search

archlinuxhardened / selinux

PKGBUILDs to build SELinux enabled packages for Arch Linux
145 stars 25 forks source link

[AUR] psmisc-selinux 23.7 did not pass the validity check #120

Closed Keyaku closed 3 months ago

Keyaku commented 3 months ago

I was following the Installation steps in ArchWiki's page on SELinux and hit a wall when attempting to build psmisc-selinux. The error happens during the sha256sum check, as follows:

Building psmisc-selinux...
Running as unit: run-u214.service
Press ^] three times within 1s to disconnect TTY.
==> Making package: psmisc-selinux 23.7-1 (dom 24 mar 2024 00:44:36)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Cloning psmisc git repo...
Cloning into bare repository '/var/cache/private/pamac/psmisc-selinux/psmisc'...
remote: Enumerating objects: 5640, done.
remote: Counting objects: 100% (1537/1537), done.
remote: Compressing objects: 100% (454/454), done.
remote: Total 5640 (delta 1269), reused 1302 (delta 1077), pack-reused 4103
Receiving objects: 100% (5640/5640), 4.25 MiB | 11.70 MiB/s, done.
Resolving deltas: 100% (4609/4609), done.
==> Validating source files with sha256sums...
    psmisc ... NOT FOUND
==> ERROR: One or more files did not pass the validity check!

There's something missing in the PKGBUILD, though I'm unsure exactly what since the repo is being pulled.

One can put SKIP, but that defeats the purpose of the check.

fishilico commented 3 months ago

Hello, I could not reproduce your issue in a clean environment.

More precisely, in a Docker container (docker run --rm -it docker.io/archlinux/archlinux:latest), I use these commands to set a build environment up and try building psmisc-selinux:

pacman -Sy base-devel git
useradd -m user
echo 'user ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers

cd /tmp
sudo -u user git clone https://aur.archlinux.org/libsepol.git
sudo -u user gpg --recv B8682847764DF60DF52D992CBC3905F235179CF1
(cd libsepol && sudo -u user makepkg -si)
sudo -u user git clone https://aur.archlinux.org/libselinux.git
(cd libselinux && sudo -u user makepkg -si)
sudo -u user git clone https://aur.archlinux.org/psmisc-selinux.git
sudo -u user gpg --import psmisc-selinux/keys/pgp/5D2FB320B825D93904D205193938F96BDF50FEA5.asc
(cd psmisc-selinux && sudo -u user makepkg -si)

The last command displays:

...
==> Retrieving sources...
  -> Cloning psmisc git repo...
Cloning into bare repository '/tmp/psmisc-selinux/psmisc'...
remote: Enumerating objects: 5640, done.
remote: Counting objects: 100% (1537/1537), done.
remote: Compressing objects: 100% (454/454), done.
remote: Total 5640 (delta 1269), reused 1302 (delta 1077), pack-reused 4103
Receiving objects: 100% (5640/5640), 4.25 MiB | 7.22 MiB/s, done.
Resolving deltas: 100% (4609/4609), done.
==> Validating source files with sha256sums...
    psmisc ... Passed
==> Verifying source file signatures with gpg...
    psmisc git repo ... Passed
==> Extracting sources...
  -> Creating working copy of psmisc git repo...
Cloning into 'psmisc'...
done.
Switched to a new branch 'makepkg'
==> Starting prepare()...

In your log, psmisc ... NOT FOUND is weird. Are you using the latest version of makepkg? (In my clean container, makepkg --version displays makepkg (pacman) 6.1.0 ; using sha256 for git tags seem to be quite recent, as the common practice was to just use SKIP before, when using signed git tags as source reference)

Keyaku commented 3 months ago

I should've given more information in my initial post, sorry about that.

This was attempted on a Manjaro system, installing psmisc-git via AUR.

I've done a couple more tests before shrugging this off: doing the steps manually in my system like you did in your clean Docker environment works. It's exclusive to using pamac that causes the issue, either via GUI or CLI. Since it's very specific, I've come to the resolution that it's not worth the trouble investigating further.

Sorry about the inconvenience, and thank you for taking your time looking into this.