Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 714158 - sys-apps/apparmor-2.13.4 -> ? fails at runtime if built with sys-devel/make-4.3
Summary: sys-apps/apparmor-2.13.4 -> ? fails at runtime if built with sys-devel/make-4.3
Status: UNCONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Michael Palimaka (kensington)
URL: https://gitlab.com/apparmor/apparmor/...
Whiteboard:
Keywords:
: 727154 (view as bug list)
Depends on:
Blocks:
 
Reported: 2020-03-24 10:51 UTC by Aidan Harris
Modified: 2020-07-24 17:41 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
diff of the modified ebuild (aa-2.13.4.diff,731 bytes, patch)
2020-07-24 17:41 UTC, Jason Chan
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Aidan Harris 2020-03-24 10:51:11 UTC
Apparmor parsers fails due to broken capability detection. When restarting apparmor several profiles fail to load with messages like "Invalid capability net_bind_service".

Reproducible: Always

Steps to Reproduce:
1. emerge -av1 "~sys-devel/make-4.3"
2. emerge -av1 "~sys-apps/apparmor-2.13.4" "~sys-libs/libapparmor-2.13.4" "~sys-apps/apparmor-utils-2.13.4"
3. rc-service apparmor -v --nodeps restart
4. Observe several apparmor profiles fail to load
5. Downgrade make: emerge -av1 "<sys-devel/make-4.3"
6. Re-build apparmor: emerge -av1 "~sys-apps/apparmor-2.13.4" "~sys-libs/libapparmor-2.13.4" "~sys-apps/apparmor-utils-2.13.4"
7. Restart apparmor services again (this time profiles will load correctly): rc-service apparmor -v --nodeps restart
Comment 2 reagentoo 2020-04-13 15:56:33 UTC
@kensington https://github.com/gentoo/gentoo/pull/15037
Comment 3 Michael Palimaka (kensington) gentoo-dev 2020-04-14 12:21:11 UTC
(In reply to reagentoo from comment #2)
> @kensington https://github.com/gentoo/gentoo/pull/15037

The patch here looks quite different to the one noted in comment #1. I'm running stable so I can't test to see what the difference is. Any advice?
Comment 4 reagentoo 2020-04-17 13:58:36 UTC
(In reply to Michael Palimaka (kensington) from comment #3)
> (In reply to reagentoo from comment #2)
> > @kensington https://github.com/gentoo/gentoo/pull/15037
> 
> The patch here looks quite different to the one noted in comment #1. I'm
> running stable so I can't test to see what the difference is. Any advice?

https://i.imgur.com/NlZkZ3T.png
Comment 5 reagentoo 2020-04-17 14:04:52 UTC
Advice - to accept PR or wait 5-10 month the next release. Obviosly.
Comment 6 Michael Palimaka (kensington) gentoo-dev 2020-06-16 10:33:03 UTC
*** Bug 727154 has been marked as a duplicate of this bug. ***
Comment 8 Jason Chan 2020-07-24 17:41:59 UTC
Created attachment 650600 [details, diff]
diff of the modified ebuild

I've modified the ebuild to only patch common/Make.rules if ">=sys-devel/make-4.3" is installed. I pushed it here: https://github.com/jiblime/gentoo/commit/81b54f83af7144eff67766532eac0d267ec54209

Would this be the best interim solution until upstream makes a release?