# Kerberos fails to compile (mit-krb5)

## Stormblazer

As the title says, kerberos simply refuses to compile:

Error message is:

```
threads.c -o threads.so.o && mv -f threads.so.o threads.so

threads.c: In function `krb5int_pthread_loaded':

threads.c:145: error: `pthread_mutexattr_setrobust_np' undeclared (first use in this function)

threads.c:145: error: (Each undeclared identifier is reported only once

threads.c:145: error: for each function it appears in.)

make[2]: *** [threads.so] Error 1

make[2]: Leaving directory `/var/tmp/portage/mit-krb5-1.4.3/work/krb5-1.4.3/src/util/support'

make[1]: *** [all-recurse] Error 1

make[1]: Leaving directory `/var/tmp/portage/mit-krb5-1.4.3/work/krb5-1.4.3/src/util'

make: *** [all-recurse] Error 1

!!! ERROR: app-crypt/mit-krb5-1.4.3 failed.

Call stack:

  ebuild.sh, line 1526:   Called dyn_compile

  ebuild.sh, line 923:   Called src_compile

  mit-krb5-1.4.3.ebuild, line 53:   Called die

```

the USE vars relevant to this package were set as follows, with + meaning enabled: "+berkdb +ipv6 +tcltk -doc -krb4 -static -tetex"

----------

## mars-red

Hm, looks like posix thread thing.  Do you have either "posix" or "threads" anywhere in your USE flags?  Perhaps try adding them if not (or enabling them if they're explicitly turned off).

----------

## CrazyPyro

Did you just recently upgrade your GCC or glibc?  I just got the exact same error while doing an emerge -e system after upgrading to gcc-3.4.6 and glibc-2.4-r1.  It obviously worked once in the past, but not now.  My USE flags are the same, minus the tcltk support.  I am also using -mno-tls-direct-seg-refs in my CFLAGS and "nptl nptlonly" in my global USE. (I don't think  any of that has changed since the last emerge of mit-krb5 though.)

----------

## Stormblazer

 *CrazyPyro wrote:*   

> Did you just recently upgrade your GCC or glibc?  I just got the exact same error while doing an emerge -e system after upgrading to gcc-3.4.6 and glibc-2.4-r1.  It obviously worked once in the past, but not now.  My USE flags are the same, minus the tcltk support.  I am also using -mno-tls-direct-seg-refs in my CFLAGS and "nptl nptlonly" in my global USE. (I don't think  any of that has changed since the last emerge of mit-krb5 though.)

 

This is a new installation, and yes, the gcc and glibc were both very recently updated (after they were initially installed).

I do have threads and posix enabled, and I already tried removing the tcltk USE flag, same result.

Seeing as this is a major source of encryption support accross the board, I really need this to work, if anyone else has any ideas, I'd love to hear them.

----------

## mars-red

I found a page cached by google here: http://72.14.203.104/search?q=cache:2gjtNdFJUQ8J:mirrors.evrocom.net/fedora/linux/core/development/ia64/repodata/repoview/krb5-server-0-1.4.3-3.html+%2B%22pthread_mutexattr_setrobust_np%22+%2B%22kerberos%22&hl=en&gl=us&ct=clnk&cd=6

Note the changelog for version 1.43-3 (this page appears to just be for the server for IA64 architecture) - the interesting thing is that it mentions something relating to this problem:

```

* Thu Jan 19 17:00:00 2006 Nalin Dahyabhai <nalin{%}redhat{*}com> 1.4.3-3

    - rebuild properly when pthread_mutexattr_setrobust_np() is defined but not

      declared, such as with recent glibc when _GNU_SOURCE isn't being used

```

I just found this bug report for the issue: http://mailman.mit.edu/pipermail/krb5-bugs/2006-January/004205.html  At the bottom there is a patch - if you'd like to try the patch but aren't sure how to implement it then PM me - I don't mind trying to work with you on that - should be fairly straightforward.

-Max

----------

## tedj

Patch worked for me. Thx for the pointer.

----------

## evilshenaniganz

The patch appears to have worked for me as well.  I just thought I'd add a little more redundancy to the forums (on the subject of patching) by showing how I got it to work.

First, I am in this boat because I recently updated my toolchain from gcc-3.4.5 to gcc-3.4.6, and more importantly from glibc-2.3.5 to glibc-2.4-r1.  glibc-2.4-r1 is a bit different animal because it does not allow omission of the nptlonly flag anymore.  I managed to get these working patches into the tree because mit-krb5-1.4.3 is only one part of an emerge -ve system.  Here's how I went about it.

These two patches come courtesy of MIT.  Start off by creating these two files in your portage/app-crypt/mit-krb5/files directory with the following patch code:

mit-krb5-aclocal.patch

```
--- krb5-1.4.3/src/aclocal.m4   2006-01-19 18:56:17.000000000 -0500

+++ krb5-1.4.3/src/aclocal.m4   2006-01-19 18:56:11.000000000 -0500

@@ -171,7 +171,14 @@

 dnl reference support we can figure out whether or not the pthread library

 dnl has been linked in.

 dnl If we don't add any libraries for thread support, don't bother.

-AC_CHECK_FUNCS(pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init)

+for fn in pthread_once pthread_mutexattr_setrobust_np pthread_rwlock_init ; do

+       AC_CHECK_DECLS($fn,,,[

+       #ifdef HAVE_PTHREAD

+       #include <pthread.h>

+       #endif

+       ])

+       AC_CHECK_FUNCS($fn)

+done

 old_CC="$CC"

 test "$PTHREAD_CC" != "" && test "$ac_cv_c_compiler_gnu" = no && CC=$PTHREAD_CC

 old_CFLAGS="$CFLAGS"
```

mit-krb5-threads.patch

```
--- krb5-1.4.3/src/util/support/threads.c       2005-08-12 16:57:07.000000000 -0400

+++ krb5-1.4.3/src/util/support/threads.c       2006-01-19 19:00:59.000000000 -0500

@@ -141,7 +141,7 @@

        || &pthread_equal == 0

        /* This catches Solaris 9.  May be redundant with the above

           tests now.  */

-# ifdef HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB

+# if defined(HAVE_PTHREAD_MUTEXATTR_SETROBUST_NP_IN_THREAD_LIB) && HAVE_DECL_PTHREAD_MUTEXATTR_SETROBUST_NP

        || &pthread_mutexattr_setrobust_np == 0

 # endif
```

now the ebuild needs to be edited.  Open mit-krb5-1.4.3.ebuild in your favorite text editor (I prefer nano) and find the following segment of code:

```
src_unpack() {

        unpack ${MY_P}-signed.tar; tar zxf ${MY_P}.tar.gz; cd ${S}

        epatch ${FILESDIR}/${PN}-lazyldflags.patch

}
```

and change it to look like this:

```
src_unpack() {

        unpack ${MY_P}-signed.tar; tar zxf ${MY_P}.tar.gz; cd ${S}

        epatch ${FILESDIR}/${PN}-lazyldflags.patch

        epatch ${FILESDIR}/${PN}-aclocal.patch

        epatch ${FILESDIR}/${PN}-threads.patch

}
```

Next, delete digest-mit-krb5-1.4.3 and regenerate it:

```
rm digest-mit-krb5-1.4.3

cd ../

ebuild mit-krb5-1.4.3.ebuild digest
```

From here, you should be able to successfully build mit-krb5-1.4.3 on your system.  It mentioned depending on com_err so you might want to run this against your com_err libraries to clean up any dependency issues:

```

revdep-rebuild --library libcom_err.so

revdep-rebuild --library libcom_err.so.2

revdep-rebuild --library libcom_err.so.2.1
```

I had this affect 10 packages when I ran revdep-rebuild.  Hope this helps!   :Smile: 

----------

## mars-red

evilshenaniganz - thanks for taking the time to post those details.  Well done!

----------

## evilshenaniganz

Anytime!  I try to give back to the Gentoo community as much as my limited knowledge will allow!   :Very Happy: 

----------

