Bug 208439

Summary: libcap 2.37 fails to build from source
Product: Tools Reporter: Hussam Al-Tayeb (ht990332)
Component: libcapAssignee: Andrew G. Morgan (morgan)
Status: VERIFIED CODE_FIX    
Severity: normal CC: morgan
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 5.4.50 Subsystem:
Regression: No Bisected commit-id:
Attachments: build log

Description Hussam Al-Tayeb 2020-07-05 10:24:02 UTC 
libcap 2.37 fails to build from source


ln -s /home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/cap src/kernel.org/pub/linux/libs/security/libcap/cap
make -C /home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap all
make[2]: Entering directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap'
go run mknames.go --header=/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap/cap_names.h | gofmt > good-names.go || rm -f good-names.go
diff -u ../cap/names.go good-names.go
--- ../cap/names.go	1970-01-01 02:00:01.000000000 +0200
+++ good-names.go	2020-07-05 13:13:42.885018390 +0300
@@ -3,7 +3,7 @@
 /* ** DO NOT EDIT THIS FILE. IT WAS AUTO-GENERATED BY LIBCAP'S GO BUILDER (mknames.go) ** */
 
 // NamedCount holds the number of capabilities with official names.
-const NamedCount = 40
+const NamedCount = 38
 
 // CHOWN etc., are the named capability bits on this system. The
 // canonical source for each name is the "uapi/linux/capabilities.h"
@@ -47,8 +47,6 @@
 	WAKE_ALARM
 	BLOCK_SUSPEND
 	AUDIT_READ
-	PERFMON
-	BPF
 )
 
 var names = map[Value]string{
@@ -90,8 +88,6 @@
 	WAKE_ALARM:       "cap_wake_alarm",
 	BLOCK_SUSPEND:    "cap_block_suspend",
 	AUDIT_READ:       "cap_audit_read",
-	PERFMON:          "cap_perfmon",
-	BPF:              "cap_bpf",
 }
 
 var bits = map[string]Value{
@@ -133,6 +129,4 @@
 	"cap_wake_alarm":       WAKE_ALARM,
 	"cap_block_suspend":    BLOCK_SUSPEND,
 	"cap_audit_read":       AUDIT_READ,
-	"cap_perfmon":          PERFMON,
-	"cap_bpf":              BPF,
 }
make[1]: *** [Makefile:42: good-names.go] Error 1
make[1]: Leaving directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/go'


go version go1.14.4 linux/amd64
Comment 1 Andrew G. Morgan 2020-07-05 14:19:54 UTC 
libcap is shipped with its own version of:

https://git.kernel.org/pub/scm/libs/libcap/libcap.git/tree/libcap/include/uapi/linux/capability.h

The way your build is failing, you are evidently not using this file to generate /home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap/cap_names.h

Can you attach a full log for your failing build?
Comment 2 Hussam Al-Tayeb 2020-07-05 14:58:27 UTC 
Created attachment 290099 [details]
build log

Ok. Attached. Note this line.

> => making cap_names.list.h from /usr/include/linux/capability.h
Comment 3 Hussam Al-Tayeb 2020-07-05 15:12:16 UTC 
if I apply the diff the build log output, it compiles but make install fails:


make -C go install
make[1]: Entering directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/go'
make -C /home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap all
make[2]: Entering directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap'
make[2]: Nothing to be done for 'all'.
make[2]: Leaving directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap'
mkdir -p /home/hussam/cache/tmp/libcap/trunk/pkg/libcap/usr/share/gocode/src/libcap/psx
rm -f /home/hussam/cache/tmp/libcap/trunk/pkg/libcap/usr/share/gocode/src/libcap/psx/*
install -m 0644 src/libcap/psx/* /home/hussam/cache/tmp/libcap/trunk/pkg/libcap/usr/share/gocode/src/libcap/psx/
install: cannot stat 'src/libcap/psx/*': No such file or directory
make[1]: *** [Makefile:91: install] Error 1
make[1]: Leaving directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/go'
make: *** [Makefile:14: install] Error 2
Comment 4 Hussam Al-Tayeb 2020-07-05 15:15:04 UTC 
2.36 builds fine so it looks like there was at least compatibility with older kernel headers in the past.
Comment 5 Andrew G. Morgan 2020-07-05 16:24:44 UTC 
Thanks for this bug report!

As you have found, there are two issues here:

  1) I should have fixed this KERNEL_HEADERS thing back in libcap-2.23 the build hasn't been reliably working as I intended since then.

  2) I broke the go package install in 2.37 when I converted the Go part of the tree to work as "go modules". I had to restructure things substantially to make this possible. This is now the preferred way to use the Go packages: https://sites.google.com/site/fullycapable/building-go-programs-that-manipulate-capabilities

From your log, things go wrong in the first few lines:

     1  make: Entering directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37'
     2  make -C libcap all
     3  make[1]: Entering directory '/home/hussam/cache/tmp/libcap/trunk/src/libcap-2.37/libcap'
     4  => making cap_names.list.h from /usr/include/linux/capability.h

If I do this, I see something else (which is why I missed this issue before):

$ wget https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/libcap-2.37.tar.gz
$ tar xfz libcap-2.37.tar.gz 
$ cd libcap-2.37/
$ make
make -C libcap all
make[1]: Entering directory '/home/morgan/libcap-2.37/libcap'
=> making cap_names.list.h from /home/morgan/libcap-2.37/libcap/../libcap/include/uapi/linux/capability.h
perl -e 'while ($l=<>) { if ($l =~ /^\#define[ \t](CAP[_A-Z]+)[ \t]+([0-9]+)\s+$/) { $tok=$1; $val=$2; $tok =~ tr/A-Z/a-z/; print "{\"$tok\",$val},\n"; } }' /home/morgan/libcap-2.37/libcap/../libcap/include/uapi/linux/capability.h | fgrep -v 0x > cap_names.list.h
Comment 6 Andrew G. Morgan 2020-07-05 17:26:12 UTC 
Thanks again for the report!

Please reopen if this does not fix the issues you have been seeing:

https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=5457efd92c533259eecde426d9e6bb6abb270d89
Comment 7 Hussam Al-Tayeb 2020-07-05 17:35:49 UTC 
I applied that patch over the 2.37 tarball and it fixed the build. Thank you.