The testing AND stable version of psmisc will not build when attempting to build a Hardened Gentoo system. Reproducible: Always Steps to Reproduce: 1. emerge psmisc Actual Results: sort: open failed: +2: No such file or directory tr: write error: broken pipe tr: write error cc1: Broken pipe: when writing output to make[2]: *** [signames.h] Error 1 make[2]: Leaving directory '/usr/tmp/portage/psmisc-21.2-r4/work/psmisc-21.2/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving Directory '/var/tmp/portage/psmisc-21.2-r4/work/psmisc-21.2' make: *** [all] Error 2 !!! ERROR: sys-apps/psmisc-21.3-r4 failed !!! Function src_compile, Line 43 Exitcode 2 !!! (no error message) Expected Results: It should have compiled! This bug was encountered using the Gentoo 1.4rc4 stage1 LiveCD in an attempt to build a Hardened Gentoo system following the Hardened Gentoo documentation. ACCEPT_KEYWORDS=~x86 was used but the same occurs even if it is not.
please provide emerge info a commplete merge log
this seems to be related to this: http://mail.gnu.org/archive/html/bug-coreutils/2003-09/msg00085.html according to this sort +2 should be changed to: sort -k2
Created attachment 19442 [details, diff] should fix coreutils (sort) related problem
Created attachment 19443 [details, diff] necessary changes in the ebuild
could you / someone please confirm if this fixes the problems ? (i don't have a hardened gentoo system here atm)
which version are affected ?
I am confirming that the patch fixes the issue, psmisc compiles fine on my hardened system.
I was also able to use the two patches attached to compile both psmisc-21.2-r3 and psmisc-21.2-r4. I would recommend naming the attachments appropriately, though. If the attachment is a diff file that needs to be a certain name, call it that name. Or at least provide a statement or two describing the application of the patch.
I'm inclined to let this drop because of the switchover to the new SELinux API next week. The new API patch has this fixed. I tested it on a machine that has a coreutils with all of the old behaviors removed (no more tail -1, etc).
Thanks for your work on figuring it out. Its too bad that we can't use it. This patch is going away tonight, in favor of the new API patch. I doublechecked the new patch, and it doesnt have the removed coreutils usages, so you shouldn't run into this problem.
