[Pkg-openldap-devel] Bug#644427: Bug#644427: openldap: please enable hardening options
Pierre Chifflier
pollux at debian.org
Wed Oct 5 20:41:59 UTC 2011
On Wed, Oct 05, 2011 at 01:26:47PM -0700, Steve Langasek wrote:
> tags 644427 - patch
> thanks
>
> On Wed, Oct 05, 2011 at 09:10:57PM +0200, Pierre Chifflier wrote:
>
> > --- openldap-2.4.25.orig/debian/rules 2011-10-05 18:56:46.000000000 +0200
> > +++ openldap-2.4.25/debian/rules 2011-10-05 18:09:23.000000000 +0200
> > @@ -6,7 +6,10 @@
> > # want the checks for DFSG-freeness.
> > #DFSG_NONFREE = 1
> >
> > -CFLAGS = -Wall -g -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
> > +DPKG_EXPORT_BUILDFLAGS = 1
> > +include /usr/share/dpkg/buildflags.mk
> > +
> > +CFLAGS += -Wall -g -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
> > INSTALL = install
> > INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644
> > INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755
>
> nack on this implementation. makefile includes are a terrible interface.
Sure. As written, the rationale was to propose a patch with minimal changes.
>
> I am intending to spend some time this weekend to work on bringing the
> openldap packaging up to dh(1) and compat level 9 so we can let debhelper
> take care of this for us (like it ought).
The most problematic change I can see is that dh 9 also includes
multi-arch, and since openldap use a lot of shared libraries this could
be tricky.
Thanks for taking care of that !
Pierre
More information about the Pkg-openldap-devel
mailing list