Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]

To: Gianfranco Costamagna <locutusofborg@debian.org>, "846306@bugs.debian.org" <846306@bugs.debian.org>
Subject: Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
From: Christian Seiler <christian@iwakd.de>
Date: Thu, 22 Dec 2016 12:29:23 +0100
Message-id: <[🔎] 88397201-6293-0603-b77a-1df18e28b676@iwakd.de>
Reply-to: Christian Seiler <christian@iwakd.de>, 846306@bugs.debian.org
In-reply-to: <[🔎] 816049829.414436.1482404705171@mail.yahoo.com>
References: <efca15c7-b276-37a9-2f7d-b1eb99d81c0c@iwakd.de> <[🔎] fbc620b7-c868-2052-64e5-dc1276a4aeb1@iwakd.de> <[🔎] 816049829.414436.1482404705171@mail.yahoo.com>

Hi Gianfranco,

Thanks for taking care of this.

On 12/22/2016 12:05 PM, Gianfranco Costamagna wrote:
> 1) chmod a-x debian/ondir/usr/share/ondir/integration/*
> 
> why no dh_fixperms override?

I forgot about dh_fixperms, will change that in the next iteration.

> 2) 
> CFLAGS_FOR_MAKEFILE=$(shell dpkg-buildflags --get CPPFLAGS) $(shell dpkg-buildflags --get CFLAGS) -DVERSION=\"$(VERSION)\" -DGLOBAL_CONF=\"/etc/onddirrc\"
> 
> I prefer CFLAGS and then CPPFLAGS
> LDFLAGS_FOR_MAKEFILE=$(shell dpkg-buildflags --get CFLAGS) $(shell dpkg-buildflags --get LDFLAGS)
> 
> why CFLAGS in LDFLAGS?

Good question. I'll get back to you on that. I think I had a
reason for it, but I don't remember it. If there is a good
reason, I'll add a comment to d/rules, if there isn't, I'll
drop CFLAGS from there.

> why override dh_auto_build and dh_auto_install?
> probably exporting LDFLAGS and CFLAGS should work

No, it won't, because I have to override the variables in the
Makefile.

For a simple example, take the following Makefile:

CFLAGS = -O2
all:
	@echo $(CFLAGS)

Then you get:

env var:
$ CFLAGS=-O0 make
-O2

argument:
$ make CFLAGS=-O0
-O0

If one uses cmake or autoconf or similar, then environment variables
are sufficient. If the Makefile uses ?= to set the environment variables,
then as well. But since upstream's Makefile uses a plain and = for the
assignment of the environment variable, we need to override that
explicitly via an argument to make.

> 3) please ask upstream about the "+" in license

I've sent upstream an email about this.

> 4) missing hardening flags
> http://debomatic-amd64.debian.net/distribution#unstable/ondir/0.2.3+git0.55279f03-1/blhc

That's a false positive: since gcc now sets PIE by default on various
architectures (amd64 included), dpkg-buildflags doesn't pass it any
more.

The binary itself is PIE:

readelf -d /usr/bin/ondir | grep PIE
 0x000000006ffffffb (FLAGS_1)            Flags: NOW PIE

Compare the output of:

DEB_BUILD_MAINT_OPTIONS=hardening=+pie dpkg-buildflags --get CFLAGS

and

DEB_BUILD_MAINT_OPTIONS=hardening=-pie dpkg-buildflags --get CFLAGS

on both Jessie and Stretch/sid.

Once I hear back from upstream about GPL-2/2+, I'll get back to
you again. (With an updated package that also cleans up the other
issues.)

Regards,
Christian

Reply to:

Follow-Ups:
- Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
  - From: Peter Pentchev <roam@ringlet.net>
- Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
  - From: Christian Seiler <christian@iwakd.de>

References:
- Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
  - From: Christian Seiler <christian@iwakd.de>
- Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
  - From: Gianfranco Costamagna <locutusofborg@debian.org>

Prev by Date: Processed: Re: Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
Next by Date: Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
Previous by thread: Processed: Re: Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
Next by thread: Bug#846306: RFS: ondir/0.2.3+git0.55279f03-1 [ITP]
Index(es):
- Date
- Thread