Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 237387 - sys-libs/timezone-data-2008e wrong file permissions due to incorrect default perms and wonky filesystem
Summary: sys-libs/timezone-data-2008e wrong file permissions due to incorrect default ...
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Toolchain Maintainers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-09-11 08:23 UTC by Jaak Ristioja
Modified: 2008-09-17 09:22 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jaak Ristioja 2008-09-11 08:23:41 UTC 
sys-libs/timezone-data-2008e creates regular files in /usr/share/zoneinfo with permissions 600, root:root. So only root can read those files. This results in KDE 3.5.9 not being able to read the timezone data, and the clock Kicker applet displaying the wrong time (behind 3 hours in my case). An incorrect clock might be quite destructive in peoples lives... Please fix. :)

Portage 2.1.4.4 (default/linux/amd64/2008.0/developer, gcc-4.1.2, glibc-2.6.1-r0, 2.6.26-gentoo-r1-worship x86_64)
=================================================================
System uname: 2.6.26-gentoo-r1-worship x86_64 AMD Athlon(tm) 64 Processor 3200+
Timestamp of tree: Wed, 10 Sep 2008 19:30:01 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
app-shells/bash:     3.2_p33
dev-lang/python:     2.4.4-r13, 2.5.2-r6
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r2
sys-devel/automake:  1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.26
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -march=athlon64 -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -pipe -march=athlon64 -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="collision-protect cvs digest distlocks fixpackages metadata-transfer multilib-strict parallel-fetch sandbox sfperms sign splitdebug strict unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://ftp.linux.ee/pub/gentoo/distfiles/ http://trumpetti.atm.tut.fi/gentoo/"
LANG="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
LDFLAGS="-Wl,-O1"
LINGUAS="en et en_GB en_US de"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow X a52 aac acl acpi alsa amd64 apache2 arts bash-completion berkdb bluetooth bzip2 cairo cdr cjk cli cracklib crypt cups dbus directfb doc dri dvd dvdr dvdread emboss encode evo fam fbcon ffmpeg firefox flac fortran gdbm gif gmp gnutls gpm gstreamer gtk gtk2 hal hardened iconv imagemagick imlib ipv6 isdnlog jbig jpeg jpeg2k kde lcms libnotify mad midi mikmod mmap mmx mng mp3 mpeg mudflap multilib mysql ncurses nptl nptlonly ogg openal opengl openmp pam pcre pdf perl pic png ppds pppd python qt3 qt3support qt4 quicktime readline reflection samba sdl session sndfile speex spell spl sse sse2 ssl startup-notification svg sysfs tcpd theora threads tiff truetype unicode usb vhosts vorbis x264 xattr xinerama xml xorg xprint xscreensaver xv xvid zlib" ALSA_CARDS="via82xx virmidi" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias asis auth_basic auth_digest authn_anon authn_dbd authn_default authn_file authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config log_forensic logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="canon" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en et en_GB en_US de" LIRC_DEVICES="irdeo" USERLAND="GNU" VIDEO_CARDS="ati radeon nv vesa fbdev vga"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2008-09-11 08:35:43 UTC 
That's odd. I don't appear to have those permissions on files in /usr/share/zoneinfo. Please post the permissions of /usr and /usr/share and /usr/share/zoneinfo here.
Comment 2 Jaak Ristioja 2008-09-11 17:55:13 UTC 
(In reply to comment #1)
> That's odd. I don't appear to have those permissions on files in
> /usr/share/zoneinfo. Please post the permissions of /usr and /usr/share and
> /usr/share/zoneinfo here.
> 

$ ls -ld / /usr /usr/share/ /usr/share/zoneinfo/ /usr/share/zoneinfo/GMT /usr/share/zoneinfo/Europe/ /usr/share/zoneinfo/Europe/Tallinn
drwxr-xr-x  21 root root 4096 2008-08-20 22:55 /
drwxr-xr-x  20 root root 4096 2008-05-06 18:36 /usr
drwxr-xr-x 182 root root 4096 2008-09-09 01:22 /usr/share/
drwxr-xr-x  21 root root 4096 2008-09-11 20:44 /usr/share/zoneinfo/
drwxr-xr-x   2 root root 4096 2008-09-11 20:44 /usr/share/zoneinfo/Europe/
-rw-------   1 root root 2175 2008-09-11 20:44 /usr/share/zoneinfo/Europe/Tallinn
-rw-------   1 root root  118 2008-09-11 20:44 /usr/share/zoneinfo/GMT
Comment 3 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2008-09-11 19:38:46 UTC 
(In reply to comment #2)
> (In reply to comment #1)
> > That's odd. I don't appear to have those permissions on files in
> > /usr/share/zoneinfo. Please post the permissions of /usr and /usr/share and
> > /usr/share/zoneinfo here.
> > 
> 
> $ ls -ld / /usr /usr/share/ /usr/share/zoneinfo/ /usr/share/zoneinfo/GMT
> /usr/share/zoneinfo/Europe/ /usr/share/zoneinfo/Europe/Tallinn
> drwxr-xr-x  21 root root 4096 2008-08-20 22:55 /
> drwxr-xr-x  20 root root 4096 2008-05-06 18:36 /usr
> drwxr-xr-x 182 root root 4096 2008-09-09 01:22 /usr/share/
> drwxr-xr-x  21 root root 4096 2008-09-11 20:44 /usr/share/zoneinfo/
> drwxr-xr-x   2 root root 4096 2008-09-11 20:44 /usr/share/zoneinfo/Europe/
> -rw-------   1 root root 2175 2008-09-11 20:44
> /usr/share/zoneinfo/Europe/Tallinn
> -rw-------   1 root root  118 2008-09-11 20:44 /usr/share/zoneinfo/GMT
> 
Works for me. Try remerging, I guess. If that doesn't help maybe try without userpriv? (wild guess). re-open if needed

%% ls -l /usr/share/zoneinfo/Europe/Tallinn 
-rw-r--r-- 1 root root 2175 Sep 11 14:35 /usr/share/zoneinfo/Europe/Tallinn
Comment 4 Jaak Ristioja 2008-09-11 19:53:36 UTC 
Re-emerging didn't fix that earlier, and didn't fix it now. I just tried FEATURES="-userpriv" also. No difference.
Comment 5 Mart Raudsepp gentoo-dev 2008-09-12 00:17:59 UTC 
Works fine here as well.
Could you try first unmergine timezone-data, so that the wrong permission files go away, and then re-emerge timezone-data (with --oneshot I guess) and see and tell what happens then? This would exclude that portage is simply keeping the permissions of files when overwriting, after you had them get messed up by something in the past.
If this fixes it, we should investigate why a simple re-emerge didn't fix it (I don't think portage should have preserved the permissions, but use the ones in DESTDIR at $PORTAGE_TMPDIR/$P/image).

Another thing that could be checked is re-emerging it with a one-time FEATURES=keepwork, something like this:

FEATURES=keepwork emerge -1va timezone-data

and then checking what is the permission of these files in /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe
Comment 6 Jaak Ristioja 2008-09-12 13:35:11 UTC 
Ok. I unmerged it, and as expected, this also removed /usr/share/zoneinfo/. Then I re-emerged it using FEATURES=keepwork emerge -1 timezone-data. The permissions of /usr/share/zoneinfo were still incorrect. Then I had to re-emerge it once more using noclean instead of keepwork to keep the image/ directory from being deleted.

# ls -ld /var/tmp/portage/sys-libs/timezone-data-2008e/image/ /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/ /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/ /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/GMT /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/ /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/Tallinn
ls: cannot access /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/GMT: No such file or directory
ls: cannot access /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/Tallinn: No such file or directory
drwx------+  3 root root 4096 2008-09-12 16:16 /var/tmp/portage/sys-libs/timezone-data-2008e/image/
drwx------+  6 root root 4096 2008-09-12 16:17 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr
drwx------+  5 root root 4096 2008-09-12 16:17 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/
drwx------+ 21 root root 4096 2008-09-12 16:17 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/
drwx------+  2 root root 4096 2008-09-12 16:17 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/

Strangely there were no regular files in var/tmp/portage/sys-libs/timezone-data-2008e/ima only directories (I even used FEATURES="noclean keepwork"). Their ACL's were (probably all) as the following:

# file: usr/share/zoneinfo/Europe/
# owner: root
# group: root
user::rwx
group::---
mask::---
other::---
default:user::rwx
default:group::---
default:mask::---
default:other::---

So I did unpack, compile and install on the timezone-data-2008e.ebuild with ebuild. And here's what I got:

drwx------+  3 root root 4096 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/
drwx------+  6 root root 4096 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr
drwx------+  5 root root 4096 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/
drwx------+ 21 root root 4096 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/
drwx------+  2 root root 4096 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/
-rw-------+  1 root root 2175 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/Tallinn
-rw-------+ 10 root root  118 2008-09-12 16:29 /var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/GMT

# file: var/tmp/portage/sys-libs/timezone-data-2008e/image/usr/share/zoneinfo/Europe/Tallinn
# owner: root
# group: root
user::rw-
group::---
mask::---
other::---
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2008-09-12 16:50:05 UTC 
What if you *didn't* set ACLs on /var/tmp/portage?

Not that having those ACLs would invalidate the bug, because it uses mkdir and cp instead of install, which leads to certain defaults to be used instead of proper permissions, so there's certainly room for improvement in the Makefile...
Comment 8 Jaak Ristioja 2008-09-12 17:18:23 UTC 
Oh yeah, now I remembered, that i temporarily mount --bind'ed /var/tmp/portage from my home directory on another partition, because the previous partition didn't have the capacity to build OOo. And my home directory DOES HAVE default ACLs.

Lol, thanks. Hope you can fix that Makefile. :)
Comment 9 SpanKY gentoo-dev 2008-09-17 09:22:47 UTC 
maybe, but i expect these wonky defaults are going to screw a lot more than timezone-data.  patching the timezone-data makefile yields no improvements in my eyes.