rpms/bind9.18
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix PIE patching from Fedora

Browse Source 
Seems broken since last rebase build.

Related: RHEL-76331
This commit is contained in:
Petr Menšík 2025-01-27 13:57:02 +01:00
parent a7a280de1f
commit 433bab66ec
1 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
bind-9.5-PIE.patch
View File

@ -1,17 +1,28 @@
From 13348a5fc64387bf53ef450688e181100d0ceddb Mon Sep 17 00:00:00 2001
From: Petr Mensik <pemensik@redhat.com>
Date: Thu, 12 Dec 2024 15:56:13 +0100
Subject: [PATCH] Harden named service build flags
---
bin/named/Makefile.am | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/bin/named/Makefile.am b/bin/named/Makefile.am
index 57a023b..085f2f7 100644
index 57a023b..b832e9c 100644
--- a/bin/named/Makefile.am
+++ b/bin/named/Makefile.am
@@ -32,9 +32,12 @@ AM_CPPFLAGS += \
endif HAVE_LIBXML2
@@ -33,7 +33,10 @@ endif HAVE_LIBXML2
AM_CPPFLAGS += \
+ -fpie \
-DNAMED_LOCALSTATEDIR=\"${localstatedir}\" \
-DNAMED_SYSCONFDIR=\"${sysconfdir}\"
+AM_LDFLAGS += -pie -Wl,-z,relro,-z,now,-z,nodlopen,-z,noexecstack
- -DNAMED_SYSCONFDIR=\"${sysconfdir}\"
+ -DNAMED_SYSCONFDIR=\"${sysconfdir}\" \
+ -fpie
+
+AM_LDFLAGS += -pie -Wl,-z,relro,-z,now,-z,nodlopen,-z,noexecstack
sbin_PROGRAMS = named
nodist_named_SOURCES = xsl.c
--
2.47.1