[devel] [#255600] DONE libsepol.git=3.1-alt1 libselinux.git=3.1-alt1 checkpolicy.git=3.1-alt1 ...

Aleksei Nikiforov darktemplar на altlinux.org
Пн Авг 3 14:32:05 MSK 2020 

01.08.2020 12:36, Dmitry V. Levin пишет:
> On Fri, Jul 31, 2020 at 10:39:12AM +0000, Girar Builder pender robot wrote:
>> http://git.altlinux.org/tasks/archive/done/_249/255600/logs/events.1.2.log
>>
>> 2020-Jul-31 10:22:30 :: task #255600 for sisyphus started by darktemplar:
>> #100 build 3.1-alt1 from /people/darktemplar/packages/libsepol.git fetched at 2020-Jul-31 09:39:20
>> #200 build 3.1-alt1 from /people/darktemplar/packages/libselinux.git fetched at 2020-Jul-31 09:39:33
>> #300 build 3.1-alt1 from /people/darktemplar/packages/checkpolicy.git fetched at 2020-Jul-31 09:39:51
>> #400 build 3.1-alt1 from /people/darktemplar/packages/libsemanage.git fetched at 2020-Jul-31 09:39:54
>> #500 build 3.1-alt1 from /people/darktemplar/packages/policycoreutils.git fetched at 2020-Jul-31 09:42:13
> 
> У нас в результате этого обновления ожидаемо появились сборочные
> регрессии, в том числе по недавно обновлённым пакетам, в которых
> ещё нет апстримных фиксов.
> 
> Теперь просьба отрецензировать https://github.com/linux-pam/linux-pam/pull/258
> и помочь с восстановлением собираемости остальных пострадавших пакетов.
> 

По поводу пулл реквеста по ссылке - за исключением замены функций
${something} на ${something}_raw - LGTM, но я к linux-pam отношения не
имею. На что и как именно повлияет замена функций ${something} на
${something}_raw, и почему "context translation не нужно" - не до конца
понятно. Возможно, лучше избавление от "context translation", если оно
нужно, сделать отдельным изменением.

> ----- Forwarded message from ALT beekeeper -----
> 
> crtools-3.14-alt1
> 	criu/lsm.c: In function 'selinux_get_label':
> 	criu/lsm.c:67:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	67 |  security_context_t ctx;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/lsm.o]
> 	Error 1
> 	--
> 	criu/net.c: In function 'prep_ns_sockets':
> 	criu/net.c:2936:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	2936 |	security_context_t ctx;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [/usr/src/RPM/BUILD/criu-3.14/scripts/nmk/scripts/build.mk:118: criu/net.o]
> 	Error 1
> 
> cups-2.3.1-alt1
> 	95 |   security_context_t scon;  /* Security context of job */
> 	ipp.c:38:10: fatal error: selinux/flask.h: No such file or directory
> 	38 | #include <selinux/flask.h>
> 
> ipsec-tools-0.8.2-alt2
> 	x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec   -D_GNU_SOURCE
> 	-include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -I./src/include-glibc
> 	-I../../src/racoon/missing -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h
> 	-I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/etc/racoon\"
> 	-DADMINPORTDIR=\"/var/lib/racoon\" -fPIE -pipe -frecord-gcc-switches -Wall -g -O2  -Wall
> 	-Wno-unused -Wno-strict-aliasing -c -o security.o security.c
> 	security.c:41:10: fatal error: selinux/flask.h: No such file or directory
> 	41 | #include <selinux/flask.h>
> 
> linux-pam-1.4.0-alt1
> 	libtool: compile:  x86_64-alt-linux-gcc -DHAVE_CONFIG_H -I. -I../.. -I../../libpam/include
> 	-I../../libpamc/include -DSECURECONF_DIR=\"/etc/security/\" -W -Wbad-function-cast
> 	-Wcast-align -Wcast-qual -Wmissing-declarations -Wmissing-prototypes -Wpointer-arith
> 	-Wreturn-type -Wstrict-prototypes -Wwrite-strings -Winline -Wshadow -Werror -pipe
> 	-frecord-gcc-switches -Wall -g -O2 -c pam_namespace.c  -fPIC -DPIC -o .libs/pam_namespace.o
> 	pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	800 |	security_context_t *i_context, security_context_t *origcon,
> 	pam_namespace.c:800:3: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	pam_namespace.c: In function 'form_context':
> 	pam_namespace.c:804:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	804 |  security_context_t scon = NULL;
> 	pam_namespace.c: At top level:
> 	pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	913 |  security_context_t *i_context, security_context_t *origcon,
> 	pam_namespace.c:913:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	pam_namespace.c: In function 'poly_name':
> 	pam_namespace.c:924:5: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	924 |	  security_context_t rawcon = NULL;
> 	pam_namespace.c: In function 'create_polydir':
> 	pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	1321 |	   security_context_t dircon, oldcon = NULL;
> 	pam_namespace.c:1321:5: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	pam_namespace.c:1335:9: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> 	[-Werror=deprecated-declarations]
> 	1335 |	       rc = matchpathcon(dir, S_IFDIR, &dircon);
> 	--
> 	500 | extern int matchpathcon(const char *path,
> 	pam_namespace.c:1348:9: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> 	[-Werror=deprecated-declarations]
> 	1348 |	       matchpathcon_fini();
> 
> pam_mktemp-1.1.1-alt3
> 	gcc -pipe -frecord-gcc-switches -Wall -g -O2 -fPIC -DPIC -Werror -DUSE_SELINUX=1 -c
> 	pam_mktemp.c
> 	pam_mktemp.c:110:1: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	110 | static int check_scontext(const security_context_t scontext, const char *file)
> 	pam_mktemp.c: In function 'check_scontext':
> 	pam_mktemp.c:112:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	112 |  security_context_t fscon = NULL;
> 	pam_mktemp.c: In function 'pam_sm_open_session':
> 	pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	152 |  security_context_t old_fscreatecon, new_fscreatecon = NULL;
> 	pam_mktemp.c:152:2: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	pam_mktemp.c:204:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> 	[-Werror=deprecated-declarations]
> 	204 |	if (matchpathcon(PRIVATE_PREFIX, S_IFDIR, &new_fscreatecon) ||
> 	--
> 	500 | extern int matchpathcon(const char *path,
> 	pam_mktemp.c:259:3: error: 'matchpathcon' is deprecated: Use selabel_lookup instead
> 	[-Werror=deprecated-declarations]
> 	259 |	if (matchpathcon(userdir, S_IFDIR, &new_fscreatecon) ||
> 	--
> 	500 | extern int matchpathcon(const char *path,
> 	pam_mktemp.c:305:2: error: 'matchpathcon_fini' is deprecated: Use selabel_close
> 	[-Werror=deprecated-declarations]
> 	305 |  matchpathcon_fini();
> 	--
> 	483 | extern void matchpathcon_fini(void)
> 	cc1: all warnings being treated as errors
> 	make: *** [Makefile:48: pam_mktemp.o] Error 1
> 
> pve-lxc-3.1.0-alt4
> 	|  ^~~~~~~~~~~~~~~~~~
> 	cc1: all warnings being treated as errors
> 	make[3]: *** [Makefile:2268: lsm/liblxc_la-selinux.lo] Error 1
> 
> shadow-1:4.5-alt7
> 	from audit_help.c:47:
> 	../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	124 |  /*@null@*/security_context_t scontext;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [Makefile:579: audit_help.o] Error 1
> 	--
> 	from chowntty.c:42:
> 	../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	124 |  /*@null@*/security_context_t scontext;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [Makefile:579: chowntty.o] Error 1
> 	--
> 	from chowndir.c:39:
> 	../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	124 |  /*@null@*/security_context_t scontext;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [Makefile:579: chowndir.o] Error 1
> 	--
> 	from chkname.c:51:
> 	../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	124 |  /*@null@*/security_context_t scontext;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [Makefile:579: chkname.o] Error 1
> 	--
> 	from cleanup.c:35:
> 	../lib/commonio.h:124:12: error: 'security_context_t' is deprecated
> 	[-Werror=deprecated-declarations]
> 	124 |  /*@null@*/security_context_t scontext;
> 	cc1: all warnings being treated as errors
> 	make[2]: *** [Makefile:579: cleanup.o] Error 1
> 
> vixie-cron-4.1.20060426-alt10.1
> 	94 | security_context_t get_selinux_context(const char *name, int fd, char **err_msg);
> 	selinux.c:4:10: fatal error: selinux/flask.h: No such file or directory
> 	4 | #include <selinux/flask.h>
> 
> ----- End forwarded message -----
>

Подробная информация о списке рассылки Devel