Bug 773343 - rpms build failure (openssh-5.8p1-fips.patch cannot be applied)
rpms build failure (openssh-5.8p1-fips.patch cannot be applied)
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-01-11 10:14 EST by Mr-4
Modified: 2013-02-13 21:15 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-02-13 21:14:46 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Mr-4 2012-01-11 10:14:55 EST
Description of problem:
When using the following setup in my openssh.spec file:

# Do we want SELinux & Audit
%if 0%{?!noselinux:1}
%define WITH_SELINUX 1
%define WITH_SELINUX 0

# OpenSSH privilege separation requires a user & group ID
%define sshd_uid    74
%define sshd_gid    74

# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%define no_gnome_askpass 0

# Do we want to link against a static libcrypto? (1=yes 0=no)
%define static_libcrypto 0

# Do we want smartcard support (1=yes 0=no)
#Smartcard support is broken from 5.4p1
%define scard 0

# Use GTK2 instead of GNOME in gnome-ssh-askpass
%define gtk2 0

# Build position-independent executables (requires toolchain support)?
%define pie 1

# Do we want kerberos5 support (1=yes 0=no)
%define kerberos5 0

# Do we want libedit support
%define libedit 0

# Do we want LDAP support
%define ldap 0

# Do we want NSS tokens support
# NSS support is broken from 5.4p1
%define nss 0

# Whether or not /sbin/nologin exists.
%define nologin 1

# Whether to build pam_ssh_agent_auth
%if 0%{?!nopam:1}
%define pam_ssh_agent 1
%define pam_ssh_agent 0

I get the following error when executing "rpbmuild -bb openssh.spec":

+ /bin/cat /home/mr-4/rpmbuild/SOURCES/openssh-5.8p1-fips.patch
+ /usr/bin/patch -s -p1 -b --suffix .fips --fuzz=0
1 out of 2 hunks FAILED -- saving rejects to file Makefile.in.rej
error: Bad exit status from /var/tmp/rpm-tmp.Z2VATM (%prep)

In other words, the -fips patch cannot be applied for some reason.

Version-Release number of selected component (if applicable):
5.8p2 (the latest available on FC15)

How reproducible:

Steps to Reproduce:
1. rpm -ivh openssh-*.src.rpm && cd ~/rpmbuild/SPECS
2. gedit openssh.spec and alter the configuration as indicated above
3. rpmbuild -bb openssh.spec
Actual results:
The above error

Expected results:
The patch to be applied cleanly

Additional info:
Comment 1 Petr Lautrbach 2012-02-03 08:33:51 EST
This will need little rework of openssh-5.8p1-ldap.patch - change Makefile to not add ldap helper to TARGETS when INSTALL_SSH_LDAP_HELPER is not set, and change .spec file to always use ldap patch.
Comment 2 Fedora End Of Life 2013-02-13 21:15:32 EST
Fedora 16 changed to end-of-life (EOL) status on 2013-02-12. Fedora 16 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.