Source: modsecurity-apache Version: 2.9.8-1 Severity: important Tags: ftbfs Justification: FTBFS X-Debbugs-Cc: ni...@thykier.net User: ni...@thykier.net Usertags: rrr-no-as-default-issue
Dear maintainer, During a test rebuild for building packages with `Rules-Requires-Root: no` as the default in `dpkg`, modsecurity-apache failed to rebuild. Log Summary: ------------------------------------------------------------------------------- [...]libtool: compile: gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT -D_GNU_SOURCE -I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include -I/usr/include/apache2 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.1 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DWITH_PCRE_JIT -DREQUEST_EARLY -DGLOBAL_COLLECTION_LOCK -DNDEBUG -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES -DWITH_PCRE2 -DWITH_YAJL -I/usr/include/yajl -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -c re_variables.c -o mod_security2_la-re_variables.o >/dev/null 2>&1 /bin/bash ../libtool --tag=CC --mode=link gcc -I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include -I/usr/include/apache2 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.1 -DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DWITH_PCRE_JIT -DREQUEST_EARLY -DGLOBAL_COLLECTION_LOCK -DNDEBUG -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES -DWITH_PCRE2 -DWITH_YAJL -I/usr/include/yajl -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -no-undefined -module -avoid-version -R /-lpcre2-8 -I/usr/include/libxml2 -Wl,-z,relro -o mod_security2.la -rpath /usr/lib mod_security2_la-acmp.lo mod_security2_la-apache2_config.lo mod_security2_la-apache2_io.lo mod_security2_la-apache2_util.lo libinjection/mod_security2_la-libinjection_html5.lo libinjection/mod_security2_la-libinjection_sqli.lo libinjection/mod_security2_la-libinjection_xss.lo mod_security2_la-mod_security2.lo mod_security2_la-modsecurity.lo mod_security2_la-msc_status_engine.lo mod_security2_la-msc_crypt.lo mod_security2_la-msc_geo.lo mod_security2_la-msc_gsb.lo mod_security2_la-msc_json.lo mod_security2_la-msc_logging.lo mod_security2_la-msc_lua.lo mod_security2_la-msc_multipart.lo mod_security2_la-msc_parsers.lo mod_security2_la-msc_pcre.lo mod_security2_la-msc_release.lo mod_security2_la-msc_remote_rules.lo mod_security2_la-msc_reqbody.lo mod_security2_la-msc_tree.lo mod_security2_la-msc_unicode.lo mod_security2_la-msc_util.lo mod_security2_la-msc_xml.lo mod_security2_la-persist_dbm.lo mod_security2_la-re_actions.lo mod_security2_la-re.lo mod_security2_la-re_operators.lo mod_security2_la-re_tfns.lo mod_security2_la-re_variables.lo /usr/lib/aarch64-linux-gnu/libapr-1.la /usr/lib/aarch64-linux-gnu/libaprutil-1.la -lcurl -I/usr/include/libxml2 -lxml2 -llua5.1 -lpcre2-8 -lyajl libtool: link: gcc -shared -fPIC -DPIC .libs/mod_security2_la-acmp.o .libs/mod_security2_la-apache2_config.o .libs/mod_security2_la-apache2_io.o .libs/mod_security2_la-apache2_util.o libinjection/.libs/mod_security2_la-libinjection_html5.o libinjection/.libs/mod_security2_la-libinjection_sqli.o libinjection/.libs/mod_security2_la-libinjection_xss.o .libs/mod_security2_la-mod_security2.o .libs/mod_security2_la-modsecurity.o .libs/mod_security2_la-msc_status_engine.o .libs/mod_security2_la-msc_crypt.o .libs/mod_security2_la-msc_geo.o .libs/mod_security2_la-msc_gsb.o .libs/mod_security2_la-msc_json.o .libs/mod_security2_la-msc_logging.o .libs/mod_security2_la-msc_lua.o .libs/mod_security2_la-msc_multipart.o .libs/mod_security2_la-msc_parsers.o .libs/mod_security2_la-msc_pcre.o .libs/mod_security2_la-msc_release.o .libs/mod_security2_la-msc_remote_rules.o .libs/mod_security2_la-msc_reqbody.o .libs/mod_security2_la-msc_tree.o .libs/mod_security2_la-msc_unicode.o .libs/mod_security2_la-msc_util.o .libs/mod_security2_la-msc_xml.o .libs/mod_security2_la-persist_dbm.o .libs/mod_security2_la-re_actions.o .libs/mod_security2_la-re.o .libs/mod_security2_la-re_operators.o .libs/mod_security2_la-re_tfns.o .libs/mod_security2_la-re_variables.o /usr/lib/aarch64-linux-gnu/libapr-1.so /usr/lib/aarch64-linux-gnu/libaprutil-1.so -lcurl -lxml2 -llua5.1 -lpcre2-8 -lyajl -g -O2 -fstack-protector-strong -mbranch-protection=standard -Wl,-z -Wl,relro -Wl,-soname -Wl,mod_security2.so -o .libs/mod_security2.so libtool: link: ar cr .libs/mod_security2.a mod_security2_la-acmp.o mod_security2_la-apache2_config.o mod_security2_la-apache2_io.o mod_security2_la-apache2_util.o libinjection/mod_security2_la-libinjection_html5.o libinjection/mod_security2_la-libinjection_sqli.o libinjection/mod_security2_la-libinjection_xss.o mod_security2_la-mod_security2.o mod_security2_la-modsecurity.o mod_security2_la-msc_status_engine.o mod_security2_la-msc_crypt.o mod_security2_la-msc_geo.o mod_security2_la-msc_gsb.o mod_security2_la-msc_json.o mod_security2_la-msc_logging.o mod_security2_la-msc_lua.o mod_security2_la-msc_multipart.o mod_security2_la-msc_parsers.o mod_security2_la-msc_pcre.o mod_security2_la-msc_release.o mod_security2_la-msc_remote_rules.o mod_security2_la-msc_reqbody.o mod_security2_la-msc_tree.o mod_security2_la-msc_unicode.o mod_security2_la-msc_util.o mod_security2_la-msc_xml.o mod_security2_la-persist_dbm.o mod_security2_la-re_actions.o mod_security2_la-re.o mod_security2_la-re_operators.o mod_security2_la-re_tfns.o mod_security2_la-re_variables.o
libtool: link: ranlib .libs/mod_security2.alibtool: link: ( cd ".libs" && rm -f "mod_security2.la" && ln -s "../mod_security2.la" "mod_security2.la" )
make[2]: Leaving directory '/<<PKGBUILDDIR>>/apache2' make[1]: Leaving directory '/<<PKGBUILDDIR>>/apache2' cd mlogc && /usr/bin/make make[1]: Entering directory '/<<PKGBUILDDIR>>/mlogc'gcc -DHAVE_CONFIG_H -I. -I../apache2 -DLINUX -D_REENTRANT -D_GNU_SOURCE -I../apache2 -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/apr-1.0 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -DWITH_PCRE2 -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -c -o mlogc-mlogc.o `test -f 'mlogc.c' || echo './'`mlogc.c
mlogc.c: In function ‘thread_worker’:mlogc.c:1746:29: warning: ‘CURLINFO_SIZE_UPLOAD’ is deprecated: since 7.55.0. Use CURLINFO_SIZE_UPLOAD_T [-Wdeprecated-declarations] 1746 | curl_easy_getinfo(curl, CURLINFO_SIZE_UPLOAD,
| ^~~~~~~~~~~~~~~~~ In file included from mlogc.c:37: /usr/include/aarch64-linux-gnu/curl/curl.h:2871:3: note: declared here2871 | CURLINFO_SIZE_UPLOAD CURL_DEPRECATED(7.55.0, "Use CURLINFO_SIZE_UPLOAD_T")
| ^~~~~~~~~~~~~~~~~~~~/bin/bash ../libtool --tag=CC --mode=link gcc -I/usr/include/apr-1.0 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -DWITH_PCRE2 -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -Wl,-z,relro -o mlogc mlogc-mlogc.o /usr/lib/aarch64-linux-gnu/libapr-1.la -lcurl -lpcre2-8 libtool: link: gcc -I/usr/include/apr-1.0 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -DWITH_PCRE2 -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -Wl,-z -Wl,relro -o mlogc mlogc-mlogc.o /usr/lib/aarch64-linux-gnu/libapr-1.so -lcurl -lpcre2-8
make[1]: Leaving directory '/<<PKGBUILDDIR>>/mlogc'# since we cannot rename with dh_install, create a copy of the file with the desired name
cp mlogc/INSTALL mlogc/README.mlogc touch build-stamp dh_testdir dh_testroot dh_prep dh_installdirs dh_install dh_apache2 dh_testdir -a dh_testroot -a dh_installdocs -acp modsecurity.conf-recommended debian/libapache2-mod-security2/etc/modsecurity
dh_installchangelogs CHANGES -a dh_link -a dh_strip -a # don't compress examples dh_compress -a -Xexample dh_fixperms -a chown www-data debian/libapache2-mod-security2/var/cache/modsecuritychown: changing ownership of 'debian/libapache2-mod-security2/var/cache/modsecurity': Operation not permitted
make: *** [debian/rules:72: binary-arch] Error 1dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2
-------------------------------------------------------------------------------- Build finished at 2024-11-17T12:39:13Z ------------------------------------------------------------------------------- The above is just how the build ends and not necessarily the most relevant part. If required, the full build log is available here: https://people.debian.org/~nthykier/rrr-no-as-default/logs/1023298.gz You can find common solutions at https://people.debian.org/~nthykier/rrr-no-as-default/docs/solutions.md If this is really a bug in one of the build-depends, please use reassign and affects, so that this is still visible in the BTS web page for this package. If this package is listed in https://people.debian.org/~nthykier/rrr-no-as-default/docs/static-ownership.list, then please just set `Rules-Requires-Root: binary-targets` to the source stanza of `debian/control` as a fix to this bug. If this package is listed in https://people.debian.org/~nthykier/rrr-no-as-default/docs/maybe-misbuilds.list, then the package was deemed at risk for misbuilding (having wrong ownership) but had a FTBFS problem we tested it. Please test whether the package works with `Rules-Requires-Root: no` validating that the resulting deb has the correct ownership for all paths in the deb. The goal is to have the default changed in `dpkg` either in `Trixie` or `Forky`, depending on progress and feasibility with the release schedule for Trixie. For more information on this bug filing, please see: https://lists.debian.org/debian-dpkg/2024/11/msg00016.html Thanks, PS: The builds were performed in mid-November. If you fixed the problem between between then and this bug being filed, then please just close the bug with the version it was fixed in.
OpenPGP_signature.asc
Description: OpenPGP digital signature