Your message dated Fri, 10 Jan 2025 10:06:04 +0000
with message-id <[email protected]>
and subject line Bug#1089390: fixed in modsecurity-apache 2.9.8-1.1
has caused the Debian Bug report #1089390,
regarding modsecurity-apache: Supporting rootless builds by default
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1089390: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089390
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: modsecurity-apache
Version: 2.9.8-1
Severity: important
Tags: ftbfs
Justification: FTBFS
X-Debbugs-Cc: [email protected]
User: [email protected]
Usertags: rrr-no-as-default-issue
Dear maintainer,
During a test rebuild for building packages with
`Rules-Requires-Root: no` as the default in `dpkg`,
modsecurity-apache failed to rebuild.
Log Summary:
-------------------------------------------------------------------------------
[...]
libtool: compile: gcc -DHAVE_CONFIG_H -I. -DLINUX -D_REENTRANT
-D_GNU_SOURCE -I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2
-I/usr/include/apr-1.0 -I/usr/include/apr-1.0 -I/usr/include
-I/usr/include/apache2 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
-I/usr/include/libxml2 -DWITH_LUA -I/usr/include/lua5.1
-DWITH_PCRE_STUDY -DMODSEC_PCRE_MATCH_LIMIT=1500
-DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500 -DWITH_PCRE_JIT -DREQUEST_EARLY
-DGLOBAL_COLLECTION_LOCK -DNDEBUG -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES
-DWITH_PCRE2 -DWITH_YAJL -I/usr/include/yajl -g -O2
-Werror=implicit-function-declaration
-ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-fstack-clash-protection -Wformat -Werror=format-security
-mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -c
re_variables.c -o mod_security2_la-re_variables.o >/dev/null 2>&1
/bin/bash ../libtool --tag=CC --mode=link gcc -I/usr/include/apr-1.0
-I/usr/include/apr-1.0 -I/usr/include -I/usr/include/apache2
-DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -I/usr/include/libxml2
-DWITH_LUA -I/usr/include/lua5.1 -DWITH_PCRE_STUDY
-DMODSEC_PCRE_MATCH_LIMIT=1500 -DMODSEC_PCRE_MATCH_LIMIT_RECURSION=1500
-DWITH_PCRE_JIT -DREQUEST_EARLY
-DGLOBAL_COLLECTION_LOCK -DNDEBUG -DWITH_APU_CRYPTO -DWITH_REMOTE_RULES
-DWITH_PCRE2 -DWITH_YAJL -I/usr/include/yajl -g -O2
-Werror=implicit-function-declaration
-ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-fstack-clash-protection -Wformat -Werror=format-security
-mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include
-no-undefined -module -avoid-version -R /-lpcre2-8
-I/usr/include/libxml2 -Wl,-z,relro -o mod_security2.la -rpath /usr/lib
mod_security2_la-acmp.lo mod_security2_la-apache2_config.lo
mod_security2_la-apache2_io.lo mod_security2_la-apache2_util.lo
libinjection/mod_security2_la-libinjection_html5.lo
libinjection/mod_security2_la-libinjection_sqli.lo
libinjection/mod_security2_la-libinjection_xss.lo
mod_security2_la-mod_security2.lo mod_security2_la-modsecurity.lo
mod_security2_la-msc_status_engine.lo mod_security2_la-msc_crypt.lo
mod_security2_la-msc_geo.lo mod_security2_la-msc_gsb.lo
mod_security2_la-msc_json.lo mod_security2_la-msc_logging.lo
mod_security2_la-msc_lua.lo mod_security2_la-msc_multipart.lo
mod_security2_la-msc_parsers.lo mod_security2_la-msc_pcre.lo
mod_security2_la-msc_release.lo mod_security2_la-msc_remote_rules.lo
mod_security2_la-msc_reqbody.lo mod_security2_la-msc_tree.lo
mod_security2_la-msc_unicode.lo mod_security2_la-msc_util.lo
mod_security2_la-msc_xml.lo mod_security2_la-persist_dbm.lo
mod_security2_la-re_actions.lo mod_security2_la-re.lo
mod_security2_la-re_operators.lo mod_security2_la-re_tfns.lo
mod_security2_la-re_variables.lo /usr/lib/aarch64-linux-gnu/libapr-1.la
/usr/lib/aarch64-linux-gnu/libaprutil-1.la -lcurl -I/usr/include/libxml2
-lxml2 -llua5.1 -lpcre2-8 -lyajl libtool: link: gcc -shared -fPIC
-DPIC .libs/mod_security2_la-acmp.o
.libs/mod_security2_la-apache2_config.o
.libs/mod_security2_la-apache2_io.o
.libs/mod_security2_la-apache2_util.o
libinjection/.libs/mod_security2_la-libinjection_html5.o
libinjection/.libs/mod_security2_la-libinjection_sqli.o
libinjection/.libs/mod_security2_la-libinjection_xss.o
.libs/mod_security2_la-mod_security2.o
.libs/mod_security2_la-modsecurity.o
.libs/mod_security2_la-msc_status_engine.o
.libs/mod_security2_la-msc_crypt.o .libs/mod_security2_la-msc_geo.o
.libs/mod_security2_la-msc_gsb.o .libs/mod_security2_la-msc_json.o
.libs/mod_security2_la-msc_logging.o .libs/mod_security2_la-msc_lua.o
.libs/mod_security2_la-msc_multipart.o
.libs/mod_security2_la-msc_parsers.o .libs/mod_security2_la-msc_pcre.o
.libs/mod_security2_la-msc_release.o
.libs/mod_security2_la-msc_remote_rules.o
.libs/mod_security2_la-msc_reqbody.o .libs/mod_security2_la-msc_tree.o
.libs/mod_security2_la-msc_unicode.o .libs/mod_security2_la-msc_util.o
.libs/mod_security2_la-msc_xml.o .libs/mod_security2_la-persist_dbm.o
.libs/mod_security2_la-re_actions.o .libs/mod_security2_la-re.o
.libs/mod_security2_la-re_operators.o .libs/mod_security2_la-re_tfns.o
.libs/mod_security2_la-re_variables.o
/usr/lib/aarch64-linux-gnu/libapr-1.so
/usr/lib/aarch64-linux-gnu/libaprutil-1.so -lcurl -lxml2 -llua5.1
-lpcre2-8 -lyajl -g -O2 -fstack-protector-strong
-mbranch-protection=standard -Wl,-z -Wl,relro -Wl,-soname
-Wl,mod_security2.so -o .libs/mod_security2.so
libtool: link: ar cr .libs/mod_security2.a mod_security2_la-acmp.o
mod_security2_la-apache2_config.o mod_security2_la-apache2_io.o
mod_security2_la-apache2_util.o
libinjection/mod_security2_la-libinjection_html5.o
libinjection/mod_security2_la-libinjection_sqli.o
libinjection/mod_security2_la-libinjection_xss.o
mod_security2_la-mod_security2.o mod_security2_la-modsecurity.o
mod_security2_la-msc_status_engine.o mod_security2_la-msc_crypt.o
mod_security2_la-msc_geo.o mod_security2_la-msc_gsb.o
mod_security2_la-msc_json.o mod_security2_la-msc_logging.o
mod_security2_la-msc_lua.o mod_security2_la-msc_multipart.o
mod_security2_la-msc_parsers.o mod_security2_la-msc_pcre.o
mod_security2_la-msc_release.o mod_security2_la-msc_remote_rules.o
mod_security2_la-msc_reqbody.o mod_security2_la-msc_tree.o
mod_security2_la-msc_unicode.o mod_security2_la-msc_util.o
mod_security2_la-msc_xml.o mod_security2_la-persist_dbm.o
mod_security2_la-re_actions.o mod_security2_la-re.o
mod_security2_la-re_operators.o mod_security2_la-re_tfns.o
mod_security2_la-re_variables.o
libtool: link: ranlib .libs/mod_security2.a
libtool: link: ( cd ".libs" && rm -f "mod_security2.la" && ln -s
"../mod_security2.la" "mod_security2.la" )
make[2]: Leaving directory '/<<PKGBUILDDIR>>/apache2'
make[1]: Leaving directory '/<<PKGBUILDDIR>>/apache2'
cd mlogc && /usr/bin/make
make[1]: Entering directory '/<<PKGBUILDDIR>>/mlogc'
gcc -DHAVE_CONFIG_H -I. -I../apache2 -DLINUX -D_REENTRANT -D_GNU_SOURCE
-I../apache2 -Wdate-time -D_FORTIFY_SOURCE=2 -I/usr/include/apr-1.0
-DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -DWITH_PCRE2 -g -O2
-Werror=implicit-function-declaration
-ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-fstack-clash-protection -Wformat -Werror=format-security
-mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include -c
-o mlogc-mlogc.o `test -f 'mlogc.c' || echo './'`mlogc.c
mlogc.c: In function ‘thread_worker’:
mlogc.c:1746:29: warning: ‘CURLINFO_SIZE_UPLOAD’ is deprecated: since
7.55.0. Use CURLINFO_SIZE_UPLOAD_T [-Wdeprecated-declarations]
1746 | curl_easy_getinfo(curl,
CURLINFO_SIZE_UPLOAD,
| ^~~~~~~~~~~~~~~~~
In file included from mlogc.c:37:
/usr/include/aarch64-linux-gnu/curl/curl.h:2871:3: note: declared here
2871 | CURLINFO_SIZE_UPLOAD CURL_DEPRECATED(7.55.0, "Use
CURLINFO_SIZE_UPLOAD_T")
| ^~~~~~~~~~~~~~~~~~~~
/bin/bash ../libtool --tag=CC --mode=link gcc -I/usr/include/apr-1.0
-DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL -DWITH_PCRE2 -g -O2
-Werror=implicit-function-declaration
-ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-fstack-clash-protection -Wformat -Werror=format-security
-mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include
-Wl,-z,relro -o mlogc mlogc-mlogc.o
/usr/lib/aarch64-linux-gnu/libapr-1.la -lcurl -lpcre2-8 libtool: link:
gcc -I/usr/include/apr-1.0 -DWITH_CURL_SSLVERSION_TLSv1_2 -DWITH_CURL
-DWITH_PCRE2 -g -O2 -Werror=implicit-function-declaration
-ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong
-fstack-clash-protection -Wformat -Werror=format-security
-mbranch-protection=standard -I/usr/include/apr-1.0 -I/usr/include
-Wl,-z -Wl,relro -o mlogc mlogc-mlogc.o
/usr/lib/aarch64-linux-gnu/libapr-1.so -lcurl -lpcre2-8
make[1]: Leaving directory '/<<PKGBUILDDIR>>/mlogc'
# since we cannot rename with dh_install, create a copy of the file with
the desired name
cp mlogc/INSTALL mlogc/README.mlogc
touch build-stamp
dh_testdir
dh_testroot
dh_prep
dh_installdirs
dh_install
dh_apache2
dh_testdir -a
dh_testroot -a
dh_installdocs -a
cp modsecurity.conf-recommended
debian/libapache2-mod-security2/etc/modsecurity
dh_installchangelogs CHANGES -a
dh_link -a
dh_strip -a
# don't compress examples
dh_compress -a -Xexample
dh_fixperms -a
chown www-data debian/libapache2-mod-security2/var/cache/modsecurity
chown: changing ownership of
'debian/libapache2-mod-security2/var/cache/modsecurity': Operation not
permitted
make: *** [debian/rules:72: binary-arch] Error 1
dpkg-buildpackage: error: debian/rules binary subprocess returned exit
status 2
--------------------------------------------------------------------------------
Build finished at 2024-11-17T12:39:13Z
-------------------------------------------------------------------------------
The above is just how the build ends and not necessarily the most
relevant part. If required, the full build log is available here:
https://people.debian.org/~nthykier/rrr-no-as-default/logs/1023298.gz
You can find common solutions at
https://people.debian.org/~nthykier/rrr-no-as-default/docs/solutions.md
If this is really a bug in one of the build-depends, please use
reassign and affects, so that this is still visible in the BTS web
page for this package.
If this package is listed in
https://people.debian.org/~nthykier/rrr-no-as-default/docs/static-ownership.list,
then please just set `Rules-Requires-Root: binary-targets` to the source
stanza of `debian/control` as a fix to this bug.
If this package is listed in
https://people.debian.org/~nthykier/rrr-no-as-default/docs/maybe-misbuilds.list,
then the package was deemed at risk for misbuilding (having wrong
ownership) but had a FTBFS problem we tested it. Please test whether the
package works with `Rules-Requires-Root: no` validating that the
resulting deb has the correct ownership for all paths in the deb.
The goal is to have the default changed in `dpkg` either in `Trixie` or
`Forky`, depending on progress and feasibility with the release schedule
for Trixie.
For more information on this bug filing, please see:
https://lists.debian.org/debian-dpkg/2024/11/msg00016.html
Thanks,
PS: The builds were performed in mid-November. If you fixed the problem
between between then and this bug being filed, then please just close
the bug with the version it was fixed in.
OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: modsecurity-apache
Source-Version: 2.9.8-1.1
Done: Niels Thykier <[email protected]>
We believe that the bug you reported is fixed in the latest version of
modsecurity-apache, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Niels Thykier <[email protected]> (supplier of updated modsecurity-apache
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 31 Dec 2024 12:36:43 +0000
Source: modsecurity-apache
Architecture: source
Version: 2.9.8-1.1
Distribution: unstable
Urgency: medium
Maintainer: Alberto Gonzalez Iniesta <[email protected]>
Changed-By: Niels Thykier <[email protected]>
Closes: 1089390
Changes:
modsecurity-apache (2.9.8-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Mark modsecurity-apache as requiring root.
(Closes: #1089390)
Checksums-Sha1:
43054311ce33d479e717f8a4622be01771475a2d 1866 modsecurity-apache_2.9.8-1.1.dsc
897558ec574c40c3fe6612179d3dc073c189b808 8972
modsecurity-apache_2.9.8-1.1.debian.tar.xz
131733ba5038ec6d6cef4febd013650b884f65b8 8434
modsecurity-apache_2.9.8-1.1_source.buildinfo
Checksums-Sha256:
021491ca57a0d947ed407434889eb3a5f18a4ee9b7f9c55d97461240300b1e9c 1866
modsecurity-apache_2.9.8-1.1.dsc
70a6d319b28676a8460b578e9b19d54cfec440dcedb5667b587c769bfcf33898 8972
modsecurity-apache_2.9.8-1.1.debian.tar.xz
2a2e53ad6747f70d6bd61fcf34165d5f4f70170a326256df5434582a6aff45de 8434
modsecurity-apache_2.9.8-1.1_source.buildinfo
Files:
a02e9bbbdcd214c313998dddb7758097 1866 httpd optional
modsecurity-apache_2.9.8-1.1.dsc
52b1ccd3e8b68d63840ecd32b49b56ee 8972 httpd optional
modsecurity-apache_2.9.8-1.1.debian.tar.xz
7aa05e9628891456801befd3d361b1f8 8434 httpd optional
modsecurity-apache_2.9.8-1.1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFGBAEBCgAwFiEE9ecZmu9eXGflVYc/dA1oiINl0okFAmdz5cMSHG5pZWxzQHRo
eWtpZXIubmV0AAoJEHQNaIiDZdKJ0lEH/R6MqAYKZKlB2v7RXLMr3tJXe1yk+dhb
Q6sB7PyQzqScTUsgv8pWF5zLe78Lvov6/3tS9G+zcAzoIN8MmlOglzmQRUkPF7ZU
6wVmjt+Rf0XsQDmmBwrIIrwzPDDmbqgZdCcy4xdeBZ3QCmKVN7ulvvf9p4JgfaYo
RzmkYLeihZc7sSG6qrlnKlENCuvDuvSjib/JDqZ/ARbw0cQosZeah6moUBv1dV0Y
PQ/iLMNItAuTry7lFTlVgzRiNFvw1TNaHQyPRrg6UML6YjL1nF8X0UYihVVZekjW
uHSp/kpSeYur1zg3e8o0PWnirNIxrTt/1DDOoteLQML75KMbn8kM6kc=
=EQzK
-----END PGP SIGNATURE-----
pgpGdx8Uv_gb9.pgp
Description: PGP signature
--- End Message ---
