Bug 171797

Comment 1 Radoslaw Stachowiak (RETIRED) 2007-03-25 15:24:52 UTC

Released new zope versions which include fix:
2.8.9 (downgraded to ~ on all arches)
2.9.7 (previous version was ~)
2.10.3 (previous version was ~)

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) 2007-03-25 19:38:31 UTC

Thx Radoslaw.

Arches please test and mark stable. Target keywords are:

zope-2.8.9.ebuild:KEYWORDS="alpha amd64 ppc sparc x86"

Comment 3 Christian Faulhammer (RETIRED) 2007-03-26 08:10:34 UTC

======================================================================
ERROR: testDropPrivileges (Zope2.Startup.tests.testStarter.ZopeStarterTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/tests/testStarter.py", line 264, in testDropPrivileges
    finished = starter.dropPrivileges()
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/__init__.py", line 213, in dropPrivileges
    return dropPrivileges(self.cfg)
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/__init__.py", line 406, in dropPrivileges
    raise ZConfig.ConfigurationError(msg)
ConfigurationError: Cannot start Zope with the effective user as the root user

======================================================================
ERROR: testZopeRunConfigure (Zope2.Startup.tests.testStarter.ZopeStarterTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/tests/testStarter.py", line 393, in testZopeRunConfigure
    configure(fname)
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/run.py", line 34, in configure
    starter.dropPrivileges()
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/__init__.py", line 213, in dropPrivileges
    return dropPrivileges(self.cfg)
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/Zope2/Startup/__init__.py", line 382, in dropPrivileges
    raise ZConfig.ConfigurationError(msg)
ConfigurationError: A user was not specified to setuid to; fix this to start as root (change the effective-user directive in zo
pe.conf)

======================================================================
FAIL: testUmask (zdaemon.tests.testzdrun.ZDaemonTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/var/tmp/portage/net-zope/zope-2.8.9/work/Zope-2.8.9-final/lib/python/zdaemon/tests/testzdrun.py", line 260, in testUmask  
    self.assert_(not os.access(path, os.W_OK))
  File "/usr/lib/python2.3/unittest.py", line 278, in failUnless
    if not expr: raise self.failureException, msg
AssertionError

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) 2007-03-26 08:15:39 UTC

I'm no Zope expert but this looks like an ebuild error to me so back to ebuild status. Radoslaw please provide an updated ebuild.

Comment 5 Radoslaw Stachowiak (RETIRED) 2007-03-26 09:38:36 UTC

Christian, could You provide more information about when this error happened?
was this test phase in the emerge? If yes, we'll probably have to jsut disable it (patching zope to make test not use root user is (probably) to much work for us atm).

Comment 6 Radoslaw Stachowiak (RETIRED) 2007-03-26 20:02:25 UTC

OK, there is problem with targz released by zope corp as mentioned by Andreas Jung: "I uploaded corrected versions of the Zope 2.9.7 and 2.10.3 tar-balls.
The tar-balls released yesterday contained a bug that caused
a startup failure when using "zopectl start"."

Give me a day to fix it.

Comment 7 Christian Faulhammer (RETIRED) 2007-03-27 04:43:02 UTC

(In reply to comment #5)
> Christian, could You provide more information about when this error happened?
> was this test phase in the emerge? If yes, we'll probably have to jsut disable
> it (patching zope to make test not use root user is (probably) to much work for
> us atm).
 
 Yes, it was test phase...so I am a bit surprised, arches were uncced. :)  Just a comment if test phase is known to fail or not.

Comment 8 Sune Kloppenborg Jeppesen (RETIRED) 2007-03-27 06:57:30 UTC

@Christian, please provide a bit more information when you paste in results then:) Security is not over staffed atm.

@Radoslaw just readd arches when the ebuilds are ready for further testing.

Comment 9 Christian Faulhammer (RETIRED) 2007-03-27 07:58:51 UTC

(In reply to comment #8)
> @Christian, please provide a bit more information when you paste in results
> then:) Security is not over staffed atm.

 Sune, I thought everyone knows my profile by now. :)

Portage 2.1.2.2 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19-gentoo-r5 i686)
=================================================================
System uname: 2.6.19-gentoo-r5 i686 AMD Athlon(tm) XP 2500+
Gentoo Base System release 1.12.9
Timestamp of tree: Tue, 27 Mar 2007 04:20:02 +0000
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python:     2.3.5-r3, 2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /opt/openjms/config /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /usr/spool/PBS /var/vpopmail/domains /var/vpopmail/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php4/ext-active/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php4/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php4/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php4/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-O2"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache distlocks metadata-transfer parallel-fetch sandbox sfperms strict"
GENTOO_MIRRORS="ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo/"
LANG="de_DE@euro"
LC_ALL="de_DE.utf8"
LINGUAS="de"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.informatik.rwth-aachen.de/gentoo-portage"
USE="3dnow 3dnowext X Xaw3d a52 alsa apache apache2 artworkextra asf audiofile bash-completion beagle berkdb bidi bitmap-fonts bootsplash branding bzip2 cairo cdda cddb cdparanoia cdr cli cracklib crypt css cups curl custom-cflags dbus dga directfb divx4linux dts dvd dvdr dvdread dvi eds emacs emboss encode esd evo exif expat fam fat fbcon ffmpeg firefox fortran ftp gb gcj gdbm gif gnome gpm gstreamer gtk gtk2 gtkhtml hal iconv icq idn imagemagick imap isdnlog java javamail javascript jikes jpeg jpeg2k kde ldap leim libg++ mad maildir matroska mbox mhash midi mikmod mime mmx mmxext mng mono mp3 mpeg mpeg2 mule mysql nautilus ncurses nforce2 nls nocardbus nptl nptlonly nsplugin nvidia objc ogg opengl pam pcre pdf perl plotutils pmu png ppds pppd preview-latex print python qt3 qt4 quicktime readline reflection reiserfs samba sdk session slang spell spl sse ssl svg svga t1lib tcltk tcpd tetex theora tiff truetype truetype-fonts type1-fonts unicode usb vcd videos vorbis win32codecs wmf wxwindows x86 xine xml xorg xosd xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" USERLAND="GNU" VIDEO_CARDS="radeon vesa fbdev"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 10 Sune Kloppenborg Jeppesen (RETIRED) 2007-03-27 09:26:02 UTC

Christian, I only had time for a quick look of your output and wasn't sure wether it was the test phase or not.

Waiting for maintainer to update with fixed tarballs as per comment #6.

Comment 11 Radoslaw Stachowiak (RETIRED) 2007-04-06 21:27:00 UTC

Commited fixed versions:
2.10.3
2.9.7
2.8.9 and 2.8.9.1

Arches, please test (thoroughly, due to newly introduced versioning scheme) and stabilize: 2.8.9.1

Comment 12 Christian Faulhammer (RETIRED) 2007-04-06 23:56:10 UTC

x86 stable

Comment 13 Tobias Scherbaum (RETIRED) 2007-04-08 12:07:52 UTC

ppc stable

Comment 14 Peter Weller (RETIRED) 2007-04-10 21:46:32 UTC

amd64 stable

Comment 15 Pierre-Yves Rofes (RETIRED) 2007-04-11 14:25:29 UTC

updating status.

Comment 16 Jose Luis Rivero (yoswink) (RETIRED) 2007-04-11 16:50:23 UTC

alpha stable

Comment 17 Gustavo Zacarias (RETIRED) 2007-04-11 18:48:49 UTC

sparc stable.

Comment 18 Pierre-Yves Rofes (RETIRED) 2007-04-11 18:57:25 UTC

thankes arches.

security, please vote. 

Comment 19 Sune Kloppenborg Jeppesen (RETIRED) 2007-04-11 19:37:11 UTC

I tend to vote NO.

Comment 20 Matthias Geerdsen (RETIRED) 2007-04-23 15:34:27 UTC

voting no

that makes 1.5 votes against a GLSA atm

Comment 21 Pierre-Yves Rofes (RETIRED) 2007-04-23 19:32:20 UTC

voting no, and closing without glsa. feel free to reopen if you disagree.

Comment 22 Raphael Marichez (Falco) (RETIRED) 2007-04-23 19:50:12 UTC

agree