[Touch-packages] [Bug 1824384] Re: libapparmor not built with -fPIC

Tue, 13 Aug 2019 15:26:14 -0700 

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => Medium

** Changed in: apparmor (Ubuntu)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1824384

Title:
  libapparmor not built with -fPIC

Status in apparmor package in Ubuntu:
  Triaged

Bug description:
  Attempted to build snap-confine with DEB_BUILD_MAINT_OPTIONS =
  hardening=+pie. The build fails with:

  mv -f snap-confine/.deps/snap_confine_snap_confine-user-support.Tpo 
snap-confine/.deps/snap_confine_snap_confine-user-support.Po                    
                         
  gcc -Wall -Wextra -Wmissing-prototypes -Wstrict-prototypes 
-Wno-missing-field-initializers -Wno-unused-parameter -Werror  
-DLIBEXECDIR=\"/usr/lib/snapd\" -DNATIVE_LIBDIR=\"/usr/lib\"     -g -O2 -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security   
-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -o snap-confine/snap-confine 
snap-confine/snap_confine_snap_confine-cookie-support.o 
snap-confine/snap_confine_snap_confine-mount-support-nvidia.o 
snap-confine/snap_confine_snap_confine-mount-support.o 
snap-confine/snap_confine_snap_confine-ns-support.o 
snap-confine/snap_confine_snap_confine-seccomp-support-ext.o 
snap-confine/snap_confine_snap_confine-seccomp-support.o 
snap-confine/snap_confine_snap_confine-snap-confine-args.o 
snap-confine/snap_confine_snap_confine-snap-confine-invocation.o 
snap-confine/snap_confine_snap_confine-snap-confine.o 
snap-confine/snap_confine_snap_confine-udev-support.o 
snap-confine/snap_confine_snap_confine-user-support.o  
libsnap-confine-private.a -ludev    -Wl,-Bstatic -lcap -lapparmor  
-Wl,-Bdynamic -pthread
  /usr/bin/ld: /lib/x86_64-linux-gnu/libapparmor.a(kernel.o): relocation 
R_X86_64_32 against `.rodata.str1.1' can not be used when making a shared 
object; recompile with -fPIC
  /lib/x86_64-linux-gnu/libapparmor.a: error adding symbols: Bad value
  collect2: error: ld returned 1 exit status

  By default, because of snapd reexec support on Ubuntu (and some other
  distros), snap-confine will try to link a static version libapparmor.
  It appears that libapparmor object files are built without -fPIC
  though.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1824384/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to