From efb36d8c61b7d311eeb61f544d7112c4c62f6bcb Mon Sep 17 00:00:00 2001 From: jiehwan Date: Mon, 15 Jun 2020 18:43:38 +0900 Subject: [PATCH] modify build option to apply ASLR and set service uid/gid Change-Id: Ie576f77619784dcc10448d5590a3af9135b98b79 Signed-off-by: jiehwan --- CMakeLists.txt | 3 ++- packaging/setup-adaptor.service | 2 ++ packaging/setup-adaptor.spec | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 440b785..cf1627e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,8 +3,9 @@ PROJECT(setup-adaptor C) INCLUDE(FindPkgConfig) -SET(EXTRA_CFLAGS "-Wall -Werror-implicit-function-declaration -fvisibility=hidden") +SET(EXTRA_CFLAGS "-Wall -Werror-implicit-function-declaration -fvisibility=hidden -fpie") SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}") +SET(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -pie") SET(SETUP-ADAPTOR ${PROJECT_NAME}) diff --git a/packaging/setup-adaptor.service b/packaging/setup-adaptor.service index 02efdf2..e10043b 100644 --- a/packaging/setup-adaptor.service +++ b/packaging/setup-adaptor.service @@ -6,6 +6,8 @@ Requires=connman.service [Service] SmackProcessLabel=System Type=oneshot +User=system_fw +Group=system_fw ExecStart=/usr/bin/setup-adaptor [Install] diff --git a/packaging/setup-adaptor.spec b/packaging/setup-adaptor.spec index bf26255..86d1ad1 100755 --- a/packaging/setup-adaptor.spec +++ b/packaging/setup-adaptor.spec @@ -29,7 +29,7 @@ cp %{SOURCE1} ./ cp %{SOURCE2} ./ %build -export LDFLAGS+="-Wl,--as-needed" +export LDFLAGS+="-Wl,--as-needed,-z,noexecstack" MAJORVER=`echo %{version} | awk 'BEGIN {FS="."}{print $1}'` %cmake . \ -- 2.34.1