Created attachment 423322 [details] example sandbox failing build.log after upgrade of sys-apps/sandbox-2.10-r1 I can't emerge anything, it looks like the new sandbox blocks access to /var/tmp/portage for example: emerge --oneshot linux-headers * Package: sys-kernel/linux-headers-4.3 * Repository: gentoo * Maintainer: toolchain@gentoo.org * USE: abi_x86_64 amd64 elibc_glibc kernel_linux userland_GNU * FEATURES: preserve-libs sandbox userpriv usersandbox * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 809: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 811: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 813: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 815: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 817: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 819: /dev/null: Permission denied * ACCESS DENIED: open_wr: /dev/null /usr/lib/portage/python2.7/phase-functions.sh: line 827: /dev/null: Permission denied * ACCESS DENIED: execve: /usr/bin/install * ACCESS DENIED: open_rd: /usr/bin/install /usr/lib/portage/python2.7/phase-functions.sh: line 240: /usr/bin/install: Permission denied * ACCESS DENIED: open_wr: /var/tmp/portage/sys-kernel/linux-headers-4.3/temp/logging/unpack /usr/lib/portage/python2.7/isolated-functions.sh: line 263: /var/tmp/portage/sys-kernel/linux-headers-4.3/temp/logging/unpack: Permission denied * ERROR: sys-kernel/linux-headers-4.3::gentoo failed (unpack phase): * ACCESS DENIED: open_wr: /var/tmp/portage/sys-kernel/linux-headers-4.3/temp/logging/unpack .... build.log attached When FEATURES="-sandbox -usersandbox" are used, the problem goes away. Also the previous stable version 2.6-r1 works as expected.
Created attachment 423324 [details] sandbox log
Created attachment 423326 [details] sandbox log
I don't have this problem. Check perms on /dev/null, what do you get? # ls -la /dev/null crw-rw-rw- 1 root root 1, 3 Jan 19 16:27 /dev/null
# ls -la /dev/null crw-rw-rw- 1 root root 1, 3 Jan 20 07:52 /dev/null I'm afraid, it is not that easy. Basically new sandbox refuses access everywhere, even in /var/tmp/portage. And at the same time the old stable sandbox has no problem with it. Moreover, I see the problem on two commuters. One server and one laptop, but they can share some configurations.
there is also a lot of segfaults in dmesg as well, it looks like: [ 1357.441068] uname[16553]: segfault at 7ffdfea03fe8 ip 00007f6a90a79acb sp 00007ffdfea03fe0 error 6 in libsandbox.so[7f6a90a73000+16000] [ 1357.511435] tr[16562]: segfault at 7ffc17325ff8 ip 00007f7b63f2eae1 sp 00007ffc17326000 error 6 in libsandbox.so[7f7b63f28000+16000] [ 1357.515576] sort[16561]: segfault at 7ffce9e99ff8 ip 00007f642d505ae1 sp 00007ffce9e9a000 error 6 in libsandbox.so[7f642d4ff000+16000] [ 1357.516430] tr[16560]: segfault at 7ffd105fdff8 ip 00007fae6317c9e9 sp 00007ffd105fdff0 error 6 in libsandbox.so[7fae63176000+16000] [ 1357.527309] tr[16567]: segfault at 7fff9ba96ff8 ip 00007f82b725489b sp 00007fff9ba97000 error 6 in libsandbox.so[7f82b724c000+16000] [ 1357.535712] sort[16566]: segfault at 7fff7b359ff8 ip 00007f23405af862 sp 00007fff7b359ff0 error 6 in libsandbox.so[7f23405a7000+16000] [ 1357.554598] tr[16565]: segfault at 7ffdca515ff8 ip 00007fd38ce2d5ad sp 00007ffdca516000 error 6 in libdl-2.21.so[7fd38ce2c000+2000] [ 1357.638509] uname[16605]: segfault at 7ffe6ed60ff8 ip 00007f02ee2fcae1 sp 00007ffe6ed61000 error 6 in libsandbox.so[7f02ee2f6000+16000] [ 1357.763840] tr[16658]: segfault at 7ffd22e0eff8 ip 00007f9e01aa9944 sp 00007ffd22e0eff0 error 6 in libsandbox.so[7f9e01aa3000+16000] [ 1357.766426] tr[16656]: segfault at 7ffe4d292ff8 ip 00007f64f20e4944 sp 00007ffe4d292ff0 error 6 in libsandbox.so[7f64f20de000+16000] [ 1390.297588] show_signal_msg: 18 callbacks suppressed
I finally found the problem, it is the CFLAG="-fuse-ld=gold" when emerging sys-apps/sandbox-2.10-r1. Interesting is, that the old version of sandbox can be compiled with ld.gold, but does not compile with -flto. Even more interesting is, that -fuse-ld=gold together with -flto makes sys-apps/sandbox-2.10-r1 behave correctly.
setting gold in CFLAGS is wrong. that's an LDFLAGS setting. that said, i can't reproduce this. you must attach `emerge --info` to all bug reports, as well as the full build log for the package in question (sandbox).
CFLAG="-fuse-ld=gold" works fine at least with sandbox, no need to set the LDFLAG if you look at the size of the resulting binary, the one with gold is slightly smaller than the one with bfd (for /usr/bin/sandbox I get 49920 with gold and 51920 with bfd) the bad news is, I myself can't reproduce the error any more must have been interaction with some other package, I remember there was an update of linux-headers at the same time, so maybe sandbox got compiled using new headers and something else (glibc?) was still using the old ones, producing the error I was reporting
(In reply to Jan Fikar from comment #8) my comment #7 still stands regardless of what your experience shows with some packages. CFLAGS is the wrong place to put linker flags.
