forked from pool/rpmlint
- add suse-rpmlint-all-pie.patch: refresh to handle the pie-executable
case (rename from rpmlint-all-pie.patch) OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=608
This commit is contained in:
parent
ac11dfa3a8
commit
158dcaf71e
@ -39,4 +39,4 @@ Index: rpmlint-rpmlint-1.10/BinariesCheck.py
|
|||||||
+ pie_exec_re and pie_exec_re.search(fname)):
|
+ pie_exec_re and pie_exec_re.search(fname)):
|
||||||
printError(pkg, 'non-position-independent-executable',
|
printError(pkg, 'non-position-independent-executable',
|
||||||
fname)
|
fname)
|
||||||
if not is_shobj:
|
|
||||||
|
@ -1,25 +0,0 @@
|
|||||||
Index: rpmlint-rpmlint-1.10/BinariesCheck.py
|
|
||||||
===================================================================
|
|
||||||
--- rpmlint-rpmlint-1.10.orig/BinariesCheck.py
|
|
||||||
+++ rpmlint-rpmlint-1.10/BinariesCheck.py
|
|
||||||
@@ -534,6 +534,9 @@ class BinariesCheck(AbstractCheck.Abstra
|
|
||||||
if not is_shobj and pie_exec_re and pie_exec_re.search(fname):
|
|
||||||
printError(pkg, 'non-position-independent-executable',
|
|
||||||
fname)
|
|
||||||
+ if not is_shobj:
|
|
||||||
+ printError(pkg, 'position-independent-executable-suggested',
|
|
||||||
+ fname)
|
|
||||||
|
|
||||||
if bin_info.readelf_error:
|
|
||||||
continue
|
|
||||||
@@ -786,6 +789,10 @@ stripping process.''',
|
|
||||||
'''This executable must be position independent. Check that it is built with
|
|
||||||
-fPIE/-fpie in compiler flags and -pie in linker flags.''',
|
|
||||||
|
|
||||||
+'position-independent-executable-suggested',
|
|
||||||
+'''This executable should be position independent (all binaries should). Check
|
|
||||||
+that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''',
|
|
||||||
+
|
|
||||||
'missing-call-to-setgroups-before-setuid',
|
|
||||||
'''This executable is calling setuid and setgid without setgroups or
|
|
||||||
initgroups. There is a high probability this means it didn't relinquish all
|
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jul 11 09:06:31 UTC 2018 - dmueller@suse.com
|
||||||
|
|
||||||
|
- add suse-rpmlint-all-pie.patch: refresh to handle the pie-executable
|
||||||
|
case (rename from rpmlint-all-pie.patch)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jul 9 19:37:57 UTC 2018 - dmueller@suse.com
|
Mon Jul 9 19:37:57 UTC 2018 - dmueller@suse.com
|
||||||
|
|
||||||
|
@ -83,13 +83,13 @@ Patch66: 0001-Handle-post-scripts-that-contain-non-ascii-character.patch
|
|||||||
Patch67: omit_BUILDROOT_from_pyo_files.patch
|
Patch67: omit_BUILDROOT_from_pyo_files.patch
|
||||||
Patch68: 0001-Avoid-false-positives-on-is_elf-check.patch
|
Patch68: 0001-Avoid-false-positives-on-is_elf-check.patch
|
||||||
Patch69: 0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch
|
Patch69: 0007-Validate-Appdata-also-when-appstream-util-is-unavail.patch
|
||||||
Patch70: rpmlint-all-pie.patch
|
|
||||||
Patch71: 0001-Avoid-calling-close-on-undefined-fd-variable.patch
|
Patch71: 0001-Avoid-calling-close-on-undefined-fd-variable.patch
|
||||||
Patch72: rpmlint-slpp-NUM-NUM.patch
|
Patch72: rpmlint-slpp-NUM-NUM.patch
|
||||||
Patch73: 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch
|
Patch73: 0001-Binariescheck-Check-for-chroot-chdir-on-ARM-PPC.patch
|
||||||
Patch74: 0001-Always-import-XDG-desktop-files-as-utf8.patch
|
Patch74: 0001-Always-import-XDG-desktop-files-as-utf8.patch
|
||||||
Patch75: 0001-Fix-compatibility-with-file-5.33.patch
|
Patch75: 0001-Fix-compatibility-with-file-5.33.patch
|
||||||
Patch76: update-magic-values-python-37.patch
|
Patch76: update-magic-values-python-37.patch
|
||||||
|
Patch77: suse-rpmlint-all-pie.patch
|
||||||
BuildRequires: obs-service-format_spec_file
|
BuildRequires: obs-service-format_spec_file
|
||||||
BuildRequires: python3-flake8
|
BuildRequires: python3-flake8
|
||||||
BuildRequires: python3-pytest
|
BuildRequires: python3-pytest
|
||||||
|
34
suse-rpmlint-all-pie.patch
Normal file
34
suse-rpmlint-all-pie.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
Index: rpmlint-rpmlint-1.10/BinariesCheck.py
|
||||||
|
===================================================================
|
||||||
|
--- rpmlint-rpmlint-1.10.orig/BinariesCheck.py
|
||||||
|
+++ rpmlint-rpmlint-1.10/BinariesCheck.py
|
||||||
|
@@ -543,10 +543,14 @@ class BinariesCheck(AbstractCheck.Abstra
|
||||||
|
if ocaml_mixed_regex.search(bin_info.tail):
|
||||||
|
printWarning(pkg, 'ocaml-mixed-executable', fname)
|
||||||
|
|
||||||
|
- if ((not is_shobj and not is_pie_exec) and
|
||||||
|
- pie_exec_re and pie_exec_re.search(fname)):
|
||||||
|
- printError(pkg, 'non-position-independent-executable',
|
||||||
|
- fname)
|
||||||
|
+ if (not is_shobj and not is_pie_exec):
|
||||||
|
+ if pie_exec_re and pie_exec_re.search(fname):
|
||||||
|
+ printError(
|
||||||
|
+ pkg, 'non-position-independent-executable', fname)
|
||||||
|
+ else:
|
||||||
|
+ printWarning(
|
||||||
|
+ pkg, 'position-independent-executable-suggested',
|
||||||
|
+ fname)
|
||||||
|
|
||||||
|
if bin_info.readelf_error:
|
||||||
|
continue
|
||||||
|
@@ -798,6 +802,10 @@ stripping process.''',
|
||||||
|
'''This executable must be position independent. Check that it is built with
|
||||||
|
-fPIE/-fpie in compiler flags and -pie in linker flags.''',
|
||||||
|
|
||||||
|
+'position-independent-executable-suggested',
|
||||||
|
+'''This executable should be position independent (all binaries should). Check
|
||||||
|
+that it is built with -fPIE/-fpie in compiler flags and -pie in linker flags.''',
|
||||||
|
+
|
||||||
|
'missing-call-to-setgroups-before-setuid',
|
||||||
|
'''This executable is calling setuid and setgid without setgroups or
|
||||||
|
initgroups. There is a high probability this means it didn't relinquish all
|
Loading…
Reference in New Issue
Block a user