diff options
| author |   Sam James <sam@gentoo.org> | 2023-03-11 18:48:14 +0000 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2023-03-11 18:50:28 +0000 |
| commit | 68d4571e78f348eac41d64ba306ec2a8226ad17c (patch) | |
| tree | 5c59937fd245a1c702dee57705808032ed86ad41 /app-containers | |
| parent | app-containers/docker: fix pkg_postinst referencing removed IUSE=cli (diff) | |
| download | gentoo-68d4571e78f348eac41d64ba306ec2a8226ad17c.tar.gz gentoo-68d4571e78f348eac41d64ba306ec2a8226ad17c.tar.bz2 gentoo-68d4571e78f348eac41d64ba306ec2a8226ad17c.zip | |
app-containers/docker: drop USE=hardened hacks
1. These aren't needed on hardened systems anyway (we've had default PIE
on normal, non-hardened systems for years);
2. The relevant variables are gone upstream, see
https://github.com/moby/moby/commit/877baae03e1810b6a6afaa8b767b8df25f5c5cae,
which fails because of the grep sanity check in the ebuild (correctly);
3. If we did need to keep this check, we would need to do it based on a
e.g. toolchain-funcs function to check if the toolchain defaults to PIE,
but not based on USE=hardened.
Closes: https://bugs.gentoo.org/900849
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'app-containers')
| -rw-r--r-- | app-containers/docker/docker-23.0.1.ebuild | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/app-containers/docker/docker-23.0.1.ebuild b/app-containers/docker/docker-23.0.1.ebuild index e52d11e4501a..407387c83b71 100644 --- a/app-containers/docker/docker-23.0.1.ebuild +++ b/app-containers/docker/docker-23.0.1.ebuild @@ -253,14 +253,6 @@ src_compile() { fi done - if use hardened; then - sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die - grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' - sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ - -i hack/make/dynbinary-daemon || die - grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed' - fi - # build daemon ./hack/make.sh dynbinary || die 'dynbinary failed' } |