722864 – app-crypt/tpm2-tss-2.4.0: Sandbox Access Violation because of systemd-sysusers

Bug 722864 - app-crypt/tpm2-tss-2.4.0: Sandbox Access Violation because of systemd-sysusers

Summary: app-crypt/tpm2-tss-2.4.0: Sandbox Access Violation because of systemd-sysusers

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Christopher Byrne

URL:
Whiteboard:
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2020-05-13 15:44 UTC by Stefan Schmid
Modified:	2020-05-18 05:00 UTC (History)
CC List:	14 users (show)

See Also:	https://github.com/gentoo/gentoo/pull/15784
Package list:
Runtime testing required:	---

Attachments
Buildlog from app-crypt/tpm2-tss-2.4.0 (tpm2-tss-2.4.0-build.log,304.47 KB, text/plain) 2020-05-13 15:46 UTC, Stefan Schmid	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Schmid 2020-05-13 15:44:54 UTC

When i try to compile app-crypt/tpm2-tss-2.4.0 i get an "Sandbox Access Violation", see logfile.

Reproducible: Always

Steps to Reproduce:
1. Try to build.

Comment 1 Stefan Schmid 2020-05-13 15:46:05 UTC

Created attachment 638612 [details]
Buildlog from app-crypt/tpm2-tss-2.4.0

Comment 2 PhobosK 2020-05-13 16:30:31 UTC

I also confirm this...

FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs cgroup collision-protect config-protect-if-modified distlocks ebuild-locks fail-clean fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict test-fail-continue unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersync xattr"

Comment 3 Christopher Byrne 2020-05-14 03:20:45 UTC

This is due to 7https://github.com/tpm2-software/tpm2-tss/commit/7502887b57246923fa965bfc56b5eddb473d613d#diff-c949f93d03f44a4217d7a138f9e2e54a . Didn't catch it because my test VM uses OpenRC.I'll patch it out.

Comment 4 Dennis Schridde 2020-05-15 05:50:33 UTC

The actual error message is:

make  install-exec-hook
make[2]: Entering directory '/tmp/portage/app-crypt/tpm2-tss-2.4.0/work/tpm2-tss-2.4.0'
systemd-sysusers && systemd-tmpfiles --create || true
 * ACCESS DENIED:  open_wr:      /etc/.pwd.lock
Failed to take /etc/passwd lock: Permission denied
make[2]: Leaving directory '/tmp/portage/app-crypt/tpm2-tss-2.4.0/work/tpm2-tss-2.4.0'
make[1]: Leaving directory '/tmp/portage/app-crypt/tpm2-tss-2.4.0/work/tpm2-tss-2.4.0'

Comment 5 Larry the Git Cow gentoo-dev

2020-05-18 05:00:37 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=911b35667b9e66b5d29f0ef2927219cacabd2e30

commit 911b35667b9e66b5d29f0ef2927219cacabd2e30
Author:     Salah Coronya <salah.coronya@gmail.com>
AuthorDate: 2020-05-14 03:12:06 +0000
Commit:     Jason A. Donenfeld <zx2c4@gentoo.org>
CommitDate: 2020-05-18 04:59:51 +0000

    app-crypt/tpm2-tss: Fix sandbox violation for systemd users
    
    Closes: https://bugs.gentoo.org/722864
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Salah Coronya <salah.coronya@gmail.com>
    Signed-off-by: Jason A. Donenfeld <zx2c4@gentoo.org>

 ...-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch | 15 +++++++++++++++
 app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild                  |  5 +++--
 2 files changed, 18 insertions(+), 2 deletions(-)