[gentoo-releng-autobuilds] [amd64-auto] Catalyst fatal build error - hardened/stage4-nomultilib-cloud.spec - gentoo-releng-autobuilds

From:	catalyst@×××××××××××××××××.org
To:	releng@g.o, gentoo-releng-autobuilds@l.g.o
Subject:	[gentoo-releng-autobuilds] [amd64-auto] Catalyst fatal build error - hardened/stage4-nomultilib-cloud.spec
Date:	Fri, 15 Jan 2016 00:19:09
Message-Id:	`20160115001904.47BBF2DFF4@nightheron.gentoo.org`

1

udev and udev-trigger will be added to your sysinit runlevel, but not

2

udev-settle. udev-settle should not be added to a runlevel. Instead, if

3

a service needs this, it should add "need udev-settle" to its

4

dependencies.

5

6

7

2015-07-25-python-targets

8

  Title                     Python 3.4 enabled by default

9

  Author                    Mike Gilbert <floppym@g.o>

10

  Posted                    2015-07-25

11

  Revision                  1

12

13

Python 3.4 is now enabled by default, replacing Python 3.3 as the

14

default Python 3 interpreter.

15

16

PYTHON_TARGETS will be adjusted to contain python2_7 and python3_4 by

17

default via your profile.

18

19

PYTHON_SINGLE_TARGET will remain set to python2_7 by default.

20

21

If you have PYTHON_TARGETS set in make.conf, that setting will still be

22

respected. You may want to adjust this setting manually.

23

24

Once the changes have taken place, a world update should take care of

25

reinstalling any python libraries you have installed. You should also

26

switch your default python3 interpreter using eselect python.

27

28

For example:

29

30

eselect python set --python3 python3.4

31

emerge -uDv --changed-use @world

32

33

2015-08-13-openssh-weak-keys

34

  Title                     OpenSSH 7.0 disables ssh-dss keys by default

35

  Author                    Mike Frysinger <vapier@g.o>

36

  Posted                    2015-08-13

37

  Revision                  1

38

39

Starting with the 7.0 release of OpenSSH, support for ssh-dss keys has

40

been disabled by default at runtime due to their inherit weakness.  If

41

you rely on these key types, you will have to take corrective action or

42

risk being locked out.

43

44

Your best option is to generate new keys using strong algos such as rsa

45

or ecdsa or ed25519.  RSA keys will give you the greatest portability

46

with other clients/servers while ed25519 will get you the best security

47

with OpenSSH (but requires recent versions of client & server).

48

49

If you are stuck with DSA keys, you can re-enable support locally by

50

updating your sshd_config and ~/.ssh/config files with lines like so:

51

	PubkeyAcceptedKeyTypes=+ssh-dss

52

53

Be aware though that eventually OpenSSH will drop support for DSA keys

54

entirely, so this is only a stop gap solution.

55

56

More details can be found on OpenSSH's website:

57

	http://www.openssh.com/legacy.html

58

59

2015-10-21-future-support-of-hardened-sources-kernel

60

  Title                     Future Support of hardened-sources Kernel

61

  Author                    Anthony G. Basile <blueness@g.o>

62

  Posted                    2015-10-21

63

  Revision                  3

64

65

For many years, the Grsecurity team [1] has been supporting two versions of

66

their security patches against the Linux kernel, a stable and a testing

67

version, and Gentoo has made both of these available to our users through the

68

hardened-sources package.  However, on August 26 of this year, the team

69

announced they would no longer be making the stable version publicly

70

available, citing trademark infringement by a major embedded systems company

71

as the reason. [2]  The stable patches are now only available to sponsors of

72

Grsecurity and can no longer be distributed in Gentoo.  However, the team did

73

assure us that they would continue to release and support the testing version

74

as they have in the past.

75

76

What does this means for users of hardened-sources?  Gentoo will continue to

77

make the testing version available through our hardened-sources package but we

78

will have to drop support for the 3.x series.  In a few days, those ebuilds

79

will be removed from the tree and you will be required to upgrade to a 4.x

80

series kernel.  Since the hardened-sources package only installs the kernel

81

source tree, you can continue using a currently built 3.x series kernel but

82

bear in mind that we cannot support you, nor will upstream.  Also keep in mind

83

that the 4.x series will not be as reliable as the 3.x series was, so

84

reporting bugs promptly will be even more important.  Gentoo will continue to

85

work closely with upstream to stay on top of any problems, but be prepared for

86

the occasional "bad" kernel.  The more reporting we receive from our users,

87

the better we will be able to decide which hardened-sources kernels to mark

88

stable and which to drop.

89

90

Refs.

91

[1] https://grsecurity.net

92

[2] https://grsecurity.net/announce.php

93

94

2016-01-08-some-dhcpcd-hooks-are-now-examples

95

  Title                     Some dhcpcd hooks are now examples

96

  Author                    William Hubbs <williamh@g.o>

97

  Posted                    2016-01-08

98

  Revision                  2

99

100

In dhcpcd-6.10.0, the following hooks are no longer installed in

101

/lib/dhcpcd/dhcpcd-hooks by default:

102

103

10-wpa_supplicant

104

15-timezone

105

29-lookup-hostname

106

107

These are now installed in /usr/share/dhcpcd/hooks, which is an example

108

directory.

109

110

If you were using these hooks before you upgrade to 6.10.0, you will

111

need to copy them back to the /lib/dhcpcd/dhcpcd-hooks directory after the

112

upgrade.

113

114

>>> Building file list for distfiles cleaning...

115

>>> Cleaning distfiles...

116

 [    1.0 M ] LVM2.2.02.88.tgz

117

 [  119.7 K ] MAKEDEV-3.23-1.tar.gz

118

 [    2.1 M ] busybox-1.20.2.tar.bz2

119

 [  994.6 K ] cpio-2.11.tar.bz2

120

 [  227.3 K ] dmraid-1.0.0.rc16-3.tar.bz2

121

 [  493.5 K ] fuse-2.8.6.tar.gz

122

 [  276.3 K ] genkernel-3.4.52.3.tar.xz

123

 [    3.2 M ] gnupg-1.4.11.tar.bz2

124

 [  285.8 K ] mdadm-3.1.5.tar.bz2

125

 [    1.8 M ] nano-2.4.3.tar.gz

126

 [  879.0 K ] open-iscsi-2.0-872.tar.gz

127

 [   29.7 K ] unionfs-fuse-0.24.tar.bz2

128

 ===========

129

 [   11.3 M ] Total space from 12 files were freed in the distfiles directory

130

passwd: password expiry information changed.

131

passwd: password expiry information changed.

132

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/cloud-prep.sh from the chroot

133

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/chroot-functions.sh from the chroot

134

--- Running action sequence: preclean

135

Copying stage4-preclean-chroot.sh to //tmp

136

copying stage4-preclean-chroot.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp

137

copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp

138

Ensure the file has the executable bit set

139

Running stage4-preclean-chroot.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//

140

>>> Regenerating /etc/ld.so.cache...

141

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp/stage4-preclean-chroot.sh from the chroot

142

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp/chroot-functions.sh from the chroot

143

--- Running action sequence: rcupdate

144

Copying rc-update.sh to /tmp

145

copying rc-update.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp

146

copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp

147

Ensure the file has the executable bit set

148

Running rc-update.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/

149

Adding acpid to default

150

 * service acpid added to runlevel default

151

Adding cloud-config to default

152

 * service cloud-config added to runlevel default

153

Adding cloud-final to default

154

 * service cloud-final added to runlevel default

155

Adding cloud-init-local to default

156

 * service cloud-init-local added to runlevel default

157

Adding cloud-init to default

158

 * service cloud-init added to runlevel default

159

Adding cronie to default

160

 * service cronie added to runlevel default

161

Adding dhcpcd to default

162

 * service dhcpcd added to runlevel default

163

Adding net.lo to default

164

 * service net.lo added to runlevel default

165

Adding netmount to default

166

 * rc-update: netmount already installed in runlevel `default'; skipping

167

Adding sshd to default

168

 * service sshd added to runlevel default

169

Adding syslog-ng to default

170

 * service syslog-ng added to runlevel default

171

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/rc-update.sh from the chroot

172

removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/chroot-functions.sh from the chroot

173

--- Running action sequence: unmerge

174

Copying unmerge.sh to /tmp

175

copying unmerge.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp

176

copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp

177

Ensure the file has the executable bit set

178

Running unmerge.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/

179

>>> Regenerating /etc/ld.so.cache...

180

emerge --quiet --usepkg --buildpkg --newuse -C sys-kernel/genkernel sys-kernel/gentoo-sources

181

182

--- Couldn't find 'sys-kernel/genkernel' to unmerge.

183

184

--- Couldn't find 'sys-kernel/gentoo-sources' to unmerge.

185

186

!!! catalyst: Unmerge script failed.

187

188

Traceback (most recent call last):

189

File "/usr/lib64/catalyst/catalyst", line 218, in build_target

190

    mytarget.run()

191

File "modules/generic_stage_target.py", line 1304, in run

192

    apply(getattr(self,x))

193

File "modules/generic_stage_target.py", line 1336, in unmerge

194

    env=self.env)

195

File "/usr/lib64/catalyst//modules/catalyst_support.py", line 541, in cmd

196

    raise CatalystError,myexc

197

CatalystError

198

!!! catalyst: Error encountered during run of target stage4

199

Catalyst aborting....

200

lockfile does not exist '/release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/.catalyst_lock'

Full build log at /release/tmp/run/catalyst-auto.B7rM4z/log/hardened_stage4-nomultilib-cloud.log

1	udev and udev-trigger will be added to your sysinit runlevel, but not
2	udev-settle. udev-settle should not be added to a runlevel. Instead, if
3	a service needs this, it should add "need udev-settle" to its
4	dependencies.
5
6
7	2015-07-25-python-targets
8	Title Python 3.4 enabled by default
9	Author Mike Gilbert <floppym@g.o>
10	Posted 2015-07-25
11	Revision 1
12
13	Python 3.4 is now enabled by default, replacing Python 3.3 as the
14	default Python 3 interpreter.
15
16	PYTHON_TARGETS will be adjusted to contain python2_7 and python3_4 by
17	default via your profile.
18
19	PYTHON_SINGLE_TARGET will remain set to python2_7 by default.
20
21	If you have PYTHON_TARGETS set in make.conf, that setting will still be
22	respected. You may want to adjust this setting manually.
23
24	Once the changes have taken place, a world update should take care of
25	reinstalling any python libraries you have installed. You should also
26	switch your default python3 interpreter using eselect python.
27
28	For example:
29
30	eselect python set --python3 python3.4
31	emerge -uDv --changed-use @world
32
33	2015-08-13-openssh-weak-keys
34	Title OpenSSH 7.0 disables ssh-dss keys by default
35	Author Mike Frysinger <vapier@g.o>
36	Posted 2015-08-13
37	Revision 1
38
39	Starting with the 7.0 release of OpenSSH, support for ssh-dss keys has
40	been disabled by default at runtime due to their inherit weakness. If
41	you rely on these key types, you will have to take corrective action or
42	risk being locked out.
43
44	Your best option is to generate new keys using strong algos such as rsa
45	or ecdsa or ed25519. RSA keys will give you the greatest portability
46	with other clients/servers while ed25519 will get you the best security
47	with OpenSSH (but requires recent versions of client & server).
48
49	If you are stuck with DSA keys, you can re-enable support locally by
50	updating your sshd_config and ~/.ssh/config files with lines like so:
51	PubkeyAcceptedKeyTypes=+ssh-dss
52
53	Be aware though that eventually OpenSSH will drop support for DSA keys
54	entirely, so this is only a stop gap solution.
55
56	More details can be found on OpenSSH's website:
57	http://www.openssh.com/legacy.html
58
59	2015-10-21-future-support-of-hardened-sources-kernel
60	Title Future Support of hardened-sources Kernel
61	Author Anthony G. Basile <blueness@g.o>
62	Posted 2015-10-21
63	Revision 3
64
65	For many years, the Grsecurity team [1] has been supporting two versions of
66	their security patches against the Linux kernel, a stable and a testing
67	version, and Gentoo has made both of these available to our users through the
68	hardened-sources package. However, on August 26 of this year, the team
69	announced they would no longer be making the stable version publicly
70	available, citing trademark infringement by a major embedded systems company
71	as the reason. [2] The stable patches are now only available to sponsors of
72	Grsecurity and can no longer be distributed in Gentoo. However, the team did
73	assure us that they would continue to release and support the testing version
74	as they have in the past.
75
76	What does this means for users of hardened-sources? Gentoo will continue to
77	make the testing version available through our hardened-sources package but we
78	will have to drop support for the 3.x series. In a few days, those ebuilds
79	will be removed from the tree and you will be required to upgrade to a 4.x
80	series kernel. Since the hardened-sources package only installs the kernel
81	source tree, you can continue using a currently built 3.x series kernel but
82	bear in mind that we cannot support you, nor will upstream. Also keep in mind
83	that the 4.x series will not be as reliable as the 3.x series was, so
84	reporting bugs promptly will be even more important. Gentoo will continue to
85	work closely with upstream to stay on top of any problems, but be prepared for
86	the occasional "bad" kernel. The more reporting we receive from our users,
87	the better we will be able to decide which hardened-sources kernels to mark
88	stable and which to drop.
89
90	Refs.
91	[1] https://grsecurity.net
92	[2] https://grsecurity.net/announce.php
93
94	2016-01-08-some-dhcpcd-hooks-are-now-examples
95	Title Some dhcpcd hooks are now examples
96	Author William Hubbs <williamh@g.o>
97	Posted 2016-01-08
98	Revision 2
99
100	In dhcpcd-6.10.0, the following hooks are no longer installed in
101	/lib/dhcpcd/dhcpcd-hooks by default:
102
103	10-wpa_supplicant
104	15-timezone
105	29-lookup-hostname
106
107	These are now installed in /usr/share/dhcpcd/hooks, which is an example
108	directory.
109
110	If you were using these hooks before you upgrade to 6.10.0, you will
111	need to copy them back to the /lib/dhcpcd/dhcpcd-hooks directory after the
112	upgrade.
113
114	>>> Building file list for distfiles cleaning...
115	>>> Cleaning distfiles...
116	[ 1.0 M ] LVM2.2.02.88.tgz
117	[ 119.7 K ] MAKEDEV-3.23-1.tar.gz
118	[ 2.1 M ] busybox-1.20.2.tar.bz2
119	[ 994.6 K ] cpio-2.11.tar.bz2
120	[ 227.3 K ] dmraid-1.0.0.rc16-3.tar.bz2
121	[ 493.5 K ] fuse-2.8.6.tar.gz
122	[ 276.3 K ] genkernel-3.4.52.3.tar.xz
123	[ 3.2 M ] gnupg-1.4.11.tar.bz2
124	[ 285.8 K ] mdadm-3.1.5.tar.bz2
125	[ 1.8 M ] nano-2.4.3.tar.gz
126	[ 879.0 K ] open-iscsi-2.0-872.tar.gz
127	[ 29.7 K ] unionfs-fuse-0.24.tar.bz2
128	===========
129	[ 11.3 M ] Total space from 12 files were freed in the distfiles directory
130	passwd: password expiry information changed.
131	passwd: password expiry information changed.
132	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/cloud-prep.sh from the chroot
133	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/chroot-functions.sh from the chroot
134	--- Running action sequence: preclean
135	Copying stage4-preclean-chroot.sh to //tmp
136	copying stage4-preclean-chroot.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp
137	copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp
138	Ensure the file has the executable bit set
139	Running stage4-preclean-chroot.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//
140	>>> Regenerating /etc/ld.so.cache...
141	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp/stage4-preclean-chroot.sh from the chroot
142	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114///tmp/chroot-functions.sh from the chroot
143	--- Running action sequence: rcupdate
144	Copying rc-update.sh to /tmp
145	copying rc-update.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp
146	copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp
147	Ensure the file has the executable bit set
148	Running rc-update.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/
149	Adding acpid to default
150	* service acpid added to runlevel default
151	Adding cloud-config to default
152	* service cloud-config added to runlevel default
153	Adding cloud-final to default
154	* service cloud-final added to runlevel default
155	Adding cloud-init-local to default
156	* service cloud-init-local added to runlevel default
157	Adding cloud-init to default
158	* service cloud-init added to runlevel default
159	Adding cronie to default
160	* service cronie added to runlevel default
161	Adding dhcpcd to default
162	* service dhcpcd added to runlevel default
163	Adding net.lo to default
164	* service net.lo added to runlevel default
165	Adding netmount to default
166	* rc-update: netmount already installed in runlevel `default'; skipping
167	Adding sshd to default
168	* service sshd added to runlevel default
169	Adding syslog-ng to default
170	* service syslog-ng added to runlevel default
171	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/rc-update.sh from the chroot
172	removing /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp/chroot-functions.sh from the chroot
173	--- Running action sequence: unmerge
174	Copying unmerge.sh to /tmp
175	copying unmerge.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp
176	copying chroot-functions.sh to /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114//tmp
177	Ensure the file has the executable bit set
178	Running unmerge.sh in chroot /release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/
179	>>> Regenerating /etc/ld.so.cache...
180	emerge --quiet --usepkg --buildpkg --newuse -C sys-kernel/genkernel sys-kernel/gentoo-sources
181
182	--- Couldn't find 'sys-kernel/genkernel' to unmerge.
183
184	--- Couldn't find 'sys-kernel/gentoo-sources' to unmerge.
185
186	!!! catalyst: Unmerge script failed.
187
188	Traceback (most recent call last):
189	File "/usr/lib64/catalyst/catalyst", line 218, in build_target
190	mytarget.run()
191	File "modules/generic_stage_target.py", line 1304, in run
192	apply(getattr(self,x))
193	File "modules/generic_stage_target.py", line 1336, in unmerge
194	env=self.env)
195	File "/usr/lib64/catalyst//modules/catalyst_support.py", line 541, in cmd
196	raise CatalystError,myexc
197	CatalystError
198	!!! catalyst: Error encountered during run of target stage4
199	Catalyst aborting....
200	lockfile does not exist '/release/buildroot/amd64-dev/tmp/hardened/stage4-amd64-hardened+cloud-nomultilib-20160114/.catalyst_lock'
201
202
203
204	Full build log at /release/tmp/run/catalyst-auto.B7rM4z/log/hardened_stage4-nomultilib-cloud.log

Gentoo Archives: gentoo-releng-autobuilds