|
Bugzilla – Full Text Bug Listing |
| Summary: | rpmlint does not check anymore for packages built without distro %{optflags} | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Tumbleweed | Reporter: | Guillaume GARDET <guillaume.gardet> |
| Component: | Basesystem | Assignee: | Dirk Mueller <dmueller> |
| Status: | NEW --- | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | CC: | dimstar, dmueller, fvogt, jengelh, meissner, security-team |
| Version: | Current | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
did some work on this and am surprised this ever worked in any reliable way: * build does bot pass the -debuginfo packages to rpmlint (the files with the relevant info are in -debuginfo though) https://github.com/openSUSE/obs-build/blob/9ae0e9ebdc4e447123386214a3735ccd8d0d7686/build-recipe-spec#L346 * rpmlint has no configuration for MandatoryOptflags (so the test is skipped in all cases) something like MandatoryOptFlags = ['-O2', '-Wall', '-D_FORTIFY_SOURCE=3', '-funwind-tables', '-fstack-clash-protection' ] If debuginfo is not enabled in the prj, then the binary/library would be expected to have the dwarf info embedded - but somehow that was also not true in my tests: > file libjson-c.so.5.3.0 libjson-c.so.5.3.0: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c98247ef95683cbaa5c37abc9acf4e67b54da8a6, not stripped > objdump libjson-c.so.5.3.0 --dwarf=info libjson-c.so.5.3.0: file format elf64-x86-64 To populate the right flags to check, we could do something like: ********** # boo#1217840 - Check for build with %%optflags list_of_flags=$(echo "%optflags" | tr " " "\n") mylist="MandatoryOptflags = [" for flag in $list_of_flags; do mylist="$mylist '$flag', " done mylist=${mylist::-2} mylist="$mylist]" echo $mylist > %{buildroot}%{_sysconfdir}/xdg/rpmlint/MandatoryOptflags.toml ********** in rpmlint.spec |
At some point, rpmlint checked for packages built without distro %{optflags}. This is not the case anymore. It was added upstream in https://github.com/rpm-software-management/rpmlint/issues/341 So, this should be a matter of setting MandatoryOptflags to the right settings?