I don't have a more up-to-date straight Debian system to play with, all I have are Debian Jessie servers and Linux Mint desktops based on Ubuntu 18.04. In Jessie, the build process is putting -fPIE on all the CFLAGS and LDFLAGS lines. On the LIB_CFLAGS and DSO_CFLAGS this was causing a problem in that the -fPIE came later than -fPIC and was overriding it. I was able to correct the problem by a minor patch to the makefile template that reversed the order so that -fPIC came at the end, but this is inelegant.
What I am trying to understand is where in the build process the -fPIE cflag came from. On Ubuntu 18.04 systems it doesn't appear at all. On my Debian Jessie systems it's not coming from dpkg-buildflags - the output for that will be below. I want to fix my Jessie backport so that it's the Debian build system that is patched, and not the upstream makefile template, but I don't understand the build process well enough to even know where that flag is coming from. I do know it appears nowhere in upstream in any template or script, only in one comment about Android.
Suggestions on where it might be coming from?
Thanks
Code: Select all
~$ dpkg-buildflags
CFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security
CPPFLAGS=-D_FORTIFY_SOURCE=2
CXXFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security
FCFLAGS=-g -O2 -fstack-protector-strong
FFLAGS=-g -O2 -fstack-protector-strong
GCJFLAGS=-g -O2 -fstack-protector-strong
LDFLAGS=-Wl,-z,relro
OBJCFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security
OBJCXXFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security