libsemanage: fix build w/gcc7

[xeji]

Motivation for this change

didn't build with gcc7.

/cc ZHF #36453

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Fits CONTRIBUTING.md.

---

[GrahamcOfBorg]

Success on aarch64-linux (full log)

Attempted: libsemanage

Partial log (click to expand)

install -m 755 semanage_migrate_store /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4/libexec/selinux/
make[1]: Leaving directory '/build/libsemanage-2.4/utils'
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4
shrinking /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4/lib/libsemanage.so.1
strip is /nix/store/lvx1acn1ig1j2km8jds5x3ggh3f2wa8v-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4/lib  /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4/libexec
patching script interpreter paths in /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4
checking for references to /build in /nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4...
/nix/store/03vgd3asw8ysq27i63jsgh56mskl6sak-libsemanage-2.4

[GrahamcOfBorg]

Success on x86_64-linux (full log)

Attempted: libsemanage

Partial log (click to expand)

install -m 755 semanage_migrate_store /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4/libexec/selinux/
make[1]: Leaving directory '/build/libsemanage-2.4/utils'
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4
shrinking /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4/lib/libsemanage.so.1
strip is /nix/store/b0zlxla7dmy1iwc3g459rjznx59797xy-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4/lib  /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4/libexec
patching script interpreter paths in /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4
checking for references to /build in /nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4...
/nix/store/b9rank90v4sin7whhpcjgfff4yqqc1f5-libsemanage-2.4

[andir]

Thanks! 👍

Have you considered updating our selinux libraries instead? The upstream repository seems to be very active (https://github.com/SELinuxProject/selinux). Our libs/tools from them are still at version 2.4 the current upstream release seems to be 2.7. Upgrading those might also fix the GCC issues (amongst other bugs, new features, …).

Two commits I was able to find just now:

• SELinuxProject/selinux@f602443#diff-458c680a86aedb24a06a0a8caa9c60ef
• SELinuxProject/selinux@e41ae67#diff-458c680a86aedb24a06a0a8caa9c60ef

[xeji]

@andir: Thank you - I agree we should update to 2.7 and will look into it. But that will be a little more work since it involves multiple packages.
So this quick fix for 2.4 should still be merged first.

[Ma27]

can’t we remove this? IIRC the stackprotector is now enabled by default since #12895 ?

[vcunat]

Let's do this now, also for 18.03, and you can update etc. later.

[Ma27]

@vcunat ack, will submit a PR tonight:)

[xeji]

Thanks. Already working on the update: #36978

…

On March 14, 2018 3:58:40 PM GMT+01:00, Maximilian Bosch ***@***.***> wrote: @vcunat ack, will submit a PR tonight:) -- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: #36936 (comment)

[Ma27]

ahh great!