Maintained by: NLnet Labs

[Unbound-users] CFLAGS are ignored/overridden in build environment

W.C.A. Wijngaards
Wed Oct 22 10:03:36 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Paul,

Paul Wouters wrote:
> Hi,
> 
> On Fedora 9 (x86_64) the CFLAGS as set by the build environment (eg
> rpmbuild) is lost and replaced with unbound's own settings as deduced
> by its configure command. On Fedora (x86_64) this means we lose:
> 
> -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic
> 
> I worked around this by using the following build section:
> 
> %build
> %{__make} CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE" QUIET=no %{?_smp_mflags}
> 
> Note that I had to hardcode -D_GNU_SOURCE, because when passing CFLAGS,
> this
> unbound specific flag is lost.

I am very sorry for that.  The reason we need to pick flags is for
portability.  Also, configure liked to give -g -O2 by itself, which
fails with non-gcc compilers.  That is why the CFLAGS were set.

> It would be nice if the build environment picked up the environment CFLAGS
> and merged in its own specific needs :)

I've committed svn r1317 that picks up the CFLAGS at configure time.

> If you want to grab the package under review, see:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=447847

Looks good.

In 1.1 there is going to be a remote-control feature, for which some TLS
keys need to be generated (unbound-control-setup script).  That could be
part of the RPM as well, and would be data that needs world-readable=no.

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkj+3lgACgkQkDLqNwOhpPhXKQCdFQFIe38yqzP7j4xmeKWd4Mt9
j2oAnRUKcHAPNfRyUuLUgWHB6TGypwCy
=XZuH
-----END PGP SIGNATURE-----