zoneminder not exists in lastest FreeBSD-12 pkg database.

R

robot468

http://pkg.freebsd.org/FreeBSD:12:amd64/latest/packagesite.txz have no zoneminder package

http://pkg.freebsd.org/FreeBSD:12:amd64/quarterly/packagesite.pkg have it

Why?

UPD. Also zoneminder from ports refuses to build too:


Code: 
root@proviant:/usr/ports/multimedia/zoneminder # make install clean
===>  License GPLv2 accepted by the user
===>   zoneminder-1.36.5 depends on file: /usr/local/sbin/pkg - found
=> zoneminder-zoneminder-1.36.5_GH0.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz
fetch: https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz: size unknown
fetch: https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz: size of remote file is not known
zoneminder-zoneminder-1.36.5_GH0.tar.gz                 10 MB 1861 kBps    06s
=> Fetched file size mismatch (expected 11347787, actual 11347838)
=> Trying next site
=> Attempting to fetch http://distcache.FreeBSD.org/ports-distfiles/zoneminder-zoneminder-1.36.5_GH0.tar.gz
fetch: http://distcache.FreeBSD.org/ports-distfiles/zoneminder-zoneminder-1.36.5_GH0.tar.gz: Not Found
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/multimedia/zoneminder
*** Error code 1

Stop.
 
Looks like you answered your own question.
The port is not in latest because FreeBSD Package building cluster cannot find the distfile.
robot468 said:
Couldn't fetch it - please try to retrieve this => port manually into /usr/ports/distfiles/ and try again.
Click to expand...
Have you tried this?
 
robot468 said:
Fetched file size mismatch (expected 11347787, actual 11347838)
Click to expand...
The problem is not that the file is not found but that the file fails a check of its size.
You can override this.
But you need to keep in mind why is the dist file different than expected.
Could be a ports build error or bad download.
There could have also been an unversioned security fix in the github repo.

Like said you can override it but you better have a good reason.
Which brings me to my next point.
Why is using latest build so important to you?
 
 
Something weird is going on. After it fails checksum with github autogenerated tarball it tries this.
robot468 said:
fetch: http://distcache.FreeBSD.org/ports-distfiles/zoneminder-zoneminder-1.36.5_GH0.tar.gz: Not Found
Click to expand...
Wonder why this failed too.

One thing I would recommend is delete the current bad distfile and try and make clean and then run make again.
You may have had a bad download and with no second file site working it bombs out. So clean and retry.

With latest packages lacking this I suspect grahamperrin is correct in his diagnosis.
Autogenerated tarballs sound like a really bad idea. Especially with no valid secondary source.
 
In some ways this sounds different than what grahamperrin is thinking.
In that case (net-im/scli) the file size was the same it was just that checksum different
(It was assumed that it was regenerated by github tooling change)

In this case the file size is different. That issue seems different but along the same lines.
Github did something different and we are left guessing.
 
Phishfry said:
suspect grahamperrin is correct in his diagnosis
Click to expand...

(I shouldn't take credit for diagnosis; I've been reading other people's diagnoses of mismatches such as this over a period of some months. In many/most such cases, the finger of suspicion points at GitHub. It's nice to find something fairly definitive in Stack Exchange.)
 
Phishfry said:
Wonder why this failed too.
Click to expand...

I haven't given it much thought before, but logically: if a mismatch results, maybe repeatedly, from a fetch, then maybe it (eventually) triggers a purge from FreeBSD's distribution cache.

Like, if there is (or might be) something wrong with a file, it makes little sense to blindly distribute something that's suspicious.

A security expert might tear me to shreds for that thought :-) but there it is.
 
Phishfry said:
The port is not in latest because FreeBSD Package building cluster cannot find the distfile.
Click to expand...
This was just a suspicion on my part. When the package builder halts on a package it spews out a message to the freebsd-ports mailing list.

I see no such message for zoneminder yet is is not present in latest.
 
I think this might be a good question for the ports manager.
Regenerating sounds good unless the repository is really compromised.
I wonder why the bit count is different.
If the file had a payload the size would be slightly bigger. That is my worry. This file is 51 bytes bigger.
But the file is generated from a tree. So has the tree changed? I don't know how to track git changes.

Holiday weekends seem to be a common infliction point for mischief.
The bad guys realize the team is away and use it. I tend to assume the worst case scenario.

If you could pinpoint when(or if) the change occurred to the repo?
As a port maintainer I would be verifying you actually updated the checksums on your port last update.
Could be a simple port error. Check the checksum file date.
 
Phishfry said:
The problem is not that the file is not found but that the file fails a check of its size.
You can override this.
But you need to keep in mind why is the dist file different than expected.
Could be a ports build error or bad download.
There could have also been an unversioned security fix in the github repo.

Like said you can override it but you better have a good reason.
Which brings me to my next point.
Why is using latest build so important to you?
Click to expand...
Thanks for answer. No, using the latest build is not important. How can i install previous version without downgrading whiole pkg repo to quarterly? And how can i override this whithout manually editing distinfo? thanks
 
 
robot468 said:
… seems to be a bug of github, not freebsd …
Click to expand...

I suspect that some such changes are unavoidable on the GitHub side. If I recall correctly there was a SourceForge example not long ago.

The FreeBSD bug is essentially for the maintainer to take necessary action in response to the change.
 
Looks like it still compiles for me
Code: 
root@workshop:/usr/ports/multimedia/zoneminder # make
===>  License GPLv2 accepted by the user
===>   zoneminder-1.36.5 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by zoneminder-1.36.5 for building
===>  Extracting for zoneminder-1.36.5
=> SHA256 Checksum OK for zoneminder-zoneminder-1.36.5_GH0.tar.gz.
=> SHA256 Checksum OK for FriendsOfCake-crud-0bd63fb_GH0.tar.gz.
=> SHA256 Checksum OK for ZoneMinder-CakePHP-Enum-Behavior-ea90c0c_GH0.tar.gz.
=> SHA256 Checksum OK for ZoneMinder-RtspServer-cd7fd49_GH0.tar.gz.
 
abishai said:
=> SHA256 Checksum OK for zoneminder-zoneminder-1.36.5_GH0.tar.gz.
Click to expand...

Maybe you already had a local copy of the distfile? What's the size of the file?


For what's fetched, there's still a mismatch (11347838 does not match what's in distinfo):

Code: 
% fetch --output=/tmp/test --verbose 'https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz'
resolving server address: codeload.github.com:443
SSL options: 82004854
Peer verification enabled
Using CA cert file: /usr/local/etc/ssl/cert.pem
Verify hostname
TLSv1.3 connection established using TLS_AES_128_GCM_SHA256
Certificate subject: /C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.com
Certificate issuer: /C=US/O=DigiCert, Inc./CN=DigiCert High Assurance TLS Hybrid ECC SHA256 2020 CA1
requesting https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz
remote size / mtime: 11347838 / 0
/tmp/test                                               10 MB 7022 kBps    02s
% sudo git -C /usr/doc pull --ff-only && git -C /usr/ports pull --ff-only && git -C /usr/src pull --ff-only
grahamperrin's password:
remote: Enumerating objects: 11, done.
remote: Counting objects: 100% (11/11), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 6 (delta 3), reused 3 (delta 0), pack-reused 0
Unpacking objects: 100% (6/6), 28.18 KiB | 655.00 KiB/s, done.
From https://github.com/grahamperrin/freebsd-doc
   de40a0d46f..178e3e3aff  main       -> grahamperrin/main
Updating de40a0d46f..178e3e3aff
Fast-forward
 documentation/static/pgpkeys/bofh.key | 891 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------
 1 file changed, 550 insertions(+), 341 deletions(-)
error: cannot open .git/FETCH_HEAD: Permission denied
% su -
Password:
root@mowa219-gjp4-8570p-freebsd:~ # git -C /usr/doc pull --ff-only && git -C /usr/ports pull --ff-only && git -C /usr/src pull --ff-only
Already up to date.
remote: Enumerating objects: 168, done.
…

Code: 
…
root@mowa219-gjp4-8570p-freebsd:~ # exit
logout
% grep zoneminder-zoneminder-1.36.5_GH0.tar.gz /usr/ports/multimedia/zoneminder/distinfo
SHA256 (zoneminder-zoneminder-1.36.5_GH0.tar.gz) = c618a0aaf23739ed31ce529245dee9dc7219f3abbcbdbb4c227872545b1bf6f1
SIZE (zoneminder-zoneminder-1.36.5_GH0.tar.gz) = 11347787
%
 
You are right, my file is cached from the time I QA the port before making a PR.
Code: 
root@workshop:/usr/ports/multimedia/zoneminder # sha256 /var/ports/distfiles/zoneminder-zoneminder-1.36.5_GH0.tar.gz
SHA256 (/var/ports/distfiles/zoneminder-zoneminder-1.36.5_GH0.tar.gz) = c618a0aaf23739ed31ce529245dee9dc7219f3abbcbdbb4c227872545b1bf6f1
Code: 
root@workshop:/usr/ports/multimedia/zoneminder # fetch --output=/tmp/zm 'https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz'
fetch: https://codeload.github.com/zoneminder/zoneminder/tar.gz/1.36.5?dummy=/zoneminder-zoneminder-1.36.5_GH0.tar.gz: size of remote file is not known
/tmp/zm/zoneminder-zoneminder-1.36.5_GH0.tar.g          10 MB 9330 kBps    01s
root@workshop:/usr/ports/multimedia/zoneminder # sha256 /tmp/zm/zoneminder-zoneminder-1.36.5_GH0.tar.gz
SHA256 (/tmp/zm/zoneminder-zoneminder-1.36.5_GH0.tar.gz) = 20f9363330d28a86b882e93092ab6fc6b702cb70ab7ed6a59c12dbeb32646335

Distinfo: c618a0aaf23739ed31ce529245dee9dc7219f3abbcbdbb4c227872545b1bf6f1

So, the only thing left is to compare two tarballs and check for difference.
 
grahamperrin said:
  1. <https://pkg.freebsd.org/FreeBSD:12:amd64/quarterly/All/zoneminder-1.36.5.pkg>
  2. pkg-add(8)
Click to expand...

php74, on which zoneminder depends, seems to be also absent completely in Latest repo:

Code: 
root@proviant:~r4/pkg # pkg add zoneminder-1.36.5.pkg
Installing zoneminder-1.36.5...
pkg: Missing dependency 'php74-ctype'

Failed to install the following 1 package(s): zoneminder-1.36.5.pkg
root@proviant:~r4/pkg # pkg search php74
root@proviant:~r4/pkg #

in quarterly it exists
 
Rather confusing. It's not that github regenerated tarball, but sources indeed changed. Nothing criminal though.

Code: 
abishai@moonstar:/tmp/zm % diff -ruN bad/zoneminder-1.36.5/ good/zoneminder-1.36.5/
diff -ruN bad/zoneminder-1.36.5/CMakeLists.txt good/zoneminder-1.36.5/CMakeLists.txt
--- bad/zoneminder-1.36.5/CMakeLists.txt    2021-06-22 21:34:01.000000000 +0300
+++ good/zoneminder-1.36.5/CMakeLists.txt    2021-06-22 21:35:13.000000000 +0300
@@ -189,8 +189,14 @@
   "Relative path used to install ZoneMinder's Man pages into a
     non-standard folder. Most Linux users will not need to change this.
     BSD users may need to set this.")
+set(ZM_CAKEPHP_CACHE "Apc" CACHE STRING
+  "Set the CakePHP cache engine, default: Apc")
 
 # Reassign some variables if a target distro has been specified
+if(ZM_TARGET_DISTRO MATCHES "^fc")
+  set(ZM_CAKEPHP_CACHE "Memcached")
+endif()
+
 if((ZM_TARGET_DISTRO MATCHES "^el") OR (ZM_TARGET_DISTRO MATCHES "^fc"))
   set(ZM_RUNDIR "/var/run/zoneminder")
   set(ZM_SOCKDIR "/var/lib/zoneminder/sock")
diff -ruN bad/zoneminder-1.36.5/distros/fedora/zoneminder.spec good/zoneminder-1.36.5/distros/fedora/zoneminder.spec
--- bad/zoneminder-1.36.5/distros/fedora/zoneminder.spec    2021-06-22 21:34:01.000000000 +0300
+++ good/zoneminder-1.36.5/distros/fedora/zoneminder.spec    2021-06-22 21:35:13.000000000 +0300
@@ -17,16 +17,21 @@
 # This will tell zoneminder's cmake process we are building against a known distro
 %global zmtargetdistro %{?rhel:el%{rhel}}%{!?rhel:fc%{fedora}}
 
-# Fedora needs apcu backwards compatibility module
-%if 0%{?fedora}
-%global with_apcu_bc 1
-%endif
-
 # Newer php's keep json functions in a subpackage
 %if 0%{?fedora} || 0%{?rhel} >= 8
 %global with_php_json 1
 %endif
 
+# el7 uses cmake3 package and macros
+%if 0%{?rhel} == 7
+%global cmake %{cmake3}
+%global cmake_build %{cmake3_build}
+%global cmake_install %{cmake3_install}
+%global cmake_pkg_name cmake3
+%else
+%global cmake_pkg_name cmake
+%endif
+
 # The default for everything but el7 these days
 %global _hardened_build 1
 
@@ -56,7 +61,7 @@
 BuildRequires: mariadb-devel
 BuildRequires: perl-podlators
 BuildRequires: polkit-devel
-BuildRequires: cmake3
+BuildRequires: %{cmake_pkg_name}
 BuildRequires: gnutls-devel
 BuildRequires: bzip2-devel
 BuildRequires: pcre-devel
@@ -116,8 +121,8 @@
 Requires: php-common
 Requires: php-gd
 %{?with_php_json:Requires: php-json}
-Requires: php-pecl-apcu
-%{?with_apcu_bc:Requires: php-pecl-apcu-bc}
+%{?fedora:Requires: php-pecl-memcached}
+%{?rhel:Requires: php-pecl-apcu}
 Requires: cambozola
 Requires: net-tools
 Requires: psmisc
@@ -216,16 +221,16 @@
 # See https://fedoraproject.org/wiki/LTOByDefault
 %define _lto_cflags %{nil}
 
-%cmake3 \
+%cmake \
         -DZM_WEB_USER="%{zmuid_final}" \
         -DZM_WEB_GROUP="%{zmgid_final}" \
         -DZM_TARGET_DISTRO="%{zmtargetdistro}" \
         .
 
-%cmake3_build
+%cmake_build
 
 %install
-%cmake3_install
+%cmake_install
 
 desktop-file-install                    \
     --dir %{buildroot}%{_datadir}/applications    \
@@ -427,6 +432,10 @@
 %changelog
 * Tue Jun 22 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.5-1
 - 1.36.5 release
+
+* Fri Jun 18 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.4-2
+- apcu-bc deprecated on fedora, use memcached instead
+- only refer to cmake3 when building on el7
 
 * Tue Jun 08 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.4-1
 - 1.36.4 release
File bad/zoneminder-1.36.5/distros/opensuse/redalert.wav is not a regular file or directory and was skipped
diff -ruN bad/zoneminder-1.36.5/distros/redhat/zoneminder.spec good/zoneminder-1.36.5/distros/redhat/zoneminder.spec
--- bad/zoneminder-1.36.5/distros/redhat/zoneminder.spec    2021-06-22 21:34:01.000000000 +0300
+++ good/zoneminder-1.36.5/distros/redhat/zoneminder.spec    2021-06-22 21:35:13.000000000 +0300
@@ -17,16 +17,21 @@
 # This will tell zoneminder's cmake process we are building against a known distro
 %global zmtargetdistro %{?rhel:el%{rhel}}%{!?rhel:fc%{fedora}}
 
-# Fedora needs apcu backwards compatibility module
-%if 0%{?fedora}
-%global with_apcu_bc 1
-%endif
-
 # Newer php's keep json functions in a subpackage
 %if 0%{?fedora} || 0%{?rhel} >= 8
 %global with_php_json 1
 %endif
 
+# el7 uses cmake3 package and macros
+%if 0%{?rhel} == 7
+%global cmake %{cmake3}
+%global cmake_build %{cmake3_build}
+%global cmake_install %{cmake3_install}
+%global cmake_pkg_name cmake3
+%else
+%global cmake_pkg_name cmake
+%endif
+
 # The default for everything but el7 these days
 %global _hardened_build 1
 
@@ -56,7 +61,7 @@
 BuildRequires: mariadb-devel
 BuildRequires: perl-podlators
 BuildRequires: polkit-devel
-BuildRequires: cmake3
+BuildRequires: %{cmake_pkg_name}
 BuildRequires: gnutls-devel
 BuildRequires: bzip2-devel
 BuildRequires: pcre-devel
@@ -116,8 +121,8 @@
 Requires: php-common
 Requires: php-gd
 %{?with_php_json:Requires: php-json}
-Requires: php-pecl-apcu
-%{?with_apcu_bc:Requires: php-pecl-apcu-bc}
+%{?fedora:Requires: php-pecl-memcached}
+%{?rhel:Requires: php-pecl-apcu}
 Requires: cambozola
 Requires: net-tools
 Requires: psmisc
@@ -216,16 +221,16 @@
 # See https://fedoraproject.org/wiki/LTOByDefault
 %define _lto_cflags %{nil}
 
-%cmake3 \
+%cmake \
         -DZM_WEB_USER="%{zmuid_final}" \
         -DZM_WEB_GROUP="%{zmgid_final}" \
         -DZM_TARGET_DISTRO="%{zmtargetdistro}" \
         .
 
-%cmake3_build
+%cmake_build
 
 %install
-%cmake3_install
+%cmake_install
 
 desktop-file-install                    \
     --dir %{buildroot}%{_datadir}/applications    \
@@ -427,6 +432,10 @@
 %changelog
 * Tue Jun 22 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.5-1
 - 1.36.5 release
+
+* Fri Jun 18 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.4-2
+- apcu-bc deprecated on fedora, use memcached instead
+- only refer to cmake3 when building on el7
 
 * Tue Jun 08 2021  Andrew Bauer <zonexpertconsulting@outlook.com> - 1.36.4-1
 - 1.36.4 release
diff -ruN bad/zoneminder-1.36.5/web/api/app/Config/bootstrap.php.in good/zoneminder-1.36.5/web/api/app/Config/bootstrap.php.in
--- bad/zoneminder-1.36.5/web/api/app/Config/bootstrap.php.in    2021-06-22 21:34:01.000000000 +0300
+++ good/zoneminder-1.36.5/web/api/app/Config/bootstrap.php.in    2021-06-22 21:35:13.000000000 +0300
@@ -23,7 +23,7 @@
  */
 
 // Setup a 'default' cache configuration for use in the application.
-Cache::config('default', array('engine' => 'Apc'));
+Cache::config('default', array('engine' => '@ZM_CAKEPHP_CACHE@'));
 
 /**
  * The settings below can be used to set additional paths to models, views and controllers.
 
robot468 said:
php74
Click to expand...

<https://pkg-status.freebsd.org/builds?type=package&jailname=123amd64> nothing yet.

<https://pkg-status.freebsd.org/builds?type=package&jailname=122amd64> leads indirectly to what's currently the latest complete build, <http://beefy6.nyi.freebsd.org/build.html?mastername=122amd64-default&build=b62f24f32e66> where lang/php74 succeeded:

1641048590617.png


<http://beefy6.nyi.freebsd.org/data/122amd64-default/b62f24f32e66/logs/php74-7.4.27.log> build started at Thu Dec 30 01:13:42 UTC 2021 so if the overall build was good enough, I guess that 7.4.27 will appear in its slot at <https://www.freshports.org/lang/php74/#packages> within the next two or three days.
 
grahamperrin said:
Is this a match?

<https://github.com/ZoneMinder/zonem...43380278dd173e1c51f566180c873697?diff=unified> (2021-06-18) in the master branch alone.

It falls within the period (12th-22nd June) covered by <https://github.com/ZoneMinder/zoneminder/compare/1.36.4...1.36.5> but I don't see it there (and don't expect to, because it's master alone).
Click to expand...
Looks like. Not sure how this commit was propagated to tag revision without any notice, but it least we can be sure it wasn't a hack.
 
abishai said:
Nothing criminal though.
Click to expand...
That is a relief. My peabrain had the NSA hacking github tools for autogenerating tarballs.

User is in Russia and digital war is near.
Its going to get freaky for open source.

Backstory:
During recent nation state actor skirimshes it was revealed that US had a video feed on the dorm that housed Russian hackers. Sure it could be a camera firmware hack. But my mind went straight to zoneminder.
Who knows where it is in use. I could see security based software to be high on the hitlist.
Why hack one camera when you could get the whole system.
 
You must log in or register to reply here.
Back
Top