[PATCH] Remove the autoconf build system

Simo idra at samba.org
Mon May 27 08:46:34 MDT 2013


On 05/27/2013 10:36 AM, Andreas Schneider wrote:
> On Monday 27 May 2013 14:26:36 David Disseldorp wrote:
>> On Mon, 27 May 2013 21:26:16 +1000
>>
>> Andrew Bartlett <abartlet at samba.org> wrote:
>>>> I don't consider this a blocker for now, but I'd like to see configure
>>>> time PIE (--enable-pie) support re-added for vendors requiring address
>>>> space layout randomization.
>>> I would be very glad to work with you on this.  What compiler and linker
>>> flag to we need to add?
>> cflags='-fPIE' and ldflags='-pie' on GCC. So something like:
>>
>>      if Options.options.enable_pie == True:
>>          conf.ADD_CFLAGS('-fPIE')
>>          conf.ADD_LDFLAGS('-pie')
> We don't want to have these flags set for small short running binaries like
> net, wbinfo etc.
>
> Only the long running daemons should be compiled with PIE support!

Well it doesn't really hurt, for net and wbinfo etc...
They shouldn't be started frequently enough to matter.
It's easier to be consistent and build all binaries the same way I 
think, however if it is simple enough I am not opposed to being able to 
specify which binaries should be PIE and which ones shouldn't.

But if it is an all or nothing thing as I think it is, then we should 
have them all PIE.
I am certainly opposed to a fixed list of binaries set once in some 
file. If you need to select it should be a command line option or an 
environment variable so that it can be passed down by build systems and 
spec files.

Simo.



More information about the samba-technical mailing list