Attempting to merge dev-lang/python-3.13.0[pgo] on a system with /tmp mounted noexec fails with a bunch of "permission denied" errors like: > PermissionError: [Errno 13] Permission denied: '/tmp/test_python_dy3p91b9/tmp65bavf36/bin/python' This seems to be related to an internal test-suite running. Curiously there is no such problem with dev-lang/python-3.12.7_p1 which also runs a similar test-suite. Reproducible: Always Steps to Reproduce: 1. emerge =dev-lang/python-3.13.0[pgo] Actual Results: The build fails. Expected Results: The build succeeds. Portage 3.0.65 (python 3.12.7-final-0, default/linux/amd64/23.0/no-multilib/hardened/systemd, gcc-13, glibc-2.39-r6, 6.10.14-gentoo x86_64) ================================================================= System uname: Linux-6.10.14-gentoo-x86_64-AMD_Ryzen_9_5950X_16-Core_Processor-with-glibc2.39 KiB Mem: 32769744 total, 16577428 free KiB Swap: 8388604 total, 8388604 free Timestamp of repository gentoo: Sun, 27 Oct 2024 16:18:25 +0000 Head commit of repository gentoo: 5bf4b77c68d2b80dbd1cede80c9237dad49e6d86 Timestamp of repository guru: Sun, 27 Oct 2024 06:48:32 +0000 Head commit of repository guru: 5f8500049c34741c608f608e401d323d0f845707 Head commit of repository pramantha: 4ccd28754d6b7a553f61837968d3d6ebef87b574 sh bash 5.2_p37 ld GNU ld (Gentoo 2.42 p6) 2.42.0 ccache version 4.10.2 [disabled] app-misc/pax-utils: 1.3.7::gentoo app-shells/bash: 5.2_p37::gentoo dev-build/autoconf: 2.72-r1::gentoo dev-build/automake: 1.16.5-r2::gentoo dev-build/cmake: 3.30.5::gentoo dev-build/libtool: 2.4.7-r4::gentoo dev-build/make: 4.4.1-r1::gentoo dev-build/meson: 1.5.2::gentoo dev-lang/perl: 5.40.0::gentoo dev-lang/python: 3.12.7_p1::gentoo dev-lang/rust: 1.81.0::gentoo dev-util/ccache: 4.10.2-r1::gentoo sys-apps/baselayout: 2.15::gentoo sys-apps/sandbox: 2.39::gentoo sys-apps/systemd: 255.11::gentoo sys-devel/binutils: 2.42-r2::gentoo sys-devel/binutils-config: 5.5.2::gentoo sys-devel/clang: 18.1.8::gentoo sys-devel/gcc: 13.3.1_p20240614::gentoo sys-devel/gcc-config: 2.11::gentoo sys-devel/llvm: 18.1.8-r1::gentoo sys-kernel/linux-headers: 6.6-r1::gentoo (virtual/os-headers) sys-libs/glibc: 2.39-r6::gentoo Repositories: gentoo location: /var/portage/repos/gentoo sync-type: git sync-uri: https://anongit.gentoo.org/git/repo/sync/gentoo.git priority: -1000 volatile: True sync-git-verify-commit-signature: true guru location: /var/portage/repos/guru sync-type: git sync-uri: https://github.com/gentoo-mirror/guru.git masters: gentoo volatile: True pramantha location: /var/portage/repos/pramantha sync-type: git sync-uri: https://git.oriole.systems/pramantha masters: gentoo guru volatile: True Installed sets: @app-fava, @base, @base-ebuild, @desktop-fonts, @desktop-music, @desktop-plasma, @lang-base, @lang-cpp, @lang-python ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="@FREE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe -flto" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d" CXXFLAGS="-march=native -O2 -pipe -flto" DISTDIR="/var/portage/distfiles" EMERGE_DEFAULT_OPTS="--color=n --ask --alert --autounmask-write=n --jobs 4 --load-average 16" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME" FCFLAGS="-march=native -O2 -pipe -flto" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance buildpkg-live clean-logs compress-build-logs config-protect-if-modified distlocks downgrade-backup ebuild-locks fixlafiles ipc-sandbox merge-sync merge-wait mount-sandbox multilib-strict network-sandbox news parallel-fetch parallel-install pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms split-elog split-log strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-march=native -O2 -pipe -flto" GENTOO_MIRRORS="http://distfiles.gentoo.org" INSTALL_MASK="/usr/share/bash-completion" LANG="en_IE.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-z,pack-relative-relocs" LEX="flex" MAKEFLAGS="-j32" MAKEOPTS="-j32" PKGDIR="/var/portage/binpkgs" PORTAGE_COMPRESS="" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" SHELL="/bin/ksh" USE="acl activities amd64 bzip2 cairo caps cet crypt dbus dbus-broker declarative dri egl eglfs exif fish-completion gdbm gif hardened heif iconv icu ipv6 jpeg kde kf6compat kwallet libtirpc lto ncurses nls ogg opengl openmp pam pcre pgo pic pie pipewire png policykit pulseaudio qml qt5 qt6 readline screencast sdl seccomp semantic-desktop ssl ssp systemd test-rust truetype udev unicode vaapi verify-sig vulkan wayland x264 x265 xattr xtpax zlib" ABI_X86="64" ADA_TARGET="gcc_12" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" GUILE_SINGLE_TARGET="3-0" GUILE_TARGETS="3-0" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-4" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-2" POSTGRES_TARGETS="postgres16" PYTHON_SINGLE_TARGET="python3_12" PYTHON_TARGETS="python3_12" RUBY_TARGETS="ruby32" VIDEO_CARDS="amdgpu radeonsi" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account" Unset: ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, LC_ALL, LD, LFLAGS, LIBTOOL, LINGUAS, MAKE, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS
Created attachment 907020 [details] dev-lang/python-3.13.0[pgo] build log
Failling tests are: test_venv and test_init_pyvenv_cfg. I think, it will be needed to add these tests in COMMON_TEST_SKIPS.
Hmm, three tests failed: test_init_pybuilddir test_init_pyvenv_cfg test_venv And inside test_venv, there is error on: * test_executable * test_multiprocessing * test_multiprocessing_recursion * test_prefixes * test_sysconfig * test_zippath_from_non_installed_posix * test_explicit_no_pip * test_no_pip_by_default
#MeToo
Ironically probably caused by: commit fc8b4b98c7c7dd6f349d319c6352dbe57645ffd5 Author: Michał Górny <mgorny@gentoo.org> Date: Wed Oct 16 17:31:56 2024 +0200 dev-lang/python: Override TMPDIR to reduce risk of test failures Signed-off-by: Michał Górny <mgorny@gentoo.org>
Well, in that case it would have failed for people with PORTAGE_TMPDIR=/tmp anyway. I suppose we need to detect this somehow, and skip the relevant tests (preferably upstream).
…or we could be lazy and just force /var/tmp instead.
/var/tmp would be fine in my case. About upstream: https://bugs.python.org/issue1444408 / https://github.com/python/cpython/issues/42989 > Having /tmp mounted with "noexec" is just stupid, IMHO. So, I am stupid :). It was a long time ago. In my mind, /tmp mounted with noexec was/is still a good practice. But I can be wrong.
Also running into the same issue here. I have /tmp mounted with noexec,nosuid for security.
Forgot to mention I also build with pgo, and so the tests are needed for instrumentation.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3300e6b0718a0a6393751fc23c184c1c7f3968b commit f3300e6b0718a0a6393751fc23c184c1c7f3968b Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2024-12-04 07:51:19 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2024-12-04 09:40:22 +0000 dev-lang/python: Bump to 3.13.1 Also switching to using /var/tmp for tests in this bump series. Closes: https://bugs.gentoo.org/942363 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-lang/python/Manifest | 3 + dev-lang/python/python-3.13.1.ebuild | 654 +++++++++++++++++++++++++++++++++++ 2 files changed, 657 insertions(+)
