No more way to specify custom configure options when building deb? #3523

laniakea64 · 2020-07-18T20:04:08Z

Building firejail from 9ecd3ca is not possible with fj-mkdeb.py -

$ ./contrib/fj-mkdeb.py --enable-apparmor --disable-firetunnel
Error: Could not find the firejail source tree.  Exiting.

This is probably as of 87e7b31 , where mkdeb.sh is now dynamically generated. But running the build commands directly still doesn't pick up all configure arguments:

$ ./configure --enable-apparmor --disable-firetunnel
$ make deb

That produces a deb with firetunnel support enabled:

$ firejail --version
firejail version 0.9.63

Compile time support:
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - file and directory whitelisting support is enabled
        - file transfer support is enabled
        - firetunnel support is enabled
        - networking support is enabled
        - overlayfs support is enabled
        - private-home support is enabled
        - seccomp-bpf support is enabled
        - SELinux support is disabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

Could the dynamic generation of mkdeb.sh please take custom configure options into account?
Or is that still not possible, so fj-mkdeb.py needs to be updated?

The text was updated successfully, but these errors were encountered:

rusty-snake · 2020-07-19T08:34:26Z

Could the dynamic generation of mkdeb.sh please take custom configure options into account?

It does. The error says something else. It should work with.

$ ./configure
$ ./contrib/fj-mkdeb.py --enable-apparmor --disable-firetunnel

laniakea64 · 2020-07-20T00:56:33Z

Unfortunately that still doesn't work -

$ firejail --version
firejail version 0.9.63

Compile time support:
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - file and directory whitelisting support is enabled
        - file transfer support is enabled
        - firetunnel support is enabled
        - networking support is enabled
        - overlayfs support is enabled
        - private-home support is enabled
        - seccomp-bpf support is enabled
        - SELinux support is disabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

rusty-snake · 2020-07-20T10:01:04Z

But the error is gone? If not try to use --fj-src to workaround.

laniakea64 · 2020-07-20T12:27:48Z

But the error is gone?

Yes it built without error. But as the output above shows, my configure options were still ignored.

Maybe it would help clarify the problem to link the longer back story? - #772

I still don't know the reasoning behind #772 (comment) . Now that mkdeb.sh is dynamically generated, does that reasoning still apply?

rusty-snake · 2020-07-20T16:23:00Z

I can't test it, because I have no debian, but this generates a mkdeb.sh with ./configure --prefix=/usr --enable-apparmor --disable-firetunnel:
./configure && ./contrib/fj-mkdeb.py --only-fix-mkdeb --enable-apparmor --disable-firetunnel

Fred-Barclay · 2020-07-21T17:26:06Z

I can't test it, because I have no debian...

Tested and it works on my end:

$ firejail --version
firejail version 0.9.63

Compile time support:
        - AppArmor support is enabled
        - AppImage support is enabled
        - chroot support is enabled
        - file and directory whitelisting support is enabled
        - file transfer support is enabled
        - firetunnel support is disabled
        - networking support is enabled
        - overlayfs support is enabled
        - private-home support is enabled
        - seccomp-bpf support is enabled
        - SELinux support is disabled
        - user namespace support is enabled
        - X11 sandboxing support is enabled

laniakea64 · 2020-07-22T00:06:34Z

I can't test it, because I have no debian, but this generates a mkdeb.sh with ./configure --prefix=/usr --enable-apparmor --disable-firetunnel:
./configure && ./contrib/fj-mkdeb.py --only-fix-mkdeb --enable-apparmor --disable-firetunnel

Thanks @rusty-snake for the workaround, it works for me too:

./configure && ./contrib/fj-mkdeb.py --only-fix-mkdeb --enable-apparmor --disable-firetunnel && make deb

laniakea64 · 2020-08-25T23:48:45Z

So will there be first-class availability of custom configure options for .deb build? Or does fj-mkdeb.py need to be patched based on the workaround above?

laniakea64 · 2020-09-03T14:26:02Z

So will there be first-class availability of custom configure options for .deb build? Or does fj-mkdeb.py need to be patched based on the workaround above?

I ask because if there still cannot be first-class availability of custom configure options for .deb build, I am the original author of fj-mkdeb.py and would try to look into updating it.

rusty-snake · 2020-09-03T14:33:19Z

I see no reason why fj-mkdeb.py should not have a option for that.

On firejail 0.9.68, one would run `./configure` (to generate Makefile from Makefile.in) and then running `make deb` would end up running something akin to: make distclean && make dist && ./configure --prefix=/usr && mkdeb.sh As of netblue30#5142, `make dist` does not run `make distclean` anymore, but `make deb` still overrides any configure options that the user might have set. Stop doing that and do just `make dist && mkdeb.sh` on `make deb`. To build everything from scratch as `make deb` would do on 0.9.68 (but without it overriding the configure options), one can run: make distclean && ./configure --prefix=/usr && make deb Note that this is basically what the "build_debian_package" job on .gitlab-ci.yml does (see also the "build_apparmor" job). Should fully fix netblue30#3523. Relates to netblue30#772 netblue30#1205.

On firejail 0.9.68, one would run `./configure` (to generate Makefile from Makefile.in) and then running `make deb` would end up running something akin to: make distclean && make dist && ./configure --prefix=/usr && ./mkdeb.sh As of netblue30#5142, `make dist` does not run `make distclean` anymore, but `make deb` still overrides any configure options that the user might have set. Stop doing that and do just `make dist && ./mkdeb.sh` on `make deb`. To build everything from scratch as `make deb` would do on 0.9.68 (but without it overriding the configure options), one can run: make distclean && ./configure --prefix=/usr && make deb Note that this is basically what the "build_debian_package" job on .gitlab-ci.yml does (see also the "build_apparmor" job). Should fully fix netblue30#3523. Relates to netblue30#772 netblue30#1205.

laniakea64 mentioned this issue Sep 3, 2020

Update fj-mkdeb.py #3621

Merged

netblue30 closed this as completed in #3621 Sep 10, 2020

kmk3 mentioned this issue May 20, 2022

mkdeb.sh.in: pass remaining arguments to ./configure #5154

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

No more way to specify custom configure options when building deb? #3523

No more way to specify custom configure options when building deb? #3523

laniakea64 commented Jul 18, 2020

rusty-snake commented Jul 19, 2020

laniakea64 commented Jul 20, 2020

rusty-snake commented Jul 20, 2020

laniakea64 commented Jul 20, 2020

rusty-snake commented Jul 20, 2020

Fred-Barclay commented Jul 21, 2020

laniakea64 commented Jul 22, 2020

laniakea64 commented Aug 25, 2020

laniakea64 commented Sep 3, 2020

rusty-snake commented Sep 3, 2020

No more way to specify custom configure options when building deb? #3523

No more way to specify custom configure options when building deb? #3523

Comments

laniakea64 commented Jul 18, 2020

rusty-snake commented Jul 19, 2020

laniakea64 commented Jul 20, 2020

rusty-snake commented Jul 20, 2020

laniakea64 commented Jul 20, 2020

rusty-snake commented Jul 20, 2020

Fred-Barclay commented Jul 21, 2020

laniakea64 commented Jul 22, 2020

laniakea64 commented Aug 25, 2020

laniakea64 commented Sep 3, 2020

rusty-snake commented Sep 3, 2020