Unable to build ports depending on security/nss

Update 2018-05-29T19:27+0200

synth 2.05 was released not long ago. None of the below applies.


r469956 made changes to the way ldconfig is being run when installing packages. This becomes aggravated when shared libraries doesn’t follow the glob pattern lib*.so.[0-9].


Update 2018-05-28T18:44+0200

Ignore those stupid Makefile.local files at the bottom of this post. Until a newer version of synth has appeared (> 2.04), use these patches for synth based on the latest commits to the synth repo.

--- src/replicant.ads	2018-05-08 19:44:01.000000000 +0200
+++ src/replicant.ads	2018-05-28 17:07:32.024310000 +0200
@@ -206,6 +206,10 @@
    --  copy host's conf defaults
    procedure copy_rc_default (path_to_etc : String);
 
+   procedure copy_etc_rcsubr (path_to_etc : String);
+
+   procedure copy_ldconfig (path_to_etc : String);
+
    --  create minimal /etc/services
    procedure create_etc_services (path_to_etc : String);
 
--- src/replicant.adb	2018-05-08 19:44:01.000000000 +0200
+++ src/replicant.adb	2018-05-28 17:07:32.023963000 +0200
@@ -838,6 +838,39 @@
    end copy_rc_default;
 
 
+   -------------------
+   --  copy_etc_rc  --
+   -------------------
+   procedure copy_etc_rcsubr (path_to_etc : String)
+   is
+      rcsubr     : constant String := "/rc.subr";
+      etc_rcsubr : constant String := "/etc" & rcsubr;
+   begin
+      if not AD.Exists (etc_rcsubr) then
+         return;
+      end if;
+      AD.Copy_File (Source_Name => etc_rcsubr,
+                    Target_Name => path_to_etc & rcsubr);
+   end copy_etc_rcsubr;
+
+
+   ---------------------
+   --  copy_ldconfig  --
+   ---------------------
+   procedure copy_ldconfig (path_to_etc : String)
+   is
+      ldconfig     : constant String := "/rc.d/ldconfig";
+      etc_ldconfig : constant String := "/etc" & ldconfig;
+   begin
+      if not AD.Exists (etc_ldconfig) then
+         return;
+      end if;
+      AD.Copy_File (Source_Name => etc_ldconfig,
+                    Target_Name => path_to_etc & ldconfig,
+                    Form => "mode=copy,preserve=all_attributes");
+   end copy_ldconfig;
+
+
    ---------------------------
    --  create_etc_services  --
    ---------------------------
@@ -1202,6 +1235,8 @@
       create_etc_services (location (slave_base, etc));
       create_etc_shells   (location (slave_base, etc));
       create_etc_fstab    (location (slave_base, etc));
+      copy_etc_rcsubr     (location (slave_base, etc));
+      copy_ldconfig       (location (slave_base, etc));
 
       execute_ldconfig (id);
 

Original post follows

security/nss is one of these little buggers with its shared libraries named as shown in the list below:

  • lib/nss/libfreebl3.so
  • lib/nss/libfreeblpriv3.so
  • lib/nss/libnss3.so
  • lib/nss/libnssckbi.so
  • lib/nss/libnssdbm3.so
  • lib/nss/libnssutil3.so
  • lib/nss/libsmime3.so
  • lib/nss/libsoftokn3.so
  • lib/nss/libssl3.so

Users of ports-mgmt/synth, like myself, suffer the consequences. For some unknown reason, users of ports-mgmt/poudriere doesn’t suffer any such consequences.

I refrained from reporting this issue, and waited instead for others to discover and report it, hopefully disproving any errors on my part. See PR 228540.

Shortsighted solutions became apparent after reading a concurrent discussion on security/nss on the freebsd-stable mailling list.

pre-build:
	ldconfig -im $(LOCALBASE)/lib/nss
pre-configure:
	ldconfig -im $(LOCALBASE)/lib/nss
pre-build:
	ldconfig -im $(LOCALBASE)/lib/nss
pre-build:
	ldconfig -im $(LOCALBASE)/lib/nss

Leave a Reply

Your email address will not be published. Required fields are marked *