When building policy module packages with a high parallelism, the builds break down: >>> Compiling source in /var/tmp/portage/sec-policy/selinux-xserver-9999/work ... make -j9 NAME=mcs -C /var/tmp/portage/sec-policy/selinux-xserver-9999/work//mcs make: Entering directory '/var/tmp/portage/sec-policy/selinux-xserver-9999/work/mcs' /bin/sh: tmp/xserver.mod.fc: No such file or directory /usr/share/selinux/mcs/include/Makefile:161: recipe for target 'tmp/xserver.mod.fc' failed make: *** [tmp/xserver.mod.fc] Error 1 make: *** Waiting for unfinished jobs.... make: Leaving directory '/var/tmp/portage/sec-policy/selinux-xserver-9999/work/mcs' Both selinux-base-policy as well as individual module builds (governed through selinux eclass) fail if the build do not use "-j1" Until this is fixed, we will force -j1 where necessary. Reproducible: Always
Created attachment 390108 [details] selinux-xserver-9999 failure when not using -j1
Created attachment 390110 [details] selinux-base-policy-9999 when not using -j1
It seems that the Makefile is not creating tmp/ before creating tmp/xserver.mod.fc. By reading the Makefile, I found that other targets were running "@test -d $(@D) || mkdir -p $(@D)" but not tmp/%.mod.fc. This is explaining why the parallel build fails but not the sequential one. Here is the patch I sent to upstream to fix this bug: http://oss.tresys.com/pipermail/refpolicy/2014-November/007468.html . Could you please test it and report whether other issues exist when building in parallel mode?
I can confirm that adding: mkdir -p "${S}"/${i}/tmp right before the emake in both the eclass and selinux-base-policy, makes the parallel build work fine. I probably will not add it to the ebuilds yet tho, its easier to just wait for upstream to apply nicolas' patch. I also went through the build steps carefully to make sure that the .fc file created does not have any dep on the all_interfaces.conf which is the rule that creates the tmp/ dir in sequential build.
I have removed the -j1 in the -9999 ebuilds for selinux-base{,-policy} so it will trickle down as we bump. For the eclass I am committing: RCS file: /var/cvsroot/gentoo-x86/eclass/selinux-policy-2.eclass,v retrieving revision 1.28 diff -u -B -r1.28 selinux-policy-2.eclass --- selinux-policy-2.eclass 14 Nov 2014 19:46:05 -0000 1.28 +++ selinux-policy-2.eclass 5 Dec 2014 09:12:49 -0000 @@ -232,8 +233,12 @@ for i in ${POLICY_TYPES}; do # Support USE flags in builds export M4PARAM="${makeuse}" - # Parallel builds are broken, so we need to force -j1 here - emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" + if [[ ${BASEPOL} == 2.20140311* ]]; then + # Parallel builds are broken in 2.20140311-r7 and earlier, bug 530178 + emake -j1 NAME=$i -C "${S}"/${i} || die "${i} compile failed" + else + emake NAME=$i -C "${S}"/${i} || die "${i} compile failed" + fi done }
The r1 release is now stable, which contains the fixes as well.