From 746c2f76a305d4251f58f3327f8147f60a1be38f Mon Sep 17 00:00:00 2001
From: Silvino Silva <silvino@bk.ru>
Date: Mon, 9 Oct 2017 01:29:53 +0100
Subject: pkgmk.conf hardening revision

---
 core/conf/pkgmk.conf | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

(limited to 'core/conf')

diff --git a/core/conf/pkgmk.conf b/core/conf/pkgmk.conf
index 6949fa7..047ebc0 100644
--- a/core/conf/pkgmk.conf
+++ b/core/conf/pkgmk.conf
@@ -1,12 +1,21 @@
 #
 # /etc/pkgmk.conf: pkgmk(8) configuration
 #
+# ONLY FOR x86 64 PROCESSORS
+
+export CFLAGS="-Wall -Wextra -Wno-inline -Wundef -Wformat=2 -Wformat-security -Wformat-nonliteral -Wlogical-op -Wsign-compare -Wmissing-include-dirs -Wold-style-definition -Wpointer-arith -Winit-self -Wdeclaration-after-statement -Wfloat-equal -Wsuggest-attribute=noreturn -Wmissing-prototypes -Wstrict-prototypes -Wredundant-decls -Wmissing-declarations -Wmissing-noreturn -Wshadow -Wendif-labels -Wstrict-aliasing=2 -Wwrite-strings -Wno-long-long -Wno-overlength-strings -Wno-unused-parameter -Wno-missing-field-initializers -Wno-unused-result -Werror=overflow -Wdate-time -Wnested-externs"
+
+#-ffast-math -fno-common -fdiagnostics-show-option -fno-strict-aliasing -fvisibility=hidden -ffunction-sections -fdata-sections -ffat-lto-objects"
+
+CFLAGS="${CFLAGS} -fPIC -fPIE -fstack-protector -fstack-protector-strong --param=ssp-buffer-size=4 -fno-plt -fstack-check -g -O2 -march=x86-64 -pipe"
 
-export CPPFLAGS="-D_FORTIFY_SOURCE=2"
-export CFLAGS="-O2 -march=native -mtune=native -pipe -fPIC -fPIE -fstack-protector-strong --param=ssp-buffer-size=4 -fno-plt -fstack-check"
 export CXXFLAGS="${CFLAGS}"
-export LDFLAGS="-fPIE -pie -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
-export MAKEFLAGS="-j4"
+export CPPFLAGS="-Wp,-D_FORTIFY_SOURCE=2"
+
+#export LDFLAGS="-fPIE -pie -Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
+export LDFLAGS="-Wl,--as-needed -Wl,--no-undefined -Wl,--gc-sections -Wl,-z,relro -Wl,-z,now -pie"
+
+export MAKEFLAGS="-j$(nproc)"
 
 case ${PKGMK_ARCH} in
 	"64"|"")
@@ -23,9 +32,9 @@ case ${PKGMK_ARCH} in
 		;;
 esac
 
-PKGMK_SOURCE_MIRRORS=(https://crux.nu/distfiles/)
+#PKGMK_SOURCE_MIRRORS=(https://crux.nu/distfiles/)
 #PKGMK_SOURCE_MIRRORS=(https://crux.ster.zone/distfiles/)
-#PKGMK_SOURCE_MIRRORS=(https://c9.root.sx/ports/distfiles/)
+PKGMK_SOURCE_MIRRORS=(https://c9.root.sx/ports/distfiles/)
 PKGMK_SOURCE_DIR="/usr/ports/distfiles"
 PKGMK_PACKAGE_DIR="/usr/ports/packages"
 PKGMK_WORK_DIR="/usr/ports/work/$name"
-- 
cgit 1.4.1-2-gfad0