strip: i686-pc-linux-gnu-strip --strip-unneeded usr/bin/gpgsplit usr/bin/gpg usr/bin/gpgv usr/libexec/gnupg/gpgkeys_hkp usr/libexec/gnupg/gpgkeys_finger usr/libexec/gnupg/gpgkeys_http QA Notice: the following files contain executable stacks Files with executable stacks will not work properly (or at all!) on some architectures/operating systems. A bug should be filed at http://bugs.gentoo.org/ to make sure the file is fixed. RWX --- --- usr/bin/gpg RWX --- --- usr/bin/gpgv !!! ERROR: app-crypt/gnupg-1.4.2-r3 failed. !!! Function dyn_install, Line 1121, Exitcode 0 !!! Aborting due to +x stack !!! If you need support, post the topmost build error, NOT this status message. Turn on FEATURES="stricter" to have emerge fail. This is also present in the current stable version so as such this does not prevent the newer version from going stable, but marking as a blocker so that people are aware of the issue. Portage 2.0.53_rc7 (default-linux/x86/2005.1, gcc-3.4.4, glibc-2.3.5-r3, 2.6.14-gentoo-r2 i686) ================================================================= System uname: 2.6.14-gentoo-r2 i686 Intel(R) Pentium(R) 4 CPU 2.40GHz Gentoo Base System version 1.12.0_pre11 ccache version 2.4 [enabled] dev-lang/python: 2.4.2 sys-apps/sandbox: 1.2.13 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.20-r1 virtual/os-headers: 2.6.11-r3 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium4 -pipe -mfpmath=sse -ffast-math -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/3/share/config /usr/share/X11/xkb /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/env.d/java/ /etc/gconf /etc/init.d /etc/java-config/vms/ /etc/splash /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=pentium4 -pipe -mfpmath=sse -ffast-math -fomit-frame-pointer" DISTDIR="/usr/src/distfiles" FEATURES="autoaddcvs autoconfig ccache collision-protect cvs distlocks fixpackages sandbox sfperms sign strict stricter verify-rdepend" GENTOO_MIRRORS=" http://trumpetti.atm.tut.fi/gentoo http://lame.lut.fi/linux/gentoo " LANG="en_US.utf8" LC_ALL="en_US.utf8" LINGUAS="fi" MAKEOPTS="-j2 " PKGDIR="/home/pkg/" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/mnt/checkouts/overlays/betelgeuse /mnt/checkouts/overlays/axxo" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 aac acl acpi alsa apm audiofile avi bash-completion berkdb bitmap-fonts bluetooth browserplugin bzip2 bzlib cdb cddb cdparanoia cdr crypt cups dbus divx4linux dts dvd dvdr dvdread emboss esd expat fam ffmpeg firefox foomaticdb freetype gif glut gstreamer gtk2 hal idn java jpeg kde kdeenablefinal lcms libg++ libwww logitech-mouse mad makecheck mikmod mjpeg mmx mmx2 mng mp3 mpeg ncurses network nptl nptlonly nsplugin nvidia offensive ogg oggvorbis opengl pam pcre pdflib png qt quicktime readline real rtc ruby samba spell sse sse2 ssl subversion svg symlink tcpd theora tiff truetype truetype-fonts type1-fonts udev unicode usb userlocales vorbis win32codecs xine xml xml2 xv xvid zlib video_cards_nvidia linguas_fi userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LDFLAGS
Created attachment 74466 [details, diff] gnupg-1.4.2-r3.ebuild.diff What about using --enable-noexecstack? From the README: --enable-noexecstack Pass option --noexecstack to as. Works only when using gcc.
Sorry, should have used posted this link in the first place: http://www.gentoo.org/proj/en/hardened/gnu-stack.xml#doc_chap6
I don't get the QA warning if I pass --enable-noexecstack, why fix something that isn't broken :-)?
readded --enable-noexecstack. not sure how/when it got dropped. Thanks guys and sorry it took so long. Petteri nice reference. I'll try to remember that one.