Description of problem: Unable to build pki-selinux rpm file from SVN on Centos5 (el5). pki-ca requires pki-selinux for installation as result install process is incomlete. Version-Release number of selected component (if applicable): Such error I have replicated on svn 199, 207 and 209, however svn 179 there was not such thing as pki-selinux and build and installation process was fine. How reproducible: Steps to Reproduce: 1. Linux 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 12:03:43 EST 2008 i686 i686 i386 GNU/Linux 2. ..prerequests.. mkdir src cd src svn co https://pki.fedoraproject.org/svn/pki/trunk/pki 3. script -c ./build_pki typescript.build_pki #from script folder Actual results: [exec] BUILD SUCCESSFUL [exec] Total time: 0 seconds [echo] Completed creating the 'pki-selinux' source distribution. [echo] Creating 'pki-selinux' RPM directories ... [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/SOURCES [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/RPMS [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/SRPMS [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/SPECS [mkdir] Created dir: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/BUILD [echo] Completed creating 'pki-selinux' RPM directories. [echo] Building 'pki-selinux' RPMS and SRPMS ... [exec] Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.27691 [exec] + umask 022 [exec] + cd /install/pki/src/release/pki/base/selinux/./dist/rpmpkg/BUILD [exec] + LANG=C [exec] + export LANG [exec] + unset DISPLAY [exec] + cd /install/pki/src/release/pki/base/selinux/dist/rpmpkg/BUILD [exec] + rm -rf pki-selinux-1.0.0 [exec] + /bin/gzip -dc /install/pki/src/release/pki/base/selinux/dist/source/pki-selinux-1.0.0.tar.gz [exec] + tar -xf - [exec] + STATUS=0 [exec] + '[' 0 -ne 0 ']' [exec] + cd pki-selinux-1.0.0 [exec] ++ /usr/bin/id -u [exec] + '[' 500 = 0 ']' [exec] ++ /usr/bin/id -u [exec] + '[' 500 = 0 ']' [exec] + /bin/chmod -Rf a+rX,u+w,g-w,o-w . [exec] + exit 0 [exec] Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.27691 [exec] + umask 022 [exec] + cd /install/pki/src/release/pki/base/selinux/./dist/rpmpkg/BUILD [exec] + cd pki-selinux-1.0.0 [exec] + LANG=C [exec] + export LANG [exec] + unset DISPLAY [exec] + cd src [exec] + make [exec] if [ ! -e /usr/share/selinux/devel/Makefile ]; then echo "You need to install the SELinux development tools (selinux-policy-devel)" && exit 1; fi [exec] make -f /usr/share/selinux/devel/Makefile || exit 1; [exec] make[1]: Entering directory `/install/pki/src/release/pki/base/selinux/dist/rpmpkg/BUILD/pki-selinux-1.0.0/src' [exec] Compiling targeted pki module [exec] /usr/bin/checkmodule: loading policy configuration from tmp/pki.tmp [exec] make[1]: Leaving directory `/install/pki/src/release/pki/base/selinux/dist/rpmpkg/BUILD/pki-selinux-1.0.0/src' [exec] pki.te:15:ERROR 'syntax error' at token 'init_script_file' on line 85223: [exec] #line 15 [exec] init_script_file(pki_ca_script_exec_t) [exec] /usr/bin/checkmodule: error(s) encountered while parsing configuration [exec] make[1]: *** [tmp/pki.mod] Error 1 [exec] make: *** [all] Error 1 [exec] RPM build errors: [exec] error: Bad exit status from /var/tmp/rpm-tmp.27691 (%build) [exec] Bad exit status from /var/tmp/rpm-tmp.27691 (%build) [exec] Result: 1 [echo] Completed building 'pki-selinux' RPMS and SRPMS. [echo] Removing various 'pki-selinux' RPM directories and files ... [delete] Deleting directory /install/pki/src/release/pki/base/selinux/dist/rpmpkg/BUILD [echo] Completed removing various 'pki-selinux' RPM directories and files. [echo] Completed generating 'pki-selinux' RPMS and SRPMS. BUILD SUCCESSFUL Total time: 2 seconds error: File not found by glob: /install/pki/src/release/pki/base/selinux/dist/rpmpkg/RPMS/*//pki-selinux-[0-9]*.rpm Buildfile: config/release.xml [echo] Importing shared properties ... [echo] Completed importing shared properties. Expected results: Additional info:
This builds just fine on my rhel5.3 system. The init_script_file directive is defined in /usr/share/selinux/devel/policy.xml which is delivered by selinux-policy-devel. The version on my system is : selinux-policy-devel-2.4.6-204.el5 although the one in rhel 5.3 works too. That is version 2.4.6-203,el5. Please check that you have a current version of selinux-policy and selinux-policy-devel.
After update selinux-policy-devel to 2.4.6-203 pki-selinux builds fine. Maybe there is worth to change pki-selinux.spec 115c115 < BuildRequires: ant >= 1.6.2, selinux-policy-devel, m4, make, policycoreutils --- > BuildRequires: ant >= 1.6.2, selinux-policy-devel >= 2.4.6-203, m4, make, policycoreutils or make some other version chek??
Possible version check in spec file. mharmsen, please confirm versions on fc9,10 and review: [builder@dhcp231-124 selinux]$ svn diff Index: pki-selinux.spec =================================================================== --- pki-selinux.spec (revision 207) +++ pki-selinux.spec (working copy) @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 4 +%define base_release 5 %define base_group System Environment/Shells %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -69,6 +69,11 @@ %define dist_prefix .fc %define dist_version %(echo `rpm -qf --qf='%{VERSION}' /etc/fedora-release` | tr -d [A-Za-z]) %define dist %{dist_prefix}%{dist_version} +#define the policy version build dependencies +%{?fc8:%define selinux_policy_version 3.0.8-127} +%{?fc9:%define selinux_policy_version 3.3.1-118} +%{?fc10:%define selinux_policy_version 3.5.13-41} +%{?fc11:%define selinux_policy_version 3.6.3-10} %else %define is_redhat %(test -e /etc/redhat-release && echo 1 || echo 0) %if %{is_redhat} @@ -81,8 +86,6 @@ %endif %endif - - ############################################################################### ### P A C K A G E H E A D E R ### ############################################################################### @@ -112,12 +115,15 @@ ## Technically, "ant" should not need to be in "BuildRequires" since ## it is the Java equivalent of "make" (and/or "Autotools"). ## +%if 0%{?selinux_policy_version} +BuildRequires: ant >= 1.6.2, selinux-policy-devel >= %{selinux_policy_version}, m4, make, policycoreutils +Requires: policycoreutils, libsemanage, selinux-policy >= %{selinux_policy_version} +%else BuildRequires: ant >= 1.6.2, selinux-policy-devel, m4, make, policycoreutils +Requires: policycoreutils, libsemanage, selinux-policy +%endif -## Without Requires something, rpmbuild will abort! -Requires: policycoreutils, libsemanage - ## This package is non-relocatable! #Prefix: @@ -238,6 +244,8 @@ ############################################################################### %changelog +* Mon Feb 9 2009 Ade Lee <alee> 1.0.0.5 +- Bugzilla Bug #483742 - add version check to spec file for fedora * Thu Jan 29 2009 Ade Lee <alee> 1.0.0.4 - Bugzilla Bug #483134 Moved selinux to /usr/share/selinux/modules * Tue Jan 27 2009 Ade Lee <alee> 1.0.0-3
Based on comments by mharmsen, a slightly different way to do it: mharmsen, please review: [builder@dhcp231-124 selinux]$ svn diff Index: pki-selinux.spec =================================================================== --- pki-selinux.spec (revision 216) +++ pki-selinux.spec (working copy) @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 5 +%define base_release 6 %define base_group System Environment/Shells %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -112,10 +112,22 @@ ## Technically, "ant" should not need to be in "BuildRequires" since ## it is the Java equivalent of "make" (and/or "Autotools"). ## -BuildRequires: ant >= 1.6.2, selinux-policy-devel, m4, make, policycoreutils +BuildRequires: ant >= 1.6.2, m4, make, policycoreutils +%{?fc8:BuildRequires: selinux-policy-devel >= 3.0.8-127} +%{?fc9:BuildRequires: selinux-policy-devel >= 3.3.1-118} +%{?fc10:BuildRequires: selinux-policy-devel >= 3.5.13-41} +%{?fc11:BuildRequires: selinux-policy-devel >= 3.6.3-10} +#default Fedora > f12 +BuildRequires: selinux-policy-devel ## Without Requires something, rpmbuild will abort! -Requires: policycoreutils, libsemanage +Requires: policycoreutils, libsemanage +%{?fc8:Requires: selinux-policy-targeted >= 3.0.8-127} +%{?fc9:Requires: selinux-policy-targeted >= 3.3.1-118} +%{?fc10:Requires: selinux-policy-targeted >= 3.5.13-41} +%{?fc11:Requires: selinux-policy-targeted >= 3.6.3-10} +# Default Fedora >= fc12 +Requires: selinux-policy-targeted ## This package is non-relocatable! @@ -238,6 +250,8 @@ ############################################################################### %changelog +* Mon Feb 9 2009 Ade Lee <alee> 1.0.0.6 +- Bugzilla Bug #483742 - add version check to spec file for fedora * Thu Feb 5 2009 Ade Lee <alee> 1.0.0.5 - Bugzilla Bug #483716: changes for TKS installation * Thu Jan 29 2009 Ade Lee <alee> 1.0.0.4
Final (slightly modified) counter proposal: Index: pki-selinux.spec =================================================================== --- pki-selinux.spec (revision 218) +++ pki-selinux.spec (working copy) @@ -33,7 +33,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 5 +%define base_release 6 %define base_group System Environment/Shells %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -112,10 +112,21 @@ ## Technically, "ant" should not need to be in "BuildRequires" since ## it is the Java equivalent of "make" (and/or "Autotools"). ## -BuildRequires: ant >= 1.6.2, selinux-policy-devel, m4, make, policycoreutils +BuildRequires: ant >= 1.6.2, m4, make, policycoreutils, selinux-policy-devel +# While 'selinux-policy-devel' is always required on Fedora 12 or later, +# certain earlier Fedora distributions require at least a minimum version +%{?fc8:BuildRequires: selinux-policy-devel >= 3.0.8-127} +%{?fc9:BuildRequires: selinux-policy-devel >= 3.3.1-118} +%{?fc10:BuildRequires: selinux-policy-devel >= 3.5.13-41} +%{?fc11:BuildRequires: selinux-policy-devel >= 3.6.3-10} -## Without Requires something, rpmbuild will abort! -Requires: policycoreutils, libsemanage +Requires: policycoreutils, libsemanage, selinux-policy-targeted +# While 'selinux-policy-targeted' is always required on Fedora 12 or later, +# certain earlier Fedora distributions require at least a minimum version +%{?fc8:Requires: selinux-policy-targeted >= 3.0.8-127} +%{?fc9:Requires: selinux-policy-targeted >= 3.3.1-118} +%{?fc10:Requires: selinux-policy-targeted >= 3.5.13-41} +%{?fc11:Requires: selinux-policy-targeted >= 3.6.3-10} ## This package is non-relocatable! @@ -238,6 +249,8 @@ ############################################################################### %changelog +* Mon Feb 9 2009 Ade Lee <alee> 1.0.0.6 +- Bugzilla Bug #483742 pki-selinux policy dependencies * Thu Feb 5 2009 Ade Lee <alee> 1.0.0.5 - Bugzilla Bug #483716: changes for TKS installation * Thu Jan 29 2009 Ade Lee <alee> 1.0.0.4 This was tested, and so is approved: +mharmsen
Added the following so that automated nightly builds won't be broken: % svn diff Index: dogtag/scripts/prepare_pki =================================================================== --- dogtag/scripts/prepare_pki (revision 218) +++ dogtag/scripts/prepare_pki (working copy) @@ -167,6 +167,7 @@ M4=m4 POLICYCOREUTILS=policycoreutils SELINUX_POLICY_DEVEL=selinux-policy-devel +SELINUX_POLICY_TARGETED=selinux-policy-targeted READLINE=readline READLINE_DEVEL=readline-devel NCURSES=ncurses @@ -184,5 +185,5 @@ HTTPD_DEVEL=httpd-devel # Build and install PKI support packages -${PKI_SUDO} ${PKI_UPDATE} ${PKI_UPDATE_OPTIONS} ${NSPR} ${NSPR_DEVEL} ${NSS} ${NSS_DEVEL} ${NSS_TOOLS} ${JSS} ${SVRCORE} ${SVRCORE_DEVEL} ${CYRUS_SASL} ${CYRUS_SASL_DEVEL} ${MOZLDAP} ${MOZLDAP_DEVEL} ${MOZLDAP_TOOLS} ${PERL} ${APR} ${PCRE} ${EXPAT} ${APR_UTIL} ${HTTPD} ${MOD_NSS} ${MOD_PERL} ${MOD_REVOCATOR} ${PERL_PARSE_RECDESCENT} ${PERL_HTML_TAGSET} ${PERL_HTML_PARSER} ${PERL_URI} ${PERL_LIBWWW_PERL} ${PERL_XML_PARSER} ${PERL_XML_SIMPLE} ${PERL_XML_NAMESPACESUPPORT} ${PERL_XML_SAX} ${JPACKAGE_UTILS} ${JAKARTA_COMMONS_LOGGING} ${TOMCAT5_SERVLET_2_4_API} ${JAKARTA_COMMONS_COLLECTIONS} ${JAKARTA_COMMONS_BEANUTILS} ${JAKARTA_COMMONS_DIGESTER} ${ORO} ${CLASSPATHX_JAF} ${LDAPJDK} ${JAKARTA_COMMONS_POOL} ${JAKARTA_COMMONS_FILEUPLOAD} ${XML_COMMONS} ${XML_COMMONS_APIS} ${REGEXP} ${BCEL} ${JAKARTA_COMMONS_DBCP} ${TOMCAT5_JASPER} ${JAKARTA_COMMONS_DISCOVERY} ${JAKARTA_COMMONS_HTTPCLIENT3} ${JMS} ${JAKARTA_COMMONS_LAUNCHER} ${JAKARTA_COMMONS_EL} ${JAKARTA_COMMONS_DAEMON} ${GNU_CRYPTO_SASL_JDK1_4} ${CLASSPATHX_MAIL} ${XERCES_J2} ${XALAN_J2} ${LOG4J} ${XML_COMMONS_RESOLVER} ${AVALON_LOGKIT} ${AVALON_FRAMEWORK} ${JDOM} ${WERKEN_XPATH} ${VELOCITY} ${ANT} ${WSDL4J} ${AXIS} ${MX4J} ${GERONIMO_SPECS} ${JAKARTA_COMMONS_MODELER} ${IDM_CONSOLE_FRAMEWORK} ${TOMCAT5} ${TOMCATJSS} ${MAKE} ${M4} ${POLICYCOREUTILS} ${SELINUX_POLICY_DEVEL} ${READLINE} ${READLINE_DEVEL} ${NCURSES} ${NCURSES_DEVEL} ${TCL} ${TCL_DEVEL} ${SQLITE} ${SQLITE_DEVEL} ${PERL_DBI} ${PERL_DBD_SQLITE} ${PCRE_DEVEL} ${EXPAT_DEVEL} ${APR_DEVEL} ${APR_UTIL_DEVEL} ${HTTPD_DEVEL} +${PKI_SUDO} ${PKI_UPDATE} ${PKI_UPDATE_OPTIONS} ${NSPR} ${NSPR_DEVEL} ${NSS} ${NSS_DEVEL} ${NSS_TOOLS} ${JSS} ${SVRCORE} ${SVRCORE_DEVEL} ${CYRUS_SASL} ${CYRUS_SASL_DEVEL} ${MOZLDAP} ${MOZLDAP_DEVEL} ${MOZLDAP_TOOLS} ${PERL} ${APR} ${PCRE} ${EXPAT} ${APR_UTIL} ${HTTPD} ${MOD_NSS} ${MOD_PERL} ${MOD_REVOCATOR} ${PERL_PARSE_RECDESCENT} ${PERL_HTML_TAGSET} ${PERL_HTML_PARSER} ${PERL_URI} ${PERL_LIBWWW_PERL} ${PERL_XML_PARSER} ${PERL_XML_SIMPLE} ${PERL_XML_NAMESPACESUPPORT} ${PERL_XML_SAX} ${JPACKAGE_UTILS} ${JAKARTA_COMMONS_LOGGING} ${TOMCAT5_SERVLET_2_4_API} ${JAKARTA_COMMONS_COLLECTIONS} ${JAKARTA_COMMONS_BEANUTILS} ${JAKARTA_COMMONS_DIGESTER} ${ORO} ${CLASSPATHX_JAF} ${LDAPJDK} ${JAKARTA_COMMONS_POOL} ${JAKARTA_COMMONS_FILEUPLOAD} ${XML_COMMONS} ${XML_COMMONS_APIS} ${REGEXP} ${BCEL} ${JAKARTA_COMMONS_DBCP} ${TOMCAT5_JASPER} ${JAKARTA_COMMONS_DISCOVERY} ${JAKARTA_COMMONS_HTTPCLIENT3} ${JMS} ${JAKARTA_COMMONS_LAUNCHER} ${JAKARTA_COMMONS_EL} ${JAKARTA_COMMONS_DAEMON} ${GNU_CRYPTO_SASL_JDK1_4} ${CLASSPATHX_MAIL} ${XERCES_J2} ${XALAN_J2} ${LOG4J} ${XML_COMMONS_RESOLVER} ${AVALON_LOGKIT} ${AVALON_FRAMEWORK} ${JDOM} ${WERKEN_XPATH} ${VELOCITY} ${ANT} ${WSDL4J} ${AXIS} ${MX4J} ${GERONIMO_SPECS} ${JAKARTA_COMMONS_MODELER} ${IDM_CONSOLE_FRAMEWORK} ${TOMCAT5} ${TOMCATJSS} ${MAKE} ${M4} ${POLICYCOREUTILS} ${SELINUX_POLICY_DEVEL} ${SELINUX_POLICY_TARGETED} ${READLINE} ${READLINE_DEVEL} ${NCURSES} ${NCURSES_DEVEL} ${TCL} ${TCL_DEVEL} ${SQLITE} ${SQLITE_DEVEL} ${PERL_DBI} ${PERL_DBD_SQLITE} ${PCRE_DEVEL} ${EXPAT_DEVEL} ${APR_DEVEL} ${APR_UTIL_DEVEL} ${HTTPD_DEVEL} % svn commit dogtag/scripts/prepare_pki Sending dogtag/scripts/prepare_pki Transmitting file data . Committed revision 219.
% svn status M pki/dogtag/prepare_ca %svn commit Sending pki/dogtag/scripts/prepare_ca Transmitting file data . Committed revision 220.
[builder@dhcp231-124 selinux]$ svn ci -m "Bugzilla BZ 483742" Sending selinux/pki-selinux.spec Transmitting file data . Committed revision 221.
we have successfully built on rhel 5.3 x86 and x86_64