Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 160879

Summary: sys-apps/busybox-1.3.1 fails to compile with selinux
Product: Gentoo Linux Reporter: Xake <kanelxake>
Component: New packagesAssignee: SE Linux Bugs <selinux>
Status: RESOLVED FIXED    
Severity: normal CC: art-gt, kanelxake, vapier
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: Buildlog for 1.4.2 and USE="-static"

Description Xake 2007-01-08 13:16:10 UTC 
If I in any way use 'CONFIG_SELINUX=y' for busybox (even if I compile by hand) I got the message below. Changeing this option to # 'CONFIG_SELINUX is not set' allows the compilation to finish, however I think this is set by purpose on my SELinux-enabled system...


  CC      util-linux/umount.o
  AR      util-linux/lib.a
  LINK    busybox_unstripped
coreutils/lib.a(id.o): In function `id_main':
id.c:(.text.id_main+0x17f): undefined reference to `is_selinux_enabled'
id.c:(.text.id_main+0x1ae): undefined reference to `getcon'
id.c:(.text.id_main+0x1e4): undefined reference to `freecon'
coreutils/lib.a(ls.o): In function `my_stat':
ls.c:(.text.my_stat+0x33): undefined reference to `is_selinux_enabled'
ls.c:(.text.my_stat+0xb1): undefined reference to `is_selinux_enabled'
ls.c:(.text.my_stat+0x100): undefined reference to `lgetfilecon'
ls.c:(.text.my_stat+0x112): undefined reference to `getfilecon'
coreutils/lib.a(ls.o): In function `showfiles':
ls.c:(.text.showfiles+0x389): undefined reference to `freecon'
init/lib.a(init.o): In function `init_main':
init.c:(.text.init_main+0x6a7): undefined reference to `selinux_init_load_policy'
loginutils/lib.a(login.o): In function `login_main':
login.c:(.text.login_main+0x7f8): undefined reference to `is_selinux_enabled'
login.c:(.text.login_main+0x820): undefined reference to `get_default_context'
login.c:(.text.login_main+0x83f): undefined reference to `getfilecon'
login.c:(.text.login_main+0x875): undefined reference to `security_compute_relabel'
login.c:(.text.login_main+0x894): undefined reference to `setfilecon'
libbb/lib.a(run_shell.o): In function `set_current_security_context':
run_shell.c:(.text.set_current_security_context+0x10): undefined reference to `freecon'
libbb/lib.a(run_shell.o): In function `run_shell':
run_shell.c:(.text.run_shell+0xcb): undefined reference to `setexeccon'
run_shell.c:(.text.run_shell+0x121): undefined reference to `freecon'
collect2: ld returned 1 exit status
distcc[13138] ERROR: compile (null) on localhost failed
make: *** [busybox_unstripped] Error 1

!!! ERROR: sys-apps/busybox-1.3.1 failed.
Call stack:
  ebuild.sh, line 1593:   Called dyn_compile
  ebuild.sh, line 951:   Called src_compile
  busybox-1.3.1.ebuild, line 182:   Called die

!!! build failed
!!! If you need support, post the topmost build error, and the call stack if relevant.

Portage 2.1.2_rc4-r7 (selinux/x86/2006.1, gcc-4.1.1, glibc-2.5-r0, 2.6.19-hardened-r3 i686)
=================================================================
System uname: 2.6.19-hardened-r3 i686 Pentium III (Coppermine)
Gentoo Base System version 1.13.0_alpha10
Last Sync: Mon, 08 Jan 2007 08:50:01 +0000
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled]
ccache version 2.4 [enabled]
dev-lang/python:     2.4.4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.4-r6
sys-apps/sandbox:    1.2.18.1
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.17.50.0.9
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.19
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium3 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /opt/glftpd/etc /opt/glftpd/ftp-data"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-O2 -march=pentium3 -pipe -fvisibility-inlines-hidden"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS=""
FEATURES="autoconfig ccache distcc distlocks loadpolicy parallel-fetch sandbox selinux sesandbox sfperms strict test userfetch userpriv usersandbox"
GENTOO_MIRRORS="ftp://ftp.sunet.se/pub/os/Linux/distributions/gentoo http://ftp.du.se/pub/os/gentoo http://ds.thn.htu.se/linux/gentoo "
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu -Wl,-z,now -Wl,-z,relro"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage /usr/portage/local/layman/webapps-experimental"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="apache2 bash-completion berkdb bzip2 crypt cups glibc-omitfp hardened ipv6 jpeg logrotate mysql ncurses nls nptl nptlonly offensive pam pic png python readline selinux sensord serial sse ssl tcpd test tiff udev unicode unzip x86 xinetd zip zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" USERLAND="GNU" VIDEO_CARDS="none"
Unset:  CTARGET, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Xake 2007-01-27 19:02:59 UTC 
still true for sys-apps/busybox-1.4.1-r1
Comment 2 AlannY 2007-02-09 12:21:09 UTC 
The same bug with 1.3.1 and 1.4.1-r1.

Latest stable 1.2.2.1
Comment 3 Xake 2007-02-16 09:39:38 UTC 
Had some time to look at some things and the following commando does pass so somewhere in a Makefile there is something missing:

make clean && LDFLAGS="-lselinux" make

and no errors.
Comment 4 Xake 2007-03-19 21:12:02 UTC 
Bug upstream:
http://busybox.net/bugs/view.php?id=1239

However patching Makefile.flags to include 

ifeq ($(CONFIG_SELINUX),y)
LDFLAGS += -lselinux -lsepol
endif

works manually but not when compiling from ebuild.
Comment 5 Arthur Hagen 2007-03-22 17:00:40 UTC 
Yep, still a problem with the latest stable.
IMO, >=busybox-1.3 needs to be masked for selinux until this can get fixed.
Comment 6 Xake 2007-03-25 15:56:36 UTC 
busybox-1.5.0 seems to include a rework of SELinux. As the current stable (1.2.2.1) does not compile (bug #169830) it would be nice to see busybox-1.5.0 in the tree even if www.busybox.net says unstable to test if it works better...
Comment 7 SpanKY gentoo-dev 2007-03-25 16:29:28 UTC 
fixed in 1.4.1-r2 and 1.4.2
Comment 8 Xake 2007-03-25 17:27:03 UTC 
Still almost identical error-message (and, yes. I have dubbel-checked that I am using the fixed version).


  LINK    busybox_unstripped
coreutils/lib.a(id.o): In function `id_main':
id.c:(.text.id_main+0x1ab): undefined reference to `is_selinux_enabled'
id.c:(.text.id_main+0x1df): undefined reference to `getcon'
id.c:(.text.id_main+0x220): undefined reference to `freecon'
coreutils/lib.a(ls.o): In function `my_stat':
ls.c:(.text.my_stat+0x59): undefined reference to `is_selinux_enabled'
ls.c:(.text.my_stat+0xf8): undefined reference to `is_selinux_enabled'
ls.c:(.text.my_stat+0x153): undefined reference to `lgetfilecon'
ls.c:(.text.my_stat+0x16f): undefined reference to `getfilecon'
coreutils/lib.a(ls.o): In function `showfiles':
ls.c:(.text.showfiles+0x3d1): undefined reference to `freecon'
init/lib.a(init.o): In function `init_main':
init.c:(.text.init_main+0x6f3): undefined reference to `selinux_init_load_policy'
loginutils/lib.a(login.o): In function `login_main':
login.c:(.text.login_main+0x83e): undefined reference to `is_selinux_enabled'
login.c:(.text.login_main+0x860): undefined reference to `get_default_context'
login.c:(.text.login_main+0x87c): undefined reference to `getfilecon'
login.c:(.text.login_main+0x8a9): undefined reference to `security_compute_relabel'
login.c:(.text.login_main+0x8c5): undefined reference to `setfilecon'
libbb/lib.a(run_shell.o): In function `set_current_security_context':
run_shell.c:(.text.set_current_security_context+0x34): undefined reference to `freecon'
libbb/lib.a(run_shell.o): In function `run_shell':
run_shell.c:(.text.run_shell+0xec): undefined reference to `setexeccon'
run_shell.c:(.text.run_shell+0x14f): undefined reference to `freecon'
libbb/lib.a(run_shell.o): In function `renew_current_security_context':
run_shell.c:(.text.renew_current_security_context+0x29): undefined reference to `freecon'
run_shell.c:(.text.renew_current_security_context+0x37): undefined reference to `getcon'
collect2: ld returned 1 exit status
make: *** [busybox_unstripped] Error 1

!!! ERROR: sys-apps/busybox-1.4.2 failed.
Comment 9 SpanKY gentoo-dev 2007-03-27 05:22:05 UTC 
i dont have any selinux systems so you need to debug why the patch isnt working
Comment 10 Xake 2007-03-27 07:09:24 UTC 
Well fire away, I am all yours for experiment.
As I could see portage applies the patch but ignores the Makefile.flags. But as busybox does not output the compile options I can't see if it really adds -lselinux and -lsepol to the command.
Comment 11 SpanKY gentoo-dev 2007-03-28 06:00:24 UTC 
indeed, in one case it does (USE=-static) ... fixed in cvs now, thanks for pointing that out
Comment 12 Xake 2007-03-29 08:37:47 UTC 
Created attachment 114847 [details]
Buildlog for 1.4.2 and USE="-static"

Sorry but that does not seems to fix it here either. It comes one step closer, but then just some additionals warnings before the errormessage comes.

  AR      util-linux/lib.a
  LINK    busybox_unstripped
***Here it broke before
  LD      applets/built-in.o
  LINK    busybox_unstripped

True for both 1.4.2 and 1.5.0.
And there seems to be no diffrense for USE="static" and USE="-static"
Comment 13 Xake 2007-03-29 14:35:41 UTC 
Forgot to reopen
Comment 14 Xake 2007-03-29 17:52:59 UTC 
strange.
MAKEOPTS="-n" ebuild busybox-1.4.2.ebuild tells me it has -lselinux and -lsepol but fails anyway...

echo '  LINK    busybox_unstripped'; /var/tmp/portage/sys-apps/busybox-1.5.0/work/busybox-1.5.0/scripts/tryl-gnu-gcc -Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu -static -lselinux -lsepol -o busybox_unstripped -Wl,-Mn -Wl,--sort-common -Wl,--start-group  applets/built-in.o  archival/lib.a  archival/libunarchive/lib.a  conscoreutils/lib.a  coreutils/libcoreutils/lib.a  debianutils/lib.a  e2fsprogs/lib.a  editors/lib.a  findutils/  libbb/lib.a  libpwdgrp/lib.a  loginutils/lib.a  miscutils/lib.a  modutils/lib.a  networking/lib.a  networkb.a  networking/udhcp/lib.a  procps/lib.a  runit/lib.a  selinux/lib.a  shell/lib.a  sysklogd/lib.a  util-linl/built-in.o  archival/libunarchive/built-in.o  console-tools/built-in.o  coreutils/built-in.o  coreutils/liin.o  debianutils/built-in.o  e2fsprogs/built-in.o  editors/built-in.o  findutils/built-in.o  init/built-in..o  libpwdgrp/built-in.o  loginutils/built-in.o  miscutils/built-in.o  modutils/built-in.o  networking/built/libiproute/built-in.o  networking/udhcp/built-in.o  procps/built-in.o  runit/built-in.o  selinux/built-in.oo  sysklogd/built-in.o  util-linux/built-in.o -Wl,--end-group
echo 'cmd_busybox_unstripped := /var/tmp/portage/sys-apps/busybox-1.5.0/work/busybox-1.5.0/scripts/trylink igcc -Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu -static -lselinux -lsepol -o busybox_unstripped -Wl,-M -Wl,,--sort-common -Wl,--start-group  applets/built-in.o  archival/lib.a  archival/libunarchive/lib.a  console-ttils/lib.a  coreutils/libcoreutils/lib.a  debianutils/lib.a  e2fsprogs/lib.a  editors/lib.a  findutils/lib.abb/lib.a  libpwdgrp/lib.a  loginutils/lib.a  miscutils/lib.a  modutils/lib.a  networking/lib.a  networking/lnetworking/udhcp/lib.a  procps/lib.a  runit/lib.a  selinux/lib.a  shell/lib.a  sysklogd/lib.a  util-linux/lilt-in.o  archival/libunarchive/built-in.o  console-tools/built-in.o  coreutils/built-in.o  coreutils/libcore debianutils/built-in.o  e2fsprogs/built-in.o  editors/built-in.o  findutils/built-in.o  init/built-in.o  liibpwdgrp/built-in.o  loginutils/built-in.o  miscutils/built-in.o  modutils/built-in.o  networking/built-in.oproute/built-in.o  networking/udhcp/built-in.o  procps/built-in.o  runit/built-in.o  selinux/built-in.o  shesklogd/built-in.o  util-linux/built-in.o -Wl,--end-group' > ./.busybox_unstripped.cmd
rm -f .old_version
Comment 15 SpanKY gentoo-dev 2007-03-30 05:49:50 UTC 
the order is funked ... ive fixed this upstream and in our versions ... thanks for testing
Comment 16 Xake 2007-03-30 11:12:15 UTC 
Thanks, busybox-1.4.2 emerged just fine!
Maybe a patch for 1.5.0 or mask it until 1.5.1 (wich I pressume is fixed) is released?
Comment 17 SpanKY gentoo-dev 2007-03-31 03:32:36 UTC 
err, i fixed trunk, not the branch ... but ive rectified that so 1.5.1 will include the fix ... thanks for reminding me ;)