From 8c0345898be04eea1bc6ef6684ffd6a7d04ddd2c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 16 Mar 2015 12:50:56 +0000
Subject: [PATCH] Enable hardening flags by building the static 'init'
 specially before the main build.

Fixes: RHBZ#1202091
---
 supermin.spec | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/supermin.spec b/supermin.spec
index 5be4f68..e3e10c5 100644
--- a/supermin.spec
+++ b/supermin.spec
@@ -1,11 +1,7 @@
-# _hardened_build breaks building the static 'init' binary.
-# https://bugzilla.redhat.com/show_bug.cgi?id=1202091
-%undefine _hardened_build
-
 Summary:       Tool for creating supermin appliances
 Name:          supermin
 Version:       5.1.12
-Release:       4%{?dist}
+Release:       5%{?dist}
 License:       GPLv2+
 
 %if 0%{?rhel} >= 7
@@ -78,6 +74,12 @@ from supermin appliances.
 
 %build
 %configure --disable-network-tests
+
+# Build the static init without any special hardening flags.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1202091
+make -C src init CFLAGS="-g -O2" LDFLAGS="-g -O2"
+
+# Build the rest of the program with hardening flags.
 make
 
 
@@ -116,6 +118,10 @@ make check || {
 
 
 %changelog
+* Mon Mar 16 2015 Richard W.M. Jones <rjones@redhat.com> - 5.1.12-5
+- Enable hardening flags by building the static 'init' specially
+  before the main build.
+
 * Thu Mar 12 2015 Richard W.M. Jones <rjones@redhat.com> - 5.1.12-4
 - Add a -devel subpackage containing automated RPM dependency generator
   for supermin appliances.