I emerged www-client/mozilla-firefox, but dev-libs/nss failed because nsinstall cannot create directories. Here is part of my build.log: make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' Creating ../../dist/public/dbm directory creation race: ../../dist nsinstall: cannot mkdir -p ../../dist: No such file or directory /bin/sh: line 3: 26892 Aborted ../../coreconf/nsinstall/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall -D ../../dist/public/dbm make[1]: *** [../../dist/public/dbm] Error 134 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' make: *** [export] Error 2 emerge --info: Portage 2.1.7.3 (hardened/linux/x86/10.0/desktop, gcc-4.3.4, glibc-2.10.1-r0, 2.6.31-zen5-com2 i686) ================================================================= System uname: Linux-2.6.31-zen5-com2-i686-Genuine_Intel-R-_CPU_T2050_@_1.60GHz-with-gentoo-2.0.1 Timestamp of tree: Fri, 06 Nov 2009 04:45:02 +0000 app-shells/bash: 4.0_p35 dev-lang/python: 2.6.4, 3.1.1-r1 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.2-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.9.6-r2, 1.10.2, 1.11 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86 ~x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" DISTDIR="/var/cache/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirrors.163.com/gentoo" LANG="zh_CN.UTF-8" LDFLAGS="-Wl,-O1" PKGDIR="/var/cache/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/cache/portage/repositories/gentoo" PORTDIR_OVERLAY="/var/cache/portage/repositories/sunrise /var/cache/portage/repositories/gentoo-china /var/cache/portage/repositories/oss-overlay" SYNC="rsync://mirror.averse.net/gentoo-portage" USE="X a52 aac acl acpi bash-completion berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups dbus dri dts dvd dvdr eds emboss encode evo fam flac gdbm gif gnome gpm gstreamer gtk hal hardened iconv ipv6 jpeg ldap libnotify mad mikmod modules mp3 mp4 mpeg mudflap ncurses nls nptl nptlonly ogg opengl openmp oss pam pcre pdf perl pic png ppds pppd python quicktime readline reflection sdl session spell spl ssl startup-notification svg sysfs tcpd thunar tiff truetype unicode urandom usb vim-syntax vorbis win32codecs x264 x86 xml xorg xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_ Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, LINGUAS, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Please attach full build.log.
>>> Unpacking source... >>> Unpacking nss-3.12.4.tar.gz to /var/tmp/portage/dev-libs/nss-3.12.4-r2/work * Applying nss-3.12.4-gentoo-fixups-1.diff ... [ ok ] >>> Source unpacked in /var/tmp/portage/dev-libs/nss-3.12.4-r2/work >>> Compiling source in /var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4 ... make -j3 -j1 CC=i686-pc-linux-gnu-gcc cd nsinstall; make export make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' make[1]: Nothing to be done for `export'. make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' cd nsinstall; make libs make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' i686-pc-linux-gnu-gcc -o Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall.o -c -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -march=native -pipe nsinstall.c i686-pc-linux-gnu-gcc -o Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/pathsub.o -c -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -march=native -pipe pathsub.c i686-pc-linux-gnu-gcc -o Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -march=native -pipe Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall.o Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/pathsub.o -Wl,-O1 -Wl,--as-needed -lpthread -ldl -lc true -m 775 Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall ../../dist/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/bin make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' make -j3 -j1 CC=i686-pc-linux-gnu-gcc cd include; make export make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' Creating ../../dist/public/dbm directory creation race: ../../dist nsinstall: cannot mkdir -p ../../dist: No such file or directory /bin/sh: line 3: 18467 Aborted ../../coreconf/nsinstall/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall -D ../../dist/public/dbm make[1]: *** [../../dist/public/dbm] Error 134 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' make: *** [export] Error 2 * ERROR: dev-libs/nss-3.12.4-r2 failed: * dbm make failed * * Call stack: * ebuild.sh, line 55: Called src_compile * environment, line 2614: Called die * The specific snippet of code: * emake -j1 CC="$(tc-getCC)" || die "dbm make failed"; * * If you need support, post the output of 'emerge --info =dev-libs/nss-3.12.4-r2', * the complete build log and the output of 'emerge -pqv =dev-libs/nss-3.12.4-r2'. * The complete build log is located at '/var/tmp/portage/dev-libs/nss-3.12.4-r2/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/dev-libs/nss-3.12.4-r2/temp/environment'. * S: '/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4'
Created attachment 209505 [details] build.log if LANG=C I then set LANG=C and retry and gain this build.log
*** Bug 292349 has been marked as a duplicate of this bug. ***
what version of coreutils do you have installed?
Maybe I know the reason for the strange behavior of 'emerge nss', at least in the case of Bug 292349. In the past I had a hardened profile. Because of some package conflicts I change from hardened/linux/x86/10.0 to default/linux/x86/10.0/desktop. But I still used the gcc configuration from the hardened profile (i686-pc-linux-gnu-4.3.3). After switching to i686-pc-linux-gnu-4.4.2, which I installed already in the desktop profile, I could today emerge again nss-3.12.4-r2. Regards
coreutils-7.6
If you would please humor me and test hardened-sources or gentoo-sources, if testing hardened-sources I suggest you use the hardened-dev git overlay, I have not been able to duplicate the bug in any fashion with a stable and a testing setup.
Or reassign to hardened?
(In reply to comment #9) > Or reassign to hardened? > I am a part of hardened dev. Without the requested information we can rule out your kernel as being a problem. Your kernel is rather experimental and has to be rules out.
Tested under gentoo-sources-2.6.31-p5 However personally I do not think this makes much sense. I compile all these under Ubuntu's chrooting environment.
Tested with gcc-4.3.4-vanilla. Compile successful. (Under ubuntu's chrooting environment with gentoo-sources-2.6.31-r5). with gcc-4.3.4-hardened compiling failed.
Having identical issue: make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' make -j1 CC=x86_64-pc-linux-gnu-gcc cd include; make export make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' Creating ../../dist/public/dbm directory creation race: ../../dist nsinstall: cannot mkdir -p ../../dist: No such file or directory /bin/sh: line 3: 2771 Aborted ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D ../../dist/public/dbm make[1]: *** [../../dist/public/dbm] Error 134 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' make: *** [export] Error 2 # emerge --info =dev-libs/nss-3.12.4-r2 Portage 2.1.7.4 (hardened/linux/amd64/10.0, gcc-4.3.4, glibc-2.11-r0, 2.6.29-hardened x86_64) ================================================================= System Settings ================================================================= System uname: Linux-2.6.29-hardened-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4400+-with-gentoo-2.0.1 Timestamp of tree: Wed, 11 Nov 2009 17:00:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.9-r1 dev-lang/python: 2.6.4, 3.1.1-r1 dev-python/pycrypto: 2.1.0_beta1 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.2-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.10.2, 1.11 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" LINGUAS="en" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl amd64 apache2 bash-completion berkdb bzip2 cli cracklib crypt curl custom-optimization dri exif gd-external gdal gdbm geos gif git gml gmp hardened hash iconv java java-external javascript jpeg jpeg2k json justify ldap mmx modules mudflap multilib ncurses nls nptl nptlonly ogdi openmp pam pcre pg-intdatetime php pic png postgis postgres pppd proj python readline reflection session simplexml snmp spl sse sse2 ssl subversion svg sysfs syslog tcpd tiff truetype unicode urandom vhosts vim-syntax xml xmlreader xmlrpc xmlwriter xorg zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="proxy_ajp proxy_http actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias proxy" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY BUILD.LOG: >>> Unpacking source... >>> Unpacking nss-3.12.4.tar.gz to /var/tmp/portage/dev-libs/nss-3.12.4-r2/work * Applying nss-3.12.4-gentoo-fixups-1.diff ... [ ok ] >>> Source unpacked in /var/tmp/portage/dev-libs/nss-3.12.4-r2/work >>> Compiling source in /var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4 ... make -j1 CC=x86_64-pc-linux-gnu-gcc cd nsinstall; make export make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' make[1]: Nothing to be done for `export'. make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' cd nsinstall; make libs make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' x86_64-pc-linux-gnu-gcc -o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall.o -c -O2 -fPIC -DLINUX1_2 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -pipe nsinstall.c x86_64-pc-linux-gnu-gcc -o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/pathsub.o -c -O2 -fPIC -DLINUX1_2 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -pipe pathsub.c x86_64-pc-linux-gnu-gcc -o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -O2 -fPIC -DLINUX1_2 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -I/usr/include/nspr -I../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/include -I../../dist/public/coreconf -I../../dist/private/coreconf -O2 -pipe Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/pathsub.o -Wl,-O1 -lpthread -ldl -lc true -m 775 Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall ../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/bin make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/coreconf/nsinstall' make -j1 CC=x86_64-pc-linux-gnu-gcc cd include; make export make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' Creating ../../dist/public/dbm directory creation race: ../../dist nsinstall: cannot mkdir -p ../../dist: No such file or directory /bin/sh: line 3: 3184 Aborted ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D ../../dist/public/dbm make[1]: *** [../../dist/public/dbm] Error 134 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/dbm/include' make: *** [export] Error 2 * ERROR: dev-libs/nss-3.12.4-r2 failed: * dbm make failed * * Call stack: * ebuild.sh, line 55: Called src_compile * environment, line 2682: Called die * The specific snippet of code: * emake -j1 CC="$(tc-getCC)" || die "dbm make failed"; * * If you need support, post the output of 'emerge --info =dev-libs/nss-3.12.4-r2', * the complete build log and the output of 'emerge -pqv =dev-libs/nss-3.12.4-r2'. * The complete build log is located at '/var/tmp/portage/dev-libs/nss-3.12.4-r2/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/dev-libs/nss-3.12.4-r2/temp/environment'. * S: '/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4'
Zorry please have a look at as soon as possible.
Did you all remember to emerge -e system && emerge -e world after gcc upgrade?
Compiles fine with portage 2.1.6.13, hardened gcc-4.3.4, glibc-2.9_p20081201-r2, sys-devel/binutils-2.18-r3 on both hardened/linux/amd64/10.0 and hardened/linux/x86/10.0.
Compiled fine with: sys-apps/portage-2.1.6.13 sys-devel/gcc-4.3.4-r2 sys-libs/glibc-2.9_p20081201-r4 sys-devel/binutils-2.19.1-r1 Profile: hardened/linux/x86/10.0 emerge --info: Portage 2.1.6.13 (hardened/linux/x86/10.0, gcc-4.3.4, glibc-2.9_p20081201-r4, 2.6.31-r6 i686) ================================================================= System uname: Linux-2.6.31-r6-i686-VIA_Nehemiah-with-gentoo-1.12.13 Timestamp of tree: Wed, 11 Nov 2009 13:15:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 4.0_p28 dev-lang/python: 2.6.2-r1 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.63-r1 sys-devel/automake: 1.10.2 sys-devel/binutils: 2.19.1-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.29 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=i686 -msse -mmmx -mfpmath=sse -Os -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=i686 -msse -mmmx -mfpmath=sse -Os -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="buildpkg ccache distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict suidctl unmerge-orphans" GENTOO_MIRRORS="rsync://ftp.join.uni-muenster.de/gentoo" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage /usr/local/portage/overlay/hardened-development" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="acl apache2 bash-completion berkdb bzip2 caps cli cracklib crypt ctype cups curl dri fam gd geoip gmp gnutls hardened iconv idn imap innodb ipv6 jbig jpeg jpeg2k libwww lm_sensors maildir mhash mmx modules mudflap mysql ncurses nls nptl nptlonly pam pcre perl pic png posix pppd python readline reflection sasl session snmp sockets spl ssl sysfs tcpd threads tiff unicode usb vhosts x86 xattr xml zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 imstt intel mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
(In reply to comment #17) > sys-devel/gcc-4.3.4-r2 > sys-libs/glibc-2.9_p20081201-r4 both from hardened-dev overlay gcc --version gcc (Gentoo Hardened 4.3.4-r2 p1.0, espf-0.3.5) 4.3.4
Want a strace on nsinstall. For me it emerge fine. nss is building nsinstall with -fPIC as default and the only flag we add is -pie when linking it.
I emerge -e system of course. I will trace it. By the way, hardened-dev overlay? Is that the Toolchain overlay in layman list?
ubuntu-laptop store # strace ../../../../../coreconf/nsinstall/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall -D Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ execve("../../../../../coreconf/nsinstall/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall", ["../../../../../coreconf/nsinstal"..., "-D", "Linux2.6_x86_i686-pc-linux-gnu-g"...], [/* 37 vars */]) = 0 brk(0) = 0x1d5b000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=37669, ...}) = 0 mmap2(NULL, 37669, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f89000 close(3) = 0 open("/lib/libpthread.so.0", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`I\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=116126, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f88000 mmap2(NULL, 98540, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xf14000 mmap2(0xf29000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0xf29000 mmap2(0xf2b000, 4332, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xf2b000 close(3) = 0 open("/lib/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360k\1\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1343692, ...}) = 0 mmap2(NULL, 1350792, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x110000 mmap2(0x254000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x144) = 0x254000 mmap2(0x257000, 11400, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x257000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f87000 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f876c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0x254000, 8192, PROT_READ) = 0 mprotect(0xf29000, 4096, PROT_READ) = 0 mprotect(0x7f8000, 4096, PROT_READ) = 0 mprotect(0xb88000, 4096, PROT_READ) = 0 munmap(0xb7f89000, 37669) = 0 set_tid_address(0xb7f87728) = 8906 set_robust_list(0xb7f87730, 0xc) = 0 futex(0xbfd7fce0, FUTEX_WAKE_PRIVATE, 1) = 0 futex(0xbfd7fce0, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, bfd7fcf0) = -1 EAGAIN (Resource temporarily unavailable) rt_sigaction(SIGRTMIN, {0xf18340, [], SA_SIGINFO}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {0xf18840, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0 uname({sys="Linux", node="ubuntu-laptop", ...}) = 0 stat64("Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ", 0xbfd7db14) = -1 ENOENT (No such file or directory) mkdir("Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ", 0777) = 0 exit_group(0)
By the way, hardenednopie is okay, but hardened with pie is not.
ruckc can you try to get a trace on nsinstall to?
Can you all that experience this bug try to downgrade your version of sys-apps/sandbox to 2.1 or lower and try merge nss again?
If we downgrade to sandbox-2.1 it compiles fine.
(In reply to comment #25) > If we downgrade to sandbox-2.1 it compiles fine. > sandbox team needs to also be aware that this bug does not effect all users. I am planning to investigate this further but will need assistance from those familiar with the sandbox code already.
perhaps it is only happening to hardened users are you guys building coreutils with USE=static ?
(In reply to comment #27) > perhaps it is only happening to hardened users > > are you guys building coreutils with USE=static ? > nope
if sandbox-2.1 works but sandbox-2.2 fails, the most likely change is: http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commitdiff;h=180958291462f38154916103a6a4bdeb852e6cc3
no on coreutils +static and with sandbox-2.1 it compiles fine and i would say its affecting hardened profiles
(In reply to comment #30) > no on coreutils +static > and with sandbox-2.1 it compiles fine > > and i would say its affecting hardened profiles > BIggest problem is tho it only effects certain users, very hard to nail down what is causing the issue when I for instance am unable to duplicate the bug.
Portage 2.1.7.4 (hardened/linux/amd64/10.0/no-multilib, gcc-4.4.2, glibc-2.11-r0, 2.6.31-hardened-r7 x86_64) ================================================================= System uname: Linux-2.6.31-hardened-r7-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7500_@_2.20GHz-with-gentoo-2.0.1 Timestamp of tree: Unknown app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.9-r1 dev-lang/python: 2.6.4 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.2-r2 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.8.5-r3, 1.10.2, 1.11 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=core2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -march=core2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps=y" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LANG="en_US.UTF-8" LC_ALL="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu" MAKEOPTS="-j3 -s --no-print-directory" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/home/toolchain /home/mozilla /home/gentoo" SYNC="cvs://anarchy@cvs.gentoo.org:/var/cvsroot" USE="X a52 aac acpi alsa amd64 aspell audit berkdb bluetooth branding bzip2 cairo cli consolekit cracklib crypt cups custom-optimization dbus dri dvd dvdnav encode fam ffmpeg gdbm gnome gnome-keyring gstreamer gtk hal hardened iconv jpeg justify laptop libssh2 libsysfs mad mjpeg mmx modules mp3 mpeg mudflap nautilus ncurses networkmanager nptl nptlonly nsplugin nss opengl openmp openssl pam pcre perl pic png policykit python readline rtc sdl session shm spell sqlite sse sse2 ssl svg sysfs tcpd theora tiff truetype twolame udev unicode urandom usb vdpau vorbis x264 xinerama xorg xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="nv nvidia" Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
(In reply to comment #29) > if sandbox-2.1 works but sandbox-2.2 fails, the most likely change is: > http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commitdiff;h=180958291462f38154916103a6a4bdeb852e6cc3 > I reverted the patch on sandbox-2.2 and nss compile fine.
i can reproduce on my hardened system. not sure why only nss triggers this.
Same issue here. Downgrading to sandbox-2.1 allowed nss to compile. Running hardened, no-multilib, hardened-dev overlay, gcc-4.4.2, glibc-2.10.1-r1, 2.6.31-hardened-r7 (grsec & pax not enabled), ~amd64 I can post more info if need be, but I think the others in this bug have it covered.
I started another installation of my friend's laptop, facing the same situation: Portage 2.1.7.13 (hardened/linux/x86/10.0/desktop, gcc-4.3.4, glibc-2.11-r1, 2.6.31-zen9 i686) ================================================================= System uname: Linux-2.6.31-zen9-i686-Genuine_Intel-R-_CPU_T2050_@_1.60GHz-with-gentoo-2.0.1 Timestamp of tree: Tue, 15 Dec 2009 06:45:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.10 dev-lang/python: 2.6.4, 3.1.1-r1 dev-util/cmake: 2.8.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.3 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.64 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86 ~x86" ACCEPT_LICENSE="* -@EULA" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo" CXXFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" DISTDIR="/var/cache/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y --nospinner --quiet-build -j3" FEATURES="assume-digests buildpkg distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict test test-fail-continue unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirrors.163.com/gentoo http://gentoo.aditsu.net" LANG="zh_TW.UTF-8" LC_ALL="C" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="zh_TW zh" MAKEOPTS="-j1" PKGDIR="/var/cache/portage/packages" PORTAGE_COMPRESS="" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/cache/portage/ebuilds/gentoo" PORTDIR_OVERLAY="/var/cache/portage/ebuilds/sunrise /var/cache/portage/ebuilds/gentoo-china /var/cache/portage/ebuilds/haskell /var/cache/portage/ebuilds/kde /var/cache/portage/ebuilds/oss-overlay /var/cache/portage/ebuilds/hardened-development /var/cache/portage/ebuilds/local" SYNC="rsync://mirror.averse.net/gentoo-portage" USE="X a52 aac acl acpi bash-completion berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr emboss encode fam flac gdbm gif gnutls gpm gstreamer hal hardened iconv ipv6 jpeg kde ldap lzma mad mikmod mmx mmxext modules mp3 mp4 mpeg mudflap ncurses nls nptl nptlonly nsplugin ogg opengl openmp oss pam pcre pdf perl pic png policykit ppds pppd python qt3support qt4 quicktime readline reflection sdl session spell spl sse sse2 ssl startup-notification svg sysfs tcpd thunar tiff truetype unicode urandom usb vorbis webkit win32codecs x264 x86 xml xorg xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="zh_TW zh" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS make[2]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/nss/lib/base' directory creation race: Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ nsinstall: cannot mkdir -p Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ: No such file or directory /bin/sh: line 1: 11371 Aborted ../../../coreconf/nsinstall/Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/nsinstall -D Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ make[2]: *** [Linux2.6_x86_i686-pc-linux-gnu-gcc_glibc_PTH_OPT.OBJ/arena.o] Error 134 make[2]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/nss/lib/base' make[1]: *** [libs] Error 2 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.4-r2/work/nss-3.12.4/mozilla/security/nss/lib' make: *** [libs] Error 2
I can't get a handle on this bug at all. No matter what I try I can't hit it. I finally set up a system as close as possible to the one described in Comment #36 but no bug. The only significant difference is the kernel. My emerge --info follows. Maybe if someone prepares an image of a system which manifests the bug we'd have somewhere to start. Portage 2.1.7.13 (hardened/linux/x86/10.0/desktop, gcc-4.3.4, glibc-2.11-r1, 2.6.28-hardened-r9 i686) ================================================================= System uname: Linux-2.6.28-hardened-r9-i686-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.0.1 Timestamp of tree: Fri, 18 Dec 2009 08:00:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.10 dev-lang/python: 2.6.4, 3.1.1-r1 dev-util/cmake: 2.8.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.3 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.64 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86 ~x86" ACCEPT_LICENSE="* -@EULA" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -march=i686 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://192.168.100.9/pub/gentoo" LANG="zh_TW.UTF-8" LC_ALL="C" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="zh_TW zh" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://192.168.100.7/portage" USE="X a52 aac acl acpi alsa bash-completion berkdb bluetooth branding bzip2 cairo cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr eds emboss encode evo fam firefox flac gdbm gif gnome gnutls gpm gstreamer gtk hal hardened iconv ipv6 jpeg kde ldap libnotify lzma mad mikmod mmx mmxext mng modules mp3 mp4 mpeg mudflap ncurses nls nptl nptlonly nsplugin ogg opengl openmp oss pam pcre pdf perl pic png policykit ppds pppd python qt3support qt4 quicktime readline reflection sasl sdl session spell spl sse sse2 ssl startup-notification svg sysfs tcpd thunar tiff truetype unicode urandom usb vorbis webkit win32codecs x264 x86 xml xorg xulrunner xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="zh_TW zh" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Try to re-emerge dev-libs/nspr.
(In reply to comment #38) > Try to re-emerge dev-libs/nspr. > Does not work here, probably because this problem is something that seems to have to do with sandbox and the mkdir() functions on hardened. For some reason in this case it returns EEXIST for directories that does not exist on some machines, and problem is that we has not yet even nailed why the same stage3 can work on one system but not the other.
Unable to reproduce: [ebuild N ] dev-libs/nspr-4.8.2 USE="ipv6 -debug" 1,204 kB [ebuild N ] dev-libs/nss-3.12.5 USE="-utils" 5,271 kB System info: Portage 2.1.7.14 (hardened/linux/amd64/10.0/no-multilib, gcc-4.3.4, glibc-2.11-r1, 2.6.28-hardened-r7 x86_64) ================================================================= System uname: Linux-2.6.28-hardened-r7-x86_64-Intel-R-_Xeon-TM-_CPU_3.20GHz-with-gentoo-2.0.1 Timestamp of tree: Wed, 16 Dec 2009 17:45:01 +0000 app-shells/bash: 4.0_p35 dev-lang/python: 2.4.4-r6, 2.5.4-r2, 2.6.4, 3.1.1-r1 dev-python/pycrypto: 2.1.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.5.3 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.64 sys-devel/automake: 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/srv/gentoo/overlay /usr/local/portage" SYNC="rsync://portage-rsync.linx.net/gentoo-portage" USE="acl amd64 animgif bash-completion berkdb bzip2 calendar cgi cli cracklib crypt cxx dahdi device-mapper diskio dri elf expat fastcgi gd gdbm gif gnutls hardened iconv ipv6 jabber jbig jpeg justify lm_sensors lzma md5sum mmx modules mpm-prefork mudflap ncurses network-cron no-old-linux nptl nptlonly ogg pam pcre perl pic png pppd python readline reflection rss session snmp span speex spl sqlite sse sse2 ssl sysfs syslog threads truetype unicode urandom vhosts vorbis xml xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
I can still replicate this. I have masked sandbox-2.2, but unmasking, upgrading, and then recompiling NSS produces the same Error 134 with regards to DBM and nsinstall. Let me know if you need anything further. lptp ~ # emerge --info Portage 2.1.7.15 (hardened/linux/amd64/10.0/no-multilib, gcc-4.4.2, glibc-2.11-r1, 2.6.31-hardened-r7 x86_64) ================================================================= System uname: Linux-2.6.31-hardened-r7-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7500_@_2.20GHz-with-gentoo-2.0.1 Timestamp of tree: Wed, 23 Dec 2009 16:00:01 +0000 app-shells/bash: 4.0_p35 dev-java/java-config: 2.1.10 dev-lang/python: 2.6.4, 3.1.1-r1 dev-util/cmake: 2.8.0 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.0 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.64 sys-devel/automake: 1.8.5-r3, 1.9.6-r2, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe -floop-interchange -floop-strip-mine -floop-block" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -march=native -pipe -floop-interchange -floop-strip-mine -floop-block" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirror.datapipe.net/gentoo" LDFLAGS="-Wl,-O1" LINGUAS="en en_US" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/hardened-development /usr/local/portage/layman/go-mysql" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl acpi alsa amd64 apache2 bash-completion berkdb bzip2 cli cracklib crypt ctype cups cxx dbus dhcpcd dri faac flac gcj gd gdbm git glitz gpm graphite gstreamer hal hardened iconv jack justify kde mmx mng modules mp3 mudflap mysql mysqli ncurses nls nptl nptlonly nsplugin opengl openmp pam pcre perl phonon php pic png pppd python qt3support qt4 readline reflection session spl sql sqlite sse sse2 ssl subversion svg symlink sysfs tcpd theora threads tiff truetype unicode urandom webkit x264 xcomposite xorg xvid zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
*** Bug 300982 has been marked as a duplicate of this bug. ***
I have found the bug. The problem is in sandbox-2.2/libsandbox/libsandbox.c in function canonicalize() (line 174): if (NULL == erealpath(resolved_path, resolved_path)) { erealpath() does not behave well when it is called with the same memory location in both arguments. I can see two solutions of the problem: 1. change canonicalize() so it allocates a temporary buffer, makes a copy of resolved_path and calls erealpath() with different parameters 2. change erealpath() so it works well when both arguments are equal. It can be done by commenting line 198 in sandbox-2.2/libsandbox/canonicalize.c, but I don't know if it won't cause a bug in other conditions. Best regards, Marek Wróbel
*** Bug 302383 has been marked as a duplicate of this bug. ***
(In reply to comment #43) > I have found the bug. The problem is in sandbox-2.2/libsandbox/libsandbox.c in > function canonicalize() (line 174): > > if (NULL == erealpath(resolved_path, resolved_path)) { > > erealpath() does not behave well when it is called with the same memory > location in both arguments. I can see two solutions of the problem: > > 1. change canonicalize() so it allocates a temporary buffer, makes a copy of > resolved_path and calls erealpath() with different parameters > > 2. change erealpath() so it works well when both arguments are equal. It can be > done by commenting line 198 in sandbox-2.2/libsandbox/canonicalize.c, but I > don't know if it won't cause a bug in other conditions. > Probably commenting that line will create a problem. Maybe the solution of a temporary buffer should be implemented in erealpath() rather than in canonicalize()?
(In reply to comment #43) > I have found the bug. The problem is in sandbox-2.2/libsandbox/libsandbox.c in > function canonicalize() (line 174): > > if (NULL == erealpath(resolved_path, resolved_path)) { > > erealpath() does not behave well when it is called with the same memory > location in both arguments. I can see two solutions of the problem: > > 1. change canonicalize() so it allocates a temporary buffer, makes a copy of > resolved_path and calls erealpath() with different parameters > > 2. change erealpath() so it works well when both arguments are equal. It can be > done by commenting line 198 in sandbox-2.2/libsandbox/canonicalize.c, but I > don't know if it won't cause a bug in other conditions. > > Best regards, > Marek Wróbel > by commenting line 198 in sandbox-2.2/libsandbox/cononicalize.c it works to compile dev-libs/nss but it may make a new bug. Any comments vapier?
*bump*
Tried out xulrunner/firefox from mozilla overlay today, and xulrunner/nsinstall fails to create a directory. FEATURES="-sandbox" and it builds/install. @vapier what do you recommend? We have some comments about possible fixes. Do you want people to try any one of them out, or do you have something different in mind and just have not had the time implement it?
Created attachment 228663 [details, diff] patch for erealpath() in canonicalize.c I took a look on the code for both erealpath() and canonicalize() yesterday and implemented 2 different patches changing the respective functions. The patches are independant and may be used together but do work on their own. The first patch(this one) changes erealpath() to work when called with the same pointer in both args. Someone who have more insight into this function should take a look on it so it doesn't break anything else. The tests in sandbox didn't catch anything at least. The second patch changes canonicalize() by copying resolved_path into resolved_path_copy , so the args points to different addresses.
Created attachment 228665 [details, diff] patch for canonicalize() in libsandbox.c The second patch. Feel free to comment on them
(In reply to comment #50) > Created an attachment (id=228665) [details] > patch for canonicalize() in libsandbox.c > > The second patch. Feel free to comment on them > this patch does not apply cleanly against either sandbox-2.2 or sandbox-git (same result for both): sandbox $ cat ../sandbox-2.2_bug292050_alt2.patch | patch -p1 patching file libsandbox/libsandbox.c Hunk #1 FAILED at 170. Hunk #2 succeeded at 181 (offset 1 line). 1 out of 2 hunks FAILED -- saving rejects to file libsandbox/libsandbox.c.rej
Created attachment 228781 [details, diff] corrected patch for canonicalize() in libsandbox.c Recreated the second patch
@sandbox is any of the fixes okey?
Will commit the patch for canonicalize() in libsandbox.c this weekend if not sandbox have say anything.
no one really has commit privs to the sandbox git repo, so you couldnt add anything without going through sandbox@g.o ... at any rate ... ive pushed up a similar change that'll be in sandbox-2.3. cant get nss to crash on my hardened box anymore, so could people test it out and verify. http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commitdiff;h=4c1eee83e412298d5c3019f386540ce0af0badc7
*** Bug 335865 has been marked as a duplicate of this bug. ***
I still have compilation error with nss using sandbox-2.3-r1. I'm wondering why this bug is marked as closed if the fix isn't in mainline yet.
(In reply to comment #57) > I still have compilation error with nss using sandbox-2.3-r1. I'm wondering why > this bug is marked as closed if the fix isn't in mainline yet. > ok, sorry for the spam.. I retried compiling today and it seems to work fine now even though my sandbox didn't change.
(In reply to comment #58) > (In reply to comment #57) > > I still have compilation error with nss using sandbox-2.3-r1. I'm wondering why > > this bug is marked as closed if the fix isn't in mainline yet. > > > > ok, sorry for the spam.. I retried compiling today and it seems to work fine > now even though my sandbox didn't change. > How you did it? My compilation of nss-3.12.7 using sandbox-2.3-r1 failed same way as you described in #335865: LC_ALL="C" emerge -v1 =dev-libs/nss-3.12.7 ... rm -f Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/libdbm.a ar cr Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/libdbm.a Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/db.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/h_bigkey.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/h_func.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/h_log2.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/h_page.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/hash.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/hash_buf.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/mktemp.o Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/dirent.o ranlib Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/libdbm.a ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -t -m 664 Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/libdbm.a ../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/lib /usr/lib/libsandbox.so(+0x3972)[0x2b03bac36972] /usr/lib/libsandbox.so(+0x3a03)[0x2b03bac36a03] /usr/lib/libsandbox.so(+0xbdfc)[0x2b03bac3edfc] /usr/lib/libsandbox.so(+0x413c)[0x2b03bac3713c] /usr/lib/libsandbox.so(+0x749c)[0x2b03bac3a49c] /usr/lib/libsandbox.so(mkdir+0x37)[0x2b03bac3d807] ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x191c)[0x2b03ba80f91c] ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x19e0)[0x2b03ba80f9e0] ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(main+0x26e)[0x2b03ba80fc5e] /lib/libc.so.6(__libc_start_main+0xfd)[0x2b03bb082bfd] /proc/15686/cmdline: ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -t -m 664 Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/libdbm.a ../../dist/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ lib make[1]: *** [libs] Aborted make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/dbm/src' make: *** [libs] Error 2 emake failed * ERROR: dev-libs/nss-3.12.7 failed: * dbm make failed * * Call stack: * ebuild.sh, line 56: Called src_compile * environment, line 2674: Called die * The specific snippet of code: * emake -j1 CC="$(tc-getCC)" || die "dbm make failed"; * * If you need support, post the output of 'emerge --info =dev-libs/nss-3.12.7', * the complete build log and the output of 'emerge -pqv =dev-libs/nss-3.12.7'. * The complete build log is located at '/var/tmp/portage/dev-libs/nss-3.12.7/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/dev-libs/nss-3.12.7/temp/environment'. * S: '/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7'
When I reemerged sandbox-2.3-r1 using previous sandbox-2.3-r1, following emerge dev-libs/nss-3.12.7 passed mozilla/security/dbm/src without problems but failed on mozilla/security/nss/lib/pki. make[2]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/nss/lib/pki' /usr/lib/libsandbox.so(+0x3972)[0x2ba97f503972] /usr/lib/libsandbox.so(+0x3a03)[0x2ba97f503a03] /usr/lib/libsandbox.so(+0xbdfc)[0x2ba97f50bdfc] /usr/lib/libsandbox.so(+0x413c)[0x2ba97f50413c] /usr/lib/libsandbox.so(+0x749c)[0x2ba97f50749c] /usr/lib/libsandbox.so(mkdir+0x37)[0x2ba97f50a807] ../../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x191c)[0x2ba97f0dc91c] ../../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(main+0x26e)[0x2ba97f0dcc5e] /lib/libc.so.6(__libc_start_main+0xfd)[0x2ba97f94fbfd] ../../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x1739)[0x2ba97f0dc739] /proc/30208/cmdline: ../../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ /bin/sh: line 1: 30208 Aborted ../../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ make[2]: *** [Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/asymmkey.o] Error 134 make[2]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/nss/lib/pki' make[1]: *** [libs] Error 2 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/nss/lib' make: *** [libs] Error 2 emake failed new reemerge sandbox-2.3-r1 and dev-libs/nss-3.12.7 ended again with: make[1]: Entering directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/dbm/include' Creating ../../dist/public/dbm /usr/lib/libsandbox.so(+0x3972)[0x2b49dc9cd972] /usr/lib/libsandbox.so(+0x3a03)[0x2b49dc9cda03] /usr/lib/libsandbox.so(+0xbdfc)[0x2b49dc9d5dfc] /usr/lib/libsandbox.so(+0x413c)[0x2b49dc9ce13c] /usr/lib/libsandbox.so(+0x749c)[0x2b49dc9d149c] /usr/lib/libsandbox.so(mkdir+0x37)[0x2b49dc9d4807] ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x191c)[0x2b49dc5a691c] ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall(+0x19e0)[0x2b49dc5a69e0] /proc/9606/cmdline: ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D ../../dist public dbm /bin/sh: line 3: 9606 Aborted ../../coreconf/nsinstall/Linux2.6_x86_64_x86_64-pc-linux-gnu-gcc_glibc_PTH_64_OPT.OBJ/nsinstall -D ../../dist/public/dbm make[1]: *** [../../dist/public/dbm] Error 134 make[1]: Leaving directory `/var/tmp/portage/dev-libs/nss-3.12.7/work/nss-3.12.7/mozilla/security/dbm/include' make: *** [export] Error 2 emake failed I repeated previous reemerge twice and in both cases it failed in mozilla/security/dbm/include Any idea?
Hi Guys! I've the same problem and I don't understand if the sandbox-2.3-r1 should resolve this question. In my environment with sys-apps/sandbox-2.3-r1 and trying to build dev-libs/nss-3.12.7 I have the same problem. Please can you tell me how to use the dev overlay. Thanks Alex
(In reply to comment #61) > Hi Guys! > I've the same problem and I don't understand if the sandbox-2.3-r1 should > resolve this question. > In my environment with sys-apps/sandbox-2.3-r1 and trying to build > dev-libs/nss-3.12.7 I have the same problem. > > Please can you tell me how to use the dev overlay. > Thanks > Alex > You should not use the dev overlay. All hardened work is being done in the tree.
Oky. But with the default portage tree I have this problem with sandbox; so if you have another way to resolve it please suggest me.
On two of my computers (x86 hardened and amd64 hardened), I appear to have the bug described (except with sys-apps/sandbox-2.3-r1). I'm not using the dev overlay. I can't build dev-libs/nss-3.12.8. (BTW, bug 339157 appears to be a duplicate of this bug, except with sys-apps/sandbox-2.3-r1.) This bug is reliably reproducible for me: 1. emerge --sync 2. emerge -1v dev-libs/nss or 2. emerge -avuDN world I tried rebuilding sandbox, but that didn't help. I'm trying emerge -e system as suggested below, now. There appears to be a patch that fixes the problem in bug 339157, but I haven't tried it yet. In case it helps, here's my "emerge --info =dev-libs/nss-3.12.8" for both my x86 and amd64 machines: Portage 2.1.8.3 (hardened/linux/x86/10.0, gcc-4.4.4, glibc-2.11.2-r2, 2.6.35-gentoo-r4-2010Sep01 i686) ================================================================= System Settings ================================================================= System uname: Linux-2.6.35-gentoo-r4-2010Sep01-i686-Intel-R-_Pentium-R-_M_processor_1.73GHz-with-gentoo-1.12.13 Timestamp of tree: Sun, 31 Oct 2010 03:45:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 4.1_p7 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r3, 3.1.2-r4 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 2.3-r1 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.4.4-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="* -@EULA @BINARY-REDISTRIBUTABLE AdobeFlash-10.1 dlj-1.1 PUEL" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=pentium-m -O2 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=pentium-m -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests ccache distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://www.gtlib.gatech.edu/pub/gentoo http://gentoo.mirrors.pair.com/ http://gentoo.netnitco.net http://open-systems.ufl.edu/mirrors/gentoo http://gentoo.mirrors.tds.net/gentoo ftp://mirror.datapipe.net/gentoo http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en_US en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi alsa bash-completion berkdb bluetooth bzip2 cairo caps cdparanoia cjk cli consolekit cracklib crypt cups cxx dbus dell divx dri dts dvb dvd eap-tls emacs encode exif fbcon ffmpeg flac ftp gd gdbm gif gmedia gnutls gpm gstreamer gtk hal hardened iconv ipv6 java javascript jpeg jpeg2k laptop latex libcaca logrotate lzo mad mailwrapper matroska mbrola mmx mmxext modules mp3 mpeg mudflap ncurses nls nptl nptlonly ogg openal opengl openmp pam pcmcia pcre pdf perl pic png ppds pppd prediction preview-latex python qt3support qt4 quicktime readline samba scanner sdl session socks5 sound spell sse sse2 ssl svg sysfs tcpd theora threads tiff tk truetype unicode urandom usb v4l v4l2 vcd vlm vorbis wifi win32codecs wmf wmp wxwindows x86 xinerama xml xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_US en" PHP_TARGETS="php5-2" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS Portage 2.1.8.3 (hardened/linux/amd64/10.0, gcc-4.4.4, glibc-2.11.2-r3, 2.6.34-gentoo-r12-2010Oct22 x86_64) ================================================================= System Settings ================================================================= System uname: Linux-2.6.34-gentoo-r12-2010Oct22-x86_64-Intel-R-_Core-TM-2_Duo_CPU_U9400_@_1.40GHz-with-gentoo-1.12.13 Timestamp of tree: Wed, 03 Nov 2010 02:45:02 +0000 app-shells/bash: 4.1_p7 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r3, 3.1.2-r4 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 2.3-r1 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.4.4-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA @BINARY-REDISTRIBUTABLE AdobeFlash-10.1 PUEL" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -O2 -pipe -msse4.1" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=core2 -O2 -pipe -msse4.1" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://gentoo.netnitco.net http://gentoo.mirrors.tds.net/gentoo http://mirror.csclub.uwaterloo.ca/gentoo-distfiles/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en_US en" MAKEOPTS="--jobs=4 --load-average=2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/var/lib/layman/benf" SYNC="rsync://rsync.us.gentoo.org/gentoo-portage" USE="X acl alsa amd64 berkdb bzip2 cairo caps cjk cli consolekit cracklib crypt cups cxx dbus dri dvd exif ffmpeg gdbm gnutls gpm hal hardened iconv jpeg justify laptop mmx modules mp3 mudflap multilib ncurses nls nptl nptlonly opengl openmp pam pcre perl pic png ppds pppd python readline sdl session spell sse sse2 ssl ssse3 sysfs system-sqlite tcpd threads truetype unicode urandom v4l2 xorg xv xvmc zlib" ALSA_CARDS="hda-intel usb-audio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LINGUAS="en_US en" PHP_TARGETS="php5-2" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 253007 [details] build log for dev-libs/nss-3.12.8 Attached is the build log for dev-libs/nss-3.12.8 on amd64 hardened.
Created attachment 253009 [details] build log for dev-libs/nss-3.12.8 Sorry, my previous attachment (id=253007) appears to have been the wrong file. This should be the actual build log on my amd64 hardened machine
I am experiencing this as well: - attempting to emerge nss-3.12.8 - sandbox-2.3-r1 installed - hardened - CHOST="i686-pc-linux-gnu"
Tom, While we wait for the sandbox maintainers to fix this, take a look at bug 339157. There's a patch and an ebuild there that appears to have fixed the problem for me.
The patch from bug 339157 solve the issue for me too.
