blob: a3c2643d1410c53d4b733385ed102a520b538836 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From 828b826662638b78834332f9cf72f18ac1fbf86f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net>
Date: Sun, 17 Mar 2019 17:03:59 +0100
Subject: [PATCH] abuild.conf: enable PIE binaries by default for go as well
From `go help environment`:
GOFLAGS
A space-separated list of -flag=value settings to apply
to go commands by default, when the given flag is known by
the current command. Flags listed on the command-line
are applied after this list and therefore override it.
And from `go help build`:
-buildmode mode
build mode to use. See 'go help buildmode' for more.
Setting this environment variable in /etc/abuild.conf allows us to build
all go binaries on the builders as PIE without needing to patch the go
compiler itself.
---
abuild.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/abuild.conf b/abuild.conf
index 6721e7f..c00e31b 100644
--- a/abuild.conf
+++ b/abuild.conf
@@ -2,6 +2,7 @@ export CFLAGS="-Os -fomit-frame-pointer"
export CXXFLAGS="$CFLAGS"
export CPPFLAGS="$CFLAGS"
export LDFLAGS="-Wl,--as-needed"
+export GOFLAGS="-buildmode=pie"
export JOBS=2
export MAKEFLAGS=-j$JOBS
|
