| Summary: | [gnome-overlay] =gnome-base/gnome-keyring-2.24.0 sandbox issue (gconf writeability) | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Kobboi <gentoo> |
| Component: | [OLD] GNOME | Assignee: | Gentoo Linux Gnome Desktop Team <gnome> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | bilboed, ed, hans, ikelos, jan_braun, marduk, sipingal, uzytkownik2 |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.gnome.org/show_bug.cgi?id=631983 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 243288 | ||
| Attachments: |
build.log
gconf-2.23.2-disable-writetest.patch gconftool-disable-makefile.patch gnome-applets-2.24.0.1 failed build log with MAKEOPTS="-j1" gnome-power-manager-2.24.0.build.log |
||
|
Description
Kobboi
2008-09-21 13:01:17 UTC
Same issue with seahorse-2.23.92 Same issue with gnome-keyring-2.24.0 Portage 2.2_rc9 (default/linux/amd64/2008.0, gcc-4.3.1, glibc-2.8_p20080602-r0, 2.6.26-gentoo-r1 x86_64) ================================================================= System uname: Linux-2.6.26-gentoo-r1-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4600+-with-glibc2.2.5 Timestamp of tree: Mon, 22 Sep 2008 09:05:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-shells/bash: 3.2_p39 dev-java/java-config: 1.3.7, 2.1.6-r1 dev-lang/python: 2.4.4-r14, 2.5.2-r8 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 2.0.0 sys-apps/openrc: 0.2.5 sys-apps/sandbox: 1.2.18.1-r3 sys-devel/autoconf: 2.13, 2.63 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.26 ACCEPT_KEYWORDS="amd64 ~amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -pipe -g2 -O2 -msse3" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-march=athlon64 -pipe -g2 -O2 -msse3" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.free.fr/mirrors/ftp.gentoo.org/ " LANG="en_US.utf8" LDFLAGS="-Wl,-O1" LINGUAS="en en_GB es_ES es fr it de" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/gnome" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac aalib accessibility acl acpi adns alsa amd64 amr apm asf atm audioscrobbler avahi berkdb bzip2 cairo cdr cli cracklib crypt cups curl daap dbus dhcp dri dv dvb dvd dvdr dvdread edl eds emacs exif fat ffmpeg firefox flac fortran freetts fuse galago gdbm gif gimp glitz gnome gnome-keyring gnuplot gnutls gphoto2 gpm graphviz gstreamer gstreamer10 gtk gtkhtml hal iconv ieee1394 ipv6 isdnlog java joystick jpeg jpeg2k keyring libcaca libffi libnotify lirc live lm_sensors mad matroska midi mmx mmxext mono msn mtp mudflap multilib musicbrainz mysql nautilus ncurses network nfs nls nntp nptl nptlonly nsplugin ntfs nvidia ogg oggvorbis openexr opengl openmp pam pcmcia pcre pdf perl png ppds pppd python quicktime readline reflection reiserfs samba session silc snmp speex spell spl sqlite sqlite3 sse sse2 ssl svg sysfs tagwriting tcpd theora tiff tk truetype unicode v4l vorbis x264 xinerama xorg xv xvid xvmc zeroconf zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse vmmouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_GB es_ES es fr it de" USERLAND="GNU" VIDEO_CARDS="nvidia vesa" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS Created attachment 166082 [details]
build.log
just noticed the error was mangled in the build.log because I'm using -j3. Here's the actual line without -j3 Making install in data make[2]: Entering directory `/var/tmp/portage/gnome-base/gnome-keyring-2.24.0/work/gnome-keyring-2.24.0/daemon/data' make[3]: Entering directory `/var/tmp/portage/gnome-base/gnome-keyring-2.24.0/work/gnome-keyring-2.24.0/daemon/data' make[3]: Nothing to be done for `install-exec-am'. GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL is set, not installing schemas ACCESS DENIED open_wr: /root/.gconf/.testing.writeability ACCESS DENIED unlink: /root/.gconf/.testing.writeability (gconftool-2:12446): GConf-WARNING **: None of the resolved addresses are writable; saving configuration settings will not be possible test -z "/etc/gconf/schemas" || /bin/mkdir -p "/var/tmp/portage/gnome-base/gnome-keyring-2.24.0/image//etc/gconf/schemas" /usr/bin/install -c -m 644 'gnome-keyring.schemas' '/var/tmp/portage/gnome-base/gnome-keyring-2.24.0/image//etc/gconf/schemas/gnome-keyring.schemas' make[3]: Leaving directory `/var/tmp/portage/gnome-base/gnome-keyring-2.24.0/work/gnome-keyring-2.24.0/daemon/data' m Same issue for deskbar-applet-2.23.92 *** Bug 238438 has been marked as a duplicate of this bug. *** May someone include gconf to title? I've searched by gconf as I had this issue with several packages. Like everyone else, I can reproduce. I'm trying to look into it, but it all looks good at first glance... I'm sure about 2 things though: 1) finding the cause will take lots of time, 2) the fix will be a one-liner. Fun... Also: gnome-extra/deskbar-applet-2.23.92 gnome-extra/gnome-games-2.23.92 Ok, just some more information to add: I had gnome-keyring-2.23.91 built, and failures started to happen when building gnome-keyring-2.23.92. I just rolled back the ebuild (which git says is identical) to gnome-keyring-2.23.91 and it failed with the same error. This suggests that the problem was introduced in a different package, but seems to be manifesting in these four packages. My guess is gconf, so I'm off to poke and prod that a bit more... Created attachment 166186 [details, diff]
gconf-2.23.2-disable-writetest.patch
Ok, so, after a *lot* of stracing and some code diffing...
The only change made between 2.22.0 and 2.23.2 to the gconftool-2 source (besides including config.h) is to add in some error detection for if a running gconf instance can't be found. If it can't, it tries to look for one, and in so doing calls gconf_engine_get_local_for_addresses -> gconf_sources_new_from_addresses -> gconf_resolve_address which carries out the writability test. Since the original call never used to happen, the sandbox never got triggered. Why it doesn't happen on *every* package, I've no idea...
Either way, the following patch reverts this behaviour and allows compilation of gnome-keyring, seahorse and I assume all the others.
Not sure whether this should be taken upstream or not, they're probably doing the right thing, just in the wrong way. Anyway, let me know if you need any further information on this...
This basically reverts the change that's supposed to make gconftool-2 work outside of X I believe Created attachment 166223 [details, diff]
gconftool-disable-makefile.patch
Please try this patch. It is probably safer (and more likely to get accepted upstream?), as it only affects the gcalctool utility.
It makes the --makefile-install-rule and --makefile-uninstall-rule options terminate early if GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL / GCONF_DISABLE_MAKEFILE_SCHEMA_UNINSTALL is set, which should be OK as they cannot be combined with other options anyway.
Meh, sorry for not keeping you guys in the loop, but we already figured this out yesterday and Daniel committed a patch that's 100% like Ed's. So just update the overlay and rebuild gconf before any other package. (In reply to comment #11) > Why it doesn't happen on *every* package, I've no idea... That's because most packages don't actually call gconftool-2 at all. Most packages (ie, gedit) check for DESTDIR and only run gconftool-2 if it is empty. And since gnome2_src_install does "emake DESTDIR=$D install", that explains why almost all packages just went around this major pothole. Thanks to all of you for your work :) Note to self (and other gnomers): post the patch upstream Hiya, Still running into issues with evince-2.24.0 and gnome-applets-2.23.92. This seems to be because gconftool-2 --shutdown gets called. Since the recent patch only fixes --makefile-install-rule and --makefile-uninstall-rule, --shutdown still does the writability test... Any chance of a similar patch for this one? The patch do not work with gconf 2.24: >>> Completed installing gnome-applets-2.24.0.1 into /var/tmp/portage/gnome-base/gnome-applets-2.24.0.1/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-7127.log" open_wr: /root/.gconf/.testing.writeability unlink: /root/.gconf/.testing.writeability -------------------------------------------------------------------------------- * QA Notice: Unrecognized configure options: * * configure: WARNING: Unrecognized options: --disable-gtk-doc * configure: WARNING: Unrecognized options: --disable-gtk-doc >>> Failed to emerge gnome-base/gnome-applets-2.24.0.1, Log file: (In reply to comment #16) > The patch do not work with gconf 2.24: Could you post a full build.log, preferably with MAKEOPTS="-j1"? Thanks Created attachment 166666 [details] gnome-applets-2.24.0.1 failed build log with MAKEOPTS="-j1" As I mentioned in comment 15, it seems to be the --shutdown command (although I'm no longer showing the problem with evince-2.24.0): GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL is set, not installing schemas /usr/bin/gconftool-2 --shutdown ACCESS DENIED open_wr: /root/.gconf/.testing.writeability ACCESS DENIED unlink: /root/.gconf/.testing.writeability Created attachment 166668 [details]
gnome-power-manager-2.24.0.build.log
May be the option '--force-writability' or equivalent should be added?
Gnome applets seems to be fixed in overlay. What with GPM? (In reply to comment #20) > What with GPM? It's not failing because of gconf. Please open another bug so that we can further help you. Let's keep this bug focused, shall we? :) Thanks Closing fixed, nothing left to do here since gnome-applets is taken care of. Thanks Still having gconf writeability issues with ekiga-2.0.12 :-( (In reply to comment #23) > Still having gconf writeability issues with ekiga-2.0.12 :-( Please open a new bug so that we can better keep track of it. :) Thanks *** Bug 242258 has been marked as a duplicate of this bug. *** (In reply to comment #0) > I can't upgrade gnome-keyring-2.23.91 to 2.23.92. The logging shows > > ACCESS DENIED open_wr: /root/.gconf/.testing.writeability > ACCESS DENIED unlink: /root/.gconf/.testing.writeability > > (gconftool-2:29033): GConf-WARNING **: None of the resolved addresses are > writable; saving configuration settings will not be possible > > and the emerge ends with the notification: > > --------------------------- ACCESS VIOLATION SUMMARY > --------------------------- > LOG FILE = "/var/log/sandbox/sandbox-28570.log" > > open_wr: /root/.gconf/.testing.writeability > unlink: /root/.gconf/.testing.writeability > -------------------------------------------------------------------------------- > > Reproducible: Always > I encoutered this error. My solution was disable sandbox for those packages. I think the test program didn't create the "/root" directory in the sandbox. That caused this problem. |
