Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 126667 - media-video/totem-1.4.0 sandbox violation
Summary: media-video/totem-1.4.0 sandbox violation
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Unspecified (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
: 127532 133361 (view as bug list)
Depends on:
Blocks:
 
Reported: 2006-03-18 07:43 UTC by Luká Polívka
Modified: 2009-11-13 09:16 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Luká Polívka 2006-03-18 07:43:42 UTC 
I have unmasked totem-1.4.0 to try it out, I have all deps installed already, as I have tested 1.3.x-series, which worked fine (./configure, make, sudo make install).

emerge totem gives me
--------------------------- ACCESS VIOLATION SUMMARY ---------------------------
LOG FILE = "/var/log/sandbox/sandbox-media-video_-_totem-1.4.0-8770.log"

mkdir:     /root/.gnome2
mkdir:     /root/.gnome2
mkdir:     /root/.gnome2
mkdir:     /root/.gnome2
mkdir:     /root/.gnome2
--------------------------------------------------------------------------------

Portage 2.1_pre6-r3 (default-linux/x86/2005.1, gcc-4.1.0, glibc-2.4-r1, 2.6.15-ck1 i686)
=================================================================
System uname: 2.6.15-ck1 i686 AMD Athlon(tm) XP 1600+
Gentoo Base System version 1.12.0_pre16
dev-lang/python:     2.3.5-r2, 2.4.2-r1
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1-r2
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r3
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=athlon-xp -mtune=athlon-xp -fomit-frame-pointer -pipe -funroll-loops"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O2 -march=athlon-xp -mtune=athlon-xp -fomit-frame-pointer -pipe -funroll-loops"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict"
GENTOO_MIRRORS="ftp://ftp.sh.cvut.cz/MIRRORS/gentoo/gentoo/"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 3dnow 3dnowext 7zip X a52 aac alsa ape apm atm avi bash-completion berkdb bitmap-fonts bzip2 cairo canna cdr cjk crypt css cups dbus dga directfb dri dts dv dvd dvdr dvdread emboss encode fbcon ffmpeg flac foomaticdb fortran freetype gdbm gif gimp gimpprint glitz glut gnutls gpm gtk2 hal icecast iconv imlib ipv6 irc jabber javascript jpeg kdeenablefinal libg++ libsamplerate libwww lzo mad matroska mikmod mmx mmxext mng mp3 mp4 mpeg mplayer musepack ncurses nls nodrm nptl nptlonly ogg oggvorbis opengl pam pdflib perl pic png ppds python qt readline sasl sblive scanner sdl slang sndfile speex spell sse ssl svg tcpd theora threads tiff truetype truetype-fonts type1-fonts ucs2 ucs4 unicode usb userlocales vidix vorbis wmf x264 xcomposite xinerama xml2 xv xvid zlib elibc_glibc input_devices_mouse input_devices_keyboard kernel_linux userland_GNU video_cards_radeon video_cards_ati"
Unset:  ASFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS
Comment 1 Luká Polívka 2006-03-18 11:36:58 UTC 
So I have looked around a bit and found the fix myself:
Add addpredict "/root/.gnome2" in src_compile() function.
Comment 2 Saleem Abdulrasool (RETIRED) gentoo-dev 2006-03-18 14:27:33 UTC 
Can you sync in an hour and test this again without your changes?  Your eclass may have been out of sync.
Comment 3 Luká Polívka 2006-03-19 00:55:09 UTC 
(In reply to comment #2)
> Can you sync in an hour and test this again without your changes?  Your eclass
> may have been out of sync.
> 
Apparently it's not the case. I've synced half an hour ago (09:30 CET), still sandbox violation.

src_compile() {
        addpredict "/root/.gconfd"
        addpredict "/root/.gconf"
        addpredict "/root/.gnome2" <-- just add this line and everything's OK
        gnome2_src_compile
}
Comment 4 Jakub Moc (RETIRED) gentoo-dev 2006-03-25 07:20:20 UTC 
*** Bug 127532 has been marked as a duplicate of this bug. ***
Comment 5 Joe McCann (RETIRED) gentoo-dev 2006-03-27 13:28:16 UTC 
fixed in cvs, thanks for the report
Comment 6 Hans de Graaff gentoo-dev Security 2006-05-13 23:57:08 UTC 
My setup has root's home directory in /home/root for historic reasons, so the fix in CVS won't work for me. Changing the addpredict calls in src_compile allowed me to install totem without further problems, but obviously that isn't a fix for other people. It seems that the right way to solve this is already mentioned in the comments of the ebuild. Just wanted to let you know that as far as I'm concerned that is needed :-)
Comment 7 Ed Catmur 2006-05-16 16:30:59 UTC 
re comment 6: that won't work; GLib scans /etc/passwd to determine home directories, overriding HOME from env[1].

A proper fix would be to have portage.py set ACTUAL_HOME when setting HOME to the portage homedir. Absent that, a workaround like 

        addpredict "$(unset HOME; echo ~)/.gconf"

works fine.

[1] http://developer.gnome.org/doc/API/2.0/glib/glib-Miscellaneous-Utility-Functions.html#g-get-home-dir
Comment 8 Jakub Moc (RETIRED) gentoo-dev 2006-11-15 06:27:30 UTC 
*** Bug 133361 has been marked as a duplicate of this bug. ***