When compiling powerdns on 64-bit Arch Linux, I get the following errors from our package checker ("namcap"):
pdns E: Insecure RPATH '/usr/local/lib' in file ('usr/sbin/pdns_server')
pdns E: Insecure RPATH '/usr/local/lib' in file ('usr/bin/pdnssec')
pdns E: Insecure RPATH '/usr/local/lib' in file ('usr/bin/dnsreplay')
As you can see from the current [https://projects.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/pdns PKGBUILD], "/usr/local" is never passed to ./configure, only these options:
--with-dynmodules="ldap pipe gmysql gpgsql gsqlite3 geo"
Arch Linux normally doesn't use /usr/local at all and the prefix is set to "/usr".
I tried searching for "/usr/local" and replacing with "/usr" in configure and configure.ac, but the result was the same.
These are used:
Unless I've missed a configuration option, /usr/local/lib should not be included in the rpath.
Unable to edit the ticket to fix the formatting.
This issue is coming from boost.m4, unsure how to solve it. If I remove /usr/local/lib* from boost.m4, the problem goes away, but this probably introduces a new one...
http://wiki.debian.org/RpathIssue (thanks Maik)
fix bug in boost.m4 where it insists on setting -L, causing useless R…
…PATH in our binaries. Closes #728