Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trying to compile a package with pkgsrc fails always #434

Open
jcea opened this issue Nov 30, 2016 · 9 comments

Comments

@jcea
Copy link

commented Nov 30, 2016

Following instructions in https://pkgsrc.joyent.com/docs/building/ . Checking out pkgsrc release "joyent/release/2016Q3".

Trying to compile from source any package will fail always with the same error:

# cd pkgsrc/lang/python35
=> Bootstrap dependency digest>=20010302: NOT found
=> Verifying reinstall for ../../pkgtools/digest
===> Skipping vulnerability checks.
WARNING: No /opt/local/pkg/pkg-vulnerabilities file found.
WARNING: To fix run: `/opt/local/sbin/pkg_admin -K /opt/local/pkg fetch-pkg-vulnerabilities'.
===> Installing for digest-20160304
/usr/bin/bash ./mkinstalldirs /home/pkgsrc/pkgsrc/pkgtools/digest/work/.destdir/opt/local/bin
/opt/local/bin/bsdinstall -c -s -o root -g root -m 755 digest /home/pkgsrc/pkgsrc/pkgtools/digest/work/.destdir/opt/local/bin/digest
/usr/bin/bash ./mkinstalldirs /home/pkgsrc/pkgsrc/pkgtools/digest/work/.destdir/opt/local/man/man1
/opt/local/bin/bsdinstall -c -o root -g root -m 644 digest.1 /home/pkgsrc/pkgsrc/pkgtools/digest/work/.destdir/opt/local/man/man1/digest.1
=> Automatic manual page handling
=> Creating binary package /home/pkgsrc/pkgsrc/pkgtools/digest/work/.packages/digest-20160304.tgz
===> Building binary package for digest-20160304
=> Creating binary package /home/pkgsrc/pkgsrc/packages/All/digest-20160304.tgz
===> Installing binary package of digest-20160304
pkg_add: No valid signature found, rejected
pkg_add: 1 package addition failed
*** Error code 1

Stop.
bmake[3]: stopped in /home/pkgsrc/pkgsrc/pkgtools/digest
*** Error code 1

Stop.
bmake[2]: stopped in /home/pkgsrc/pkgsrc/pkgtools/digest
*** Error code 1

Stop.
bmake[1]: stopped in /home/pkgsrc/pkgsrc/pkgtools/digest
*** Error code 1

Stop.
bmake: stopped in /home/pkgsrc/pkgsrc/lang/python35

Every package that I try fails with the same error.

@wiedi

This comment has been minimized.

Copy link

commented Nov 30, 2016

You'll have to comment out the line VERIFIED_INSTALLATION=always in /opt/local/etc/pkg_install.conf or setup package signing.

This should probably be noted in the documentation you linked.

@jcea

This comment has been minimized.

Copy link
Author

commented Nov 30, 2016

Can I disable that verification only for local "pkgsrc" packages builds?. I don't want to disable it for packages installed with "pkgin".

@jcea

This comment has been minimized.

Copy link
Author

commented Nov 30, 2016

Details about how to locally sign packages welcomed :). Currently "pkgsrc" source package builds are not usable :-(

@jperkin jperkin self-assigned this Nov 30, 2016

@jperkin

This comment has been minimized.

Copy link
Member

commented Nov 30, 2016

There's no way to differentiate whether a package was built locally or by someone else, so for now you'll need to either disable VERIFIED_INSTALLATION or use pkg_add -C /dev/null. I want to find a decent way to work around this issue but it's not trivial unfortunately.

@jperkin

This comment has been minimized.

Copy link
Member

commented Nov 30, 2016

Also note that it's much quicker to get up to speed by using the pkgbuild image, this is a pre-populated image with the tools we use to build official packages, rather than having to do everything by hand. See https://github.com/joyent/pkgbuild/ for more information.

@jcea

This comment has been minimized.

Copy link
Author

commented Nov 30, 2016

I think this is specially important because even commenting out "VERIFIED_INSTALLATION=always" ONLY for the duration of the build step will leaves us vulnerable to hijacked dependencies automatically brought to fulfill the compilation step.

@jperkin

This comment has been minimized.

Copy link
Member

commented Nov 30, 2016

You can run bmake depends to pull them in first if this is a concern.

@jcea

This comment has been minimized.

Copy link
Author

commented Dec 1, 2016

Good idea about the pkgbuild image. I will try out.

Thanks for the "bmake depends" hint too. Is there any way to learn about the available "bmake" targets?.

@jperkin

This comment has been minimized.

Copy link
Member

commented Dec 15, 2016

The list of primary targets is documented at the top of https://github.com/joyent/pkgsrc/blob/trunk/mk/bsd.pkg.mk and you can use the help target to provide more information on them, e.g.:

$ bmake help topic=depends
===> mk/depends/bsd.depends.mk (keywords: depends dependencies SKIP_DEPENDS):
# This Makefile fragment is included by bsd.pkg.mk and provides all
# variables and targets related to dependencies.
#
# The following are the "public" targets provided by this module:
#
#    depends, bootstrap-depends, install-depends
#
# The following variables may be set by the pkgsrc user:
#
# SKIP_DEPENDS
#	Whether to run the ``depends'' phase.  This is probably only
#	useful for pkgsrc developers.
#
#	Default value: no
#

Otherwise if you want more internal details then have a read through the various files under https://github.com/joyent/pkgsrc/blob/trunk/mk

jperkin pushed a commit that referenced this issue Mar 6, 2017

wiz
Updated py-dulwich to 0.17.1.
0.17.1	2017-03-01

 IMPROVEMENTS

 * Add basic 'dulwich pull' command. (Jelmer Vernooij)

 BUG FIXES

 * Cope with existing submodules during pull.
   (Jelmer Vernooij, #505)

0.17.0	2017-03-01

 TEST FIXES

 * Skip test that requires sync to synchronize filesystems if os.sync is
   not available. (Koen Martens)

 IMPROVEMENTS

 * Implement MemoryRepo.{set_description,get_description}.
   (Jelmer Vernooij)

 * Raise exception in Repo.stage() when absolute paths are
   passed in. Allow passing in relative paths to
   porcelain.add().(Jelmer Vernooij)

 BUG FIXES

 * Handle multi-line quoted values in config files.
   (Jelmer Vernooij, #495)

 * Allow porcelain.clone of repository without HEAD.
   (Jelmer Vernooij, #501)

 * Support passing tag ids to Walker()'s include argument.
   (Jelmer Vernooij)

 * Don't strip trailing newlines from extra headers.
   (Nicolas Dandrimont)

 * Set bufsize=0 for subprocess interaction with SSH client.
   Fixes hangs on Python 3. (René Stern, #434)

 * Don't drop first slash for SSH paths, except for those
   starting with "~". (Jelmer Vernooij, René Stern, #463)

 * Properly log off after retrieving just refs.
   (Jelmer Vernooij)

jperkin pushed a commit that referenced this issue Mar 8, 2017

wiz
Updated neomutt to 20170306.
2017-03-06  Richard Russon  <rich@flatcap.org>
* Bug Fixes
  - Get the correct buffer size under fmemopen/torify (#441)
  - Use static inlines to make gcc 4.2.1 happy
  - getdnsdomainname: cancel getaddrinfo_a if needed
  - imap: remove useless code (#434) (origin/master)
  - Fixes missing semi-colon compilation issue (#433)
* Docs
  - github: added template for Pull Requests, issues and a CONTRIBUTION.md (#339)
  - editorconfig: support for new files, fix whitespace (#439)
  - add blocking fmemopen bug on debian to manual (#422)
* Upstream
  - Increase ACCOUNT.pass field size. (closes #3921)
  - SSL: Fix memory leak in subject alternative name code. (closes #3920)
  - Prevent segv if open-appending to an mbox fails. (closes #3918)
  - Clear out extraneous errors before SSL_connect() (see #3916)

2017-02-25  Richard Russon  <rich@flatcap.org>
* Features
  - Add option $show_multipart_alternative
  - notmuch: Allow to use untransformed tag for color
  - Use getaddrinfo_a if possible (#420)
* Bug Fixes
  - handle sigint within socket operations (#411)
  - Avoid browsing the remote spoolfile by setting MUTT_SELECT_MULTI attach
  - notmuch: fix crash when completing tags (#395)
  - Fixes missing failure return of notmuch msg open (#401)
  - Fix latest Coverity issues (#387)
  - Advance by the correct number of position even for unknown characters (#368)
  - Release KyotoCabinet data with kcfree() (#384)
  - 22 resource leaks
* Translations
  - Update translations
  - Update the german translation (#397)
* Docs
  - fix typo in notmuch example
  - remove duplicate "default" in the sidebar intro
  - fix confusing description of notmuch operators (#371)
  - correct spelling mistakes (#412)
* Website
  - link to clang-format config in main repo (#28)
  - updated list of useful programs
  - update/improve list of useful programs
  - sidebar_format has a single default value
  - fix name of GNU Guix
  - added guix distro
  - added link to new afew maintainers
  - add code of conduct
  - add mutt-addressbook to useful
  - remove unnecessary unicode non-breaking spaces
  - github merging
* Build
  - Enable and run unit-tests on the feature/unit-test branch
  - add notmuch to default, feature
  - new dbs for mutt
  - master is now the main branch
  - streamline builds
  - fix doc generator
  - add a few includes (prelude to clang-format)
  - slcurses.h defines its own bool type
  - travis: use container build
  - add clang-format file
  - Remove ugly macros and casts from crypt-gpgme.c
  - fix minor reflow issues in some comments
  - editorconfig: use spaces to indent in *.[ch] files
  - added comment-blocks for clang-format to ignore
  - fix 80 column limit, align statements
  - Remove snprintf.c from EXTRA_DIST (#406)
  - Kill homebrew (v)snprintf implementations, as they are C99 (#402)
  - Display charset + small refactoring
  - Do not cast or check returns from safe_calloc (#396)
  - refactor: create a generic base64 encode/decode
  - debug: remove dprint in favor of mutt_debug (#375)
  - Fix dubious use macro for _() / gettext() (#376)
  - Use mutt_buffer_init instead of memset
  - Make the heap method and datatype a plain list
  - Reverts making AliasFile into a list_t (#379)
  - Turn mutt_new_* macros into inline functions
  - Do not cast return values from malloc (et similia)
* Upstream
  - Simplify mutt_label_complete().
  - Permit tab completion of pattern expressions with ~y (labels).
  - Fix the mutt_label_complete() pos parameter.
  - Fix the x-label update code check location.
  - Improve the label completion hash table usage.
  - Adds label completion.
  - Add hash_find_elem to get the hash element.
  - Minor fixes to the x-label patch from David.
  - Adds capability to edit x-labels inside mutt, and to sort by label.
  - Allow "unsubjectrc *" to remove all patterns.
  - Add subjectrx command to replace matching subjects with something else.
  - Abstract the SPAM_LIST as a generic REPLACE_LIST
  - Improve Reply-to vs From comparison when replying. (closes #3909)
  - Fix sidebar references to the "new count" to be "unread". (closes #3908)
  - Fix several alias hashtable issues.
  - Add casecmp and strdup_key flags to hash_create()
  - Improve error handling in mbox magic detection.
  - Allow initial blank lines in local mailboxes.
  - Fix minor documentation issues.
  - Convert cmd_parse_search to use the uid hash. (closes #3905)
  - Create a uid hash for imap. (see #3905)
  - Convert HASH to be indexable by unsigned int. (see #3905)
  - Fix imap server-side search to call uid2msgno() only once. (see #3905)
  - Add a pattern_cache_t to speed up a few repeated matches.
  - Canonicalize line endings for GPGME S/MIME encryption. (closes #3904)
  - Fix build for bdb.
  - Create function to free header cache data.
  - Add Kyoto Cabinet support to the header cache.
  - Prevent null pointer exception for h->ai_canonname
  - Show SHA1 fp in interactive cert check menu.
  - Fix potential cert memory leak in check_certificate_by_digest().
  - Plug memory leak in weed-expired-certs code.
  - Filter expired local certs for OpenSSL verification.
  - Change "allow_dups" into a flag at hash creation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.