700764 – sys-fs/fuse-3.8.0 - mknod: /var/tmp/portage/sys-fs/fuse-3.8.0/image/dev/fuse: Operation not permitted

Bug 700764 - sys-fs/fuse-3.8.0 - mknod: /var/tmp/portage/sys-fs/fuse-3.8.0/image/dev/fuse: Operation not permitted

Summary: sys-fs/fuse-3.8.0 - mknod: /var/tmp/portage/sys-fs/fuse-3.8.0/image/dev/fuse:...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Aaron Bauman (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-11-20 12:13 UTC by Ben Kohler
Modified:	2019-11-20 16:26 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
build log (sys-fs:fuse-3.8.0:20191120-121016.log,22.98 KB, text/plain) 2019-11-20 12:13 UTC, Ben Kohler	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ben Kohler gentoo-dev

2019-11-20 12:13:19 UTC

Created attachment 596878 [details]
build log

This newest fuse's build system tries [1] to mknod ${D}/dev/fuse in the src_install phase which breaks certain containers and also cases where PORTAGE_TMPDIR is no a restricted 'nodev' filesystem.

I'm not sure if this is strictly illegal per PMS but I'm not aware of any other builds doing this kind of mknod into PORTAGE_TMPDIR.

One easy workaround would be to 'mkdir -p "${D}"/dev && touch "${D}/dev/fuse' at the beginning of src_install.  

Another would be to set $useroot via meson but that would have other side effects as you can see in the code block in install_helper.sh.

Thanks!

[1] https://github.com/libfuse/libfuse/blob/master/util/install_helper.sh#L35

Comment 1 Ben Kohler gentoo-dev

2019-11-20 12:16:18 UTC

--- a/sys-fs/fuse/fuse-3.8.0.ebuild
+++ b/sys-fs/fuse/fuse-3.8.0.ebuild
@@ -56,6 +56,9 @@ multilib_src_test() {
 }
 
 multilib_src_install() {
+       # prevent build system from trying to mknod
+       mkdir -p "${D}"/dev && touch "${D}"/dev/fuse
+
        DESTDIR="${D}" eninja install
 }

Comment 2 Mike Gilbert gentoo-dev

2019-11-20 16:08:49 UTC

> One easy workaround would be to 'mkdir -p "${D}"/dev && touch "${D}/dev/fuse' at the beginning of src_install.  

You would also need to remove "${D}/dev" after ninja install, or the ebuild will install an empty file. This would also trigger failures on prefix systems, since /dev would be outside ${EPREFIX}.

Passing -Duseroot=false to meson and fixing up the permissions with fperms seems like a much nicer solution to me.

Comment 3 Ben Kohler gentoo-dev

2019-11-20 16:11:02 UTC

The removal already happens in multilib_src_install_all() later in the ebuild.  But the -Duseroot fix seems fine to me, anyway.

Comment 4 Larry the Git Cow gentoo-dev

2019-11-20 16:26:40 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18dc49f2ebbef778ce5032e2622edeb4afd39c95

commit 18dc49f2ebbef778ce5032e2622edeb4afd39c95
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2019-11-20 16:22:50 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-11-20 16:25:02 +0000

    sys-fs/fuse: pass -Duseroot=false to meson configure
    
    This prevents the /dev/fuse device node from being created by the build
    system.
    
    It also prevents the suid bit from being set on fusermount3, so handle
    that using fperms in the ebuild, and make it optional via a USE flag.
    
    Closes: https://bugs.gentoo.org/700764
    Package-Manager: Portage-2.3.79_p3, Repoman-2.3.18_p2
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 sys-fs/fuse/fuse-3.8.0.ebuild | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)