From 12a73062d84fec27536b09fd275ea248d14b93e5 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 5 Jun 2013 14:03:41 +0200
Subject: rpm: Use hardened flags for RPM build

https://fedorahosted.org/sssd/ticket/1797

This patch adds the _hardened_build macro on platforms where it is
defined by the RPM. The macro amounts to compiling with cc
--spec=/usr/lib/rpm/redhat/redhat-hardened-cc1 and then linking with ld
--spec=/usr/lib/rpm/redhat/redhat-hardened-ld.

On Fedora 19, the gcc spec files contain -z now and fPIC or fPIE.
---
 contrib/sssd.spec.in | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'contrib/sssd.spec.in')

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 65832166b..c48a5de90 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -41,6 +41,10 @@
 # Determine the location of the LDB modules directory
 %global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
 
+%if (0%{?fedora} > 15 || 0%{?rhel} >= 7)
+%define _hardened_build 1
+%endif
+
 Name: @PACKAGE_NAME@
 Version: @PACKAGE_VERSION@
 Release: 0@PRERELEASE_VERSION@%{?dist}
-- 
cgit