diff mbox

[1/1] gnu: audit: Use GnuTLS instead of OpenSSL.

Message ID 5f5f0db4ac5c628affd701a4095be77778493067.1477120072.git.leo@famulari.name
State New
Headers show

Commit Message

Leo Famulari Oct. 22, 2016, 7:09 a.m. UTC
The audit build is failing because it can't find GnuTLS:

libtool: link: gcc -W -Wall -Wundef -D_GNU_SOURCE -fPIE -DPIE -g -O2 -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -o .libs/audispd-zos-remote audispd_zos_remote-zos-remote-plugin.o audispd_zos_remote-zos-remote-log.o audispd_zos_remote-zos-remote-ldap.o audispd_zos_remote-zos-remote-config.o audispd_zos_remote-zos-remote-queue.o  -lpthread /gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib/libldap.so /gnu/store/xvsww5q2j9g4csi2i2mkpjm09mywnb6g-cyrus-sasl-2.1.26/lib/libsasl2.so -ldl -lgnutls /gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib/liblber.so -lresolv -L../../../auparse /tmp/guix-build-audit-2.4.5.drv-0/audit-2.4.5/auparse/.libs/libauparse.so /tmp/guix-build-audit-2.4.5.drv-0/audit-2.4.5/lib/.libs/libaudit.so -Wl,-rpath -Wl,/gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib -Wl,-rpath -Wl,/gnu/store/xvsww5q2j9g4csi2i2mkpjm09mywnb6g-cyrus-sasl-2.1.26/lib -Wl,-rpath -Wl,/gnu/store/ri7alh15j0bbaansb79y4f29ivqgvgws-audit-2.4.5/lib
ld: cannot find -lgnutls
collect2: error: ld returned 1 exit status

https://hydra.gnu.org/build/1550341/nixlog/2/tail-reload

It succeeds when building against GnuTLS instead of OpenSSL.

* gnu/packages/admin.scm (audit)[inputs]: Replace openssl with gnutls.
---
 gnu/packages/admin.scm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Christopher Allan Webber Oct. 22, 2016, 1:57 p.m. UTC | #1
Leo Famulari writes:

> The audit build is failing because it can't find GnuTLS:
>
> libtool: link: gcc -W -Wall -Wundef -D_GNU_SOURCE -fPIE -DPIE -g -O2 -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -o .libs/audispd-zos-remote audispd_zos_remote-zos-remote-plugin.o audispd_zos_remote-zos-remote-log.o audispd_zos_remote-zos-remote-ldap.o audispd_zos_remote-zos-remote-config.o audispd_zos_remote-zos-remote-queue.o  -lpthread /gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib/libldap.so /gnu/store/xvsww5q2j9g4csi2i2mkpjm09mywnb6g-cyrus-sasl-2.1.26/lib/libsasl2.so -ldl -lgnutls /gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib/liblber.so -lresolv -L../../../auparse /tmp/guix-build-audit-2.4.5.drv-0/audit-2.4.5/auparse/.libs/libauparse.so /tmp/guix-build-audit-2.4.5.drv-0/audit-2.4.5/lib/.libs/libaudit.so -Wl,-rpath -Wl,/gnu/store/y9j75zc10h0za5wnbvrb349c8hxm2s6k-openldap-2.4.44/lib -Wl,-rpath -Wl,/gnu/store/xvsww5q2j9g4csi2i2mkpjm09mywnb6g-cyrus-sasl-2.1.26/lib -Wl,-rpath -Wl,/gnu/store/ri7alh15j0bbaansb79y4f29ivqgvgws-audit-2.4.5/lib
> ld: cannot find -lgnutls
> collect2: error: ld returned 1 exit status
>
> https://hydra.gnu.org/build/1550341/nixlog/2/tail-reload
>
> It succeeds when building against GnuTLS instead of OpenSSL.

Seems like it built okay here without this patch?

I did do the "guix build audit" before doing a git pull, but after doing
the git pull re-running the command didn't build anything new?
Leo Famulari Oct. 22, 2016, 2:11 p.m. UTC | #2
On Sat, Oct 22, 2016 at 08:57:19AM -0500, Christopher Allan Webber wrote:
> Leo Famulari writes:
> > It succeeds when building against GnuTLS instead of OpenSSL.
> 
> Seems like it built okay here without this patch?

Does it work for you on core-updates?

It builds with OpenSSL on master for me, but not core-updates. Weird!

The other thing is that audit is distributed under the GPL2+ but,
AFAICT, there is no OpenSSL exception made to their GPL2+ license.

There are no results for `grep -ri openssl` in the audit source tree.

So we may have to switch to GnuTLS for licensing reasons.
Christopher Allan Webber Oct. 22, 2016, 3:06 p.m. UTC | #3
Leo Famulari writes:

> On Sat, Oct 22, 2016 at 08:57:19AM -0500, Christopher Allan Webber wrote:
>> Leo Famulari writes:
>> > It succeeds when building against GnuTLS instead of OpenSSL.
>> 
>> Seems like it built okay here without this patch?
>
> Does it work for you on core-updates?
>
> It builds with OpenSSL on master for me, but not core-updates. Weird!
>
> The other thing is that audit is distributed under the GPL2+ but,
> AFAICT, there is no OpenSSL exception made to their GPL2+ license.
>
> There are no results for `grep -ri openssl` in the audit source tree.
>
> So we may have to switch to GnuTLS for licensing reasons.

Ah, I hadn't tried core-updates... I was testing against master.

Yes, makes sense.  Sounds like we ought to use GnuTLS anyway.  I'd say
push it!

 - Chris
diff mbox

Patch

diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 9724c9b..7a83a8c 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -1556,7 +1556,7 @@  platform-specific methods.")
              #t)))))
     (inputs
      `(("openldap" ,openldap)
-       ("openssl" ,openssl)
+       ("gnutls" ,gnutls)
        ("sasl" ,cyrus-sasl)))
     (synopsis "User-space component to the Linux auditing system")
     (description