Created attachment 345626 [details] build.log If net-analyze/net-snmp is installed, media-libs/libvpx (tested with 1.0.0 and current stable 1.1.0) dies with a sandbox violation, here on x86. >>> Source configured. --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE "/var/log/sandbox/sandbox-13887.log" VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: mkdir S: deny P: /var/lib/net-snmp/mib_indexes A: /var/lib/net-snmp/mib_indexes R: /var/lib/net-snmp/mib_indexes C: php -v -------------------------------------------------------------------------------- >>> Failed to emerge media-libs/libvpx-1.0.0, Log file:
I can confirm - I get this error too.
*** This bug has been marked as a duplicate of bug 249496 ***
*** Bug 466522 has been marked as a duplicate of this bug. ***
A proper patch would get rid of the `php -v' call. Running php does not cause this sandbox violation further on in the build process. But seeing as you're working around that already: --- libvpx-1.1.0.ebuild 16 Apr 2013 21:03:36 -0000 1.25 +++ libvpx-1.1.0.ebuild 25 Apr 2013 15:16:39 -0000 @@ -64,6 +64,8 @@ # http://bugs.gentoo.org/show_bug.cgi?id=384585 addpredict /usr/share/snmp/mibs/.index + # http://bugs.gentoo.org/show_bug.cgi?id=465988 + addpredict /var/lib/net-snmp/mib_indexes/0 # Build with correct toolchain. tc-export CC AR NM
I got the same sandbox violations with 5 other packages. Please note the following: # equery d dev-lang/php * These packages depend on dev-lang/php: media-libs/libvpx-1.1.0 (doc ? dev-lang/php) # equery d media-libs/libvpx * These packages depend on media-libs/libvpx: mail-client/thunderbird-17.0.5 (>=media-libs/libvpx-1.0.0) media-video/ffmpeg-1.0.6 (vpx ? >=media-libs/libvpx-0.9.6) www-client/chromium-27.0.1453.73 (media-libs/libvpx) www-client/firefox-20.0.1 (>=media-libs/libvpx-1.0.0) www-client/seamonkey-2.17.1 (>=media-libs/libvpx-1.0.0) I found this because I wondered why 'dev-lang/php' was being pulled in when I thought I didn't have any need for it. Coincidently, I compiled the 5 packages which were dependent on 'media-libs/libvpx' on a different system and used quickpkg to make them installable binaries on the system which the 5 packages weren't compiling on. After seeing the above, I checked the good system's installation of 'media-libs/libvpx' and discovered that the good system compilation had USE='-doc' and no need to pull in 'dev-lang/php' while the bad system's installation of 'media-libs/libvpx' had USE="doc". I suggest you remerge 'media-libs/libvpx' - i.e.: USE="-doc" emerge -1 =media-libs/libvpx-1.1.0 then try emeging 'net-analyze/net-snmp' again and see if the violation goes away. The 5 packages above now compile to completion with no sandbox violation for me on the original bad system.
*** Bug 471152 has been marked as a duplicate of this bug. ***
Same here. media-libs/libvpx-1.1.0, amd64 station ~ # emerge --info Portage 2.1.11.62 (default/linux/amd64/13.0/desktop/kde, gcc-4.6.3, glibc-2.15-r3, 3.8.13-gentoo x86_64) ================================================================= System uname: Linux-3.8.13-gentoo-x86_64-AMD_Phenom-tm-_II_X4_925_Processor-with-gentoo-2.2 KiB Mem: 16432232 total, 1068404 free KiB Swap: 23975932 total, 23975904 free Timestamp of tree: Mon, 27 May 2013 17:15:01 +0000 ld GNU ld (GNU Binutils) 2.22 app-shells/bash: 4.2_p45 dev-java/java-config: 2.1.12-r1 dev-lang/python: 2.7.3-r3, 3.2.3-r2 dev-util/cmake: 2.8.10.2-r2 dev-util/pkgconfig: 0.28 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.11.8 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.10.3, 1.11.6, 1.12.6 sys-devel/binutils: 2.22-r1 sys-devel/gcc: 4.5.4, 4.6.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.7 (virtual/os-headers) sys-libs/glibc: 2.15-r3 Repositories: gentoo ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /var/bind" CONFIG_PROTECT_MASK="${EPREFIX}/etc/gconf /etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://mirror.opteamax.de/gentoo/ http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo" LANG="de_DE.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.de.gentoo.org/gentoo-portage" USE="3dnow X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo caps cdda cdr cli consolekit cracklib crypt cups cxx dbus declarative dlz doc dot dri dts dv dvd dvdr dxd emacs emboss encode exif fam fax ffmpeg firefox flac fontconfig fortran gd gdbm gif gpm gtk hal hpijs iconv ipv6 jack jadetex java6 jpeg kde kipi lcms ldap libnotify mad mmx mng modules mp3 mp4 mpeg mplayer mudflap multilib mysql mysqli ncurses nls nptl nvidia ogg opengl openmp pam pango pcre pdf phonon plasma png policykit postgres ppds pulseaudio qt3support qt4 quicktime readline samba scanner sdl semantic-desktop session snmp spell sse sse2 ssl startup-notification svg symlink tcpd theora tiff tk truetype udev udisks unicode upower usb v4l vorbis wxwidgets x264 xcb xcomposite xinerama xml xscreensaver xv xvid xvmc zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="peruser prefork" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="de en fr" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="nvidia" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
I forgot: USE="-doc" didn’t help.
I can confirm USE="-doc" doesn't make difference
25 Jun 2013; Alexis Ballier <aballier@gentoo.org> libvpx-9999.ebuild: + copy some more addpredict from php-pear-r1.eclass; hopefully this should fix + all the sandbox violations. bug #465988. Also actually install the docs we + built.
(In reply to Alexis Ballier from comment #10) > 25 Jun 2013; Alexis Ballier <aballier@gentoo.org> libvpx-9999.ebuild: > + copy some more addpredict from php-pear-r1.eclass; hopefully this should > fix > + all the sandbox violations. bug #465988. Also actually install the docs we > + built. I'm getting the sandbox violation with media-libs/libvpx-1.1.0 even today. Does the change to libvpx-9999 also fix the issue with media-libs/libvpx-1.1.0?
(In reply to Willard Dawson from comment #11) > I'm getting the sandbox violation with media-libs/libvpx-1.1.0 even today. > Does the change to libvpx-9999 also fix the issue with > media-libs/libvpx-1.1.0? Indeed, I've confirmed the failure. Stable is affected by this bug (make sure to have USE="doc" turned on), please either apply the fix to stable or request stabilization of a more recent version with the fix.
(In reply to Paweł Hajdan, Jr. from comment #12) then backport the fix or file a stablereq and close this bug
(In reply to Alexis Ballier from comment #13) > then backport the fix or file a stablereq and close this bug 24 Jul 2013; Pawel Hajdan jr libvpx-1.1.0.ebuild: Apply fix for bug #465988 to stable.
