The courier-authlib-0.52-r1 ebuild violates the sandbox during install-migrate. Here authmigrate is called, which in turn tries to execute makeuserdb. makeuserdb tries to create the lock-file /etc/courier/userdb.log, which isn't inside the sandbox. Reproducible: Always Steps to Reproduce: 1.emerge =courier-authlib-0.52-r1 2. 3. Actual Results: make[1]: Leaving directory `/var/tmp/portage/courier-authlib-0.52-r1/work/courier-authlib-0.52' /bin/sh authmigrate /etc/courier/authdaemonrc => /var/tmp/portage/courier-authlib-0.52-r1/image//etc/courier/authlib/authdaemonrc /etc/courier/authmysqlrc => /var/tmp/portage/courier-authlib-0.52-r1/image//etc/courier/authlib/authmysqlrc /etc/courier/authldaprc => /var/tmp/portage/courier-authlib-0.52-r1/image//etc/courier/authlib/authldaprc /etc/courier/userdb => /var/tmp/portage/courier-authlib-0.52-r1/image//etc/courier/authlib/userdb makeuserdb... ACCESS DENIED open_wr: /etc/courier/userdb.lock Can't open /etc/courier/userdb.lock: Permission denied at /usr/sbin/makeuserdb line 60. make: *** [install-migrate] Error 13 Expected Results: I haven't looked into it very deeply, but I don't think that it makes sense to call makeuserdb from inside the sandbox. Maybe it would be better to tell the user to do it by himself via einfo or call it in pkg_postinst() To circumvent the sanbox violation simply comment out the call to makeuserdb by adding sed -i -e's/\$sbindir\/makeuserdb/#\$sbindir\/makeuserdb/' ${S}/authmigrate.in as the last line of src_unpack in the ebuild. You'll have to call makeuserdb manually afterwards. Another thing I've noticed: The sed-commands sed -i -e'/for dir in/a\\t\t\/etc\/courier-imap \\' ${S}/authmigrate.in sed -i -e'/for dir in/a\\t\t\/etc\/courier\/authlib \\' ${S}/authmigrate.in don't work for me. They generate something like \tt/etc/courier-imap \ in authmigrate.in To get those replacements working delete the "\t\t"-sequence and press <CTRL-V><TAB> twice (tested and works in vi... Don't know about other editors). And finally my emerge info: Portage 2.0.51-r15 (default-linux/x86/2004.0, gcc-3.3.5, glibc-2.3.4.20040808-r1, 2.6.10-ck1 i686) ================================================================= System uname: 2.6.10-ck1 i686 AMD Athlon(tm) XP 2400+ Gentoo Base System version 1.4.16 Python: dev-lang/python-2.2.3-r5,dev-lang/python-2.3.4 [2.3.4 (#1, Oct 19 2004, 19:30:53)] distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] dev-lang/python: 2.2.3-r5, 2.3.4 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.9.4, 1.5, 1.8.5-r3, 1.6.3, 1.7.9-r1 sys-devel/binutils: 2.15.92.0.2-r1 sys-devel/libtool: 1.5.10-r4 virtual/os-headers: 2.6.8.1-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O3 -march=athlon-xp -funroll-loops -fprefetch-loop-arrays -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=athlon-xp -funroll-loops -fprefetch-loop-arrays -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache distlocks sandbox sfperms" GENTOO_MIRRORS="ftp://ftp.uni-erlange.de/pub/mirrors/gentoo ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ http://linux.rz.ruhr-uni-bochum.de /download/gentoo-mirror/ http://gentoo.osuosl.org/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="x86 X aalib alsa apache2 apm arts avi berkdb bitmap-fonts cdr crypt cups doc dvd encode esd f77 fam flac font-server foomaticdb fortran gdbm gif gpm gstreamer gtk2 imagemagick imlib ipv6 java jpeg junit kde ldap libg++ libwww mad mikmod motif mozilla mpeg mysql ncurses nls oggvorbis opengl oss pam pdflib perl png python qt quicktime readline samba sdl slang spell ssl svga tcltk tcpd tetex tiff truetype truetype-fonts type1-fonts xinerama xml xml2 xmms xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS
Well this was fun. Couple different things happened here. The tabs suggestion does not work on anything I've got, leading whitespace is ignored, which is why I'd gone with the \t in the first place. Got something in there now that should work everywhere. next was the userdb thing, which that file doesn't seem to get noticed by the migrate tool unless it has ##VERSION in it, which I bet a lot of userdb files are that way. So we'll look a little harder for that file if its not already been pulled into the new location. checking in the fixes now
Created attachment 212531 [details] build.log of failed makeuserdb call
Created attachment 212533 [details] my emerge --info
In version 62.4. it happens again (build.log). When I try to uncomment the few lines in src_postinst(), it gaves me the error anyway 149 pkg_postinst() { 150 # if [[ -e /etc/courier/authlib/userdb ]] ; then 151 # einfo "Running makeuserdb ..." 152 # chmod go-rwx /etc/courier/authlib/userdb 153 # makeuserdb 154 # fi I've no idea which script is calling. The error is now: makeuserdb... ACCESS DENIED open_wr: /etc/courier/authlib/userdb.lock Can't open /etc/courier/authlib/userdb.lock: Permission denied at /usr/sbin/makeuserdb line 65. make: *** [install-migrate] Error 13 Added emerge --info for your information too. Please reopen this bug.
see also #295520
