From Fedora Project Wiki
Important.png
Comments and Explanations
The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "view source" link.
Copy the source to a new page before making changes! DO NOT EDIT THIS TEMPLATE FOR YOUR CHANGE PROPOSAL.
Idea.png
Guidance
For details on how to fill out this form, see the documentation.


%set_build_flags for %build and %check

Summary

Call %set_build_flags macro automatically at the beginning of the %build and %check phases of RPM builds in Fedora Linux. This will ensure that the compiler flag environment variables are set for every RPM build.

Owner


Current status

  • Targeted release: Fedora Linux 36
  • Last updated: 2021-12-09
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

The %set_build_flags macro exports common environment variables used for building packages:

  • CFLAGS
  • CXXFLAGS
  • FFLAGS
  • FCFLAGS
  • LDFLAGS
  • LT_SYS_LIBRARY_PATH
  • CC
  • CXX

These environment variables are set to the compiler flags defined in the system RPM configuration. This macro is currently implicitly called when packages use some of the build system helper macros, like %configure, %cmake, and %meson. However, not all packages use these macros and so some packages do not use the correct compiler flags as required by the Fedora packaging guidelines[1].

This change will be implemented by updating the %__spec_build_pre and %__speck_check_pre macros in redhat-rpm-config to include %set_build_flags. This will set these environment variables automatically before the %build and %check sections. See the proposed implementation for more details.

The purpose for making this change in both the %build and %check sections is because sometimes test code gets built in the %check sections for unit tests and this will ensure that the application code and its tests are built with the same set of flags.

This change should have no impact on packages that already use %set_build_flags either directly or indirectly through another macro. And packages will still be able to override these environment variables in the %build or %check section or make changes to the build flags by modifying the %{build*_flags} macros.

[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_compiler_flags

Feedback

Benefit to Fedora

This change will ensure that more packages are using the correct compiler flags, and bring them in compliance with the Fedora packaging guidelines. It will also help improve the security of the distribution as many of the compiler flags help defend against common security attacks.

Scope

  • Proposal owners:
    • Make the necessary changes to redhat-rpm-config.
    • Help debug any issues uncovered by this change during the mass rebuild.
  • Other developers:
    • Report bugs to the proposal owner.
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

How To Test

This change will be tested as part of the mass rebuild.

User Experience

This change will make some packages less susceptible to security exploits.

Dependencies

Contingency Plan

  • Contingency mechanism: The proposal owner will revert the change in redhat-rpm-config
  • Contingency deadline: Beta Freeze
  • Blocks release? No

Documentation

N/A (not a System Wide Change)

Release Notes