Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to build with PIE buildmode #158

Closed
cryptomilk opened this issue Jul 30, 2019 · 6 comments
Closed

How to build with PIE buildmode #158

cryptomilk opened this issue Jul 30, 2019 · 6 comments

Comments

@cryptomilk
Copy link

cryptomilk commented Jul 30, 2019
edited

How do you build position independent executables (PIE) with promu?

For go it is:

go build -buildmode=pie

I'm trying to get a prometheus binary with PIE enabled which is normally required by distributions.
@simonpasquier
Copy link
Member

You can to the flags entry in .promu.yml

@cryptomilk
Copy link
Author

I've tried, but the resulting binary is not a PIE binary.

@cryptomilk
Copy link
Author 

magrathea:~ # hardening-check /usr/bin/prometheus 
/usr/bin/prometheus:
 Position Independent Executable: no, normal executable!
 Stack protected: no, not found!
 Fortify Source functions: unknown, no protectable libc functions used
 Read-only relocations: yes
 Immediate binding: no, not found!

@cryptomilk
Copy link
Author

Also adding -extldflags=-pie to ldflags: doesn't help.

@cryptomilk
Copy link
Author

Strange that RELRO worked.

@simonpasquier
Copy link
Member

promu build is just a wrapper around go build and promu build -v will show you the executed command.

@zmedico zmedico mentioned this issue Nov 27, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cryptomilk @simonpasquier