# Duplicate cc wrapper to c++.
install $(BUILD_TREE)/hardened-cc $(BUILD_TREE)/hardened-c++
perl -pi -e 's/hardened-cc/hardened-c++/g;
s|/usr/bin/cc|/usr/bin/c++|g;' $(BUILD_TREE)/hardened-c++
