unity-notifications

Merge lp:~lukas-kde/unity-notifications/enableHardening into lp:unity-notifications

  1. enableHardening
  2. Merge into trunk
Proposed by Lukáš Tinkl
Status: Merged
Approved by: Michał Sawicz
Approved revision: 240
Merged at revision: 240
Proposed branch: lp:~lukas-kde/unity-notifications/enableHardening
Merge into: lp:unity-notifications
Diff against target: 19 lines (+4/-1)
1 file modified
debian/rules (+4/-1)
To merge this branch: bzr merge lp:~lukas-kde/unity-notifications/enableHardening
Reviewer Review Type Date Requested Status
Unity8 CI Bot continuous-integration Approve
Unity API Team Pending
Review via email: mp+303443@code.launchpad.net

Commit message

Enable hardening security features

Description of the change

Enable hardening security features

https://wiki.debian.org/Hardening

With this patch:
$ hardening-check libnotifyplugin.so
libnotifyplugin.so:
 Position Independent Executable: no, regular shared library (ignored)
 Stack protected: yes
 Fortify Source functions: yes (some protected functions found)
 Read-only relocations: yes
 Immediate binding: yes

To post a comment you must log in.
Revision history for this message
Unity8 CI Bot (unity8-ci-bot) wrote :

PASSED: Continuous integration, rev:240
https://unity8-jenkins.ubuntu.com/job/lp-unity-notifications-ci/5/
Executed test runs:
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build/2612
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-0-fetch/2640
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-1-sourcepkg/release=vivid+overlay/2519
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-1-sourcepkg/release=xenial+overlay/2519
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-1-sourcepkg/release=yakkety/2519
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=vivid+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=vivid+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=xenial+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=xenial+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=yakkety/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=amd64,release=yakkety/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=vivid+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=vivid+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=xenial+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=xenial+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=yakkety/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=armhf,release=yakkety/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=vivid+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=vivid+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=xenial+overlay/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=xenial+overlay/2513/artifact/output/*zip*/output.zip
    SUCCESS: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=yakkety/2513
        deb: https://unity8-jenkins.ubuntu.com/job/build-2-binpkg/arch=i386,release=yakkety/2513/artifact/output/*zip*/output.zip

Click here to trigger a rebuild:
https://unity8-jenkins.ubuntu.com/job/lp-unity-notifications-ci/5/rebuild

review: Approve (continuous-integration)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/rules'
2--- debian/rules 2013-06-27 14:46:15 +0000
3+++ debian/rules 2016-08-19 16:35:57 +0000
4@@ -5,6 +5,10 @@
5 #export DH_VERBOSE=1
6
7 export DPKG_GENSYMBOLS_CHECK_LEVEL=4
8+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
9+DPKG_EXPORT_BUILDFLAGS = 1
10+
11+include /usr/share/dpkg/default.mk
12
13 %:
14 dh $@ --parallel --fail-missing
15@@ -14,4 +18,3 @@
16 # thus to use relwithdebinfo, which is defining -DNDEBUG which are
17 # breaking the tests
18 dh_auto_configure -- -DCMAKE_BUILD_TYPE=''
19-

Subscribers

People subscribed via source and target branches

to all changes: