Created attachment 229297 [details] Full build log Importance: bulk (as I can compile without DOCS option) I'm on 2021Q4, so in my case it's security/clamav, which should correspond to security/clamav-lts on HEAD. Something seems wrong with the pkg-plist. Full log attached.
(In reply to ml from comment #0) I tried test build of security/clamav with following conditions. * Host is 13.0-RELEASE amd64 * Poudriere is 3.3.7_1 (ports-mgmt/poudriere) * Jail is 12.2-RELEASE amd64 * Ports tree is ports a459c4ab2ea9 (2021Q4 branch) * Setting of all options are default. That is, DOCS option is on. But build succeeds without any error.
Created attachment 229315 [details] poudriere testport log
(In reply to Yasuhiro Kimura from comment #1) My situation: * Host is 12.2p11/amd64 Perhaps the biggest difference (12.2 vs 13.0): could it matter??? * Poudriere is 3.3.7_1 (ports-mgmt/poudriere) (Same as yours). * Jail is 12.2p10/amd64 here (Should not matter much) * Ports tree is ports 5c79c2115ff4 (2021Q4 branch) Not much changed from 5c79c2115ff4 to a459c4ab2ea9. * Setting of all options are default. That is, DOCS option is on. I tried "poudriere options -r security/clamav": this should have reset all options for clamav and dependencies to default values. I'm attaching the log of "poudriere testport -j 122amd64 security/clamav". Again, if I am the only one having the problem, ditch this.
(In reply to ml from comment #3) Would you please show us the output of `diff -u /usr/local/etc/poudriere.conf.sample /usr/local/etc/poudriere.conf`?
(In reply to Yasuhiro Kimura from comment #4) Sure! # diff -u poudriere.conf.sample poudriere.conf | less -mSX --- poudriere.conf.sample 2021-10-27 15:23:23.152223000 +0200 +++ poudriere.conf 2021-11-05 11:42:02.818805000 +0100 @@ -9,7 +9,7 @@ # You need at least 7GB of free space in this pool to have a working # poudriere. # -#ZPOOL=zroot +ZPOOL=zroo2 ### NO ZFS # To not use ZFS, define NO_ZFS=yes @@ -27,16 +27,16 @@ # Also note that every protocols supported by fetch(1) are supported here, even # file:/// # Suggested: https://download.FreeBSD.org -FREEBSD_HOST=_PROTO_://_CHANGE_THIS_ +FREEBSD_HOST=https://download.FreeBSD.org # By default the jails have no /etc/resolv.conf, you will need to set # RESOLV_CONF to a file on your hosts system that will be copied has # /etc/resolv.conf for the jail, except if you don't need it (using an http # proxy for example) -RESOLV_CONF=/etc/resolv.conf +#RESOLV_CONF=/usr/jails/proxy/etc/resolv.conf # The directory where poudriere will store jails and ports -BASEFS=/usr/local/poudriere +BASEFS=/usr/home/poudriere # The directory where the jail will store the packages and logs # by default a zfs filesystem will be created and set to @@ -109,7 +109,7 @@ # will be deleted and the port will be rebuilt. # Valid options: yes, no, verbose # verbose will display the old and new options -#CHECK_CHANGED_OPTIONS=verbose +CHECK_CHANGED_OPTIONS=verbose # Automatic Dependency change detection # When bulk building packages, compare the dependencies from kept packages to @@ -135,7 +135,7 @@ # Path to the RSA key to sign the PKG repo with. See pkg-repo(8) # This produces a repo that supports SIGNATURE_TYPE=PUBKEY # Default: not set -#PKG_REPO_SIGNING_KEY=/etc/ssl/keys/repo.key +PKG_REPO_SIGNING_KEY=/usr/local/netfence/etc/openssl/poudriere.key # Command to sign the PKG repo with. See pkg-repo(8) # This produces a repo that supports SIGNATURE_TYPE=FINGERPRINTS @@ -153,7 +153,7 @@ # It will be mounted into the jail and be shared among all jails. # It is recommended that extra ccache configuration be done with # ccache -o rather than from the environment. -#CCACHE_DIR=/var/cache/ccache +CCACHE_DIR=/zroo2/ccache # Static ccache support from host. This uses the existing # ccache from the host in the build jail. This is useful for @@ -163,7 +163,7 @@ # Note also that ccache+memcached will require network access # which is normally disabled. Separately setting RESTRICT_NETWORKING=no # may be required for non-localhost memcached servers. -#CCACHE_STATIC_PREFIX=/usr/local +#CCACHE_STATIC_PREFIX=/usr/home/ccache # The jails normally only allow network access during the 'make fetch' # phase. This is a security restriction to prevent random things
Sorry, I only pasted it partially! # diff -u poudriere.conf.sample poudriere.conf --- poudriere.conf.sample 2021-10-27 15:23:23.152223000 +0200 +++ poudriere.conf 2021-11-05 11:42:02.818805000 +0100 @@ -9,7 +9,7 @@ # You need at least 7GB of free space in this pool to have a working # poudriere. # -#ZPOOL=zroot +ZPOOL=zroo2 ### NO ZFS # To not use ZFS, define NO_ZFS=yes @@ -27,16 +27,16 @@ # Also note that every protocols supported by fetch(1) are supported here, even # file:/// # Suggested: https://download.FreeBSD.org -FREEBSD_HOST=_PROTO_://_CHANGE_THIS_ +FREEBSD_HOST=https://download.FreeBSD.org # By default the jails have no /etc/resolv.conf, you will need to set # RESOLV_CONF to a file on your hosts system that will be copied has # /etc/resolv.conf for the jail, except if you don't need it (using an http # proxy for example) -RESOLV_CONF=/etc/resolv.conf +#RESOLV_CONF=/usr/jails/proxy/etc/resolv.conf # The directory where poudriere will store jails and ports -BASEFS=/usr/local/poudriere +BASEFS=/usr/home/poudriere # The directory where the jail will store the packages and logs # by default a zfs filesystem will be created and set to @@ -109,7 +109,7 @@ # will be deleted and the port will be rebuilt. # Valid options: yes, no, verbose # verbose will display the old and new options -#CHECK_CHANGED_OPTIONS=verbose +CHECK_CHANGED_OPTIONS=verbose # Automatic Dependency change detection # When bulk building packages, compare the dependencies from kept packages to @@ -135,7 +135,7 @@ # Path to the RSA key to sign the PKG repo with. See pkg-repo(8) # This produces a repo that supports SIGNATURE_TYPE=PUBKEY # Default: not set -#PKG_REPO_SIGNING_KEY=/etc/ssl/keys/repo.key +PKG_REPO_SIGNING_KEY=/usr/local/netfence/etc/openssl/poudriere.key # Command to sign the PKG repo with. See pkg-repo(8) # This produces a repo that supports SIGNATURE_TYPE=FINGERPRINTS @@ -153,7 +153,7 @@ # It will be mounted into the jail and be shared among all jails. # It is recommended that extra ccache configuration be done with # ccache -o rather than from the environment. -#CCACHE_DIR=/var/cache/ccache +CCACHE_DIR=/zroo2/ccache # Static ccache support from host. This uses the existing # ccache from the host in the build jail. This is useful for @@ -163,7 +163,7 @@ # Note also that ccache+memcached will require network access # which is normally disabled. Separately setting RESTRICT_NETWORKING=no # may be required for non-localhost memcached servers. -#CCACHE_STATIC_PREFIX=/usr/local +#CCACHE_STATIC_PREFIX=/usr/home/ccache # The jails normally only allow network access during the 'make fetch' # phase. This is a security restriction to prevent random things @@ -180,7 +180,7 @@ # by specifying the -J flag to bulk/testport. # # Example to define PARALLEL_JOBS to one single job -# PARALLEL_JOBS=1 +PARALLEL_JOBS=6 # How many jobs should be used for preparing the build? These tend to # be more IO bound and may be worth tweaking. Default: PARALLEL_JOBS * 1.25 @@ -195,7 +195,7 @@ # WRKDIR_ARCHIVE_FORMAT=tbz # Disable Linux support -# NOLINUX=yes +NOLINUX=yes # By default poudriere sets FORCE_PACKAGE # To disable it (useful when building public packages): @@ -206,8 +206,9 @@ # NO_PACKAGE_BUILDING=yes # If you are using a proxy define it here: -# export HTTP_PROXY=bla -# export FTP_PROXY=bla +export HTTP_PROXY=http://proxy1.ventu:8080/ +export HTTPS_PROXY=http://proxy1.ventu:8080/ +export FTP_PROXY=http://proxy1.ventu:8080/ # # Cleanout the restricted packages # NO_RESTRICTED=yes @@ -219,7 +220,8 @@ # List of packages that will always be allowed to use MAKE_JOBS # regardless of ALLOW_MAKE_JOBS. This is useful for allowing ports # which holdup the rest of the queue to build more quickly. -#ALLOW_MAKE_JOBS_PACKAGES="pkg ccache py*" +ALLOW_MAKE_JOBS_PACKAGES="chromium cmake gcc48 gcc9 gcc10 llvm10 llvm11 llvm12 llvm80 llvm90 node node10 node14 node opencpn openjdk8 openjdk11 qt5-webengine qt5-webkit rust webkit2-gtk3" +#firefox-esr libreoffice # Timestamp every line of build logs # Default: no @@ -275,7 +277,7 @@ # Define the building jail hostname to be used when building the packages # Some port/packages hardcode the hostname of the host during build time # This is a necessary setup for reproducible builds. -#BUILDER_HOSTNAME=pkg.FreeBSD.org +#BUILDER_HOSTNAME=soth.netfence.it # Define to get a predictable timestamp on the ports tree # This is a necessary setup for reproducible builds. @@ -286,7 +288,7 @@ # set. Note that to use ccache with BUILD_AS_NON_ROOT you will need to # use a non-shared CCACHE_DIR that is only built by PORTBUILD_USER and chowned # to that user. Then set CCACHE_DIR_NON_ROOT_SAFE to yes. -#BUILD_AS_NON_ROOT=no +BUILD_AS_NON_ROOT=no # Define to the username to build as when BUILD_AS_NON_ROOT is yes. # Default: nobody (uid PORTBUILD_UID)
(In reply to ml from comment #6) What happens if you disable ccache support?
(In reply to Yasuhiro Kimura from comment #7) Exactly the same as I reported initially. The error is the same as in the "Full build log" I attached. Seems ccache is not the problem. Thanks.
(In reply to Yasuhiro Kimura from comment #1) Found it! In Makefile we have: CLAMAVUSER?= clamav This makes me think I can override CLAMAVUSER and in fact I do: in /usr/local/etc/poudriere.d/make.conf I have: CLAMAVUSER=mailnull (This is to ease compatibility with mail/mimedefang). However %%CLAMAVUSER%% also slipped in pkg-plist file names. (Probably this is a search&replace error). So I end up with plist expecting, e.g.: ...stage/usr/local/share/doc/clamav/html/manual/Development/mailnull-git-work-flow.html while in fact I (correctly) have: ...stage/usr/local/share/doc/clamav/html/manual/Development/clamav-git-work-flow.html Ditto for the other two files.
(In reply to ml from comment #9) Good catch! I never think I can find it as I don't change the value of CLAMAVUSER. I'll fix the problem ASAP but it may take for a while on 2021Q4 as it results in direct commit to quarterly branch and requires approval of ports-secteam@.
Created attachment 229363 [details] Patch file @ports-secteam I would like to request the approval to make direct commit of attached patch to 2021Q4 branch. The reason is that it fixes the problem caused by direct commit I made previously. Best Regards.
(In reply to Yasuhiro Kimura from comment #11) Ship it! Dima, on behalf of ports-secteam
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=5c19309678ed5756df17245b0ef7dd9dbb92c405 commit 5c19309678ed5756df17245b0ef7dd9dbb92c405 Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2021-11-08 13:50:20 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2021-11-08 14:46:05 +0000 security/clamav-lts: Fix plist error Fix plist error when user sets CLAMAVUSER to non-default value. PR: 259663 Reported by: ml at netfence dot it Fixes: 0a1eda80ee50 (security/clamav-lts: Update to new bugfix release 0.103.4) security/clamav-lts/pkg-plist | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
A commit in branch 2021Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=7e2c4c33757e18feb6262ea8891bb4dc9d35a22c commit 7e2c4c33757e18feb6262ea8891bb4dc9d35a22c Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2021-11-08 14:18:27 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2021-11-08 14:50:17 +0000 security/clamav-lts: Fix plist error Fix plist error when user sets CLAMAVUSER to non-default value. This is direct commit to 2021Q4 branch as the commit that causes plist error is also direct one. PR: 259663 Reported by: ml at netfence dot it Fixes: 2da7ca992591 (security/clamav: Update to new bugfix release 0.103.4) Approved by: fluffy (ports-secteam) security/clamav/pkg-plist | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
Fixed on both master and 2021Q4 branches. Thanks!