Overwrite Return-Path with postfix because of “550-Sender verification is required but failed”

Sending emails from web applications like PHP may result in rejecting the emails from some servers. Fighting spam emails results in too strict filters and rules, which reject the mails even before the anti-spam service of the accepting server. Here is an error:

Apr  1 04:10:18 srv-mail postfix/pickup[26902]: AB13578FAB3: uid=1015 from=<www-data>
Apr  1 04:10:18 srv-mail postfix/cleanup[21182]: AB13578FAB3: message-id=<20200401041018.AB13578FAB3@www.mydomain.com>
Apr  1 04:10:18 srv-mail postfix/qmgr[6485]: AB13578FAB3: from=<www-data@www.mydomain.com>, size=7923, nrcpt=1 (queue active)
Apr  1 04:10:19 srv-mail postfix/smtp[45689]: AB13578FAB3: to=<mailbox@example.com>, relay=mx.example.com[1.1.1.1]:25, delay=11, delays=0.02/0.01/0.65/10, dsn=5.0.0, status=bounced (host mx.example.com[1.1.1.1] said: 550-Sender verification is required but failed. (ID:550:0:5 550 (smtp1.mx.example.com)): www-data@mydomain.com (in reply to MAIL FROM command))

The receiving server has too strict rules!

It just expects the “From” and the “Return-Path” headers to contain the same string – the sender’s email box.

As you can see, from the example above, the application sends all emails (from let’s say web forms) from the www-data@mydomain.com and probably the www-data is the username of the OS user, under which the application executes.
Or you want to overwrite the Return-Path because it uses the username of the application, which sent the email like “web”, “apache”, “www-data” and so on.
Here is how to overwrite the Return-Path with postfix mail system.

STEP 1) Edit postfix configuration

Add a line in /etc/postfix/main.cf (it is perfectly fine to be on the last line):

smtp_generic_maps = hash:/etc/postfix/generic

And create the file /etc/postfix/generic with mapping “old@mailbox.com new@mail.com”:

www-data@mydomain.com no-reply@domain.com

The domains of the emails may be different or the same. It doesn’t matter. If you do not know what is your “www-data@mydomain.com” the mail logs in /var/log/messages or /varlog/mail maight help to find the emailbox or just send yourself an email and look for the Return-Path.
And a real-world example for /etc/postfix/generic

www-data@www.mydomain.com no-reply@ahelpme.com

STEP 2) Generate the hash file, which postfix will use. Reload the postfix.

The postfix will use the hash file add in the configuration. Just execute:

postmap /etc/postfix/generic

The above command will create a binary file /etc/postfix/generic.db, which will be used by the postfix mail system. Do not edit the file directly. To add entry, just use a text editor and edit /etc/postfix/generic (without the “.db” suffix) and then reload/restart the postfix to enable the new configuration.
And reload (or restart) postfix with

systemctl reload postfix

or for init systems:

/etc/init.d/postfix restart

Dracut boot failed with missing device – exit and continue normal booting!

This issue deserves a much more article, in fact, a straightforward tip:

You may be able to continue a normal boot only by typing “exit” and hitting enter in the “Dracut” console.

Most of the time this Dracut console entering is caused because the system administrator of the server/machine added, replaced or deleted a RAID or similar device and forgot to update the configuration (grub2 probably). And in most of these cases, the raid is not critical for machine normal boot from the root partition, but it may be critical for the services lately. Booting in normal mode, even without some devices, is the main goal because under the normal mode it easier to repair the system.
Check out the two articles on the topic (especially the first one):

SCREENSHOT 1) Just type “exit” and hit enter.

It’s worth noting that if you executed some commands in the console and/or mounted devices to test they are with healthy file system or for whatever reason you did it, the boot process may not continue after typeing exit and probablly a reboot is required. The server will go once more in this mode and then just typing will work.

main menu
type exit

Keep on reading!

podman – Error adding network: failed to allocate for range 0: 10.88.0.46 has been allocated after server reboot

We’ve just stumbled on the following error with one of our podman CentOS 8 servers after restart:

[root@srv ~]# podman start mysql-slave
ERRO[0000] Error adding network: failed to allocate for range 0: 10.88.0.46 has been allocated to c97823be46832ddebbce29f3f51e3091620188710cb7ace246e173a7a981baed, duplicate allocation is not allowed 
ERRO[0000] Error while adding pod to CNI network "podman": failed to allocate for range 0: 10.88.0.46 has been allocated to c97823be46832ddebbce29f3f51e3091620188710cb7ace246e173a7a981baed, duplicate allocation is not allowed 
Error: unable to start container "mysql-slave": error configuring network namespace for container c97823be46832ddebbce29f3f51e3091620188710cb7ace246e173a7a981baed: failed to allocate for range 0: 10.88.0.46 has been allocated to c97823be46832ddebbce29f3f51e3091620188710cb7ace246e173a7a981baed, duplicate allocation is not allowed

Apparently, something got wrong, because the two containers were fine before restarting and they were multiple times stopped, started and restarted.

The solution is to remove IP-named files in /var/lib/cni/networks/podman and start the podman containers again.

It resembles to a bug https://github.com/containers/libpod/issues/3759, which should have already been closed by the new minor CentOS 8 releases.

The interesting part is that the container we are trying to start mysql-slave has c97823be46832ddebbce29f3f51e3091620188710cb7ace246e173a7a981baed, but it reports it cannot allocate it, because it has already been allocated to a container with the same ID. That’s the problem:

The IP-named files in /var/lib/cni/networks/podman were not removed when the podman container had stopped.

Typically, when a podman container executes a stop command, the process should remove the files in /var/lib/cni/networks/podman. Before restarting the CentOS 8 server you may need to top the podman containers for now.

[root@srv ~]# cd /var/lib/cni/networks/podman
[root@srv podman]# ls -altr
total 24
-rwxr-x---. 1 root root    0  3 Dec  0,43 lock
drwxr-xr-x. 3 root root 4096  3 Dec  0,43 ..
-rw-r--r--. 1 root root   64  9 Dec 18,34 10.88.0.46
-rw-r--r--. 1 root root   64 16 Dec 12,01 10.88.0.47
-rw-r--r--. 1 root root   10  1 Mar  9,28 last_reserved_ip.0
-rw-r--r--. 1 root root   70  1 Mar  9,28 10.88.0.49
drwxr-xr-x. 2 root root 4096  1 Mar  9,28 .
[root@srv podman]# rm 10.88.0.46
rm: remove regular file '10.88.0.46'? y
[root@srv podman]# rm 10.88.0.47
rm: remove regular file '10.88.0.47'? y
[root@srv podman]# podman start mysql-slave
mysql-slave
[root@srv podman]# podman ps
CONTAINER ID  IMAGE                           COMMAND               CREATED       STATUS            PORTS  NAMES
c97823be4683  localhost/centos-mysql-5.6:0.9  /entrypoint.sh my...  2 months ago  Up 2 minutes ago         mysql-slave
e96134b31894  docker.io/example/client:latest   start-boinc.sh        2 months ago  Up 6 minutes ago         example-client
[root@srv podman]# ls -altr
общо 20
-rwxr-x---. 1 root root    0  3 Dec  0,43 lock
drwxr-xr-x. 3 root root 4096  3 Dec  0,43 ..
-rw-r--r--. 1 root root   70  1 Mar  9,28 10.88.0.49
-rw-r--r--. 1 root root   10  1 Mar  9,32 last_reserved_ip.0
-rw-r--r--. 1 root root   70  1 Mar  9,32 10.88.0.50
drwxr-xr-x. 2 root root 4096  1 Mar  9,32 .
[root@srv podman]#

We’ve deleted the old IPs (old by date!) 10.88.0.46 and 10.88.0.47 and the mysql-slave container started successfully.

firewalld and podman (or docker) – no internet in the container and could not resolve host

If you happen to use CentOS 8 you have already discovered that Red Hat (i.e. CentOS) switch to podman, which is a fork of docker. So probably the following fix might help to someone, which does not use CentOS 8 or podman. For now, podman and docker are 99.99% the same.
So creating and starting a container is easy and in most cases one command only, but you may stumble on the error your container could not resolve or could not connect to an IP even there is a ping to the IP!
The service in the container may live a happy life without Internet access but just the mapped ports from the outside world. Still, it may happen to need Internet access, let’s say if an update should be performed.
Here is how to fix podman (docker) missing the Internet access in the container:

  • No ping to the outside world. The chances you are missing
    sysctl -w net.ipv4.ip_forward=1
    

    And do not forget to make it permanent by adding the “net.ipv4.ip_forward=1” to /etc/sysctl.conf (or a file “.conf” in /etc/sysctl.d/).

  • ping to the outside IP of the container is available, but no connection to any service is available! Probably the NAT is not enabled in your podman docker configuration. In the case with firewalld, at least, you must enable the masquerade option of the public zone
    firewall-cmd --zone=public --add-masquerade
    firewall-cmd --permanent --zone=public --add-masquerade
    

    The second command with “–permanent” is to make the option permanent over reboots.

The error – Could not resolve host (Name or service not known) despite having servers in /etc/resolv.conf and ping to them!

One may think having IPs in /etc/resolv.conf and ping to them in the container should give the container access to the Internet. But the following error occurs:

[root@srv /]# yum install telnet
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
 * base: artfiles.org
 * extras: centos.mirror.net-d-sign.de
 * updates: centos.bio.lmu.de
http://mirror.fra10.de.leaseweb.net/centos/7.7.1908/os/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: mirror.fra10.de.leaseweb.net; Unknown error"
Trying other mirror.
http://artfiles.org/centos.org/7.7.1908/os/x86_64/repodata/repomd.xml: [Errno 14] curl#6 - "Could not resolve host: artfiles.org; Unknown error"
Trying other mirror.
^C

Exiting on user cancel
[root@srv /]# ^C
[root@srv /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=5.05 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=5.06 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 5.050/5.055/5.061/0.071 ms
[root@srv ~]# cat /etc/resolv.conf 
nameserver 8.8.8.8
nameserver 8.8.4.4
[root@srv /]# ping google.com
ping: google.com: Name or service not known

The error 2 – Can’t connect to despite having ping to the IP!

[root@srv /]# ping 2.2.2.2
PING 2.2.2.2 (2.2.2.2) 56(84) bytes of data.
64 bytes from 2.2.2.2: icmp_seq=1 ttl=56 time=9.15 ms
64 bytes from 2.2.2.2: icmp_seq=2 ttl=56 time=9.16 ms
^C
[root@srv2 /]# mysql -h2.2.2.2 -uroot -p
Enter password: 
ERROR 2003 (HY000): Can't connect to MySQL server on '2.2.2.2' (113)
[root@srv2 /]#

Despite having ping the MySQL server on 2.2.2.2 and despite the firewall on 2.2.2.2 allows outside connections the container could not connect to it. And testing other services like HTTP, HTTPS, FTP and so on resulted in “unable to connect“, too. Simply because the NAT (aka masquerade is not enabled in the firewall).

Q_WEBENGINECORE_EXPORT QWebEngineFindTextResult has initializer but incomplete type

In addition to one of the cstdlib fix here – Gentoo building qtgui error – g++-v8/cstdlib:75:15: fatal error: stdlib.h: No such file or directory we were unable to to build “dev-qt/qtwebengine-5.14.1“.

It appeared the problem was a wrong order of header includes just like the cstdlib and if you have used the fix with QMAKE_CFLAGS_ISYSTEM in /usr/lib64/qt5/mkspecs/common/gcc-base.conf you would encounter this error. Revert back the original value in /usr/lib64/qt5/mkspecs/common/gcc-base.conf (and probably it is a good idea to rebuild the entire system with “emerge -e”):

QMAKE_CFLAGS_ISYSTEM = -isystem

and continue the build from the point you’ve stopped with something like:

ebuild /usr/portage/dev-qt/qtwebengine/qtwebengine-5.14.1.ebuild compile
ebuild /usr/portage/dev-qt/qtwebengine/qtwebengine-5.14.1.ebuild install
ebuild /usr/portage/dev-qt/qtwebengine/qtwebengine-5.14.1.ebuild qmerge
rm -Rf /var/tmp/portage/dev-qt/qtwebengine-5.14.1/

Keep on reading!

env python3.5: no such file or directory

The dependency conflicts may require a lot of time to resolve. On the contrary, uninstalling old software is easy, but it might lead to multiple broken programs and strange errors. Here is one of them, after removing the old python 3.4 and 3.5 (or whatever version it prints in your case) under Gentoo despite the rebuilding all dependencies as required by the emerge command for the new python 3.6 an error occurred trying to emerge the “app-misc/geoclue-2.5.3-r2

[20/75] /usr/lib/python-exec/python3.6/meson --internal exe --unpickle /var/tmp/portage/app-misc/geoclue-2.5.3-r2/work/geoclue-2.5.3-build/meson-private/meson_exe_glib-mkenums_af4feac41c42ec7289410f8b20070c0528a3a7c0.dat
FAILED: public-api/gclue-enum-types.c 
/usr/lib/python-exec/python3.6/meson --internal exe --unpickle /var/tmp/portage/app-misc/geoclue-2.5.3-r2/work/geoclue-2.5.3-build/meson-private/meson_exe_glib-mkenums_af4feac41c42ec7289410f8b20070c0528a3a7c0.dat
/usr/bin/env: âpython3.5â: No such file or directory
ninja: build stopped: subcommand failed.
 * ERROR: app-misc/geoclue-2.5.3-r2::gentoo failed (compile phase):
 *   ninja -v -j15 -l14 -C /var/tmp/portage/app-misc/geoclue-2.5.3-r2/work/geoclue-2.5.3-build failed
 * 
 * Call stack:
 *     ebuild.sh, line  125:  Called src_compile
 *   environment, line 2847:  Called meson_src_compile
 *   environment, line 1904:  Called eninja '-C' '/var/tmp/portage/app-misc/geoclue-2.5.3-r2/work/geoclue-2.5.3-build'
 *   environment, line 1274:  Called die
 * The specific snippet of code:
 *       "$@" || die "${nonfatal_args[@]}" "${*} failed"
 * 

Despite the lines starting with “/usr/lib/python-exec/python3.6/meson”, there is an error for missing “python 3.5“.

Here is another example, just trying to execute the distcc-config and it immediately throws the error for missing “python 3.5“.

root@srv ~ # distcc-config 
/usr/bin/env: ‘python3.5’: No such file or directory

The python script distcc-config starts with:

root@srv ~ $ head /usr/bin/distcc-config
#!/usr/bin/env python3.5
# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

import os, re, signal, subprocess, sys

options=[
        '--get-hosts',
        '--set-hosts',
        '--get-verbose',

Apparently, multiple programs use this technic to explicitly put a specific version of python in the header of the python script to be used. Thus grantees the version in the header will be used even you change the system or user-preferred Python interpreter.

But uninstalling this python version all these programs will stop working till you rebuild them with emerge.
Keep on reading!

gentoo emerge resume – Invalid resume list and clean the list

Under Gentoo and emerge it will eventually end up using “–resume” paired with “–skipfirst” emerge command, which should resume last list of packages to build without the first one. Each execution of emerge command should reset the list but apparently it might not be the case (in fact two lists are kept – resume and resume_backup, read below).
The command just reads a list of packages and emerges them – it’s fast and it does not go through the whole process of dependancy check! But sometimes the list could be old or get corrupted or it just throws errors for “Invalid resume list“:

dekstop ~ # emerge --resume --skipfirst

These are the packages that would be merged, in order:

Calculating dependencies... done!
 * Invalid resume list:
 * 
 *   ('ebuild', '/', 'kde-frameworks/kpty-5.66.0', 'merge')
 *   ('ebuild', '/', 'kde-plasma/libkscreen-5.17.5', 'merge')
 *   ('ebuild', '/', 'kde-apps/kmbox-19.12.1', 'merge')
 *   ('ebuild', '/', 'kde-frameworks/kdesignerplugin-5.66.0', 'merge')
 *   ('ebuild', '/', 'kde-plasma/kwayland-integration-5.17.5', 'merge')
 *   ('ebuild', '/', 'kde-plasma/xembed-sni-proxy-5.17.5', 'merge')
 *   ('ebuild', '/', 'net-libs/accounts-qml-0.7-r1', 'merge')
 *   ('ebuild', '/', 'kde-apps/akonadi-notes-19.12.1', 'merge')
....
....
 * One or more packages are either masked or have missing dependencies:
 * 
 *   dev-lang/python:3.4[xml(+)] pulled in by:
 *     (dev-python/setuptools-40.6.2:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.5[xml(+)] pulled in by:
 *     (dev-python/setuptools-40.6.2:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.4 pulled in by:
 *     (dev-python/certifi-2018.8.24:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.5 pulled in by:
 *     (dev-python/certifi-2018.8.24:0/0::gentoo, installed)
 * 
 *   dev-libs/openssl:0/0= pulled in by:
 *     (dev-lang/python-2.7.17-r1:2.7/2.7::gentoo, installed)
 * 
 *   dev-lang/python:3.5 pulled in by:
 *     (dev-util/glib-utils-2.56.2:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.4 pulled in by:
 *     (sys-apps/file-5.35:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.5 pulled in by:
 *     (sys-apps/file-5.35:0/0::gentoo, installed)
 * 
 *   >=dev-libs/icu-58.1:0/60.2= pulled in by:
 *     (dev-lang/spidermonkey-52.9.1_pre1:52/52::gentoo, installed)
....
....
 *   dev-lang/python:3.4 pulled in by:
 *     (virtual/python-enum34-1:0/0::gentoo, installed)
 * 
 *   dev-lang/python:3.5 pulled in by:
 *     (virtual/python-enum34-1:0/0::gentoo, installed)
 * 
 *   dev-libs/openssl:0/0= pulled in by:
 *     (dev-lang/python-3.7.6:3.7/3.7m::gentoo, installed)
 * 
 * The resume list contains packages that are either masked or have
 * unsatisfied dependencies. Please restart/continue the operation
 * manually, or use --skipfirst to skip the first package in the list and
 * any other packages that may be masked or have missing dependencies.

Not all packages are included above, but it is clear that the list includes packages not only from the last emerge command. The list includes multiple old packages and dependencies about python:3.4, python:3.5, openssl:0/0.
The list is located in the binary file: /var/cache/edb/mtimedb and to clean the list you should execute:

desktop ~ # emaint --fix cleanresume
Emaint: fix cleanresume    100% [============================================>]

It is safe to the directory, too:

rm -Rf /var/cache/edb/

emaint is part of the sys-apps/portage package, so the program should always be available in the system.

*Bonus 1 – old packages

There is one more problem in the above example! In fact, you may clear the resume list with emaint or remove the whole directory “/var/cache/edb”, but still to receive such errors let’s say resuming log lists like KDE, gnome, qt packages (packages with many dependencies).

This problem persists not only with “–resume”, but also with “–keep-going” option!

When using “–keep-going” option you’ll get the same errors after the line “One or more packages are either masked or have missing dependencies”. So it is not an option, which may replace the “–resume” option.

Even all dependencies were resolved when the emerge list was generated when resuming a list of packages may throw errors for packages, which pull old packages because they had not been rebuilt against the updated of some of their dependencies. For example, simple enough from the above emerge resume command:
Some packages of our KDE resume list depends on the “dev-python/setuptools”, which has not been rebuilt against the new python (or after a removed old version python 3.4 and 3.5 or even another [old] package depends on the old python 3.5 and dev-python/setuptools, which has not been rebuilt after the python 3.4/3.5 removal!) and now this is a problem to resume the emerge list.

The solution is to take all those packages (after the line “One or more packages are either masked or have missing dependencies”) and rebuild or remove them.

Keep on reading!

meson.build – ERROR: Dependency “x11” not found, tried pkgconfig and cmake

Another day and another major update exposed an error of missing the “x11” library. Apparently, the pkg-config got corrupted for X11 library. Most of the time the error is self-explanatory, but sometimes it is too generic like:

Run-time dependency x11 found: NO (tried pkgconfig and cmake)

meson.build:412:2: ERROR: Dependency "x11" not found, tried pkgconfig and cmake

The name “x11” is a part of multiple libraries:

srv ~ # pkg-config --list-all |grep x11

gdkglext-1.0                               GdkGLExt - OpenGL Extension to GDK (x11 target)
gdk-2.0                                    GDK - GTK+ Drawing Kit (x11 target)
gtk+-2.0                                   GTK+ - GTK+ Graphical UI Library (x11 target)
gdkglext-x11-1.0                           GdkGLExt - OpenGL Extension to GDK (x11 target)
x11-xcb                                    X11 XCB - X Library XCB interface
gdk-x11-3.0                                GDK - GTK+ Drawing Kit
gdk-x11-2.0                                GDK - GTK+ Drawing Kit (x11 target)
gtkglext-1.0                               GtkGLExt - OpenGL Extension to GTK+ (x11 target)
x11                                        X11 - X Library
xkbcommon-x11                              xkbcommon-x11 - XKB API common to servers and clients - X11 support
scim-x11utils                              scim-x11utils - X11 Utilities for Smart Common Input Method platform
clutter-x11-1.0                            Clutter - Clutter Core Library
gtk+-x11-3.0                               GTK+ - GTK+ Graphical UI Library
libva-x11                                  libva-x11 - Userspace Video Acceleration (VA) x11 interface
gtkglext-x11-1.0                           GtkGLExt - OpenGL Extension to GTK+ (x11 target)
gtk+-x11-2.0                               GTK+ - GTK+ Graphical UI Library (x11 target)

The above example is of working x11 library pkg-config. In our broken system the 10th line was missing.
Keep on reading!

libselinux – undefined reference to pcre_version

Emerging the “sys-libs/libselinux-2.9-r1” failed with this link errors of undefined references

/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_version':
regex.c:(.text+0x30): undefined reference to `pcre_version'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_writef':
regex.c:(.text+0x95): undefined reference to `pcre_fullinfo'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.c:(.text+0xf6): undefined reference to `pcre_fullinfo'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_data_free':
regex.c:(.text+0x1eb): undefined reference to `pcre_free'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.c:(.text+0x200): undefined reference to `pcre_free_study'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_prepare_data':
regex.c:(.text+0x26d): undefined reference to `pcre_compile'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.c:(.text+0x28f): undefined reference to `pcre_study'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_load_mmap':
regex.c:(.text+0x385): undefined reference to `pcre_fullinfo'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.c:(.text+0x3ed): undefined reference to `pcre_fullinfo'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_match':
regex.c:(.text+0x494): undefined reference to `pcre_exec'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.lo: in function `regex_cmp':
regex.c:(.text+0x502): undefined reference to `pcre_fullinfo'
/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/../../../../x86_64-pc-linux-gnu/bin/ld: regex.c:(.text+0x51a): undefined reference to `pcre_fullinfo'
collect2: error: ld returned 1 exit status
make[1]: *** [Makefile:148: libselinux.so.1] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/var/tmp/portage/sys-libs/libselinux-2.9-r1/work/libselinux-2.9-abi_x86_32.x86/src'
make: *** [Makefile:44: all] Error 1
 * ERROR: sys-libs/libselinux-2.9-r1::gentoo failed (compile phase):
 *   emake failed
 *
 * If you need support, post the output of `emerge --info '=sys-libs/libselinux-2.9-r1::gentoo'`,
 * the complete build log and the output of `emerge -pqv '=sys-libs/libselinux-2.9-r1::gentoo'`.
 * The complete build log is located at '/var/tmp/portage/sys-libs/libselinux-2.9-r1/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/sys-libs/libselinux-2.9-r1/temp/environment'.
 * Working directory: '/var/tmp/portage/sys-libs/libselinux-2.9-r1/work/libselinux-2.9-abi_x86_32.x86'
 * S: '/var/tmp/portage/sys-libs/libselinux-2.9-r1/work/libselinux-2.9'

>>> Failed to emerge sys-libs/libselinux-2.9-r1, Log file:

>>>  '/var/tmp/portage/sys-libs/libselinux-2.9-r1/temp/build.log'

 * Messages for package sys-libs/libselinux-2.9-r1:

 * ERROR: sys-libs/libselinux-2.9-r1::gentoo failed (compile phase):
 *   emake failed
 *
 * If you need support, post the output of `emerge --info '=sys-libs/libselinux-2.9-r1::gentoo'`,
 * the complete build log and the output of `emerge -pqv '=sys-libs/libselinux-2.9-r1::gentoo'`.
 * The complete build log is located at '/var/tmp/portage/sys-libs/libselinux-2.9-r1/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/sys-libs/libselinux-2.9-r1/temp/environment'.
 * Working directory: '/var/tmp/portage/sys-libs/libselinux-2.9-r1/work/libselinux-2.9-abi_x86_32.x86'
 * S: '/var/tmp/portage/sys-libs/libselinux-2.9-r1/work/libselinux-2.9'

The solution was to rebuild the dev-libs/libpcre and dev-libs/libpcre2 libraries.

emerge -va dev-libs/libpcre dev-libs/libpcre2

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild     U  ] dev-libs/libpcre-8.43:3::gentoo [8.42:3::gentoo] USE="bzip2 cxx jit pcre16 readline recursion-limit (split-usr%*) (static-libs) (unicode) zlib -libedit -pcre32" ABI_X86="32 (64) (-x32)" 1540 KiB
[ebuild     U  ] dev-libs/libpcre2-10.34::gentoo [10.32::gentoo] USE="bzip2 jit pcre16 pcre32* readline recursion-limit (split-usr%*) unicode zlib -libedit -static-libs" ABI_X86="32 (64) (-x32)" 1676 KiB

Total: 2 packages (2 upgrades), Size of downloads: 3216 KiB

if you encounter the error above even you are not using Gentoo probably the problem is your libpcre/libpcre2 library and try to rebuild it or include the proper path to the library and its headers.

aplty – unable to find control.tar.gz part in package – change deb package compression from xz to gzip

We upgraded to a new version of Ubuntu and our CI (continuous integration) scripts began to throw errors when uploading packages to out aptly repository:

"Report":{"Warnings":["Unable to read file /srv/aptly/.aptly/upload/mysoft/mysoft-6.15-pk19.deb: unable to find control.tar.gz part in package /srv/aptly/.aptly/upload/mysoft/mysoft-6.15-pk19.deb"],"Added":[],"Removed":[]}}

But if the same command:

dpkg-deb --build $PKGNAME

is executed on our older Ubuntu 16 everyhting is perfect and no error when uploading the package in the repository.

It turns out the new version of dpkg 1.19.0 the dpkg-deb will compress the deb file with XZ by default. Before version 1.19 the default compression is gzip.

You may upgrade your aptly installation to 1.20 and above or just fix your script to use “-Zgzip” with dpkg-deb

dpkg-deb -Zgzip --build $PKGNAME

This command will force the dpkg-deb to use gzip to compress the debian package.

Change the compression of existing deb package

Thanks to the aptly bug report – https://github.com/aptly-dev/aptly/issues/655 (hopes this link stays forever) you may have a workarround to decompress and comrpess an existing package with antoher algorythm

dpkg-deb -R package.deb tmp
rm package.deb
fakeroot dpkg-deb -Zgzip -b tmp package.deb
rm -rf tmp