"Kevin F. Quinn (Gentoo)" <[EMAIL PROTECTED]> posted [EMAIL PROTECTED], excerpted below, on Fri, 12 May 2006 12:51:57 +0200:
> We (hardened) haven't had the time to investigate further, and we don't > want to complicate the stabilisation effort of modular X (which is a big > enough job as it is) so we've left it as it is for the moment. Nice maybe clickable bug URL: http://bugs.gentoo.org/show_bug.cgi?id=110506 I'm still of the opinion that as long as people only following the advice in the portage QA SUID warning, to set LDFLAGS="-Wl,-z,now", end up with a broken package, it shouldn't be stabilized. Merging the xorg-server ebuild itself invokes that warning, yet anyone following its advice ends up with a broken xorg-server. Are users expected to ignore instructions now? That's why I can't see how it can be stabilized under current conditions. Either there needs to be a way to block that message from portage (yeah, not likely), or the ebuild needs to be able to correct for the situation where a user actually /does/ follow the instructions (seems more reasonable). This won't resolve the hardened spec-file angle, but I can verify that a simple call to flagomatic's filter-ldflags solves the following instructions angle, as I have LDFLAGS="-Wl,-z,now" set in make.conf, and routinely modify the xorg-server and xf86-video-ati ebuilds in my overlay, to invoke the filter-ldflags call. It works. As for upstream, there's a comment from Ajax on the bug indicating they will try to fix it by 7.1, but no promises. Apparently, the elfloader compatibility stuff in 7.0 made it essentially impossible. If I'm not mistaken (and I might be), 6.9/7.0 was the last release supporting that, with 7.1 completing the switch to dlloader and removing the elfloader compatibility stuff, thus enabling a solution. I'm running 7.1-rc2 ATM, and still had to add the filter-ldflags call to make it work, so while the solution might be possible with 7.1, it's not yet implemented, and 7.2 would be the new target. Whatever solution Gentoo comes up with is therefore now known to be needed at least for 7.0 and 7.1. Hopefully, by 7.2, the solution will be included upstream. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman -- gentoo-dev@gentoo.org mailing list
