Hi Hauke, tech-pkg@, On 10/07/2017 16:34, Hauke Fath wrote:
All, after the recent (?) addition of "PKGSRC_USE_FORTIFY", an editors/xemacs build on Arch Linux crashes in flames. Building on NetBSD comes with a slew of warnings, but appears to complete. Is there a per-package way of disabling the option? Cheerio, hauke (The topic, like many things pkgsrc, is not terribly visible. Googling for "PKGSRC_USE_FORTIFY" brings up eight hits.)
Well, I've been documenting it, and I am touring around the world to talk about it this year...
See: https://wiki.netbsd.org/pkgsrc/hardening/ https://www.netbsd.org/gallery/presentations/ (Hardening pkgsrc) I will present the latest progress again at EuroBSDCon in September.Some developers have been setting PKGSRC_USE_FORTIFY=no in individual packages already. I do not think it is very elegant, and there might be side effects (eg also disabling it for dependencies?) but it works for the moment.
Issues with FORTIFY are typically related to macros (or class methods, etc) using the same name as functions from the libc. We basically have about three months to fix them before the next freeze :)
HTH, -- khorben