-
Theodore Ts'o authored
The Build Log Hardening Check is a debian tool which scans the output of a package build making sure that the security hardening flags are used when compiling and linking all of binaries in a package. For the most part we were passing CFLAGS, CPPFLAGS, and LDFLAGS down to the compiler and link commands, but there there were one or two exceptions. In addition, there where a few places in "make install" where the V=1 option was not being honored, which triggered blhc warnings since it couldn't analyze those commands. The e2fsck.static was the only binary that was not getting built and packaged with the hardening flags, but I've fixed all of the blhc warnings so in the future it will be obvious if we regress. Signed-off-by:"Theodore Ts'o" <tytso@mit.edu>
c1986ecb
