Summary: | [gnome-overlay] =media-libs/clutter-gst-1.3.14: sandbox violations (remove and __xmknod) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Stefan Zwanenburg <stefanhetzwaantje> |
Component: | [OLD] GNOME | Assignee: | Gentoo Linux Gnome Desktop Team <gnome> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
build.log for =media-libs/clutter-gst-1.3.14
emerge --info =media-libs/clutter-gst-1.3.14 |
Description
Stefan Zwanenburg
2011-10-02 23:04:37 UTC
Created attachment 288613 [details]
build.log for =media-libs/clutter-gst-1.3.14
Created attachment 288615 [details]
emerge --info =media-libs/clutter-gst-1.3.14
I also just tried it with =clutter-gst-1.3.12: same problem! This is yet another variation on the theme of bugs #360219, #360073, #363917. I believe the following ugly hack should put an end to this issue: deliberately set a known invalid DISPLAY variable. In other words, adding DISPLAY="999invalid" to src_compile appears to resolve all sandbox violations (lots of error messages result, though), making the addpredict unnecessary. This should be fixed in the clutter-gst-1.4.0 ebuild just added to the gnome overlay. I can confirm that =clutter-gst-1.4.0 does emerge successfully now. Thanks! (In reply to comment #4) > This is yet another variation on the theme of bugs #360219, #360073, #363917. > > I believe the following ugly hack should put an end to this issue: deliberately > set a known invalid DISPLAY variable. > > In other words, adding DISPLAY="999invalid" to src_compile appears to resolve > all sandbox violations (lots of error messages result, though), making the > addpredict unnecessary. > > This should be fixed in the clutter-gst-1.4.0 ebuild just added to the gnome > overlay. Instead of working around the issue, why don't we ask upstream why they're trying to mknod in /dev during make install? That's a phenomenally stupid thing for a random package to do. (In reply to comment #6) > Instead of working around the issue, why don't we ask upstream why they're > trying to mknod in /dev during make install? That's a phenomenally stupid thing > for a random package to do. Obviously upstream is not trying to mknod anything. The problem rather is that g-ir-scanner generates, compiles, executes, and immediately deletes some sort of temporary binary, and when this binary runs, as a side effect it tries to open an opengl context. (In reply to comment #7) > Obviously upstream is not trying to mknod anything. The problem rather is that > g-ir-scanner generates, compiles, executes, and immediately deletes some sort > of temporary binary, and when this binary runs, as a side effect it tries to > open an opengl context. Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason for gstreamer to require OpenGL access, unless they're doing video pipelining with GL, which is stupid. (In reply to comment #8) > Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason > for gstreamer to require OpenGL access, unless they're doing video pipelining > with GL, which is stupid. http://www.clutter-project.org/ : "Clutter uses OpenGL for rendering (and optionally OpenGL|ES for use on mobile and embedded platforms), but wraps an easy to use, efficient, flexible API around GL's complexity." (In reply to comment #9) > (In reply to comment #8) > > Yes, and in this case by 'upstream' I mean clutter-gst. Because I see no reason > > for gstreamer to require OpenGL access, unless they're doing video pipelining > > with GL, which is stupid. > > http://www.clutter-project.org/ : "Clutter uses OpenGL for rendering (and > optionally OpenGL|ES for use on mobile and embedded platforms), but wraps an > easy to use, efficient, flexible API around GL's complexity." Thank you for pasting the description of the package I maintain... It's obvious that you did not understand my comment. Why the heck would clutter-gst need OpenGL for *introspection*? Why would it do GL video pipelining during /compilation/? That's utterly retarded. +*clutter-gst-1.4.2 (15 Oct 2011) + + 15 Oct 2011; Pacho Ramos <pacho@gentoo.org> -clutter-gst-1.3.12.ebuild, + -clutter-gst-1.3.14.ebuild, +clutter-gst-1.4.2.ebuild: + Version bump, remove development versions. + |