Wanting to emerge the latest libreoffice, I used an external disk's partition with ntfs as filesystem as PORTAGE_TMPDIR to have sufficient disk space, auto-mounted like this: /dev/sdb1 /run/media/andi/741C9F7D1C9F3956 fuseblk rw,nosuid,nodev,allow_other,blksize=4096 0 0 Be it due to ntfs3g's permission capabilities or just the current settings, all files are world-writable, and if one uses such a volume as PORTAGE_TMPDIR, all files that portage installs on the system partition will end up this way too. Portage should a) keep track of the desired permissions for all installed files and apply them while merging package files or at least b) refuse to work with PORTAGE_TMPDIRs with such unsuitable permission capabilities, in order not to produce a Gentoo installation wide open to every and any kind of local manipulation.
System info: Portage 2.1.11.62 (default/linux/amd64/13.0/desktop/kde, gcc-4.7.2, glibc-2.16.0, 3.9.2-gentoo x86_64) ================================================================= System uname: Linux-3.9.2-gentoo-x86_64-Intel-R-_Core-TM-_i3-3220_CPU_@_3.30GHz-with-gentoo-2.2 KiB Mem: 3855208 total, 256252 free KiB Swap: 0 total, 0 free Timestamp of tree: Fri, 17 May 2013 12:30:01 +0000 ld GNU ld (GNU Binutils) 2.23.1 app-shells/bash: 4.2_p45 dev-java/java-config: 2.1.12-r1 dev-lang/python: 2.7.3-r3, 3.2.3-r2 dev-util/cmake: 2.8.10.2-r2 dev-util/pkgconfig: 0.28 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.11.8 sys-apps/sandbox: 2.5 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.10.3, 1.11.6, 1.12.6 sys-devel/binutils: 2.23.1 sys-devel/gcc: 4.7.2-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4-r1 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.7 (virtual/os-headers) sys-libs/glibc: 2.16.0 Repositories: gentoo Installed sets: @mykde, @portageutils, @toolbox ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -mtune=corei7 -s -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/polkit-1/actions /usr/share/themes/oxygen-gtk/gtk-2.0" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -mtune=corei7 -s -pipe" DISTDIR="/data/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs collision-protect config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="ftp://192.168.2.100 http://ftp.uni-erlangen.de/pub/mirrors/gentoo" LANG="de_DE.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/data/portage/Packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac acpi alsa amd64 apng berkdb bluetooth bzip2 cairo cdda cdr cli consolekit cracklib crypt css cups cxx dbus declarative dri dts dvb dvd dvdr dvdread encode exif firefox flac fontconfig foomaticdb gif glut glx gphoto2 iconv iphone ipod ipv6 jpeg kde kipi lcms libnotify mad mmx mng modules mp3 mp4 mpeg mudflap multilib ncurses networkmanager nls nptl ogg opengl openmp pam pango pcre pdf phonon plasma png policykit ppds python3 qt3support qt4 rdp readline scanner semantic-desktop session spell sse sse2 ssl startup-notification svg tcpd threads tiff truetype udev udisks unicode upower usb userlocales v4l2 vlc vorbis wxwidgets x264 xcb xcomposite xinerama xml xscreensaver xv xvid zlib" ABI_X86="64" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="*" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" GRUB_PLATFORMS="pc efi-64" INPUT_DEVICES="evdev" KERNEL="linux" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="de" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="intel vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
Yes, NTFS doesn't know about UNIX/Linux file permissions. So when the filenames get written back to the target filesystem proper, some information is lost and guessed at. Conclusion: Do not use NTFS as a temporary filesystem.
Well thanks, that what I figured too, yet the fact that portage even allows this _is_ a bug nontheless.
