This is too opinionated for the package itself, which is supposed to be
very open-ended about how something it is built. It should instead go
with the `NIX_CFLAGS_COMPILE = "-static"` that it is supposed to enable.
Problem: When building the patchelf RPM, zsh completions are installed (but not packaged). This causes an RPM build failure.
Solution: We need to identify the zsh completions in the generated RPM spec file.
Testing: I updated the RPM spec file and successfully built the RPM.
This reverts commit f163e8df3d.
We don't support riscv64 in hydra. This needs to be refactored to only
enable riscv64 in the flake but not in hydra jobs.
After commit ac212d0e6f the code to
rewrite alignment section has been changed to use the largest alignment
in the list of segments instead of the alignment that it's retrieved
using getPageSize().
Unfortunately the code didn't update the offset as well to keep the
invariant p_vaddr % alignment == p_offset % alignment.
Replace non-portable GNU `-i, --hardware-platform` with `-m[, --machine]`
to fix "unknown error" usage error on, e.g. OpenBSD.
Also fix the check's backwards logic. OpenBSD/spar64 now prints
-skipping test: not supported on x86_64 Linux
+skipping test: amd64 Linux required
Use pledge(2)[0] to limit patchelf(1) to read, write and create files.
It never deals with TTY, network, process management or other subsystems.
Do so immediately in main() since mainWrapped() itself parses files
whilst parsing command line arguments (--rename-dynamic-symbols).
This is to reduce patchelf's attack surface and potential damage when
dealing with untrusted ELF programs.
No behaviour change in tests or real world usage observed on
OpenBSD/amd64 7.4 (0.18.0 tests: 56/52/2/2 TOTAL/PASS/FAIL/SKIP).
0: https://man.openbsd.org/pledge.2
All tests pass.
Also explicitly specifies -no-pie for executables which should have it
disabled, to be compatible with gccs built with --enable-default-pie.
when building and then checking patchelf on openSUSE Leap 15.5, the
rename-dynamic-symbols.sh test fails. The test builds a test library
and executable called many-syms-main, then runs patchelf to rename
symbols and then checks that many-syms-main still runs successfully.
On Leap the run fails with many messages like
./many-syms-main: Symbol `f1947' causes overflow in R_X86_64_PC32 relocation
and then terminates with a Segmentation fault. The interesting bit is
that it however fails so even before patchelf touches it.
The binary is built and linked with option -pie which produces an
executable which is supposedly position independent but does not
actually contain code position independent code which requires
compiler option -fPIE (of -fpie or -fPIC or -fpic). As a result the
calls in the generated assembly do not go through the PLT.
This patch merely adresses that by adding the -fPIE option to the
CFLAGS for the test.
