Upon upgrading from kernel linux-2.6.23-hardened-r4 to linux-2.6.24-hardened-r3 and needing to re-patch the kernel with unionfs, re-include l7-filtering for iptables, re-build ulogd, ipset and ipp2p with new kernel sources and ensure that iptables are re-build with the l7filter USE flag, I did the following: 1. emerged the latest current hardened sources: linux-2.6.23-hardened-r4 2. unlinked /usr/src/linux from old kernel and relinked /usr/src/linux to /usr/src/linux-2.6.24-hardened-r3 3. Downloaded http://download.filesystems.org/unionfs/unionfs-2.x/unionfs-2.3.3_for_2.6.24.5.diff.gz Patched the kernel with this unionfs patch by doing: - cp unionfs-2.3.3_for_2.6.24.5.diff.gz /usr/src/linux - gunzip unionfs-2.3.3_for_2.6.24.5.diff.gz - patch -p1 < unionfs-2.3.3_for_2.6.24.5.diff.gz 5. copied .config from old kernel to new /usr/src/linux in order to use the previous config with the new kernel and then ran: - cd /usr/src/linux && make oldconfig && make prepare - this was to prepare the new kernel and write the new .config for this kernel. 6. I then manually unmerged the following: emerge --unmerge net-firewall/iptables emerge --unmerge app-admin/ulogd emerge --unmerge net-firewall/ipp2p emerge --unmerge net-firewall/ipset emerge --unmerge net-misc/l7-filter-userspace emerge --unmerge net-libs/libnetfilter_queue emerge --unmerge net-libs/libnetfilter_conntrack emerge --unmerge net-libs/libnfnetlink emerge --unmerge net-misc/l7-protocols emerge --unmerge net-libs/libnetfilter_log emerge --unmerge net-misc/l7-filter 7. Then I re-emerged them in sequence, now using the new kernel source: emerge net-misc/l7-filter-userspace (installs following 5 deps) - net-libs/libnfnetlink - net-misc/l7-protocols - net-libs/libnetfilter_conntrack - net-libs/libnetfilter_queue - net-misc/l7-filter-userspace emerge net-libs/libnetfilter_log emerge net-misc/l7-filter emerge app-admin/ulogd (emerged iptables as dependency) - net-firewall/iptables emerge net-firewall/ipp2p All went well up to before this point, whereby ipp2p then fails with the following error shown within Actual Results below: Reproducible: Always Steps to Reproduce: 1.emerge net-firewall/ipp2p 2. 3. Actual Results: =============== ipp2p build error start ======================== >>> Emerging (1 of 1) net-firewall/ipp2p-0.8.2-r4 to / * ipp2p-0.8.2.tar.gz RMD160 SHA1 SHA256 size ;-) ... [ ok ] * checking ebuild checksums ;-) ... [ ok ] * checking auxfile checksums ;-) ... [ ok ] * checking miscfile checksums ;-) ... [ ok ] * checking ipp2p-0.8.2.tar.gz ;-) ... [ ok ] * Determining the location of the kernel source code * Found kernel source directory: * /usr/src/linux * Found sources for kernel version: * 2.6.24-hardened-r3 * Checking for suitable kernel configuration options... [ ok ] >>> Unpacking source... >>> Unpacking ipp2p-0.8.2.tar.gz to /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work * Applying ipp2p-0.8.2-kernel-2.6.22.patch ... [ ok ] * Converting Makefile to use M= instead of SUBDIRS= ... [ ok ] * Applying ipp2p-0.8.2-iptables-1.4.0.patch ... [ ok ] >>> Source unpacked. >>> Compiling source in /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2 ... i686-pc-linux-gnu-gcc -O2 -march=i686 -pipe -DIPTABLES_VERSION=\"1.4.0\" -I/usr/include -fPIC -c libipt_ipp2p.c i686-pc-linux-gnu-gcc -shared -o libipt_ipp2p.so libipt_ipp2p.o make -C /usr/src/linux M=/var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2 modules make[1]: Entering directory `/usr/src/linux-2.6.24-hardened-r3' WARNING: Symbol version dump /usr/src/linux-2.6.24-hardened-r3/Module.symvers is missing; modules will have no dependencies and modversions. CC [M] /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2/ipt_ipp2p.o Building modules, stage 2. MODPOST 1 modules /bin/sh: scripts/mod/modpost: No such file or directory make[2]: *** [__modpost] Error 127 make[1]: *** [modules] Error 2 make[1]: Leaving directory `/usr/src/linux-2.6.24-hardened-r3' make: *** [ipt_ipp2p.ko] Error 2 * * ERROR: net-firewall/ipp2p-0.8.2-r4 failed. * Call stack: * ebuild.sh, line 49: Called src_compile * environment, line 3134: Called die * The specific snippet of code: * emake KERNEL_SRC="${KV_DIR}" IPTABLES_SRC="/usr" IPTABLES_VERSION="${IPTABLES_VERSION}" || die "Failed to build kernel module."; * The die message: * Failed to build kernel module. * * If you need support, post the topmost build error, and the call stack if relevant. * A complete build log is located at '/var/log/portage/net-firewall:ipp2p-0.8.2-r4:20080803-172129.log'. * The ebuild environment file is located at '/var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/temp/environment'. =============== ipp2p build error end ======================== Expected Results: >>> net-firewall/ipp2p-0.8.2-r4 merged.
Created attachment 162137 [details] emerge --info
Created attachment 162138 [details] The ebuild environment file
Created attachment 162139 [details] complete build log
(In reply to comment #0) > Upon upgrading from kernel linux-2.6.23-hardened-r4 to linux-2.6.24-hardened-r3 > and needing to re-patch the kernel with unionfs, re-include l7-filtering for > iptables, re-build ulogd, ipset and ipp2p with new kernel sources and ensure > that iptables are re-build with the l7filter USE flag, I did the following: > > 1. emerged the latest current hardened sources: linux-2.6.23-hardened-r4 > 2. unlinked /usr/src/linux from old kernel and relinked /usr/src/linux to > /usr/src/linux-2.6.24-hardened-r3 > 3. Downloaded > http://download.filesystems.org/unionfs/unionfs-2.x/unionfs-2.3.3_for_2.6.24.5.diff.gz > Patched the kernel with this unionfs patch by doing: > - cp unionfs-2.3.3_for_2.6.24.5.diff.gz /usr/src/linux > - gunzip unionfs-2.3.3_for_2.6.24.5.diff.gz > - patch -p1 < unionfs-2.3.3_for_2.6.24.5.diff.gz > 5. copied .config from old kernel to new /usr/src/linux in order to use the > previous config with the new kernel and then ran: > - cd /usr/src/linux && make oldconfig && make prepare > - this was to prepare the new kernel and write the new .config for this > kernel. > 6. I then manually unmerged the following: > emerge --unmerge net-firewall/iptables > emerge --unmerge app-admin/ulogd > emerge --unmerge net-firewall/ipp2p > emerge --unmerge net-firewall/ipset > emerge --unmerge net-misc/l7-filter-userspace > emerge --unmerge net-libs/libnetfilter_queue > emerge --unmerge net-libs/libnetfilter_conntrack > emerge --unmerge net-libs/libnfnetlink > emerge --unmerge net-misc/l7-protocols > emerge --unmerge net-libs/libnetfilter_log > emerge --unmerge net-misc/l7-filter > 7. Then I re-emerged them in sequence, now using the new kernel source: > emerge net-misc/l7-filter-userspace (installs following 5 deps) > - net-libs/libnfnetlink > - net-misc/l7-protocols > - net-libs/libnetfilter_conntrack > - net-libs/libnetfilter_queue > - net-misc/l7-filter-userspace > emerge net-libs/libnetfilter_log > emerge net-misc/l7-filter > emerge app-admin/ulogd (emerged iptables as dependency) > - net-firewall/iptables > emerge net-firewall/ipp2p > > All went well up to before this point, whereby ipp2p then fails with the > following error shown within Actual Results below: > > Reproducible: Always > > Steps to Reproduce: > 1.emerge net-firewall/ipp2p > 2. > 3. > > Actual Results: > =============== ipp2p build error start ======================== > >>> Emerging (1 of 1) net-firewall/ipp2p-0.8.2-r4 to / > * ipp2p-0.8.2.tar.gz RMD160 SHA1 SHA256 size ;-) ... > [ ok ] > * checking ebuild checksums ;-) ... > [ ok ] > * checking auxfile checksums ;-) ... > [ ok ] > * checking miscfile checksums ;-) ... > [ ok ] > * checking ipp2p-0.8.2.tar.gz ;-) ... > [ ok ] > * Determining the location of the kernel source code > * Found kernel source directory: > * /usr/src/linux > * Found sources for kernel version: > * 2.6.24-hardened-r3 > * Checking for suitable kernel configuration options... > [ ok ] > >>> Unpacking source... > >>> Unpacking ipp2p-0.8.2.tar.gz to /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work > * Applying ipp2p-0.8.2-kernel-2.6.22.patch ... > [ ok ] > * Converting Makefile to use M= instead of SUBDIRS= ... > [ ok ] > * Applying ipp2p-0.8.2-iptables-1.4.0.patch ... > [ ok ] > >>> Source unpacked. > >>> Compiling source in /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2 ... > i686-pc-linux-gnu-gcc -O2 -march=i686 -pipe -DIPTABLES_VERSION=\"1.4.0\" > -I/usr/include -fPIC -c libipt_ipp2p.c > i686-pc-linux-gnu-gcc -shared -o libipt_ipp2p.so libipt_ipp2p.o > make -C /usr/src/linux > M=/var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2 modules > make[1]: Entering directory `/usr/src/linux-2.6.24-hardened-r3' > > WARNING: Symbol version dump /usr/src/linux-2.6.24-hardened-r3/Module.symvers > is missing; modules will have no dependencies and modversions. > > CC [M] > /var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/work/ipp2p-0.8.2/ipt_ipp2p.o > Building modules, stage 2. > MODPOST 1 modules > /bin/sh: scripts/mod/modpost: No such file or directory > make[2]: *** [__modpost] Error 127 > make[1]: *** [modules] Error 2 > make[1]: Leaving directory `/usr/src/linux-2.6.24-hardened-r3' > make: *** [ipt_ipp2p.ko] Error 2 > * > * ERROR: net-firewall/ipp2p-0.8.2-r4 failed. > * Call stack: > * ebuild.sh, line 49: Called src_compile > * environment, line 3134: Called die > * The specific snippet of code: > * emake KERNEL_SRC="${KV_DIR}" IPTABLES_SRC="/usr" > IPTABLES_VERSION="${IPTABLES_VERSION}" || die "Failed to build kernel module."; > * The die message: > * Failed to build kernel module. > * > * If you need support, post the topmost build error, and the call stack if > relevant. > * A complete build log is located at > '/var/log/portage/net-firewall:ipp2p-0.8.2-r4:20080803-172129.log'. > * The ebuild environment file is located at > '/var/tmp/portage/net-firewall/ipp2p-0.8.2-r4/temp/environment'. > =============== ipp2p build error end ======================== > > Expected Results: > >>> net-firewall/ipp2p-0.8.2-r4 merged. > Looking at this again, it may not be a ipp2p bug after all. ipp2p seems to fail because of the missing Module.symvers file which should be under: /usr/src/linux-2.6.24-hardened-r3/Module.symvers For some reason it's not there, and need to investigate why and how to get this "Module.symvers" file within the kernel sources dir. Wernher
Reassigning to another maintainer since eradicator has left Gentoo.
Reassigned to sys-kernel/hardened-sources maintainer.
This should be fixed in current hardened-sources releases (>=sys-kernel/hardened-sources-2.6.25-r10). See bug #237618 and please confirm the problem is fixed, thanks.
Fixed quite awhile ago, re-open if still a problem.
