Quite a few security nuts go ahead and mount /tmp as noexec because: 1) Many exploit scripts are pre-programmed to execute from here 2) Many sysadmins desire not to allow every user on the machine to be able to have a space where they can write things out that allow them to execute Reproducible: Always Steps to Reproduce: Mount /tmp with -o noexec Emerge media-libs/nas-1.8-r1 Actual Results: Package dies during emerge Expected Results: Package emerges correctly
Hmm. 1.8b worked fine here with /tmp mounted noexec. Portage 2.1.2.7 (default-linux/x86/2007.0, gcc-4.1.2, glibc-2.5-r2, 2.6.21-mm2 i686) ================================================================= System uname: 2.6.21-mm2 i686 AMD Athlon(TM) XP 1800+ Gentoo Base System release 1.12.10 Timestamp of tree: Mon, 21 May 2007 21:50:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.32 dev-lang/python: 2.3.6-r2, 2.4.4-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r7 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.21 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=athlon-xp -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/svn/env /usr/kde/svn/share/config /usr/kde/svn/shutdown /usr/share/X11/xkb /usr/share/config /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=athlon-xp -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache collision-protect distcc distlocks metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://open-systems.ufl.edu/mirrors/gentoo http://cesium.di.uminho.pt/pub/gentoo/ http://adelie.polymtl.ca/ http://ftp.gentoo.or.kr/ http://fido.online.kz/gentoo" LINGUAS="en" MAKEOPTS="-j7" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/nx /usr/portage/local/layman/voip /usr/portage/local/layman/enlightenment /usr/portage/local/layman/kde /usr/local/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="3dnow X acl alsa am berkdb bitmap-fonts bzip2 cdr chroot cli cracklib crypt dri dv dvd dvdr encode fortran gdbm gif gnome gpm gtk gtk2 hal iconv isdnlog jpeg kde libg++ midi mmx mp3 mudflap ncurses nls nptl nptlonly oggvorbis openmp pam pcre pdflib perl png pppd pwdb python readline reflection session spell spl sse ssl tiff truetype truetype-fonts type1-fonts unicode x86 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="nv" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS /dev/hde2 on /tmp type reiser4 (rw,noexec,nosuid,nodev,noatime)
D.J. Capelis, can you confirm this?
Paste the whole error you're getting and reopen if needed.
Apologies, for some reason I didn't get the other messages on this bug. Fell off the earth or something. Yes, I can verify, it does appear to have been fixed in 1.8b. Closing. :)
Resolve properly
