it doesn't link to selinux library:(-lselinux) i686-pc-linux-gnu-gcc -std=gnu99 -O2 -march=pentium-m -pipe -g -ggdb -Wl,-O1 -o dpkg archives.o cleanup.o configure.o depcon.o enquiry.o errors.o filesdb.o divertdb.o statdb.o help.o main.o packages.o pkg-array.o pkg-show.o processarc.o remove.o select.o trigproc.o update.o ../lib/libdpkg.a ../libcompat/libcompat.a -lz -lbz2 processarc.o: In function `process_archive': /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/processarc.c:170: warning: the use of `tmpnam' is dangerous, better use `mkstemp' archives.o: In function `tarobject': /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:655: undefined reference to `matchpathcon' /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:661: undefined reference to `setfscreatecon' /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:824: undefined reference to `setfscreatecon' /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:826: undefined reference to `freecon' /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:848: undefined reference to `setfscreatecon' /var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src/archives.c:639: undefined reference to `is_selinux_enabled' collect2: ld returned 1 exit status make[2]: *** [dpkg] Error 1 make[2]: *** Waiting for unfinished jobs.... mv -f .deps/query.Tpo .deps/query.Po make[2]: Leaving directory `/var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/app-arch/dpkg-1.15.3.1/work/dpkg-1.15.3.1' make: *** [all] Error 2 * * ERROR: app-arch/dpkg-1.15.3.1 failed. * Call stack: * ebuild.sh, line 49: Called src_compile * environment, line 2682: Called die * The specific snippet of code: * emake || die * The die message: * (no error message) * * If you need support, post the topmost build error, and the call stack if relevant. * The ebuild environment file is located at '/var/tmp/portage/app-arch/dpkg-1.15.3.1/temp/environment'. * >>> Failed to emerge app-arch/dpkg-1.15.3.1 * IMPORTANT: 3 news items need reading for repository 'gentoo'. * Use eselect news to read news items. could be fixed easily,I've a patch but I don't know what's the best way to apply it only when selinux use flag is enabled I'll atach the patch Reproducible: Always
Created attachment 198321 [details, diff] lselinux.patch fixes it in src/Makefile.am
<PeBenito|work> Gnutoo: dont assign that to hardened, its not our problem so I unassign
I don't see how $SELINUX_LIBS would fail to contain -lselinux. So please post your `emerge --info' and attach the entire build log. CC'ing hardened@ as I don't have any hardened systems and someone needs to confirm the correctness of this patch (it looks like a workaround for a sys-libs/libselinux issue to me).
# emerge --info WARNING: One or more repositories have missing repo_name entries: /usr/overlay/profiles/repo_name NOTE: Each repo_name entry should be a plain text file containing a unique name for the repository on the first line. Portage 2.2_rc33 (selinux/2007.0/x86, gcc-4.3.2, glibc-2.8_p20080602-r1, 2.6.30_port4_piix i686) ================================================================= System uname: Linux-2.6.30_port4_piix-i686-Intel-R-_Pentium-R-_M_processor_2.00GHz-with-gentoo-2.0.1 Timestamp of tree: Fri, 17 Jul 2009 12:30:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [disabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7-r1, 2.1.7 dev-lang/python: 2.5.4-r3, 2.6.2 dev-python/pycrypto: 2.0.1-r8 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.6.2-r1 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.4.3-r3 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.29 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=pentium-m -pipe -g -ggdb" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -march=pentium-m -pipe -g -ggdb" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages loadpolicy nostrip parallel-fetch preserve-libs protect-owned sandbox selinux sesandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_US.utf8" LC_ALL="en_US.utf8" LDFLAGS="" LINGUAS="en en_GB en_US" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/java-gcj-overlay /usr/overlay" SYNC="rsync://192.168.1.1/gentoo-portage" USE="7zip X a52 aac acl acpi adns adplug aiglx alsa amr apache2 asf asyncns automount avahi bash-completion beagle berkdb bl blender-game bluetooth branding bzip2 cairo caps cdaudio cdda cddb cdparanoia cdr chardet clearcase cli consolekit contrarius cracklib cran crypt css cups curl cvs dbus dga dia dirac disk-partition divx djvu dri dts dv dvb dvd dvdnav dvdr dvdread ebook editor effects emacs enca encode exif expat faac faad fam fat ffmpeg firefox flac foomaticdb fping freesound fuse gdbm gif gimp gimpprint glsa gmedia gmp gnome gnome-keyring gnomecd gnutls gphoto2 gpm gps gsm gstreamer gtk hal hfs httpd icecast iconv ieee1394 imagemagick inkjar inquisitio irmc isdnlog jabber java java5 java6 jfs jpeg jpeg2k kde kqemu lame laptop lcms libnotify libsamplerate lzo mad maps marble matroska midi mikmod mjpeg mmx mmxext mng modplug mp2 mp3 mp4 mpi mplayer mtp mudflap musepack nautilus ncurses network nfs nntp nptl nptlonly nsplugin ntfs ofa ogg openal openexr opengl openmp osgapps p2p pam pcre pda pdf perforce perl phonon php plugin png pnm policykit postscript ppds pppd profile projectm pulseaudio python qa quicktime quotas raw readline realmedia reflection reiser4 reiserfs rt2500pci rtc rtsp samba sasl scenarios schroedinger sdl selinux session sid skins slang sox speex spell spl sqlite srteam sse sse2 ssl startup-notification stream subtitles subversion svg swat tcpd tga theora threads tiff timidity tordns tracker truetype tta unicode usb v4l v4l2 vcd vde video vidx vlm vorbis wavpack webkit wifi wma wmf wmp wxwindows x86 xanim xcb xfs xine xml xmp xorg xprint xrandr xulrunner xv xvid xvmc yahoo yv12 zlib zrtp zsh" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="access auth auth_dbm auth_anon auth_digest alias file-cache echo charset-lite cache disk-cache mem-cache ext-filter case_filter case-filter-in deflate mime-magic cern-meta expires headers usertrack unique-id proxy proxy-connect proxy-ftp proxy-http info include cgi cgid dav dav-fs vhost-alias speling rewrite log_config logio env setenvif mime status autoindex asis negotiation dir imap actions userdir so filter unique_id authz_host" ELIBC="glibc" INPUT_DEVICES="wacom evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB en_US" SANE_BACKENDS="plustek pixma" USERLAND="GNU" VIDEO_CARDS="radeon" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 198504 [details] dpkg.log
Seems to work for Debian, so why (or when) doesn't sys-libs/libselinux provide a pkg-config file (assuming pkg-config is working properly otherwise)?
Compare bug [1] (Ubuntu) and our very own bug #160265 comment #5. [1] https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/194455
libselinux upstream does not provide a .pc file. debian must add its own. As far as I'm concerned, this is a dpkg problem.
(In reply to comment #8) > libselinux upstream does not provide a .pc file. debian must add its own. As > far as I'm concerned, this is a dpkg problem. It's a problem for anyone who uses the selinux profiles, I guess. If you don't want to support that profile and its default USE=selinux (by perhaps getting upstream to provide a .pc), then there's no reason app-arch/dpkg should support IUSE=selinux any longer and then we should move to remove it.
Wondering how it worked back then: 06 Jan 2007; Mike Frysinger <vapier@gentoo.org> dpkg-1.13.24.ebuild: Add support for USE=selinux.
*** Bug 227137 has been marked as a duplicate of this bug. ***
ive never had a selinux system. either someone requested it, or i noticed the configure help output and just added it.
(In reply to comment #12) > ive never had a selinux system. either someone requested it, or i noticed the > configure help output and just added it. OK, I removed IUSE=selinux from all remaining dpkg ebuilds.
I still need to add --without-selinux to the dpkg-1.15.3.1.ebuild to emerge dpkg successfully. It seems that configure autodetects my selinux header files and enables selinux code by default. Looks like this: src_compile() { econf \ $(use_with bzip2 bz2) \ $(use_enable nls) \ $(use_with zlib) \ --without-selinux \ --without-start-stop-daemon \ || die emake || die } I guess it the same case for the non ~x86 ebuild.
Ah yes, of course. I have added that now.
