both dev-php/PEAR-HTML_Template_Flexy-1.2.5 and dev-php/PEAR-Translation2-2.0.0_rc1 exhibit sandbox violations: ACCESS DENIED open_wr: /usr/share/php/.lock Installed version of php is: dev-lang/php-5.2.4_p20070914-r2 adding "addpredict /usr/share/php" to php-pear-r1.eclass fixed it.
Created attachment 132488 [details, diff] patch the class to fix the sandbox violations
Can't reproduce this at all; re-emerge PEAR-PEAR.
Created attachment 132490 [details, diff] correct patch sorry, the first one was backwards.
(In reply to comment #2) > Can't reproduce this at all; re-emerge PEAR-PEAR. > Tried both the PEAR-PEAR in portage and the PEAR-PEAR in the testing overlay. Both replicate it.
Well, as said, it works just fine here. We are not adding patches for something that's not reproducible. emerge --info?
emerge --info Portage 2.1.3.11 (default-linux/amd64/2007.0/server, gcc-4.1.2, glibc-2.6.1-r0, 2.6.22-gentoo-r5 x86_64) ================================================================= System uname: 2.6.22-gentoo-r5 x86_64 AMD Opteron(tm) Processor 240 Timestamp of tree: Wed, 03 Oct 2007 12:30:08 +0000 app-shells/bash: 3.2_p17-r1 dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4, 2.5.1-r2 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.10-r5 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.18 sys-devel/gcc-config: 1.4.0-r2 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.22-r2 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=opteron" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/init.d /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/snort/rules /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d /usr/X11R6 /usr/lib/X11/xkb /usr/share" CXXFLAGS="-O2 -march=opteron" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS=" http://ftp.ucsb.edu/pub/mirrors/linux/gentoo/ http://gentoo.osuosl.org/ http://gentoo.mirrors.pair.com/ ftp://ftp.gtlib.cc.gatech.edu/pub/gentoo " LANG="en_US.utf8" LC_ALL="en_US.utf8" LINGUAS="en" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage-overlays/local /usr/local/portage-overlays/php/testing" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl amd64 apache2 authdaemond authlib bash-completion berkdb bitmap-fonts bzip2 cdb cli cracklib crypt curl diskio dri expat fam flash fortran gd gdbm gif gmp gpm iconv idn imagemagick imap innodb isdnlog java jpeg jpeg2k justify krb4 krb5 ldap libclamav lm_sensors lzw maildir mcal memlimit midi milter mmap mmx mudflap mysql mysqli ncurses netpbm nfsv4 nls nptl nptlonly odbc offensive openmp pcre pdflib perl php png postgres pppd python readline reflection rrdtool samba sensord session snmp spell spl sqlite sse sse2 ssl syslog tcpd tiff truetype truetype-fonts type1-fonts unicode utf8 xml xml2 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i810 mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS ----------------------------- package.use:dev-lang/php cli cgi fastbuild bcmath berkdb bzlib calendar cdb crypt ctype curl curlwrappers dba db4 dbase dbm dbx exif fam -flatfi le ftp gd gdbm iconv imap -inifile jpeg kerberos ldap mcve mhash mime -ming -mnogosearch -msession mysql mysqli nls pcre png posix p ostgres -recode -sasl session -sharedext sharedmem simplexml soap sockets spell spl sqlite ssl sysvipc tidy tiff tokenizer truetype wddx xml2 xmlrpc xsl zlib snmp pcntl inifile flatfile pear pdo xmlreader zip xmlwriter hash reflection xpm suhosin filter json #dev-lang/php cli bcmath berkdb bzlib calendar cdb crypt ctype curl curlwrappers dba db4 dbase dbm dbx exif fam -flatfile ftp gd gdb m iconv imap -inifile jpeg kerberos ldap mcve mhash mime -ming -mnogosearch -msession mysql mysqli nls pcre png posix postgres -reco de -sasl session -sharedext sharedmem simplexml soap sockets spell spl sqlite ssl sysvipc tidy tiff tokenizer truetype wddx xml2 xml rpc xsl zlib snmp pcntl inifile flatfile pear pdo xmlreader zip xmlwriter hash reflection xpm filter json ------------------------------ I have dozens of machines running gentoo for years and have been writing my own ebuilds for years. There are thousands of different ways that gentoo can be configured and just because you can't replicate the problem with your configuration doesn't mean it doesn't exist. I also had and reported the "/session_mm_cli0.sem" bug and that one made it into the eclass eventually too, so I do know what I'm talking about.
Well, so tell us how to reproduce the issue. We can't, so we are not adding hacks to work around something that noone can reproduce.
(In reply to comment #7) > Well, so tell us how to reproduce the issue. We can't, so we are not adding > hacks to work around something that noone can reproduce. > Ok, first you take my world file and build a server exactly the same as mine and then you try: "emerge dev-php/PEAR-HTML_Template_Flexy dev-php/PEAR-Translation2" and watch as it pukes. If you don't want to fix bugs in Gentoo then why ask people to report bugs?
For completeness, I will explain what the actual problem is. I only found this out while in the process of reemerging other packages during a system update. While updating a previous PEAR-something package I happened to notice in the uninstall of the previous version this: <<< obj /usr/share/php/.lock Which, of course, meant that this file was being removed. Then the subsequent PEAR-* package that was being installed failed to install with the ACCESS DENIED message. This is because PEAR requires that lock file to exist and since it was missing it was trying to recreate it. Since the eclass for pear is now deleting the /usr/share/php/.lock in the sandbox and preventing it from entering the CONTENTS file, future installs will not cause this problem. And also explains why it's not possible to recreate with current eclass/ebuilds. But if anyone else ends up with this problem it can be fixed by simply doing "touch /usr/share/php/.lock" and reemerging the PEAR package you want. It appears that once you have all PEAR packages installed based off of the newer eclass the problem goes away.
