Bug 773343 - rpms build failure (openssh-5.8p1-fips.patch cannot be applied)
Summary: rpms build failure (openssh-5.8p1-fips.patch cannot be applied)
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 16
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Petr Lautrbach
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-01-11 15:14 UTC by Mr-4
Modified: 2013-02-14 02:15 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2013-02-14 02:14:46 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Mr-4 2012-01-11 15:14:55 UTC
Description of problem:
When using the following setup in my openssh.spec file:

=============
# Do we want SELinux & Audit
%if 0%{?!noselinux:1}
%define WITH_SELINUX 1
%else
%define WITH_SELINUX 0
%endif

# OpenSSH privilege separation requires a user & group ID
%define sshd_uid    74
%define sshd_gid    74

# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%define no_gnome_askpass 0

# Do we want to link against a static libcrypto? (1=yes 0=no)
%define static_libcrypto 0

# Do we want smartcard support (1=yes 0=no)
#Smartcard support is broken from 5.4p1
%define scard 0

# Use GTK2 instead of GNOME in gnome-ssh-askpass
%define gtk2 0

# Build position-independent executables (requires toolchain support)?
%define pie 1

# Do we want kerberos5 support (1=yes 0=no)
%define kerberos5 0

# Do we want libedit support
%define libedit 0

# Do we want LDAP support
%define ldap 0

# Do we want NSS tokens support
# NSS support is broken from 5.4p1
%define nss 0

# Whether or not /sbin/nologin exists.
%define nologin 1

# Whether to build pam_ssh_agent_auth
%if 0%{?!nopam:1}
%define pam_ssh_agent 1
%else
%define pam_ssh_agent 0
%endif
=============

I get the following error when executing "rpbmuild -bb openssh.spec":

+ /bin/cat /home/mr-4/rpmbuild/SOURCES/openssh-5.8p1-fips.patch
+ /usr/bin/patch -s -p1 -b --suffix .fips --fuzz=0
1 out of 2 hunks FAILED -- saving rejects to file Makefile.in.rej
error: Bad exit status from /var/tmp/rpm-tmp.Z2VATM (%prep)

In other words, the -fips patch cannot be applied for some reason.

Version-Release number of selected component (if applicable):
5.8p2 (the latest available on FC15)

How reproducible:
Always

Steps to Reproduce:
1. rpm -ivh openssh-*.src.rpm && cd ~/rpmbuild/SPECS
2. gedit openssh.spec and alter the configuration as indicated above
3. rpmbuild -bb openssh.spec
  
Actual results:
The above error

Expected results:
The patch to be applied cleanly

Additional info:

Comment 1 Petr Lautrbach 2012-02-03 13:33:51 UTC
This will need little rework of openssh-5.8p1-ldap.patch - change Makefile to not add ldap helper to TARGETS when INSTALL_SSH_LDAP_HELPER is not set, and change .spec file to always use ldap patch.

Comment 2 Fedora End Of Life 2013-02-14 02:15:32 UTC
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.