-
Notifications
You must be signed in to change notification settings - Fork 570
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build: cannot compile with landlock disabled on Ubuntu 16.04 (gcc 9.5.0) #6115
Comments
I added this code, I'll look into it. What is the version of Ubuntu, gcc and glibc used? What is the output of the following commands? gcc -v
info gcc | grep -A 1 'if no C language dialect' Relates to #6078. |
This is Ubuntu 16.04.07 LTS with Expanded Security Maintenance (ESM). $ apt-cache policy libc6 | grep Installed
Installed: 2.23-0ubuntu11.3+esm3
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none:hsa
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 9.5.0-1ubuntu1~16.04.sav1' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --with-system-zlib --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-9-pNKsiU/gcc-9-9.5.0/debian/tmp-nvptx/usr,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 9.5.0 (Ubuntu 9.5.0-1ubuntu1~16.04.sav1)
$ info gcc | grep -A 1 'if no C language dialect'
info: No menu item 'gcc' in node '(dir)Top'.
|
Strange, that gcc version is not that old to be having issues with this. Did you manually enable Is this in a VM or CI? Please post the full build log of ./configure and make. |
Nope, I build firejail from git on Ubuntu just like I do on my Arch Linux setup. Dual-booting both Linuxes; so bare metal, no VM or CI involved.
Here you go: ./configure log: https://x0.at/eiLY.w8LKzE8 |
Does the following work? make clean >/dev/null && make EXTRA_CFLAGS+='-std=gnu99' What is the output of this: make clean >/dev/null && make EXTRA_CFLAGS+='-std=gnu99' 2>&1 | head |
No changes, getting the same errors: |
Alright, I managed to make gcc print warnings: $ pacman -Q gcc glibc
gcc 13.2.1-3
glibc 2.38-7
$ ./configure --disable-landlock >/dev/null && make clean >/dev/null &&
make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'
[...]
gcc -ggdb -O2 -DVERSION='"0.9.73"' -DMOD_DIR='"src/firejail"' -Wall -Wextra -Wformat -Wformat-security -Wno-overlength-strings -Wno-pointer-arith -fstack-protector-all -D_FORTIFY_SOURCE=2 -DPREFIX='"/usr/local"' -DSYSCONFDIR='"/usr/local/etc/firejail"' -DLIBDIR='"/usr/local/lib"' -DBINDIR='"/usr/local/bin"' -DVARDIR='"/var/lib/firejail"' -DHAVE_CHROOT -DHAVE_DBUSPROXY -DHAVE_FILE_TRANSFER -DHAVE_GLOBALCFG -DHAVE_NETWORK -DHAVE_OUTPUT -DHAVE_PRIVATE_HOME -DHAVE_SUID -DHAVE_USERNS -DHAVE_USERTMPFS -DHAVE_X11 -std=c99 -Wpedantic -Wno-error -fPIE -g -O2 -c appimage.c -o appimage.o
In file included from appimage.c:23:
firejail.h:982:27: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
982 | static inline int ll_read(...) { return 0; }
| ^~~
firejail.h:983:28: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
983 | static inline int ll_write(...) { return 0; }
| ^~~
firejail.h:984:30: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
984 | static inline int ll_special(...) { return 0; }
| ^~~
firejail.h:985:27: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
985 | static inline int ll_exec(...) { return 0; }
| ^~~
firejail.h:987:31: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
987 | static inline int ll_restrict(...) { return 0; }
| ^~~
firejail.h:988:35: warning: ISO C requires a named argument before ‘...’ before C2X [-Wpedantic]
988 | static inline void ll_add_profile(...) { return; }
| ^~~ I was forgetting to use I think I'll just remove them for now and maybe try a more portable version |
What does the following show? ./configure --disable-landlock >/dev/null && make clean >/dev/null &&
make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error' Also, could you post the output directly so that the details are centralized It can be just the relevant make lines (as in my previous comment) so that it |
$ ./configure --disable-landlock >/dev/null && make clean >/dev/null && make EXTRA_CFLAGS+='-std=c99 -Wpedantic -Wno-error'
[...]
make[1]: Entering directory '/home/glitsj16/firejail/src/firejail'
gcc -ggdb -O2 -DVERSION='"0.9.73"' -DMOD_DIR='"src/firejail"' -Wall -Wextra -Wformat -Wformat-security -fstack-protector-all -D_FORTIFY_SOURCE=2 -DPREFIX='"/usr/local"' -DSYSCONFDIR='"/usr/local/etc/firejail"' -DLIBDIR='"/usr/local/lib"' -DBINDIR='"/usr/local/bin"' -DVARDIR='"/var/lib/firejail"' -DHAVE_CHROOT -DHAVE_DBUSPROXY -DHAVE_FILE_TRANSFER -DHAVE_GLOBALCFG -DHAVE_NETWORK -DHAVE_OUTPUT -DHAVE_PRIVATE_HOME -DHAVE_SUID -DHAVE_USERNS -DHAVE_USERTMPFS -DHAVE_X11 -std=c99 -Wpedantic -Wno-error -fPIE -g -O2 -c appimage.c -o appimage.o
make[1]: Leaving directory '/home/glitsj16/firejail/src/firejail' |
So even when the compiler flags are the same it causes an error. I suppose that basic support for that was indeed added rather recently to gcc It seems a bit surprising that it only warns with Note: I have a WIP branch that adds |
@kmk3 Thanks for all the work, builds fine again now! |
Building firejail from git master fails on ubuntu with kernel 4.15.0-220-generic (regardless of using
--enable-landlock
or not).Here's the relevant output:
@netblue30 Can you have a look please?
The text was updated successfully, but these errors were encountered: