Rubygems installation fails due to access violation in sandbox I have no clue what that means so here's the copy paste [snip] >>> Emerging (1 of 1) dev-ruby/rubygems-1.2.0 to / * rubygems-1.2.0.tgz RMD160 SHA1 SHA256 size ;-) ......... >>> Source compiled. >>> Test phase [not enabled]: dev-ruby/rubygems-1.2.0 >>> Install rubygems-1.2.0 into /var/tmp/portage/dev-ruby/rubygems-1.2.0/image/ category dev-ruby ACCESS DENIED mkdir: /usr/lib64/ruby/gems/1.8/cache ACCESS DENIED mkdir: /usr/lib64/ruby/gems ACCESS DENIED mkdir: /usr/lib64/ruby/gems/1.8/doc ACCESS DENIED mkdir: /usr/lib64/ruby/gems ACCESS DENIED mkdir: /usr/lib64/ruby/gems/1.8/gems ACCESS DENIED mkdir: /usr/lib64/ruby/gems ACCESS DENIED mkdir: /usr/lib64/ruby/gems/1.8/specifications ACCESS DENIED mkdir: /usr/lib64/ruby/gems mkdir -p /var/tmp/portage/dev-ruby/rubygems-1.2.0/image/usr/lib64/ruby/site_ruby/1.8 .... ... .. . ------------------------------------------------------------------------------ RubyGems installed the following executables: /var/tmp/portage/dev-ruby/rubygems-1.2.0/image/usr/bin/gem18 If `gem` was installed by a previous RubyGems installation, you may need to remove it by hand. >>> Completed installing rubygems-1.2.0 into /var/tmp/portage/dev-ruby/rubygems-1.2.0/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-6002.log" mkdir: /usr/lib64/ruby/gems/1.8/cache mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/doc mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/gems mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/specifications mkdir: /usr/lib64/ruby/gems -------------------------------------------------------------------------------- [/snip] now if I do # FEATURE="-sandbox" emerge -av1 rubygem whoaila! its done! somebody please make appropriate changes to the rubygem ebuild to make it work with FEATURE="sandbox" attaching full ebuild log of both with and without features="-sandbox" emerge -av1 rubygem have a look at emerge --info : WARNING: repository at /usr/local/portage is missing a repo_name entry Portage 2.2_rc1 (default-linux/amd64/2007.0, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.25-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.25-gentoo-r5-x86_64-Intel-R-_Core-TM-2_CPU_6420_@_2.13GHz-with-glibc2.2.5 Timestamp of tree: Sun, 29 Jun 2008 22:45:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.5.2-r5 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.62 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r2 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.4 virtual/os-headers: 2.6.25-r4 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=nocona -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccachei distlocks metadata-transfer parallel-fetch preserve-libs sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://10.200.15.2/os/gentoo/gentoo-os http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LC_ALL="en_US.utf-8" LDFLAGS="" LINGUAS="en" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/verlihub /usr/local/portage" SYNC="rsync://ftp.iitb.ac.in/gentoo/portage" USE="X a52 aac aalib acl alsa amarok amd64 apache2 asf bash-completion berkdb bzip2 cairo cd cdr chroot cli cracklib crypt cups dbus dri dts dv dvd dvdr dvdread encode exif ffmpeg flac fortran ftp ggi gif glitz gphoto2 gpm gtk gtk2 hal iconv ieee1394 imagemagick imap imlib ipod isdnlog jabber java javascript jbig jpeg jpeg2k kde lm_sensors mad matroska matrox midi mime mmx mmxext mng mozilla mp2 mp3 mp4 mpeg mplayer mudflap musicbrainz mysql ncurses nls nptl nptlonly nsplugin ogg opengl openmp pam pcre pdf perl php plotutils png pppd python qt3 qt4 quicktime rar rdesktop readline reflection ruby session smp socks speex spell spl srt sse sse2 ssl svg tcpd tetex theora threads tiff truetype unicode usb utempter vcd videos vim-syntax vlm vorbis wavpack wmf wxwindows x264 xface xine xml xorg xpm xscreensaver xv xvid xvmc zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS ~S
Created attachment 158939 [details] Log of emerge -av1 rubygems-1.2.0 with FEATURE="sandbox"
Created attachment 158941 [details] Log of emerge -av1 rubygems-1.2.0 with FEATURE="-sandbox" (without sandbox)
Created attachment 159035 [details, diff] rubygems-1.2.0-setup.patch I'm the idiot the wrote the original patch for the 1.2.0 which caused this. Submitting the fixed patch that does not cause the sandbox violation. Feel free to stab me in the face.
Greg, are you really sure that this change fixes things? Were you able to reproduce the problem and confirm that this change fixes it? If I read the script correctly then this patch should not make a difference because site_or_vendor is initialized to :sitelibdir anyway and only changed when the --vendor option is used (which we don't but perhaps should). ~S, did you do this install on a clean system without any previous rubygems installation?
(In reply to comment #4) > ~S, did you do this install on a clean system without any previous rubygems > installation? > Yes, I am using fluxbox+amarok, and wanted to try out wiki-lyrc plugig, which asked me to install any one of the qtruby,gtruby or somethine_else_ruby i chose qtruby, which pulled in rubygems that was the first when I saw Rubies and Gems together :) @greg Lolz :) ~S
*** Bug 230600 has been marked as a duplicate of this bug. ***
After some debugging yesterday I found that this is caused by the "require 'tmpdir'" statement in rubygems' setup.rb. tmpdir tries to load some Win32 stuff (which can't be found on unix systems), and this triggers a search for that file. As part of that search the gems directories get recreated since they don't exist. This sounds like auto_gem behavior to me, but that is supposed to be turned off. More digging needed...
Yup, it's failing here (~amd64) Portage 2.2_rc1 (default/linux/amd64/2008.0, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.25-gentoo-r6 x86_64) ================================================================= System uname: Linux-2.6.25-gentoo-r6-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7500_@_2.20GHz-with-glibc2.2.5 Timestamp of tree: Wed, 09 Jul 2008 15:06:01 +0000 app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6-r1 dev-lang/python: 2.5.2-r5 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.62-r1 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.4 virtual/os-headers: 2.6.25-r4 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=core2 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks parallel-fetch preserve-libs sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/desktop-effects" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 acl acpi alsa amd64 arts bash-completion bluetooth bzip2 cdr cli cracklib crypt dbus dri dvd dvdr fortran gdbm gif gnome gpm gtk hal iconv isdnlog java jpeg kde midi mmx mono mp3 mudflap multilib ncurses nls nptl nptlonly opengl openmp pam pcre perl png pppd python qt3 qt4 readline reflection ruby session spl sqlite3 sse sse2 ssl ssse3 svg tcpd tiff truetype type1 unicode wifi xinerama xml xorg xulrunner zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS emerge error... --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-13419.log" mkdir: /usr/lib64/ruby/gems/1.8/cache mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/doc mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/gems mkdir: /usr/lib64/ruby/gems mkdir: /usr/lib64/ruby/gems/1.8/specifications mkdir: /usr/lib64/ruby/gems --------------------------------------------------------------------------------
I can confirm this only occurs on a fresh install. On a new gentoo installation at first I got the same access violation error as posted to this bug report multiple times by others. Turning off sandbox and emerging rubygems worked. After the successful install without sandbox I turned sandboxing back on and reinstalled- and it completed without any access violations or issues whatsoever. partial emerge --info Portage 2.2_rc1 (default/linux/x86/2008.0/desktop, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.26-gentoo-build1 i686) ================================================================= System uname: Linux-2.6.26-gentoo-build1-i686-Intel-R-_Core-TM-2_Duo_CPU_T5250_@_1.50GHz-with-glibc2.0 Timestamp of tree: Tue, 22 Jul 2008 00:38:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.4 [disabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6-r1 dev-lang/python: 2.5.2-r5 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.62-r1 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.4 virtual/os-headers: 2.6.25-r4 ACCEPT_KEYWORDS="x86 ~x86" ARCH="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=core2 -mcx16 -msahf --param l1-cache-size=32 --param l1-cache-line-size=64 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" ELIBC="glibc" EMERGE_DEFAULT_OPTS="--ask --verbose --with-bdeps y" EMERGE_WARNING_DELAY="10" FEATURES="collision-protect distlocks metadata-transfer parallel-fetch preserve-libs sandbox sfperms strict unmerge-orphans userfetch userpriv usersandbox"
sudo mkdir -p /usr/lib64/ruby/gems/1.8/cache /usr/lib64/ruby/gems/1.8/doc /usr/lib64/ruby/gems/1.8/gems /usr/lib64/ruby/gems/1.8/specifications this will also suppress the "first time" warning. The reason it doesn't bug on non-fresh installs, is because the directories are of course already there, hence, not needing to remake them, hence, not causing a sandbox violation.
er, sorry for the extra spam, if it wern't obvious, my commands were copied directly from the sandbox warnings. You should not just copy paste them and expect them to work on non-lib64 platforms. :) /me awards myself -5 points for pointing out the obvious.
*** Bug 233483 has been marked as a duplicate of this bug. ***
Created attachment 162469 [details, diff] Extended version of Greg's patch I don't know how quick'n'dirty the idea is, but do we really need "require 'tmpdir'"? After all, Portage provides a temporary dir in $T for the ebuild to use. Using that patch I was able to install rubygems on a _clean_ system, without any previous versions.
Can we please get the patch tested and committed? Sandbox violations suck.
*** Bug 235456 has been marked as a duplicate of this bug. ***
*** Bug 237103 has been marked as a duplicate of this bug. ***
There is now an updated ebuild in the ruby overlay that fixes this issue: http://overlays.gentoo.org/proj/ruby/browser/dev-ruby/rubygems/rubygems-1.2.0.ebuild?rev=8
Created attachment 165054 [details] Fixed ebuild After more elaborate digging, I am pretty sure that this behaviour is caused by a fixed bug in 1.2.0. "Gem.default_path is now honored if GEM_PATH is not set, patch #19502" -- Rubygems 1.2.0 Changelog Gem.default_path returns a path in the root filesystem (/usr/lib64... in my case), breaking the sandbox. If there is GEM_PATH, default_path is not used as fallback. We do set GEM_HOME in the ebuild, but not GEM_PATH. Setting the latter variable resolves the sandbox b0rkage. My first fix, skipping tmpdir, is just a fix for the symptoms -- just like Hans said on IRC. A new proposition is attached.
Nice! Thanks for digging in and finding the root cause of this. I've just committed the updated ebuild to CVS.
