qbittorrent/docker-qbittorrent-nox
1
0
Fork 0
mirror of https://github.com/qbittorrent/docker-qbittorrent-nox.git synced 2024-11-23 09:19:47 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add compiler flags for hardening

Browse Source
This commit is contained in:
Chocobo1 2023-01-05 14:14:34 +08:00
parent d41ed95510
commit d6712e43d2
No known key found for this signature in database
GPG Key ID: 210D9C873253A68C
2 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Dockerfile
View File

@ -3,8 +3,6 @@ FROM alpine:latest AS builder
ARG QBT_VERSION
# alpine linux qbittorrent package: https://git.alpinelinux.org/aports/tree/community/qbittorrent/APKBUILD
# Check environment variables
RUN \
if [ -z "$QBT_VERSION" ]; then \
@ -12,6 +10,17 @@ RUN \
exit 1 ; \
fi
# Compiler, linker options:
# https://gcc.gnu.org/onlinedocs/gcc/Option-Summary.html
# https://gcc.gnu.org/onlinedocs/gcc/Link-Options.html
# https://sourceware.org/binutils/docs/ld/Options.html
ENV CFLAGS="-pipe -fcf-protection -fstack-clash-protection -fstack-protector-strong -fno-plt -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS" \
CXXFLAGS="-pipe -fcf-protection -fstack-clash-protection -fstack-protector-strong -fno-plt -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS" \
LDFLAGS="-gz -Wl,-O1,--as-needed,--sort-common,-z,now,-z,relro"
# alpine linux packages:
# https://git.alpinelinux.org/aports/tree/community/libtorrent-rasterbar/APKBUILD
# https://git.alpinelinux.org/aports/tree/community/qbittorrent/APKBUILD
RUN \
apk --update-cache add \
boost-dev \
@ -36,7 +45,6 @@ RUN \
-B build \
-G Ninja \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DCMAKE_EXE_LINKER_FLAGS="-gz" \
-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON \
-DGUI=OFF \
-DQT6=ON && \

14
manual_build/Dockerfile
View File

@ -3,8 +3,6 @@ FROM alpine:latest AS builder
ARG QBT_VERSION
# alpine linux qbittorrent package: https://git.alpinelinux.org/aports/tree/community/qbittorrent/APKBUILD
# Check environment variables
RUN \
if [ -z "$QBT_VERSION" ]; then \
@ -12,6 +10,17 @@ RUN \
exit 1 ; \
fi
# Compiler, linker options:
# https://gcc.gnu.org/onlinedocs/gcc/Option-Summary.html
# https://gcc.gnu.org/onlinedocs/gcc/Link-Options.html
# https://sourceware.org/binutils/docs/ld/Options.html
ENV CFLAGS="-pipe -fcf-protection -fstack-clash-protection -fstack-protector-strong -fno-plt -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS" \
CXXFLAGS="-pipe -fcf-protection -fstack-clash-protection -fstack-protector-strong -fno-plt -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS" \
LDFLAGS="-gz -Wl,-O1,--as-needed,--sort-common,-z,now,-z,relro"
# alpine linux packages:
# https://git.alpinelinux.org/aports/tree/community/libtorrent-rasterbar/APKBUILD
# https://git.alpinelinux.org/aports/tree/community/qbittorrent/APKBUILD
RUN \
apk --update-cache add \
boost-dev \
@ -36,7 +45,6 @@ RUN \
-B build \
-G Ninja \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DCMAKE_EXE_LINKER_FLAGS="-gz" \
-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON \
-DGUI=OFF \
-DQT6=ON && \