No relro when building from inside a Git package ?
Dear all,
I am experience a strange variation when building package from a Git repository
or from the same source with the .git directory deleted.
In the first case I have the Lintian warning 'libhts0: hardening-no-relro
usr/lib/x86_64-linux-gnu/libhts.so.0.2.0~rc4-1', but not in the second case.
The only git-dependant code that I found is to create a package version, but
I override it in debian/rules by the Debian package's version.
In Makefile:
ifneq "$(wildcard .git)" ""
original_version := $(PACKAGE_VERSION)
PACKAGE_VERSION := $(shell git describe --always --dirty)
In debian/rules:
override_dh_auto_build:
dh_auto_build -- \
CFLAGS="$$(dpkg-buildflags --get CFLAGS)" \
CPPFLAGS="-I. -DSAMTOOLS=1 $$(dpkg-buildflags --get CPPFLAGS)" \
LDFLAGS="$$(dpkg-buildflags --get LDFLAGS)" \
PACKAGE_VERSION="$(DEB_VERSION)"
override_dh_auto_install:
dh_auto_install -- prefix=/usr PACKAGE_VERSION="$(DEB_VERSION)"
(Digression: I do this because after tagging a debian revision, for instance
'debian/0.2.0_rc3-1', the package will fail to build from the Git repository
since the tag becomes used for the soversion of the library, and the slash is
mistaken as a directory separator. Is there a smart solution to this problem ?)
You can get the source with 'gbp clone https://github.com/Debian/htslib'. Does
anybody see why the hardening-no-relro is triggered when building in presence
of the .git directory ?
Cheers,
--
Charles Plessy
Debian Med packaging team,
http://www.debian.org/devel/debian-med
Tsurumi, Kanagawa, Japan
Reply to: