Accepting request 106833 from Base:System

Rework -fpie/-pie fix to an upstreamable version (forwarded request 106807 from vuntz) OBS-URL: https://build.opensuse.org/request/show/106833 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dbus-1?expand=0&rev=82
2012-02-25 06:30:02 +00:00 · 2012-02-25 06:30:02 +00:00 · 3cb24ce810
commit 3cb24ce810
parent 9716605e93 ce633af5c6
5 changed files with 106 additions and 8 deletions
--- a/dbus-1-suid_flags.patch
+++ b/dbus-1-suid_flags.patch
@ -0,0 +1,56 @@
+From 7a467bb432c077bd0aa4454ad3a75d9b65422151 Mon Sep 17 00:00:00 2001
+From: Vincent Untz <vuntz@gnome.org>
+Date: Fri, 24 Feb 2012 13:31:58 +0100
+Subject: [PATCH] Respect SUID_CFLAGS and SUID_LDFLAGS for
+ dbus-daemon-launch-helper
+
+This is a good way for distributors to use -fPIE/-pie.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=46570
+---
+ bus/Makefile.am |    8 ++++++++
+ configure.ac    |    5 +++++
+ 2 files changed, 13 insertions(+), 0 deletions(-)
+
+diff --git a/bus/Makefile.am b/bus/Makefile.am
+index 6cbc09a..db9994c 100644
+--- a/bus/Makefile.am
+++ b/bus/Makefile.am
+@@ -129,10 +129,18 @@ dbus_daemon_launch_helper_SOURCES=		\
+ 	activation-helper-bin.c			\
+ 	$(LAUNCH_HELPER_SOURCES)
+ 
+dbus_daemon_launch_helper_CFLAGS=		\
+	$(SUID_CFLAGS)				\
+	$(AM_CFLAGS)
+
+ dbus_daemon_launch_helper_LDADD=		\
+ 	$(top_builddir)/dbus/libdbus-internal.la \
+ 	$(DBUS_LAUNCHER_LIBS)
+ 
+dbus_daemon_launch_helper_LDFLAGS=		\
+	$(SUID_LDFLAGS)				\
+	$(AM_LDFLAGS)
+
+ ## we build another binary so we can do the launch testing without root privs.
+ ## DO NOT INSTALL THIS FILE
+ dbus_daemon_launch_helper_test_SOURCES=		\
+diff --git a/configure.ac b/configure.ac
+index f461b68..3e414ad 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -1676,6 +1676,11 @@ if test "x$enable_stats" = xyes; then
+     [Define to enable bus daemon usage statistics])
+ fi
+ 
+AC_ARG_VAR([SUID_CFLAGS],
+          [CFLAGS used for binaries which are usually with the suid bit])
+AC_ARG_VAR([SUID_LDFLAGS],
+          [LDFLAGS used for binaries which are usually with the suid bit])
+
+ AC_CONFIG_FILES([
+ Doxyfile
+ dbus/versioninfo.rc
+-- 
+1.7.9
+
--- a/dbus-1-x11.changes
+++ b/dbus-1-x11.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri Feb 24 12:50:17 UTC 2012 - vuntz@opensuse.org
+
+- Change the way we pass -fpie/-pie:
+  + Stop changing CFLAGS/LDFLAGS in %build to add -fpie/-pie.
+  + Add dbus-1-suid_flags.patch: respect SUID_CFLAGS/SUID_LDFLAGS
+    when building the suid binary (dbus-daemon-launch-helper).
+  + Set SUID_CFLAGS to -fPIE and SUID_LDFLAGS to -pie in %build.
+
+-------------------------------------------------------------------
+Fri Feb 24 12:40:26 UTC 2012 - coolo@suse.com
+
+- move with_systemd definition into COMMON part to fix dbus-1-x11
+
 -------------------------------------------------------------------
 Wed Feb 22 08:21:30 UTC 2012 - vuntz@opensuse.org

--- a/dbus-1-x11.spec
+++ b/dbus-1-x11.spec
@ -25,6 +25,11 @@ License:        GPL-2.0+ or AFL-2.1
 Group:          System/Daemons
 # COMMON1-BEGIN
 # COMMON1-BEGIN
+
+# We can't enable this right now, because it will create a build cycle between
+# dbus-1 and systemd. Fun!
+%define with_systemd 0
+
 BuildRequires:  audit-devel
 BuildRequires:  doxygen
 BuildRequires:  libexpat-devel
@ -51,6 +56,8 @@ Source4:        baselibs.conf
 Patch0:         dbus-log-deny.patch
 # PATCH-FIX-OPENSUSE coolo@suse.de -- force a feature configure won't accept without x11 in buildrequires
 Patch1:         dbus-do-autolaunch.patch
+# PATCH-FIX-UPSTREAM dbus-1-suid_flags.patch bnc#743149 fdo#46570 vuntz@opensuse.org -- Respect SUID_CFLAGS/SUID_LDFLAGS
+Patch2:         dbus-1-suid_flags.patch
 %if 0%{?suse_version} > 1100
 %bcond_without selinux
 %else
@ -74,12 +81,14 @@ in this separate package so server systems need not install X.
 %setup -n %{_name}-%{version} -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1

 %build
 autoreconf -fi
-export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC -fpie"
-export LDFLAGS="-pie"
+export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC"
 export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
+export SUID_CFLAGS="-fPIE"
+export SUID_LDFLAGS="-pie"
 %if 0%{?suse_version} > 1000
 export CFLAGS="$CFLAGS -fstack-protector"
 export CXXFLAGS="$CXXFLAGS -fstack-protector"
--- a/dbus-1.changes
+++ b/dbus-1.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri Feb 24 12:50:17 UTC 2012 - vuntz@opensuse.org
+
+- Change the way we pass -fpie/-pie:
+  + Stop changing CFLAGS/LDFLAGS in %build to add -fpie/-pie.
+  + Add dbus-1-suid_flags.patch: respect SUID_CFLAGS/SUID_LDFLAGS
+    when building the suid binary (dbus-daemon-launch-helper).
+  + Set SUID_CFLAGS to -fPIE and SUID_LDFLAGS to -pie in %build.
+
+-------------------------------------------------------------------
+Fri Feb 24 12:40:26 UTC 2012 - coolo@suse.com
+
+- move with_systemd definition into COMMON part to fix dbus-1-x11
+
 -------------------------------------------------------------------
 Wed Feb 22 08:21:30 UTC 2012 - vuntz@opensuse.org

--- a/dbus-1.spec
+++ b/dbus-1.spec
@ -16,10 +16,6 @@
 #


-# We can't enable this right now, because it will create a build cycle between
-# dbus-1 and systemd. Fun!
-%define with_systemd 0
-
 Name:           dbus-1
 %define _name   dbus
 Url:            http://dbus.freedesktop.org/
@ -27,6 +23,11 @@ Summary:        D-Bus Message Bus System
 License:        GPL-2.0+ or AFL-2.1
 Group:          System/Daemons
 # COMMON1-BEGIN
+
+# We can't enable this right now, because it will create a build cycle between
+# dbus-1 and systemd. Fun!
+%define with_systemd 0
+
 BuildRequires:  audit-devel
 BuildRequires:  doxygen
 BuildRequires:  libexpat-devel
@ -53,6 +54,8 @@ Source4:        baselibs.conf
 Patch0:         dbus-log-deny.patch
 # PATCH-FIX-OPENSUSE coolo@suse.de -- force a feature configure won't accept without x11 in buildrequires
 Patch1:         dbus-do-autolaunch.patch
+# PATCH-FIX-UPSTREAM dbus-1-suid_flags.patch bnc#743149 fdo#46570 vuntz@opensuse.org -- Respect SUID_CFLAGS/SUID_LDFLAGS
+Patch2:         dbus-1-suid_flags.patch
 %if 0%{?suse_version} > 1100
 %bcond_without selinux
 %else
@ -111,12 +114,14 @@ bus daemon).
 %setup -n %{_name}-%{version} -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1

 %build
 autoreconf -fi
-export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC -fpie"
-export LDFLAGS="-pie"
+export CFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing -fPIC"
 export CXXFLAGS="${RPM_OPT_FLAGS} -fno-strict-aliasing"
+export SUID_CFLAGS="-fPIE"
+export SUID_LDFLAGS="-pie"
 %if 0%{?suse_version} > 1000
 export CFLAGS="$CFLAGS -fstack-protector"
 export CXXFLAGS="$CXXFLAGS -fstack-protector"