dh_strip breaking integrity test checksums
It would seem that integrity tests are not compatiable with the dh_strip component of Debian packaging:
This is reported on build:
... integrity test data: module name, file size / checksum segment size / checksum "libstrongswan", 1761630 / 0x07f7322e 290364 / 0x885c7c3d ...
However, the integrity checks later fail with:
$ charon-cmd 00[LIB] invalid 'libstrongswan' file size: 321208 bytes, expected 1761630 bytes 00[LIB] integrity check of libstrongswan failed
This is what's reported at the end of the package build:
chroot-autobuild/build/buildd/libstrongswan_5.1.2~dr3-0ubuntu1_amd64.deb: ... -rw-r--r-- root/root 321208 2014-01-15 23:23 ./usr/lib/ipsec/libstrongswan.so.0.0.0 ...
It would seem that dh_strip is responsible for this:
I tested that disabled nostrip makes integrity tests work. However, the only reason I'm filing this is as dh_strip significantly brings down the size of the final packages:
$ ls -lh total 4.5M -rw-rw-r-- 1 ubuntu ubuntu 318K Jan 15 23:28 libstrongswan_5.1.2~dr3-0ubuntu1_amd64.deb -rw-r--r-- 1 ubuntu ubuntu 1.5M Jan 17 06:16 libstrongswan_5.1.2~dr3-0ubuntu2_amd64.deb -rw-rw-r-- 1 ubuntu ubuntu 179K Jan 15 23:28 strongswan-ike_5.1.2~dr3-0ubuntu1_amd64.deb -rw-r--r-- 1 ubuntu ubuntu 1.2M Jan 17 06:16 strongswan-ike_5.1.2~dr3-0ubuntu2_amd64.deb -rw-rw-r-- 1 ubuntu ubuntu 22K Jan 15 23:28 strongswan-plugin-lookip_5.1.2~dr3-0ubuntu1_amd64.deb -rw-r--r-- 1 ubuntu ubuntu 128K Jan 17 06:16 strongswan-plugin-lookip_5.1.2~dr3-0ubuntu2_amd64.deb -rw-rw-r-- 1 ubuntu ubuntu 41K Jan 15 23:28 strongswan-plugin-openssl_5.1.2~dr3-0ubuntu1_amd64.deb -rw-r--r-- 1 ubuntu ubuntu 238K Jan 17 06:16 strongswan-plugin-openssl_5.1.2~dr3-0ubuntu2_amd64.deb -rw-rw-r-- 1 ubuntu ubuntu 237K Jan 15 23:28 strongswan-starter_5.1.2~dr3-0ubuntu1_amd64.deb -rw-r--r-- 1 ubuntu ubuntu 746K Jan 17 06:16 strongswan-starter_5.1.2~dr3-0ubuntu2_amd64.deb
Is there a way I regenerate checksum.so after dh_strip runs? Looking at Makefile.am, I can't see any easy target to run in my debian/rules file.
#1 Updated by Tobias Brunner almost 7 years ago
- Tracker changed from Issue to Bug
- Status changed from New to Resolved
- Assignee set to Tobias Brunner
- Target version set to 5.1.2
- Resolution set to Fixed
Is there a way I regenerate checksum.so after dh_strip runs?
dh_strip seems to run after
make install, which is when the checksums are generated. To recreate the checksums afterwards you could run something like
make -C src/checksum clean install DESTDIR=..., if that's possible to do (optionally followed by another call to
strip <DESTDIR/ipseclibdir>/libchecksum.so manually (saves about 5 KB, so might not be worth the effort).
One problem with the above is that executables were not read from
DESTDIR but the build directory. The associated commit fixes that.