apparmor's library build uses automake and libtool so the static version of the library is built without -fPIC while the dynamic is built with -fPIC. It is possible to override this.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1824384 Title: libapparmor not built with -fPIC Status in apparmor package in Ubuntu: Triaged Bug description: Attempted to build snap-confine with DEB_BUILD_MAINT_OPTIONS = hardening=+pie. The build fails with: mv -f snap-confine/.deps/snap_confine_snap_confine-user-support.Tpo snap-confine/.deps/snap_confine_snap_confine-user-support.Po gcc -Wall -Wextra -Wmissing-prototypes -Wstrict-prototypes -Wno-missing-field-initializers -Wno-unused-parameter -Werror -DLIBEXECDIR=\"/usr/lib/snapd\" -DNATIVE_LIBDIR=\"/usr/lib\" -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -o snap-confine/snap-confine snap-confine/snap_confine_snap_confine-cookie-support.o snap-confine/snap_confine_snap_confine-mount-support-nvidia.o snap-confine/snap_confine_snap_confine-mount-support.o snap-confine/snap_confine_snap_confine-ns-support.o snap-confine/snap_confine_snap_confine-seccomp-support-ext.o snap-confine/snap_confine_snap_confine-seccomp-support.o snap-confine/snap_confine_snap_confine-snap-confine-args.o snap-confine/snap_confine_snap_confine-snap-confine-invocation.o snap-confine/snap_confine_snap_confine-snap-confine.o snap-confine/snap_confine_snap_confine-udev-support.o snap-confine/snap_confine_snap_confine-user-support.o libsnap-confine-private.a -ludev -Wl,-Bstatic -lcap -lapparmor -Wl,-Bdynamic -pthread /usr/bin/ld: /lib/x86_64-linux-gnu/libapparmor.a(kernel.o): relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared object; recompile with -fPIC /lib/x86_64-linux-gnu/libapparmor.a: error adding symbols: Bad value collect2: error: ld returned 1 exit status By default, because of snapd reexec support on Ubuntu (and some other distros), snap-confine will try to link a static version libapparmor. It appears that libapparmor object files are built without -fPIC though. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1824384/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
