Hello, When emerging quagga (tried with kernels >=3.2), it fails with the following error: ============================================================= ============================================================= [...] x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/etc/quagga/\" -DMULTIPATH_NUM=0 -I. -I.. -I.. -I.. -I../lib -O2 -mtune=athlon64 -pipe -fno-strict-aliasing -c irdp_packet.c x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/etc/quagga/\" -DMULTIPATH_NUM=0 -I. -I.. -I.. -I.. -I../lib -O2 -mtune=athlon64 -pipe -fno-strict-aliasing -c router-id.c x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/etc/quagga/\" -DMULTIPATH_NUM=0 -I. -I.. -I.. -I.. -I../lib -O2 -mtune=athlon64 -pipe -fno-strict-aliasing -c ioctl.c x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/etc/quagga/\" -DMULTIPATH_NUM=0 -I. -I.. -I.. -I.. -I../lib -O2 -mtune=athlon64 -pipe -fno-strict-aliasing -c ipforward_sysctl.c x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/etc/quagga/\" -DMULTIPATH_NUM=0 -I. -I.. -I.. -I.. -I../lib -O2 -mtune=athlon64 -pipe -fno-strict-aliasing -c if_netlink.c ipforward_sysctl.c:42:3: error: 'IPCTL_FORWARDING' undeclared here (not in a function) make[2]: *** [ipforward_sysctl.o] Error 1 make[2]: *** Waiting for unfinished jobs.... make[2]: Leaving directory `/var/portfiles/portage_tmp/portage/net-misc/quagga-0.99.20-r1/work/quagga-0.99.20/zebra' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/portfiles/portage_tmp/portage/net-misc/quagga-0.99.20-r1/work/quagga-0.99.20' make: *** [all] Error 2 * ERROR: net-misc/quagga-0.99.20-r1 failed (compile phase): * emake failed [...] ============================================================= ============================================================= I've found the fix here (according to them, "recent kernels" means >=2.6.14): http://repository.timesys.com/buildsources/q/quagga/quagga-0.99.18/quagga-0.99.18-ipctl_forwarding.patch ============================================================= ============================================================= diff -Naur quagga-0.99.18.orig/zebra/ipforward_sysctl.c quagga-0.99.18/zebra/ipforward_sysctl.c --- quagga-0.99.18.orig/zebra/ipforward_sysctl.c 2011-04-13 11:58:40.000000000 -0400 +++ quagga-0.99.18/zebra/ipforward_sysctl.c 2011-04-13 11:58:51.000000000 -0400 @@ -31,6 +31,15 @@ #define MIB_SIZ 4 +/* Fix for recent (2.6.14) kernel headers */ +#ifndef IPCTL_FORWARDING + #define IPCTL_FORWARDING NET_IPV4_FORWARD +#endif + +#ifndef IP6CTL_FORWARDING + #define IP6CTL_FORWARDING NET_IPV6_FORWARDING +#endif + extern struct zebra_privs_t zserv_privs; /* IPv4 forwarding control MIB. */ ============================================================= ============================================================= PS: sorry for the horrible formatting...
Portage 2.1.11.20 (hardened/linux/amd64, gcc-4.6.3, glibc-2.15-r2, 3.4.4-hardened-r1 x86_64) ================================================================= System uname: Linux-3.4.4-hardened-r1-x86_64-Intel-R-_Xeon-TM-_MP_CPU_3.16GHz-with-gentoo-2.2 Timestamp of tree: Tue, 25 Sep 2012 00:00:01 +0000 app-shells/bash: 4.2_p37 dev-lang/python: 2.6.8, 2.7.3-r2, 3.1.5, 3.2.3-r1 dev-util/cmake: 2.8.9 dev-util/pkgconfig: 0.27.1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.10.5 sys-apps/sandbox: 2.6 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.11.3, 1.12.4 sys-devel/binutils: 2.22.90 sys-devel/gcc: 4.5.3-r2, 4.6.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r3 sys-kernel/linux-headers: 3.5 (virtual/os-headers) sys-libs/glibc: 2.15-r2 Repositories: gentoo x-overlay ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -mtune=nocona -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /usr/share/openvpn/easy-rsa" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -mtune=nocona -pipe" DISTDIR="/var/portfiles/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps=y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs buildpkg config-protect-if-modified distlocks ebuild-locks fixlafiles news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="ftp://ftp.lug.ro/gentoo ftp://ftp.roedu.net/pub/mirrors/gentoo.org http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en ro" MAKEOPTS="-j4" PKGDIR="/var/portfiles/packages_x86_64_h" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/portfiles/portage_tmp" PORTDIR="/var/portfiles/portage_tree" PORTDIR_OVERLAY="/var/portfiles/overlay" SYNC="rsync://10.7.0.101/portage-tree/" USE="acl acpi amd64 apache2 bash-completion bzip2 caps cgi cli consolekit cracklib crypt cups cxx dri fontconfig ftp gcc gcj gdbm gpm hal hardened howl iconv imap innodb iproute2 jpeg justify logrotate lzma lzo mmx modules mudflap multilib mysql mysqli ncurses nls nptl nptlonly openmp openssl pam pam-mysql pax_kernel pcre perl policykit pppd python python2 python3 readline session snmp sockets sse sse2 sshd ssl tcl tcpd threads tiff tk truetype unicode urandom usb vhosts xml zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en ro" PHP_TARGETS="php5-3 php5-4" PYTHON_TARGETS="python3_2 python2_7" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, USE_PYTHON
Hm, i can not confirm this. pinkbyte@oas1 ~ $ uname -a Linux oas1 3.5.6-gentoo-JING #1 SMP PREEMPT Thu Oct 25 11:06:51 MSK 2012 x86_64 Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz GenuineIntel GNU/Linux pinkbyte@oas1 ~ $ eix quagga -Ic [I] net-misc/quagga (0.99.20-r1@15.06.2012): A free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Build and work fine, also i have almost same configuration on dozen PC routers and never seemed such problem.
Very recently, I've set up 2 gentoo servers (amd64 and nocona), both 64bit, with that configuration and both fail with that error. After applying that patch, all was well.
(In reply to comment #3) > Very recently, I've set up 2 gentoo servers (amd64 and nocona), both > 64bit, with that configuration and both fail with that error. After > applying that patch, all was well. PS: have you tried and COMPILE quagga? Or you're just using it?
(In reply to comment #4) > PS: have you tried and COMPILE quagga? Or you're just using it? I have successfully compiled quagga in chroot and on normal system, amd64, both with all of software, that you provided with 'emerge --info'. Unless you can provide me any additional info about your problem - it may be problem in your local configuration, so i close this as WORKSFORME. Reopen this ONLY if you can provide additional info. You can also sent this bug to upstream quagga developers and put link here - then we will reopen this and will wait resolution from them.
I have identified the cause of this problem - at least on my systems (where it built on some systems and not on others). The 'problem' caused by the grsec restrictions in the hardened system. On the failing systems, the 'grsecurity proc Restrictions' were enabled with an override for group 10 (wheel). After adding user portage to the wheel group, quagga built OK.
This seems to work.
Reopening, cause i hit this problem too on some(but not all) of my hardened systems
+ 31 Oct 2013; Sergey Popov <pinkbyte@gentoo.org> quagga-0.99.22.4.ebuild, + +files/quagga-0.99.22.4-ipctl-forwarding.patch: + Fix for missing definitions on some hardened configuration, bug #437292. + Thanks to Graham Murray <gmurray AT webwayone.co.uk> for pointing on reasons + of this issue Build-time only issue, so - no revbump
