56 lines
2.1 KiB
Diff
56 lines
2.1 KiB
Diff
From 417dc7a7a378dbab6bbaafc21b9e554b60c9402f Mon Sep 17 00:00:00 2001
|
|
From: Debarshi Ray <rishi@fedoraproject.org>
|
|
Date: Mon, 29 Jun 2020 17:57:47 +0200
|
|
Subject: [PATCH] build: Make the build flags match RHEL's %{gobuildflags}
|
|
|
|
The Go toolchain doesn't like the LDFLAGS environment variable as
|
|
exported by RHEL's %{meson} RPM macro, and RHEL's RPM toolchain doesn't
|
|
like the compressed DWARF data generated by the Go toolchain.
|
|
|
|
Note that these flags are meant for every CPU architecture other than
|
|
PPC64, and should be kept updated to match RHEL's Go guidelines. Use
|
|
'rpm --eval "%{gobuildflags}"' to expand the %{gobuildflags} macro.
|
|
---
|
|
src/go-build-wrapper | 14 ++++++++++----
|
|
1 file changed, 10 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/src/go-build-wrapper b/src/go-build-wrapper
|
|
index c572d6dfb02b..d39764fda0c1 100755
|
|
--- a/src/go-build-wrapper
|
|
+++ b/src/go-build-wrapper
|
|
@@ -33,9 +33,9 @@ if ! cd "$1"; then
|
|
exit 1
|
|
fi
|
|
|
|
-tags=""
|
|
+tags="-tags rpm_crashtraceback,${BUILDTAGS:-},libtrust_openssl"
|
|
if $7; then
|
|
- tags="-tags migration_path_for_coreos_toolbox"
|
|
+ tags="$tags,migration_path_for_coreos_toolbox"
|
|
fi
|
|
|
|
if ! libc_dir=$("$5" --print-file-name=libc.so); then
|
|
@@ -70,11 +70,17 @@ fi
|
|
|
|
dynamic_linker="/run/host$dynamic_linker_canonical_dirname/$dynamic_linker_basename"
|
|
|
|
+unset LDFLAGS
|
|
+
|
|
# shellcheck disable=SC2086
|
|
go build \
|
|
+ -buildmode pie \
|
|
+ -compiler gc \
|
|
$tags \
|
|
- -trimpath \
|
|
- -ldflags "-extldflags '-Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
|
|
+ -ldflags "${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \n') -compressdwarf=false -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-dynamic-linker,$dynamic_linker -Wl,-rpath,/run/host$libc_dir_canonical_dirname' -linkmode external -X github.com/containers/toolbox/pkg/version.currentVersion=$4" \
|
|
+ -a \
|
|
+ -v \
|
|
+ -x \
|
|
-o "$2/$3"
|
|
|
|
exit "$?"
|
|
--
|
|
2.43.0
|
|
|