summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild')
-rw-r--r--sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild18
1 files changed, 17 insertions, 1 deletions
diff --git a/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild b/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild
index ebf8c24bee74..142ca6d672e6 100644
--- a/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild
+++ b/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild,v 1.2 2004/05/30 02:15:00 lv Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.3.3_pre20040529.ebuild,v 1.3 2004/05/30 15:03:30 lv Exp $
IUSE="nls pic build nptl erandom"
@@ -439,6 +439,20 @@ src_unpack() {
# Fix permissions on some of the scripts
chmod u+x ${S}/scripts/*.sh
+
+ # disable -z relro
+ use hardened || sed -e 's/^have-z-relro.*/have-z-relro = no/' -i ${S}/config.make.in
+ # disables building nscd as pie
+ use hardened || sed -e 's/^have-fpie.*/have-fpie = no/' -i ${S}/config.make.in
+ # disable binutils -as-needed, useful, if glibc should not depend on libgcc_s.so
+ sed -e 's/^have-as-needed.*/have-as-needed = no/' -i ${S}/config.make.in
+ # disable execstack (the patch is used by rh for gcc < 3.3.3)
+ #use hardened || epatch ${FILESDIR}/2.3.3/glibc-execstack-disable.patch
+ #use hardened || sed -e 's/^ASFLAGS-config.*/ASFLAGS-config =/' -i ${S}/config.make.in
+ # mandatory, if binutils supports relro and the kernel is pax/grsecurity enabled
+ # solves almost all segfaults building the locale files on grsecurity enabled kernels
+ # lv_* remaining (it could depend on bind-now enabled later)
+ use hardened && sed -e 's/^LDFLAGS-rtld += $(relro.*/LDFLAGS-rtld += -Wl,-z,norelro/' -i ${S}/Makeconfig
}
setup_flags() {
@@ -493,6 +507,8 @@ src_compile() {
use erandom || myconf="${myconf} --disable-dev-erandom"
+ use hardened && myconf="${myconf} --enable-bind-now"
+
if use_nptl
then
local kernelheaders="$(get_KHV "`KV_to_int ${MIN_NPTL_KV}`")"