Bug 220983 - gnome-extra/gnome-media-2.22.0 Sandbox access violation
Bug#: 220983 Product:  Gentoo Linux Version: 2008.0 Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: gnome@gentoo.org Reported By: graham@gmurray.org.uk
Component: GNOME
URL: 
Summary: gnome-extra/gnome-media-2.22.0 Sandbox access violation
Keywords:  
Status Whiteboard: 
Opened: 2008-05-08 18:35 0000
Description:   Opened: 2008-05-08 18:35 0000 
>>> Source compiled.
--------------------------- ACCESS VIOLATION SUMMARY
---------------------------
LOG FILE = "/var/log/sandbox/sandbox-27892.log"

open_wr:   /root/.gconf/.testing.writeability
unlink:    /root/.gconf/.testing.writeability
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state
open_wr:   /root/.gconfd/saved_state.tmp

emerge --info
Portage 2.1.5_rc7 (default/linux/x86/2008.0/desktop, gcc-4.2.3, glibc-2.7-r2,
2.6.25-gentoo-r2 i686)
=================================================================
System uname: 2.6.25-gentoo-r2 i686 Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
Timestamp of tree: Thu, 08 May 2008 16:45:01 +0000
app-shells/bash:     3.2_p39
dev-java/java-config: 1.3.7, 2.1.6
dev-lang/python:     2.4.4-r11, 2.5.2-r2
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.2.3
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.62
sys-devel/automake:  1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   2.2.4
virtual/os-headers:  2.6.25-r1
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -mtune=native -pipe -ggdb"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/config /var/bind /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf
/etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/terminfo
/etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=native -mtune=native -pipe -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="buildsyspkg distlocks installsources parallel-fetch sandbox sfperms
splitdebug strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/
http://gentoo.blueyonder.co.uk http://gentoo.tiscali.nl/
http://gentoo.mirror.solnet.ch http://pandemonium.tiscali.de/pub/gentoo/"
LANG="en_GB.UTF-8"
LC_ALL="en_GB.UTF-8"
LDFLAGS=""
LINGUAS="en_GB en"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --stats --timeout=180 --exclude=/distfiles
--exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/musicbrainz
/usr/portage/local/layman/sunrise /usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac aalib acl acpi aim alsa apache2 arts audiofile avi
bash-completion berkdb bluetooth bonobo branding browserplugin bzip2 bzlib
cairo caps cddb cdparanoia cdr cjk cli cracklib crypt cups curl cvs cxx dbus
directfb doc dri dts dvd dvdr dvdread eds emacs emboss encode esd ethereal evo
examples exif expat fam fbcon ffmpeg fftw firefox flac foomaticdb fortran ftp
gcj gd gdbm gif glut gmp gnome gnome-keyring gnutls gphoto2 gpm graphviz
gstreamer gtk gtk2 gtkhtml guile hal iconv icq idn ieee1394 imagemagick imlib
ipv6 isdnlog jabber jack java javascript jbig jce jpeg jpeg2k junit kde
kdehiddenvisibility kerberos ladspa latex lcms ldap leim libgda libnotify
libsamplerate libwww lirc lm_sensors logrotate lua m17n-lib mad matroska mbox
midi mikmod milter mime mmap mmx mng modplug mono mp3 mpeg mpi mplayer msn
mudflap musepack ncurses nls nptl nptlonly nsplugin odbc offensive ogg
oggvorbis openal opengl openmp oscar oss pam pcntl pcre pdf perl png postgres
ppds pppd profile pulseaudio python qt3 qt3support qt4 quicktime readline
recode reflection ruby sasl sdl seamonkey session sharedmem sndfile snmp
sockets sox speex spell spl sqlite3 sse sse2 ssl startup-notification
subversion svg sysvipc tcl tcltk tcpd tetex theora threads tiff tk truetype
uicktime unicode usb v4l v4l2 vim-syntax vorbis win32codecs wmf wxwindows x264
x86 xattr xcb xface xine xml xml2 xorg xulrunner xv xvid yahoo zlib"
ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare
dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw
multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias
auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file
authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user
autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires
ext_filter file_cache filter headers ident imagemap include info log_config
logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer
proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir
usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="canon ptp2" ELIBC="glibc"
INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz
cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en_GB en"
LIRC_DEVICES="asusdh" USERLAND="GNU" VIDEO_CARDS="radeon vesa fbdev vga"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_COMPRESS,
PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

------- Comment #1 From Andrew Gaydenko 2008-05-08 19:18:17 0000 ------- 
The same on ~amd64.

------- Comment #2 From Gilles Dartiguelongue 2008-05-08 19:36:00 0000 ------- 
my bad, this can't be reproduced with FEATURES="usersandbox userpriv". Added
the addpredict back.

@herd, I'd be curious to know which damn make rule tries to touch /root/.gconf
while I explicitely added --disable-schemas-install. If we could fix it, we
could remove this ugly hack from a couple of ebuilds.

------- Comment #3 From Pacho Ramos 2008-05-09 08:48:04 0000 ------- 
Created an attachment (id=152589) [details]
/var/log/sandbox/sandbox-16692.log

------- Comment #4 From Pacho Ramos 2008-05-09 08:48:42 0000 ------- 
Created an attachment (id=152591) [details]
build.log

------- Comment #5 From Pacho Ramos 2008-05-09 08:51:18 0000 ------- 
Created an attachment (id=152593) [details]
config.log

------- Comment #6 From RĂ©mi Cardona 2008-05-09 10:57:22 0000 ------- 
Created an attachment (id=152605) [details]
strace.gst-inspect.log

The culprit is configure.ac which runs gst-inspect-0.10 on gconfaudiosink and
gconfaudiosrc, both of which load gconf which then spawns gconfd for root.

Attached is the log of running "strace -f gst-inspect-0.10 gconfaudiosrc 2>&1 |
grep gconf"

I'm not really sure what to do about that... Maybe we could patch configure.ac
not to run gst-inspect as we already make sure that things are there in the
first place? Maybe just a comment above the sandbox addpredict stuff is enough?

@herd, thoughts, comments?

------- Comment #7 From Daniel Gryniewicz 2008-05-09 13:50:15 0000 ------- 
In general, I'd say we should leave these types of checks in, as a
belt-and-suspenders type thing.  However, these deps are directly in the
package, and gst-inspect has been one of the worst offenders in the tree for
sandbox violations for as long as I can remember, so it'd be nice to do
*something*.

I vaguely remember someone doing what was necessary to make it use a dummy
homedir for this kind of thing; is that possible?

------- Comment #8 From Archimedes Trajano 2008-09-23 05:43:51 0000 ------- 
How was this fixed?