diff options
| author | Vincent Blut <vincent.debian@free.fr> | 2019-02-10 19:40:08 +0100 |
|---|---|---|
| committer | Vincent Blut <vincent.debian@free.fr> | 2019-02-10 19:40:08 +0100 |
| commit | 3913626e795ebf147631895a8d6f34dcc287d6a2 (patch) | |
| tree | d565a58207a08c5791f734077833a9930081eb61 | |
| parent | 74c9ec870e7ba45e0d56a0c86268603a770ca74d (diff) | |
d/rules: Don’t enable the system call filter on some architectures
| -rwxr-xr-x | debian/rules | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/debian/rules b/debian/rules index c9312c3..9ccf0bf 100755 --- a/debian/rules +++ b/debian/rules @@ -3,6 +3,8 @@ -include /usr/share/dpkg/buildtools.mk export CC +DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) + export DEB_BUILD_MAINT_OPTIONS=hardening=+all BASE=debian/chrony @@ -33,3 +35,11 @@ override_dh_install: override_dh_fixperms: dh_fixperms -X usr/share/chrony/chrony.keys + +override_dh_installinit: + dh_installinit +# Disable the system call filter on architectures mentioned below +# due to missing support in libseccomp and/or in the Linux kernel. +ifneq (,$(filter $(DEB_HOST_ARCH), alpha ia64 m68k riscv64 sh4 sparc64)) + sed -i '/DAEMON_OPTS=/s/"-F -1"/""/' $(BASE)/etc/default/chrony +endif |