Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 270321

Summary: media-video/totem 2.24.3 sandbox violation
Product: Gentoo Linux Reporter: razamatan
Component: [OLD] GNOMEAssignee: Portage team <dev-portage>
Status: RESOLVED FIXED    
Severity: normal CC: gnome, m27315, pacho, sandbox
Priority: High    
Version: 2008.0   
Hardware: AMD64   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 238650    
Attachments: emerge --info

Description razamatan 2009-05-18 17:05:46 UTC 
--------------------------- ACCESS VIOLATION SUMMARY ---------------------------
LOG FILE "/var/log/sandbox/sandbox-15773.log"

VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: mkdir
S: deny
P: /root/.gnome2
A: /root/.gnome2
R: /home/.root/.gnome2
C: /usr/bin/gst-inspect-0.10 playbin
--------------------------------------------------------------------------------

>>> Failed to emerge media-video/totem-2.24.3 



this is NOT a dupe of http://bugs.gentoo.org/255110 .  USE=-tracker is set, and i'm running gnome-base/gconf-2.24.0 as well.  the directory in question doesn't exist, and i'm running as root who has never logged into X.  i also tried using emerge using sudo while logged in as a user account that already has X.

this was a part of an emerge -eav world after upgrading to gcc 4.3.2 on amd64.
Comment 1 razamatan 2009-05-18 17:07:08 UTC 
Created attachment 191703 [details]
emerge --info

emerge --info
Comment 2 razamatan 2009-05-18 17:30:32 UTC 
this seems related to http://bugs.gentoo.org/262731 , but this is involving the .gnome2 subdir, not the .gconf stuff...
Comment 3 razamatan 2009-05-18 23:46:15 UTC 
actually.. i found http://bugs.gentoo.org/126667

what i'm experiencing is the fact that i've relocated root's homedir to somewhere else (/home/.root specifically), and used a symlink at /root for backwards compatibility.  however, i didn't update the /etc/passwd entry to reflect the new home.  having updated root's homedir in /etc/passwd, it installed fine w/o the sandbox violation....

however, it still stands that addpredict should handle symlink and absolute paths that it should be watching for....  i guess this has become a feature/bug for ebuilds....
Comment 4 Gilles Dartiguelongue (RETIRED) gentoo-dev 2009-08-03 20:28:10 UTC 
re-assigning to portage devs since addpredict is a portage feature.
Comment 5 Zac Medico gentoo-dev 2009-08-03 21:16:00 UTC 
I'm not sure why sandbox doesn't handle this already. To summarize, we have:

addpredict /root/.gnome2

And /root is a symlink to /home/.root/.gnome2.
Comment 6 SpanKY gentoo-dev 2009-08-13 10:23:14 UTC 
(1) i thought portage set $HOME already to some tmp dir ?
(2) are some stupid gnome utils not respecting that $HOME ?
(3) symlinks for important dirs are known to not work with sandbox
(3a) that'd make this a dupe of Bug 80085
(3b) use `mount --bind` as symlinks across symlinks are also known to break in general with *nix systems
Comment 7 Gilles Dartiguelongue (RETIRED) gentoo-dev 2010-01-21 00:25:03 UTC 
(In reply to comment #6)
> (1) i thought portage set $HOME already to some tmp dir ?
probably

> (2) are some stupid gnome utils not respecting that $HOME ?
indeed, I just checked that both gconf and gstreamer do not read $HOME but actually refer to /etc/passwd. I guess that's why we added so many addpredicts all over the place. Must squash'em all now.
Comment 8 Daniel Gryniewicz (RETIRED) gentoo-dev 2010-01-28 13:19:41 UTC 
*** Bug 302551 has been marked as a duplicate of this bug. ***
Comment 9 Gilles Dartiguelongue (RETIRED) gentoo-dev 2010-02-11 18:04:38 UTC 
*** Bug 302551 has been marked as a duplicate of this bug. ***
Comment 10 Gilles Dartiguelongue (RETIRED) gentoo-dev 2010-02-12 10:10:11 UTC 
*** Bug 302551 has been marked as a duplicate of this bug. ***
Comment 11 Gilles Dartiguelongue (RETIRED) gentoo-dev 2013-01-12 11:40:11 UTC 
Since glib-2.30 we patched glib to support G_HOME which is used to override default glib behavior. Eclass was adapted to export that to $T so that tests should run fine.

Since then, glib upstream saw the light and patch next glib release (most likely 2.36) to respect HOME so this should be the end of our problems here.

Last but not least, I set totem to simply not use gst-inspect as we already check dependencies when bumping.