Got the same issue here.

$ emerge --info
Portage 2.2.17 (python 3.3.5-final-0, hardened/linux/amd64/no-multilib/selinux, gcc-4.9.2, glibc-2.20-r1, 3.18.5-hardened-r1 x86_64)                                    
=================================================================                   
System uname: Linux-3.18.5-hardened-r1-x86_64-AMD_E-350_Processor-with-gentoo-2.2   
KiB Mem:     3634628 total,    844140 free                                          
KiB Swap:    4607060 total,   4606644 free
Timestamp of repository gentoo: Sun, 15 Feb 2015 00:45:01 +0000
sh bash 4.3_p33-r1
ld GNU ld (Gentoo 2.24 p1.4) 2.24
app-shells/bash:          4.3_p33-r1::gentoo
dev-lang/perl:            5.20.2::gentoo
dev-lang/python:          2.7.9-r2::gentoo, 3.3.5-r1::gentoo, 3.4.2::gentoo
dev-util/cmake:           3.1.0::gentoo
dev-util/pkgconfig:       0.28-r2::gentoo
sys-apps/baselayout:      2.2::gentoo
sys-apps/openrc:          0.13.9::gentoo
sys-apps/sandbox:         2.6-r1::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69::gentoo
sys-devel/automake:       1.11.6-r1::gentoo, 1.15::gentoo
sys-devel/binutils:       2.24-r3::gentoo
sys-devel/gcc:            4.9.2::gentoo
sys-devel/gcc-config:     1.8::gentoo
sys-devel/libtool:        2.4.5::gentoo
sys-devel/make:           4.1-r1::gentoo
sys-kernel/linux-headers: 3.19::gentoo (virtual/os-headers)
sys-libs/glibc:           2.20-r1::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: websync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000

ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=btver1 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=btver1 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox selinux sesandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://ftp.spline.inf.fu-berlin.de/mirrors/gentoo/ http://mirrors.xmu.edu.cn/gentoo/"
INSTALL_MASK="/lib/systemd /lib32/systemd /lib64/systemd /usr/lib/systemd /usr/lib32/systemd /usr/lib64/systemd /etc/systemd"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
USE="X acl alsa amd64 bindist bzip2 cli cracklib crypt cups cxx dri gdbm hardened iconv ipv6 jpeg justify mmx mmxext modules ncurses nls nptl open_perms opengl openmp pam pax_kernel pcre qt5 readline selinux session sse sse2 sse3 ssl ssse3 tcpd threads udev unconfined unicode urandom vdpau wayland xattr xtpax zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3 python3_4" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="radeon r600" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON

Confirm

$ emerge -pqv pambase
[ebuild     U ] sys-auth/pambase-20150213 [20140313] USE="cracklib nullok%* (selinux) sha512 -consolekit -debug -gnome-keyring -minimal -mktemp -pam_krb5 -pam_ssh -passwdqc -securetty% (-systemd)"

same with

$ emerge -pqv pambase
[ebuild     U ] sys-auth/pambase-20150213 [20140313] USE="cracklib (selinux) sha512 -consolekit -debug -gnome-keyring -minimal -mktemp -nullok% -pam_krb5 -pam_ssh -passwdqc -securetty% (-systemd)"

Created attachment 396692 [details]
sys-auth/pambase-20150213 build.log

Created attachment 396696 [details]
sys-auth/pambase-20150213 build.log

Comment 6 Jason Zaman 2015-02-18 04:06:44 UTC

Looks like the # should be escaped somehow

system-login.in:51:0: error: invalid preprocessing directive #Note
 # Note: modules that run in the user's context must come after this line.
 ^

Same issue here. I just can't login. Have to pass trought the live usb and wait for the fix. I tried to configure an autologin, without success.
Hope the problem will be solved quickly.
Thanks for the PAM team for their work.

Comment 8 Sven Vermeulen (RETIRED) 2015-03-04 08:30:27 UTC

Looks like the easiest solution to still keep the comment but don't have the CPP preprocessor look at it is to prepend the comment with whitespace (due to pambase using traditional-cpp leading whitespace is no longer used for preprocessor macros):

--- system-login.in.orig        2015-03-04 09:04:54.318140042 +0100
+++ system-login.in     2015-03-04 09:28:20.918196479 +0100
@@ -48,7 +48,7 @@
 session                optional        pam_ck_connector.so nox11
 #endif
 #if HAVE_SELINUX
-# Note: modules that run in the user's context must come after this line.
+ # Note: modules that run in the user's context must come after this line.
 session                required        pam_selinux.so multiple open
 #endif
 #if HAVE_GNOME_KEYRING

I don't know if the bug is under process, but i still have this (my build.log):


 * Package:    sys-auth/pambase-20150213
 * Repository: gentoo
 * Maintainer: pam-bugs@gentoo.org
 * USE:        abi_x86_64 amd64 cracklib elibc_glibc kernel_linux nullok selinux sha512 userland_GNU
 * FEATURES:   preserve-libs sandbox selinux sesandbox userpriv usersandbox
>>> Unpacking source...
>>> Unpacking pambase-20150213.tar.xz to /var/tmp/portage/sys-auth/pambase-20150213/work
>>> Source unpacked in /var/tmp/portage/sys-auth/pambase-20150213/work
>>> Preparing source in /var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213 ...
>>> Source prepared.
>>> Configuring source in /var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213 ...
>>> Source configured.
>>> Compiling source in /var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213 ...
make -j5 -l5 GIT=true DEBUG=no CRACKLIB=yes PASSWDQC=no CONSOLEKIT=no SYSTEMD=no GNOME_KEYRING=no SELINUX=yes NULLOK=yes MKTEMP=no PAM_SSH=no SECURETTY=no SHA512=yes KRB5=no MINIMAL=no IMPLEMENTATION=linux-pam LINUX_PAM_VERSION=0x010108 
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 login.in -o login
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 passwd.in -o passwd
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 su.in -o su
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 system-auth.in -o system-auth
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 system-login.in -o system-login
sed -i -e '/^$/d' -e '/^\/\//d' login
sed -i -e '/^$/d' -e '/^\/\//d' passwd
sed -i -e '/^$/d' -e '/^\/\//d' su
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 system-local-login.in -o system-local-login
cpp -traditional-cpp -P -include linux-pam-conf -include basic-conf -DLINUX_PAM_VERSION=0x010108 -DHAVE_CRACKLIB=1 -DHAVE_SELINUX=1 -DWANT_NULLOK=1 -DWANT_SHA512=1 system-remote-login.in -o system-remote-login
system-login.in:51:0: error: invalid preprocessing directive #Note
 # Note: modules that run in the user's context must come after this line.
 ^
sed -i -e '/^$/d' -e '/^\/\//d' system-auth
Makefile:93: recipe for target 'system-login' failed
make: *** [system-login] Error 1
make: *** Waiting for unfinished jobs....
sed -i -e '/^$/d' -e '/^\/\//d' system-local-login
sed -i -e '/^$/d' -e '/^\/\//d' system-remote-login
 * ERROR: sys-auth/pambase-20150213::gentoo failed (compile phase):
 *   emake failed
 * 
 * If you need support, post the output of `emerge --info '=sys-auth/pambase-20150213::gentoo'`,
 * the complete build log and the output of `emerge -pqv '=sys-auth/pambase-20150213::gentoo'`.
 * The complete build log is located at '/var/tmp/portage/sys-auth/pambase-20150213/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/sys-auth/pambase-20150213/temp/environment'.
 * Working directory: '/var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213'
 * S: '/var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213'




This is my make.conf:
# These settings were set by the catalyst build script that automatically
# built this stage.
# Please consult /usr/share/portage/config/make.conf.example for a more
# detailed example.
CFLAGS="-march=native -O2 -pipe"
CXXFLAGS="${CFLAGS}"
# WARNING: Changing your CHOST is not something that should be done lightly.
# Please consult http://www.gentoo.org/doc/en/change-chost.xml before changing.
CHOST="x86_64-pc-linux-gnu"
# These are the USE flags that were used in addition to what is provided by the
# profile used for building.
USE="bindist mmx sse sse2 X xcb audiofile flac alsa apng jpg png jpeg imlib selinux cpu_flags_x86_mmxext sqlite xkb libav python mpd wifi mp3 network fifo ogg visualizer clock udev  apcupsd tty-helpers unicode truetype type1 cleartype corefonts pango thinkpad threads stream live hls applehttp perl gtk3 qt4 rtmp"
PORTDIR="/usr/portage"
DISTDIR="${PORTDIR}/distfiles"
PKGDIR="${PORTDIR}/packages"
MAKEOPTS="-j5 -l5"
INPUT_DEVICES="evdev synaptics mouse keyboard"
VIDEO_CARDS="intel vesa fbdev"
ACCEPT_KEYWORDS="~amd64 amd64"

It's blocking emerge --deep @world. Thanks you.

Sven's suggestion works, so you could for example do it like that:

# ebuild /usr/portage/sys-auth/pambase-20150213.ebuild unpack
# nano -w /var/tmp/portage/sys-auth/pambase-20150213/work/pambase-20150213/system-login.in

go to the line that says "# Note: modules that run in the user's context must come after this line." and prepend an additional whitespace so it reads " # Note: modules that run in the user's context must come after this line." and save your change (press ctrl+o then enter). with

# ebuild /usr/portage/sys-auth/pambase-20150213.ebuild merge

pambase-20150213 should successfully compile and install.

Of course instead of manually editing the file you probably could also use Sven's patch ;) ($ man patch)

Am seeing this too.

Comment 12 Jason Zaman 2015-03-24 07:51:54 UTC

#define COMMENT # Note:
COMMENT modules that run in the user's context must come after this line.

this works too if a cleaner solution is desired.

Same issue here. But another solution in comparison how other comments in pambase working.

--- system-login.in
+++ system-login.in
@@ -48,7 +48,7 @@
 session		optional	pam_ck_connector.so nox11
 #endif
 #if HAVE_SELINUX
-# Note: modules that run in the user's context must come after this line.
+/*  Note: modules that run in the user's context must come after this line. */
 session		required	pam_selinux.so multiple open
 #endif
 #if HAVE_GNOME_KEYRING

Nicolas' patch works fine if you make it a user patch, and follow the instructions for the bashrc component in https://wiki.gentoo.org/wiki//etc/portage/patches#Adding_user_patches

Could we get this patched in, or fixed upstream? This is irritating on new server builds.

Comment 15 Sven Vermeulen (RETIRED) 2015-04-17 15:10:00 UTC

I've added my suggestion to the ebuild. The use of /* ... */ does not result in a comment in the file itself that the user can read, and that is the intention of the note.

Anyway, fix implemented (no version bump as it doesn't matter for those who already have a working installation, and for SELinux users the build failed anyway). Please resync the Portage tree (perhaps want to wait an hour or so for the changes to propagate) or fetch the changes tomorrow (if using emerge-webrsync) and see if the problem is fixed for you.

Here, the package builds fine now.

Comment 16 Jason Zaman 2015-05-10 11:05:43 UTC

this is stable now

Comment 17 SpanKY 2015-05-17 05:22:53 UTC

(In reply to Sven Vermeulen from comment #15)

this is a Gentoo project which means the patches should be going into the git repos directly rather than into ebuilds

http://gitweb.gentoo.org/proj/pambase.git/commit/?id=abf9fef20f1da54ca161616c059afd10449baced