Here are some build changes, on amd64. Linking (the symbolic-functions one is an ubuntu delta in system-wide build flags): -cc -g authbind.o -o authbind +cc -Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro authbind.o -o authbind
-cc -g helper.o -o helper +cc -Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro helper.o -o helper Building object files: authbind.o, and it's similar for helper.o and libauthbind.o: --- authbind.o.old 2024-12-06 15:17:06.648858576 -0300 +++ authbind.o.new 2024-12-06 15:16:57.902717367 -0300 @@ -3,18 +3,25 @@ authbind.o -c -DCONFIGDIR='"/etc/authbind"' +-D_FORTIFY_SOURCE=3 -D_GNU_SOURCE -DHELPER='"/usr/lib/authbind/helper"' -DLIBAUTHBIND='"/usr/lib/authbind/libauthbind.so.1"' -DMAJOR_VER='"1"' -DMINOR_VER='"0"' +-fcf-protection +-fdebug-prefix-map=/<<PKGBUILDDIR>>=/usr/src/authbind-2.2.0ubuntu1~ppa1 +-ffat-lto-objects +-ffile-prefix-map=/<<PKGBUILDDIR>>=. +-flto=auto +-fno-omit-frame-pointer +-fstack-clash-protection +-fstack-protector-strong -g +-mno-omit-leaf-frame-pointer -o --O2 --Wall --Wimplicit --Wmissing-prototypes --Wnested-externs --Wpointer-arith --Wstrict-prototypes --Wwrite-strings +-O3 +-Wdate-time +-Werror=format-security +-Werror=implicit-function-declaration +-Wformat Some of these may be ubuntu-specific, I haven't checked the debian build flags. But there are several changes of notice, like -Wall being dropped, _FORTIFY_SOURCE=3 in the case of ubuntu build flags, -O3, and other warning-specific flags. But I guess the question here is if we want the authbind package to adhere to the system-wide buildflags, and then perhaps have some overrides, or not. In the case of Ubuntu, this behavior was caught because we did a system-wide rebuild with frame-pointers enabled, and this was one of the packages we detected was not following the flags set by dpkg-buildflags. For reference, here is a dump of ubuntu's buildflags in plucky, the current devel release, run as the generic "ubuntu" user in a lxd plucky container: ASFLAGS= ASFLAGS_FOR_BUILD= CFLAGS=-g -O3 -Werror=implicit-function-declaration -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection CFLAGS_FOR_BUILD=-g -O3 -Werror=implicit-function-declaration -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=3 CPPFLAGS_FOR_BUILD=-Wdate-time -D_FORTIFY_SOURCE=3 CXXFLAGS=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection CXXFLAGS_FOR_BUILD=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection DFLAGS=-frelease DFLAGS_FOR_BUILD=-frelease FCFLAGS=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -fcf-protection FCFLAGS_FOR_BUILD=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -fcf-protection FFLAGS=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -fcf-protection FFLAGS_FOR_BUILD=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -fcf-protection LDFLAGS=-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -Wl,-z,relro LDFLAGS_FOR_BUILD=-flto=auto -ffat-lto-objects -Wl,-z,relro OBJCFLAGS=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection OBJCFLAGS_FOR_BUILD=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection OBJCXXFLAGS=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection OBJCXXFLAGS_FOR_BUILD=-g -O3 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -ffile-prefix-map=/home/ubuntu=. -flto=auto -ffat-lto-objects -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection RUSTFLAGS=-Cforce-frame-pointers=yes RUSTFLAGS_FOR_BUILD=
