Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 55489 - iptables-1.2.9-r3 ebuild fails to compile but still 'installs"
Summary: iptables-1.2.9-r3 ebuild fails to compile but still 'installs"
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Unspecified (show other bugs)
Hardware: x86 Linux
: High blocker (vote)
Assignee: Daniel Ahlberg (RETIRED)
URL:
Whiteboard:
Keywords:
: 55632 (view as bug list)
Depends on: 55501
Blocks:
  Show dependency tree
 
Reported: 2004-06-28 19:08 UTC by Alexandre Gauthier
Modified: 2004-07-04 04:41 UTC (History)
8 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
patch against gentoo-dev-sources-2.6.7-r6 (08_linux-2.6.7-user_attr.patch,2.52 KB, patch)
2004-06-28 22:24 UTC, Alin Năstac (RETIRED)
Details | Diff
Patch against iptables-1.2.9-r3.ebuild to use "|| die" (iptables-1.2.9-r3-die.patch,598 bytes, patch)
2004-06-29 06:19 UTC, Henrik Brix Andersen
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandre Gauthier 2004-06-28 19:08:29 UTC
iptables-1.2.9-r3 ebuild fails to compile with the following errors:

gcc -O3 -march=athlon-tbird -mcpu=athlon-tbird -pipe -fomit-frame-pointer -fno-stack-protector -Iinclude -Wall -Wunused -I/usr/src/linux/include  -DIPTABLES_VERSION=\"1.2.9\"  -fPIC -o extensions/libipt_recent_sh.o -c extensions/libipt_recent.c
In file included from include/libiptc/libiptc.h:6,
                 from include/iptables.h:5,
                 from extensions/libipt_recent.c:8:
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: warning: no semicolon at end of struct or union
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: error: syntax error before '*' token
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:259: error: syntax error before '}' token
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: type defaults to `int' in declaration of `DECLARE_MUTEX'
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: parameter names (without types) in function declaration
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: `DECLARE_MUTEX' declared `static' but never defined
make: *** [extensions/libipt_recent_sh.o] Error 1
gcc -O3 -march=athlon-tbird -mcpu=athlon-tbird -pipe -fomit-frame-pointer -fno-stack-protector -Iinclude -Wall -Wunused -I/usr/src/linux/include  -DIPTABLES_VERSION=\"1.2.9\"  -fPIC -o extensions/libipt_recent_sh.o -c extensions/libipt_recent.c
In file included from include/libiptc/libiptc.h:6,
                 from include/iptables.h:5,
                 from extensions/libipt_recent.c:8:
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: warning: no semicolon at end of struct or union
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:255: error: syntax error before '*' token
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:259: error: syntax error before '}' token
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: type defaults to `int' in declaration of `DECLARE_MUTEX'
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: parameter names (without types) in function declaration
/usr/src/linux/include/linux/netfilter_ipv4/ip_tables.h:339: warning: `DECLARE_MUTEX' declared `static' but never defined
make: *** [extensions/libipt_recent_sh.o] Error 1


However, it still keeps on the emerge process and strips and installs whatever it seems to have at the moment. The previous version of iptables was unmerged following this and this results in no firewall running on my server now.

Reproducible: Always
Steps to Reproduce:
1.emerge -va iptables
2.wait
3.realize that /sbin/iptables is missing, re-emerge and pay more attention.
Actual Results:  
I was left without /sbin/iptables since the program was not built. However, the portage process did not 
stop even though make returned an error.

Expected Results:  
Not necessarily have compiled correctly, but portage should have stopped when make returned 1.

Portage 2.0.50-r8 (default-x86-2004.0, gcc-3.3.3, glibc-2.3.3.20040420-r0, 2.6.7-gentoo-r6)
===============================================================
==
System uname: 2.6.7-gentoo-r6 i686 AMD Athlon(tm) Processor
Gentoo Base System version 1.4.16
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.3
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -march=athlon-tbird -mcpu=athlon-tbird -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/
qmail/alias /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -march=athlon-tbird -mcpu=athlon-tbird -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox strict userpriv usersandbox"
GENTOO_MIRRORS="ftp:///ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://mirror.datapipe.net/
gentoo http://mirror.datapipe.net/gentoo ftp://mirrors.sec.informatik.tu-darmstadt.de/gentoo/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl apm arts avi berkdb crypt encode foomaticdb gd gdbm gif gpm gtk2 imap imlib jpeg jpg 
libg++ libwww mad mikmod motif mpeg mysql ncurses nls oggvorbis opengl oss pam pdf pdflib perl 
png python quicktime readline sdl slang spell ssl svga tcpd truetype x86 xml2 xmms xv zlib"
Comment 1 Alin Năstac (RETIRED) gentoo-dev 2004-06-28 22:24:09 UTC
Created attachment 34384 [details, diff]
patch against gentoo-dev-sources-2.6.7-r6

I've attached a kernel patch that solve the problem.
I will pass this patch to gentoo-dev-sources maintainer for a future fix.
Comment 2 Carolina Feher 2004-06-29 00:33:44 UTC
This fix was posted on the forums and it works for me.

"Fix for 2.6.7-gentoo-r6:

copy over ip_tables.h from /usr/include to /usr/src..

cp /usr/include/linux/netfilter_ipv4/ip_tables.h \
/usr/src/linux/include/linux/netfilter_ipv4/

If you use ipv6, you must copy the netfilter_ipv6/ip6_tables.h to usr/src..foo/netfilter_ipv6/ as well.

And I guess for arp_tables works the same. I'm not using ARP tables."

http://forums.gentoo.org/viewtopic.php?t=186688
Comment 3 John Earl 2004-06-29 00:47:30 UTC
It's still very bad that the ebuild carries on to install despite the fact that make install fails. Wouldn't it be better to make install || die?
Comment 4 Mr. Bones. (RETIRED) gentoo-dev 2004-06-29 03:05:26 UTC
*** Bug 55516 has been marked as a duplicate of this bug. ***
Comment 5 Henrik Brix Andersen 2004-06-29 04:23:49 UTC
net-firewall/iptables-1.2.9-r3 was just marked x86 - even though this problem still exists.
Comment 6 Chris Russell (RETIRED) gentoo-dev 2004-06-29 05:47:29 UTC
ditto here, copying /usr/include/linux/netfilter_ipv4/ip_tables.h into /usr/src/linux/include/linux/netfilter_ipv4/ let all the binary stuff build

running gentoo-dev-sources-2.6.7-r6 here as well.
Comment 7 Henrik Brix Andersen 2004-06-29 06:01:55 UTC
Only kernel 2.6.7 seems to be affected. 'ln -sf /usr/src/linux-2.6.6 /usr/src/linux' did the trick for me.

May I suggest, as a quick fix, to at least use 'make ... || die' all over the place?
Comment 8 Henrik Brix Andersen 2004-06-29 06:19:39 UTC
Created attachment 34413 [details, diff]
Patch against iptables-1.2.9-r3.ebuild to use "|| die"
Comment 9 Evgeny Stambulchik 2004-06-29 07:35:40 UTC
Same here on amd64.
Comment 10 opello@opello.org 2004-06-29 14:48:28 UTC
copying the file:
cp /usr/include/linux/netfilter_ipv4/ip_tables.h /usr/src/linux/include/linux/netfilter_ipv4/
worked for me
Comment 11 Alexandre Gauthier 2004-06-29 14:51:41 UTC
The kernel patch worked like a charm on my end. Applied cleanly as well.
What bugged me the most was not the fact that iptables did not run, but that the ebuilt did not die; at this point.
Comment 12 Mr. Bones. (RETIRED) gentoo-dev 2004-06-29 19:20:10 UTC
*** Bug 55632 has been marked as a duplicate of this bug. ***
Comment 13 Toralf Förster gentoo-dev 2004-06-30 14:14:40 UTC
"|| die"
did not stop "installing" iptables-1.2.9-r3 without the binary /sbin/iptables with kernel sources 2.6.7.
I linked /usr/src/linux against linux-2.6.6 and now compilation and install of binaries works fine.
Comment 14 Pavel Vondricka 2004-07-02 05:47:44 UTC
It is enough to just remove the /usr/src/linux link and iptables do compile well against kernel headers in /usr/include/... instead.
Comment 15 Daniel Ahlberg (RETIRED) gentoo-dev 2004-07-04 04:41:40 UTC
Please try iptables-1.2.9-r4