Created attachment 813652 [details] net-dialup/rp-pppoe-3.15-r2 build.log net-dialup/rp-pppoe-3.15-r2 tries to open /var/log/ppp-log during ./configure: * ACCESS DENIED: open_wr: /var/log/ppp-log I have attached build.log (it references sandbox.log but its contents are also at the bottom of build.log).
Please paste emerge --info. Afterwards, please re-open.
Apologies, here's emerge --info: Portage 3.0.36 (python 3.10.6-final-0, default/linux/amd64/17.1/desktop, gcc-11.3.0, glibc-2.35-r8, 5.19.6-gentoo x86_64) ================================================================= System uname: Linux-5.19.6-gentoo-x86_64-Intel-R-_Core-TM-_i5-2520M_CPU_@_2.50GHz-with-glibc2.35 KiB Mem: 8035284 total, 1120916 free KiB Swap: 0 total, 0 free Timestamp of repository gentoo: Thu, 22 Sep 2022 06:00:01 +0000 Head commit of repository gentoo: aedd5dd7e8f64351880c4986a948c90ef4322d54 sh bash 5.1_p16-r1 ld GNU ld (Gentoo 2.38 p4) 2.38 app-misc/pax-utils: 1.3.5::gentoo app-shells/bash: 5.1_p16-r1::gentoo dev-java/java-config: 2.3.1::gentoo dev-lang/perl: 5.34.1-r3::gentoo dev-lang/python: 3.10.6_p4::gentoo dev-lang/rust: 1.62.1::gentoo dev-util/cmake: 3.23.3::gentoo dev-util/meson: 0.62.2::gentoo sys-apps/baselayout: 2.8::gentoo sys-apps/openrc: 0.44.10::gentoo sys-apps/sandbox: 2.29::gentoo sys-devel/autoconf: 2.13-r2::gentoo, 2.71-r1::gentoo sys-devel/automake: 1.16.5::gentoo sys-devel/binutils: 2.38-r2::gentoo sys-devel/binutils-config: 5.4.1::gentoo sys-devel/clang: 14.0.6-r1::gentoo sys-devel/gcc: 11.3.0::gentoo sys-devel/gcc-config: 2.5-r1::gentoo sys-devel/libtool: 2.4.7::gentoo sys-devel/lld: 14.0.6::gentoo sys-devel/llvm: 14.0.6-r2::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.15-r3::gentoo (virtual/os-headers) sys-libs/glibc: 2.35-r8::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 sync-rsync-verify-jobs: 1 sync-rsync-verify-metamanifest: yes sync-rsync-extra-opts: sync-rsync-verify-max-age: 24 x-portage location: /usr/local/portage masters: gentoo priority: 0 anyc location: /var/lib/layman/anyc masters: gentoo priority: 50 steam-overlay location: /var/lib/layman/steam-overlay masters: gentoo priority: 50 tlp location: /var/lib/layman/tlp masters: gentoo priority: 50 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="@FREE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=sandybridge -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=sandybridge -O2 -pipe" DISTDIR="/usr/portage/distfiles" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://mirror.bytemark.co.uk/gentoo/" LANG="en_GB.UTF-8" LC_ALL="en_GB.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en_GB" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" SHELL="/bin/bash" USE="X a52 aac aacplus aalib acl acpi aiglx alsa amd64 avx bluetooth branding bzip2 cairo cdda cdr cleartype cli crypt cups dbus directfb divx dri dts dv dvd dvdr dvdread elogind encode exif ffmpeg firefox flac fortran ftp g3dvl gdbm gif gopher gpm gtk gui http2 iconv icu id3tag idn imagemagick ipv6 java jpeg lame lcms ldap libglvnd libnotify libtirpc libv4l lua mad midi mmx mmxext mng mp3 mp4 mpeg mtp multilib mysql ncurses njb nls nptl nptlonly ogg openal opengl openmp pam pango pcre pdf png policykit ppds projectm qt5 quicktime readline rtmp samba scanner sdl sdl2 seccomp smp speex spell split-usr sse sse2 sse2_4way sse3 sse4 sse4_1 ssh ssl ssse3 startup-notification svg tcltk theora tiff timidity truetype udev udisks unicode upower usb v4l v4l2 vaapi vdpau vorbis webp wifi win32codecs wmf wxwidgets x264 xattr xcb xinerama xml xv xvid zlib" ABI_X86="64 32" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx mmx mmxext pclmul popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" L10N="en-GB" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-4 php8-0" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_10" PYTHON_TARGETS="python3_10" RUBY_TARGETS="ruby27" USERLAND="GNU" VIDEO_CARDS="intel i965" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LD, LEX, LFLAGS, LIBTOOL, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS
Hi Luke, I suspect you have some non-standard pppd in your PATH which rp-pppoe's ./configure then invokes with --version. It's probably this binary that writes to /var/log/ppp-log and not actually ./configure. You can trivially verify this by reading the source. If you disagree, and can still reproduce, please provide the output from the following (as root): which -a pppd There should only be one entry found (/usr/sbin/pppd), but regardless, for each entry found, please execute the following: file /usr/sbin/pppd equery belongs /usr/sbin/pppd Marking this as invalid for now. Please re-open if this is in fact re-producible. Kind Regards, Jaco
Hi Jaco Thank you for your analysis, it did lead me down the right path. You are correct that /usr/sbin/pppd was writing to /var/log/ppp-log, and yes I can see in the source that ./configure calls "pppd --version". However /usr/sbin/pppd is from net-dialup/ppp rather than an out-of-tree binary or anything like that. I have figured out the problem - I have the following line set in /etc/ppp/options: logfile /var/log/ppp-log strace confirms that "/usr/sbin/pppd --version" does cause whatever is defined by "logfile" to be opened for writing (although it doesn't really write anything), so the Portage sandbox is detecting a real event. Removing the "logfile" line fixes the problem. Does this make it a valid bug? Specifically that the sandbox blocks an action caused by a valid configuration of another package that comes from Portage? I'll re-open this bug just in case, but if it's not considered a real bug then please just close it again! :) Thanks again Luke P.S. Here are the details requested, although potentially not useful now that we know the cause: # which -a pppd /usr/sbin/pppd # file /usr/sbin/pppd /usr/sbin/pppd: setuid ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, stripped # equery belongs /usr/sbin/pppd * Searching for /usr/sbin/pppd ... net-dialup/ppp-2.4.9-r8 (/usr/sbin/pppd)
OK, so I can reproduce. When pppd is run *as root* only though. The problem is I can't seem to override logfile from the cli: plastiekpoot [10:43:20] /etc/ppp (master) # cat options ... logfile /tmp/foo.log plastiekpoot [10:49:52] ~ # strace pppd logfile /dev/null --version 2>&1 | grep ^open ... openat(AT_FDCWD, "/tmp/foo.log", O_WRONLY|O_CREAT|O_EXCL|O_APPEND, 0644) = -1 EEXIST (File exists) <-- openat(AT_FDCWD, "/tmp/foo.log", O_WRONLY|O_APPEND) = 5 <-- ... openat(AT_FDCWD, "/dev/null", O_WRONLY|O_CREAT|O_EXCL|O_APPEND, 0644) = -1 EEXIST (File exists) openat(AT_FDCWD, "/dev/null", O_WRONLY|O_APPEND) = 4 So from the looks of it this should be solved in ppp rather than rp-pppoe. Input from base-system side? Not sure this is even solvable without a fair amount of rework of pppd startup process. setlogfile() function associated with the logfile option is the function opening the logfile, and this is invoked every single time logfile is encountered. I definitely can't solve this in rp-pppoe ebuild as I have no way of knowing if logfile is set in /etc/ppp/options. The only fix I can think of would be to ensure (in ppp) that the logfile is only opened after all options has been parsed (--version is just another option). A workaround may be to in pkg_setup scan /etc/ppp/options for logfile and to terminate the build with an error at this point rather than get the access violation? Currently with logfile in /etc/ppp/options there is NO WAY to avoid pppd trying to open that file. The call argument to pppd is only processed after /etc/ppp/options. This is confirmed in the pppd manpage: OPTIONS FILES Options can be taken from files as well as the command line. Pppd reads options from the files /etc/ppp/options, ~/.ppprc and /etc/ppp/options.ttyname (in that order) before proβ cessing the options on the command line. (In fact, the command-line options are scanned to find the terminal name before the options.ttyname file is read.) In forming the name of the options.ttyname file, the initial /dev/ is removed from the terminal name, and any remaining / characters are replaced with dots. An options file is parsed into a series of words, delimited by whitespace. Whitespace can be included in a word by enclosing the word in double-quotes ("). A backslash (\) quotes the following character. A hash (#) starts a comment, which continues until the end of the line. There is no restriction on using the file or call options within an options file.
Could we just patch out the --version call, having it respect an environment variable if set? A pkgconfig file would be another option if ppp installs one.
(In reply to Sam James from comment #6) > Could we just patch out the --version call, having it respect an environment > variable if set? From ./configure 5004 PPPD_VERSION=`$PPPD --version 2>&1 | awk ' /version/ {print $NF}'` Looking in more detail, it seems to just find this to output a bunch of warnings, so frankly, just going to remove it totally I reckon ... https://github.com/dfskoll/rp-pppoe/pull/19 > A pkgconfig file would be another option if ppp installs one. dahdi has other ways to find this information which is (in my opinion) equally quirky.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=de8128f7841a3f2a3f9c4033993f272f244e6785 commit de8128f7841a3f2a3f9c4033993f272f244e6785 Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2023-05-10 09:57:12 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-10 19:39:29 +0000 net-dialup/rp-pppoe: add 4.0 Closes: https://bugs.gentoo.org/730554 Closes: https://bugs.gentoo.org/872371 Closes: https://bugs.gentoo.org/904847 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Closes: https://github.com/gentoo/gentoo/pull/30968 Signed-off-by: Sam James <sam@gentoo.org> net-dialup/rp-pppoe/Manifest | 1 + net-dialup/rp-pppoe/rp-pppoe-4.0.ebuild | 76 +++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+)