Hi!
My Tizonia snap (https://github.com/tizonia/tizonia-snap) keeps being flagged in armhf store builds.
Found files with executable stack.
...
Affected files: usr/lib/libspotify.so.12.1.103
I’ve been trying to get rid of this for a few days now, trying multiple combinations of the execstack command.
Initially, I thought the problem was that I was not providing the correct path to the offending library in the execstack command.
So I updated the ‘prepare’ scriptlet in the yaml file to contain this:
find / ! -readable -prune -o -type f -name "libspotify.so.*" -exec execstack --clear-execstack {} \; || true
From the logs, I can see that my brute force approach is definitely touching the offending file.
find: ‘/proc/12775/task/12775/fd/6’: No such file or directory
find: ‘/proc/12775/task/12775/fdinfo/6’: No such file or directory
find: ‘/proc/12775/fd/5’: No such file or directory
find: ‘/proc/12775/fdinfo/5’: No such file or directory
find: ‘/dev/.lxc/proc/12775/task/12775/fd/6’: No such file or directory
find: ‘/dev/.lxc/proc/12775/task/12775/fdinfo/6’: No such file or directory
find: ‘/dev/.lxc/proc/12775/fd/5’: No such file or directory
find: ‘/dev/.lxc/proc/12775/fdinfo/5’: No such file or directory
/usr/lib/libspotify.so.12.1.103
But still, no luck. The automated process keeps flagging this.
There’s obviously something I’m not seeing here. Any idea of what that might be?
I’ve also heard that snapcraft will automatically do this for us. Is that PR going to be released soon?
Thanks!