* Re: [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...
@ 2020-08-01 9:36 ` Dmitry V. Levin
2020-08-03 11:32 ` Aleksei Nikiforov
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Dmitry V. Levin @ 2020-08-01 9:36 UTC (permalink / raw)
To: ALT Devel discussion list; +Cc: Aleksei Nikiforov
On Fri, Jul 31, 2020 at 10:39:12AM +0000, Girar Builder pender robot wrote:
> http://git.altlinux.org/tasks/archive/done/_249/255600/logs/events.1.2.log
>
> 2020-Jul-31 10:22:30 :: task #255600 for sisyphus started by darktemplar:
> #100 build 3.1-alt1 from /people/darktemplar/packages/libsepol.git fetched at 2020-Jul-31 09:39:20
> #200 build 3.1-alt1 from /people/darktemplar/packages/libselinux.git fetched at 2020-Jul-31 09:39:33
> #300 build 3.1-alt1 from /people/darktemplar/packages/checkpolicy.git fetched at 2020-Jul-31 09:39:51
> #400 build 3.1-alt1 from /people/darktemplar/packages/libsemanage.git fetched at 2020-Jul-31 09:39:54
> #500 build 3.1-alt1 from /people/darktemplar/packages/policycoreutils.git fetched at 2020-Jul-31 09:42:13
У нас в результате этого обновления ожидаемо появились сборочные
регрессии, в том числе по недавно обновлённым пакетам, в которых
ещё нет апстримных фиксов.
Теперь просьба отрецензировать https://github.com/linux-pam/linux-pam/pull/258
и помочь с восстановлением собираемости остальных пострадавших пакетов.
----- Forwarded message from ALT beekeeper -----
crtools-3.14-alt1
criu/lsm.c: In function 'selinux_get_label':
criu/lsm.c:67:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
67 | security_context_t ctx;
cc1: all warnings being treated as errors
make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/lsm.o]
Error 1
--
criu/net.c: In function 'prep_ns_sockets':
criu/net.c:2936:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
2936 | security_context_t ctx;
cc1: all warnings being treated as errors
make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/net.o]
Error 1
cups-2.3.1-alt1
95 | security_context_t scon; /* Security context of job */
ipp.c:38:10: fatal error: selinux/flask.h: No such file or directory
38 | #include <selinux/flask.h>
ipsec-tools-0.8.2-alt2
x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec -D_GNU_SOURCE
-include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -I./src/include-glibc
-I../../src/racoon/missing -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h
-I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/etc/racoon\"
-DADMINPORTDIR=\"/var/lib/racoon\" -fPIE -pipe -frecord-gcc-switches -Wall -g -O2 -Wall
-Wno-unused -Wno-strict-aliasing -c -o security.o security.c
security.c:41:10: fatal error: selinux/flask.h: No such file or directory
41 | #include <selinux/flask.h>
linux-pam-1.4.0-alt1
libtool: compile: x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../libpam/include
-I../../libpamc/include -DSECURECONF_DIR=\"/etc/security/\" -W -Wbad-function-cast
-Wcast-align -Wcast-qual -Wmissing-declarations -Wmissing-prototypes -Wpointer-arith
-Wreturn-type -Wstrict-prototypes -Wwrite-strings -Winline -Wshadow -Werror -pipe
-frecord-gcc-switches -Wall -g -O2 -c pam_namespace.c -fPIC -DPIC -o .libs/pam_namespace.o
pam_namespace.c:800:3: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
800 | security_context_t *i_context, security_context_t *origcon,
pam_namespace.c:800:3: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
pam_namespace.c: In function 'form_context':
pam_namespace.c:804:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
804 | security_context_t scon = NULL;
pam_namespace.c: At top level:
pam_namespace.c:913:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
913 | security_context_t *i_context, security_context_t *origcon,
pam_namespace.c:913:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
pam_namespace.c: In function 'poly_name':
pam_namespace.c:924:5: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
924 | security_context_t rawcon = NULL;
pam_namespace.c: In function 'create_polydir':
pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
1321 | security_context_t dircon, oldcon = NULL;
pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
pam_namespace.c:1335:9: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
[-Werror=deprecated-declarations]
1335 | rc = matchpathcon(dir, S_IFDIR, &dircon);
--
500 | extern int matchpathcon(const char *path,
pam_namespace.c:1348:9: error: 'matchpathcon_fini' is deprecated: Use selabel_close
[-Werror=deprecated-declarations]
1348 | matchpathcon_fini();
pam_mktemp-1.1.1-alt3
gcc -pipe -frecord-gcc-switches -Wall -g -O2 -fPIC -DPIC -Werror -DUSE_SELINUX=1 -c
pam_mktemp.c
pam_mktemp.c:110:1: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
110 | static int check_scontext(const security_context_t scontext, const char *file)
pam_mktemp.c: In function 'check_scontext':
pam_mktemp.c:112:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
112 | security_context_t fscon = NULL;
pam_mktemp.c: In function 'pam_sm_open_session':
pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
152 | security_context_t old_fscreatecon, new_fscreatecon = NULL;
pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
pam_mktemp.c:204:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
[-Werror=deprecated-declarations]
204 | if (matchpathcon(PRIVATE_PREFIX, S_IFDIR, &new_fscreatecon) ||
--
500 | extern int matchpathcon(const char *path,
pam_mktemp.c:259:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
[-Werror=deprecated-declarations]
259 | if (matchpathcon(userdir, S_IFDIR, &new_fscreatecon) ||
--
500 | extern int matchpathcon(const char *path,
pam_mktemp.c:305:2: error: 'matchpathcon_fini' is deprecated: Use selabel_close
[-Werror=deprecated-declarations]
305 | matchpathcon_fini();
--
483 | extern void matchpathcon_fini(void)
cc1: all warnings being treated as errors
make: *** [Makefile:48: pam_mktemp.o] Error 1
pve-lxc-3.1.0-alt4
| ^[[01;31m^[[K^~~~~~~~~~~~~~~~~~^[[m^[[K
cc1: all warnings being treated as errors
make[3]: *** [Makefile:2268: lsm/liblxc_la-selinux.lo] Error 1
shadow-1:4.5-alt7
from audit_help.c:47:
../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
124 | /*@null@*/security_context_t scontext;
cc1: all warnings being treated as errors
make[2]: *** [Makefile:579: audit_help.o] Error 1
--
from chowntty.c:42:
../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
124 | /*@null@*/security_context_t scontext;
cc1: all warnings being treated as errors
make[2]: *** [Makefile:579: chowntty.o] Error 1
--
from chowndir.c:39:
../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
124 | /*@null@*/security_context_t scontext;
cc1: all warnings being treated as errors
make[2]: *** [Makefile:579: chowndir.o] Error 1
--
from chkname.c:51:
../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
124 | /*@null@*/security_context_t scontext;
cc1: all warnings being treated as errors
make[2]: *** [Makefile:579: chkname.o] Error 1
--
from cleanup.c:35:
../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
[-Werror=deprecated-declarations]
124 | /*@null@*/security_context_t scontext;
cc1: all warnings being treated as errors
make[2]: *** [Makefile:579: cleanup.o] Error 1
vixie-cron-4.1.20060426-alt10.1
94 | security_context_t get_selinux_context(const char *name, int fd, char **err_msg);
selinux.c:4:10: fatal error: selinux/flask.h: No such file or directory
4 | #include <selinux/flask.h>
----- End forwarded message -----
--
ldv
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...
2020-08-01 9:36 ` [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 Dmitry V. Levin
@ 2020-08-03 11:32 ` Aleksei Nikiforov
2020-08-03 11:48 ` Aleksei Nikiforov
2020-08-03 14:31 ` [devel] crtools acl (Was: [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...) Vladimir D. Seleznev
2 siblings, 0 replies; 5+ messages in thread
From: Aleksei Nikiforov @ 2020-08-03 11:32 UTC (permalink / raw)
To: Dmitry V. Levin; +Cc: ALT Devel discussion list
01.08.2020 12:36, Dmitry V. Levin пишет:
> On Fri, Jul 31, 2020 at 10:39:12AM +0000, Girar Builder pender robot wrote:
>> http://git.altlinux.org/tasks/archive/done/_249/255600/logs/events.1.2.log
>>
>> 2020-Jul-31 10:22:30 :: task #255600 for sisyphus started by darktemplar:
>> #100 build 3.1-alt1 from /people/darktemplar/packages/libsepol.git fetched at 2020-Jul-31 09:39:20
>> #200 build 3.1-alt1 from /people/darktemplar/packages/libselinux.git fetched at 2020-Jul-31 09:39:33
>> #300 build 3.1-alt1 from /people/darktemplar/packages/checkpolicy.git fetched at 2020-Jul-31 09:39:51
>> #400 build 3.1-alt1 from /people/darktemplar/packages/libsemanage.git fetched at 2020-Jul-31 09:39:54
>> #500 build 3.1-alt1 from /people/darktemplar/packages/policycoreutils.git fetched at 2020-Jul-31 09:42:13
>
> У нас в результате этого обновления ожидаемо появились сборочные
> регрессии, в том числе по недавно обновлённым пакетам, в которых
> ещё нет апстримных фиксов.
>
> Теперь просьба отрецензировать https://github.com/linux-pam/linux-pam/pull/258
> и помочь с восстановлением собираемости остальных пострадавших пакетов.
>
По поводу пулл реквеста по ссылке - за исключением замены функций
${something} на ${something}_raw - LGTM, но я к linux-pam отношения не
имею. На что и как именно повлияет замена функций ${something} на
${something}_raw, и почему "context translation не нужно" - не до конца
понятно. Возможно, лучше избавление от "context translation", если оно
нужно, сделать отдельным изменением.
> ----- Forwarded message from ALT beekeeper -----
>
> crtools-3.14-alt1
> criu/lsm.c: In function 'selinux_get_label':
> criu/lsm.c:67:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 67 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/lsm.o]
> Error 1
> --
> criu/net.c: In function 'prep_ns_sockets':
> criu/net.c:2936:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 2936 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/net.o]
> Error 1
>
> cups-2.3.1-alt1
> 95 | security_context_t scon; /* Security context of job */
> ipp.c:38:10: fatal error: selinux/flask.h: No such file or directory
> 38 | #include <selinux/flask.h>
>
> ipsec-tools-0.8.2-alt2
> x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec -D_GNU_SOURCE
> -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -I./src/include-glibc
> -I../../src/racoon/missing -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h
> -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/etc/racoon\"
> -DADMINPORTDIR=\"/var/lib/racoon\" -fPIE -pipe -frecord-gcc-switches -Wall -g -O2 -Wall
> -Wno-unused -Wno-strict-aliasing -c -o security.o security.c
> security.c:41:10: fatal error: selinux/flask.h: No such file or directory
> 41 | #include <selinux/flask.h>
>
> linux-pam-1.4.0-alt1
> libtool: compile: x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../libpam/include
> -I../../libpamc/include -DSECURECONF_DIR=\"/etc/security/\" -W -Wbad-function-cast
> -Wcast-align -Wcast-qual -Wmissing-declarations -Wmissing-prototypes -Wpointer-arith
> -Wreturn-type -Wstrict-prototypes -Wwrite-strings -Winline -Wshadow -Werror -pipe
> -frecord-gcc-switches -Wall -g -O2 -c pam_namespace.c -fPIC -DPIC -o .libs/pam_namespace.o
> pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 800 | security_context_t *i_context, security_context_t *origcon,
> pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c: In function 'form_context':
> pam_namespace.c:804:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 804 | security_context_t scon = NULL;
> pam_namespace.c: At top level:
> pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 913 | security_context_t *i_context, security_context_t *origcon,
> pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c: In function 'poly_name':
> pam_namespace.c:924:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 924 | security_context_t rawcon = NULL;
> pam_namespace.c: In function 'create_polydir':
> pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 1321 | security_context_t dircon, oldcon = NULL;
> pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c:1335:9: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 1335 | rc = matchpathcon(dir, S_IFDIR, &dircon);
> --
> 500 | extern int matchpathcon(const char *path,
> pam_namespace.c:1348:9: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> [-Werror=deprecated-declarations]
> 1348 | matchpathcon_fini();
>
> pam_mktemp-1.1.1-alt3
> gcc -pipe -frecord-gcc-switches -Wall -g -O2 -fPIC -DPIC -Werror -DUSE_SELINUX=1 -c
> pam_mktemp.c
> pam_mktemp.c:110:1: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 110 | static int check_scontext(const security_context_t scontext, const char *file)
> pam_mktemp.c: In function 'check_scontext':
> pam_mktemp.c:112:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 112 | security_context_t fscon = NULL;
> pam_mktemp.c: In function 'pam_sm_open_session':
> pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 152 | security_context_t old_fscreatecon, new_fscreatecon = NULL;
> pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_mktemp.c:204:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 204 | if (matchpathcon(PRIVATE_PREFIX, S_IFDIR, &new_fscreatecon) ||
> --
> 500 | extern int matchpathcon(const char *path,
> pam_mktemp.c:259:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 259 | if (matchpathcon(userdir, S_IFDIR, &new_fscreatecon) ||
> --
> 500 | extern int matchpathcon(const char *path,
> pam_mktemp.c:305:2: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> [-Werror=deprecated-declarations]
> 305 | matchpathcon_fini();
> --
> 483 | extern void matchpathcon_fini(void)
> cc1: all warnings being treated as errors
> make: *** [Makefile:48: pam_mktemp.o] Error 1
>
> pve-lxc-3.1.0-alt4
> | ^[[01;31m^[[K^~~~~~~~~~~~~~~~~~^[[m^[[K
> cc1: all warnings being treated as errors
> make[3]: *** [Makefile:2268: lsm/liblxc_la-selinux.lo] Error 1
>
> shadow-1:4.5-alt7
> from audit_help.c:47:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: audit_help.o] Error 1
> --
> from chowntty.c:42:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chowntty.o] Error 1
> --
> from chowndir.c:39:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chowndir.o] Error 1
> --
> from chkname.c:51:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chkname.o] Error 1
> --
> from cleanup.c:35:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: cleanup.o] Error 1
>
> vixie-cron-4.1.20060426-alt10.1
> 94 | security_context_t get_selinux_context(const char *name, int fd, char **err_msg);
> selinux.c:4:10: fatal error: selinux/flask.h: No such file or directory
> 4 | #include <selinux/flask.h>
>
> ----- End forwarded message -----
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...
2020-08-01 9:36 ` [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 Dmitry V. Levin
2020-08-03 11:32 ` Aleksei Nikiforov
@ 2020-08-03 11:48 ` Aleksei Nikiforov
2020-08-03 13:00 ` Alexey V. Vissarionov
2020-08-03 14:31 ` [devel] crtools acl (Was: [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...) Vladimir D. Seleznev
2 siblings, 1 reply; 5+ messages in thread
From: Aleksei Nikiforov @ 2020-08-03 11:48 UTC (permalink / raw)
To: ALT Devel discussion list; +Cc: Alexey Shabalin, Dmitry V. Levin
01.08.2020 12:36, Dmitry V. Levin пишет:
> On Fri, Jul 31, 2020 at 10:39:12AM +0000, Girar Builder pender robot wrote:
>> http://git.altlinux.org/tasks/archive/done/_249/255600/logs/events.1.2.log
>>
>> 2020-Jul-31 10:22:30 :: task #255600 for sisyphus started by darktemplar:
>> #100 build 3.1-alt1 from /people/darktemplar/packages/libsepol.git fetched at 2020-Jul-31 09:39:20
>> #200 build 3.1-alt1 from /people/darktemplar/packages/libselinux.git fetched at 2020-Jul-31 09:39:33
>> #300 build 3.1-alt1 from /people/darktemplar/packages/checkpolicy.git fetched at 2020-Jul-31 09:39:51
>> #400 build 3.1-alt1 from /people/darktemplar/packages/libsemanage.git fetched at 2020-Jul-31 09:39:54
>> #500 build 3.1-alt1 from /people/darktemplar/packages/policycoreutils.git fetched at 2020-Jul-31 09:42:13
>
> У нас в результате этого обновления ожидаемо появились сборочные
> регрессии, в том числе по недавно обновлённым пакетам, в которых
> ещё нет апстримных фиксов.
>
> Теперь просьба отрецензировать https://github.com/linux-pam/linux-pam/pull/258
> и помочь с восстановлением собираемости остальных пострадавших пакетов.
>
> ----- Forwarded message from ALT beekeeper -----
>
> crtools-3.14-alt1
> criu/lsm.c: In function 'selinux_get_label':
> criu/lsm.c:67:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 67 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/lsm.o]
> Error 1
> --
> criu/net.c: In function 'prep_ns_sockets':
> criu/net.c:2936:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 2936 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/net.o]
> Error 1
>
> cups-2.3.1-alt1
> 95 | security_context_t scon; /* Security context of job */
> ipp.c:38:10: fatal error: selinux/flask.h: No such file or directory
> 38 | #include <selinux/flask.h>
>
> ipsec-tools-0.8.2-alt2
> x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec -D_GNU_SOURCE
> -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -I./src/include-glibc
> -I../../src/racoon/missing -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h
> -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/etc/racoon\"
> -DADMINPORTDIR=\"/var/lib/racoon\" -fPIE -pipe -frecord-gcc-switches -Wall -g -O2 -Wall
> -Wno-unused -Wno-strict-aliasing -c -o security.o security.c
> security.c:41:10: fatal error: selinux/flask.h: No such file or directory
> 41 | #include <selinux/flask.h>
>
У данного пакета ipsec-tools на домашней странице в самом начале написано:
Important Note
The development of ipsec-tools has been ABANDONED.
ipsec-tools has security issues, and you should not use it. Please
switch to a secure alternative!
Данный пакет кому-то нужен или может пора его выкинуть?
> linux-pam-1.4.0-alt1
> libtool: compile: x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../libpam/include
> -I../../libpamc/include -DSECURECONF_DIR=\"/etc/security/\" -W -Wbad-function-cast
> -Wcast-align -Wcast-qual -Wmissing-declarations -Wmissing-prototypes -Wpointer-arith
> -Wreturn-type -Wstrict-prototypes -Wwrite-strings -Winline -Wshadow -Werror -pipe
> -frecord-gcc-switches -Wall -g -O2 -c pam_namespace.c -fPIC -DPIC -o .libs/pam_namespace.o
> pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 800 | security_context_t *i_context, security_context_t *origcon,
> pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c: In function 'form_context':
> pam_namespace.c:804:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 804 | security_context_t scon = NULL;
> pam_namespace.c: At top level:
> pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 913 | security_context_t *i_context, security_context_t *origcon,
> pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c: In function 'poly_name':
> pam_namespace.c:924:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 924 | security_context_t rawcon = NULL;
> pam_namespace.c: In function 'create_polydir':
> pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 1321 | security_context_t dircon, oldcon = NULL;
> pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_namespace.c:1335:9: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 1335 | rc = matchpathcon(dir, S_IFDIR, &dircon);
> --
> 500 | extern int matchpathcon(const char *path,
> pam_namespace.c:1348:9: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> [-Werror=deprecated-declarations]
> 1348 | matchpathcon_fini();
>
> pam_mktemp-1.1.1-alt3
> gcc -pipe -frecord-gcc-switches -Wall -g -O2 -fPIC -DPIC -Werror -DUSE_SELINUX=1 -c
> pam_mktemp.c
> pam_mktemp.c:110:1: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 110 | static int check_scontext(const security_context_t scontext, const char *file)
> pam_mktemp.c: In function 'check_scontext':
> pam_mktemp.c:112:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 112 | security_context_t fscon = NULL;
> pam_mktemp.c: In function 'pam_sm_open_session':
> pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 152 | security_context_t old_fscreatecon, new_fscreatecon = NULL;
> pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> pam_mktemp.c:204:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 204 | if (matchpathcon(PRIVATE_PREFIX, S_IFDIR, &new_fscreatecon) ||
> --
> 500 | extern int matchpathcon(const char *path,
> pam_mktemp.c:259:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> [-Werror=deprecated-declarations]
> 259 | if (matchpathcon(userdir, S_IFDIR, &new_fscreatecon) ||
> --
> 500 | extern int matchpathcon(const char *path,
> pam_mktemp.c:305:2: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> [-Werror=deprecated-declarations]
> 305 | matchpathcon_fini();
> --
> 483 | extern void matchpathcon_fini(void)
> cc1: all warnings being treated as errors
> make: *** [Makefile:48: pam_mktemp.o] Error 1
>
> pve-lxc-3.1.0-alt4
> | ^[[01;31m^[[K^~~~~~~~~~~~~~~~~~^[[m^[[K
> cc1: all warnings being treated as errors
> make[3]: *** [Makefile:2268: lsm/liblxc_la-selinux.lo] Error 1
>
> shadow-1:4.5-alt7
> from audit_help.c:47:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: audit_help.o] Error 1
> --
> from chowntty.c:42:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chowntty.o] Error 1
> --
> from chowndir.c:39:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chowndir.o] Error 1
> --
> from chkname.c:51:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: chkname.o] Error 1
> --
> from cleanup.c:35:
> ../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 124 | /*@null@*/security_context_t scontext;
> cc1: all warnings being treated as errors
> make[2]: *** [Makefile:579: cleanup.o] Error 1
>
> vixie-cron-4.1.20060426-alt10.1
> 94 | security_context_t get_selinux_context(const char *name, int fd, char **err_msg);
> selinux.c:4:10: fatal error: selinux/flask.h: No such file or directory
> 4 | #include <selinux/flask.h>
>
> ----- End forwarded message -----
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...
2020-08-03 11:48 ` Aleksei Nikiforov
@ 2020-08-03 13:00 ` Alexey V. Vissarionov
0 siblings, 0 replies; 5+ messages in thread
From: Alexey V. Vissarionov @ 2020-08-03 13:00 UTC (permalink / raw)
To: ALT Linux Team development discussions
On 2020-08-03 14:48:31 +0300, Aleksei Nikiforov wrote:
> У данного пакета ipsec-tools на домашней странице в самом начале
> написано:
> Important Note The development of ipsec-tools has been ABANDONED.
> ipsec-tools has security issues, and you should not use it.
> Please switch to a secure alternative!
Совершенно правильно написано. И единственная "альтернатива" давно
известна - это OpenVPN (там тоже не все хорошо, но пока держится).
> Данный пакет кому-то нужен или может пора его выкинуть?
Если удалить - это теоретическое неудобство для клиентов.
Если оставить - это реальный репутационный риск для нас.
По-моему, решение очевидно.
--
Alexey V. Vissarionov
gremlin ПРИ altlinux ТЧК org; +vii-cmiii-ccxxix-lxxix-xlii
GPG: 0D92F19E1C0DC36E27F61A29CD17E2B43D879005 @ hkp://keys.gnupg.net
^ permalink raw reply [flat|nested] 5+ messages in thread
* [devel] crtools acl (Was: [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...)
2020-08-01 9:36 ` [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 Dmitry V. Levin
2020-08-03 11:32 ` Aleksei Nikiforov
2020-08-03 11:48 ` Aleksei Nikiforov
@ 2020-08-03 14:31 ` Vladimir D. Seleznev
2 siblings, 0 replies; 5+ messages in thread
From: Vladimir D. Seleznev @ 2020-08-03 14:31 UTC (permalink / raw)
To: ALT Linux Team development discussions
On Sat, Aug 01, 2020 at 12:36:23PM +0300, Dmitry V. Levin wrote:
> On Fri, Jul 31, 2020 at 10:39:12AM +0000, Girar Builder pender robot wrote:
> > http://git.altlinux.org/tasks/archive/done/_249/255600/logs/events.1.2.log
> >
> > 2020-Jul-31 10:22:30 :: task #255600 for sisyphus started by darktemplar:
> > #100 build 3.1-alt1 from /people/darktemplar/packages/libsepol.git fetched at 2020-Jul-31 09:39:20
> > #200 build 3.1-alt1 from /people/darktemplar/packages/libselinux.git fetched at 2020-Jul-31 09:39:33
> > #300 build 3.1-alt1 from /people/darktemplar/packages/checkpolicy.git fetched at 2020-Jul-31 09:39:51
> > #400 build 3.1-alt1 from /people/darktemplar/packages/libsemanage.git fetched at 2020-Jul-31 09:39:54
> > #500 build 3.1-alt1 from /people/darktemplar/packages/policycoreutils.git fetched at 2020-Jul-31 09:42:13
>
> У нас в результате этого обновления ожидаемо появились сборочные
> регрессии, в том числе по недавно обновлённым пакетам, в которых
> ещё нет апстримных фиксов.
>
> Теперь просьба отрецензировать https://github.com/linux-pam/linux-pam/pull/258
> и помочь с восстановлением собираемости остальных пострадавших пакетов.
>
> ----- Forwarded message from ALT beekeeper -----
>
> crtools-3.14-alt1
> criu/lsm.c: In function 'selinux_get_label':
> criu/lsm.c:67:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 67 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/lsm.o]
> Error 1
> --
> criu/net.c: In function 'prep_ns_sockets':
> criu/net.c:2936:2: error: 'security_context_t' is deprecated
> [-Werror=deprecated-declarations]
> 2936 | security_context_t ctx;
> cc1: all warnings being treated as errors
> make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/net.o]
> Error 1
>
> [skip]
Прошу добавить меня в acl crtools.
--
WBR,
Vladimir D. Seleznev
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-08-03 14:31 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-01 9:36 ` [devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 Dmitry V. Levin
2020-08-03 11:32 ` Aleksei Nikiforov
2020-08-03 11:48 ` Aleksei Nikiforov
2020-08-03 13:00 ` Alexey V. Vissarionov
2020-08-03 14:31 ` [devel] crtools acl (Was: [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...) Vladimir D. Seleznev
ALT Linux Team development discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
public-inbox-index devel
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.devel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git