Created attachment 515524 [details] dev-python-pycparser-2.14-build.log I am trying to use unprivileged user namespaces for stage3 chroots for most of development. In this case =dev-python/pycparser-2.14 failed to unpack as: ^[[32;01m * ^[[39;49;00mPackage: dev-python/pycparser-2.14 ^[[32;01m * ^[[39;49;00mRepository: gentoo ^[[32;01m * ^[[39;49;00mMaintainer: python@gentoo.org ^[[32;01m * ^[[39;49;00mUSE: elibc_glibc hppa kernel_linux python_targets_python2_7 python_targets_python3_5 userland_GNU ^[[32;01m * ^[[39;49;00mFEATURES: preserve-libs sandbox userpriv usersandbox >>> Unpacking source... tar: CHANGES: Cannot change ownership to uid 1000, gid 1000: Invalid argument ... Other packages unpack and install just fine. I've compared why portage works as-is. I think it's due to missing '-o' option: portage: bin/phase-helpers.sh: $1 -c -- "$srcdir$x" | tar xof - https://github.com/gentoo/portage/blob/fe09b49fd09f42b9b6956f6c299bd325c62f0e83/bin/phase-helpers.sh#L317 vcs-snapshot.eclass: tar -C "${destdir}" -x --strip-components 1 \ -f "${DISTDIR}/${f}" || die 'o' is (man tar follows) Compatibility options -o When creating, same as --old-archive. When extracting, same as --no-same-owner. --no-same-owner Extract files as yourself (default for ordinary users). Unprivileged containers allow only one-to-one mapping between UIDs in and outside containers. It basically means I need to run everything as a single user in container. I chose to map my normal user to uid root (--user --map-root-user) and running everything as container's root (changing uid is forbidden by kernel). Running everything as uid=0 works fine as long as everything wants to stay uid=0: newly created files should be root-owned, etc. By default tar when ran as root tries to restore owner's UID/GID. That's the place where things break. The following patch makes pycparser unpack just fine: --- a/eclass/vcs-snapshot.eclass +++ b/eclass/vcs-snapshot.eclass @@ -70 +70 @@ vcs-snapshot_src_unpack() { - tar -C "${destdir}" -x --strip-components 1 \ + tar -C "${destdir}" -xo --strip-components 1 \
WFM. Could you submit to gentoo-dev@ for completeness? But you don't have to elaborate that much on it ;-P.
Sent https://archives.gentoo.org/gentoo-dev/message/9c59c75e482a7a0bd8348c5257af80ef for review.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a10a1bf072ae90445fb6d238659a799d3bf55375 commit a10a1bf072ae90445fb6d238659a799d3bf55375 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-01-21 00:01:59 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-03-17 23:18:35 +0000 vcs-snapshot.eclass: set -o (--no-same-owner) when unpacking, bug #645182 Fixes build failures in unprivileged containers like bug #645182: Package: dev-python/pycparser-2.14 >>> Unpacking source... tar: CHANGES: Cannot change ownership to uid 1000, gid 1000: Invalid argument In such containers uid=0 can't really change file ownership. Closes: https://bugs.gentoo.org/645182 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> eclass/vcs-snapshot.eclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
