Add the annocheck program as a sub-package.
This commit is contained in:
Nick Clifton
parent
a47a7d3349
commit
4656334c92
1
.gitignore
vendored
1
.gitignore
vendored
@ -25,3 +25,4 @@
|
||||
/annobin-5.9.tar.xz
|
||||
/annobin-5.10.tar.xz
|
||||
/annobin-5.11.tar.xz
|
||||
/annobin-6.0.tar.xz
|
||||
|
||||
30
annobin.spec
30
annobin.spec
@ -11,7 +11,7 @@
|
||||
|
||||
Name: annobin
|
||||
Summary: Binary annotation plugin for GCC
|
||||
Version: 5.11
|
||||
Version: 6.0
|
||||
Release: 1%{?dist}
|
||||
|
||||
License: GPLv3+
|
||||
@ -20,6 +20,9 @@ URL: https://fedoraproject.org/wiki/Toolchain/Watermark
|
||||
# Use "--without tests" to disable the testsuite. The default is to run them.
|
||||
%bcond_without tests
|
||||
|
||||
# Use "--without annocheck" to disable the installation of the annocheck program.
|
||||
%bcond_without annocheck
|
||||
|
||||
# Set this to zero to disable the requirement for a specific version of gcc.
|
||||
# This should only be needed if there is some kind of problem with the version
|
||||
# checking logic.
|
||||
@ -57,9 +60,24 @@ Summary: Test scripts and binaries for checking the behaviour and output of the
|
||||
%description tests
|
||||
Provides a means to test the generation of annotated binaries and the parsing
|
||||
of the resulting files.
|
||||
# FIXME: Does not actually do this yet...
|
||||
|
||||
%endif
|
||||
|
||||
#---------------------------------------------------------------------------------
|
||||
%if %{with annocheck}
|
||||
|
||||
%package annocheck
|
||||
Summary: A tool for checking the security hardening status of binaries
|
||||
|
||||
BuildRequires: elfutils elfutils-devel elfutils-libelf-devel rpm-devel binutils-devel
|
||||
|
||||
%description annocheck
|
||||
Installs the annocheck program which uses the notes generated by annobin to
|
||||
check that the specified files were compiled with the correct security
|
||||
hardening options.
|
||||
|
||||
%endif
|
||||
|
||||
#---------------------------------------------------------------------------------
|
||||
|
||||
%global ANNOBIN_PLUGIN_DIR %(gcc --print-file-name=plugin)
|
||||
@ -190,9 +208,17 @@ exit 0
|
||||
%doc %{_mandir}/man1/hardened.1.gz
|
||||
%doc %{_mandir}/man1/run-on-binaries.1.gz
|
||||
|
||||
%if %{with annocheck}
|
||||
%{_bindir}/annocheck
|
||||
%doc %{_mandir}/man1/annocheck.1.gz
|
||||
%endif
|
||||
|
||||
#---------------------------------------------------------------------------------
|
||||
|
||||
%changelog
|
||||
* Wed Jun 06 2018 Nick Clifton <nickc@redhat.com> - 6.0-1
|
||||
- Add the annocheck program.
|
||||
|
||||
* Fri Jun 01 2018 Nick Clifton <nickc@redhat.com> - 5.11-1
|
||||
- Do not use the SHF_GNU_BUILD_NOTE section flag.
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (annobin-5.11.tar.xz) = 8c0cb4f9f31a1cb534c4449b6331353d9aaa7e087d8eaee7d3787499ada305ba88f64d9dedab727a737efce44af1f62a7f9d2a89b8c417fa6ecf8e9728182c94
|
||||
SHA512 (annobin-6.0.tar.xz) = 01e5693a5584cc6f532686863e0c8fa29ef0eeeba7860b16e067bec7a7f363bf72d63c4be56707288355409b748da2f5fcfd3e579925dd68fd751591ae678d7d
|
||||
|
||||
Loading…
Reference in New Issue
Block a user