Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 233303

Summary: Prevent portage from adjusting permissions every time on AFS/NFSv4 mounted distfiles
Product: Portage Development Reporter: Petr Polezhaev <NightNord>
Component: Enhancement/Feature RequestsAssignee: Portage team <dev-portage>
Status: RESOLVED FIXED    
Severity: enhancement Keywords: InVCS
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 94133    
Attachments: Patch for /usr/lib/portage/pym/portage/__init__.py

Description Petr Polezhaev 2008-07-29 18:15:40 UTC 
When distfiles contained on some distributed FS with authentification different from UNIX one, portage will try to adjust permissions on every operation (before package build or 'ebuild' commands), while this is useless and AFS, for example, never change uid on files.

So, it will be great to have something like FEATURES="-distperms" to switch this check off.

Reproducible: Always




Portage 2.2_rc4 (default-linux/amd64/2007.0/desktop, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.26-rc9-zen1 x86_64)
=================================================================
System uname: Linux-2.6.26-rc9-zen1-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4200+-with-glibc2.2.5
Timestamp of tree: Mon, 28 Jul 2008 22:45:03 +0000
app-shells/bash:     3.2_p39
dev-java/java-config: 1.3.7, 2.1.6-r1
dev-lang/python:     2.5.2-r5
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.2.5
sys-apps/sandbox:    1.2.18.1-r3
sys-devel/autoconf:  2.13, 2.62-r1
sys-devel/automake:  1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   2.2.4
virtual/os-headers:  2.6.25-r4
ACCEPT_KEYWORDS="amd64 ~amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=native -mtune=native -freorder-blocks -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=native -mtune=native -freorder-blocks -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks parallel-fetch preserve-libs sandbox sfperms strict unmerge-orphans"
GENTOO_MIRRORS="http://ftp.corbina.ru/pub/Linux/gentoo/ http://ftp.linux.ee/pub/gentoo/distfiles/ ftp://ftp.linux.ee/pub/gentoo/distfiles/ http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo"
LANG="ru_RU.UTF-8"
LC_ALL=""
LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed"
LINGUAS="ru"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/local/layman/enlightenment /usr/portage/local/layman/sunrise /usr/portage/local/layman/desktop-effects /usr/portage/local/layman/zen-overlay /usr/local/portage"
SYNC="rsync://syberia/gentoo-portage"
USE="3dnow 3dnowext X aac acl acpi afs alsa amd64 berkdb branding cairo cdr cli cracklib crypt cups dbus dri dvd dvdr dvdread eds emboss encode esd evo fam firefox flac fortran gdbm gif gnutls gpm gstreamer hal htmlhandbook iconv ipv6 isdnlog jpeg kerberos mad midi mikmod mmx mmxext mp3 mpeg mplayer mudflap ncurses nls nptl nptlonly nsplugin ogg opengl openmp pam pch pcre pdf perl png pppd python qt3 qt3support qt4 quicktime readline reflection sdl session spell spl sse sse2 ssl subversion svg tcpd tiff truetype unicode usb utf8 vim-syntax vorbis xcomposite xml xorg xscreensaver xv zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="ru" USERLAND="GNU" VIDEO_CARDS="nvidia"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Petr Polezhaev 2008-07-29 18:19:18 UTC 
Created attachment 161643 [details, diff]
Patch for /usr/lib/portage/pym/portage/__init__.py
Comment 2 Marius Mauch (RETIRED) gentoo-dev 2008-07-29 21:17:00 UTC 
More cornercase FEATURES bloat ...
Comment 3 Alec Warner (RETIRED) archtester gentoo-dev Security 2008-07-30 15:38:24 UTC 
It seems a better alternative would be to let the user set the perms on distdir in a var and just reset them to those perms; with the caveat that the user could possibly stab themselves in the foot with retarded permissions.  I would prefer that over some randomly named FEATURE.
Comment 4 Zac Medico gentoo-dev 2008-07-30 22:08:37 UTC 
I think we can make it work automatically, without any extra config (though some config variable like that suggested in comment #3 might be useful in some cases).

The main use cases for the permissions code that I see are:

1) Initial creation, when the directory doesn't yet exist.

This is easy to handle. Simply create dir and apply permissions.

2) Directory already exists, but may not have correct read/write permission in order for userfetch and userpriv FEATURES to function.

I this case we only need to touch permissions if it's and issue when dropping privileges (like the user has just added userpriv to FEATURES). We can spawn mktemp or similar, to test read/write access dropped privileges. This test only has to be done for the first fetch and the result can then be cached in a private global variable.
Comment 5 Petr Polezhaev 2008-07-31 00:26:54 UTC 
There is some issues. AFS set files' uids to it's internal ASF IDs, but, when you create new file (it located in cache) - it's uid set to your system id, so, actually, there is always different permissions on files.

Maybe it will be better to check permissions only when it needed by some other features (comment #4) (when you use AFS, you need to switch off 'userfetch')
Comment 6 Zac Medico gentoo-dev 2008-07-31 03:55:00 UTC 
This should be fixed by the patch attached to bug 94133.
Comment 7 Zac Medico gentoo-dev 2008-08-01 11:14:32 UTC 
This is fixed in 2.2_rc6.