Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 635070 - dev-java/oracle-jdk-bin-1.8.0.152, dev-java/oracle-jre-bin-1.8.0.152: fails to install with USE=jce
Summary: dev-java/oracle-jdk-bin-1.8.0.152, dev-java/oracle-jre-bin-1.8.0.152: fails t...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All All
: Normal normal with 1 vote (vote)
Assignee: Java team
URL: http://www.oracle.com/technetwork/jav...
Whiteboard:
Keywords:
Depends on:
Blocks: CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
  Show dependency tree
 
Reported: 2017-10-22 15:14 UTC by gentoo_bugzilla
Modified: 2017-10-23 20:12 UTC (History)
10 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Use unlimited jce distributed with jre (jce.patch,2.82 KB, patch)
2017-10-23 08:32 UTC, Michael Uleysky 		Details | Diff
Use unlimited jce distributed with jre (with correct symlinks) (jce-correctpaths.patch,2.85 KB, patch)
2017-10-23 09:12 UTC, Michael Uleysky 		Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description gentoo_bugzilla 2017-10-22 15:14:08 UTC 
According to release notes on http://www.oracle.com/technetwork/java/javase/8u152-relnotes-3850503.html (first new feature) JCE files are no longer needed.

Reproducible: Always

Steps to Reproduce:
1. emerge dev-java/oracle-jdk-bin-1.8.0.152 with USE=jce
Actual Results:  
Emerge fails on mv: cannot stat '/var/tmp/portage/dev-java/oracle-jdk-bin-1.8.0.152/image/opt/oracle-jdk-bin-1.8.0.152/jre/lib/security/US_export_policy.jar': No such file or directory

Expected Results:  
crypto.policy property in <java-home>/lib/security should be set if this flag is enabled

Direct link to JDK corresponding issue in release notes is http://bugs.java.com/view_bug.do?bug_id=JDK-8157561 but at the time of writing it is dead, so URL is set to whole release notes.
Comment 1 Guido Jäkel 2017-10-23 07:09:39 UTC 
To my analysis, the mv will fail because there are no  *.jar  in  jre/lib/security/  in the source tarball, anymore.

To fix for the moment, I just disabled the check.

--- oracle-jdk-bin-1.8.0.152.ebuild.20171023-085334     2017-10-23 08:53:34.000000000 +0200
+++ oracle-jdk-bin-1.8.0.152.ebuild     2017-10-23 09:02:41.618526000 +0200
@@ -254,9 +254,9 @@
        if use jce ; then
                dodir "${dest}"/jre/lib/security/strong-jce
                mv "${ddest}"/jre/lib/security/US_export_policy.jar \
-                       "${ddest}"/jre/lib/security/strong-jce || die
+                       "${ddest}"/jre/lib/security/strong-jce # || die
                mv "${ddest}"/jre/lib/security/local_policy.jar \
-                       "${ddest}"/jre/lib/security/strong-jce || die
+                       "${ddest}"/jre/lib/security/strong-jce # || die
                dosym "${dest}"/jre/lib/security/${JCE_DIR}/US_export_policy.jar \
                        "${dest}"/jre/lib/security/US_export_policy.jar
                dosym "${dest}"/jre/lib/security/${JCE_DIR}/local_policy.jar \
Comment 2 Michael Uleysky 2017-10-23 08:32:22 UTC 
Created attachment 499742 [details, diff]
Use unlimited jce distributed with jre
Comment 3 Michael Uleysky 2017-10-23 08:33:03 UTC 
Now Unlimited Strength JCE Policy Files are distributed within jre itself, no need for jce_policy-8.zip file. So, I patch ebuild to not download and unpack jce_policy-8.zip, but just make correct symlinks.
Comment 4 Guido Jäkel 2017-10-23 08:44:12 UTC 
(In reply to Michael Uleysky from comment #3)
> Now Unlimited Strength JCE Policy Files are distributed within jre itself,
> no need for jce_policy-8.zip file.

Even better ...
Comment 5 Michael Uleysky 2017-10-23 09:12:07 UTC 
Created attachment 499744 [details, diff]
Use unlimited jce distributed with jre (with correct symlinks)

Sorry, paths for symlinks were incorrect, fix.
Comment 6 James Le Cuirot gentoo-dev 2017-10-23 10:42:53 UTC 
Thanks for the patch, that helps. I have come up with a simpler one-line solution to replace the dosym lines.

I have fixed this for oracle-jdk-bin. Unfortunately I can only test on arm until tonight and we don't support that arch for oracle-jre-bin. Please be patient.
Comment 7 James Le Cuirot gentoo-dev 2017-10-23 20:12:52 UTC 
This is now fixed in oracle-jre-bin too. Sorry for the inconvenience.