Re: Please help fix lintian hardening-no-relro problem

To: debian-mentors@lists.debian.org
Subject: Re: Please help fix lintian hardening-no-relro problem
From: T o n g <mlist4suntong@yahoo.com>
Date: Thu, 11 Sep 2014 00:37:11 +0000 (UTC)
Message-id: <[🔎] luqqrn$qar$1@ger.gmane.org>
References: <[🔎] ludp5f$6o9$1@ger.gmane.org> <20140906080310.GE17804@belkar.wrar .name> <[🔎] lufseh$51d$1@ger.gmane.org> <[🔎] 20140907105514.GA2585@belkar.wrar.name >

Thanks for your response. 

On Sun, 07 Sep 2014 16:55:14 +0600, Andrey Rahmatullin wrote:

> On Sat, Sep 06, 2014 at 08:56:50PM +0000, T o n g wrote:
>> Yes, that's the first thing I tried, but still get the "hardening-no-
>> relro" problem:
>> https://github.com/suntong001/histring/blob/master/debian/rules
>> https://github.com/suntong001/histring/archive/master.zip
> No, this version doesn't have this problem.

hmm... here is my log, duplicated from http://paste.debian.net/120325/ 
for your convenience:

  $ cat debian/rules 
  #!/usr/bin/make -f

  #export DH_VERBOSE=1

  %:
	  dh $@ 

  $ cat Makefile 
  INSTALL = /usr/bin/install -c

  # == Installation directories
  prefix = ${DESTDIR}/usr
  mandir = ${prefix}/share/man/man1
  exec_prefix = ${prefix}
  bindir = ${exec_prefix}/bin

  all: histring

  histring: histring.c getopt.c getopt1.c getopt.h
	  $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) $@.c -o $@

  clean:
	  rm -f *.o *~ 

  cleanall: clean
	  rm -f histring

  install:
	  $(INSTALL) -m 755 -d $(bindir)
	  $(INSTALL) -m 755 -d $(mandir)

	  $(INSTALL) -m 755 -s histring $(bindir)
	  $(INSTALL) -m 644 debian/histring.1 $(mandir)


  $ debuild -i -us -uc -b
   dpkg-buildpackage -rfakeroot -D -us -uc -i -b
  dpkg-buildpackage: warning: using a gain-root-command while being root
  dpkg-buildpackage: source package histring
  dpkg-buildpackage: source version 1.1.0-2
  dpkg-buildpackage: source distribution unstable
  dpkg-buildpackage: source changed by Tong Sun 
<suntong001@users.sourceforge.net>
   dpkg-source -i --before-build histring-1.1.0_Simplified
  dpkg-buildpackage: host architecture amd64
   fakeroot debian/rules clean
  dh clean 
     dh_testdir
     dh_auto_clean
  make[1]: Entering directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
  rm -f *.o *~ 
  make[1]: Leaving directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
     dh_clean
   debian/rules build
  dh build 
     dh_testdir
     dh_auto_configure
     dh_auto_build
  make[1]: Entering directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
  make[1]: Nothing to be done for 'all'.
  make[1]: Leaving directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
     dh_auto_test
   fakeroot debian/rules binary
  dh binary 
     dh_testroot
     dh_prep
     dh_auto_install
  make[1]: Entering directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
  /usr/bin/install -c -m 755 -d /export/build/pkg/histring/bld/
histring-1.1.0_Simplified/debian/histring/usr/bin
  /usr/bin/install -c -m 755 -d /export/build/pkg/histring/bld/
histring-1.1.0_Simplified/debian/histring/usr/share/man/man1
  /usr/bin/install -c -m 755 -s histring /export/build/pkg/histring/bld/
histring-1.1.0_Simplified/debian/histring/usr/bin
  /usr/bin/install -c -m 644 debian/histring.1 /export/build/pkg/histring/
bld/histring-1.1.0_Simplified/debian/histring/usr/share/man/man1
  make[1]: Leaving directory '/export/build/pkg/histring/bld/
histring-1.1.0_Simplified'
     dh_installdocs
     dh_installchangelogs
     dh_installman
     dh_perl
     dh_link
     dh_compress
     dh_fixperms
     dh_strip
     dh_makeshlibs
     dh_shlibdeps
     dh_installdeb
     dh_gencontrol
     dh_md5sums
     dh_builddeb
  dpkg-deb: building package `histring' in `../
histring_1.1.0-2_amd64.deb'.
   dpkg-genchanges -b >../histring_1.1.0-2_amd64.changes
  dpkg-genchanges: binary-only upload (no source code included)
   dpkg-source -i --after-build histring-1.1.0_Simplified
  dpkg-buildpackage: binary-only upload (no source included)
  Now running lintian...
  warning: the authors of lintian do not recommend running it with root 
privileges!
  W: histring: hardening-no-relro usr/bin/histring
  Finished running lintian.

Note the second last line -- "hardening-no-relro".

>> > You are not using dh_auto_* commands nor exporting flags manually,
>> > hence dpkg-buildflags isn't used in the build process.
>> Would you mind telling me how to do it please? I'm reverting back to
>> such unnecessarily long d/rules because I wasn't able to put back the
>> auto- make rules back into the above short version.
> What "automake rules"?

Oh, I meant using './configure' to generate Makefile from Makefile.in or 
Makefile.am. I don't know how to put the rules in to start from there. 

thanks again

Reply to:

Follow-Ups:
- Re: Please help fix lintian hardening-no-relro problem
  - From: Azazel <azazel@azazel.net>
- Re: Please help fix lintian hardening-no-relro problem
  - From: Andrey Rahmatullin <wrar@debian.org>

References:
- Please help fix lintian hardening-no-relro problem
  - From: T o n g <mlist4suntong@yahoo.com>
- Re: Please help fix lintian hardening-no-relro problem
  - From: T o n g <mlist4suntong@yahoo.com>

Prev by Date: Bug#747169: RFS: socksjs-twisted/1.2.1-1 [ITP]
Next by Date: Bug#747032: RFS: libjs-zxcvbn/1.0+dfsg.1-1
Previous by thread: Re: Please help fix lintian hardening-no-relro problem
Next by thread: Re: Please help fix lintian hardening-no-relro problem
Index(es):
- Date
- Thread