Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 125930

Summary: emul-linux-x86-compat/baselibs breaks multilib environment on amd64/selinux
Product: Gentoo Linux Reporter: Michael Crawford (ali3nx) <mcrawford>
Component: HardenedAssignee: SE Linux Bugs <selinux>
Status: RESOLVED FIXED    
Severity: major    
Priority: High    
Version: 2005.1   
Hardware: AMD64   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Michael Crawford (ali3nx) 2006-03-12 06:26:39 UTC 
In a moment of haste or perhaps just habit I had attempted to emerge app-arch/rar on one of my smp 246 opterons which i had installed about 90 days ago from the date of this posting. While i'm aware that for some bizarre reason i'm not completely unaware of the multilib environment used in the selinux/amd64/2005.1 profile is quite different than the hardened/amd64 profiles in portage these two packages are not blockers for selinux/amd64/2005.1. Despite being marginally aware of this upon merging emul-linux-x86-compat/baselibs the server's multilib layout is damaged by these ebuilds using the selinux/amd64/2005.1 profile rendering portage and the core multilib layout into a state which was commonly found in 2004.3 amd64 gentoo base emul. I've marked this bug as major due to concerns that should anyone else be using a similar server in production and add these ebuilds the results would be a broken production server. Fortunately mine is in the garage. I've included the error below and emerge info for taste. I'm aware amd64/selinux support is needed and i'm willing to do what I can. Not needing to reinstall it would be wonderful :)

anvil ~ # uptime
 08:05:39 up 76 days, 18:42,  1 user,  load average: 0.36, 0.27, 0.22
anvil ~ # emerge -uDN world
Calculating world dependencies ...done!
>>> emerge (1 of 33) virtual/perl-Test-Simple-0.62 to /
 * It appears you have switched to the 2005.1 profile without following
 * the upgrade guide.  Please  upgrade to 2005.0 first. See the following
 * URL for more information:
 * http://www.gentoo.org/proj/en/base/amd64/howtos/2005.0-upgrade-amd64.xml


anvil ~ # emerge info
Portage 2.0.54 (selinux/2005.1/amd64, gcc-3.4.4, glibc-2.3.5-r2, 2.6.14-hardened x86_64)
=================================================================
System uname: 2.6.14-hardened x86_64 AMD Opteron(tm) Processor 246
Gentoo Base System version 1.6.14
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.3 [enabled]
dev-lang/python:     2.3.5-r2, 2.4.2
sys-apps/sandbox:    1.2.12
sys-devel/autoconf:  2.13, 2.59-r6
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="amd64"
AUTOCLEAN="yes"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=opteron -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /opt/openjms/config /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-march=opteron -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache distlocks loadpolicy sandbox selinux sfperms strict"
GENTOO_MIRRORS="http://gentoo.arcticnetwork.ca http://distfiles.gentoo.org"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://localhost/gentoo-portage"
USE="acpi amd64 apache2 authdaemond bash-completion berkdb bzip2 bzlib ccache chroot cluster crypt ctype curl curlwrappers dba dio emul emul-linux-x86 erandom exif expat extensions fam fastcgi fortran freetds ftp gd gdbm gmp gpm hardened icu imagemagick imap innodb ipv6 ipv6arpa ithreads j2ee jai java javamail javascript jce jms jmx jpeg jta junit jython ldap libg++ maildir max-idx-128 memlimit mhash mmext mpi mysql mysqli nagios-dns nagios-ntp nagios-ping nagios-ssh ncurses neural nls nptl objc odbc offensive pam pcntl pcre perl pg-hier pg-intdatetime pg-vacuumdelay php pic png posix postgres procmail python readline rhino ruby sasl selinux sendfile session sftplogging shaper shared sharedext sharedmem simplexml snmp sockets softquota ssl sysfs sysvipc szip tcpd threads tiff truetype udev unicode userlocales vda virtual-users virus-scan wddx wmf xinetd xml xml2 xmlrpc xsl yaz zlib userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Comment 1 Michael Crawford (ali3nx) 2006-03-12 07:53:24 UTC 
Considering my current situation I had a look around the profile for selinux/amd64 and stumbled upon the following from make.defaults in the profile.

<snip>
# This profile doesn't fully support multilib portage yet.  We still rely
# on the emul-* packages.  As such, we have -multilib-pkg here to emphasise
# that point.
FEATURES="-multilib-pkg"
</snip>

It's apparent this has an intended purpose but in retrospect the same emul libs break the base system if added. I managed to find a cached page of blubb's now depreciated pre 2005.0 multilib upgrade guide and after some review i've discovered that /usr/lib32 had been removed and emul baselibs added in it's place as the above restriction would imply. By the disparate intentions of design; this bug creates a circular lib breakage problem, with this profile not fully supporting multilib yet the emul libs requiring more modern multilib support which unless provided removes /usr/lib32 with a pleasant bork-bork-bork warning lol... I have managed to marginally fix my server by remaking /usr/lib32 and following the steps listed in blubb's guide with one or two exceptions which defeated the warning offered by portage that is possibly caused by the non existance of /usr/lib32.

<snip>
# mkdir /lib32 /usr/lib32

# cp # mkdir /lib32 /usr/lib32

# cp /emul/linux/x86/lib32/libsandbox.so /usr/lib32

# cp /emul/linux/x86/usr/lib32/libsandbox.so /usr/lib32

# cp /emul/linux/x86/usr/lib32/libc.so /usr/lib32

# cp /emul/linux/x86/usr/lib32/libpthread.so /usr/lib32

# cp /emul/linux/x86/usr/lib32/*crt*.o /usr/lib32

# env-update
</snip>

/lib32 which was a symlink to /emul/linux/x86/usr/lib32/ in <=2004.3 amd64 allready exists and was never removed and libsandbox.so does not exist any longer in /emul/linux/x86/lib32/ due to the sandbox bugs that were previously addressed in <=sys-apps/portage-2.0.51.22-r3 and most likely that the location was depreciated.

I'll keep at it and relay any more information I can offer. Perhaps with 2.0.54 portage being available for some time now full multilib support for selinux/2006.0/amd64 could be addressed.
Comment 2 Chris PeBenito (RETIRED) gentoo-dev 2007-08-22 01:52:43 UTC 
shouldn't be a problem anymore now that 2007.1 profiles inherit default-linux/$arch profiles