When you allow portage to build more than one package simultaneously (--jobs 2) and one of this packages will cause a sandbox violation, all packages being built simultaneously will fail with (the same) sandbox violation.
I think this must be triggered by FEATURES=pid-sandbox, since sandbox's _get_sb_log function puts the pid in the filename.
It looks like there's no way to override the SANDBOX_LOG location, but since pid-sandbox requires a mount namespace anyway, we can bind mount a private directory to /var/log/sandbox.
Created attachment 603640 [details, diff] pid-sandbox: mount private /var/log/sandbox After having written this patch, I think its better if we go ahead and add support in sandbox to override SANBOX_LOG, since otherwise we'll end up having sandbox output a log path located in /var/log/sandbox instead of the true location which is in ${PORTAGE_BUILDDIR}/sandbox_log with this patch. > From efe2c5b55f60660e9ddb2b57381d11261f59e502 Mon Sep 17 00:00:00 2001 > From: Zac Medico <zmedico@gentoo.org> > Date: Fri, 17 Jan 2020 19:23:16 -0800 > Subject: [PATCH] pid-sandbox: mount private /var/log/sandbox (bug 704848) > > Create a private /var/log/sandbox since the pid namespace triggers > log file name collision with a process in another pid namespace with > the same pid. > > TODO: Patch sandbox to allow portage to override SANDBOX_LOG, since > otherwise sandbox violation messages will output a log path located > in /var/log/sandbox instead of the true location which is in > ${PORTAGE_BUILDDIR}/sandbox_log. > > Bug: https://bugs.gentoo.org/704848 > Signed-off-by: Zac Medico <zmedico@gentoo.org> > --- > lib/portage/process.py | 24 ++++++++++++++++++++++++ > 1 file changed, 24 insertions(+)
Make portage export SANDBOX_LOG=${T}/sandbox.log https://archives.gentoo.org/gentoo-portage-dev/message/9574cab971632fe6748459052f2666ee https://github.com/gentoo/portage/pull/496
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/portage.git/commit/?id=1b18d8257ecd6c8c8f10c711b41a2be0fe7d587f commit 1b18d8257ecd6c8c8f10c711b41a2be0fe7d587f Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2020-01-18 05:31:16 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2020-01-23 06:08:31 +0000 doebuild: export SANDBOX_LOG=${T}/sandbox.log (bug 704848) In order to avoid a SANDBOX_LOG collision with another process having the same pid when pid-sandbox is enabled, export a unique SANDBOX_LOG value. The ${T} directory is a convenient location, since it is guaranteed to exist and be writable during relevant ebuild phases. Bug: https://bugs.gentoo.org/704848 Signed-off-by: Zac Medico <zmedico@gentoo.org> lib/portage/package/ebuild/_config/special_env_vars.py | 4 ++-- lib/portage/package/ebuild/doebuild.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=926daa64ce2932685e50c5b87ebe6e1f2578feb2 commit 926daa64ce2932685e50c5b87ebe6e1f2578feb2 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2020-01-23 06:54:10 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2020-01-23 07:04:32 +0000 sys-apps/portage: Bump to version 2.3.85 #615594 dosym: revert deprecated prefix compat #704256 emerge-webrsync: chmod 755 temp dir #704320 Add QA check for unresolved soname dependencies #704848 doebuild: export SANDBOX_LOG=${T}/sandbox.log #705986 solve pypy / pypy-exe dependency cycle Bug: https://bugs.gentoo.org/706142 Bug: https://bugs.gentoo.org/615594 Bug: https://bugs.gentoo.org/704256 Bug: https://bugs.gentoo.org/704320 Bug: https://bugs.gentoo.org/704848 Bug: https://bugs.gentoo.org/705986 Package-Manager: Portage-2.3.85, Repoman-2.3.20 Signed-off-by: Zac Medico <zmedico@gentoo.org> sys-apps/portage/Manifest | 1 + sys-apps/portage/portage-2.3.85.ebuild | 276 +++++++++++++++++++++++++++++++++ 2 files changed, 277 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/genkernel.git/commit/?id=ae029bbb6836e5a68d87309f7e321dd1062f6c70 commit ae029bbb6836e5a68d87309f7e321dd1062f6c70 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-01-23 17:55:55 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-01-23 17:57:16 +0000 sandbox: Set unique SANDBOX_LOG values to avoid collisions Bug: https://bugs.gentoo.org/704848 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> gen_funcs.sh | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+)
