From: Kevin P. Fleming Date: Thu, 24 Sep 2020 11:42:46 +0000 (-0400) Subject: builder-support: Improve consistency of Debian Stretch/Buster configurations X-Git-Tag: auth-4.4.0-beta1~1^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fe31b88597de057aa352b6c297cb6a3c3c791e87;p=thirdparty%2Fpdns.git builder-support: Improve consistency of Debian Stretch/Buster configurations (Also applies to all post-Xenial Ubuntu builds since they use these configurations too) * Use debhelper version 10.x on both distributions * Use consistent logic for enabling systemd support * Remove unnecessary --parallel flags (default mode in debhelper 10.x) * Always use architecture.mk and pkg-info.mk to set DEB_* variables * Enable warnings and hardening on Stretch builds Signed-off-by: Kevin P. Fleming --- diff --git a/builder-support/debian/authoritative/debian-buster/compat b/builder-support/debian/authoritative/debian-buster/compat index ec635144f6..f599e28b8a 100644 --- a/builder-support/debian/authoritative/debian-buster/compat +++ b/builder-support/debian/authoritative/debian-buster/compat @@ -1 +1 @@ -9 +10 diff --git a/builder-support/debian/authoritative/debian-buster/control b/builder-support/debian/authoritative/debian-buster/control index 533352390f..a11956d906 100644 --- a/builder-support/debian/authoritative/debian-buster/control +++ b/builder-support/debian/authoritative/debian-buster/control @@ -9,11 +9,10 @@ Build-Depends: autoconf, autotools-dev, bison, curl, - debhelper (>= 9.20160114~), + debhelper (>= 10), default-libmysqlclient-dev, dh-autoreconf, dh-systemd, - dpkg-dev (>= 1.17.0~), flex, libboost-dev, libboost-program-options-dev, diff --git a/builder-support/debian/authoritative/debian-buster/rules b/builder-support/debian/authoritative/debian-buster/rules index 304916cf02..22779b1756 100755 --- a/builder-support/debian/authoritative/debian-buster/rules +++ b/builder-support/debian/authoritative/debian-buster/rules @@ -11,9 +11,10 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all # Backends backends := bind ldap pipe gmysql godbc gpgsql gsqlite3 geoip lmdb lua2 remote random tinydns -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system +DH_ARGS += --with systemd else CONFIGURE_ARGS += --disable-systemd endif @@ -22,8 +23,7 @@ endif %: dh $@ \ --with autoreconf \ - --with systemd \ - --parallel + $(DH_ARGS) override_dh_auto_configure: test -f pdns/dnslabeltext.cc && mv pdns/dnslabeltext.cc debian/dnslabeltext.cc.moved || true diff --git a/builder-support/debian/authoritative/debian-stretch/compat b/builder-support/debian/authoritative/debian-stretch/compat index ec635144f6..f599e28b8a 100644 --- a/builder-support/debian/authoritative/debian-stretch/compat +++ b/builder-support/debian/authoritative/debian-stretch/compat @@ -1 +1 @@ -9 +10 diff --git a/builder-support/debian/authoritative/debian-stretch/control b/builder-support/debian/authoritative/debian-stretch/control index 533352390f..a11956d906 100644 --- a/builder-support/debian/authoritative/debian-stretch/control +++ b/builder-support/debian/authoritative/debian-stretch/control @@ -9,11 +9,10 @@ Build-Depends: autoconf, autotools-dev, bison, curl, - debhelper (>= 9.20160114~), + debhelper (>= 10), default-libmysqlclient-dev, dh-autoreconf, dh-systemd, - dpkg-dev (>= 1.17.0~), flex, libboost-dev, libboost-program-options-dev, diff --git a/builder-support/debian/authoritative/debian-stretch/rules b/builder-support/debian/authoritative/debian-stretch/rules index 28e42be93b..14bbc43c41 100755 --- a/builder-support/debian/authoritative/debian-stretch/rules +++ b/builder-support/debian/authoritative/debian-stretch/rules @@ -1,14 +1,20 @@ #!/usr/bin/make -f -DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) -DEB_HOST_ARCH_BITS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_BITS) -DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk + +# (Re-)Enable warnings +CXXFLAGS += -Wall + +# Turn on all hardening flags, as we're a networked daemon. +export DEB_BUILD_MAINT_OPTIONS = hardening=+all # Backends backends := bind ldap pipe gmysql godbc gpgsql gsqlite3 geoip lmdb lua2 remote random tinydns -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system +DH_ARGS += --with systemd else CONFIGURE_ARGS += --disable-systemd endif @@ -18,8 +24,7 @@ endif %: dh $@ \ --with autoreconf \ - --with systemd \ - --parallel + $(DH_ARGS) override_dh_auto_configure: test -f pdns/dnslabeltext.cc && mv pdns/dnslabeltext.cc debian/dnslabeltext.cc.moved || true diff --git a/builder-support/debian/dnsdist/debian-buster/control b/builder-support/debian/dnsdist/debian-buster/control index 66cd8a9dd9..0e2f77ba4b 100644 --- a/builder-support/debian/dnsdist/debian-buster/control +++ b/builder-support/debian/dnsdist/debian-buster/control @@ -3,7 +3,7 @@ Section: net Priority: optional Maintainer: PowerDNS.COM BV Uploaders: PowerDNS.COM BV -Build-Depends: debhelper (>= 10~), +Build-Depends: debhelper (>= 10), libboost-all-dev, libcap-dev, libcdb-dev, diff --git a/builder-support/debian/dnsdist/debian-buster/rules b/builder-support/debian/dnsdist/debian-buster/rules index 42533bfda0..71b1950e12 100755 --- a/builder-support/debian/dnsdist/debian-buster/rules +++ b/builder-support/debian/dnsdist/debian-buster/rules @@ -1,7 +1,6 @@ #!/usr/bin/make -f -# See debhelper(7) (uncomment to enable) -# output every command that modifies files on the build system. -#DH_VERBOSE = 1 +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk # Enable hardening features for daemons export DEB_BUILD_MAINT_OPTIONS=hardening=+bindnow,+pie @@ -12,16 +11,19 @@ include /usr/share/dpkg/default.mk # for atomic support on powerpc (automatic on mipsel) LDFLAGS += -latomic -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system +DH_ARGS += --with systemd else CONFIGURE_ARGS += --disable-systemd endif %: - dh $@ + dh $@ \ + --with autoreconf \ + $(DH_ARGS) override_dh_auto_clean: rm -f dnslabeltext.cc diff --git a/builder-support/debian/dnsdist/debian-stretch/control b/builder-support/debian/dnsdist/debian-stretch/control index 1cb8a7dd57..fc4fe07e15 100644 --- a/builder-support/debian/dnsdist/debian-stretch/control +++ b/builder-support/debian/dnsdist/debian-stretch/control @@ -3,7 +3,7 @@ Section: net Priority: optional Maintainer: Debian DNS Packaging Uploaders: Chris Hofstaedtler -Build-Depends: debhelper (>= 10~), +Build-Depends: debhelper (>= 10), libboost-dev, libcap-dev, libcdb-dev, diff --git a/builder-support/debian/dnsdist/debian-stretch/rules b/builder-support/debian/dnsdist/debian-stretch/rules index e058f0e252..d255665a09 100755 --- a/builder-support/debian/dnsdist/debian-stretch/rules +++ b/builder-support/debian/dnsdist/debian-stretch/rules @@ -1,7 +1,6 @@ #!/usr/bin/make -f -# See debhelper(7) (uncomment to enable) -# output every command that modifies files on the build system. -#DH_VERBOSE = 1 +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk # Enable hardening features for daemons export DEB_BUILD_MAINT_OPTIONS=hardening=+bindnow,+pie @@ -12,16 +11,19 @@ include /usr/share/dpkg/default.mk # for atomic support on powerpc (automatic on mipsel) LDFLAGS += -latomic -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system +DH_ARGS += --with systemd else CONFIGURE_ARGS += --disable-systemd endif %: - dh $@ + dh $@ \ + --with autoreconf \ + $(DH_ARGS) override_dh_auto_clean: rm -f dnslabeltext.cc diff --git a/builder-support/debian/recursor/debian-buster/control b/builder-support/debian/recursor/debian-buster/control index 289190b678..f99d737a40 100644 --- a/builder-support/debian/recursor/debian-buster/control +++ b/builder-support/debian/recursor/debian-buster/control @@ -3,7 +3,7 @@ Section: net Priority: extra Standards-Version: 4.1.2 Maintainer: PowerDNS.COM BV -Build-Depends: debhelper (>= 10~), +Build-Depends: debhelper (>= 10), dh-autoreconf, dh-systemd [linux-any], libboost-all-dev, diff --git a/builder-support/debian/recursor/debian-buster/rules b/builder-support/debian/recursor/debian-buster/rules index 1680d6c86e..1274a166de 100755 --- a/builder-support/debian/recursor/debian-buster/rules +++ b/builder-support/debian/recursor/debian-buster/rules @@ -1,5 +1,6 @@ #!/usr/bin/make -f -DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk # Enable hardening features for daemons # Note: blhc (build log hardening check) will find these false positives: CPPFLAGS 2 missing, LDFLAGS 1 missing @@ -8,7 +9,7 @@ DPKG_EXPORT_BUILDFLAGS = 1 # Include buildflags.mk so we can append to the vars it sets. include /usr/share/dpkg/buildflags.mk -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system DH_ARGS += --with systemd diff --git a/builder-support/debian/recursor/debian-stretch/control b/builder-support/debian/recursor/debian-stretch/control index 289190b678..f99d737a40 100644 --- a/builder-support/debian/recursor/debian-stretch/control +++ b/builder-support/debian/recursor/debian-stretch/control @@ -3,7 +3,7 @@ Section: net Priority: extra Standards-Version: 4.1.2 Maintainer: PowerDNS.COM BV -Build-Depends: debhelper (>= 10~), +Build-Depends: debhelper (>= 10), dh-autoreconf, dh-systemd [linux-any], libboost-all-dev, diff --git a/builder-support/debian/recursor/debian-stretch/rules b/builder-support/debian/recursor/debian-stretch/rules index 1680d6c86e..1274a166de 100755 --- a/builder-support/debian/recursor/debian-stretch/rules +++ b/builder-support/debian/recursor/debian-stretch/rules @@ -1,5 +1,6 @@ #!/usr/bin/make -f -DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk # Enable hardening features for daemons # Note: blhc (build log hardening check) will find these false positives: CPPFLAGS 2 missing, LDFLAGS 1 missing @@ -8,7 +9,7 @@ DPKG_EXPORT_BUILDFLAGS = 1 # Include buildflags.mk so we can append to the vars it sets. include /usr/share/dpkg/buildflags.mk -# Disable systemd integration on non-linux archs +# Only enable systemd integration on Linux operating systems ifeq ($(DEB_HOST_ARCH_OS),linux) CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system DH_ARGS += --with systemd