«前の日記(2012-05-26) 最新 次の日記(2012-05-28)» 編集

ポケットを空にして。

1985|10|
2004|01|02|03|04|05|06|07|08|09|10|11|12|
2005|01|02|03|04|05|06|07|08|09|10|11|12|
2006|01|02|03|04|05|06|07|08|09|10|11|12|
2007|01|02|03|04|05|06|07|08|09|10|11|12|
2008|01|02|03|04|05|06|07|08|09|10|11|12|
2009|01|02|03|04|05|06|07|08|09|10|11|12|
2010|01|02|03|04|05|06|07|08|09|10|11|12|
2011|01|02|03|04|05|06|07|08|09|10|11|12|
2012|01|02|03|04|05|06|07|08|09|10|11|12|
2013|01|02|03|04|05|06|07|08|09|10|11|12|
2014|01|02|03|04|05|06|07|08|09|10|11|12|
2100|01|

「人の心に残るというのが大事」と言う話。

何か連絡がある場合はメールでどうぞ(過去の日記へのツッコミは基本的にみていません)
プレゼントは随時受け付けております :-) ここ最近のツッコミ/トラックバックリスト。

  1. nogajun (05-21)
  2. henrich (05-20)
  3. ただただし (05-19)


2012-05-27 [長年日記]

pbuilder の hook

bash指定しなければいけないというのを踏んだ。直るといいな。

loqui hardening

libloqui/Makefile.am:110: `:='-style assignments are not portable
libloqui/Makefile.am:28: `CPPFLAGS' is a user variable, you should not override it;
libloqui/Makefile.am:28: use `AM_CPPFLAGS' instead.
libloqui/protocols/jabber/Makefile.am:36: `:='-style assignments are not portable
libloqui/protocols/jabber/Makefile.am:27: `CPPFLAGS' is a user variable, you should not override it;
libloqui/protocols/jabber/Makefile.am:27: use `AM_CPPFLAGS' instead.
src/Makefile.am:75: `:='-style assignments are not portable
src/Makefile.am:43: `CPPFLAGS' is a user variable, you should not override it;
src/Makefile.am:43: use `AM_CPPFLAGS' instead.

というログが出てきたので、こんなパッチ。

Index: loqui-0.5.3/libloqui/Makefile.am
===================================================================
--- loqui-0.5.3.orig/libloqui/Makefile.am       2012-05-27 03:44:52.188412512 +0900
+++ loqui-0.5.3/libloqui/Makefile.am    2012-05-27 03:50:19.996933067 +0900
@@ -25,7 +25,7 @@
 SUBDIRS = . protocols
 
 INCLUDES = $(GLIB_CFLAGS) $(GNET_CFLAGS) $(EXTRA_WARNING_CFLAGS) -I$(includedir) -I$(top_srcdir) -DG_LOG_DOMAIN=\"libloqui\"
-CPPFLAGS = -g -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
+AM_CPPFLAGS = -g -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
 
 %.c %.h %-private.h: %.gob
        gob2 --always-private-header $<
Index: loqui-0.5.3/libloqui/protocols/jabber/Makefile.am
===================================================================
--- loqui-0.5.3.orig/libloqui/protocols/jabber/Makefile.am      2012-05-27 03:44:52.188412512 +0900
+++ loqui-0.5.3/libloqui/protocols/jabber/Makefile.am   2012-05-27 03:50:40.108964981 +0900
@@ -24,7 +24,7 @@
 
 INCLUDES = $(GLIB_CFLAGS) $(GNET_CFLAGS) $(EXTRA_WARNING_CFLAGS) -I$(includedir) -I$(top_srcdir) -DG_LOG_DOMAIN=\"libloqui\"
 
-CPPFLAGS = -g -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
+AM_CPPFLAGS = -g -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
 
 %.c %.h %-private.h: %.gob
        gob2 --always-private-header $<
Index: loqui-0.5.3/src/Makefile.am
===================================================================
--- loqui-0.5.3.orig/src/Makefile.am    2012-05-27 03:44:52.188412512 +0900
+++ loqui-0.5.3/src/Makefile.am 2012-05-27 03:50:05.548910139 +0900
@@ -40,7 +40,7 @@
 bin_PROGRAMS = loqui
 
 INCLUDES = -I$(includedir) -I$(top_srcdir)/libloqui -I$(top_builddir)/libloqui -I$(top_srcdir) -I$(top_builddir) -DG_LOG_DOMAIN=\"Loqui\"
-CPPFLAGS =  $(GTK_CFLAGS) $(EXTRA_WARNING_CFLAGS) -g -DDATADIR=\""$(datadir)"\" $(GNET_CFLAGS) -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
+AM_CPPFLAGS =  $(GTK_CFLAGS) $(EXTRA_WARNING_CFLAGS) -g -DDATADIR=\""$(datadir)"\" $(GNET_CFLAGS) -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes
 
 
 loqui_SOURCES = \

で、build時には -D_FORTIFY_SOURCE=2 使おうとしているように見えるのだが、

gcc -DHAVE_CONFIG_H -I. -I.. -I/usr/include -I../libloqui -I../libloqui -I.. -I.. -DG_LOG_DOMAIN=\"Loqui\" -pthread -I/usr/include/gtk-2.0 -I/usr/lib/x86_64-linux-gnu/gtk-2.0/include -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/pango-1.0 -I/usr/include/gio-unix-2.0/ -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12    -g -DDATADIR=\""/usr/share"\"  -Wall -Wredundant-decls -Wmissing-declarations -Wmissing-prototypes -D_FORTIFY_SOURCE=2  -g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -c loqui-channel-entry-ui-data.c

ダメなんですなー

Setting up lintian (2.5.7) ...
+++ lintian output +++
I: loqui source: quilt-patch-missing-description CPPFLAGS
W: loqui: hardening-no-fortify-functions usr/bin/loqui
W: loqui: binary-without-manpage usr/bin/loqui
+++ end of lintian output +++

追記: AM_CPPFLAGS じゃなくて AM_CFLAGS 使う方がいいよ、と教えて貰った。あと今回の場合は hardening-no-fortify-functions でも大丈夫っぽい。

hardening、また別のパッケージでハマる

基本的には debhelper (>= 9) を使っていれば基本的なフラグが有効になる。
加えて、debian/rules に以下を記述していると使えるフラグが全有効になる。

export DEB_BUILD_MAINT_OPTIONS = hardening=+all

「Additionally there are two features, which are not enabled by default:」

  • Position independent executables (not enabled by default due to potential build failures)
  • -z now (not enabled by default due to potential application startup slowdown)

potential failure とか slowdownとか。ひっかかるなー

結論: man dpkg-buildflags せよ!

Multi-Arch 対応

Debian Wiki のページみればできるよ!