From 7538d41b2cc3d5a8c01ef85b59ac6908e888ff48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
 <congdanhqx@gmail.com>
Date: Sat, 12 Sep 2020 07:07:13 +0700
Subject: [PATCH 01/20] build-style: go: default to pie, trimpath

---
 common/build-style/go.sh             | 29 ++++++++++++++++++++--------
 common/environment/build-style/go.sh |  1 -
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/common/build-style/go.sh b/common/build-style/go.sh
index 33a5dcf3ee8240..64ac4e57f9cc25 100644
--- a/common/build-style/go.sh
+++ b/common/build-style/go.sh
@@ -5,7 +5,7 @@
 do_configure() {
 	# $go_import_path must be set, or we can't link $PWD into $GOSRCPATH
 	# nor build from modules
-	if [ -z "$go_import_path" ]; then
+	if [ -z "${go_import_path}" ]; then
 		msg_error "\"\$go_import_path\" not set on $pkgname template.\n"
 	fi
 
@@ -23,13 +23,26 @@ do_configure() {
 
 do_build() {
 	# remove -s and -w from go_ldflags, we should let xbps-src strip binaries itself
-	for wd in $go_ldflags; do
-		if [ "$wd" == "-s" ] || [ "$wd" == "-w" ]; then
-			msg_error "$pkgname: remove -s and -w from go_ldflags\n"
+	for wd in ${go_ldflags}; do
+		if [ "${wd}" == "-s" ] || [ "$wd" == "-w" ]; then
+			msg_error "${pkgname}: remove -s and -w from go_ldflags\n"
 		fi
 	done
 
 	: ${go_package:=$go_import_path}
+	local buildmode
+	if [ -z "${nopie}" ]; then
+		buildmode=-buildmode=pie
+
+		# The linker checks the host sysroot, breaking static PIE musl cross builds
+		if [ -n "${CROSS_BUILD}" ] && [ "${XBPS_TARGET_LIBC}" = "musl" ]; then
+			case "${XBPS_TARGET_MACHINE}" in
+				aarch64*)
+					go_ldflags+=" -I /lib/ld-musl-aarch64.so.1"
+					;;
+			esac
+		fi
+	fi
 	# Build using Go modules if there's a go.mod file
 	if [ "${go_mod_mode}" != "off" ] && [ -f go.mod ]; then
 
@@ -38,7 +51,7 @@ do_build() {
 		fi
 
 		# Check if go_import_path matches module
-		if [ "module $go_import_path" != "$(grep '^module' go.mod | head -n1)" ]; then
+		if [ "module ${go_import_path}" != "$(grep '^module' go.mod | head -n1)" ]; then
 			msg_error "\"\$go_import_path\" doesn't match the one defined in go.mod!\n"
 		fi
 
@@ -50,20 +63,20 @@ do_build() {
 			# default behavior.
 			go_mod_mode=
 		fi
-		go install -p "$XBPS_MAKEJOBS" -mod="${go_mod_mode}" -modcacherw -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
+		go install -p "${XBPS_MAKEJOBS}" -mod="${go_mod_mode}" ${buildmode} -trimpath -modcacherw -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
 		if [[ -n "${_go_mod_path}" ]]; then
 			popd
 		fi
 	else
 		# Otherwise, build using GOPATH
-		go install -p "$XBPS_MAKEJOBS" -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
+		go install -p "${XBPS_MAKEJOBS}" ${buildmode} -trimpath -v -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${go_package}
 	fi
 }
 
 do_check() {
 	: ${make_check_target:=./...}
 
-	${make_check_pre} go test -p "$XBPS_MAKEJOBS" -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${make_check_args} ${make_check_target}
+	${make_check_pre} go test -p "${XBPS_MAKEJOBS}" -tags "${go_build_tags}" -ldflags "${go_ldflags}" ${make_check_args} ${make_check_target}
 }
 
 do_install() {
diff --git a/common/environment/build-style/go.sh b/common/environment/build-style/go.sh
index 223bba83ff11b4..92a049411e0fbe 100644
--- a/common/environment/build-style/go.sh
+++ b/common/environment/build-style/go.sh
@@ -4,7 +4,6 @@ if [ -z "$hostmakedepends" -o "${hostmakedepends##*gcc-go-tools*}" ]; then
 		archs="aarch64* armv[567]* i686* x86_64* ppc64le* riscv64*"
 	fi
 	hostmakedepends+=" go"
-	nopie=yes
 else
 	# gccgo compiler
 	if [ -z "$archs" ]; then

From 48606d7006da8c4c1072071111b702eee2d6fdb2 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:01:32 -0500
Subject: [PATCH 02/20] cni-plugins: set nopie

---
 srcpkgs/cni-plugins/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/cni-plugins/template b/srcpkgs/cni-plugins/template
index a6a846a3836083..7eb6aa191d929e 100644
--- a/srcpkgs/cni-plugins/template
+++ b/srcpkgs/cni-plugins/template
@@ -11,6 +11,7 @@ homepage="https://github.com/containernetworking/plugins"
 changelog="https://github.com/containernetworking/plugins/releases"
 distfiles="https://github.com/containernetworking/plugins/archive/refs/tags/v${version}.tar.gz"
 checksum=95b639f8ccbb714da98e331ef8813f790d447fce5417f2f8a575f3c62bfb1474
+nopie=unverified
 
 do_build() {
 	./build_linux.sh \

From ce79720713c812f9cf65fb3f3450d750bd2cd758 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:02:54 -0500
Subject: [PATCH 03/20] coyim: set nopie

---
 srcpkgs/coyim/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/coyim/template b/srcpkgs/coyim/template
index 03d6d4f05cc905..6053f2a60082e4 100644
--- a/srcpkgs/coyim/template
+++ b/srcpkgs/coyim/template
@@ -12,6 +12,7 @@ license="GPL-3.0-only"
 homepage="https://coy.im"
 distfiles="https://github.com/coyim/coyim/archive/v${version}.tar.gz"
 checksum=f2bf1e73562fbcc3a0b264a30f92dfe427dffe2046e9f44459087ecac5890098
+nopie=unverified
 
 case "$XBPS_TARGET_MACHINE" in
 	x86_64*) ;;

From 7802faf5e7a1e78f9761f3375c5c60fd06651eb0 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:03:42 -0500
Subject: [PATCH 04/20] kubernetes: set nopie

---
 srcpkgs/kubernetes/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/kubernetes/template b/srcpkgs/kubernetes/template
index 4847e1c516054d..43f93db5720d90 100644
--- a/srcpkgs/kubernetes/template
+++ b/srcpkgs/kubernetes/template
@@ -17,6 +17,7 @@ nocross=yes
 system_accounts="kube"
 make_dirs="/var/lib/kubelet 0755 kube kube"
 conf_files="/etc/kubernetes/*"
+nopie=unverified
 
 do_build() {
 	export GOLDFLAGS=""

From eec9d5d284d25602dab20deb7b409b0462de6bfe Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:04:26 -0500
Subject: [PATCH 05/20] moby: set nopie

---
 srcpkgs/moby/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/moby/template b/srcpkgs/moby/template
index d3c74d694ac7d0..2aa2a50584bbe4 100644
--- a/srcpkgs/moby/template
+++ b/srcpkgs/moby/template
@@ -17,6 +17,7 @@ distfiles="https://github.com/moby/moby/archive/docker-v${version}.tar.gz"
 checksum=89ef4a0f681ae2c9f7449591243e1e932d86e6086ac3392a47da80c10b1a3d58
 system_groups="docker"
 make_check=no # no other tests are available
+nopie=unverified
 
 do_build() {
 	export AUTO_GOPATH=1

From 69e3912e48bb4688c3c7630a1a380e022e6a43d8 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Tue, 28 Nov 2023 16:05:07 -0500
Subject: [PATCH 06/20] nncp: set nopie

---
 srcpkgs/nncp/template | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/srcpkgs/nncp/template b/srcpkgs/nncp/template
index 788d9c4a0d4bb2..ea537719a7d74d 100644
--- a/srcpkgs/nncp/template
+++ b/srcpkgs/nncp/template
@@ -10,7 +10,8 @@ license="GPL-3.0-only"
 homepage="http://www.nncpgo.org/"
 distfiles="http://www.nncpgo.org/download/${pkgname}-${version}.tar.xz"
 checksum=8ce3680e98005198d8975e031760b3a9b33be6d2d61844c799f778ca233d05f4
-make_check=no
+make_check=no # cannot find packages
+nopie=unverified
 
 do_build() {
 	./build

From e4e255c707eabb08d0ed07ca5939fa91327f45ed Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 7 Jan 2024 20:59:34 +0100
Subject: [PATCH 07/20] grafana: set nopie

---
 srcpkgs/grafana/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/grafana/template b/srcpkgs/grafana/template
index f44ea57bbe2e75..a556d733ffe948 100644
--- a/srcpkgs/grafana/template
+++ b/srcpkgs/grafana/template
@@ -29,6 +29,7 @@ make_dirs="/var/log/grafana 0755 _grafana _grafana
 conf_files="/etc/grafana/grafana.ini"
 
 go_ldflags="-X main.version=${version}"
+nopie=unverified
 
 post_extract() {
 	# remove prebuilt binaries

From 996736f728d1a2e374cfa57d6ff2af0f3c135507 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Sat, 14 Feb 2026 17:01:37 -0500
Subject: [PATCH 08/20] gofumpt: set nopie

---
 srcpkgs/gofumpt/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/gofumpt/template b/srcpkgs/gofumpt/template
index 12dce0ec5bde73..e2f96727350f26 100644
--- a/srcpkgs/gofumpt/template
+++ b/srcpkgs/gofumpt/template
@@ -10,7 +10,7 @@ license="BSD-3-Clause"
 homepage="https://github.com/mvdan/gofumpt"
 distfiles="https://github.com/mvdan/gofumpt/archive/refs/tags/v${version}.tar.gz"
 checksum=acff9518cf4ad3550ca910b9254fc8a706494d6a105fe2e92948fedc52a42a5b
-
+nopie=unverified
 export CGO_ENABLED=0
 
 post_install() {

From a31ac4c045179e6fa4125811341be0b95c508388 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Sat, 14 Feb 2026 17:02:54 -0500
Subject: [PATCH 09/20] rclone: set nopie

---
 srcpkgs/rclone/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/rclone/template b/srcpkgs/rclone/template
index 4eea2981aeb0f3..e308633aec1780 100644
--- a/srcpkgs/rclone/template
+++ b/srcpkgs/rclone/template
@@ -17,6 +17,7 @@ changelog="https://raw.githubusercontent.com/rclone/rclone/master/docs/content/c
 distfiles="https://downloads.rclone.org/v${version}/rclone-v${version}.tar.gz"
 checksum=6834040157185e6ae38a6d6d673d63342d6c0f5ed2b244e5235a54d531330297
 make_check_pre="env RCLONE_CONFIG=/notfound CI=1"
+nopie=unverified
 
 pre_build() {
 	if [ "$CROSS_BUILD" ] && [ "$XBPS_TARGET_LIBC" = musl ]; then

From 94f7eef3cb2b91f50a01503d835b071f838c6c02 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:11:58 +0800
Subject: [PATCH 10/20] walker: set nopie

---
 srcpkgs/walker/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/walker/template b/srcpkgs/walker/template
index 87abb2a1394832..bc99c4473c89e2 100644
--- a/srcpkgs/walker/template
+++ b/srcpkgs/walker/template
@@ -17,6 +17,7 @@ changelog="https://github.com/abenz1267/walker/releases"
 distfiles="https://github.com/abenz1267/walker/archive/v${version}.tar.gz"
 checksum=ad8f3570b67bf27ecb42e647f65715ffda2212db58870e6b23ea206d209859d8
 make_check=no # no tests and slog warnings make it fail
+nopie=unverified
 
 do_build() {
 	# build_style=go uses "go install" which has no -o flag and the

From 3608021e00ab65ca471df99cd6e4329735661612 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:12:27 +0800
Subject: [PATCH 11/20] cri-tools: set nopie

---
 srcpkgs/cri-tools/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/cri-tools/template b/srcpkgs/cri-tools/template
index a02954e9966ad2..0a67136a844e96 100644
--- a/srcpkgs/cri-tools/template
+++ b/srcpkgs/cri-tools/template
@@ -11,6 +11,7 @@ license="Apache-2.0"
 homepage="https://github.com/kubernetes-sigs/cri-tools"
 distfiles="https://github.com/kubernetes-sigs/cri-tools/archive/v${version}.tar.gz"
 checksum=2d48319be933df77c660fbfe7efef8c3d61bbde6787e2f33725bcc519858b287
+nopie=unverified
 
 do_build() {
 	make ${makejobs}

From 6b32e6b2fbcef2b5755bc725177987541897e6eb Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:13:01 +0800
Subject: [PATCH 12/20] eduvpn-common: set nopie

---
 srcpkgs/eduvpn-common/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/eduvpn-common/template b/srcpkgs/eduvpn-common/template
index b112940aa92089..49b595418e4109 100644
--- a/srcpkgs/eduvpn-common/template
+++ b/srcpkgs/eduvpn-common/template
@@ -11,7 +11,7 @@ license="MIT"
 homepage="https://www.eduvpn.org/"
 distfiles="https://codeberg.org/eduVPN/eduvpn-common/releases/download/${version}/eduvpn-common-${version}.tar.xz"
 checksum=5b97feaaf14456ee3eb30853c1c78c2b166de541d8f8ee1db7ea0d0ccfc812c3
-
+nopie=unverified
 subpackages="eduvpn-cli"
 
 if [ "$XBPS_TARGET_LIBC" = "glibc" ]; then

From 4a141efbb2a0ef37654cca0a176f5ab3b306edf0 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:13:27 +0800
Subject: [PATCH 13/20] podman: set nopie

---
 srcpkgs/podman/template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/srcpkgs/podman/template b/srcpkgs/podman/template
index c3ee00fff589cd..40fdb6d1fd14ae 100644
--- a/srcpkgs/podman/template
+++ b/srcpkgs/podman/template
@@ -22,6 +22,7 @@ distfiles="https://github.com/containers/podman/archive/v${version}.tar.gz
  https://github.com/containers/container-libs/archive/refs/tags/common/v${_container_libs_common}.tar.gz"
 checksum="b20ea65afc5a58ea1cea019bd51a5d84eb9042d25d3eb82c55010c8815732d84
  5438aa7763acd6d0ddb39426bec20bc344c53161716d88a9d75ac1fed0172b64"
+nopie=unverified
 
 case $XBPS_TARGET_MACHINE in
 	aarch64* | x86_64*) ;;

From 34b38c3aa42497636ab09df965dd71f8ab7c8f35 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:15:25 +0800
Subject: [PATCH 14/20] booster: drop pie, it is default

---
 srcpkgs/booster/template | 1 -
 1 file changed, 1 deletion(-)

diff --git a/srcpkgs/booster/template b/srcpkgs/booster/template
index cad01484f04d5a..0c5e0c577a5ce4 100644
--- a/srcpkgs/booster/template
+++ b/srcpkgs/booster/template
@@ -18,7 +18,6 @@ alternatives="
  initramfs:/etc/kernel.d/post-install/20-initramfs:/usr/libexec/booster/kernel-hook-postinst
  initramfs:/etc/kernel.d/post-remove/20-initramfs:/usr/libexec/booster/kernel-hook-postrm
 "
-export GOFLAGS="-buildmode=pie"
 
 post_build() {
 	( cd init && CGO_ENABLED=0 go install -p "${XBPS_MAKEJOBS}" -mod=readonly -v -buildmode=default )

From 2e52e800e749f55f3926fee5139a164c43584bd6 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:16:28 +0800
Subject: [PATCH 15/20] containerd: drop pie, it is default

---
 srcpkgs/containerd/template | 1 -
 1 file changed, 1 deletion(-)

diff --git a/srcpkgs/containerd/template b/srcpkgs/containerd/template
index d4500021e4a4fc..3b3d0aafa1d6f2 100644
--- a/srcpkgs/containerd/template
+++ b/srcpkgs/containerd/template
@@ -26,7 +26,6 @@ make_dirs="/var/lib/containerd 0755 root root"
 
 # Cross builds fail with -fuse-ld=gold
 LDFLAGS="-fuse-ld=bfd"
-export GOFLAGS="-buildmode=pie"
 
 post_build() {
 	# Build the man pages

From 6be1fc94faf5c012d51bc1078cc8805a27ae7205 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:17:18 +0800
Subject: [PATCH 16/20] gopass: drop pie, it is default

---
 srcpkgs/gopass/template | 2 --
 1 file changed, 2 deletions(-)

diff --git a/srcpkgs/gopass/template b/srcpkgs/gopass/template
index 68f3aa6bfa81bc..4ec7828edb3630 100644
--- a/srcpkgs/gopass/template
+++ b/srcpkgs/gopass/template
@@ -17,8 +17,6 @@ distfiles="https://github.com/gopasspw/gopass/archive/refs/tags/v${version}.tar.
 checksum=33451a782b66266c59560a5ec7f4e34c104c501a36b445fc574fad71e3b3d884
 make_check_pre="env GOPASS_BINARY=${GOPATH}/bin/gopass"
 
-export GOFLAGS="-buildmode=pie"
-
 post_install() {
 	vlicense LICENSE
 	vman gopass.1

From 41a9e56b026c8c53b143d3b3638735882f2dfc1f Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:18:02 +0800
Subject: [PATCH 17/20] incus: drop pie, it is default

---
 srcpkgs/incus/template | 1 -
 1 file changed, 1 deletion(-)

diff --git a/srcpkgs/incus/template b/srcpkgs/incus/template
index bca6658811b50a..8de51b6b66e89d 100644
--- a/srcpkgs/incus/template
+++ b/srcpkgs/incus/template
@@ -25,7 +25,6 @@ make_dirs="
  /var/log/incus 0755 root root"
 
 export CGO_LDFLAGS_ALLOW="(-Wl,-wrap,pthread_create)|(-Wl,-z,now)"
-export GOFLAGS="-buildmode=pie"
 
 post_build() {
 	CGO_ENABLED=0 go install -p "${XBPS_MAKEJOBS}" -v -tags netgo -buildmode=default "${go_import_path}/cmd/incus-migrate"

From 7cf6ee20812e07bfb903e95b48011edaf3a4a0d6 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:18:22 +0800
Subject: [PATCH 18/20] sbctl: drop pie, it is default

---
 srcpkgs/sbctl/template | 1 -
 1 file changed, 1 deletion(-)

diff --git a/srcpkgs/sbctl/template b/srcpkgs/sbctl/template
index ee66ad1db41b14..5b6a38fbbdf0da 100644
--- a/srcpkgs/sbctl/template
+++ b/srcpkgs/sbctl/template
@@ -17,7 +17,6 @@ homepage="https://github.com/Foxboron/sbctl"
 distfiles="https://github.com/Foxboron/sbctl/archive/${version}.tar.gz"
 checksum=7aa2af7b50d42abe39eb4875069ae5cd3fb8406d067d7a58b029c8270bacd14d
 make_dirs="/var/lib/sbctl 0700 root root"
-export GOFLAGS="-buildmode=pie"
 
 post_install() {
 	make man

From 115e970bb15617d634f5dc349de2fbe6dc44c271 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Fri, 6 Mar 2026 11:27:05 +0800
Subject: [PATCH 19/20] docker-machine: fix SHA256 mismatch

---
 srcpkgs/docker-machine/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/docker-machine/template b/srcpkgs/docker-machine/template
index bb86a7854ee4f5..1566da5e6d25bd 100644
--- a/srcpkgs/docker-machine/template
+++ b/srcpkgs/docker-machine/template
@@ -10,4 +10,4 @@ maintainer="Sergi Alvarez <pancake@nopcode.org>"
 license="Apache-2.0"
 homepage="https://github.com/docker/machine/"
 distfiles="https://github.com/docker/machine/archive/v${version}.tar.gz"
-checksum=af8bff768cd1746c787e2f118a3a8af45ed11679404b6e45d5199e343e550059
+checksum=f333d6dc8976d2c5b0c5e62fb46bce50423e72e3c9210aa77dd6363683db24bf

From 1755858f6c6ca7189f3ad67161f04901480aa176 Mon Sep 17 00:00:00 2001
From: dkwo <npiazza@disroot.org>
Date: Tue, 10 Mar 2026 17:57:02 +0800
Subject: [PATCH 20/20] kubo: nopie on cross

---
 srcpkgs/kubo/template | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/srcpkgs/kubo/template b/srcpkgs/kubo/template
index 88903ee3f08c73..49fcd0dd57c225 100644
--- a/srcpkgs/kubo/template
+++ b/srcpkgs/kubo/template
@@ -22,6 +22,10 @@ system_accounts="_ipfs"
 make_dirs="/var/lib/ipfs 0700 _ipfs _ipfs"
 _ipfs_homedir="/var/lib/ipfs"
 
+if [ "$CROSS_BUILD" ]; then
+	nopie=unverified
+fi
+
 pre_build() {
 	export CGO_ENABLED=0
 }