Apologies if this is just a duplicate, but I couldn't find it using the search so I'm entering it anyway. I'm trying to install RT (following the instructons at http://wiki.bestpractical.com/index.cgi?GentooInstallGuide ). Here's a snippet from the install, where compilation of dev-perl/Params-Validate-0.79 fails and gives a fairly good explaination as to why: Installing /var/tmp/portage/Params-Validate-0.79/image/usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/Attribute/Params/Validate.pm Writing /var/tmp/portage/Params-Validate-0.79/image//usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/auto/Params/Validate/.packlist Appending installation info to /var/tmp/portage/Params-Validate-0.79/image//usr/lib/perl5/5.8.7/x86_64-linux/perllocal.pod man: prepallstrip: strip: strip --strip-unneeded usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/auto/Params/Validate/Validate.so scanelf: rpath_security_checks(): Security problem NULL DT_RPATH in /var/tmp/portage/Params-Validate-0.79/image//usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/auto/Params/Validate/Validate.so scanelf: rpath_security_checks(): Security problem NULL DT_RUNPATH in /var/tmp/portage/Params-Validate-0.79/image//usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/auto/Params/Validate/Validate.so QA Notice: the following files contain insecure RUNPATH's Please file a bug about this at http://bugs.gentoo.org/ For more information on this issue, kindly review: http://bugs.gentoo.org/81745 usr/lib/perl5/vendor_perl/5.8.7/x86_64-linux/auto/Params/Validate/Validate.so !!! ERROR: dev-perl/Params-Validate-0.79 failed. !!! Function dyn_install, Line 1057, Exitcode 0 !!! Insecure binaries detected !!! If you need support, post the topmost build error, NOT this status message. --- Here's the output of emerge --info: Portage 2.0.54 (default-linux/amd64/2005.0, gcc-3.4.3, glibc-2.3.5-r2, 2.6.9 x86_64) ================================================================= System uname: 2.6.9 x86_64 AMD Opteron(tm) Processor 246 Gentoo Base System version 1.6.13 ccache version 2.3 [disabled] dev-lang/python: 2.3.5-r2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.15.90.0.1.1-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=k8 -pipe -funroll-all-loops -fomit-frame-pointer -finline-functions" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib64/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=k8 -pipe -funroll-all-loops -fomit-frame-pointer -finline-functions" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://trumpetti.atm.tut.fi/gentoo/" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://shiny.dev.wordmap.com/gentoo-portage" USE="amd64 3ds X509 apache2 aper ared aredmem async audiofile authdaemond avi ba-completion bcmath bzlib calendar cdb cddb cdparanoia cdrom chroot clamav clamd cli courier cscope css ctype dbase dbcp dbm dbx devfs26 dga dhcp dict dio distcache divx4linux djbfft dmx dnd dv dvb dvd dvdr dvdread eds encode ethereal evms2 evo exif exim exiscan-acl expat faac faad fbdev ffmpeg fla flatfile flood font-server foomaticdb fpx freetype fs ftp gb gcj gd gimp gimpprint gkrellm glade gmail gmp gnome gnomedb gnuplot gnustep gs gtk2 iconv idea ieee1394 image imap imlib2 inetd inifile innodb intl iodbc jboss jikes jmx jpeg2k jta ladcca ladspa latex lcms ldap libgd live lm_sensors lmtp lzo mailbox maildir mailwrapper matroska mbox md5sum memlimit mime mixer mmap mozsvg mozxmlterm mp3 mpeg mpeg4 mpi mplayer mpm-prefork msdav mule mysql mysqli nagios-dns nagios-ntp nagios-ping nagios-s native network nls nntp nptl ntlm objc odbc offensive openal openntpd oscar pam parse-clocks pcntl pcre pdf pg-hier pg-intdatetime php posix postgres postgresql povray prelude procmail pthreads qdbm qemu-fast qmail quotas rogue rtc sasl servlet-2.3 servlet-2.4 session silc silverxp simplexml slang sndfile snortsam soap sockets socks5 softquota spamassassin speedo spell spl ssl svg t1lib tcpmd5 tcsim tga theora tokenizer transcode truetype-fonts type1 type1-fonts ucs4 udpfromto unicode uudeview v4l v4l2 vcd vcdimager vda vhosts wddx winbind xanim xml xmlrpc xsl xvid xvmc zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Version of perl installed?
v5.8.7 built for x86_64-linux
I actually need the exact -r :) I ask because if the source is what I think it is, this should be fixed in -r3 iirc (maybe -r2, but definitely by -r3) for 5.8.7 (and all of 5.8.8).
Sorry, it's dev-lang/perl-5.8.7-r3. I'm afraid I just copied and pasted the relevant output of perl --version. (In reply to comment #3) > I actually need the exact -r :) I ask because if the source is what I think it > is, this should be fixed in -r3 iirc (maybe -r2, but definitely by -r3) for > 5.8.7 (and all of 5.8.8). >
Can anyone on amd64 dup this? I tried in my amd64 chroot, same perl version, but I don't see the bug at all. Tried with both Params-Validate-0.78 and 0.79.
I am also unable to dup.
I am unable to reproduce this with dev-lang/perl-5.8.7-r3 and dev-perl/Params-Validate-0.78.
security team, what do you want us to do with this bug, WORKSFORME? 3 of us are unable to reproduce the bug and no one else has reported this problem (no "me too" comments and no duplicate bugs).
maybe it was resolved automagically in the more recent versions of portage? I notice (now) that the reporter is running 2.0.54, pre-runpath fixes in portage (not that that's an excuse or a reason for why we can't dup)
(In reply to comment #9) > maybe it was resolved automagically in the more recent versions of portage? I > notice (now) that the reporter is running 2.0.54, pre-runpath fixes in portage > (not that that's an excuse or a reason for why we can't dup) I'm running an amd64 stable system with sys-apps/portage-2.0.54-r2. # emerge --info Portage 2.0.54-r2 (default-linux/amd64/2006.0, gcc-3.4.5, glibc-2.3.6-r3, 2.6.15-gentoo-r7 x86_64) ================================================================= System uname: 2.6.15-gentoo-r7 x86_64 AMD Turion(tm) 64 Mobile Technology ML-32 Gentoo Base System version 1.6.14 dev-lang/python: 2.4.2 dev-python/pycrypto: [Not Present] dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib64/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=athlon64 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig cvs distlocks multilib-strict sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.osuosl.org/ " MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://134.68.220.73/gentoo-portage" USE="amd64 X aac acpi aim alsa audacious audiofile avi berkdb bitmap-fonts browserplugin bzip2 cdr cli crypt cups curl dbus dri eds emboss encode esd ethereal exif expat fam flac foomaticdb gd gdbm gif glut gnome gphoto2 gpm gstreamer gtk gtk2 gtkhtml hal icq idn imlib ipv6 isdnlog jabber java jpeg kde lcms libcaca libwww lua lzw lzw-tiff mad mikmod mng mono mozilla moznocompose moznoirc moznomail mp3 mpeg msn mysql ncurses nls nocd nptl nptlonly nsplugin offensive ogg oggvorbis openal opengl oscar pam pcre pdflib perl php png pppd python qt quicktime readline reflection sdl session shorten sndfile spell spl ssl symlink tcpd tetex tiff truetype truetype-fonts type1-fonts udev usb userlocales vorbis wxgtk1 xml2 xmms xorg xpm xv xvid yahoo zlib userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS, PORTAGE_RSYNC_OPTS
security-team: ping what are we going to do with this one? (see comment #8)
please re-add amd64 if there's something for us to do
Why are we keeping this open? Everyone is stable arch on 5.8.8.
Security: Please close this bug, as 5.8.7 isn't even in the tree any more. Thank you, ~mcummings
Poof. Thanks.