emerge of gpgme fails with a sandbox violation if the portage user has a /run/user directory which is the case on systemd systems: make[2]: Leaving directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/lang' make[1]: Leaving directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/lang' make[1]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1' make[1]: Nothing to be done for 'all-am'. make[1]: Leaving directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1' >>> Source compiled. * --------------------------- ACCESS VIOLATION SUMMARY --------------------------- * LOG FILE: "/var/log/sandbox/sandbox-4.log" * VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart KILLAGENT F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg --batch --no-permission-warning --import ./pubdemo.asc F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-agent --homedir /var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/gpg --use-standard-socket --daemon F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg --batch --no-permission-warning --import ./secdemo.asc F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart KILLAGENT F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg --batch --no-permission-warning --import ../../tests/gpg/pubdemo.asc F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-agent --homedir /var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json --use-standard-socket --daemon F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg --batch --no-permission-warning --import ../../tests/gpg/secdemo.asc F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end F: mkdir S: deny P: /run/user/250/gnupg A: /run/user/250/gnupg R: /run/user/250/gnupg C: gpg-connect-agent --no-autostart KILLAGENT * -------------------------------------------------------------------------------- Reproducible: Always Portage 2.3.76 (python 3.6.9-final-0, default/linux/amd64/17.1/desktop, gcc-9.2.0, glibc-2.29-r5, 5.3.5-gentoo x86_64) ================================================================= System uname: Linux-5.3.5-gentoo-x86_64-Intel-R-_Core-TM-_i7-8565U_CPU_@_1.80GHz-with-gentoo-2.6 KiB Mem: 16277236 total, 11878244 free KiB Swap: 8388604 total, 8388604 free Timestamp of repository gentoo: Thu, 10 Oct 2019 17:00:01 +0000 Head commit of repository gentoo: 1123ad37dafee0cc747fc8e55b18d7f143e08957 sh bash 5.0_p11 ld GNU ld (Gentoo 2.32 p2) 2.32.0 app-shells/bash: 5.0_p11::gentoo dev-java/java-config: 2.2.0-r4::gentoo dev-lang/perl: 5.30.0::gentoo dev-lang/python: 2.7.16::gentoo, 3.6.9::gentoo dev-util/cmake: 3.15.4::gentoo sys-apps/baselayout: 2.6-r1::gentoo sys-apps/sandbox: 2.18::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r4::gentoo sys-devel/automake: 1.16.1-r1::gentoo sys-devel/binutils: 2.32-r1::gentoo sys-devel/gcc: 9.2.0-r1::gentoo sys-devel/gcc-config: 2.1::gentoo sys-devel/libtool: 2.4.6-r5::gentoo sys-devel/make: 4.2.1-r4::gentoo sys-kernel/linux-headers: 5.3::gentoo (virtual/os-headers) sys-libs/glibc: 2.29-r5::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-jobs: 1 sync-rsync-verify-max-age: 24 sync-rsync-verify-metamanifest: yes sync-rsync-extra-opts: local location: /usr/local/portage masters: gentoo ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="@FREE ipw2200-fw sun-jlfgr bonnie freedist JSON ipw2100-fw linux-fw-redistributable NVIDIA-r1 ISSL XC Emacs mm Sendmail x2x flexmock SSLeay Toyoda totd Mini-XML regexp-UofT File-MMagic tcltk iASL ipadic ZSH FLTK CAOSL BEER-WARE Time-Format Khronos-CLHPP TeX Openwall ErlPL-1.1 JDOM LIBGLOSS symlinks SMAIL pngcrush gsm photopc FastCGI UCAR-Unidata CRACKLIB JOVE freetts Flashpix Sendmail-Open-Source HTML-Tidy eGenixPublic-1.1 imagemagick tablelist docbook TeX-other-free rc Old-MIT yuuji JNIC psutils NEWLIB Time-modules IDPL libpng2 xvt BSD-1 rdisc PCRE AIFFWriter.m lsof FVWM torque-2.5 Info-ZIP LPPL-1.3 LLVM-Grant SVFL the-Click-license scanlogd matplotlib boehm-gc YaTeX otter LambdaMOO ipx-utils pngnq DES libpng AMPAS mpich2 CDDL-1.1 Xdebug htmlc tcp_wrappers_license libtiff ElementTree ngrep CeCILL-C BZIP2 Princeton rwpng w3m qmail-nelson Snd DUMB-0.9.3 Interbase-1.0 icu RSA xboing CMake minpack gd Allegro buddy perforce BSD-with-attribution CPL-0.5 CDDL-Schily inner-net LPPL-1.3b feh MIT-with-advertising Crypt-IDEA shrimp xbatt PHP-2.02 Subversion openafs-krb5-a tm-align dom4j SNIA NCSA-HDF VTK repoze bufexplorer.vim xtrs JasPer2.0 mapm-4.9.5 netcat URT libmng Mail-Sendmail alternate FLEX Ispell bea.ri.jsr173 canfep PHP-3.01 EPL-1.0 CPAL-1.0 LGPL-3+ APSL-2 LGPL-3 GPL-1+ MPL-1.1 GPL-3+ MPL-1.0 BSD HPND NOSA PHP-3 AFL-3.0 GPL-3 LGPL-2+ IPAfont Sleepycat ZPL AGPL-3+ IBM POSTGRESQL Artistic Ms-PL LGPL-2.1+ LPPL-1.3c Artistic-2 CPL-1.0 nethack ZLIB ECL-2.0 Apache-1.1 EUPL-1.1 wxWinLL-3 UoI-NCSA GPL-2 AGPL-3 BSD-2 Boost-1.0 OFL-1.1 LGPL-2.1 EPL-2.0 QPL W3C ISC MPL-2.0 Apache-2.0 APL-1.0 CNRI CDDL GPL-2+ PSF-2 Watcom-1.0 MIT OSL-2.1 PHP-3.01 EPL-1.0 CPAL-1.0 APSL-2 MPL-1.1 MPL-1.0 OSL-2.0 AFL-3.0 NPL-1.1 GPL-2-with-font-exception Clarified-Artistic GPL-2-with-linking-exception WTFPL-2 LGPL-2.1-with-linking-exception gcc-runtime-library-exception-3.1 GPL-2-with-classpath-exception GPL-2-with-exceptions IJG LGPL-3+ UPX-exception LGPL-3 GPL-1+ GPL-3+ FTL BSD GPL-3-with-font-exception PSF-2.2 wxWinLL-3.1 HPND unicode GPL-3 LGPL-2+ GPL-3-with-openssl-exception Unlicense MIT Sleepycat GPL-3+-with-opencl-exception CC0-1.0 Ruby GPL-3+-with-opencl-openssl-exception Ruby-BSD ZPL AGPL-3+ Clear-BSD PSF-2.4 CeCILL-2 LGPL-2.1+ Artistic-2 ZLIB ECL-2.0 PYTHON LGPL-2-with-linking-exception GPL-3+-with-cuda-openssl-exception PSF-2.3 UoI-NCSA GPL-2 AGPL-3 BSD-2 GPL-3+-with-cuda-exception Boost-1.0 vim LGPL-2.1 SGI-B-2.0 LGPL-2 libgcc GPL-2-with-MySQL-FLOSS-exception GPL-1 Apache-2.0-with-LLVM-exceptions libstdc++ public-domain OPENLDAP ISC MPL-2.0 Apache-2.0 Transmission-OpenSSL-exception LGPL-3-with-linking-exception W3C Nokia-Qt-LGPL-Exception-1.1 metapackage tanuki-community GPL-2+ PSF-2 qwt GPL-2+-with-openssl-exception IBM gnuplot Ms-PL CPL-1.0 Apache-1.1 EUPL-1.1 BSD-4 EPL-2.0 QPL openssl CNRI OSL-1.1 AFL-2.1 CDDL LPPL-1.2 Apache-1.0 Zend-2.0 OSL-2.1 QPL-1.0 BAEKMUK CC-SA-1.0 CC-BY-SA-1.0 man-pages-posix-2013 UbuntuFontLicense-1.0 CC-PD LDP-1a Unicode_Fonts_for_Ancient_Scripts wxWinFDL-3 quake1-textures MaxMind2 vlgothic LDP-1 BitstreamVera Texinfo-manual myspell-en_CA-KevinAtkinson mplus-fonts man-pages-posix man-pages OFL CC-BY-2.0 GPL-1+ GPL-3+ GPL-3 CC-BY-4.0 IPAfont FDL-1.1+ CC-BY-SA-2.0 Arphic CC-BY-2.5 FDL-1.2+ GPL-2 FDL-1.3+ OFL-1.1 GPL-1 FreeArt OPL CC-BY-3.0 CC-BY-SA-2.5 FDL-1.3 FDL-1.1 CC-BY-SA-4.0 GPL-2+ FDL-1.2 CC-BY-SA-3.0 Atmel qlogic-fibre-channel-firmware ipw3945 no-source-code bh-luxi SmartLabs Amazon Broadcom intel-ucode MicroChip-SDCC LSI-tw_cli shmux Dina unRAR" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--jobs=4 --load-average=10" ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs collision-protect config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -march=native -pipe -fomit-frame-pointer" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_GB.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j8" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo cdda cdr cgroup-hybrid cli crypt cryptsetup cups cxx dbus dri dts dvd dvdr emboss encode exif fam flac fortran gdbm gif glamor gtk iconv icu idn ipv6 jpeg lcms libnotify libtirpc mad mng mp3 mp4 mpeg multilib ncurses networkmanager nls nptl ogg opengl openmp pam pango pcre pdf pic png policykit ppds pulseaudio readline sdl seccomp spell split-usr ssl startup-notification svg systemd tcpd tiff truetype udev udisks unicode upower urandom usb user-session vaapi vorbis vulkan wxwidgets x264 xattr xcb xcsecurity xml xv xvid xvmc zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LLVM_TARGETS="X86" NETBEANS_MODULES="apisupport cnd groovy gsf harness ide identity j2ee java mobility nb php profiler soa visualweb webcommon websvccommon xml" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-2" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_6" PYTHON_TARGETS="python2_7 python3_6" QEMU_SOFTMMU_TARGETS="aarch64 arm i386 x86_64" QEMU_USER_TARGETS="aarch64 aarch64_be arm armeb" RUBY_TARGETS="ruby24 ruby25" USERLAND="GNU" VIDEO_CARDS="intel i965" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
The relevant part of build output reads: libtool: link: x86_64-pc-linux-gnu-gcc -O2 -march=native -pipe -fomit-frame-pointer -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wno-format-y2k -Wno-missing-field-initializers -Wno-sign-compare -Wno-format-zero-length -Wno-format-truncation -Wno-sizeof-pointer-div -Wl,-O1 -o t-thread-keylist-verify t-thread-keylist-verify.o -Wl,--as-needed ../../src/.libs/libgpgme.so -lpthread -Wl,-rpath -Wl,/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/src/.libs make[3]: Leaving directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/tests/gpg' make[2]: Leaving directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/tests/gpg' Making all in json make[2]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/tests/json' echo no-force-v3-sigs > ./gpg.conf echo pinentry-program /var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/../gpg/pinentry > ./gpg-agent.conf GNUPGHOME=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json LC_ALL=C GPG_AGENT_INFO= top_srcdir=../.. gpgme_json=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/../../src/gpgme-json gpgconf --kill all echo disable-scdaemon >> ./gpg-agent.conf * ACCESS DENIED: mkdir: /run/user/250/gnupg * ACCESS DENIED: mkdir: /run/user/250/gnupg * ACCESS DENIED: mkdir: /run/user/250/gnupg /bin/mkdir -p ./private-keys-v1.d for k in ../../tests/gpg/13CD0F3BDF24BE53FE192D62F18737256FF6E4FD ../../tests/gpg/76F7E2B35832976B50A27A282D9B87E44577EB66 ../../tests/gpg/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD ../../tests/gpg/13CBE3758AFE42B5E5E2AE4CED27AFA455E3F87F ../../tests/gpg/7A030357C0F253A5BBCD282FFC4E521B37558F5C; do \ cp $k private-keys-v1.d/$(basename $k).key; \ done echo x > ./gpg-sample.stamp GNUPGHOME=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json LC_ALL=C GPG_AGENT_INFO= top_srcdir=../.. gpgme_json=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/../../src/gpgme-json gpg --batch --no-permission-warning \ --import ../../tests/gpg/pubdemo.asc gpg: keybox '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/pubring.kbx' created gpg: /var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/trustdb.gpg: trustdb created gpg: key 2D727CC768697734: public key "Alfa Test (demo key) <alfa@example.net>" imported * ACCESS DENIED: mkdir: /run/user/250/gnupg * ACCESS DENIED: mkdir: /run/user/250/gnupg gpg: key FE180B1DA9E3B0B2: public key "Bob (demo key)" imported gpg: key 413F4AF31AFDAB6C: public key "Charlie Test (demo key) <charlie@example.net>" imported gpg: key EBA9F240EB9DC9E6: public key "Delta Test (demo key) <delta@example.net>" imported gpg: key 318C1FAEFAEF6D1B: public key "Echelon (demo key)" imported gpg: key D4BF57F37372E243: public key "Foxtrot Test (demo key) <foxtrot@example.net>" imported gpg: key 168410A48FC282E6: public key "Golf Test (demo key) <golf@example.net>" imported gpg: key 13DB965534C6E3F1: public key "Hotel Test (demo key) <hotel@example.net>" imported gpg: key 1FE8FC6F04259677: public key "India Test (demo key) <india@example.net>" imported gpg: key 0C820C71D2699313: public key "Juliet Test (demo key) <juliet@example.net>" imported gpg: key AD1B0FAD43C2D0C7: public key "Kilo Test (demo key) <kilo@example.net>" imported gpg: key 37CAB51FB79103F8: public key "Lima Test (demo key) <lima@example.net>" imported gpg: key BE794852BE5CF886: public key "Mallory (demo key)" imported gpg: key 25B00FD430CEC684: public key "November Test (demo key) <november@example.net>" imported gpg: key 5F6356BA6D9732AC: public key "Oscar Test (demo key) <oscar@example.net>" imported gpg: key 5D15E01D3FF13206: public key "Papa test (demo key) <papa@example.net>" imported gpg: key 1C67EC133C661C84: public key "Quebec Test (demo key) <quebec@example.net>" imported gpg: key 3BDBEDB1777FBED3: public key "Romeo Test (demo key) <romeo@example.net>" imported gpg: key A5E67F7FA3AE3EA1: public key "Sierra Test (demo key) <sierra@example.net>" imported gpg: key 58CB9A4C85A81F38: public key "Tango Test (demo key) <tango@example.net>" imported gpg: key A94C0F75653244D6: public key "Uniform Test (demo key) <uniform@example.net>" imported gpg: key 47AF4B6961F04784: public key "Victor Test (demo key) <victor@example.org>" imported gpg: key DEF0F7B8EC67DBDE: public key "Whisky Test (demo key) <whisky@example.net>" imported gpg: key 8979A6C5567FB34A: public key "XRay Test (demo key) <xray@example.net>" imported gpg: key 9EEF34CD4B11B25F: public key "Yankee Test (demo key) <yankee@example.net>" imported gpg: key 6BC4778054ACD246: public key "Zulu Test (demo key) <zulu@example.net>" imported gpg: Total number processed: 26 gpg: imported: 26 GNUPGHOME=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json LC_ALL=C GPG_AGENT_INFO= top_srcdir=../.. gpgme_json=/var/tmp/portage/app-crypt/gpgme-1.13.1/work/b/tests/json/../../src/gpgme-json gpg --batch --no-permission-warning \ --import ../../tests/gpg/secdemo.asc gpg: key 2D727CC768697734: "Alfa Test (demo key) <alfa@example.net>" 1 new signature * ACCESS DENIED: mkdir: /run/user/250/gnupg gpg: key 2D727CC768697734: secret key imported gpg: key 6BC4778054ACD246: "Zulu Test (demo key) <zulu@example.net>" 1 new signature gpg: key 6BC4778054ACD246: secret key imported gpg: Total number processed: 2 gpg: new signatures: 2 gpg: secret keys read: 2 gpg: secret keys unchanged: 2 echo x > ./pubring-stamp make all-am make[3]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.13.1/work/gpgme-1.13.1/tests/json' x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../../conf -I../../src -O2 -march=native -pipe -fomit-frame-pointer -Wall -Wcast-align -Wshadow -Wstrict-prototypes -Wno-format-y2k -Wno-missing-field-initializers -Wno-sign-compare -Wno-format-zero-length -Wno-format-truncation -Wno-sizeof-pointer-div -c -o t-json.o t-json.c Workaround: Skip agent tests by setting SKIP_TESTS=1 in emerge environment.
Does not happen on an OpenRC system. The difference lies in the existence of /run/user/<uid> (uid==250 for portage user) on a systemd system: OpenRC system: # su - portage -s /bin/bash -c "strace -f gpg-connect-agent KILLAGENT /bye 2>&1 | grep /run/user" stat("/run/user/250", 0x7fff3b77fd30) = -1 ENOENT (No such file or directory) stat("/var/run/user/250", 0x7fff3b77fd30) = -1 ENOENT (No such file or directory) systemd system: # su - portage -s /bin/bash -c "strace -f gpg-connect-agent KILLAGENT /bye 2>&1 | grep /run/user" stat("/run/user/250", {st_mode=S_IFDIR|0700, st_size=80, ...}) = 0 stat("/run/user/250/gnupg", 0x7fff579636c0) = -1 ENOENT (No such file or directory) mkdir("/run/user/250/gnupg", 0700) = 0 stat("/run/user/250/gnupg", {st_mode=S_IFDIR|0700, st_size=40, ...}) = 0 stat("/run/user/250/gnupg/S.gpg-agent", 0x7fff57963630) = -1 ENOENT (No such file or directory) stat("/run/user/250/gnupg/S.gpg-agent", 0x7fff57963630) = -1 ENOENT (No such file or directory) connect(3, {sa_family=AF_UNIX, sun_path="/run/user/250/gnupg/S.gpg-agent"}, 33) = -1 ENOENT (No such file or directory) Relevant code in gnupg: gnupg-2.2.17/common/homedir.c:_gnupg_socketdir_internal() # rmdir /run/user/1000/gnupg ; gdb gpg-connect-agent [...] (gdb) break mkdir Breakpoint 1 at 0x41a0 (gdb) run KILLAGENT /bye Starting program: /usr/bin/gpg-connect-agent KILLAGENT /bye Breakpoint 1, mkdir () at ../sysdeps/unix/syscall-template.S:78 78 ../sysdeps/unix/syscall-template.S: No such file or directory. (gdb) bt #0 mkdir () at ../sysdeps/unix/syscall-template.S:78 #1 0x0000555555564a55 in _gnupg_socketdir_internal () #2 0x0000555555564bb4 in gnupg_socketdir () #3 0x0000555555566fd3 in start_new_gpg_agent () #4 0x0000555555559e6a in main () (gdb) Not sure who to blame here: gpgme, gnupg, sandbox or the ebuild. I'd argue the gpgme build system should not as a side effect of running the tests create directories elsewhere on the system.
I have also bumped into this issue, it blocks updates on my machine. Could you please prioritize this?
Seeing the same issue for some time now. I've a OpenRC system. Portage 3.0.8 (python 3.7.9-final-0, default/linux/amd64/17.1/desktop/plasma, gcc-9.3.0, glibc-2.32-r2, 5.4.60-gentoo-x86_64 x86_64) ================================================================= System uname: Linux-5.4.60-gentoo-x86_64-x86_64-Intel-R-_Core-TM-_i7-7500U_CPU_@_2.70GHz-with-gentoo-2.7 KiB Mem: 16223880 total, 3061232 free KiB Swap: 8388600 total, 8097864 free Timestamp of repository gentoo: Wed, 04 Nov 2020 08:30:01 +0000 Head commit of repository gentoo: fd8755daa52e306f03ae3bc44360b41d008b9eee sh bash 5.0_p18 ld GNU ld (Gentoo 2.34 p6) 2.34.0 ccache version 3.7.12 [enabled] app-shells/bash: 5.0_p18::gentoo dev-java/java-config: 2.3.1::gentoo dev-lang/perl: 5.30.3::gentoo dev-lang/python: 2.7.18-r4::gentoo, 3.6.12::gentoo, 3.7.9::gentoo, 3.8.5::gentoo dev-util/ccache: 3.7.12::gentoo dev-util/cmake: 3.17.4-r1::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.7::gentoo sys-apps/openrc: 0.42.1::gentoo sys-apps/sandbox: 2.20::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r5::gentoo sys-devel/automake: 1.13.4-r2::gentoo, 1.16.1-r1::gentoo sys-devel/binutils: 2.34-r2::gentoo sys-devel/gcc: 9.3.0-r1::gentoo sys-devel/gcc-config: 2.3.2::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/make: 4.2.1-r4::gentoo sys-kernel/linux-headers: 5.4-r1::gentoo (virtual/os-headers) sys-libs/glibc: 2.32-r2::gentoo
Same with gpgme-1.14.0
