Bug 2366308
| Summary: | rpm-head-signing: FTBFS in Fedora Rawhide with RPM 6 | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Miro Hrončok <mhroncok> |
| Component: | rpm-head-signing | Assignee: | Peter Robinson <pbrobinson> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | fti-bugs, ksurma, pbrobinson, pmatilai |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| URL: | https://koschei.fedoraproject.org/package/rpm-head-signing | ||
| Whiteboard: | |||
| Fixed In Version: | rpm-head-signing-1.7.4-11.fc43 | Doc Type: | --- |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2025-10-07 00:19:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2322407, 2339432, 2339435, 2360107 | ||
Rather than spawn an external rpm process and then parse the version out of it, this could just use: >>> rpm.__version__ '5.99.90' >>> rpm.__version_info__ ('5', '99', '90') That said, testing for versions tends to run into silly issues like this. It's far better to explicitly test for the actual features you care about instead. *** Bug 2372216 has been marked as a duplicate of this bug. *** Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ This package fails to install and maintainers are advised to take one of the following actions: - Fix this bug and close this bugzilla once the update makes it to the repository. (The same script that posted this comment will eventually close this bugzilla when the fixed package reaches the repository, so you don't have to worry about it.) or - Move this bug to ASSIGNED if you plan on fixing this, but simply haven't done so yet. or - Orphan the package if you no longer plan to maintain it. If you do not take one of these actions, the process at https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails_to_install/#_package_removal_for_long_standing_ftbfs_and_fti_bugs will continue. This package may be orphaned in 7+ weeks. This is the first reminder (step 3) from the policy. Don't hesitate to ask for help on https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/ if you are unsure how to fix this bug. Working on it (In reply to Peter Robinson from comment #4) > Working on it The Beta Freeze of Fedora 43 starts tomorrow. Has there been any progress? Still on my list, I've had other higher prios for beta freeze that have taken up my spare time. Note that when the wrong string formatting is fixed and version 6 is allowed, the failure is:
...
building 'insertlib' extension
creating build/temp.linux-x86_64-cpython-314/rpm_head_signing
gcc -O2 -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fPIC -DRPM_415 -I/usr/include/python3.14 -c rpm_head_signing/insertlib.c -o build/temp.linux-x86_64-cpython-314/rpm_head_signing/insertlib.o -Wall -Werror
rpm_head_signing/insertlib.c: In function ‘read_rpm’:
rpm_head_signing/insertlib.c:269:29: error: ‘RPMTAG_PAYLOADDIGEST’ undeclared (first use in this function); did you mean ‘RPMTAG_PAYLOADDIGESTALT’?
269 | if (!(headerIsEntry(*h, RPMTAG_PAYLOADDIGEST) ||
| ^~~~~~~~~~~~~~~~~~~~
| RPMTAG_PAYLOADDIGESTALT
rpm_head_signing/insertlib.c:269:29: note: each undeclared identifier is reported only once for each function it appears in
error: command '/usr/bin/gcc' failed with exit code 1
error: subprocess-exited-with-error
× Building wheel for rpm_head_signing (pyproject.toml) did not run successfully.
│ exit code: 1
╰─> See above for output.
Right, that tag and its ALT counterpart were renamed to RPMTAG_PAYLOADSHA256 in 6.0 because that's what it is. The tag number didn't change though.
Apparently it's used to determine whether a package can be header-only signed (which makes the project name more understandable now). For a minimal fix one could just add a compat ifdef and define, there already are a few at the beginning of insertlib.c. A proper fix would look for any of RPMTAG_PAYLOADSHA256, RPMTAG_PAYLOADSHA512, RPMTAG_PAYLOADSHA3_256 and their -ALT variants.
As an aside, I'll note that rpm-head-signing is playing dangerous games:
> // Functions that are in librpm but are not in the headers
These functions are not in the headers because they are considered private. There's exactly zero regard to external users breaking when they use such things.
FEDORA-2025-433a98c5cd (rpm-head-signing-1.7.4-11.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-433a98c5cd FEDORA-2025-433a98c5cd has been pushed to the Fedora 43 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-433a98c5cd` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-433a98c5cd See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ All subpackages of a package against which this bug was filled are now installable or removed from Fedora 44. Thanks for taking care of it! FEDORA-2025-433a98c5cd (rpm-head-signing-1.7.4-11.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report. |
Description of problem: Package rpm-head-signing fails to build from source in Fedora Rawhide. ------------------------------------ + /usr/bin/python3 setup.py build '--executable=/usr/bin/python3 -sP' Traceback (most recent call last): File "/builddir/build/BUILD/rpm-head-signing-1.7.4-build/rpm-head-signing-1.7.4/setup.py", line 10, in <module> raise Exception("RPM version %s is not major version 4" % rpm_version) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~ TypeError: not all arguments converted during string formatting ------------------------------------ Version-Release number of selected component (if applicable): 1.7.4-8.fc42 Steps to Reproduce: fedpkg build Additional info: This package is tracked by Koschei. See: https://koschei.fedoraproject.org/package/rpm-head-signing