Package: collectd
Version: 4.10.4-1
Severity: important
Tags: patch
Please enabled hardened build flags through dpkg-buildflags.
Patch attached. (dpkg-buildflags abides "noopt" from DEB_BUILD_OPTIONS)
Cheers,
Moritz
diff -aur collectd-4.10.4.harden/debian/rules collectd-4.10.4/debian/rules
--- collectd-4.10.4.harden/debian/rules 2012-01-17 23:39:33.000000000 +0100
+++ collectd-4.10.4/debian/rules 2012-01-17 23:41:37.000000000 +0100
@@ -12,8 +12,10 @@
DEB_BUILD_ARCH ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
-CPPFLAGS = -I$(CURDIR)/debian/include
-CFLAGS = -Wall -g
+CPPFLAGS = `dpkg-buildflags --get CPPFLAGS`
+CPPFLAGS += -I$(CURDIR)/debian/include
+CFLAGS = `dpkg-buildflags --get CFLAGS`
+CFLAGS += -Wall
# There is no way to tell lt_dlopen() to use the RTLD_GLOBAL flag which is
# however required by the perl plugin (which would otherwise be unable to find
@@ -26,11 +28,7 @@
CPPFLAGS += -UCONFIGFILE
CPPFLAGS += -DCONFIGFILE='\"/etc/collectd/collectd.conf\"'
-ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS)))
- CFLAGS += -O0
-else
- CFLAGS += -O2
-endif
+LDFLAGS = `dpkg-buildflags --get LDFLAGS`
# The archdir map has been copied from openjdk-6's debian/rules.
JAVA_ARCHDIR_MAP = armel=arm hppa=parisc lpia=i386 powerpc=ppc powerpcspe=ppc sh4=sh
@@ -155,7 +153,7 @@
> debian/pkgconfig/OpenIPMIpthread.pc
PKG_CONFIG_PATH="$(CURDIR)/debian/pkgconfig:$$PKG_CONFIG_PATH" \
- ./configure $(confflags) CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" \
+ ./configure $(confflags) CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" \
JAVAC="$(JAVAC)" JAR="$(JAR)" JAVA_CPPFLAGS="$(JAVA_CPPFLAGS)" \
JAVA_LDFLAGS="$(JAVA_LDFLAGS)" \
|| ( status=$$?; cat config.log; exit $$status )
Nur in collectd-4.10.4/debian: rules~.
