Bug 18260

Summary:	Failure during unpack when using userpriv
Product:	Portage Development	Reporter:	Douglas Pollock <douglas.pollock>
Component:	Unclassified	Assignee:	Nicholas Jones (RETIRED) <carpaski>
Status:	RESOLVED DUPLICATE
Severity:	enhancement
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Douglas Pollock 2003-03-26 17:43:57 UTC

This may or may not related to bug 16575.  The problem occurs during the unpack
call to /usr/sbin/ebuild.sh, when the "userpriv" feature (/etc/make.conf) is
enabled.  /usr/lib/python2.2/site_packages/portage.py has set the uid and gid to
250 (portage) and called for an unpack.  unzip complains that it can't find the
zipfile, as follows: 

bash-2.05b# /usr/bin/emerge -v sun-j2sdk
Calculating dependencies ...done!
>>> emerge (1 of 1) dev-java/sun-j2sdk-1.4.1 to /
>>> Unpacking source...
>>> Unpacking j2sdk-1_4_1-src-scsl.zip to
/var/tmp/portage/sun-j2sdk-1.4.1/work/j2sdk
error:  cannot open zipfile [ /exports/j2sdk-1_4_1-src-scsl.zip ]
unzip:  cannot find /exports/j2sdk-1_4_1-src-scsl.zip,
/exports/j2sdk-1_4_1-src-scsl.zip.zip or /exports/j2sdk-1_4_1-src-scsl.zip.ZIP.

!!! ERROR: dev-java/sun-j2sdk-1.4.1 failed.
!!! Function unpack, Line 236, Exitcode 9
!!! failure unpacking j2sdk-1_4_1-src-scsl.zip



The ownership for the files is as follows.  The behaviour can be reproduced
using unzip from the command-line with "setuidgid portage unzip -qo
/exports/j2sdk-1_4_1-src-scsl.zip".

bash-2.05b# ls -l /exports/j2sdk*
-rw-------    1 root     portage  22577838 Mar 25 09:53 /exports/j2sdk-1_3_1-doc.zip
-rw-------    1 root     portage   6569569 Mar 26 16:24
/exports/j2sdk-1_4_1-mozilla_headers-unix.zip
-rw-------    1 root     portage  52251762 Mar 26 16:30
/exports/j2sdk-1_4_1-src-scsl.zip
-rw-r--r--    1 root     portage  42250657 Mar  1 08:15
/exports/j2sdk-1_4_1_02-linux-i586.bin



Now, by changing the ownership of the files so that the uid for the files is
portage (250), then everything works fine...

bash-2.05b# chown portage /exports/* && /usr/bin/emerge -v sun-j2sdk
Calculating dependencies ...done!
>>> emerge (1 of 1) dev-java/sun-j2sdk-1.4.1 to /
>>> Unpacking source...
>>> Unpacking j2sdk-1_4_1-src-scsl.zip to
/var/tmp/portage/sun-j2sdk-1.4.1/work/j2sdk
>>> Unpacking j2sdk-1_4_1-mozilla_headers-unix.zip to
/var/tmp/portage/sun-j2sdk-1.4.1/work/j2sdk/mozilla



And so on.  Searching on the web, I can't find any mention of why unzip does not
respond well to having its process' uid/gid changed.  This might even be a
problem with my passwd/group file set-up.  I'm not sure.  If it is, please let
me know:

portage:x:250:250:portage:/var/tmp/portage:/bin/false
portage::250:portage,doug


This problem affects *all* programs that are distributed as zip files (as
opposed to gzip or other compression methods).  Apparently, this problem is
related to unzip itself.

The obvious fix is simply to change how portage interacts with DISTDIR so that
all downloaded packages are portage/portage (uid/gid).

Reproducible: Always
Steps to Reproduce:





Portage 2.0.47-r10 (default-x86-1.4, gcc-3.2.2, glibc-2.3.1-r4)
=================================================================
System uname: 2.4.20-gentoo-r2 i686 AMD Athlon(tm) processor
GENTOO_MIRRORS="ftp://ftp.oregonstate.edu/pub/gentoo
ftp://sunsite.dk/mirrors/gentoo
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
CONFIG_PROTECT="/etc /var/qmail/control /usr/kde/2/share/config
/usr/kde/3/share/config /usr/X11R6/lib/X11/xkb /usr/kde/3.1/share/config
/usr/share/config"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
PORTDIR="/usr/portage"
DISTDIR="/exports"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR_OVERLAY=""
USE="x86 oss 3dnow apm avi crypt cups gif jpeg gnome libg++ mmx mpeg ncurses nls
pdflib png quicktime spell truetype xml2 xmms xv zlib gdbm slang readline arts
aalib svga ggi java guile X sdl tcpd pam libwww ssl python esd oggvorbis gtk qt
kde opengl acpi apache2 -berkdb cdr dga directfb doc dvd -encode ethereal gd
-gpm gtk2 imap -imlib ipv6 junit kerberos ldap -mikmod -motif mozilla nocardbus
perl samba scanner snmp tcltk tetex tiff usb"
COMPILER="gcc3"
CHOST="i686-pc-linux-gnu"
CFLAGS="-march=athlon -O3 -pipe"
CXXFLAGS="-O2 -mcpu=i686 -pipe"
ACCEPT_KEYWORDS="x86"
MAKEOPTS="-j2"
AUTOCLEAN="yes"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
FEATURES="sandbox ccache userpriv"

Comment 1 Nicholas Jones (RETIRED) gentoo-dev

2003-03-27 23:23:48 UTC

Ummmmm.... What is /exports? I assume NFS.
What are the options on it? Why are your files 600 ?

Comment 2 Douglas Pollock 2003-03-28 08:43:34 UTC

/exports is not NFS.  Is it just a regular directory, located separately from /usr.  (I hate having to remount /usr as writable just to download some packages.  Shouldn't the portage tree (distfiles and all) really be kept in /var?)

I didn't notice the 0600 permissions, which did cause the problem.  I didn't even think to look at that.  (Dumb, I know.)

The files were downloaded by a regular user, and then "/bin/mv /home/doug/j2sdk-1_4_1-*.zip ." while sitting in "/exports".  The umask has been left alone; it's "0022".  The file, when downloaded by Mozilla, is 0600.  So, when the move occurs, they keep those permissions.

Maybe this is more of a wishlist item: have portage check permissions sanity before switching to userpriv.  It could either warn or simply fix them itself.

Comment 3 Martin Holzer (RETIRED) gentoo-dev

2003-10-12 15:56:07 UTC


*** This bug has been marked as a duplicate of 26701 ***