Re:

To: Pilisi Gergely <mail.pilisig@gmail.com>, "debian-mentors@lists.debian.org" <debian-mentors@lists.debian.org>
Subject: Re:
From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Date: Mon, 9 Nov 2015 09:15:21 +0000 (UTC)
Message-id: <[🔎] 1263445991.2810161.1447060521684.JavaMail.yahoo@mail.yahoo.com>
Reply-to: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
In-reply-to: <[🔎] CAH8gnGWWAYYz1Pfa4EDMdYyLF5FEp0v7SBURhN-Hm7EC2LRPNw@mail.gmail.com>
References: <[🔎] CAH8gnGWWAYYz1Pfa4EDMdYyLF5FEp0v7SBURhN-Hm7EC2LRPNw@mail.gmail.com>

Hi,

>I'm struggling with the creation of a Debian package. The problem is the hardening part. I tried everything what the Hardening Guide suggested, but no success so >far.>Lintian always throws a lot of warning  about hardening-no-relro: 


AFAIR this is a linker flag

https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_RELRO_.28ld_-z_relro.29
>Now running lintian...
>W: eclipse-titan: hardening-no-relro usr/bin/compiler
>
>W: eclipse-titan: hardening-no-relro usr/bin/mctr_cli
>W: eclipse-titan: hardening-no-relro usr/bin/tcov2lcov
>W: eclipse-titan: hardening-no-relro usr/bin/ttcn3_logfilter
>
>... and so on.

Here is my debian/rules file:

>override_dh_auto_install:
>$(MAKE) DESTDIR=$$(pwd)/debian/eclipse-titan prefix=/usr install
>cp -aR $$(pwd)/Install/bin/* $$(pwd)/debian/eclipse-titan/usr/bin/
>cp -aR $$(pwd)/Install/include/* $$(pwd)/debian/eclipse-titan/usr/include/titan/
>cp -aR $$(pwd)/Install/lib/* $$(pwd)/debian/eclipse-titan/usr/lib/titan/
>cp -aR $$(pwd)/Install/man/man1/* $$(pwd)/debian/eclipse-titan/usr/share/man/man1/
>cp -aR $$(pwd)/Install/demo/* $$(pwd)/debian/eclipse-titan/usr/share/titan/demo/
>cp -aR $$(pwd)/Install/etc/* $$(pwd)/debian/eclipse-titan/usr/share/titan/etc/
>mv $$(pwd)/debian/eclipse-titan/usr/bin/ttcn3_archive.pl $$(pwd)/debian/eclipse-titan/usr/share/titan/etc/scripts/
>rm -fR $$(pwd)/debian/eclipse-titan/usr/share/titan/etc/asciiart/ 
>cp -aR $$(pwd)/Install/help/* $$(pwd)/debian/eclipse-titan/usr/share/titan/help/


this isn't useful for build/link issues
>I don't know what's the problem here. Can somebody help me to solve this please?


you can start by: 

export DH_VERBOSE=1, try to enable VERBOSE builds in your package, look if flags are overridden somewhere

e.g. in makefiles a line like
"LDFLAGS ="

means: do not use externally passed link flags

lines like
./Makefile.cfg:LDFLAGS = $(MINGW)

./etc/autotest/titan_builder.py:          makefile_cfg_new.write('LDFLAGS = %s\n' % config['ldflags'])

./compiler2/makefile.c:          "LDFLAGS = %s%s\n\n"


might give you hints or be source of troubles

anyway I don't see any LDFLAGS in the build log

e.g.
g++  -fPIC -o mctr_cli Cli_main.o MctrError.o MainController.o UserInterface.o config_data.o ../../common/memory.o ../../common/config_preproc.o ../../common/config_preproc_la.o ../../common/config_preproc_p.tab.o ../../common/path.o ../../common/NetworkHandler.o ../../common/Path2.o ../../core/RInt.o ../../core/Textbuf.o ../cli/libcli.a ../editline/build/src/.libs/libedit.a \
-lcrypto -lncurses -lpthread 


and BTW you shouldn't in my opinion use static libraries (well, they are internal so you might even not consider this as a problem)

find  . -name configure.ac
./mctr2/editline/libedit/configure.ac

you might want to run autoreconf here ^^^

cheers,

G.

Reply to:

References:
- [no subject]
  - From: Pilisi Gergely <mail.pilisig@gmail.com>

Prev by Date: Bug#804524: RFS: node-es6-shim/0.33.10+ds-1 (already in Debian: new version)
Next by Date: Bug#804524: marked as done (RFS: node-es6-shim/0.33.10+ds-1 (already in Debian: new version))
Previous by thread: [no subject]
Next by thread: Bug#804524: RFS: node-es6-shim/0.33.10+ds-1 (already in Debian: new version)
Index(es):
- Date
- Thread