Kevin F. Quinn (Gentoo) wrote: > The current solution (bail if -z,now is set in the compiler specs) is > not one suggested by the hardened team, just need to make that clear, > and it's not something we would encourage elsewhere. However until we > can provide a solution for such a high-profile package we are not going > to make a fuss. > > Our suggestion was to 'append-flags -nonow' on the server and video > driver builds, but when a helpful user tried it, it wasn't enough - > we simply haven't had the resource to work it out properly yet.
Oh, OK, let's argue semantics. It's suggested by a hardened user on a bug the hardened team is CC'd on, but the team didn't say anything was wrong with the change. > With regards to Duncan's (non-hardened) problem, adding: > > filter-ldflags -Wl,-z,now > > to x-modular.eclass as he suggests should be fine; his issue is > different to that with the hardened compiler in as much as he has added > the '-Wl,-z,now' to LDFLAGS as advised by the QA message and the above > filter will just remove it again; whereas to deal with the hardened > compiler we need to reliably add a flag to all the relevant link > commands (the bit that takes the effort is working out which are > relevant). Now I'm confused. Do you want this filter instead of the current situation, in addition to, or what? This is exactly why I asked for a patch. Thanks, Donnie
signature.asc
Description: OpenPGP digital signature
