I'm not sure if this is a xfree issue or a portage issue, but either way xfree86-4.2.0-r12 is not compiling. Using portage 2.0.13 on an Pentium III, Gentoo 1.2 profile. This has happened on two different systems with different hardware, so it's not an isolated incident. Here's the trailing end of the build messages: cc -o imake -O -I../../include -I../../imports/x11/include/X11 imake.o make[2]: Leaving directory `/var/tmp/portage/xfree-4.2.0-r12/work/xc/config/imake' rm -f ./config/makedepend/Makefile.proto ./config/imake/imake -I./config/cf -s ./config/makedepend/Makefile.proto -f ./config/makedepend/Imakefile -DTOPDIR=../.. -DCURDIR=./config/makedepend sh: /tmp/imakeNjl18j: Permission denied make[1]: *** [config/makedepend/Makefile.proto] Aborted make[1]: *** Deleting file `config/makedepend/Makefile.proto' make[1]: Leaving directory `/var/tmp/portage/xfree-4.2.0-r12/work/xc' make: *** [World] Error 2 !!! ERROR: The ebuild did not complete successfully. !!! Function src_compile, Line 13, Exitcode 2 !!! (no error message)
Try to unset all $TMP and $TMPDIR variables, and let me know.
unset TMP and TMPDIR, same results.
Some additional notes: GRsecurity is off EVMS is off GCC is 2.95.3 not using ccache CFLAGS="-march=i686 -O3 -pipe" All systems exibiting problems are PIII boxes. This only seems to happen when installing X for the first time. All the boxes I have that already have X installed emerge just fine.
Doh! imake is dumb. It's writing temporary shell scripts to /tmp and then executing them. I have /tmp mounted noexec, so that doesn't work. Remounted /tmp without noexec option and it compiles fine. This seems bad security wise, is there a way to modify imake to instead of calling '/tmp/tmpfilename' call '/bin/sh /tmp/tmpfilename' - which would get around the noexec issue? I still think it's bad that it's running a tempfile as a shell script as root, but I don't think I can do anything about that...
Created attachment 2704 [details, diff] xfree-4.2.0-imake.patch Apply this to xfree-4.2.0-r12.ebuild (same directory, with -p0). It will be a big hack to get it to use bash I think. so create another dir, and point PORTAGE_TMPDIR to it only writable/readible/whatever root. Then try to emerge xfree again. You will still have /tmp mounted "noexec", and as only root needs to access PORTAGE_TMPDIR, there should not be security issues. (Note: TMPDIR is set internal by portage).
Btw, I think it may be a good idea to file the "noexec" /tmp and imake issue with the guys at xfree86.org.
I think I should rephrase this. The patch basically change imake to save those temp files to $TMPDIR. $TMPDIR gets set by portage, and this should always be: PORTAGE_TMPDIR/${P}/temp/. The basic theory behind it, is that only root needs to write to $PORTAGE_TMPDIR, thus you do not need to mount it "noexec", and will not cause a security risk. Can you please get back to me if this works for me or not ? Thanks.
Added to CVS.
I've just committed this to upstream X.Org CVS (finally).
