When emerging =media-libs/clutter-gst-1.3.14 (in my case as a result of updating gnome), several sandbox violations occur, all trying to remove or make a device node for my graphics card (for which I have installed ati-drivers). Reproducible: Always Steps to Reproduce: 1.Emerge =media-libs/clutter-gst-1.3.14 2. 3. Actual Results: Sandbox violations (see attachment) Expected Results: Successful merging of clutter-gst.
Created attachment 288613 [details] build.log for =media-libs/clutter-gst-1.3.14
Created attachment 288615 [details] emerge --info =media-libs/clutter-gst-1.3.14
I also just tried it with =clutter-gst-1.3.12: same problem!
This is yet another variation on the theme of bugs #360219, #360073, #363917. I believe the following ugly hack should put an end to this issue: deliberately set a known invalid DISPLAY variable. In other words, adding DISPLAY="999invalid" to src_compile appears to resolve all sandbox violations (lots of error messages result, though), making the addpredict unnecessary. This should be fixed in the clutter-gst-1.4.0 ebuild just added to the gnome overlay.
I can confirm that =clutter-gst-1.4.0 does emerge successfully now. Thanks!
(In reply to comment #4) > This is yet another variation on the theme of bugs #360219, #360073, #363917. > > I believe the following ugly hack should put an end to this issue: deliberately > set a known invalid DISPLAY variable. > > In other words, adding DISPLAY="999invalid" to src_compile appears to resolve > all sandbox violations (lots of error messages result, though), making the > addpredict unnecessary. > > This should be fixed in the clutter-gst-1.4.0 ebuild just added to the gnome > overlay. Instead of working around the issue, why don't we ask upstream why they're trying to mknod in /dev during make install? That's a phenomenally stupid thing for a random package to do.
(In reply to comment #6) > Instead of working around the issue, why don't we ask upstream why they're > trying to mknod in /dev during make install? That's a phenomenally stupid thing > for a random package to do. Obviously upstream is not trying to mknod anything. The problem rather is that g-ir-scanner generates, compiles, executes, and immediately deletes some sort of temporary binary, and when this binary runs, as a side effect it tries to open an opengl context.
(In reply to comment #7) > Obviously upstream is not trying to mknod anything. The problem rather is that > g-ir-scanner generates, compiles, executes, and immediately deletes some sort > of temporary binary, and when this binary runs, as a side effect it tries to > open an opengl context. Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason for gstreamer to require OpenGL access, unless they're doing video pipelining with GL, which is stupid.
(In reply to comment #8) > Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason > for gstreamer to require OpenGL access, unless they're doing video pipelining > with GL, which is stupid. http://www.clutter-project.org/ : "Clutter uses OpenGL for rendering (and optionally OpenGL|ES for use on mobile and embedded platforms), but wraps an easy to use, efficient, flexible API around GL's complexity."
(In reply to comment #9) > (In reply to comment #8) > > Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason > > for gstreamer to require OpenGL access, unless they're doing video pipelining > > with GL, which is stupid. > > http://www.clutter-project.org/ : "Clutter uses OpenGL for rendering (and > optionally OpenGL|ES for use on mobile and embedded platforms), but wraps an > easy to use, efficient, flexible API around GL's complexity." Thank you for pasting the description of the package I maintain... It's obvious that you did not understand my comment. Why the heck would clutter-gst need OpenGL for *introspection*? Why would it do GL video pipelining during /compilation/? That's utterly retarded.
+*clutter-gst-1.4.2 (15 Oct 2011) + + 15 Oct 2011; Pacho Ramos <pacho@gentoo.org> -clutter-gst-1.3.12.ebuild, + -clutter-gst-1.3.14.ebuild, +clutter-gst-1.4.2.ebuild: + Version bump, remove development versions. +
