Newest at the top
2024-05-02 19:08:41 +0200 | <hseg> | if they're concerned, let them share the burden of finding a workable build |
2024-05-02 19:08:19 +0200 | <hseg> | giving up and opening this up to comments from the users of the package |
2024-05-02 19:08:05 +0200 | tromp | (~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl) |
2024-05-02 19:05:24 +0200 | peterbecich | (~Thunderbi@syn-047-229-123-186.res.spectrum.com) |
2024-05-02 19:04:27 +0200 | pavonia | (~user@user/siracusa) |
2024-05-02 18:56:40 +0200 | tromp | (~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl) (Quit: My iMac has gone to sleep. ZZZzzz…) |
2024-05-02 18:54:28 +0200 | <hseg> | pie is still a puzzle though |
2024-05-02 18:54:19 +0200 | <hseg> | given that that's no different from the previous behaviour, I'm tempted to drop it |
2024-05-02 18:53:55 +0200 | <hseg> | but at least it builds |
2024-05-02 18:53:50 +0200 | <hseg> | hrm. enabling relro (with --ld-options='-Wl,-z,relro,-z,now') still complains RELRO is only partially enabled |
2024-05-02 18:53:42 +0200 | jcarpenter2 | (~lol@2603:3016:1e01:b940:e453:9e02:8346:816a) (Read error: Connection reset by peer) |
2024-05-02 18:52:20 +0200 | <hseg> | Right. I'm testing using a statically linked cabal-install and a ghcup-versioned ghc |
2024-05-02 18:51:19 +0200 | <int-e> | hseg: I remember using Arch's ghc to build my own, then uninstalling the Arch one. So it was good enough for bootstrapping. |
2024-05-02 18:50:23 +0200 | euphores | (~SASL_euph@user/euphores) |
2024-05-02 18:47:25 +0200 | califax | (~califax@user/califx) |
2024-05-02 18:46:53 +0200 | califax | (~califax@user/califx) (Remote host closed the connection) |
2024-05-02 18:46:42 +0200 | philopsos | (~caecilius@user/philopsos) |
2024-05-02 18:43:11 +0200 | euphores | (~SASL_euph@user/euphores) (Quit: Leaving.) |
2024-05-02 18:41:40 +0200 | califax | (~califax@user/califx) |
2024-05-02 18:39:41 +0200 | <tomsmeding> | I concede there is something to be won here |
2024-05-02 18:39:31 +0200 | <tomsmeding> | unless you want to either make your life very difficult, or do the same and also evangelise in the haskell community, I'd recommend skipping PIE :p |
2024-05-02 18:39:08 +0200 | <tomsmeding> | right |
2024-05-02 18:39:02 +0200 | <hseg> | (eg am depending on cabal/stack for dependency resolution) |
2024-05-02 18:38:50 +0200 | <hseg> | but not for much else |
2024-05-02 18:38:45 +0200 | <hseg> | yeah, so I integrate my haskell-related stuff *slightly* in arch so pacman can track the files |
2024-05-02 18:38:17 +0200 | <hseg> | just missed your last three messages |
2024-05-02 18:36:35 +0200 | <tomsmeding> | logs link in topic if necessary |
2024-05-02 18:36:21 +0200 | <tomsmeding> | O.o |
2024-05-02 18:36:16 +0200 | <hseg> | Apologies, computer crashed |
2024-05-02 18:36:06 +0200 | hseg | (~gesh@77.137.75.224) |
2024-05-02 18:35:59 +0200 | <tomsmeding> | bye :p |
2024-05-02 18:35:45 +0200 | hseg | (~gesh@77.137.75.224) (Read error: Connection reset by peer) |
2024-05-02 18:34:19 +0200 | <tomsmeding> | "cabal install cabal-fmt" |
2024-05-02 18:34:16 +0200 | <tomsmeding> | hseg: that's what everyone here does, ignore anything haskell-related in the arch package repository and just use cabal/stack/whatever |
2024-05-02 18:33:24 +0200 | <int-e> | But I imagine you can still build GHC such that it builds the base libraries with -fPIE. So that's the tangent I'm on right now... but it will take a while to try. |
2024-05-02 18:33:18 +0200 | <hseg> | int-e: indeed, which is why I've been building all my haskell programs statically on Arch, sidestepping their entire haskell ecosystem |
2024-05-02 18:32:48 +0200 | <tomsmeding> | the answer seems to be, nothing is set up for that so you're on your own? |
2024-05-02 18:32:24 +0200 | <tomsmeding> | hseg's question now is "even if I link statically, can I at least get the security benefits of PIE" |
2024-05-02 18:32:19 +0200 | <int-e> | <s>Ask me about Arch</s> |
2024-05-02 18:32:10 +0200 | <tomsmeding> | we've gone over that :) |
2024-05-02 18:31:59 +0200 | <int-e> | The reason why Haskell libraries are generally linked statically is that there's no ABI compatibility between recompiled versions of the same library. |
2024-05-02 18:31:55 +0200 | <tomsmeding> | but yeah sorry, I thought I knew enough to help but I don't |
2024-05-02 18:31:14 +0200 | <int-e> | hseg: I'm on my own tangent which may or may not intersect with yours, sorry. |
2024-05-02 18:31:06 +0200 | <hseg> | ah |
2024-05-02 18:30:51 +0200 | <tomsmeding> | int-e was referring to the -fPIE note |
2024-05-02 18:30:34 +0200 | <hseg> | I'm confused -- why is it linking statically? |
2024-05-02 18:30:31 +0200 | tomsmeding | gives up |
2024-05-02 18:30:19 +0200 | califax | (~califax@user/califx) (Remote host closed the connection) |
2024-05-02 18:29:56 +0200 | <tomsmeding> | I see |
2024-05-02 18:29:40 +0200 | <int-e> | That's when trying to link statically; with -dynamic -pie I get a PIE executable that's dynamically linked. (Just a simple hello world, no `cabal` involved) |