$ sudo emerge glibc ... 2.3.6-r4/work/build-default-i686-pc-linux-gnu-linuxthreads/nscd/selinux.o selinux.c:35:22: libaudit.h: No such file or directory selinux.c: In function `log_callback': selinux.c:120: warning: implicit declaration of function `audit_log_avc' selinux.c:120: error: `AUDIT_USER_AVC' undeclared (first use in this function) selinux.c:120: error: (Each undeclared identifier is reported only once selinux.c:120: error: for each function it appears in.) selinux.c: In function `audit_init': selinux.c:128: warning: implicit declaration of function `audit_open' selinux.c: In function `nscd_avc_destroy': selinux.c:306: warning: implicit declaration of function `audit_close' make[2]: *** [/var/tmp/portage/glibc-2.3.6-r4/work/build-default-i686-pc-linux- gnu-linuxthreads/nscd/selinux.o] Error 1 make[2]: Leaving directory `/var/tmp/portage/glibc-2.3.6-r4/work/glibc-2.3.6/ns cd' make[1]: *** [nscd/others] Error 2 make[1]: Leaving directory `/var/tmp/portage/glibc-2.3.6-r4/work/glibc-2.3.6' make: *** [all] Error 2 !!! ERROR: sys-libs/glibc-2.3.6-r4 failed. Call stack: ebuild.sh, line 1539: Called dyn_compile ebuild.sh, line 939: Called src_compile glibc-2.3.6-r4.ebuild, line 1128: Called toolchain-glibc_src_compile glibc-2.3.6-r4.ebuild, line 217: Called die !!! make for default failed !!! If you need support, post the topmost build error, and the call stack if re levant. $ grep -r AUDIT_USER_AVC /usr/include/linux/ $ $ grep -r AUDIT_USER_AVC /usr/src/linux/include/ /usr/src/linux/include/linux/audit.h:#define AUDIT_USER_AVC 1107 /* We filter this differently */ $ $ emerge -pv sys-kernel/linux-headers These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild R ] sys-kernel/linux-headers-2.6.11-r2 USE="-gcc64" 0 kB Total size of downloads: 0 kB $ emerge -pv sys-libs/glibc These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild R ] sys-libs/glibc-2.3.6-r4 USE="erandom nls selinux* -build -glibc-compat20 -glibc-omitfp -hardened -multilib -nptl* -nptlonly -profile" 0 kB Total size of downloads: 0 kB $ emerge --info Portage 2.1-r1 (selinux/2005.1/x86, gcc-3.4.6, glibc-2.3.6-r4, 2.6.16-hardened-r11 i686) ================================================================= System uname: 2.6.16-hardened-r11 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz Gentoo Base System version 1.6.15 ccache version 2.3 [disabled] app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.3.5-r2, 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.3 dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=prescott -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/service" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/splash /etc/terminfo" CXXFLAGS="-O2 -march=prescott -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox selinux sfperms strict" GENTOO_MIRRORS="http://mirror.datapipe.net/gentoo ftp://ftp.du.se/pub/os/gentoo http://trumpetti.atm.tut.fi/gentoo/ ftp://mirrors1.netvisao.pt/gentoo/ http://www.gigaload.org/gentoo.org/" LANG="ru_RU.CP1251" LINGUAS="en ru" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/my /usr/local/overlays/bmg-main" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 a52 aac activefilter artswrappersuid atm bash-completion berkdb bluetooth caps cdparanoia crypt css dbus dga dhcp divx4linux divxforlinux doc dvb dvd dvdr dvdread erandom exiscan-acl fbcon ffmpeg font-server gcj gnokii gnutls gphoto2 hal hash ieee1394 innodb irda irmc java jpeg2k kerberos ldap libclamav lm_sensors lmtp logitech-mouse logrotate mbox mime mmap multislot ncurses network nls ntfs ntlm oav pam pam_chroot pam_console pcntl pda perlsuid pic portaudio povray procmail python quotas radius rdesktop readline real reiserfs samba sasl selinux sftplogging shaper slp socks5 softquota spf srs sse-filters ssl swat theora threads usb v4l v4l2 vcd vim-with-x wifi win32codecs winbind x264 xinerama xscreensaver xvmc zlib elibc_glibc input_devices_keyboard input_devices_mouse kernel_linux linguas_en linguas_ru lirc_devices_devinput userland_GNU video_cards_i810 video_cards_radeon video_cards_v4l video_cards_vesa video_cards_vga" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS
It seems the reason of glibc build process failure is sys-process/audit-0.8.1 missing "libaudit.h" header file: selinux.c:35:22: libaudit.h: No such file or directory After manual copiing libaudit.h from audit-0.8.1.tar.gz sources into /usr/include/ glibc has been built successfully.
$ epm -qa|grep audit audit-0.8.1 nbaudit-1.0 ipaudit-1.0_beta2 $ epm -ql audit|grep include $
hardened: sys-process/audit-1.2.9 is now in the tree, with work from upstream and myself so that it should compile on pretty much all boxes kernels 2.6.17 or newer (note that the kernel headers are needed as well).
Ok thanks. I see that sys-process/audit-1.2.9 installs libaudit.h in /usr/include/. Now it shouldn't be any problems with glibc on SELinux-enabled systems. Closing the bug.
