rpmlint/suse-rpmlint-all-pie.patch

35 lines
1.7 KiB
Diff
Raw Normal View History

Index: rpmlint-rpmlint-1.11/BinariesCheck.py
===================================================================
--- rpmlint-rpmlint-1.11.orig/BinariesCheck.py
+++ rpmlint-rpmlint-1.11/BinariesCheck.py
@@ -558,10 +558,14 @@ class BinariesCheck(AbstractCheck.Abstra
if ocaml_mixed_regex.search(bin_info.tail):
printWarning(pkg, 'ocaml-mixed-executable', fname)
- if ((not is_shobj and not is_pie_exec) and
- pie_exec_re and pie_exec_re.search(fname)):
- printError(pkg, 'non-position-independent-executable',
- fname)
+ if (not is_shobj and not is_pie_exec):
+ if pie_exec_re and pie_exec_re.search(fname):
+ printError(
+ pkg, 'non-position-independent-executable', fname)
+ else:
+ printWarning(
+ pkg, 'position-independent-executable-suggested',
+ fname)
if bin_info.readelf_error:
continue
@@ -810,6 +814,10 @@ stripping process.''',
'''This executable must be position independent. Check that it is built with
-fPIE/-fpie in compiler flags and -pie in linker flags.''',
+'position-independent-executable-suggested',
+'''This executable should be position independent (all binaries should). Check
+that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''',
+
'missing-call-to-setgroups-before-setuid',
'''This executable is calling setuid and setgid without setgroups or
initgroups. There is a high probability this means it didn't relinquish all