sys-cluster/util-vserver 0.30.205-r1 fails to emerge with the following features enabled in /etc/make.conf: FEATURES="ccache sandbox userpriv usersandbox" The following error is reported to /var/log/sandbox/sandbox-sys-cluster_-_util-vserver-0.30.205-r1-20113.log: unlink: /so_locations Emerging the package is possible if userpriv and usersandbox are removed. Perhaps you can add this to http://www.gentoo.org/doc/en/vserver-howto.xml where it's not mentioned. Reproducible: Always Steps to Reproduce: 1. stage 1 installation 2. setting the features in /etc/make.conf as in "Details", emerging ccache 3. following the guide http://www.gentoo.org/doc/en/vserver-howto.xml Actual Results: emerge fails - see "Details" Expected Results: emerge should happen... deleting userpriv and usersandbox from the features in /etc/make.conf solves the problem :-) And thanx for working on the best linux distro on the whole planet!
Please, put some existing alias into metadata.xml.
i can't reproduce it... it builds fine here with every combination of these flags... i tried 0.30.205-r1 and 0.30.208-r2, both working fine...
Created attachment 69613 [details] /etc/make.conf Perhaps the problem is an incompatible USE flag? I cannot imagine something else because the system is new.
could you try if 0.30.208-r3 is working for you?
Created attachment 69622 [details] 208-r3
Created attachment 69623 [details] 205-r1 after 208-r3
> /bin/sh: fork: Resource temporarily unavailable are you sure your box is ok?
util-vserver-0.30.208-r3 emerges dev-libs/beecrypt-4.1.2 which fails with those 4 features enabled. Relevant output: configure.ac:5: warning: AC_ARG_PROGRAM was called before AC_CANONICAL_TARGET autoconf/general.m4:1657: AC_CANONICAL_TARGET is expanded from... configure.ac:5: the top level cd . && /bin/sh /var/tmp/portage/beecrypt-4.1.2/work/beecrypt-4.1.2/missing --run automake-1.9 --gnu cd . && /bin/sh /var/tmp/portage/beecrypt-4.1.2/work/beecrypt-4.1.2/missing --run autoconf /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable sh: fork: Resource temporarily unavailable autom4te-2.59: need GNU m4 1.4 or later: /usr/bin/m4 WARNING: `autoconf' is missing on your system. You should only need it if you modified `configure.ac'. You might want to install the `Autoconf' and `GNU m4' packages. Grab them from any GNU archive site. /bin/sh ./config.status --recheck /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable /usr/bin/autoconf-2.59: fork: Resource temporarily unavailable running /bin/sh ./configure --prefix=/usr --host=i686-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --build=i686-pc-linux-gnu --with-python --enable-shared --enable-static --with-arch=pentium3 CFLAGS=-O3 -march=pentium3 -pipe -fomit-frame-pointer CXXFLAGS=-O3 -march=pentium3 -pipe -fomit-frame-pointer build_alias=i686-pc-linux-gnu host_alias=i686-pc-linux-gnu --no-create --no-recursion /usr/bin/autom4te-2.59: unrecognized option `--trace=' Try `/usr/bin/autom4te-2.59 --help' for more information. automake-1.9: autoconf failed with exit status: 1 WARNING: `automake-1.9' is needed, and you do not seem to have it handy on your system. You might have modified some files without having the proper tools for further handling them. Check the `README' file, it often tells you about the needed prerequirements for installing this package. You may also peek at any GNU archive site, in case some other package would contain this missing `automake-1.9' program. make: *** [Makefile.in] Error 1 make: *** Waiting for unfinished jobs.... checking for a BSD-compatible install... /bin/install -c (...) !!! ERROR: dev-libs/beecrypt-4.1.2 failed. !!! Function src_compile, Line 44, Exitcode 2 !!! emake failed !!! If you need support, post the topmost build error, NOT this status message. sys-devel/autoconf-2.59-r6 is installed on the system. sys-devel/m4-1.4.3 is installed. I remember that util-vserver-0.30.205-r1 complained about beecrypt not being there (checking beecrypt... no, some error message), but I'm quite sure that this emerge error wasn't while compiling dev-libs/beecrypt. I can emerge beecrypt and util-vserver-0.30.208-r3 without "usersandbox" and "userpriv" Feature in /etc/make.conf But I cannot emerge those packages with those features enabled. Output of ACCEPT_KEYWORDS="~x86" emerge util-vserver-0.30.208-r3 in attachment "208-r3". After unmerging it I'm emerging 205-r1 with all 4 features enabled. This time, the error is gone - but another appears. Output in attachment "205-r3 after 208-r1" Strange... Short resumee: beecrypt-4.1.12, util-vserver-0.30.208-r3 and util-vserver-0.30.205-r1 do not emerge with features "usersandbox" and "userpriv" enabled. Without those, they emerge as expected. It may be that the problem comes from beecrypt - it wasn't emerged as I tried to emerge util-vserver-0.30.208-r3 although I had unmerged 205-r1 before (which should have needed beecrypt, too). It may also be that the problem comes from wrong rights in sandbox (see my first post and attachment 208 [details]-r3. What speaks against it is that emerging 205-r1 after 208-r3 has another error...
>> /bin/sh: fork: Resource temporarily unavailable > >are you sure your box is ok? IMHO, everything is fine because those messages do not appear when working without "usersandbox" and "userpriv" features. Perhaps "usersandbox" uses another temporary area than "sandbox" which is only a problem with packages who need certain things?
could you provide emerge --info ?
I just realised that I set a maximum number of processes for each group in /etc/security/limits. Now I'm gonna set it to 100 for the portage group and give it a try. If that doesn't work for the "unlink: /so_locations", I'll post emerge --info. fork error message is gone, unlink: /so_locations stays...
Created attachment 69630 [details] emerge --info
I set up a vserver and I'm emerging some programs inside - I get complaints about fork. If I disable userpriv and usersandbox inside the vserver, everything emerges properly (until now). IMHO, it looks more like a userpriv/usersandbox vs. /etc/security/limits.conf problem than a bug in util-vserver. So I suggest that before you work too hard on this bug, I'll do the emerge exercises with /etc/security/limits disabled and I tell you if the "unlink: /so_locations" error still appears. Then we know if it's a util-vserver bug or due to userpriv/usersandbox features in combination with /etc/security/limits.conf. I'll let you know about the results.
After commenting everything in /etc/security/limits.conf, util-vserver emerged without any problems :-) So the error is definitively due to setting limits.conf according to http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=5 and using "userpriv" and "usersandbox" features in /etc/make.conf Emerging util-vserver was possible without "userpriv" and "usersandbox", but emerging ncurses inside the vserver was impossible with and without those features. So I suggest we reassign this bug to "docs-user", "Website www.gentoo.org" or "Gentoo Security". I'm not sure which category is right, so could you do it? Thanx for helping!
Wrt. Security Handbook, Chapter 5: It seems under some circumstances (or with some settings in /etc/security/limits.conf) even a simple `emerge` doesn't work as expected. So either warn the user about the result of this action, or applying right restrictions to the system would solve this issue.
Fixed in CVS. Thx.
